1. Packages
  2. FusionAuth
  3. API Docs
  4. FusionAuthApplication
FusionAuth v5.1.0 published on Tuesday, Oct 22, 2024 by Theo Gravity

fusionauth.FusionAuthApplication

Explore with Pulumi AI

fusionauth logo
FusionAuth v5.1.0 published on Tuesday, Oct 22, 2024 by Theo Gravity

    # Application Resource

    Applications API

    Example Usage

    import * as pulumi from "@pulumi/pulumi";
    import * as fusionauth from "pulumi-fusionauth";
    
    const forum = new fusionauth.FusionAuthApplication("forum", {
        tenantId: fusionauth_tenant.portal.id,
        authenticationTokenConfigurationEnabled: false,
        formConfiguration: {
            adminRegistrationFormId: fusionauth_form.admin_registration.id,
            selfServiceFormId: fusionauth_form.self_service.id,
        },
        jwtConfiguration: {
            accessTokenId: fusionauth_key.access_token.id,
            enabled: true,
            idTokenKeyId: fusionauth_key.id_token.id,
            refreshTokenTtlMinutes: 43200,
            ttlSeconds: 3600,
        },
        lambdaConfiguration: {
            accessTokenPopulateId: fusionauth_lambda.token_populate.id,
            idTokenPopulateId: fusionauth_lambda.id_token_populate.id,
        },
        loginConfiguration: {
            allowTokenRefresh: false,
            generateRefreshTokens: false,
            requireAuthentication: true,
        },
        multiFactorConfiguration: {
            emailTemplateId: "859f394b-22a6-4fa6-ba55-de700df9e950",
            smsTemplateId: "17760f96-dca7-448b-9a8f-c49016aa7210",
            loginPolicy: "Required",
            trustPolicy: "Any",
        },
        oauthConfiguration: {
            authorizedOriginUrls: ["http://www.example.com/oauth-callback"],
            authorizedUrlValidationPolicy: "ExactMatch",
            enabledGrants: [
                "authorization_code",
                "implicit",
            ],
            generateRefreshTokens: false,
            logoutBehavior: "AllApplications",
            logoutUrl: "http://www.example.com/logout",
            requireClientAuthentication: false,
            providedScopePolicies: [{
                address: {
                    enabled: false,
                    required: false,
                },
                email: {
                    enabled: false,
                    required: false,
                },
                phone: {
                    enabled: false,
                    required: false,
                },
                profile: {
                    enabled: false,
                    required: false,
                },
            }],
        },
        registrationConfiguration: {
            birthDate: {
                enabled: false,
                required: false,
            },
            confirmPassword: false,
            enabled: false,
            firstName: {
                enabled: false,
                required: false,
            },
            fullName: {
                enabled: false,
                required: false,
            },
            lastName: {
                enabled: false,
                required: false,
            },
            loginIdType: "",
            middleName: {
                enabled: false,
                required: false,
            },
            mobilePhone: {
                enabled: false,
                required: false,
            },
            preferredLanguages: {
                enabled: false,
                required: false,
            },
            type: "",
        },
        passwordlessConfigurationEnabled: false,
        registrationDeletePolicy: {
            unverifiedEnabled: true,
            unverifiedNumberOfDaysToRetain: 30,
        },
    });
    
    import pulumi
    import theogravity_pulumi_fusionauth as fusionauth
    
    forum = fusionauth.FusionAuthApplication("forum",
        tenant_id=fusionauth_tenant["portal"]["id"],
        authentication_token_configuration_enabled=False,
        form_configuration=fusionauth.FusionAuthApplicationFormConfigurationArgs(
            admin_registration_form_id=fusionauth_form["admin_registration"]["id"],
            self_service_form_id=fusionauth_form["self_service"]["id"],
        ),
        jwt_configuration=fusionauth.FusionAuthApplicationJwtConfigurationArgs(
            access_token_id=fusionauth_key["access_token"]["id"],
            enabled=True,
            id_token_key_id=fusionauth_key["id_token"]["id"],
            refresh_token_ttl_minutes=43200,
            ttl_seconds=3600,
        ),
        lambda_configuration=fusionauth.FusionAuthApplicationLambdaConfigurationArgs(
            access_token_populate_id=fusionauth_lambda["token_populate"]["id"],
            id_token_populate_id=fusionauth_lambda["id_token_populate"]["id"],
        ),
        login_configuration=fusionauth.FusionAuthApplicationLoginConfigurationArgs(
            allow_token_refresh=False,
            generate_refresh_tokens=False,
            require_authentication=True,
        ),
        multi_factor_configuration=fusionauth.FusionAuthApplicationMultiFactorConfigurationArgs(
            email_template_id="859f394b-22a6-4fa6-ba55-de700df9e950",
            sms_template_id="17760f96-dca7-448b-9a8f-c49016aa7210",
            login_policy="Required",
            trust_policy="Any",
        ),
        oauth_configuration=fusionauth.FusionAuthApplicationOauthConfigurationArgs(
            authorized_origin_urls=["http://www.example.com/oauth-callback"],
            authorized_url_validation_policy="ExactMatch",
            enabled_grants=[
                "authorization_code",
                "implicit",
            ],
            generate_refresh_tokens=False,
            logout_behavior="AllApplications",
            logout_url="http://www.example.com/logout",
            require_client_authentication=False,
            provided_scope_policies=[fusionauth.FusionAuthApplicationOauthConfigurationProvidedScopePolicyArgs(
                address=fusionauth.FusionAuthApplicationOauthConfigurationProvidedScopePolicyAddressArgs(
                    enabled=False,
                    required=False,
                ),
                email=fusionauth.FusionAuthApplicationOauthConfigurationProvidedScopePolicyEmailArgs(
                    enabled=False,
                    required=False,
                ),
                phone=fusionauth.FusionAuthApplicationOauthConfigurationProvidedScopePolicyPhoneArgs(
                    enabled=False,
                    required=False,
                ),
                profile=fusionauth.FusionAuthApplicationOauthConfigurationProvidedScopePolicyProfileArgs(
                    enabled=False,
                    required=False,
                ),
            )],
        ),
        registration_configuration=fusionauth.FusionAuthApplicationRegistrationConfigurationArgs(
            birth_date=fusionauth.FusionAuthApplicationRegistrationConfigurationBirthDateArgs(
                enabled=False,
                required=False,
            ),
            confirm_password=False,
            enabled=False,
            first_name=fusionauth.FusionAuthApplicationRegistrationConfigurationFirstNameArgs(
                enabled=False,
                required=False,
            ),
            full_name=fusionauth.FusionAuthApplicationRegistrationConfigurationFullNameArgs(
                enabled=False,
                required=False,
            ),
            last_name=fusionauth.FusionAuthApplicationRegistrationConfigurationLastNameArgs(
                enabled=False,
                required=False,
            ),
            login_id_type="",
            middle_name=fusionauth.FusionAuthApplicationRegistrationConfigurationMiddleNameArgs(
                enabled=False,
                required=False,
            ),
            mobile_phone=fusionauth.FusionAuthApplicationRegistrationConfigurationMobilePhoneArgs(
                enabled=False,
                required=False,
            ),
            preferred_languages=fusionauth.FusionAuthApplicationRegistrationConfigurationPreferredLanguagesArgs(
                enabled=False,
                required=False,
            ),
            type="",
        ),
        passwordless_configuration_enabled=False,
        registration_delete_policy=fusionauth.FusionAuthApplicationRegistrationDeletePolicyArgs(
            unverified_enabled=True,
            unverified_number_of_days_to_retain=30,
        ))
    
    package main
    
    import (
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    	"github.com/theogravity/pulumi-fusionauth/sdk/go/fusionauth"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		_, err := fusionauth.NewFusionAuthApplication(ctx, "forum", &fusionauth.FusionAuthApplicationArgs{
    			TenantId:                                pulumi.Any(fusionauth_tenant.Portal.Id),
    			AuthenticationTokenConfigurationEnabled: pulumi.Bool(false),
    			FormConfiguration: &fusionauth.FusionAuthApplicationFormConfigurationArgs{
    				AdminRegistrationFormId: pulumi.Any(fusionauth_form.Admin_registration.Id),
    				SelfServiceFormId:       pulumi.Any(fusionauth_form.Self_service.Id),
    			},
    			JwtConfiguration: &fusionauth.FusionAuthApplicationJwtConfigurationArgs{
    				AccessTokenId:          pulumi.Any(fusionauth_key.Access_token.Id),
    				Enabled:                pulumi.Bool(true),
    				IdTokenKeyId:           pulumi.Any(fusionauth_key.Id_token.Id),
    				RefreshTokenTtlMinutes: pulumi.Int(43200),
    				TtlSeconds:             pulumi.Int(3600),
    			},
    			LambdaConfiguration: &fusionauth.FusionAuthApplicationLambdaConfigurationArgs{
    				AccessTokenPopulateId: pulumi.Any(fusionauth_lambda.Token_populate.Id),
    				IdTokenPopulateId:     pulumi.Any(fusionauth_lambda.Id_token_populate.Id),
    			},
    			LoginConfiguration: &fusionauth.FusionAuthApplicationLoginConfigurationArgs{
    				AllowTokenRefresh:     pulumi.Bool(false),
    				GenerateRefreshTokens: pulumi.Bool(false),
    				RequireAuthentication: pulumi.Bool(true),
    			},
    			MultiFactorConfiguration: &fusionauth.FusionAuthApplicationMultiFactorConfigurationArgs{
    				EmailTemplateId: pulumi.String("859f394b-22a6-4fa6-ba55-de700df9e950"),
    				SmsTemplateId:   pulumi.String("17760f96-dca7-448b-9a8f-c49016aa7210"),
    				LoginPolicy:     pulumi.String("Required"),
    				TrustPolicy:     pulumi.String("Any"),
    			},
    			OauthConfiguration: &fusionauth.FusionAuthApplicationOauthConfigurationArgs{
    				AuthorizedOriginUrls: pulumi.StringArray{
    					pulumi.String("http://www.example.com/oauth-callback"),
    				},
    				AuthorizedUrlValidationPolicy: pulumi.String("ExactMatch"),
    				EnabledGrants: pulumi.StringArray{
    					pulumi.String("authorization_code"),
    					pulumi.String("implicit"),
    				},
    				GenerateRefreshTokens:       pulumi.Bool(false),
    				LogoutBehavior:              pulumi.String("AllApplications"),
    				LogoutUrl:                   pulumi.String("http://www.example.com/logout"),
    				RequireClientAuthentication: pulumi.Bool(false),
    				ProvidedScopePolicies: fusionauth.FusionAuthApplicationOauthConfigurationProvidedScopePolicyArray{
    					&fusionauth.FusionAuthApplicationOauthConfigurationProvidedScopePolicyArgs{
    						Address: &fusionauth.FusionAuthApplicationOauthConfigurationProvidedScopePolicyAddressArgs{
    							Enabled:  pulumi.Bool(false),
    							Required: pulumi.Bool(false),
    						},
    						Email: &fusionauth.FusionAuthApplicationOauthConfigurationProvidedScopePolicyEmailArgs{
    							Enabled:  pulumi.Bool(false),
    							Required: pulumi.Bool(false),
    						},
    						Phone: &fusionauth.FusionAuthApplicationOauthConfigurationProvidedScopePolicyPhoneArgs{
    							Enabled:  pulumi.Bool(false),
    							Required: pulumi.Bool(false),
    						},
    						Profile: &fusionauth.FusionAuthApplicationOauthConfigurationProvidedScopePolicyProfileArgs{
    							Enabled:  pulumi.Bool(false),
    							Required: pulumi.Bool(false),
    						},
    					},
    				},
    			},
    			RegistrationConfiguration: &fusionauth.FusionAuthApplicationRegistrationConfigurationArgs{
    				BirthDate: &fusionauth.FusionAuthApplicationRegistrationConfigurationBirthDateArgs{
    					Enabled:  pulumi.Bool(false),
    					Required: pulumi.Bool(false),
    				},
    				ConfirmPassword: pulumi.Bool(false),
    				Enabled:         pulumi.Bool(false),
    				FirstName: &fusionauth.FusionAuthApplicationRegistrationConfigurationFirstNameArgs{
    					Enabled:  pulumi.Bool(false),
    					Required: pulumi.Bool(false),
    				},
    				FullName: &fusionauth.FusionAuthApplicationRegistrationConfigurationFullNameArgs{
    					Enabled:  pulumi.Bool(false),
    					Required: pulumi.Bool(false),
    				},
    				LastName: &fusionauth.FusionAuthApplicationRegistrationConfigurationLastNameArgs{
    					Enabled:  pulumi.Bool(false),
    					Required: pulumi.Bool(false),
    				},
    				LoginIdType: pulumi.String(""),
    				MiddleName: &fusionauth.FusionAuthApplicationRegistrationConfigurationMiddleNameArgs{
    					Enabled:  pulumi.Bool(false),
    					Required: pulumi.Bool(false),
    				},
    				MobilePhone: &fusionauth.FusionAuthApplicationRegistrationConfigurationMobilePhoneArgs{
    					Enabled:  pulumi.Bool(false),
    					Required: pulumi.Bool(false),
    				},
    				PreferredLanguages: &fusionauth.FusionAuthApplicationRegistrationConfigurationPreferredLanguagesArgs{
    					Enabled:  pulumi.Bool(false),
    					Required: pulumi.Bool(false),
    				},
    				Type: pulumi.String(""),
    			},
    			PasswordlessConfigurationEnabled: pulumi.Bool(false),
    			RegistrationDeletePolicy: &fusionauth.FusionAuthApplicationRegistrationDeletePolicyArgs{
    				UnverifiedEnabled:              pulumi.Bool(true),
    				UnverifiedNumberOfDaysToRetain: pulumi.Int(30),
    			},
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Fusionauth = theogravity.Fusionauth;
    
    return await Deployment.RunAsync(() => 
    {
        var forum = new Fusionauth.FusionAuthApplication("forum", new()
        {
            TenantId = fusionauth_tenant.Portal.Id,
            AuthenticationTokenConfigurationEnabled = false,
            FormConfiguration = new Fusionauth.Inputs.FusionAuthApplicationFormConfigurationArgs
            {
                AdminRegistrationFormId = fusionauth_form.Admin_registration.Id,
                SelfServiceFormId = fusionauth_form.Self_service.Id,
            },
            JwtConfiguration = new Fusionauth.Inputs.FusionAuthApplicationJwtConfigurationArgs
            {
                AccessTokenId = fusionauth_key.Access_token.Id,
                Enabled = true,
                IdTokenKeyId = fusionauth_key.Id_token.Id,
                RefreshTokenTtlMinutes = 43200,
                TtlSeconds = 3600,
            },
            LambdaConfiguration = new Fusionauth.Inputs.FusionAuthApplicationLambdaConfigurationArgs
            {
                AccessTokenPopulateId = fusionauth_lambda.Token_populate.Id,
                IdTokenPopulateId = fusionauth_lambda.Id_token_populate.Id,
            },
            LoginConfiguration = new Fusionauth.Inputs.FusionAuthApplicationLoginConfigurationArgs
            {
                AllowTokenRefresh = false,
                GenerateRefreshTokens = false,
                RequireAuthentication = true,
            },
            MultiFactorConfiguration = new Fusionauth.Inputs.FusionAuthApplicationMultiFactorConfigurationArgs
            {
                EmailTemplateId = "859f394b-22a6-4fa6-ba55-de700df9e950",
                SmsTemplateId = "17760f96-dca7-448b-9a8f-c49016aa7210",
                LoginPolicy = "Required",
                TrustPolicy = "Any",
            },
            OauthConfiguration = new Fusionauth.Inputs.FusionAuthApplicationOauthConfigurationArgs
            {
                AuthorizedOriginUrls = new[]
                {
                    "http://www.example.com/oauth-callback",
                },
                AuthorizedUrlValidationPolicy = "ExactMatch",
                EnabledGrants = new[]
                {
                    "authorization_code",
                    "implicit",
                },
                GenerateRefreshTokens = false,
                LogoutBehavior = "AllApplications",
                LogoutUrl = "http://www.example.com/logout",
                RequireClientAuthentication = false,
                ProvidedScopePolicies = new[]
                {
                    new Fusionauth.Inputs.FusionAuthApplicationOauthConfigurationProvidedScopePolicyArgs
                    {
                        Address = new Fusionauth.Inputs.FusionAuthApplicationOauthConfigurationProvidedScopePolicyAddressArgs
                        {
                            Enabled = false,
                            Required = false,
                        },
                        Email = new Fusionauth.Inputs.FusionAuthApplicationOauthConfigurationProvidedScopePolicyEmailArgs
                        {
                            Enabled = false,
                            Required = false,
                        },
                        Phone = new Fusionauth.Inputs.FusionAuthApplicationOauthConfigurationProvidedScopePolicyPhoneArgs
                        {
                            Enabled = false,
                            Required = false,
                        },
                        Profile = new Fusionauth.Inputs.FusionAuthApplicationOauthConfigurationProvidedScopePolicyProfileArgs
                        {
                            Enabled = false,
                            Required = false,
                        },
                    },
                },
            },
            RegistrationConfiguration = new Fusionauth.Inputs.FusionAuthApplicationRegistrationConfigurationArgs
            {
                BirthDate = new Fusionauth.Inputs.FusionAuthApplicationRegistrationConfigurationBirthDateArgs
                {
                    Enabled = false,
                    Required = false,
                },
                ConfirmPassword = false,
                Enabled = false,
                FirstName = new Fusionauth.Inputs.FusionAuthApplicationRegistrationConfigurationFirstNameArgs
                {
                    Enabled = false,
                    Required = false,
                },
                FullName = new Fusionauth.Inputs.FusionAuthApplicationRegistrationConfigurationFullNameArgs
                {
                    Enabled = false,
                    Required = false,
                },
                LastName = new Fusionauth.Inputs.FusionAuthApplicationRegistrationConfigurationLastNameArgs
                {
                    Enabled = false,
                    Required = false,
                },
                LoginIdType = "",
                MiddleName = new Fusionauth.Inputs.FusionAuthApplicationRegistrationConfigurationMiddleNameArgs
                {
                    Enabled = false,
                    Required = false,
                },
                MobilePhone = new Fusionauth.Inputs.FusionAuthApplicationRegistrationConfigurationMobilePhoneArgs
                {
                    Enabled = false,
                    Required = false,
                },
                PreferredLanguages = new Fusionauth.Inputs.FusionAuthApplicationRegistrationConfigurationPreferredLanguagesArgs
                {
                    Enabled = false,
                    Required = false,
                },
                Type = "",
            },
            PasswordlessConfigurationEnabled = false,
            RegistrationDeletePolicy = new Fusionauth.Inputs.FusionAuthApplicationRegistrationDeletePolicyArgs
            {
                UnverifiedEnabled = true,
                UnverifiedNumberOfDaysToRetain = 30,
            },
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.fusionauth.FusionAuthApplication;
    import com.pulumi.fusionauth.FusionAuthApplicationArgs;
    import com.pulumi.fusionauth.inputs.FusionAuthApplicationFormConfigurationArgs;
    import com.pulumi.fusionauth.inputs.FusionAuthApplicationJwtConfigurationArgs;
    import com.pulumi.fusionauth.inputs.FusionAuthApplicationLambdaConfigurationArgs;
    import com.pulumi.fusionauth.inputs.FusionAuthApplicationLoginConfigurationArgs;
    import com.pulumi.fusionauth.inputs.FusionAuthApplicationMultiFactorConfigurationArgs;
    import com.pulumi.fusionauth.inputs.FusionAuthApplicationOauthConfigurationArgs;
    import com.pulumi.fusionauth.inputs.FusionAuthApplicationRegistrationConfigurationArgs;
    import com.pulumi.fusionauth.inputs.FusionAuthApplicationRegistrationConfigurationBirthDateArgs;
    import com.pulumi.fusionauth.inputs.FusionAuthApplicationRegistrationConfigurationFirstNameArgs;
    import com.pulumi.fusionauth.inputs.FusionAuthApplicationRegistrationConfigurationFullNameArgs;
    import com.pulumi.fusionauth.inputs.FusionAuthApplicationRegistrationConfigurationLastNameArgs;
    import com.pulumi.fusionauth.inputs.FusionAuthApplicationRegistrationConfigurationMiddleNameArgs;
    import com.pulumi.fusionauth.inputs.FusionAuthApplicationRegistrationConfigurationMobilePhoneArgs;
    import com.pulumi.fusionauth.inputs.FusionAuthApplicationRegistrationConfigurationPreferredLanguagesArgs;
    import com.pulumi.fusionauth.inputs.FusionAuthApplicationRegistrationDeletePolicyArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var forum = new FusionAuthApplication("forum", FusionAuthApplicationArgs.builder()
                .tenantId(fusionauth_tenant.portal().id())
                .authenticationTokenConfigurationEnabled(false)
                .formConfiguration(FusionAuthApplicationFormConfigurationArgs.builder()
                    .adminRegistrationFormId(fusionauth_form.admin_registration().id())
                    .selfServiceFormId(fusionauth_form.self_service().id())
                    .build())
                .jwtConfiguration(FusionAuthApplicationJwtConfigurationArgs.builder()
                    .accessTokenId(fusionauth_key.access_token().id())
                    .enabled(true)
                    .idTokenKeyId(fusionauth_key.id_token().id())
                    .refreshTokenTtlMinutes(43200)
                    .ttlSeconds(3600)
                    .build())
                .lambdaConfiguration(FusionAuthApplicationLambdaConfigurationArgs.builder()
                    .accessTokenPopulateId(fusionauth_lambda.token_populate().id())
                    .idTokenPopulateId(fusionauth_lambda.id_token_populate().id())
                    .build())
                .loginConfiguration(FusionAuthApplicationLoginConfigurationArgs.builder()
                    .allowTokenRefresh(false)
                    .generateRefreshTokens(false)
                    .requireAuthentication(true)
                    .build())
                .multiFactorConfiguration(FusionAuthApplicationMultiFactorConfigurationArgs.builder()
                    .emailTemplateId("859f394b-22a6-4fa6-ba55-de700df9e950")
                    .smsTemplateId("17760f96-dca7-448b-9a8f-c49016aa7210")
                    .loginPolicy("Required")
                    .trustPolicy("Any")
                    .build())
                .oauthConfiguration(FusionAuthApplicationOauthConfigurationArgs.builder()
                    .authorizedOriginUrls("http://www.example.com/oauth-callback")
                    .authorizedUrlValidationPolicy("ExactMatch")
                    .enabledGrants(                
                        "authorization_code",
                        "implicit")
                    .generateRefreshTokens(false)
                    .logoutBehavior("AllApplications")
                    .logoutUrl("http://www.example.com/logout")
                    .requireClientAuthentication(false)
                    .providedScopePolicies(FusionAuthApplicationOauthConfigurationProvidedScopePolicyArgs.builder()
                        .address(FusionAuthApplicationOauthConfigurationProvidedScopePolicyAddressArgs.builder()
                            .enabled(false)
                            .required(false)
                            .build())
                        .email(FusionAuthApplicationOauthConfigurationProvidedScopePolicyEmailArgs.builder()
                            .enabled(false)
                            .required(false)
                            .build())
                        .phone(FusionAuthApplicationOauthConfigurationProvidedScopePolicyPhoneArgs.builder()
                            .enabled(false)
                            .required(false)
                            .build())
                        .profile(FusionAuthApplicationOauthConfigurationProvidedScopePolicyProfileArgs.builder()
                            .enabled(false)
                            .required(false)
                            .build())
                        .build())
                    .build())
                .registrationConfiguration(FusionAuthApplicationRegistrationConfigurationArgs.builder()
                    .birthDate(FusionAuthApplicationRegistrationConfigurationBirthDateArgs.builder()
                        .enabled(false)
                        .required(false)
                        .build())
                    .confirmPassword(false)
                    .enabled(false)
                    .firstName(FusionAuthApplicationRegistrationConfigurationFirstNameArgs.builder()
                        .enabled(false)
                        .required(false)
                        .build())
                    .fullName(FusionAuthApplicationRegistrationConfigurationFullNameArgs.builder()
                        .enabled(false)
                        .required(false)
                        .build())
                    .lastName(FusionAuthApplicationRegistrationConfigurationLastNameArgs.builder()
                        .enabled(false)
                        .required(false)
                        .build())
                    .loginIdType("")
                    .middleName(FusionAuthApplicationRegistrationConfigurationMiddleNameArgs.builder()
                        .enabled(false)
                        .required(false)
                        .build())
                    .mobilePhone(FusionAuthApplicationRegistrationConfigurationMobilePhoneArgs.builder()
                        .enabled(false)
                        .required(false)
                        .build())
                    .preferredLanguages(FusionAuthApplicationRegistrationConfigurationPreferredLanguagesArgs.builder()
                        .enabled(false)
                        .required(false)
                        .build())
                    .type("")
                    .build())
                .passwordlessConfigurationEnabled(false)
                .registrationDeletePolicy(FusionAuthApplicationRegistrationDeletePolicyArgs.builder()
                    .unverifiedEnabled(true)
                    .unverifiedNumberOfDaysToRetain(30)
                    .build())
                .build());
    
        }
    }
    
    resources:
      forum:
        type: fusionauth:FusionAuthApplication
        properties:
          tenantId: ${fusionauth_tenant.portal.id}
          authenticationTokenConfigurationEnabled: false
          formConfiguration:
            adminRegistrationFormId: ${fusionauth_form.admin_registration.id}
            selfServiceFormId: ${fusionauth_form.self_service.id}
          jwtConfiguration:
            accessTokenId: ${fusionauth_key.access_token.id}
            enabled: true
            idTokenKeyId: ${fusionauth_key.id_token.id}
            refreshTokenTtlMinutes: 43200
            ttlSeconds: 3600
          lambdaConfiguration:
            accessTokenPopulateId: ${fusionauth_lambda.token_populate.id}
            idTokenPopulateId: ${fusionauth_lambda.id_token_populate.id}
          loginConfiguration:
            allowTokenRefresh: false
            generateRefreshTokens: false
            requireAuthentication: true
          multiFactorConfiguration:
            emailTemplateId: 859f394b-22a6-4fa6-ba55-de700df9e950
            smsTemplateId: 17760f96-dca7-448b-9a8f-c49016aa7210
            loginPolicy: Required
            trustPolicy: Any
          oauthConfiguration:
            authorizedOriginUrls:
              - http://www.example.com/oauth-callback
            authorizedUrlValidationPolicy: ExactMatch
            enabledGrants:
              - authorization_code
              - implicit
            generateRefreshTokens: false
            logoutBehavior: AllApplications
            logoutUrl: http://www.example.com/logout
            requireClientAuthentication: false
            providedScopePolicies:
              - address:
                  enabled: false
                  required: false
                email:
                  enabled: false
                  required: false
                phone:
                  enabled: false
                  required: false
                profile:
                  enabled: false
                  required: false
          registrationConfiguration:
            birthDate:
              enabled: false
              required: false
            confirmPassword: false
            enabled: false
            firstName:
              enabled: false
              required: false
            fullName:
              enabled: false
              required: false
            lastName:
              enabled: false
              required: false
            loginIdType:
            middleName:
              enabled: false
              required: false
            mobilePhone:
              enabled: false
              required: false
            preferredLanguages:
              enabled: false
              required: false
            type:
          passwordlessConfigurationEnabled: false
          registrationDeletePolicy:
            unverifiedEnabled: true
            unverifiedNumberOfDaysToRetain: 30
    

    Create FusionAuthApplication Resource

    Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

    Constructor syntax

    new FusionAuthApplication(name: string, args: FusionAuthApplicationArgs, opts?: CustomResourceOptions);
    @overload
    def FusionAuthApplication(resource_name: str,
                              args: FusionAuthApplicationArgs,
                              opts: Optional[ResourceOptions] = None)
    
    @overload
    def FusionAuthApplication(resource_name: str,
                              opts: Optional[ResourceOptions] = None,
                              tenant_id: Optional[str] = None,
                              multi_factor_configuration: Optional[FusionAuthApplicationMultiFactorConfigurationArgs] = None,
                              email_configuration: Optional[FusionAuthApplicationEmailConfigurationArgs] = None,
                              name: Optional[str] = None,
                              passwordless_configuration_enabled: Optional[bool] = None,
                              oauth_configuration: Optional[FusionAuthApplicationOauthConfigurationArgs] = None,
                              form_configuration: Optional[FusionAuthApplicationFormConfigurationArgs] = None,
                              jwt_configuration: Optional[FusionAuthApplicationJwtConfigurationArgs] = None,
                              lambda_configuration: Optional[FusionAuthApplicationLambdaConfigurationArgs] = None,
                              login_configuration: Optional[FusionAuthApplicationLoginConfigurationArgs] = None,
                              access_control_configuration: Optional[FusionAuthApplicationAccessControlConfigurationArgs] = None,
                              clean_speak_configuration: Optional[FusionAuthApplicationCleanSpeakConfigurationArgs] = None,
                              authentication_token_configuration_enabled: Optional[bool] = None,
                              data: Optional[Mapping[str, Any]] = None,
                              registration_configuration: Optional[FusionAuthApplicationRegistrationConfigurationArgs] = None,
                              registration_delete_policy: Optional[FusionAuthApplicationRegistrationDeletePolicyArgs] = None,
                              samlv2_configuration: Optional[FusionAuthApplicationSamlv2ConfigurationArgs] = None,
                              application_id: Optional[str] = None,
                              theme_id: Optional[str] = None,
                              verification_email_template_id: Optional[str] = None,
                              verification_strategy: Optional[str] = None,
                              verify_registration: Optional[bool] = None)
    func NewFusionAuthApplication(ctx *Context, name string, args FusionAuthApplicationArgs, opts ...ResourceOption) (*FusionAuthApplication, error)
    public FusionAuthApplication(string name, FusionAuthApplicationArgs args, CustomResourceOptions? opts = null)
    public FusionAuthApplication(String name, FusionAuthApplicationArgs args)
    public FusionAuthApplication(String name, FusionAuthApplicationArgs args, CustomResourceOptions options)
    
    type: fusionauth:FusionAuthApplication
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    

    Parameters

    name string
    The unique name of the resource.
    args FusionAuthApplicationArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args FusionAuthApplicationArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args FusionAuthApplicationArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args FusionAuthApplicationArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args FusionAuthApplicationArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    Constructor example

    The following reference example uses placeholder values for all input properties.

    var fusionAuthApplicationResource = new Fusionauth.FusionAuthApplication("fusionAuthApplicationResource", new()
    {
        TenantId = "string",
        MultiFactorConfiguration = new Fusionauth.Inputs.FusionAuthApplicationMultiFactorConfigurationArgs
        {
            EmailTemplateId = "string",
            LoginPolicy = "string",
            SmsTemplateId = "string",
            TrustPolicy = "string",
        },
        EmailConfiguration = new Fusionauth.Inputs.FusionAuthApplicationEmailConfigurationArgs
        {
            EmailUpdateTemplateId = "string",
            EmailVerificationTemplateId = "string",
            EmailVerifiedTemplateId = "string",
            ForgotPasswordTemplateId = "string",
            LoginIdInUseOnCreateTemplateId = "string",
            LoginIdInUseOnUpdateTemplateId = "string",
            LoginNewDeviceTemplateId = "string",
            LoginSuspiciousTemplateId = "string",
            PasswordResetSuccessTemplateId = "string",
            PasswordUpdateTemplateId = "string",
            PasswordlessEmailTemplateId = "string",
            SetPasswordEmailTemplateId = "string",
            TwoFactorMethodAddTemplateId = "string",
            TwoFactorMethodRemoveTemplateId = "string",
        },
        Name = "string",
        PasswordlessConfigurationEnabled = false,
        OauthConfiguration = new Fusionauth.Inputs.FusionAuthApplicationOauthConfigurationArgs
        {
            ScopeHandlingPolicy = "string",
            UnknownScopePolicy = "string",
            GenerateRefreshTokens = false,
            LogoutBehavior = "string",
            ClientId = "string",
            ClientSecret = "string",
            ConsentMode = "string",
            Debug = false,
            DeviceVerificationUrl = "string",
            EnabledGrants = new[]
            {
                "string",
            },
            AuthorizedOriginUrls = new[]
            {
                "string",
            },
            ClientAuthenticationPolicy = "string",
            LogoutUrl = "string",
            ProofKeyForCodeExchangePolicy = "string",
            ProvidedScopePolicies = new[]
            {
                new Fusionauth.Inputs.FusionAuthApplicationOauthConfigurationProvidedScopePolicyArgs
                {
                    Address = new Fusionauth.Inputs.FusionAuthApplicationOauthConfigurationProvidedScopePolicyAddressArgs
                    {
                        Enabled = false,
                        Required = false,
                    },
                    Email = new Fusionauth.Inputs.FusionAuthApplicationOauthConfigurationProvidedScopePolicyEmailArgs
                    {
                        Enabled = false,
                        Required = false,
                    },
                    Phone = new Fusionauth.Inputs.FusionAuthApplicationOauthConfigurationProvidedScopePolicyPhoneArgs
                    {
                        Enabled = false,
                        Required = false,
                    },
                    Profile = new Fusionauth.Inputs.FusionAuthApplicationOauthConfigurationProvidedScopePolicyProfileArgs
                    {
                        Enabled = false,
                        Required = false,
                    },
                },
            },
            Relationship = "string",
            RequireRegistration = false,
            AuthorizedUrlValidationPolicy = "string",
            AuthorizedRedirectUrls = new[]
            {
                "string",
            },
        },
        FormConfiguration = new Fusionauth.Inputs.FusionAuthApplicationFormConfigurationArgs
        {
            AdminRegistrationFormId = "string",
            SelfServiceFormId = "string",
        },
        JwtConfiguration = new Fusionauth.Inputs.FusionAuthApplicationJwtConfigurationArgs
        {
            AccessTokenId = "string",
            Enabled = false,
            IdTokenKeyId = "string",
            RefreshTokenExpirationPolicy = "string",
            RefreshTokenSlidingWindowMaximumTimeToLiveInMinutes = 0,
            RefreshTokenTtlMinutes = 0,
            RefreshTokenUsagePolicy = "string",
            TtlSeconds = 0,
        },
        LambdaConfiguration = new Fusionauth.Inputs.FusionAuthApplicationLambdaConfigurationArgs
        {
            AccessTokenPopulateId = "string",
            IdTokenPopulateId = "string",
            Samlv2PopulateId = "string",
            SelfServiceRegistrationValidationId = "string",
            UserinfoPopulateId = "string",
        },
        LoginConfiguration = new Fusionauth.Inputs.FusionAuthApplicationLoginConfigurationArgs
        {
            AllowTokenRefresh = false,
            GenerateRefreshTokens = false,
            RequireAuthentication = false,
        },
        AccessControlConfiguration = new Fusionauth.Inputs.FusionAuthApplicationAccessControlConfigurationArgs
        {
            UiIpAccessControlListId = "string",
        },
        CleanSpeakConfiguration = new Fusionauth.Inputs.FusionAuthApplicationCleanSpeakConfigurationArgs
        {
            ApplicationIds = new[]
            {
                "string",
            },
            UsernameModeration = new Fusionauth.Inputs.FusionAuthApplicationCleanSpeakConfigurationUsernameModerationArgs
            {
                ApplicationId = "string",
                Enabled = false,
            },
        },
        AuthenticationTokenConfigurationEnabled = false,
        Data = 
        {
            { "string", "any" },
        },
        RegistrationConfiguration = new Fusionauth.Inputs.FusionAuthApplicationRegistrationConfigurationArgs
        {
            BirthDate = new Fusionauth.Inputs.FusionAuthApplicationRegistrationConfigurationBirthDateArgs
            {
                Enabled = false,
                Required = false,
            },
            ConfirmPassword = false,
            Enabled = false,
            FirstName = new Fusionauth.Inputs.FusionAuthApplicationRegistrationConfigurationFirstNameArgs
            {
                Enabled = false,
                Required = false,
            },
            FormId = "string",
            FullName = new Fusionauth.Inputs.FusionAuthApplicationRegistrationConfigurationFullNameArgs
            {
                Enabled = false,
                Required = false,
            },
            LastName = new Fusionauth.Inputs.FusionAuthApplicationRegistrationConfigurationLastNameArgs
            {
                Enabled = false,
                Required = false,
            },
            LoginIdType = "string",
            MiddleName = new Fusionauth.Inputs.FusionAuthApplicationRegistrationConfigurationMiddleNameArgs
            {
                Enabled = false,
                Required = false,
            },
            MobilePhone = new Fusionauth.Inputs.FusionAuthApplicationRegistrationConfigurationMobilePhoneArgs
            {
                Enabled = false,
                Required = false,
            },
            PreferredLanguages = new Fusionauth.Inputs.FusionAuthApplicationRegistrationConfigurationPreferredLanguagesArgs
            {
                Enabled = false,
                Required = false,
            },
            Type = "string",
        },
        RegistrationDeletePolicy = new Fusionauth.Inputs.FusionAuthApplicationRegistrationDeletePolicyArgs
        {
            UnverifiedEnabled = false,
            UnverifiedNumberOfDaysToRetain = 0,
        },
        Samlv2Configuration = new Fusionauth.Inputs.FusionAuthApplicationSamlv2ConfigurationArgs
        {
            Issuer = "string",
            AuthorizedRedirectUrls = new[]
            {
                "string",
            },
            Debug = false,
            Audience = "string",
            DefaultVerificationKeyId = "string",
            Enabled = false,
            KeyId = "string",
            Logout = new Fusionauth.Inputs.FusionAuthApplicationSamlv2ConfigurationLogoutArgs
            {
                Behavior = "string",
                DefaultVerificationKeyId = "string",
                KeyId = "string",
                RequireSignedRequests = false,
                SingleLogout = new Fusionauth.Inputs.FusionAuthApplicationSamlv2ConfigurationLogoutSingleLogoutArgs
                {
                    Enabled = false,
                    KeyId = "string",
                    Url = "string",
                    XmlSignatureCanonicalizationMethod = "string",
                },
                XmlSignatureCanonicalizationMethod = "string",
            },
            LogoutUrl = "string",
            RequiredSignedRequests = false,
            XmlSignatureCanonicalizationMethod = "string",
            XmlSignatureLocation = "string",
        },
        ApplicationId = "string",
        ThemeId = "string",
        VerificationEmailTemplateId = "string",
        VerificationStrategy = "string",
        VerifyRegistration = false,
    });
    
    example, err := fusionauth.NewFusionAuthApplication(ctx, "fusionAuthApplicationResource", &fusionauth.FusionAuthApplicationArgs{
    	TenantId: pulumi.String("string"),
    	MultiFactorConfiguration: &fusionauth.FusionAuthApplicationMultiFactorConfigurationArgs{
    		EmailTemplateId: pulumi.String("string"),
    		LoginPolicy:     pulumi.String("string"),
    		SmsTemplateId:   pulumi.String("string"),
    		TrustPolicy:     pulumi.String("string"),
    	},
    	EmailConfiguration: &fusionauth.FusionAuthApplicationEmailConfigurationArgs{
    		EmailUpdateTemplateId:           pulumi.String("string"),
    		EmailVerificationTemplateId:     pulumi.String("string"),
    		EmailVerifiedTemplateId:         pulumi.String("string"),
    		ForgotPasswordTemplateId:        pulumi.String("string"),
    		LoginIdInUseOnCreateTemplateId:  pulumi.String("string"),
    		LoginIdInUseOnUpdateTemplateId:  pulumi.String("string"),
    		LoginNewDeviceTemplateId:        pulumi.String("string"),
    		LoginSuspiciousTemplateId:       pulumi.String("string"),
    		PasswordResetSuccessTemplateId:  pulumi.String("string"),
    		PasswordUpdateTemplateId:        pulumi.String("string"),
    		PasswordlessEmailTemplateId:     pulumi.String("string"),
    		SetPasswordEmailTemplateId:      pulumi.String("string"),
    		TwoFactorMethodAddTemplateId:    pulumi.String("string"),
    		TwoFactorMethodRemoveTemplateId: pulumi.String("string"),
    	},
    	Name:                             pulumi.String("string"),
    	PasswordlessConfigurationEnabled: pulumi.Bool(false),
    	OauthConfiguration: &fusionauth.FusionAuthApplicationOauthConfigurationArgs{
    		ScopeHandlingPolicy:   pulumi.String("string"),
    		UnknownScopePolicy:    pulumi.String("string"),
    		GenerateRefreshTokens: pulumi.Bool(false),
    		LogoutBehavior:        pulumi.String("string"),
    		ClientId:              pulumi.String("string"),
    		ClientSecret:          pulumi.String("string"),
    		ConsentMode:           pulumi.String("string"),
    		Debug:                 pulumi.Bool(false),
    		DeviceVerificationUrl: pulumi.String("string"),
    		EnabledGrants: pulumi.StringArray{
    			pulumi.String("string"),
    		},
    		AuthorizedOriginUrls: pulumi.StringArray{
    			pulumi.String("string"),
    		},
    		ClientAuthenticationPolicy:    pulumi.String("string"),
    		LogoutUrl:                     pulumi.String("string"),
    		ProofKeyForCodeExchangePolicy: pulumi.String("string"),
    		ProvidedScopePolicies: fusionauth.FusionAuthApplicationOauthConfigurationProvidedScopePolicyArray{
    			&fusionauth.FusionAuthApplicationOauthConfigurationProvidedScopePolicyArgs{
    				Address: &fusionauth.FusionAuthApplicationOauthConfigurationProvidedScopePolicyAddressArgs{
    					Enabled:  pulumi.Bool(false),
    					Required: pulumi.Bool(false),
    				},
    				Email: &fusionauth.FusionAuthApplicationOauthConfigurationProvidedScopePolicyEmailArgs{
    					Enabled:  pulumi.Bool(false),
    					Required: pulumi.Bool(false),
    				},
    				Phone: &fusionauth.FusionAuthApplicationOauthConfigurationProvidedScopePolicyPhoneArgs{
    					Enabled:  pulumi.Bool(false),
    					Required: pulumi.Bool(false),
    				},
    				Profile: &fusionauth.FusionAuthApplicationOauthConfigurationProvidedScopePolicyProfileArgs{
    					Enabled:  pulumi.Bool(false),
    					Required: pulumi.Bool(false),
    				},
    			},
    		},
    		Relationship:                  pulumi.String("string"),
    		RequireRegistration:           pulumi.Bool(false),
    		AuthorizedUrlValidationPolicy: pulumi.String("string"),
    		AuthorizedRedirectUrls: pulumi.StringArray{
    			pulumi.String("string"),
    		},
    	},
    	FormConfiguration: &fusionauth.FusionAuthApplicationFormConfigurationArgs{
    		AdminRegistrationFormId: pulumi.String("string"),
    		SelfServiceFormId:       pulumi.String("string"),
    	},
    	JwtConfiguration: &fusionauth.FusionAuthApplicationJwtConfigurationArgs{
    		AccessTokenId:                pulumi.String("string"),
    		Enabled:                      pulumi.Bool(false),
    		IdTokenKeyId:                 pulumi.String("string"),
    		RefreshTokenExpirationPolicy: pulumi.String("string"),
    		RefreshTokenSlidingWindowMaximumTimeToLiveInMinutes: pulumi.Int(0),
    		RefreshTokenTtlMinutes:                              pulumi.Int(0),
    		RefreshTokenUsagePolicy:                             pulumi.String("string"),
    		TtlSeconds:                                          pulumi.Int(0),
    	},
    	LambdaConfiguration: &fusionauth.FusionAuthApplicationLambdaConfigurationArgs{
    		AccessTokenPopulateId:               pulumi.String("string"),
    		IdTokenPopulateId:                   pulumi.String("string"),
    		Samlv2PopulateId:                    pulumi.String("string"),
    		SelfServiceRegistrationValidationId: pulumi.String("string"),
    		UserinfoPopulateId:                  pulumi.String("string"),
    	},
    	LoginConfiguration: &fusionauth.FusionAuthApplicationLoginConfigurationArgs{
    		AllowTokenRefresh:     pulumi.Bool(false),
    		GenerateRefreshTokens: pulumi.Bool(false),
    		RequireAuthentication: pulumi.Bool(false),
    	},
    	AccessControlConfiguration: &fusionauth.FusionAuthApplicationAccessControlConfigurationArgs{
    		UiIpAccessControlListId: pulumi.String("string"),
    	},
    	CleanSpeakConfiguration: &fusionauth.FusionAuthApplicationCleanSpeakConfigurationArgs{
    		ApplicationIds: pulumi.StringArray{
    			pulumi.String("string"),
    		},
    		UsernameModeration: &fusionauth.FusionAuthApplicationCleanSpeakConfigurationUsernameModerationArgs{
    			ApplicationId: pulumi.String("string"),
    			Enabled:       pulumi.Bool(false),
    		},
    	},
    	AuthenticationTokenConfigurationEnabled: pulumi.Bool(false),
    	Data: pulumi.Map{
    		"string": pulumi.Any("any"),
    	},
    	RegistrationConfiguration: &fusionauth.FusionAuthApplicationRegistrationConfigurationArgs{
    		BirthDate: &fusionauth.FusionAuthApplicationRegistrationConfigurationBirthDateArgs{
    			Enabled:  pulumi.Bool(false),
    			Required: pulumi.Bool(false),
    		},
    		ConfirmPassword: pulumi.Bool(false),
    		Enabled:         pulumi.Bool(false),
    		FirstName: &fusionauth.FusionAuthApplicationRegistrationConfigurationFirstNameArgs{
    			Enabled:  pulumi.Bool(false),
    			Required: pulumi.Bool(false),
    		},
    		FormId: pulumi.String("string"),
    		FullName: &fusionauth.FusionAuthApplicationRegistrationConfigurationFullNameArgs{
    			Enabled:  pulumi.Bool(false),
    			Required: pulumi.Bool(false),
    		},
    		LastName: &fusionauth.FusionAuthApplicationRegistrationConfigurationLastNameArgs{
    			Enabled:  pulumi.Bool(false),
    			Required: pulumi.Bool(false),
    		},
    		LoginIdType: pulumi.String("string"),
    		MiddleName: &fusionauth.FusionAuthApplicationRegistrationConfigurationMiddleNameArgs{
    			Enabled:  pulumi.Bool(false),
    			Required: pulumi.Bool(false),
    		},
    		MobilePhone: &fusionauth.FusionAuthApplicationRegistrationConfigurationMobilePhoneArgs{
    			Enabled:  pulumi.Bool(false),
    			Required: pulumi.Bool(false),
    		},
    		PreferredLanguages: &fusionauth.FusionAuthApplicationRegistrationConfigurationPreferredLanguagesArgs{
    			Enabled:  pulumi.Bool(false),
    			Required: pulumi.Bool(false),
    		},
    		Type: pulumi.String("string"),
    	},
    	RegistrationDeletePolicy: &fusionauth.FusionAuthApplicationRegistrationDeletePolicyArgs{
    		UnverifiedEnabled:              pulumi.Bool(false),
    		UnverifiedNumberOfDaysToRetain: pulumi.Int(0),
    	},
    	Samlv2Configuration: &fusionauth.FusionAuthApplicationSamlv2ConfigurationArgs{
    		Issuer: pulumi.String("string"),
    		AuthorizedRedirectUrls: pulumi.StringArray{
    			pulumi.String("string"),
    		},
    		Debug:                    pulumi.Bool(false),
    		Audience:                 pulumi.String("string"),
    		DefaultVerificationKeyId: pulumi.String("string"),
    		Enabled:                  pulumi.Bool(false),
    		KeyId:                    pulumi.String("string"),
    		Logout: &fusionauth.FusionAuthApplicationSamlv2ConfigurationLogoutArgs{
    			Behavior:                 pulumi.String("string"),
    			DefaultVerificationKeyId: pulumi.String("string"),
    			KeyId:                    pulumi.String("string"),
    			RequireSignedRequests:    pulumi.Bool(false),
    			SingleLogout: &fusionauth.FusionAuthApplicationSamlv2ConfigurationLogoutSingleLogoutArgs{
    				Enabled:                            pulumi.Bool(false),
    				KeyId:                              pulumi.String("string"),
    				Url:                                pulumi.String("string"),
    				XmlSignatureCanonicalizationMethod: pulumi.String("string"),
    			},
    			XmlSignatureCanonicalizationMethod: pulumi.String("string"),
    		},
    		LogoutUrl:                          pulumi.String("string"),
    		RequiredSignedRequests:             pulumi.Bool(false),
    		XmlSignatureCanonicalizationMethod: pulumi.String("string"),
    		XmlSignatureLocation:               pulumi.String("string"),
    	},
    	ApplicationId:               pulumi.String("string"),
    	ThemeId:                     pulumi.String("string"),
    	VerificationEmailTemplateId: pulumi.String("string"),
    	VerificationStrategy:        pulumi.String("string"),
    	VerifyRegistration:          pulumi.Bool(false),
    })
    
    var fusionAuthApplicationResource = new FusionAuthApplication("fusionAuthApplicationResource", FusionAuthApplicationArgs.builder()
        .tenantId("string")
        .multiFactorConfiguration(FusionAuthApplicationMultiFactorConfigurationArgs.builder()
            .emailTemplateId("string")
            .loginPolicy("string")
            .smsTemplateId("string")
            .trustPolicy("string")
            .build())
        .emailConfiguration(FusionAuthApplicationEmailConfigurationArgs.builder()
            .emailUpdateTemplateId("string")
            .emailVerificationTemplateId("string")
            .emailVerifiedTemplateId("string")
            .forgotPasswordTemplateId("string")
            .loginIdInUseOnCreateTemplateId("string")
            .loginIdInUseOnUpdateTemplateId("string")
            .loginNewDeviceTemplateId("string")
            .loginSuspiciousTemplateId("string")
            .passwordResetSuccessTemplateId("string")
            .passwordUpdateTemplateId("string")
            .passwordlessEmailTemplateId("string")
            .setPasswordEmailTemplateId("string")
            .twoFactorMethodAddTemplateId("string")
            .twoFactorMethodRemoveTemplateId("string")
            .build())
        .name("string")
        .passwordlessConfigurationEnabled(false)
        .oauthConfiguration(FusionAuthApplicationOauthConfigurationArgs.builder()
            .scopeHandlingPolicy("string")
            .unknownScopePolicy("string")
            .generateRefreshTokens(false)
            .logoutBehavior("string")
            .clientId("string")
            .clientSecret("string")
            .consentMode("string")
            .debug(false)
            .deviceVerificationUrl("string")
            .enabledGrants("string")
            .authorizedOriginUrls("string")
            .clientAuthenticationPolicy("string")
            .logoutUrl("string")
            .proofKeyForCodeExchangePolicy("string")
            .providedScopePolicies(FusionAuthApplicationOauthConfigurationProvidedScopePolicyArgs.builder()
                .address(FusionAuthApplicationOauthConfigurationProvidedScopePolicyAddressArgs.builder()
                    .enabled(false)
                    .required(false)
                    .build())
                .email(FusionAuthApplicationOauthConfigurationProvidedScopePolicyEmailArgs.builder()
                    .enabled(false)
                    .required(false)
                    .build())
                .phone(FusionAuthApplicationOauthConfigurationProvidedScopePolicyPhoneArgs.builder()
                    .enabled(false)
                    .required(false)
                    .build())
                .profile(FusionAuthApplicationOauthConfigurationProvidedScopePolicyProfileArgs.builder()
                    .enabled(false)
                    .required(false)
                    .build())
                .build())
            .relationship("string")
            .requireRegistration(false)
            .authorizedUrlValidationPolicy("string")
            .authorizedRedirectUrls("string")
            .build())
        .formConfiguration(FusionAuthApplicationFormConfigurationArgs.builder()
            .adminRegistrationFormId("string")
            .selfServiceFormId("string")
            .build())
        .jwtConfiguration(FusionAuthApplicationJwtConfigurationArgs.builder()
            .accessTokenId("string")
            .enabled(false)
            .idTokenKeyId("string")
            .refreshTokenExpirationPolicy("string")
            .refreshTokenSlidingWindowMaximumTimeToLiveInMinutes(0)
            .refreshTokenTtlMinutes(0)
            .refreshTokenUsagePolicy("string")
            .ttlSeconds(0)
            .build())
        .lambdaConfiguration(FusionAuthApplicationLambdaConfigurationArgs.builder()
            .accessTokenPopulateId("string")
            .idTokenPopulateId("string")
            .samlv2PopulateId("string")
            .selfServiceRegistrationValidationId("string")
            .userinfoPopulateId("string")
            .build())
        .loginConfiguration(FusionAuthApplicationLoginConfigurationArgs.builder()
            .allowTokenRefresh(false)
            .generateRefreshTokens(false)
            .requireAuthentication(false)
            .build())
        .accessControlConfiguration(FusionAuthApplicationAccessControlConfigurationArgs.builder()
            .uiIpAccessControlListId("string")
            .build())
        .cleanSpeakConfiguration(FusionAuthApplicationCleanSpeakConfigurationArgs.builder()
            .applicationIds("string")
            .usernameModeration(FusionAuthApplicationCleanSpeakConfigurationUsernameModerationArgs.builder()
                .applicationId("string")
                .enabled(false)
                .build())
            .build())
        .authenticationTokenConfigurationEnabled(false)
        .data(Map.of("string", "any"))
        .registrationConfiguration(FusionAuthApplicationRegistrationConfigurationArgs.builder()
            .birthDate(FusionAuthApplicationRegistrationConfigurationBirthDateArgs.builder()
                .enabled(false)
                .required(false)
                .build())
            .confirmPassword(false)
            .enabled(false)
            .firstName(FusionAuthApplicationRegistrationConfigurationFirstNameArgs.builder()
                .enabled(false)
                .required(false)
                .build())
            .formId("string")
            .fullName(FusionAuthApplicationRegistrationConfigurationFullNameArgs.builder()
                .enabled(false)
                .required(false)
                .build())
            .lastName(FusionAuthApplicationRegistrationConfigurationLastNameArgs.builder()
                .enabled(false)
                .required(false)
                .build())
            .loginIdType("string")
            .middleName(FusionAuthApplicationRegistrationConfigurationMiddleNameArgs.builder()
                .enabled(false)
                .required(false)
                .build())
            .mobilePhone(FusionAuthApplicationRegistrationConfigurationMobilePhoneArgs.builder()
                .enabled(false)
                .required(false)
                .build())
            .preferredLanguages(FusionAuthApplicationRegistrationConfigurationPreferredLanguagesArgs.builder()
                .enabled(false)
                .required(false)
                .build())
            .type("string")
            .build())
        .registrationDeletePolicy(FusionAuthApplicationRegistrationDeletePolicyArgs.builder()
            .unverifiedEnabled(false)
            .unverifiedNumberOfDaysToRetain(0)
            .build())
        .samlv2Configuration(FusionAuthApplicationSamlv2ConfigurationArgs.builder()
            .issuer("string")
            .authorizedRedirectUrls("string")
            .debug(false)
            .audience("string")
            .defaultVerificationKeyId("string")
            .enabled(false)
            .keyId("string")
            .logout(FusionAuthApplicationSamlv2ConfigurationLogoutArgs.builder()
                .behavior("string")
                .defaultVerificationKeyId("string")
                .keyId("string")
                .requireSignedRequests(false)
                .singleLogout(FusionAuthApplicationSamlv2ConfigurationLogoutSingleLogoutArgs.builder()
                    .enabled(false)
                    .keyId("string")
                    .url("string")
                    .xmlSignatureCanonicalizationMethod("string")
                    .build())
                .xmlSignatureCanonicalizationMethod("string")
                .build())
            .logoutUrl("string")
            .requiredSignedRequests(false)
            .xmlSignatureCanonicalizationMethod("string")
            .xmlSignatureLocation("string")
            .build())
        .applicationId("string")
        .themeId("string")
        .verificationEmailTemplateId("string")
        .verificationStrategy("string")
        .verifyRegistration(false)
        .build());
    
    fusion_auth_application_resource = fusionauth.FusionAuthApplication("fusionAuthApplicationResource",
        tenant_id="string",
        multi_factor_configuration={
            "email_template_id": "string",
            "login_policy": "string",
            "sms_template_id": "string",
            "trust_policy": "string",
        },
        email_configuration={
            "email_update_template_id": "string",
            "email_verification_template_id": "string",
            "email_verified_template_id": "string",
            "forgot_password_template_id": "string",
            "login_id_in_use_on_create_template_id": "string",
            "login_id_in_use_on_update_template_id": "string",
            "login_new_device_template_id": "string",
            "login_suspicious_template_id": "string",
            "password_reset_success_template_id": "string",
            "password_update_template_id": "string",
            "passwordless_email_template_id": "string",
            "set_password_email_template_id": "string",
            "two_factor_method_add_template_id": "string",
            "two_factor_method_remove_template_id": "string",
        },
        name="string",
        passwordless_configuration_enabled=False,
        oauth_configuration={
            "scope_handling_policy": "string",
            "unknown_scope_policy": "string",
            "generate_refresh_tokens": False,
            "logout_behavior": "string",
            "client_id": "string",
            "client_secret": "string",
            "consent_mode": "string",
            "debug": False,
            "device_verification_url": "string",
            "enabled_grants": ["string"],
            "authorized_origin_urls": ["string"],
            "client_authentication_policy": "string",
            "logout_url": "string",
            "proof_key_for_code_exchange_policy": "string",
            "provided_scope_policies": [{
                "address": {
                    "enabled": False,
                    "required": False,
                },
                "email": {
                    "enabled": False,
                    "required": False,
                },
                "phone": {
                    "enabled": False,
                    "required": False,
                },
                "profile": {
                    "enabled": False,
                    "required": False,
                },
            }],
            "relationship": "string",
            "require_registration": False,
            "authorized_url_validation_policy": "string",
            "authorized_redirect_urls": ["string"],
        },
        form_configuration={
            "admin_registration_form_id": "string",
            "self_service_form_id": "string",
        },
        jwt_configuration={
            "access_token_id": "string",
            "enabled": False,
            "id_token_key_id": "string",
            "refresh_token_expiration_policy": "string",
            "refresh_token_sliding_window_maximum_time_to_live_in_minutes": 0,
            "refresh_token_ttl_minutes": 0,
            "refresh_token_usage_policy": "string",
            "ttl_seconds": 0,
        },
        lambda_configuration={
            "access_token_populate_id": "string",
            "id_token_populate_id": "string",
            "samlv2_populate_id": "string",
            "self_service_registration_validation_id": "string",
            "userinfo_populate_id": "string",
        },
        login_configuration={
            "allow_token_refresh": False,
            "generate_refresh_tokens": False,
            "require_authentication": False,
        },
        access_control_configuration={
            "ui_ip_access_control_list_id": "string",
        },
        clean_speak_configuration={
            "application_ids": ["string"],
            "username_moderation": {
                "application_id": "string",
                "enabled": False,
            },
        },
        authentication_token_configuration_enabled=False,
        data={
            "string": "any",
        },
        registration_configuration={
            "birth_date": {
                "enabled": False,
                "required": False,
            },
            "confirm_password": False,
            "enabled": False,
            "first_name": {
                "enabled": False,
                "required": False,
            },
            "form_id": "string",
            "full_name": {
                "enabled": False,
                "required": False,
            },
            "last_name": {
                "enabled": False,
                "required": False,
            },
            "login_id_type": "string",
            "middle_name": {
                "enabled": False,
                "required": False,
            },
            "mobile_phone": {
                "enabled": False,
                "required": False,
            },
            "preferred_languages": {
                "enabled": False,
                "required": False,
            },
            "type": "string",
        },
        registration_delete_policy={
            "unverified_enabled": False,
            "unverified_number_of_days_to_retain": 0,
        },
        samlv2_configuration={
            "issuer": "string",
            "authorized_redirect_urls": ["string"],
            "debug": False,
            "audience": "string",
            "default_verification_key_id": "string",
            "enabled": False,
            "key_id": "string",
            "logout": {
                "behavior": "string",
                "default_verification_key_id": "string",
                "key_id": "string",
                "require_signed_requests": False,
                "single_logout": {
                    "enabled": False,
                    "key_id": "string",
                    "url": "string",
                    "xml_signature_canonicalization_method": "string",
                },
                "xml_signature_canonicalization_method": "string",
            },
            "logout_url": "string",
            "required_signed_requests": False,
            "xml_signature_canonicalization_method": "string",
            "xml_signature_location": "string",
        },
        application_id="string",
        theme_id="string",
        verification_email_template_id="string",
        verification_strategy="string",
        verify_registration=False)
    
    const fusionAuthApplicationResource = new fusionauth.FusionAuthApplication("fusionAuthApplicationResource", {
        tenantId: "string",
        multiFactorConfiguration: {
            emailTemplateId: "string",
            loginPolicy: "string",
            smsTemplateId: "string",
            trustPolicy: "string",
        },
        emailConfiguration: {
            emailUpdateTemplateId: "string",
            emailVerificationTemplateId: "string",
            emailVerifiedTemplateId: "string",
            forgotPasswordTemplateId: "string",
            loginIdInUseOnCreateTemplateId: "string",
            loginIdInUseOnUpdateTemplateId: "string",
            loginNewDeviceTemplateId: "string",
            loginSuspiciousTemplateId: "string",
            passwordResetSuccessTemplateId: "string",
            passwordUpdateTemplateId: "string",
            passwordlessEmailTemplateId: "string",
            setPasswordEmailTemplateId: "string",
            twoFactorMethodAddTemplateId: "string",
            twoFactorMethodRemoveTemplateId: "string",
        },
        name: "string",
        passwordlessConfigurationEnabled: false,
        oauthConfiguration: {
            scopeHandlingPolicy: "string",
            unknownScopePolicy: "string",
            generateRefreshTokens: false,
            logoutBehavior: "string",
            clientId: "string",
            clientSecret: "string",
            consentMode: "string",
            debug: false,
            deviceVerificationUrl: "string",
            enabledGrants: ["string"],
            authorizedOriginUrls: ["string"],
            clientAuthenticationPolicy: "string",
            logoutUrl: "string",
            proofKeyForCodeExchangePolicy: "string",
            providedScopePolicies: [{
                address: {
                    enabled: false,
                    required: false,
                },
                email: {
                    enabled: false,
                    required: false,
                },
                phone: {
                    enabled: false,
                    required: false,
                },
                profile: {
                    enabled: false,
                    required: false,
                },
            }],
            relationship: "string",
            requireRegistration: false,
            authorizedUrlValidationPolicy: "string",
            authorizedRedirectUrls: ["string"],
        },
        formConfiguration: {
            adminRegistrationFormId: "string",
            selfServiceFormId: "string",
        },
        jwtConfiguration: {
            accessTokenId: "string",
            enabled: false,
            idTokenKeyId: "string",
            refreshTokenExpirationPolicy: "string",
            refreshTokenSlidingWindowMaximumTimeToLiveInMinutes: 0,
            refreshTokenTtlMinutes: 0,
            refreshTokenUsagePolicy: "string",
            ttlSeconds: 0,
        },
        lambdaConfiguration: {
            accessTokenPopulateId: "string",
            idTokenPopulateId: "string",
            samlv2PopulateId: "string",
            selfServiceRegistrationValidationId: "string",
            userinfoPopulateId: "string",
        },
        loginConfiguration: {
            allowTokenRefresh: false,
            generateRefreshTokens: false,
            requireAuthentication: false,
        },
        accessControlConfiguration: {
            uiIpAccessControlListId: "string",
        },
        cleanSpeakConfiguration: {
            applicationIds: ["string"],
            usernameModeration: {
                applicationId: "string",
                enabled: false,
            },
        },
        authenticationTokenConfigurationEnabled: false,
        data: {
            string: "any",
        },
        registrationConfiguration: {
            birthDate: {
                enabled: false,
                required: false,
            },
            confirmPassword: false,
            enabled: false,
            firstName: {
                enabled: false,
                required: false,
            },
            formId: "string",
            fullName: {
                enabled: false,
                required: false,
            },
            lastName: {
                enabled: false,
                required: false,
            },
            loginIdType: "string",
            middleName: {
                enabled: false,
                required: false,
            },
            mobilePhone: {
                enabled: false,
                required: false,
            },
            preferredLanguages: {
                enabled: false,
                required: false,
            },
            type: "string",
        },
        registrationDeletePolicy: {
            unverifiedEnabled: false,
            unverifiedNumberOfDaysToRetain: 0,
        },
        samlv2Configuration: {
            issuer: "string",
            authorizedRedirectUrls: ["string"],
            debug: false,
            audience: "string",
            defaultVerificationKeyId: "string",
            enabled: false,
            keyId: "string",
            logout: {
                behavior: "string",
                defaultVerificationKeyId: "string",
                keyId: "string",
                requireSignedRequests: false,
                singleLogout: {
                    enabled: false,
                    keyId: "string",
                    url: "string",
                    xmlSignatureCanonicalizationMethod: "string",
                },
                xmlSignatureCanonicalizationMethod: "string",
            },
            logoutUrl: "string",
            requiredSignedRequests: false,
            xmlSignatureCanonicalizationMethod: "string",
            xmlSignatureLocation: "string",
        },
        applicationId: "string",
        themeId: "string",
        verificationEmailTemplateId: "string",
        verificationStrategy: "string",
        verifyRegistration: false,
    });
    
    type: fusionauth:FusionAuthApplication
    properties:
        accessControlConfiguration:
            uiIpAccessControlListId: string
        applicationId: string
        authenticationTokenConfigurationEnabled: false
        cleanSpeakConfiguration:
            applicationIds:
                - string
            usernameModeration:
                applicationId: string
                enabled: false
        data:
            string: any
        emailConfiguration:
            emailUpdateTemplateId: string
            emailVerificationTemplateId: string
            emailVerifiedTemplateId: string
            forgotPasswordTemplateId: string
            loginIdInUseOnCreateTemplateId: string
            loginIdInUseOnUpdateTemplateId: string
            loginNewDeviceTemplateId: string
            loginSuspiciousTemplateId: string
            passwordResetSuccessTemplateId: string
            passwordUpdateTemplateId: string
            passwordlessEmailTemplateId: string
            setPasswordEmailTemplateId: string
            twoFactorMethodAddTemplateId: string
            twoFactorMethodRemoveTemplateId: string
        formConfiguration:
            adminRegistrationFormId: string
            selfServiceFormId: string
        jwtConfiguration:
            accessTokenId: string
            enabled: false
            idTokenKeyId: string
            refreshTokenExpirationPolicy: string
            refreshTokenSlidingWindowMaximumTimeToLiveInMinutes: 0
            refreshTokenTtlMinutes: 0
            refreshTokenUsagePolicy: string
            ttlSeconds: 0
        lambdaConfiguration:
            accessTokenPopulateId: string
            idTokenPopulateId: string
            samlv2PopulateId: string
            selfServiceRegistrationValidationId: string
            userinfoPopulateId: string
        loginConfiguration:
            allowTokenRefresh: false
            generateRefreshTokens: false
            requireAuthentication: false
        multiFactorConfiguration:
            emailTemplateId: string
            loginPolicy: string
            smsTemplateId: string
            trustPolicy: string
        name: string
        oauthConfiguration:
            authorizedOriginUrls:
                - string
            authorizedRedirectUrls:
                - string
            authorizedUrlValidationPolicy: string
            clientAuthenticationPolicy: string
            clientId: string
            clientSecret: string
            consentMode: string
            debug: false
            deviceVerificationUrl: string
            enabledGrants:
                - string
            generateRefreshTokens: false
            logoutBehavior: string
            logoutUrl: string
            proofKeyForCodeExchangePolicy: string
            providedScopePolicies:
                - address:
                    enabled: false
                    required: false
                  email:
                    enabled: false
                    required: false
                  phone:
                    enabled: false
                    required: false
                  profile:
                    enabled: false
                    required: false
            relationship: string
            requireRegistration: false
            scopeHandlingPolicy: string
            unknownScopePolicy: string
        passwordlessConfigurationEnabled: false
        registrationConfiguration:
            birthDate:
                enabled: false
                required: false
            confirmPassword: false
            enabled: false
            firstName:
                enabled: false
                required: false
            formId: string
            fullName:
                enabled: false
                required: false
            lastName:
                enabled: false
                required: false
            loginIdType: string
            middleName:
                enabled: false
                required: false
            mobilePhone:
                enabled: false
                required: false
            preferredLanguages:
                enabled: false
                required: false
            type: string
        registrationDeletePolicy:
            unverifiedEnabled: false
            unverifiedNumberOfDaysToRetain: 0
        samlv2Configuration:
            audience: string
            authorizedRedirectUrls:
                - string
            debug: false
            defaultVerificationKeyId: string
            enabled: false
            issuer: string
            keyId: string
            logout:
                behavior: string
                defaultVerificationKeyId: string
                keyId: string
                requireSignedRequests: false
                singleLogout:
                    enabled: false
                    keyId: string
                    url: string
                    xmlSignatureCanonicalizationMethod: string
                xmlSignatureCanonicalizationMethod: string
            logoutUrl: string
            requiredSignedRequests: false
            xmlSignatureCanonicalizationMethod: string
            xmlSignatureLocation: string
        tenantId: string
        themeId: string
        verificationEmailTemplateId: string
        verificationStrategy: string
        verifyRegistration: false
    

    FusionAuthApplication Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

    The FusionAuthApplication resource accepts the following input properties:

    TenantId string
    AccessControlConfiguration theogravity.Fusionauth.Inputs.FusionAuthApplicationAccessControlConfiguration
    ApplicationId string
    The Id to use for the new Application. If not specified a secure random UUID will be generated.
    AuthenticationTokenConfigurationEnabled bool
    Determines if Users can have Authentication Tokens associated with this Application. This feature may not be enabled for the FusionAuth application.
    CleanSpeakConfiguration theogravity.Fusionauth.Inputs.FusionAuthApplicationCleanSpeakConfiguration
    Data Dictionary<string, object>
    An object that can hold any information about the Application that should be persisted.
    EmailConfiguration theogravity.Fusionauth.Inputs.FusionAuthApplicationEmailConfiguration
    FormConfiguration theogravity.Fusionauth.Inputs.FusionAuthApplicationFormConfiguration
    JwtConfiguration theogravity.Fusionauth.Inputs.FusionAuthApplicationJwtConfiguration
    LambdaConfiguration theogravity.Fusionauth.Inputs.FusionAuthApplicationLambdaConfiguration
    LoginConfiguration theogravity.Fusionauth.Inputs.FusionAuthApplicationLoginConfiguration
    MultiFactorConfiguration theogravity.Fusionauth.Inputs.FusionAuthApplicationMultiFactorConfiguration
    Name string
    The name of the Application.
    OauthConfiguration theogravity.Fusionauth.Inputs.FusionAuthApplicationOauthConfiguration
    PasswordlessConfigurationEnabled bool
    Determines if passwordless login is enabled for this application.
    RegistrationConfiguration theogravity.Fusionauth.Inputs.FusionAuthApplicationRegistrationConfiguration
    RegistrationDeletePolicy theogravity.Fusionauth.Inputs.FusionAuthApplicationRegistrationDeletePolicy
    Samlv2Configuration theogravity.Fusionauth.Inputs.FusionAuthApplicationSamlv2Configuration
    ThemeId string
    The unique Id of the theme to be used to style the login page and other end user templates.
    VerificationEmailTemplateId string
    The Id of the Email Template that is used to send the Registration Verification emails to users. If the verifyRegistration field is true this field is required.
    VerificationStrategy string
    The process by which the user will verify their email address. Possible values are ClickableLink or FormField
    VerifyRegistration bool
    Whether or not registrations to this Application may be verified. When this is set to true the verificationEmailTemplateId parameter is also required.
    TenantId string
    AccessControlConfiguration FusionAuthApplicationAccessControlConfigurationArgs
    ApplicationId string
    The Id to use for the new Application. If not specified a secure random UUID will be generated.
    AuthenticationTokenConfigurationEnabled bool
    Determines if Users can have Authentication Tokens associated with this Application. This feature may not be enabled for the FusionAuth application.
    CleanSpeakConfiguration FusionAuthApplicationCleanSpeakConfigurationArgs
    Data map[string]interface{}
    An object that can hold any information about the Application that should be persisted.
    EmailConfiguration FusionAuthApplicationEmailConfigurationArgs
    FormConfiguration FusionAuthApplicationFormConfigurationArgs
    JwtConfiguration FusionAuthApplicationJwtConfigurationArgs
    LambdaConfiguration FusionAuthApplicationLambdaConfigurationArgs
    LoginConfiguration FusionAuthApplicationLoginConfigurationArgs
    MultiFactorConfiguration FusionAuthApplicationMultiFactorConfigurationArgs
    Name string
    The name of the Application.
    OauthConfiguration FusionAuthApplicationOauthConfigurationArgs
    PasswordlessConfigurationEnabled bool
    Determines if passwordless login is enabled for this application.
    RegistrationConfiguration FusionAuthApplicationRegistrationConfigurationArgs
    RegistrationDeletePolicy FusionAuthApplicationRegistrationDeletePolicyArgs
    Samlv2Configuration FusionAuthApplicationSamlv2ConfigurationArgs
    ThemeId string
    The unique Id of the theme to be used to style the login page and other end user templates.
    VerificationEmailTemplateId string
    The Id of the Email Template that is used to send the Registration Verification emails to users. If the verifyRegistration field is true this field is required.
    VerificationStrategy string
    The process by which the user will verify their email address. Possible values are ClickableLink or FormField
    VerifyRegistration bool
    Whether or not registrations to this Application may be verified. When this is set to true the verificationEmailTemplateId parameter is also required.
    tenantId String
    accessControlConfiguration FusionAuthApplicationAccessControlConfiguration
    applicationId String
    The Id to use for the new Application. If not specified a secure random UUID will be generated.
    authenticationTokenConfigurationEnabled Boolean
    Determines if Users can have Authentication Tokens associated with this Application. This feature may not be enabled for the FusionAuth application.
    cleanSpeakConfiguration FusionAuthApplicationCleanSpeakConfiguration
    data Map<String,Object>
    An object that can hold any information about the Application that should be persisted.
    emailConfiguration FusionAuthApplicationEmailConfiguration
    formConfiguration FusionAuthApplicationFormConfiguration
    jwtConfiguration FusionAuthApplicationJwtConfiguration
    lambdaConfiguration FusionAuthApplicationLambdaConfiguration
    loginConfiguration FusionAuthApplicationLoginConfiguration
    multiFactorConfiguration FusionAuthApplicationMultiFactorConfiguration
    name String
    The name of the Application.
    oauthConfiguration FusionAuthApplicationOauthConfiguration
    passwordlessConfigurationEnabled Boolean
    Determines if passwordless login is enabled for this application.
    registrationConfiguration FusionAuthApplicationRegistrationConfiguration
    registrationDeletePolicy FusionAuthApplicationRegistrationDeletePolicy
    samlv2Configuration FusionAuthApplicationSamlv2Configuration
    themeId String
    The unique Id of the theme to be used to style the login page and other end user templates.
    verificationEmailTemplateId String
    The Id of the Email Template that is used to send the Registration Verification emails to users. If the verifyRegistration field is true this field is required.
    verificationStrategy String
    The process by which the user will verify their email address. Possible values are ClickableLink or FormField
    verifyRegistration Boolean
    Whether or not registrations to this Application may be verified. When this is set to true the verificationEmailTemplateId parameter is also required.
    tenantId string
    accessControlConfiguration FusionAuthApplicationAccessControlConfiguration
    applicationId string
    The Id to use for the new Application. If not specified a secure random UUID will be generated.
    authenticationTokenConfigurationEnabled boolean
    Determines if Users can have Authentication Tokens associated with this Application. This feature may not be enabled for the FusionAuth application.
    cleanSpeakConfiguration FusionAuthApplicationCleanSpeakConfiguration
    data {[key: string]: any}
    An object that can hold any information about the Application that should be persisted.
    emailConfiguration FusionAuthApplicationEmailConfiguration
    formConfiguration FusionAuthApplicationFormConfiguration
    jwtConfiguration FusionAuthApplicationJwtConfiguration
    lambdaConfiguration FusionAuthApplicationLambdaConfiguration
    loginConfiguration FusionAuthApplicationLoginConfiguration
    multiFactorConfiguration FusionAuthApplicationMultiFactorConfiguration
    name string
    The name of the Application.
    oauthConfiguration FusionAuthApplicationOauthConfiguration
    passwordlessConfigurationEnabled boolean
    Determines if passwordless login is enabled for this application.
    registrationConfiguration FusionAuthApplicationRegistrationConfiguration
    registrationDeletePolicy FusionAuthApplicationRegistrationDeletePolicy
    samlv2Configuration FusionAuthApplicationSamlv2Configuration
    themeId string
    The unique Id of the theme to be used to style the login page and other end user templates.
    verificationEmailTemplateId string
    The Id of the Email Template that is used to send the Registration Verification emails to users. If the verifyRegistration field is true this field is required.
    verificationStrategy string
    The process by which the user will verify their email address. Possible values are ClickableLink or FormField
    verifyRegistration boolean
    Whether or not registrations to this Application may be verified. When this is set to true the verificationEmailTemplateId parameter is also required.
    tenant_id str
    access_control_configuration FusionAuthApplicationAccessControlConfigurationArgs
    application_id str
    The Id to use for the new Application. If not specified a secure random UUID will be generated.
    authentication_token_configuration_enabled bool
    Determines if Users can have Authentication Tokens associated with this Application. This feature may not be enabled for the FusionAuth application.
    clean_speak_configuration FusionAuthApplicationCleanSpeakConfigurationArgs
    data Mapping[str, Any]
    An object that can hold any information about the Application that should be persisted.
    email_configuration FusionAuthApplicationEmailConfigurationArgs
    form_configuration FusionAuthApplicationFormConfigurationArgs
    jwt_configuration FusionAuthApplicationJwtConfigurationArgs
    lambda_configuration FusionAuthApplicationLambdaConfigurationArgs
    login_configuration FusionAuthApplicationLoginConfigurationArgs
    multi_factor_configuration FusionAuthApplicationMultiFactorConfigurationArgs
    name str
    The name of the Application.
    oauth_configuration FusionAuthApplicationOauthConfigurationArgs
    passwordless_configuration_enabled bool
    Determines if passwordless login is enabled for this application.
    registration_configuration FusionAuthApplicationRegistrationConfigurationArgs
    registration_delete_policy FusionAuthApplicationRegistrationDeletePolicyArgs
    samlv2_configuration FusionAuthApplicationSamlv2ConfigurationArgs
    theme_id str
    The unique Id of the theme to be used to style the login page and other end user templates.
    verification_email_template_id str
    The Id of the Email Template that is used to send the Registration Verification emails to users. If the verifyRegistration field is true this field is required.
    verification_strategy str
    The process by which the user will verify their email address. Possible values are ClickableLink or FormField
    verify_registration bool
    Whether or not registrations to this Application may be verified. When this is set to true the verificationEmailTemplateId parameter is also required.
    tenantId String
    accessControlConfiguration Property Map
    applicationId String
    The Id to use for the new Application. If not specified a secure random UUID will be generated.
    authenticationTokenConfigurationEnabled Boolean
    Determines if Users can have Authentication Tokens associated with this Application. This feature may not be enabled for the FusionAuth application.
    cleanSpeakConfiguration Property Map
    data Map<Any>
    An object that can hold any information about the Application that should be persisted.
    emailConfiguration Property Map
    formConfiguration Property Map
    jwtConfiguration Property Map
    lambdaConfiguration Property Map
    loginConfiguration Property Map
    multiFactorConfiguration Property Map
    name String
    The name of the Application.
    oauthConfiguration Property Map
    passwordlessConfigurationEnabled Boolean
    Determines if passwordless login is enabled for this application.
    registrationConfiguration Property Map
    registrationDeletePolicy Property Map
    samlv2Configuration Property Map
    themeId String
    The unique Id of the theme to be used to style the login page and other end user templates.
    verificationEmailTemplateId String
    The Id of the Email Template that is used to send the Registration Verification emails to users. If the verifyRegistration field is true this field is required.
    verificationStrategy String
    The process by which the user will verify their email address. Possible values are ClickableLink or FormField
    verifyRegistration Boolean
    Whether or not registrations to this Application may be verified. When this is set to true the verificationEmailTemplateId parameter is also required.

    Outputs

    All input properties are implicitly available as output properties. Additionally, the FusionAuthApplication resource produces the following output properties:

    Id string
    The provider-assigned unique ID for this managed resource.
    Id string
    The provider-assigned unique ID for this managed resource.
    id String
    The provider-assigned unique ID for this managed resource.
    id string
    The provider-assigned unique ID for this managed resource.
    id str
    The provider-assigned unique ID for this managed resource.
    id String
    The provider-assigned unique ID for this managed resource.

    Look up Existing FusionAuthApplication Resource

    Get an existing FusionAuthApplication resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: FusionAuthApplicationState, opts?: CustomResourceOptions): FusionAuthApplication
    @staticmethod
    def get(resource_name: str,
            id: str,
            opts: Optional[ResourceOptions] = None,
            access_control_configuration: Optional[FusionAuthApplicationAccessControlConfigurationArgs] = None,
            application_id: Optional[str] = None,
            authentication_token_configuration_enabled: Optional[bool] = None,
            clean_speak_configuration: Optional[FusionAuthApplicationCleanSpeakConfigurationArgs] = None,
            data: Optional[Mapping[str, Any]] = None,
            email_configuration: Optional[FusionAuthApplicationEmailConfigurationArgs] = None,
            form_configuration: Optional[FusionAuthApplicationFormConfigurationArgs] = None,
            jwt_configuration: Optional[FusionAuthApplicationJwtConfigurationArgs] = None,
            lambda_configuration: Optional[FusionAuthApplicationLambdaConfigurationArgs] = None,
            login_configuration: Optional[FusionAuthApplicationLoginConfigurationArgs] = None,
            multi_factor_configuration: Optional[FusionAuthApplicationMultiFactorConfigurationArgs] = None,
            name: Optional[str] = None,
            oauth_configuration: Optional[FusionAuthApplicationOauthConfigurationArgs] = None,
            passwordless_configuration_enabled: Optional[bool] = None,
            registration_configuration: Optional[FusionAuthApplicationRegistrationConfigurationArgs] = None,
            registration_delete_policy: Optional[FusionAuthApplicationRegistrationDeletePolicyArgs] = None,
            samlv2_configuration: Optional[FusionAuthApplicationSamlv2ConfigurationArgs] = None,
            tenant_id: Optional[str] = None,
            theme_id: Optional[str] = None,
            verification_email_template_id: Optional[str] = None,
            verification_strategy: Optional[str] = None,
            verify_registration: Optional[bool] = None) -> FusionAuthApplication
    func GetFusionAuthApplication(ctx *Context, name string, id IDInput, state *FusionAuthApplicationState, opts ...ResourceOption) (*FusionAuthApplication, error)
    public static FusionAuthApplication Get(string name, Input<string> id, FusionAuthApplicationState? state, CustomResourceOptions? opts = null)
    public static FusionAuthApplication get(String name, Output<String> id, FusionAuthApplicationState state, CustomResourceOptions options)
    Resource lookup is not supported in YAML
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    AccessControlConfiguration theogravity.Fusionauth.Inputs.FusionAuthApplicationAccessControlConfiguration
    ApplicationId string
    The Id to use for the new Application. If not specified a secure random UUID will be generated.
    AuthenticationTokenConfigurationEnabled bool
    Determines if Users can have Authentication Tokens associated with this Application. This feature may not be enabled for the FusionAuth application.
    CleanSpeakConfiguration theogravity.Fusionauth.Inputs.FusionAuthApplicationCleanSpeakConfiguration
    Data Dictionary<string, object>
    An object that can hold any information about the Application that should be persisted.
    EmailConfiguration theogravity.Fusionauth.Inputs.FusionAuthApplicationEmailConfiguration
    FormConfiguration theogravity.Fusionauth.Inputs.FusionAuthApplicationFormConfiguration
    JwtConfiguration theogravity.Fusionauth.Inputs.FusionAuthApplicationJwtConfiguration
    LambdaConfiguration theogravity.Fusionauth.Inputs.FusionAuthApplicationLambdaConfiguration
    LoginConfiguration theogravity.Fusionauth.Inputs.FusionAuthApplicationLoginConfiguration
    MultiFactorConfiguration theogravity.Fusionauth.Inputs.FusionAuthApplicationMultiFactorConfiguration
    Name string
    The name of the Application.
    OauthConfiguration theogravity.Fusionauth.Inputs.FusionAuthApplicationOauthConfiguration
    PasswordlessConfigurationEnabled bool
    Determines if passwordless login is enabled for this application.
    RegistrationConfiguration theogravity.Fusionauth.Inputs.FusionAuthApplicationRegistrationConfiguration
    RegistrationDeletePolicy theogravity.Fusionauth.Inputs.FusionAuthApplicationRegistrationDeletePolicy
    Samlv2Configuration theogravity.Fusionauth.Inputs.FusionAuthApplicationSamlv2Configuration
    TenantId string
    ThemeId string
    The unique Id of the theme to be used to style the login page and other end user templates.
    VerificationEmailTemplateId string
    The Id of the Email Template that is used to send the Registration Verification emails to users. If the verifyRegistration field is true this field is required.
    VerificationStrategy string
    The process by which the user will verify their email address. Possible values are ClickableLink or FormField
    VerifyRegistration bool
    Whether or not registrations to this Application may be verified. When this is set to true the verificationEmailTemplateId parameter is also required.
    AccessControlConfiguration FusionAuthApplicationAccessControlConfigurationArgs
    ApplicationId string
    The Id to use for the new Application. If not specified a secure random UUID will be generated.
    AuthenticationTokenConfigurationEnabled bool
    Determines if Users can have Authentication Tokens associated with this Application. This feature may not be enabled for the FusionAuth application.
    CleanSpeakConfiguration FusionAuthApplicationCleanSpeakConfigurationArgs
    Data map[string]interface{}
    An object that can hold any information about the Application that should be persisted.
    EmailConfiguration FusionAuthApplicationEmailConfigurationArgs
    FormConfiguration FusionAuthApplicationFormConfigurationArgs
    JwtConfiguration FusionAuthApplicationJwtConfigurationArgs
    LambdaConfiguration FusionAuthApplicationLambdaConfigurationArgs
    LoginConfiguration FusionAuthApplicationLoginConfigurationArgs
    MultiFactorConfiguration FusionAuthApplicationMultiFactorConfigurationArgs
    Name string
    The name of the Application.
    OauthConfiguration FusionAuthApplicationOauthConfigurationArgs
    PasswordlessConfigurationEnabled bool
    Determines if passwordless login is enabled for this application.
    RegistrationConfiguration FusionAuthApplicationRegistrationConfigurationArgs
    RegistrationDeletePolicy FusionAuthApplicationRegistrationDeletePolicyArgs
    Samlv2Configuration FusionAuthApplicationSamlv2ConfigurationArgs
    TenantId string
    ThemeId string
    The unique Id of the theme to be used to style the login page and other end user templates.
    VerificationEmailTemplateId string
    The Id of the Email Template that is used to send the Registration Verification emails to users. If the verifyRegistration field is true this field is required.
    VerificationStrategy string
    The process by which the user will verify their email address. Possible values are ClickableLink or FormField
    VerifyRegistration bool
    Whether or not registrations to this Application may be verified. When this is set to true the verificationEmailTemplateId parameter is also required.
    accessControlConfiguration FusionAuthApplicationAccessControlConfiguration
    applicationId String
    The Id to use for the new Application. If not specified a secure random UUID will be generated.
    authenticationTokenConfigurationEnabled Boolean
    Determines if Users can have Authentication Tokens associated with this Application. This feature may not be enabled for the FusionAuth application.
    cleanSpeakConfiguration FusionAuthApplicationCleanSpeakConfiguration
    data Map<String,Object>
    An object that can hold any information about the Application that should be persisted.
    emailConfiguration FusionAuthApplicationEmailConfiguration
    formConfiguration FusionAuthApplicationFormConfiguration
    jwtConfiguration FusionAuthApplicationJwtConfiguration
    lambdaConfiguration FusionAuthApplicationLambdaConfiguration
    loginConfiguration FusionAuthApplicationLoginConfiguration
    multiFactorConfiguration FusionAuthApplicationMultiFactorConfiguration
    name String
    The name of the Application.
    oauthConfiguration FusionAuthApplicationOauthConfiguration
    passwordlessConfigurationEnabled Boolean
    Determines if passwordless login is enabled for this application.
    registrationConfiguration FusionAuthApplicationRegistrationConfiguration
    registrationDeletePolicy FusionAuthApplicationRegistrationDeletePolicy
    samlv2Configuration FusionAuthApplicationSamlv2Configuration
    tenantId String
    themeId String
    The unique Id of the theme to be used to style the login page and other end user templates.
    verificationEmailTemplateId String
    The Id of the Email Template that is used to send the Registration Verification emails to users. If the verifyRegistration field is true this field is required.
    verificationStrategy String
    The process by which the user will verify their email address. Possible values are ClickableLink or FormField
    verifyRegistration Boolean
    Whether or not registrations to this Application may be verified. When this is set to true the verificationEmailTemplateId parameter is also required.
    accessControlConfiguration FusionAuthApplicationAccessControlConfiguration
    applicationId string
    The Id to use for the new Application. If not specified a secure random UUID will be generated.
    authenticationTokenConfigurationEnabled boolean
    Determines if Users can have Authentication Tokens associated with this Application. This feature may not be enabled for the FusionAuth application.
    cleanSpeakConfiguration FusionAuthApplicationCleanSpeakConfiguration
    data {[key: string]: any}
    An object that can hold any information about the Application that should be persisted.
    emailConfiguration FusionAuthApplicationEmailConfiguration
    formConfiguration FusionAuthApplicationFormConfiguration
    jwtConfiguration FusionAuthApplicationJwtConfiguration
    lambdaConfiguration FusionAuthApplicationLambdaConfiguration
    loginConfiguration FusionAuthApplicationLoginConfiguration
    multiFactorConfiguration FusionAuthApplicationMultiFactorConfiguration
    name string
    The name of the Application.
    oauthConfiguration FusionAuthApplicationOauthConfiguration
    passwordlessConfigurationEnabled boolean
    Determines if passwordless login is enabled for this application.
    registrationConfiguration FusionAuthApplicationRegistrationConfiguration
    registrationDeletePolicy FusionAuthApplicationRegistrationDeletePolicy
    samlv2Configuration FusionAuthApplicationSamlv2Configuration
    tenantId string
    themeId string
    The unique Id of the theme to be used to style the login page and other end user templates.
    verificationEmailTemplateId string
    The Id of the Email Template that is used to send the Registration Verification emails to users. If the verifyRegistration field is true this field is required.
    verificationStrategy string
    The process by which the user will verify their email address. Possible values are ClickableLink or FormField
    verifyRegistration boolean
    Whether or not registrations to this Application may be verified. When this is set to true the verificationEmailTemplateId parameter is also required.
    access_control_configuration FusionAuthApplicationAccessControlConfigurationArgs
    application_id str
    The Id to use for the new Application. If not specified a secure random UUID will be generated.
    authentication_token_configuration_enabled bool
    Determines if Users can have Authentication Tokens associated with this Application. This feature may not be enabled for the FusionAuth application.
    clean_speak_configuration FusionAuthApplicationCleanSpeakConfigurationArgs
    data Mapping[str, Any]
    An object that can hold any information about the Application that should be persisted.
    email_configuration FusionAuthApplicationEmailConfigurationArgs
    form_configuration FusionAuthApplicationFormConfigurationArgs
    jwt_configuration FusionAuthApplicationJwtConfigurationArgs
    lambda_configuration FusionAuthApplicationLambdaConfigurationArgs
    login_configuration FusionAuthApplicationLoginConfigurationArgs
    multi_factor_configuration FusionAuthApplicationMultiFactorConfigurationArgs
    name str
    The name of the Application.
    oauth_configuration FusionAuthApplicationOauthConfigurationArgs
    passwordless_configuration_enabled bool
    Determines if passwordless login is enabled for this application.
    registration_configuration FusionAuthApplicationRegistrationConfigurationArgs
    registration_delete_policy FusionAuthApplicationRegistrationDeletePolicyArgs
    samlv2_configuration FusionAuthApplicationSamlv2ConfigurationArgs
    tenant_id str
    theme_id str
    The unique Id of the theme to be used to style the login page and other end user templates.
    verification_email_template_id str
    The Id of the Email Template that is used to send the Registration Verification emails to users. If the verifyRegistration field is true this field is required.
    verification_strategy str
    The process by which the user will verify their email address. Possible values are ClickableLink or FormField
    verify_registration bool
    Whether or not registrations to this Application may be verified. When this is set to true the verificationEmailTemplateId parameter is also required.
    accessControlConfiguration Property Map
    applicationId String
    The Id to use for the new Application. If not specified a secure random UUID will be generated.
    authenticationTokenConfigurationEnabled Boolean
    Determines if Users can have Authentication Tokens associated with this Application. This feature may not be enabled for the FusionAuth application.
    cleanSpeakConfiguration Property Map
    data Map<Any>
    An object that can hold any information about the Application that should be persisted.
    emailConfiguration Property Map
    formConfiguration Property Map
    jwtConfiguration Property Map
    lambdaConfiguration Property Map
    loginConfiguration Property Map
    multiFactorConfiguration Property Map
    name String
    The name of the Application.
    oauthConfiguration Property Map
    passwordlessConfigurationEnabled Boolean
    Determines if passwordless login is enabled for this application.
    registrationConfiguration Property Map
    registrationDeletePolicy Property Map
    samlv2Configuration Property Map
    tenantId String
    themeId String
    The unique Id of the theme to be used to style the login page and other end user templates.
    verificationEmailTemplateId String
    The Id of the Email Template that is used to send the Registration Verification emails to users. If the verifyRegistration field is true this field is required.
    verificationStrategy String
    The process by which the user will verify their email address. Possible values are ClickableLink or FormField
    verifyRegistration Boolean
    Whether or not registrations to this Application may be verified. When this is set to true the verificationEmailTemplateId parameter is also required.

    Supporting Types

    FusionAuthApplicationAccessControlConfiguration, FusionAuthApplicationAccessControlConfigurationArgs

    UiIpAccessControlListId string
    The Id of the IP Access Control List limiting access to this application.
    UiIpAccessControlListId string
    The Id of the IP Access Control List limiting access to this application.
    uiIpAccessControlListId String
    The Id of the IP Access Control List limiting access to this application.
    uiIpAccessControlListId string
    The Id of the IP Access Control List limiting access to this application.
    ui_ip_access_control_list_id str
    The Id of the IP Access Control List limiting access to this application.
    uiIpAccessControlListId String
    The Id of the IP Access Control List limiting access to this application.

    FusionAuthApplicationCleanSpeakConfiguration, FusionAuthApplicationCleanSpeakConfigurationArgs

    ApplicationIds List<string>
    An array of UUIDs that map to the CleanSpeak applications for this Application. It is possible that a single Application in FusionAuth might have multiple Applications in CleanSpeak. For example, a FusionAuth Application for a game might have one CleanSpeak Application for usernames and another Application for chat.
    UsernameModeration theogravity.Fusionauth.Inputs.FusionAuthApplicationCleanSpeakConfigurationUsernameModeration
    ApplicationIds []string
    An array of UUIDs that map to the CleanSpeak applications for this Application. It is possible that a single Application in FusionAuth might have multiple Applications in CleanSpeak. For example, a FusionAuth Application for a game might have one CleanSpeak Application for usernames and another Application for chat.
    UsernameModeration FusionAuthApplicationCleanSpeakConfigurationUsernameModeration
    applicationIds List<String>
    An array of UUIDs that map to the CleanSpeak applications for this Application. It is possible that a single Application in FusionAuth might have multiple Applications in CleanSpeak. For example, a FusionAuth Application for a game might have one CleanSpeak Application for usernames and another Application for chat.
    usernameModeration FusionAuthApplicationCleanSpeakConfigurationUsernameModeration
    applicationIds string[]
    An array of UUIDs that map to the CleanSpeak applications for this Application. It is possible that a single Application in FusionAuth might have multiple Applications in CleanSpeak. For example, a FusionAuth Application for a game might have one CleanSpeak Application for usernames and another Application for chat.
    usernameModeration FusionAuthApplicationCleanSpeakConfigurationUsernameModeration
    application_ids Sequence[str]
    An array of UUIDs that map to the CleanSpeak applications for this Application. It is possible that a single Application in FusionAuth might have multiple Applications in CleanSpeak. For example, a FusionAuth Application for a game might have one CleanSpeak Application for usernames and another Application for chat.
    username_moderation FusionAuthApplicationCleanSpeakConfigurationUsernameModeration
    applicationIds List<String>
    An array of UUIDs that map to the CleanSpeak applications for this Application. It is possible that a single Application in FusionAuth might have multiple Applications in CleanSpeak. For example, a FusionAuth Application for a game might have one CleanSpeak Application for usernames and another Application for chat.
    usernameModeration Property Map

    FusionAuthApplicationCleanSpeakConfigurationUsernameModeration, FusionAuthApplicationCleanSpeakConfigurationUsernameModerationArgs

    ApplicationId string
    The Id of the CleanSpeak application that usernames are sent to for moderation.
    Enabled bool
    True if CleanSpeak username moderation is enabled.
    ApplicationId string
    The Id of the CleanSpeak application that usernames are sent to for moderation.
    Enabled bool
    True if CleanSpeak username moderation is enabled.
    applicationId String
    The Id of the CleanSpeak application that usernames are sent to for moderation.
    enabled Boolean
    True if CleanSpeak username moderation is enabled.
    applicationId string
    The Id of the CleanSpeak application that usernames are sent to for moderation.
    enabled boolean
    True if CleanSpeak username moderation is enabled.
    application_id str
    The Id of the CleanSpeak application that usernames are sent to for moderation.
    enabled bool
    True if CleanSpeak username moderation is enabled.
    applicationId String
    The Id of the CleanSpeak application that usernames are sent to for moderation.
    enabled Boolean
    True if CleanSpeak username moderation is enabled.

    FusionAuthApplicationEmailConfiguration, FusionAuthApplicationEmailConfigurationArgs

    EmailUpdateTemplateId string
    The Id of the Email Template used to send emails to users when their email address is updated. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
    EmailVerificationTemplateId string
    The Id of the Email Template used to send emails to users to verify that their email address is valid. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
    EmailVerifiedTemplateId string
    The Id of the Email Template used to verify user emails. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
    ForgotPasswordTemplateId string
    The Id of the Email Template that is used when a user is sent a forgot password email. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
    LoginIdInUseOnCreateTemplateId string
    The Id of the Email Template used to send emails to users when another user attempts to create an account with their login Id. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
    LoginIdInUseOnUpdateTemplateId string
    The Id of the Email Template used to send emails to users when another user attempts to update an existing account to use their login Id. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
    LoginNewDeviceTemplateId string
    The Id of the Email Template used to send emails to users when they log in on a new device. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
    LoginSuspiciousTemplateId string
    The Id of the Email Template used to send emails to users when a suspicious login occurs. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
    PasswordResetSuccessTemplateId string
    The Id of the Email Template used to send emails to users when they have completed a 'forgot password' workflow and their password has been reset. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
    PasswordUpdateTemplateId string
    The Id of the Email Template used to send emails to users when their password has been updated. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
    PasswordlessEmailTemplateId string
    The Id of the Passwordless Email Template, sent to users when they start a passwordless login. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
    SetPasswordEmailTemplateId string
    The Id of the Email Template that is used when a user had their account created for them and they must set their password manually and they are sent an email to set their password. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
    TwoFactorMethodAddTemplateId string
    The Id of the Email Template used to send emails to users when a MFA method has been added to their account. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
    TwoFactorMethodRemoveTemplateId string
    The Id of the Email Template used to send emails to users when a MFA method has been removed from their account. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
    EmailUpdateTemplateId string
    The Id of the Email Template used to send emails to users when their email address is updated. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
    EmailVerificationTemplateId string
    The Id of the Email Template used to send emails to users to verify that their email address is valid. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
    EmailVerifiedTemplateId string
    The Id of the Email Template used to verify user emails. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
    ForgotPasswordTemplateId string
    The Id of the Email Template that is used when a user is sent a forgot password email. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
    LoginIdInUseOnCreateTemplateId string
    The Id of the Email Template used to send emails to users when another user attempts to create an account with their login Id. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
    LoginIdInUseOnUpdateTemplateId string
    The Id of the Email Template used to send emails to users when another user attempts to update an existing account to use their login Id. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
    LoginNewDeviceTemplateId string
    The Id of the Email Template used to send emails to users when they log in on a new device. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
    LoginSuspiciousTemplateId string
    The Id of the Email Template used to send emails to users when a suspicious login occurs. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
    PasswordResetSuccessTemplateId string
    The Id of the Email Template used to send emails to users when they have completed a 'forgot password' workflow and their password has been reset. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
    PasswordUpdateTemplateId string
    The Id of the Email Template used to send emails to users when their password has been updated. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
    PasswordlessEmailTemplateId string
    The Id of the Passwordless Email Template, sent to users when they start a passwordless login. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
    SetPasswordEmailTemplateId string
    The Id of the Email Template that is used when a user had their account created for them and they must set their password manually and they are sent an email to set their password. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
    TwoFactorMethodAddTemplateId string
    The Id of the Email Template used to send emails to users when a MFA method has been added to their account. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
    TwoFactorMethodRemoveTemplateId string
    The Id of the Email Template used to send emails to users when a MFA method has been removed from their account. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
    emailUpdateTemplateId String
    The Id of the Email Template used to send emails to users when their email address is updated. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
    emailVerificationTemplateId String
    The Id of the Email Template used to send emails to users to verify that their email address is valid. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
    emailVerifiedTemplateId String
    The Id of the Email Template used to verify user emails. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
    forgotPasswordTemplateId String
    The Id of the Email Template that is used when a user is sent a forgot password email. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
    loginIdInUseOnCreateTemplateId String
    The Id of the Email Template used to send emails to users when another user attempts to create an account with their login Id. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
    loginIdInUseOnUpdateTemplateId String
    The Id of the Email Template used to send emails to users when another user attempts to update an existing account to use their login Id. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
    loginNewDeviceTemplateId String
    The Id of the Email Template used to send emails to users when they log in on a new device. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
    loginSuspiciousTemplateId String
    The Id of the Email Template used to send emails to users when a suspicious login occurs. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
    passwordResetSuccessTemplateId String
    The Id of the Email Template used to send emails to users when they have completed a 'forgot password' workflow and their password has been reset. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
    passwordUpdateTemplateId String
    The Id of the Email Template used to send emails to users when their password has been updated. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
    passwordlessEmailTemplateId String
    The Id of the Passwordless Email Template, sent to users when they start a passwordless login. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
    setPasswordEmailTemplateId String
    The Id of the Email Template that is used when a user had their account created for them and they must set their password manually and they are sent an email to set their password. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
    twoFactorMethodAddTemplateId String
    The Id of the Email Template used to send emails to users when a MFA method has been added to their account. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
    twoFactorMethodRemoveTemplateId String
    The Id of the Email Template used to send emails to users when a MFA method has been removed from their account. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
    emailUpdateTemplateId string
    The Id of the Email Template used to send emails to users when their email address is updated. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
    emailVerificationTemplateId string
    The Id of the Email Template used to send emails to users to verify that their email address is valid. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
    emailVerifiedTemplateId string
    The Id of the Email Template used to verify user emails. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
    forgotPasswordTemplateId string
    The Id of the Email Template that is used when a user is sent a forgot password email. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
    loginIdInUseOnCreateTemplateId string
    The Id of the Email Template used to send emails to users when another user attempts to create an account with their login Id. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
    loginIdInUseOnUpdateTemplateId string
    The Id of the Email Template used to send emails to users when another user attempts to update an existing account to use their login Id. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
    loginNewDeviceTemplateId string
    The Id of the Email Template used to send emails to users when they log in on a new device. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
    loginSuspiciousTemplateId string
    The Id of the Email Template used to send emails to users when a suspicious login occurs. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
    passwordResetSuccessTemplateId string
    The Id of the Email Template used to send emails to users when they have completed a 'forgot password' workflow and their password has been reset. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
    passwordUpdateTemplateId string
    The Id of the Email Template used to send emails to users when their password has been updated. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
    passwordlessEmailTemplateId string
    The Id of the Passwordless Email Template, sent to users when they start a passwordless login. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
    setPasswordEmailTemplateId string
    The Id of the Email Template that is used when a user had their account created for them and they must set their password manually and they are sent an email to set their password. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
    twoFactorMethodAddTemplateId string
    The Id of the Email Template used to send emails to users when a MFA method has been added to their account. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
    twoFactorMethodRemoveTemplateId string
    The Id of the Email Template used to send emails to users when a MFA method has been removed from their account. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
    email_update_template_id str
    The Id of the Email Template used to send emails to users when their email address is updated. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
    email_verification_template_id str
    The Id of the Email Template used to send emails to users to verify that their email address is valid. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
    email_verified_template_id str
    The Id of the Email Template used to verify user emails. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
    forgot_password_template_id str
    The Id of the Email Template that is used when a user is sent a forgot password email. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
    login_id_in_use_on_create_template_id str
    The Id of the Email Template used to send emails to users when another user attempts to create an account with their login Id. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
    login_id_in_use_on_update_template_id str
    The Id of the Email Template used to send emails to users when another user attempts to update an existing account to use their login Id. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
    login_new_device_template_id str
    The Id of the Email Template used to send emails to users when they log in on a new device. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
    login_suspicious_template_id str
    The Id of the Email Template used to send emails to users when a suspicious login occurs. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
    password_reset_success_template_id str
    The Id of the Email Template used to send emails to users when they have completed a 'forgot password' workflow and their password has been reset. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
    password_update_template_id str
    The Id of the Email Template used to send emails to users when their password has been updated. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
    passwordless_email_template_id str
    The Id of the Passwordless Email Template, sent to users when they start a passwordless login. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
    set_password_email_template_id str
    The Id of the Email Template that is used when a user had their account created for them and they must set their password manually and they are sent an email to set their password. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
    two_factor_method_add_template_id str
    The Id of the Email Template used to send emails to users when a MFA method has been added to their account. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
    two_factor_method_remove_template_id str
    The Id of the Email Template used to send emails to users when a MFA method has been removed from their account. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
    emailUpdateTemplateId String
    The Id of the Email Template used to send emails to users when their email address is updated. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
    emailVerificationTemplateId String
    The Id of the Email Template used to send emails to users to verify that their email address is valid. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
    emailVerifiedTemplateId String
    The Id of the Email Template used to verify user emails. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
    forgotPasswordTemplateId String
    The Id of the Email Template that is used when a user is sent a forgot password email. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
    loginIdInUseOnCreateTemplateId String
    The Id of the Email Template used to send emails to users when another user attempts to create an account with their login Id. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
    loginIdInUseOnUpdateTemplateId String
    The Id of the Email Template used to send emails to users when another user attempts to update an existing account to use their login Id. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
    loginNewDeviceTemplateId String
    The Id of the Email Template used to send emails to users when they log in on a new device. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
    loginSuspiciousTemplateId String
    The Id of the Email Template used to send emails to users when a suspicious login occurs. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
    passwordResetSuccessTemplateId String
    The Id of the Email Template used to send emails to users when they have completed a 'forgot password' workflow and their password has been reset. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
    passwordUpdateTemplateId String
    The Id of the Email Template used to send emails to users when their password has been updated. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
    passwordlessEmailTemplateId String
    The Id of the Passwordless Email Template, sent to users when they start a passwordless login. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
    setPasswordEmailTemplateId String
    The Id of the Email Template that is used when a user had their account created for them and they must set their password manually and they are sent an email to set their password. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
    twoFactorMethodAddTemplateId String
    The Id of the Email Template used to send emails to users when a MFA method has been added to their account. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
    twoFactorMethodRemoveTemplateId String
    The Id of the Email Template used to send emails to users when a MFA method has been removed from their account. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.

    FusionAuthApplicationFormConfiguration, FusionAuthApplicationFormConfigurationArgs

    AdminRegistrationFormId string
    The unique Id of the form to use for the Add and Edit User Registration form when used in the FusionAuth admin UI.
    SelfServiceFormId string
    The unique Id of the form to to enable authenticated users to manage their profile on the account page.
    AdminRegistrationFormId string
    The unique Id of the form to use for the Add and Edit User Registration form when used in the FusionAuth admin UI.
    SelfServiceFormId string
    The unique Id of the form to to enable authenticated users to manage their profile on the account page.
    adminRegistrationFormId String
    The unique Id of the form to use for the Add and Edit User Registration form when used in the FusionAuth admin UI.
    selfServiceFormId String
    The unique Id of the form to to enable authenticated users to manage their profile on the account page.
    adminRegistrationFormId string
    The unique Id of the form to use for the Add and Edit User Registration form when used in the FusionAuth admin UI.
    selfServiceFormId string
    The unique Id of the form to to enable authenticated users to manage their profile on the account page.
    admin_registration_form_id str
    The unique Id of the form to use for the Add and Edit User Registration form when used in the FusionAuth admin UI.
    self_service_form_id str
    The unique Id of the form to to enable authenticated users to manage their profile on the account page.
    adminRegistrationFormId String
    The unique Id of the form to use for the Add and Edit User Registration form when used in the FusionAuth admin UI.
    selfServiceFormId String
    The unique Id of the form to to enable authenticated users to manage their profile on the account page.

    FusionAuthApplicationJwtConfiguration, FusionAuthApplicationJwtConfigurationArgs

    AccessTokenId string
    The Id of the signing key used to sign the access token.
    Enabled bool
    Indicates if this application is using the JWT configuration defined here or the global JWT configuration defined by the System Configuration. If this is false the signing algorithm configured in the System Configuration will be used. If true the signing algorithm defined in this application will be used.
    IdTokenKeyId string
    The Id of the signing key used to sign the Id token.
    RefreshTokenExpirationPolicy string
    The Refresh Token expiration policy. The possible values are: Fixed - the expiration is calculated from the time the token is issued. SlidingWindow - the expiration is calculated from the last time the token was used. SlidingWindowWithMaximumLifetime - the expiration is calculated from the last time the token was used, or until refresh_token_sliding_window_maximum_time_to_live_in_minutes is reached.
    RefreshTokenSlidingWindowMaximumTimeToLiveInMinutes int
    The maximum lifetime of a refresh token when using a refresh token expiration policy of SlidingWindowWithMaximumLifetime. Value must be greater than 0.
    RefreshTokenTtlMinutes int
    The length of time in minutes the JWT refresh token will live before it is expired and is not able to be exchanged for a JWT.
    RefreshTokenUsagePolicy string
    The refresh token usage policy. The following are valid values: Reusable - the token does not change after it was issued. OneTimeUse - the token value will be changed each time the token is used to refresh a JWT. The client must store the new value after each usage. Defaults to Reusable.
    TtlSeconds int
    The length of time in seconds the JWT will live before it is expired and no longer valid.
    AccessTokenId string
    The Id of the signing key used to sign the access token.
    Enabled bool
    Indicates if this application is using the JWT configuration defined here or the global JWT configuration defined by the System Configuration. If this is false the signing algorithm configured in the System Configuration will be used. If true the signing algorithm defined in this application will be used.
    IdTokenKeyId string
    The Id of the signing key used to sign the Id token.
    RefreshTokenExpirationPolicy string
    The Refresh Token expiration policy. The possible values are: Fixed - the expiration is calculated from the time the token is issued. SlidingWindow - the expiration is calculated from the last time the token was used. SlidingWindowWithMaximumLifetime - the expiration is calculated from the last time the token was used, or until refresh_token_sliding_window_maximum_time_to_live_in_minutes is reached.
    RefreshTokenSlidingWindowMaximumTimeToLiveInMinutes int
    The maximum lifetime of a refresh token when using a refresh token expiration policy of SlidingWindowWithMaximumLifetime. Value must be greater than 0.
    RefreshTokenTtlMinutes int
    The length of time in minutes the JWT refresh token will live before it is expired and is not able to be exchanged for a JWT.
    RefreshTokenUsagePolicy string
    The refresh token usage policy. The following are valid values: Reusable - the token does not change after it was issued. OneTimeUse - the token value will be changed each time the token is used to refresh a JWT. The client must store the new value after each usage. Defaults to Reusable.
    TtlSeconds int
    The length of time in seconds the JWT will live before it is expired and no longer valid.
    accessTokenId String
    The Id of the signing key used to sign the access token.
    enabled Boolean
    Indicates if this application is using the JWT configuration defined here or the global JWT configuration defined by the System Configuration. If this is false the signing algorithm configured in the System Configuration will be used. If true the signing algorithm defined in this application will be used.
    idTokenKeyId String
    The Id of the signing key used to sign the Id token.
    refreshTokenExpirationPolicy String
    The Refresh Token expiration policy. The possible values are: Fixed - the expiration is calculated from the time the token is issued. SlidingWindow - the expiration is calculated from the last time the token was used. SlidingWindowWithMaximumLifetime - the expiration is calculated from the last time the token was used, or until refresh_token_sliding_window_maximum_time_to_live_in_minutes is reached.
    refreshTokenSlidingWindowMaximumTimeToLiveInMinutes Integer
    The maximum lifetime of a refresh token when using a refresh token expiration policy of SlidingWindowWithMaximumLifetime. Value must be greater than 0.
    refreshTokenTtlMinutes Integer
    The length of time in minutes the JWT refresh token will live before it is expired and is not able to be exchanged for a JWT.
    refreshTokenUsagePolicy String
    The refresh token usage policy. The following are valid values: Reusable - the token does not change after it was issued. OneTimeUse - the token value will be changed each time the token is used to refresh a JWT. The client must store the new value after each usage. Defaults to Reusable.
    ttlSeconds Integer
    The length of time in seconds the JWT will live before it is expired and no longer valid.
    accessTokenId string
    The Id of the signing key used to sign the access token.
    enabled boolean
    Indicates if this application is using the JWT configuration defined here or the global JWT configuration defined by the System Configuration. If this is false the signing algorithm configured in the System Configuration will be used. If true the signing algorithm defined in this application will be used.
    idTokenKeyId string
    The Id of the signing key used to sign the Id token.
    refreshTokenExpirationPolicy string
    The Refresh Token expiration policy. The possible values are: Fixed - the expiration is calculated from the time the token is issued. SlidingWindow - the expiration is calculated from the last time the token was used. SlidingWindowWithMaximumLifetime - the expiration is calculated from the last time the token was used, or until refresh_token_sliding_window_maximum_time_to_live_in_minutes is reached.
    refreshTokenSlidingWindowMaximumTimeToLiveInMinutes number
    The maximum lifetime of a refresh token when using a refresh token expiration policy of SlidingWindowWithMaximumLifetime. Value must be greater than 0.
    refreshTokenTtlMinutes number
    The length of time in minutes the JWT refresh token will live before it is expired and is not able to be exchanged for a JWT.
    refreshTokenUsagePolicy string
    The refresh token usage policy. The following are valid values: Reusable - the token does not change after it was issued. OneTimeUse - the token value will be changed each time the token is used to refresh a JWT. The client must store the new value after each usage. Defaults to Reusable.
    ttlSeconds number
    The length of time in seconds the JWT will live before it is expired and no longer valid.
    access_token_id str
    The Id of the signing key used to sign the access token.
    enabled bool
    Indicates if this application is using the JWT configuration defined here or the global JWT configuration defined by the System Configuration. If this is false the signing algorithm configured in the System Configuration will be used. If true the signing algorithm defined in this application will be used.
    id_token_key_id str
    The Id of the signing key used to sign the Id token.
    refresh_token_expiration_policy str
    The Refresh Token expiration policy. The possible values are: Fixed - the expiration is calculated from the time the token is issued. SlidingWindow - the expiration is calculated from the last time the token was used. SlidingWindowWithMaximumLifetime - the expiration is calculated from the last time the token was used, or until refresh_token_sliding_window_maximum_time_to_live_in_minutes is reached.
    refresh_token_sliding_window_maximum_time_to_live_in_minutes int
    The maximum lifetime of a refresh token when using a refresh token expiration policy of SlidingWindowWithMaximumLifetime. Value must be greater than 0.
    refresh_token_ttl_minutes int
    The length of time in minutes the JWT refresh token will live before it is expired and is not able to be exchanged for a JWT.
    refresh_token_usage_policy str
    The refresh token usage policy. The following are valid values: Reusable - the token does not change after it was issued. OneTimeUse - the token value will be changed each time the token is used to refresh a JWT. The client must store the new value after each usage. Defaults to Reusable.
    ttl_seconds int
    The length of time in seconds the JWT will live before it is expired and no longer valid.
    accessTokenId String
    The Id of the signing key used to sign the access token.
    enabled Boolean
    Indicates if this application is using the JWT configuration defined here or the global JWT configuration defined by the System Configuration. If this is false the signing algorithm configured in the System Configuration will be used. If true the signing algorithm defined in this application will be used.
    idTokenKeyId String
    The Id of the signing key used to sign the Id token.
    refreshTokenExpirationPolicy String
    The Refresh Token expiration policy. The possible values are: Fixed - the expiration is calculated from the time the token is issued. SlidingWindow - the expiration is calculated from the last time the token was used. SlidingWindowWithMaximumLifetime - the expiration is calculated from the last time the token was used, or until refresh_token_sliding_window_maximum_time_to_live_in_minutes is reached.
    refreshTokenSlidingWindowMaximumTimeToLiveInMinutes Number
    The maximum lifetime of a refresh token when using a refresh token expiration policy of SlidingWindowWithMaximumLifetime. Value must be greater than 0.
    refreshTokenTtlMinutes Number
    The length of time in minutes the JWT refresh token will live before it is expired and is not able to be exchanged for a JWT.
    refreshTokenUsagePolicy String
    The refresh token usage policy. The following are valid values: Reusable - the token does not change after it was issued. OneTimeUse - the token value will be changed each time the token is used to refresh a JWT. The client must store the new value after each usage. Defaults to Reusable.
    ttlSeconds Number
    The length of time in seconds the JWT will live before it is expired and no longer valid.

    FusionAuthApplicationLambdaConfiguration, FusionAuthApplicationLambdaConfigurationArgs

    AccessTokenPopulateId string
    The Id of the Lambda that will be invoked when an access token is generated for this application. This will be utilized during OAuth2 and OpenID Connect authentication requests as well as when an access token is generated for the Login API.
    IdTokenPopulateId string
    The Id of the Lambda that will be invoked when an Id token is generated for this application during an OpenID Connect authentication request.
    Samlv2PopulateId string
    The Id of the Lambda that will be invoked when a a SAML response is generated during a SAML authentication request.
    SelfServiceRegistrationValidationId string
    The unique Id of the lambda that will be used to perform additional validation on registration form steps.
    UserinfoPopulateId string
    The Id of the Lambda that will be invoked when a UserInfo response is generated for this application.
    AccessTokenPopulateId string
    The Id of the Lambda that will be invoked when an access token is generated for this application. This will be utilized during OAuth2 and OpenID Connect authentication requests as well as when an access token is generated for the Login API.
    IdTokenPopulateId string
    The Id of the Lambda that will be invoked when an Id token is generated for this application during an OpenID Connect authentication request.
    Samlv2PopulateId string
    The Id of the Lambda that will be invoked when a a SAML response is generated during a SAML authentication request.
    SelfServiceRegistrationValidationId string
    The unique Id of the lambda that will be used to perform additional validation on registration form steps.
    UserinfoPopulateId string
    The Id of the Lambda that will be invoked when a UserInfo response is generated for this application.
    accessTokenPopulateId String
    The Id of the Lambda that will be invoked when an access token is generated for this application. This will be utilized during OAuth2 and OpenID Connect authentication requests as well as when an access token is generated for the Login API.
    idTokenPopulateId String
    The Id of the Lambda that will be invoked when an Id token is generated for this application during an OpenID Connect authentication request.
    samlv2PopulateId String
    The Id of the Lambda that will be invoked when a a SAML response is generated during a SAML authentication request.
    selfServiceRegistrationValidationId String
    The unique Id of the lambda that will be used to perform additional validation on registration form steps.
    userinfoPopulateId String
    The Id of the Lambda that will be invoked when a UserInfo response is generated for this application.
    accessTokenPopulateId string
    The Id of the Lambda that will be invoked when an access token is generated for this application. This will be utilized during OAuth2 and OpenID Connect authentication requests as well as when an access token is generated for the Login API.
    idTokenPopulateId string
    The Id of the Lambda that will be invoked when an Id token is generated for this application during an OpenID Connect authentication request.
    samlv2PopulateId string
    The Id of the Lambda that will be invoked when a a SAML response is generated during a SAML authentication request.
    selfServiceRegistrationValidationId string
    The unique Id of the lambda that will be used to perform additional validation on registration form steps.
    userinfoPopulateId string
    The Id of the Lambda that will be invoked when a UserInfo response is generated for this application.
    access_token_populate_id str
    The Id of the Lambda that will be invoked when an access token is generated for this application. This will be utilized during OAuth2 and OpenID Connect authentication requests as well as when an access token is generated for the Login API.
    id_token_populate_id str
    The Id of the Lambda that will be invoked when an Id token is generated for this application during an OpenID Connect authentication request.
    samlv2_populate_id str
    The Id of the Lambda that will be invoked when a a SAML response is generated during a SAML authentication request.
    self_service_registration_validation_id str
    The unique Id of the lambda that will be used to perform additional validation on registration form steps.
    userinfo_populate_id str
    The Id of the Lambda that will be invoked when a UserInfo response is generated for this application.
    accessTokenPopulateId String
    The Id of the Lambda that will be invoked when an access token is generated for this application. This will be utilized during OAuth2 and OpenID Connect authentication requests as well as when an access token is generated for the Login API.
    idTokenPopulateId String
    The Id of the Lambda that will be invoked when an Id token is generated for this application during an OpenID Connect authentication request.
    samlv2PopulateId String
    The Id of the Lambda that will be invoked when a a SAML response is generated during a SAML authentication request.
    selfServiceRegistrationValidationId String
    The unique Id of the lambda that will be used to perform additional validation on registration form steps.
    userinfoPopulateId String
    The Id of the Lambda that will be invoked when a UserInfo response is generated for this application.

    FusionAuthApplicationLoginConfiguration, FusionAuthApplicationLoginConfigurationArgs

    AllowTokenRefresh bool
    Indicates if a JWT may be refreshed using a Refresh Token for this application. This configuration is separate from issuing new Refresh Tokens which is controlled by the generateRefreshTokens parameter. This configuration indicates specifically if an existing Refresh Token may be used to request a new JWT using the Refresh API.
    GenerateRefreshTokens bool
    Indicates if a Refresh Token should be issued from the Login API
    RequireAuthentication bool
    Indicates if the Login API should require an API key. If you set this value to false and your FusionAuth API is on a public network, anyone may attempt to use the Login API.
    AllowTokenRefresh bool
    Indicates if a JWT may be refreshed using a Refresh Token for this application. This configuration is separate from issuing new Refresh Tokens which is controlled by the generateRefreshTokens parameter. This configuration indicates specifically if an existing Refresh Token may be used to request a new JWT using the Refresh API.
    GenerateRefreshTokens bool
    Indicates if a Refresh Token should be issued from the Login API
    RequireAuthentication bool
    Indicates if the Login API should require an API key. If you set this value to false and your FusionAuth API is on a public network, anyone may attempt to use the Login API.
    allowTokenRefresh Boolean
    Indicates if a JWT may be refreshed using a Refresh Token for this application. This configuration is separate from issuing new Refresh Tokens which is controlled by the generateRefreshTokens parameter. This configuration indicates specifically if an existing Refresh Token may be used to request a new JWT using the Refresh API.
    generateRefreshTokens Boolean
    Indicates if a Refresh Token should be issued from the Login API
    requireAuthentication Boolean
    Indicates if the Login API should require an API key. If you set this value to false and your FusionAuth API is on a public network, anyone may attempt to use the Login API.
    allowTokenRefresh boolean
    Indicates if a JWT may be refreshed using a Refresh Token for this application. This configuration is separate from issuing new Refresh Tokens which is controlled by the generateRefreshTokens parameter. This configuration indicates specifically if an existing Refresh Token may be used to request a new JWT using the Refresh API.
    generateRefreshTokens boolean
    Indicates if a Refresh Token should be issued from the Login API
    requireAuthentication boolean
    Indicates if the Login API should require an API key. If you set this value to false and your FusionAuth API is on a public network, anyone may attempt to use the Login API.
    allow_token_refresh bool
    Indicates if a JWT may be refreshed using a Refresh Token for this application. This configuration is separate from issuing new Refresh Tokens which is controlled by the generateRefreshTokens parameter. This configuration indicates specifically if an existing Refresh Token may be used to request a new JWT using the Refresh API.
    generate_refresh_tokens bool
    Indicates if a Refresh Token should be issued from the Login API
    require_authentication bool
    Indicates if the Login API should require an API key. If you set this value to false and your FusionAuth API is on a public network, anyone may attempt to use the Login API.
    allowTokenRefresh Boolean
    Indicates if a JWT may be refreshed using a Refresh Token for this application. This configuration is separate from issuing new Refresh Tokens which is controlled by the generateRefreshTokens parameter. This configuration indicates specifically if an existing Refresh Token may be used to request a new JWT using the Refresh API.
    generateRefreshTokens Boolean
    Indicates if a Refresh Token should be issued from the Login API
    requireAuthentication Boolean
    Indicates if the Login API should require an API key. If you set this value to false and your FusionAuth API is on a public network, anyone may attempt to use the Login API.

    FusionAuthApplicationMultiFactorConfiguration, FusionAuthApplicationMultiFactorConfigurationArgs

    EmailTemplateId string
    The Id of the email template that is used when notifying a user to complete a multi-factor authentication request.
    LoginPolicy string
    When enabled and a user has one or more two-factor methods configured, the user will be required to complete a two-factor challenge during login. When disabled, even when a user has configured one or more two-factor methods, the user will not be required to complete a two-factor challenge during login. When required, the user will be required to complete a two-factor challenge during login. Possible values are Enabled, Disabled or Required.
    SmsTemplateId string
    The Id of the SMS template that is used when notifying a user to complete a multi-factor authentication request.
    TrustPolicy string
    When multi_factor_configuration.login_policy is set to Enabled, this trust policy is utilized when determining if a user must complete a two-factor challenge during login. Possible values are Any, This or None.
    EmailTemplateId string
    The Id of the email template that is used when notifying a user to complete a multi-factor authentication request.
    LoginPolicy string
    When enabled and a user has one or more two-factor methods configured, the user will be required to complete a two-factor challenge during login. When disabled, even when a user has configured one or more two-factor methods, the user will not be required to complete a two-factor challenge during login. When required, the user will be required to complete a two-factor challenge during login. Possible values are Enabled, Disabled or Required.
    SmsTemplateId string
    The Id of the SMS template that is used when notifying a user to complete a multi-factor authentication request.
    TrustPolicy string
    When multi_factor_configuration.login_policy is set to Enabled, this trust policy is utilized when determining if a user must complete a two-factor challenge during login. Possible values are Any, This or None.
    emailTemplateId String
    The Id of the email template that is used when notifying a user to complete a multi-factor authentication request.
    loginPolicy String
    When enabled and a user has one or more two-factor methods configured, the user will be required to complete a two-factor challenge during login. When disabled, even when a user has configured one or more two-factor methods, the user will not be required to complete a two-factor challenge during login. When required, the user will be required to complete a two-factor challenge during login. Possible values are Enabled, Disabled or Required.
    smsTemplateId String
    The Id of the SMS template that is used when notifying a user to complete a multi-factor authentication request.
    trustPolicy String
    When multi_factor_configuration.login_policy is set to Enabled, this trust policy is utilized when determining if a user must complete a two-factor challenge during login. Possible values are Any, This or None.
    emailTemplateId string
    The Id of the email template that is used when notifying a user to complete a multi-factor authentication request.
    loginPolicy string
    When enabled and a user has one or more two-factor methods configured, the user will be required to complete a two-factor challenge during login. When disabled, even when a user has configured one or more two-factor methods, the user will not be required to complete a two-factor challenge during login. When required, the user will be required to complete a two-factor challenge during login. Possible values are Enabled, Disabled or Required.
    smsTemplateId string
    The Id of the SMS template that is used when notifying a user to complete a multi-factor authentication request.
    trustPolicy string
    When multi_factor_configuration.login_policy is set to Enabled, this trust policy is utilized when determining if a user must complete a two-factor challenge during login. Possible values are Any, This or None.
    email_template_id str
    The Id of the email template that is used when notifying a user to complete a multi-factor authentication request.
    login_policy str
    When enabled and a user has one or more two-factor methods configured, the user will be required to complete a two-factor challenge during login. When disabled, even when a user has configured one or more two-factor methods, the user will not be required to complete a two-factor challenge during login. When required, the user will be required to complete a two-factor challenge during login. Possible values are Enabled, Disabled or Required.
    sms_template_id str
    The Id of the SMS template that is used when notifying a user to complete a multi-factor authentication request.
    trust_policy str
    When multi_factor_configuration.login_policy is set to Enabled, this trust policy is utilized when determining if a user must complete a two-factor challenge during login. Possible values are Any, This or None.
    emailTemplateId String
    The Id of the email template that is used when notifying a user to complete a multi-factor authentication request.
    loginPolicy String
    When enabled and a user has one or more two-factor methods configured, the user will be required to complete a two-factor challenge during login. When disabled, even when a user has configured one or more two-factor methods, the user will not be required to complete a two-factor challenge during login. When required, the user will be required to complete a two-factor challenge during login. Possible values are Enabled, Disabled or Required.
    smsTemplateId String
    The Id of the SMS template that is used when notifying a user to complete a multi-factor authentication request.
    trustPolicy String
    When multi_factor_configuration.login_policy is set to Enabled, this trust policy is utilized when determining if a user must complete a two-factor challenge during login. Possible values are Any, This or None.

    FusionAuthApplicationOauthConfiguration, FusionAuthApplicationOauthConfigurationArgs

    ScopeHandlingPolicy string
    Controls the policy for handling of OAuth scopes when populating JWTs and the UserInfo response. The possible values are:

    • Compatibility - OAuth workflows will populate JWT and UserInfo claims in a manner compatible with versions of FusionAuth before version 1.50.0.
    • Strict - OAuth workflows will populate token and UserInfo claims according to the OpenID Connect 1.0 specification based on requested and consented scopes.
    UnknownScopePolicy string
    Controls the policy for handling unknown scopes on an OAuth request. The possible values are:

    • Allow - Unknown scopes will be allowed on the request, passed through the OAuth workflow, and written to the resulting tokens without consent.
    • Remove - Unknown scopes will be removed from the OAuth workflow, but the workflow will proceed without them.
    • Reject - Unknown scopes will be rejected and cause the OAuth workflow to fail with an error.
    AuthorizedOriginUrls List<string>
    An array of URLs that are the authorized origins for FusionAuth OAuth.
    AuthorizedRedirectUrls List<string>
    An array of URLs that are the authorized redirect URLs for FusionAuth OAuth.
    AuthorizedUrlValidationPolicy string
    Determines whether wildcard expressions will be allowed in the authorized_redirect_urls and authorized_origin_urls.
    ClientAuthenticationPolicy string
    Determines the client authentication requirements for the OAuth 2.0 Token endpoint.
    ClientId string
    The OAuth 2.0 client id. If you leave this blank during a POST, a client id will be generated for you. If you leave this blank during PUT, the previous value will be maintained. For both POST and PUT you can provide a value and it will be stored.
    ClientSecret string
    The OAuth 2.0 client secret. If you leave this blank during a POST, a secure secret will be generated for you. If you leave this blank during PUT, the previous value will be maintained. For both POST and PUT you can provide a value and it will be stored.
    ConsentMode string
    Controls the policy for prompting a user to consent to requested OAuth scopes. This configuration only takes effect when application.oauthConfiguration.relationship is ThirdParty. The possible values are:

    • AlwaysPrompt - Always prompt the user for consent.
    • RememberDecision - Remember previous consents; only prompt if the choice expires or if the requested or required scopes have changed. The duration of this persisted choice is controlled by the Tenant’s externalIdentifierConfiguration.rememberOAuthScopeConsentChoiceTimeToLiveInSeconds value.
    • NeverPrompt - The user will be never be prompted to consent to requested OAuth scopes. Permission will be granted implicitly as if this were a FirstParty application. This configuration is meant for testing purposes only and should not be used in production.
    Debug bool
    Whether or not FusionAuth will log a debug Event Log. This is particular useful for debugging the authorization code exchange with the Token endpoint during an Authorization Code grant."
    DeviceVerificationUrl string
    The device verification URL to be used with the Device Code grant type, this field is required when device_code is enabled.
    EnabledGrants List<string>
    The enabled grants for this application. In order to utilize a particular grant with the OAuth 2.0 endpoints you must have enabled the grant.
    GenerateRefreshTokens bool
    Determines if the OAuth 2.0 Token endpoint will generate a refresh token when the offline_access scope is requested.
    LogoutBehavior string
    Behavior when /oauth2/logout is called.
    LogoutUrl string
    The logout URL for the Application. FusionAuth will redirect to this URL after the user logs out of OAuth.
    ProofKeyForCodeExchangePolicy string
    Determines the PKCE requirements when using the authorization code grant.
    ProvidedScopePolicies List<theogravity.Fusionauth.Inputs.FusionAuthApplicationOauthConfigurationProvidedScopePolicy>
    Configures which of the default scopes are enabled and required.
    Relationship string
    The application’s relationship to the OAuth server. The possible values are:

    • FirstParty - The application has the same owner as the authorization server. Consent to requested OAuth scopes is granted implicitly.
    • ThirdParty - The application is external to the authorization server. Users will be prompted to consent to requested OAuth scopes based on the application object’s oauthConfiguration.consentMode value. Note: An Essentials or Enterprise plan is required to utilize third-party applications.
    RequireClientAuthentication bool
    Determines if the OAuth 2.0 Token endpoint requires client authentication. If this is enabled, the client must provide client credentials when using the Token endpoint. The client_id and client_secret may be provided using a Basic Authorization HTTP header, or by sending these parameters in the request body using POST data.

    Deprecated: In version 1.28.0 and beyond, client authentication can be managed via oauth_configuration.client_authentication_policy.

    RequireRegistration bool
    When enabled the user will be required to be registered, or complete registration before redirecting to the configured callback in the authorization code grant or the implicit grant. This configuration does not currently apply to any other grant.
    ScopeHandlingPolicy string
    Controls the policy for handling of OAuth scopes when populating JWTs and the UserInfo response. The possible values are:

    • Compatibility - OAuth workflows will populate JWT and UserInfo claims in a manner compatible with versions of FusionAuth before version 1.50.0.
    • Strict - OAuth workflows will populate token and UserInfo claims according to the OpenID Connect 1.0 specification based on requested and consented scopes.
    UnknownScopePolicy string
    Controls the policy for handling unknown scopes on an OAuth request. The possible values are:

    • Allow - Unknown scopes will be allowed on the request, passed through the OAuth workflow, and written to the resulting tokens without consent.
    • Remove - Unknown scopes will be removed from the OAuth workflow, but the workflow will proceed without them.
    • Reject - Unknown scopes will be rejected and cause the OAuth workflow to fail with an error.
    AuthorizedOriginUrls []string
    An array of URLs that are the authorized origins for FusionAuth OAuth.
    AuthorizedRedirectUrls []string
    An array of URLs that are the authorized redirect URLs for FusionAuth OAuth.
    AuthorizedUrlValidationPolicy string
    Determines whether wildcard expressions will be allowed in the authorized_redirect_urls and authorized_origin_urls.
    ClientAuthenticationPolicy string
    Determines the client authentication requirements for the OAuth 2.0 Token endpoint.
    ClientId string
    The OAuth 2.0 client id. If you leave this blank during a POST, a client id will be generated for you. If you leave this blank during PUT, the previous value will be maintained. For both POST and PUT you can provide a value and it will be stored.
    ClientSecret string
    The OAuth 2.0 client secret. If you leave this blank during a POST, a secure secret will be generated for you. If you leave this blank during PUT, the previous value will be maintained. For both POST and PUT you can provide a value and it will be stored.
    ConsentMode string
    Controls the policy for prompting a user to consent to requested OAuth scopes. This configuration only takes effect when application.oauthConfiguration.relationship is ThirdParty. The possible values are:

    • AlwaysPrompt - Always prompt the user for consent.
    • RememberDecision - Remember previous consents; only prompt if the choice expires or if the requested or required scopes have changed. The duration of this persisted choice is controlled by the Tenant’s externalIdentifierConfiguration.rememberOAuthScopeConsentChoiceTimeToLiveInSeconds value.
    • NeverPrompt - The user will be never be prompted to consent to requested OAuth scopes. Permission will be granted implicitly as if this were a FirstParty application. This configuration is meant for testing purposes only and should not be used in production.
    Debug bool
    Whether or not FusionAuth will log a debug Event Log. This is particular useful for debugging the authorization code exchange with the Token endpoint during an Authorization Code grant."
    DeviceVerificationUrl string
    The device verification URL to be used with the Device Code grant type, this field is required when device_code is enabled.
    EnabledGrants []string
    The enabled grants for this application. In order to utilize a particular grant with the OAuth 2.0 endpoints you must have enabled the grant.
    GenerateRefreshTokens bool
    Determines if the OAuth 2.0 Token endpoint will generate a refresh token when the offline_access scope is requested.
    LogoutBehavior string
    Behavior when /oauth2/logout is called.
    LogoutUrl string
    The logout URL for the Application. FusionAuth will redirect to this URL after the user logs out of OAuth.
    ProofKeyForCodeExchangePolicy string
    Determines the PKCE requirements when using the authorization code grant.
    ProvidedScopePolicies []FusionAuthApplicationOauthConfigurationProvidedScopePolicy
    Configures which of the default scopes are enabled and required.
    Relationship string
    The application’s relationship to the OAuth server. The possible values are:

    • FirstParty - The application has the same owner as the authorization server. Consent to requested OAuth scopes is granted implicitly.
    • ThirdParty - The application is external to the authorization server. Users will be prompted to consent to requested OAuth scopes based on the application object’s oauthConfiguration.consentMode value. Note: An Essentials or Enterprise plan is required to utilize third-party applications.
    RequireClientAuthentication bool
    Determines if the OAuth 2.0 Token endpoint requires client authentication. If this is enabled, the client must provide client credentials when using the Token endpoint. The client_id and client_secret may be provided using a Basic Authorization HTTP header, or by sending these parameters in the request body using POST data.

    Deprecated: In version 1.28.0 and beyond, client authentication can be managed via oauth_configuration.client_authentication_policy.

    RequireRegistration bool
    When enabled the user will be required to be registered, or complete registration before redirecting to the configured callback in the authorization code grant or the implicit grant. This configuration does not currently apply to any other grant.
    scopeHandlingPolicy String
    Controls the policy for handling of OAuth scopes when populating JWTs and the UserInfo response. The possible values are:

    • Compatibility - OAuth workflows will populate JWT and UserInfo claims in a manner compatible with versions of FusionAuth before version 1.50.0.
    • Strict - OAuth workflows will populate token and UserInfo claims according to the OpenID Connect 1.0 specification based on requested and consented scopes.
    unknownScopePolicy String
    Controls the policy for handling unknown scopes on an OAuth request. The possible values are:

    • Allow - Unknown scopes will be allowed on the request, passed through the OAuth workflow, and written to the resulting tokens without consent.
    • Remove - Unknown scopes will be removed from the OAuth workflow, but the workflow will proceed without them.
    • Reject - Unknown scopes will be rejected and cause the OAuth workflow to fail with an error.
    authorizedOriginUrls List<String>
    An array of URLs that are the authorized origins for FusionAuth OAuth.
    authorizedRedirectUrls List<String>
    An array of URLs that are the authorized redirect URLs for FusionAuth OAuth.
    authorizedUrlValidationPolicy String
    Determines whether wildcard expressions will be allowed in the authorized_redirect_urls and authorized_origin_urls.
    clientAuthenticationPolicy String
    Determines the client authentication requirements for the OAuth 2.0 Token endpoint.
    clientId String
    The OAuth 2.0 client id. If you leave this blank during a POST, a client id will be generated for you. If you leave this blank during PUT, the previous value will be maintained. For both POST and PUT you can provide a value and it will be stored.
    clientSecret String
    The OAuth 2.0 client secret. If you leave this blank during a POST, a secure secret will be generated for you. If you leave this blank during PUT, the previous value will be maintained. For both POST and PUT you can provide a value and it will be stored.
    consentMode String
    Controls the policy for prompting a user to consent to requested OAuth scopes. This configuration only takes effect when application.oauthConfiguration.relationship is ThirdParty. The possible values are:

    • AlwaysPrompt - Always prompt the user for consent.
    • RememberDecision - Remember previous consents; only prompt if the choice expires or if the requested or required scopes have changed. The duration of this persisted choice is controlled by the Tenant’s externalIdentifierConfiguration.rememberOAuthScopeConsentChoiceTimeToLiveInSeconds value.
    • NeverPrompt - The user will be never be prompted to consent to requested OAuth scopes. Permission will be granted implicitly as if this were a FirstParty application. This configuration is meant for testing purposes only and should not be used in production.
    debug Boolean
    Whether or not FusionAuth will log a debug Event Log. This is particular useful for debugging the authorization code exchange with the Token endpoint during an Authorization Code grant."
    deviceVerificationUrl String
    The device verification URL to be used with the Device Code grant type, this field is required when device_code is enabled.
    enabledGrants List<String>
    The enabled grants for this application. In order to utilize a particular grant with the OAuth 2.0 endpoints you must have enabled the grant.
    generateRefreshTokens Boolean
    Determines if the OAuth 2.0 Token endpoint will generate a refresh token when the offline_access scope is requested.
    logoutBehavior String
    Behavior when /oauth2/logout is called.
    logoutUrl String
    The logout URL for the Application. FusionAuth will redirect to this URL after the user logs out of OAuth.
    proofKeyForCodeExchangePolicy String
    Determines the PKCE requirements when using the authorization code grant.
    providedScopePolicies List<FusionAuthApplicationOauthConfigurationProvidedScopePolicy>
    Configures which of the default scopes are enabled and required.
    relationship String
    The application’s relationship to the OAuth server. The possible values are:

    • FirstParty - The application has the same owner as the authorization server. Consent to requested OAuth scopes is granted implicitly.
    • ThirdParty - The application is external to the authorization server. Users will be prompted to consent to requested OAuth scopes based on the application object’s oauthConfiguration.consentMode value. Note: An Essentials or Enterprise plan is required to utilize third-party applications.
    requireClientAuthentication Boolean
    Determines if the OAuth 2.0 Token endpoint requires client authentication. If this is enabled, the client must provide client credentials when using the Token endpoint. The client_id and client_secret may be provided using a Basic Authorization HTTP header, or by sending these parameters in the request body using POST data.

    Deprecated: In version 1.28.0 and beyond, client authentication can be managed via oauth_configuration.client_authentication_policy.

    requireRegistration Boolean
    When enabled the user will be required to be registered, or complete registration before redirecting to the configured callback in the authorization code grant or the implicit grant. This configuration does not currently apply to any other grant.
    scopeHandlingPolicy string
    Controls the policy for handling of OAuth scopes when populating JWTs and the UserInfo response. The possible values are:

    • Compatibility - OAuth workflows will populate JWT and UserInfo claims in a manner compatible with versions of FusionAuth before version 1.50.0.
    • Strict - OAuth workflows will populate token and UserInfo claims according to the OpenID Connect 1.0 specification based on requested and consented scopes.
    unknownScopePolicy string
    Controls the policy for handling unknown scopes on an OAuth request. The possible values are:

    • Allow - Unknown scopes will be allowed on the request, passed through the OAuth workflow, and written to the resulting tokens without consent.
    • Remove - Unknown scopes will be removed from the OAuth workflow, but the workflow will proceed without them.
    • Reject - Unknown scopes will be rejected and cause the OAuth workflow to fail with an error.
    authorizedOriginUrls string[]
    An array of URLs that are the authorized origins for FusionAuth OAuth.
    authorizedRedirectUrls string[]
    An array of URLs that are the authorized redirect URLs for FusionAuth OAuth.
    authorizedUrlValidationPolicy string
    Determines whether wildcard expressions will be allowed in the authorized_redirect_urls and authorized_origin_urls.
    clientAuthenticationPolicy string
    Determines the client authentication requirements for the OAuth 2.0 Token endpoint.
    clientId string
    The OAuth 2.0 client id. If you leave this blank during a POST, a client id will be generated for you. If you leave this blank during PUT, the previous value will be maintained. For both POST and PUT you can provide a value and it will be stored.
    clientSecret string
    The OAuth 2.0 client secret. If you leave this blank during a POST, a secure secret will be generated for you. If you leave this blank during PUT, the previous value will be maintained. For both POST and PUT you can provide a value and it will be stored.
    consentMode string
    Controls the policy for prompting a user to consent to requested OAuth scopes. This configuration only takes effect when application.oauthConfiguration.relationship is ThirdParty. The possible values are:

    • AlwaysPrompt - Always prompt the user for consent.
    • RememberDecision - Remember previous consents; only prompt if the choice expires or if the requested or required scopes have changed. The duration of this persisted choice is controlled by the Tenant’s externalIdentifierConfiguration.rememberOAuthScopeConsentChoiceTimeToLiveInSeconds value.
    • NeverPrompt - The user will be never be prompted to consent to requested OAuth scopes. Permission will be granted implicitly as if this were a FirstParty application. This configuration is meant for testing purposes only and should not be used in production.
    debug boolean
    Whether or not FusionAuth will log a debug Event Log. This is particular useful for debugging the authorization code exchange with the Token endpoint during an Authorization Code grant."
    deviceVerificationUrl string
    The device verification URL to be used with the Device Code grant type, this field is required when device_code is enabled.
    enabledGrants string[]
    The enabled grants for this application. In order to utilize a particular grant with the OAuth 2.0 endpoints you must have enabled the grant.
    generateRefreshTokens boolean
    Determines if the OAuth 2.0 Token endpoint will generate a refresh token when the offline_access scope is requested.
    logoutBehavior string
    Behavior when /oauth2/logout is called.
    logoutUrl string
    The logout URL for the Application. FusionAuth will redirect to this URL after the user logs out of OAuth.
    proofKeyForCodeExchangePolicy string
    Determines the PKCE requirements when using the authorization code grant.
    providedScopePolicies FusionAuthApplicationOauthConfigurationProvidedScopePolicy[]
    Configures which of the default scopes are enabled and required.
    relationship string
    The application’s relationship to the OAuth server. The possible values are:

    • FirstParty - The application has the same owner as the authorization server. Consent to requested OAuth scopes is granted implicitly.
    • ThirdParty - The application is external to the authorization server. Users will be prompted to consent to requested OAuth scopes based on the application object’s oauthConfiguration.consentMode value. Note: An Essentials or Enterprise plan is required to utilize third-party applications.
    requireClientAuthentication boolean
    Determines if the OAuth 2.0 Token endpoint requires client authentication. If this is enabled, the client must provide client credentials when using the Token endpoint. The client_id and client_secret may be provided using a Basic Authorization HTTP header, or by sending these parameters in the request body using POST data.

    Deprecated: In version 1.28.0 and beyond, client authentication can be managed via oauth_configuration.client_authentication_policy.

    requireRegistration boolean
    When enabled the user will be required to be registered, or complete registration before redirecting to the configured callback in the authorization code grant or the implicit grant. This configuration does not currently apply to any other grant.
    scope_handling_policy str
    Controls the policy for handling of OAuth scopes when populating JWTs and the UserInfo response. The possible values are:

    • Compatibility - OAuth workflows will populate JWT and UserInfo claims in a manner compatible with versions of FusionAuth before version 1.50.0.
    • Strict - OAuth workflows will populate token and UserInfo claims according to the OpenID Connect 1.0 specification based on requested and consented scopes.
    unknown_scope_policy str
    Controls the policy for handling unknown scopes on an OAuth request. The possible values are:

    • Allow - Unknown scopes will be allowed on the request, passed through the OAuth workflow, and written to the resulting tokens without consent.
    • Remove - Unknown scopes will be removed from the OAuth workflow, but the workflow will proceed without them.
    • Reject - Unknown scopes will be rejected and cause the OAuth workflow to fail with an error.
    authorized_origin_urls Sequence[str]
    An array of URLs that are the authorized origins for FusionAuth OAuth.
    authorized_redirect_urls Sequence[str]
    An array of URLs that are the authorized redirect URLs for FusionAuth OAuth.
    authorized_url_validation_policy str
    Determines whether wildcard expressions will be allowed in the authorized_redirect_urls and authorized_origin_urls.
    client_authentication_policy str
    Determines the client authentication requirements for the OAuth 2.0 Token endpoint.
    client_id str
    The OAuth 2.0 client id. If you leave this blank during a POST, a client id will be generated for you. If you leave this blank during PUT, the previous value will be maintained. For both POST and PUT you can provide a value and it will be stored.
    client_secret str
    The OAuth 2.0 client secret. If you leave this blank during a POST, a secure secret will be generated for you. If you leave this blank during PUT, the previous value will be maintained. For both POST and PUT you can provide a value and it will be stored.
    consent_mode str
    Controls the policy for prompting a user to consent to requested OAuth scopes. This configuration only takes effect when application.oauthConfiguration.relationship is ThirdParty. The possible values are:

    • AlwaysPrompt - Always prompt the user for consent.
    • RememberDecision - Remember previous consents; only prompt if the choice expires or if the requested or required scopes have changed. The duration of this persisted choice is controlled by the Tenant’s externalIdentifierConfiguration.rememberOAuthScopeConsentChoiceTimeToLiveInSeconds value.
    • NeverPrompt - The user will be never be prompted to consent to requested OAuth scopes. Permission will be granted implicitly as if this were a FirstParty application. This configuration is meant for testing purposes only and should not be used in production.
    debug bool
    Whether or not FusionAuth will log a debug Event Log. This is particular useful for debugging the authorization code exchange with the Token endpoint during an Authorization Code grant."
    device_verification_url str
    The device verification URL to be used with the Device Code grant type, this field is required when device_code is enabled.
    enabled_grants Sequence[str]
    The enabled grants for this application. In order to utilize a particular grant with the OAuth 2.0 endpoints you must have enabled the grant.
    generate_refresh_tokens bool
    Determines if the OAuth 2.0 Token endpoint will generate a refresh token when the offline_access scope is requested.
    logout_behavior str
    Behavior when /oauth2/logout is called.
    logout_url str
    The logout URL for the Application. FusionAuth will redirect to this URL after the user logs out of OAuth.
    proof_key_for_code_exchange_policy str
    Determines the PKCE requirements when using the authorization code grant.
    provided_scope_policies Sequence[FusionAuthApplicationOauthConfigurationProvidedScopePolicy]
    Configures which of the default scopes are enabled and required.
    relationship str
    The application’s relationship to the OAuth server. The possible values are:

    • FirstParty - The application has the same owner as the authorization server. Consent to requested OAuth scopes is granted implicitly.
    • ThirdParty - The application is external to the authorization server. Users will be prompted to consent to requested OAuth scopes based on the application object’s oauthConfiguration.consentMode value. Note: An Essentials or Enterprise plan is required to utilize third-party applications.
    require_client_authentication bool
    Determines if the OAuth 2.0 Token endpoint requires client authentication. If this is enabled, the client must provide client credentials when using the Token endpoint. The client_id and client_secret may be provided using a Basic Authorization HTTP header, or by sending these parameters in the request body using POST data.

    Deprecated: In version 1.28.0 and beyond, client authentication can be managed via oauth_configuration.client_authentication_policy.

    require_registration bool
    When enabled the user will be required to be registered, or complete registration before redirecting to the configured callback in the authorization code grant or the implicit grant. This configuration does not currently apply to any other grant.
    scopeHandlingPolicy String
    Controls the policy for handling of OAuth scopes when populating JWTs and the UserInfo response. The possible values are:

    • Compatibility - OAuth workflows will populate JWT and UserInfo claims in a manner compatible with versions of FusionAuth before version 1.50.0.
    • Strict - OAuth workflows will populate token and UserInfo claims according to the OpenID Connect 1.0 specification based on requested and consented scopes.
    unknownScopePolicy String
    Controls the policy for handling unknown scopes on an OAuth request. The possible values are:

    • Allow - Unknown scopes will be allowed on the request, passed through the OAuth workflow, and written to the resulting tokens without consent.
    • Remove - Unknown scopes will be removed from the OAuth workflow, but the workflow will proceed without them.
    • Reject - Unknown scopes will be rejected and cause the OAuth workflow to fail with an error.
    authorizedOriginUrls List<String>
    An array of URLs that are the authorized origins for FusionAuth OAuth.
    authorizedRedirectUrls List<String>
    An array of URLs that are the authorized redirect URLs for FusionAuth OAuth.
    authorizedUrlValidationPolicy String
    Determines whether wildcard expressions will be allowed in the authorized_redirect_urls and authorized_origin_urls.
    clientAuthenticationPolicy String
    Determines the client authentication requirements for the OAuth 2.0 Token endpoint.
    clientId String
    The OAuth 2.0 client id. If you leave this blank during a POST, a client id will be generated for you. If you leave this blank during PUT, the previous value will be maintained. For both POST and PUT you can provide a value and it will be stored.
    clientSecret String
    The OAuth 2.0 client secret. If you leave this blank during a POST, a secure secret will be generated for you. If you leave this blank during PUT, the previous value will be maintained. For both POST and PUT you can provide a value and it will be stored.
    consentMode String
    Controls the policy for prompting a user to consent to requested OAuth scopes. This configuration only takes effect when application.oauthConfiguration.relationship is ThirdParty. The possible values are:

    • AlwaysPrompt - Always prompt the user for consent.
    • RememberDecision - Remember previous consents; only prompt if the choice expires or if the requested or required scopes have changed. The duration of this persisted choice is controlled by the Tenant’s externalIdentifierConfiguration.rememberOAuthScopeConsentChoiceTimeToLiveInSeconds value.
    • NeverPrompt - The user will be never be prompted to consent to requested OAuth scopes. Permission will be granted implicitly as if this were a FirstParty application. This configuration is meant for testing purposes only and should not be used in production.
    debug Boolean
    Whether or not FusionAuth will log a debug Event Log. This is particular useful for debugging the authorization code exchange with the Token endpoint during an Authorization Code grant."
    deviceVerificationUrl String
    The device verification URL to be used with the Device Code grant type, this field is required when device_code is enabled.
    enabledGrants List<String>
    The enabled grants for this application. In order to utilize a particular grant with the OAuth 2.0 endpoints you must have enabled the grant.
    generateRefreshTokens Boolean
    Determines if the OAuth 2.0 Token endpoint will generate a refresh token when the offline_access scope is requested.
    logoutBehavior String
    Behavior when /oauth2/logout is called.
    logoutUrl String
    The logout URL for the Application. FusionAuth will redirect to this URL after the user logs out of OAuth.
    proofKeyForCodeExchangePolicy String
    Determines the PKCE requirements when using the authorization code grant.
    providedScopePolicies List<Property Map>
    Configures which of the default scopes are enabled and required.
    relationship String
    The application’s relationship to the OAuth server. The possible values are:

    • FirstParty - The application has the same owner as the authorization server. Consent to requested OAuth scopes is granted implicitly.
    • ThirdParty - The application is external to the authorization server. Users will be prompted to consent to requested OAuth scopes based on the application object’s oauthConfiguration.consentMode value. Note: An Essentials or Enterprise plan is required to utilize third-party applications.
    requireClientAuthentication Boolean
    Determines if the OAuth 2.0 Token endpoint requires client authentication. If this is enabled, the client must provide client credentials when using the Token endpoint. The client_id and client_secret may be provided using a Basic Authorization HTTP header, or by sending these parameters in the request body using POST data.

    Deprecated: In version 1.28.0 and beyond, client authentication can be managed via oauth_configuration.client_authentication_policy.

    requireRegistration Boolean
    When enabled the user will be required to be registered, or complete registration before redirecting to the configured callback in the authorization code grant or the implicit grant. This configuration does not currently apply to any other grant.

    FusionAuthApplicationOauthConfigurationProvidedScopePolicy, FusionAuthApplicationOauthConfigurationProvidedScopePolicyArgs

    FusionAuthApplicationOauthConfigurationProvidedScopePolicyAddress, FusionAuthApplicationOauthConfigurationProvidedScopePolicyAddressArgs

    Enabled bool
    Required bool
    Enabled bool
    Required bool
    enabled Boolean
    required Boolean
    enabled boolean
    required boolean
    enabled bool
    required bool
    enabled Boolean
    required Boolean

    FusionAuthApplicationOauthConfigurationProvidedScopePolicyEmail, FusionAuthApplicationOauthConfigurationProvidedScopePolicyEmailArgs

    Enabled bool
    Required bool
    Enabled bool
    Required bool
    enabled Boolean
    required Boolean
    enabled boolean
    required boolean
    enabled bool
    required bool
    enabled Boolean
    required Boolean

    FusionAuthApplicationOauthConfigurationProvidedScopePolicyPhone, FusionAuthApplicationOauthConfigurationProvidedScopePolicyPhoneArgs

    Enabled bool
    Required bool
    Enabled bool
    Required bool
    enabled Boolean
    required Boolean
    enabled boolean
    required boolean
    enabled bool
    required bool
    enabled Boolean
    required Boolean

    FusionAuthApplicationOauthConfigurationProvidedScopePolicyProfile, FusionAuthApplicationOauthConfigurationProvidedScopePolicyProfileArgs

    Enabled bool
    Required bool
    Enabled bool
    Required bool
    enabled Boolean
    required Boolean
    enabled boolean
    required boolean
    enabled bool
    required bool
    enabled Boolean
    required Boolean

    FusionAuthApplicationRegistrationConfiguration, FusionAuthApplicationRegistrationConfigurationArgs

    BirthDate theogravity.Fusionauth.Inputs.FusionAuthApplicationRegistrationConfigurationBirthDate
    ConfirmPassword bool
    Determines if the password should be confirmed during self service registration, this means that the user will be required to type the password twice.
    Enabled bool
    Determines if self service registration is enabled for this application. When this value is false, you may still use the Registration API, this only affects if the self service option is available during the OAuth 2.0 login.
    FirstName theogravity.Fusionauth.Inputs.FusionAuthApplicationRegistrationConfigurationFirstName
    FormId string
    The Id of an associated Form when using advanced registration configuration type. This field is required when application.registrationConfiguration.type is set to advanced.
    FullName theogravity.Fusionauth.Inputs.FusionAuthApplicationRegistrationConfigurationFullName
    LastName theogravity.Fusionauth.Inputs.FusionAuthApplicationRegistrationConfigurationLastName
    LoginIdType string
    The unique login Id that will be collected during registration, this value can be email or username. Leaving the default value of email is preferred because an email address is globally unique.
    MiddleName theogravity.Fusionauth.Inputs.FusionAuthApplicationRegistrationConfigurationMiddleName
    MobilePhone theogravity.Fusionauth.Inputs.FusionAuthApplicationRegistrationConfigurationMobilePhone
    PreferredLanguages theogravity.Fusionauth.Inputs.FusionAuthApplicationRegistrationConfigurationPreferredLanguages
    Type string
    The type of registration flow.
    BirthDate FusionAuthApplicationRegistrationConfigurationBirthDate
    ConfirmPassword bool
    Determines if the password should be confirmed during self service registration, this means that the user will be required to type the password twice.
    Enabled bool
    Determines if self service registration is enabled for this application. When this value is false, you may still use the Registration API, this only affects if the self service option is available during the OAuth 2.0 login.
    FirstName FusionAuthApplicationRegistrationConfigurationFirstName
    FormId string
    The Id of an associated Form when using advanced registration configuration type. This field is required when application.registrationConfiguration.type is set to advanced.
    FullName FusionAuthApplicationRegistrationConfigurationFullName
    LastName FusionAuthApplicationRegistrationConfigurationLastName
    LoginIdType string
    The unique login Id that will be collected during registration, this value can be email or username. Leaving the default value of email is preferred because an email address is globally unique.
    MiddleName FusionAuthApplicationRegistrationConfigurationMiddleName
    MobilePhone FusionAuthApplicationRegistrationConfigurationMobilePhone
    PreferredLanguages FusionAuthApplicationRegistrationConfigurationPreferredLanguages
    Type string
    The type of registration flow.
    birthDate FusionAuthApplicationRegistrationConfigurationBirthDate
    confirmPassword Boolean
    Determines if the password should be confirmed during self service registration, this means that the user will be required to type the password twice.
    enabled Boolean
    Determines if self service registration is enabled for this application. When this value is false, you may still use the Registration API, this only affects if the self service option is available during the OAuth 2.0 login.
    firstName FusionAuthApplicationRegistrationConfigurationFirstName
    formId String
    The Id of an associated Form when using advanced registration configuration type. This field is required when application.registrationConfiguration.type is set to advanced.
    fullName FusionAuthApplicationRegistrationConfigurationFullName
    lastName FusionAuthApplicationRegistrationConfigurationLastName
    loginIdType String
    The unique login Id that will be collected during registration, this value can be email or username. Leaving the default value of email is preferred because an email address is globally unique.
    middleName FusionAuthApplicationRegistrationConfigurationMiddleName
    mobilePhone FusionAuthApplicationRegistrationConfigurationMobilePhone
    preferredLanguages FusionAuthApplicationRegistrationConfigurationPreferredLanguages
    type String
    The type of registration flow.
    birthDate FusionAuthApplicationRegistrationConfigurationBirthDate
    confirmPassword boolean
    Determines if the password should be confirmed during self service registration, this means that the user will be required to type the password twice.
    enabled boolean
    Determines if self service registration is enabled for this application. When this value is false, you may still use the Registration API, this only affects if the self service option is available during the OAuth 2.0 login.
    firstName FusionAuthApplicationRegistrationConfigurationFirstName
    formId string
    The Id of an associated Form when using advanced registration configuration type. This field is required when application.registrationConfiguration.type is set to advanced.
    fullName FusionAuthApplicationRegistrationConfigurationFullName
    lastName FusionAuthApplicationRegistrationConfigurationLastName
    loginIdType string
    The unique login Id that will be collected during registration, this value can be email or username. Leaving the default value of email is preferred because an email address is globally unique.
    middleName FusionAuthApplicationRegistrationConfigurationMiddleName
    mobilePhone FusionAuthApplicationRegistrationConfigurationMobilePhone
    preferredLanguages FusionAuthApplicationRegistrationConfigurationPreferredLanguages
    type string
    The type of registration flow.
    birth_date FusionAuthApplicationRegistrationConfigurationBirthDate
    confirm_password bool
    Determines if the password should be confirmed during self service registration, this means that the user will be required to type the password twice.
    enabled bool
    Determines if self service registration is enabled for this application. When this value is false, you may still use the Registration API, this only affects if the self service option is available during the OAuth 2.0 login.
    first_name FusionAuthApplicationRegistrationConfigurationFirstName
    form_id str
    The Id of an associated Form when using advanced registration configuration type. This field is required when application.registrationConfiguration.type is set to advanced.
    full_name FusionAuthApplicationRegistrationConfigurationFullName
    last_name FusionAuthApplicationRegistrationConfigurationLastName
    login_id_type str
    The unique login Id that will be collected during registration, this value can be email or username. Leaving the default value of email is preferred because an email address is globally unique.
    middle_name FusionAuthApplicationRegistrationConfigurationMiddleName
    mobile_phone FusionAuthApplicationRegistrationConfigurationMobilePhone
    preferred_languages FusionAuthApplicationRegistrationConfigurationPreferredLanguages
    type str
    The type of registration flow.
    birthDate Property Map
    confirmPassword Boolean
    Determines if the password should be confirmed during self service registration, this means that the user will be required to type the password twice.
    enabled Boolean
    Determines if self service registration is enabled for this application. When this value is false, you may still use the Registration API, this only affects if the self service option is available during the OAuth 2.0 login.
    firstName Property Map
    formId String
    The Id of an associated Form when using advanced registration configuration type. This field is required when application.registrationConfiguration.type is set to advanced.
    fullName Property Map
    lastName Property Map
    loginIdType String
    The unique login Id that will be collected during registration, this value can be email or username. Leaving the default value of email is preferred because an email address is globally unique.
    middleName Property Map
    mobilePhone Property Map
    preferredLanguages Property Map
    type String
    The type of registration flow.

    FusionAuthApplicationRegistrationConfigurationBirthDate, FusionAuthApplicationRegistrationConfigurationBirthDateArgs

    Enabled bool
    Required bool
    Enabled bool
    Required bool
    enabled Boolean
    required Boolean
    enabled boolean
    required boolean
    enabled bool
    required bool
    enabled Boolean
    required Boolean

    FusionAuthApplicationRegistrationConfigurationFirstName, FusionAuthApplicationRegistrationConfigurationFirstNameArgs

    Enabled bool
    Required bool
    Enabled bool
    Required bool
    enabled Boolean
    required Boolean
    enabled boolean
    required boolean
    enabled bool
    required bool
    enabled Boolean
    required Boolean

    FusionAuthApplicationRegistrationConfigurationFullName, FusionAuthApplicationRegistrationConfigurationFullNameArgs

    Enabled bool
    Required bool
    Enabled bool
    Required bool
    enabled Boolean
    required Boolean
    enabled boolean
    required boolean
    enabled bool
    required bool
    enabled Boolean
    required Boolean

    FusionAuthApplicationRegistrationConfigurationLastName, FusionAuthApplicationRegistrationConfigurationLastNameArgs

    Enabled bool
    Required bool
    Enabled bool
    Required bool
    enabled Boolean
    required Boolean
    enabled boolean
    required boolean
    enabled bool
    required bool
    enabled Boolean
    required Boolean

    FusionAuthApplicationRegistrationConfigurationMiddleName, FusionAuthApplicationRegistrationConfigurationMiddleNameArgs

    Enabled bool
    Required bool
    Enabled bool
    Required bool
    enabled Boolean
    required Boolean
    enabled boolean
    required boolean
    enabled bool
    required bool
    enabled Boolean
    required Boolean

    FusionAuthApplicationRegistrationConfigurationMobilePhone, FusionAuthApplicationRegistrationConfigurationMobilePhoneArgs

    Enabled bool
    Required bool
    Enabled bool
    Required bool
    enabled Boolean
    required Boolean
    enabled boolean
    required boolean
    enabled bool
    required bool
    enabled Boolean
    required Boolean

    FusionAuthApplicationRegistrationConfigurationPreferredLanguages, FusionAuthApplicationRegistrationConfigurationPreferredLanguagesArgs

    Enabled bool
    Required bool
    Enabled bool
    Required bool
    enabled Boolean
    required Boolean
    enabled boolean
    required boolean
    enabled bool
    required bool
    enabled Boolean
    required Boolean

    FusionAuthApplicationRegistrationDeletePolicy, FusionAuthApplicationRegistrationDeletePolicyArgs

    UnverifiedEnabled bool
    Indicates that users without a verified registration for this application will have their registration permanently deleted after application.registrationDeletePolicy.unverified.numberOfDaysToRetain days.
    UnverifiedNumberOfDaysToRetain int
    The number of days from registration a user’s registration will be retained before being deleted for not completing registration verification. This field is required when application.registrationDeletePolicy.enabled is set to true. Value must be greater than 0.
    UnverifiedEnabled bool
    Indicates that users without a verified registration for this application will have their registration permanently deleted after application.registrationDeletePolicy.unverified.numberOfDaysToRetain days.
    UnverifiedNumberOfDaysToRetain int
    The number of days from registration a user’s registration will be retained before being deleted for not completing registration verification. This field is required when application.registrationDeletePolicy.enabled is set to true. Value must be greater than 0.
    unverifiedEnabled Boolean
    Indicates that users without a verified registration for this application will have their registration permanently deleted after application.registrationDeletePolicy.unverified.numberOfDaysToRetain days.
    unverifiedNumberOfDaysToRetain Integer
    The number of days from registration a user’s registration will be retained before being deleted for not completing registration verification. This field is required when application.registrationDeletePolicy.enabled is set to true. Value must be greater than 0.
    unverifiedEnabled boolean
    Indicates that users without a verified registration for this application will have their registration permanently deleted after application.registrationDeletePolicy.unverified.numberOfDaysToRetain days.
    unverifiedNumberOfDaysToRetain number
    The number of days from registration a user’s registration will be retained before being deleted for not completing registration verification. This field is required when application.registrationDeletePolicy.enabled is set to true. Value must be greater than 0.
    unverified_enabled bool
    Indicates that users without a verified registration for this application will have their registration permanently deleted after application.registrationDeletePolicy.unverified.numberOfDaysToRetain days.
    unverified_number_of_days_to_retain int
    The number of days from registration a user’s registration will be retained before being deleted for not completing registration verification. This field is required when application.registrationDeletePolicy.enabled is set to true. Value must be greater than 0.
    unverifiedEnabled Boolean
    Indicates that users without a verified registration for this application will have their registration permanently deleted after application.registrationDeletePolicy.unverified.numberOfDaysToRetain days.
    unverifiedNumberOfDaysToRetain Number
    The number of days from registration a user’s registration will be retained before being deleted for not completing registration verification. This field is required when application.registrationDeletePolicy.enabled is set to true. Value must be greater than 0.

    FusionAuthApplicationSamlv2Configuration, FusionAuthApplicationSamlv2ConfigurationArgs

    AuthorizedRedirectUrls List<string>
    An array of URLs that are the authorized redirect URLs for FusionAuth OAuth.
    Issuer string
    The issuer that identifies the service provider and allows FusionAuth to load the correct Application and SAML configuration. If you don’t know the issuer, you can often times put in anything here and FusionAuth will display an error message with the issuer from the service provider when you test the SAML login.
    Audience string
    The audience for the SAML response sent to back to the service provider from FusionAuth. Some service providers require different audience values than the issuer and this configuration option lets you change the audience in the response.
    CallbackUrl string
    The URL of the callback (sometimes called the Assertion Consumer Service or ACS). This is where FusionAuth sends the browser after the user logs in via SAML.

    Deprecated: In version 1.20.0 and beyond, Callback URLs can be managed via authorized_redirect_urls.

    Debug bool
    Whether or not FusionAuth will log SAML debug messages to the event log. This is useful for debugging purposes.
    DefaultVerificationKeyId string
    Default verification key to use for HTTP Redirect Bindings, and for POST Bindings when no key is found in request.
    Enabled bool
    Whether or not the SAML IdP for this Application is enabled or not.
    KeyId string
    The id of the Key used to sign the SAML response. If you do not specify this property, FusionAuth will create a new key and associate it with this Application.
    Logout theogravity.Fusionauth.Inputs.FusionAuthApplicationSamlv2ConfigurationLogout
    LogoutUrl string
    The URL that the browser is taken to after the user logs out of the SAML service provider. Often service providers need this URL in order to correctly hook up single-logout. Note that FusionAuth does not support the SAML single-logout profile because most service providers to not support it properly.
    RequiredSignedRequests bool
    If set to true, will force verification through the key store.
    XmlSignatureCanonicalizationMethod string
    The XML signature canonicalization method used when digesting and signing the SAML response. Unfortunately, many service providers do not correctly implement the XML signature specifications and force a specific canonicalization method. This setting allows you to change the canonicalization method to match the service provider. Often, service providers don’t even document their required method. You might need to contact enterprise support at the service provider to figure out what method they use.
    XmlSignatureLocation string
    The location to place the XML signature when signing a successful SAML response.
    AuthorizedRedirectUrls []string
    An array of URLs that are the authorized redirect URLs for FusionAuth OAuth.
    Issuer string
    The issuer that identifies the service provider and allows FusionAuth to load the correct Application and SAML configuration. If you don’t know the issuer, you can often times put in anything here and FusionAuth will display an error message with the issuer from the service provider when you test the SAML login.
    Audience string
    The audience for the SAML response sent to back to the service provider from FusionAuth. Some service providers require different audience values than the issuer and this configuration option lets you change the audience in the response.
    CallbackUrl string
    The URL of the callback (sometimes called the Assertion Consumer Service or ACS). This is where FusionAuth sends the browser after the user logs in via SAML.

    Deprecated: In version 1.20.0 and beyond, Callback URLs can be managed via authorized_redirect_urls.

    Debug bool
    Whether or not FusionAuth will log SAML debug messages to the event log. This is useful for debugging purposes.
    DefaultVerificationKeyId string
    Default verification key to use for HTTP Redirect Bindings, and for POST Bindings when no key is found in request.
    Enabled bool
    Whether or not the SAML IdP for this Application is enabled or not.
    KeyId string
    The id of the Key used to sign the SAML response. If you do not specify this property, FusionAuth will create a new key and associate it with this Application.
    Logout FusionAuthApplicationSamlv2ConfigurationLogout
    LogoutUrl string
    The URL that the browser is taken to after the user logs out of the SAML service provider. Often service providers need this URL in order to correctly hook up single-logout. Note that FusionAuth does not support the SAML single-logout profile because most service providers to not support it properly.
    RequiredSignedRequests bool
    If set to true, will force verification through the key store.
    XmlSignatureCanonicalizationMethod string
    The XML signature canonicalization method used when digesting and signing the SAML response. Unfortunately, many service providers do not correctly implement the XML signature specifications and force a specific canonicalization method. This setting allows you to change the canonicalization method to match the service provider. Often, service providers don’t even document their required method. You might need to contact enterprise support at the service provider to figure out what method they use.
    XmlSignatureLocation string
    The location to place the XML signature when signing a successful SAML response.
    authorizedRedirectUrls List<String>
    An array of URLs that are the authorized redirect URLs for FusionAuth OAuth.
    issuer String
    The issuer that identifies the service provider and allows FusionAuth to load the correct Application and SAML configuration. If you don’t know the issuer, you can often times put in anything here and FusionAuth will display an error message with the issuer from the service provider when you test the SAML login.
    audience String
    The audience for the SAML response sent to back to the service provider from FusionAuth. Some service providers require different audience values than the issuer and this configuration option lets you change the audience in the response.
    callbackUrl String
    The URL of the callback (sometimes called the Assertion Consumer Service or ACS). This is where FusionAuth sends the browser after the user logs in via SAML.

    Deprecated: In version 1.20.0 and beyond, Callback URLs can be managed via authorized_redirect_urls.

    debug Boolean
    Whether or not FusionAuth will log SAML debug messages to the event log. This is useful for debugging purposes.
    defaultVerificationKeyId String
    Default verification key to use for HTTP Redirect Bindings, and for POST Bindings when no key is found in request.
    enabled Boolean
    Whether or not the SAML IdP for this Application is enabled or not.
    keyId String
    The id of the Key used to sign the SAML response. If you do not specify this property, FusionAuth will create a new key and associate it with this Application.
    logout FusionAuthApplicationSamlv2ConfigurationLogout
    logoutUrl String
    The URL that the browser is taken to after the user logs out of the SAML service provider. Often service providers need this URL in order to correctly hook up single-logout. Note that FusionAuth does not support the SAML single-logout profile because most service providers to not support it properly.
    requiredSignedRequests Boolean
    If set to true, will force verification through the key store.
    xmlSignatureCanonicalizationMethod String
    The XML signature canonicalization method used when digesting and signing the SAML response. Unfortunately, many service providers do not correctly implement the XML signature specifications and force a specific canonicalization method. This setting allows you to change the canonicalization method to match the service provider. Often, service providers don’t even document their required method. You might need to contact enterprise support at the service provider to figure out what method they use.
    xmlSignatureLocation String
    The location to place the XML signature when signing a successful SAML response.
    authorizedRedirectUrls string[]
    An array of URLs that are the authorized redirect URLs for FusionAuth OAuth.
    issuer string
    The issuer that identifies the service provider and allows FusionAuth to load the correct Application and SAML configuration. If you don’t know the issuer, you can often times put in anything here and FusionAuth will display an error message with the issuer from the service provider when you test the SAML login.
    audience string
    The audience for the SAML response sent to back to the service provider from FusionAuth. Some service providers require different audience values than the issuer and this configuration option lets you change the audience in the response.
    callbackUrl string
    The URL of the callback (sometimes called the Assertion Consumer Service or ACS). This is where FusionAuth sends the browser after the user logs in via SAML.

    Deprecated: In version 1.20.0 and beyond, Callback URLs can be managed via authorized_redirect_urls.

    debug boolean
    Whether or not FusionAuth will log SAML debug messages to the event log. This is useful for debugging purposes.
    defaultVerificationKeyId string
    Default verification key to use for HTTP Redirect Bindings, and for POST Bindings when no key is found in request.
    enabled boolean
    Whether or not the SAML IdP for this Application is enabled or not.
    keyId string
    The id of the Key used to sign the SAML response. If you do not specify this property, FusionAuth will create a new key and associate it with this Application.
    logout FusionAuthApplicationSamlv2ConfigurationLogout
    logoutUrl string
    The URL that the browser is taken to after the user logs out of the SAML service provider. Often service providers need this URL in order to correctly hook up single-logout. Note that FusionAuth does not support the SAML single-logout profile because most service providers to not support it properly.
    requiredSignedRequests boolean
    If set to true, will force verification through the key store.
    xmlSignatureCanonicalizationMethod string
    The XML signature canonicalization method used when digesting and signing the SAML response. Unfortunately, many service providers do not correctly implement the XML signature specifications and force a specific canonicalization method. This setting allows you to change the canonicalization method to match the service provider. Often, service providers don’t even document their required method. You might need to contact enterprise support at the service provider to figure out what method they use.
    xmlSignatureLocation string
    The location to place the XML signature when signing a successful SAML response.
    authorized_redirect_urls Sequence[str]
    An array of URLs that are the authorized redirect URLs for FusionAuth OAuth.
    issuer str
    The issuer that identifies the service provider and allows FusionAuth to load the correct Application and SAML configuration. If you don’t know the issuer, you can often times put in anything here and FusionAuth will display an error message with the issuer from the service provider when you test the SAML login.
    audience str
    The audience for the SAML response sent to back to the service provider from FusionAuth. Some service providers require different audience values than the issuer and this configuration option lets you change the audience in the response.
    callback_url str
    The URL of the callback (sometimes called the Assertion Consumer Service or ACS). This is where FusionAuth sends the browser after the user logs in via SAML.

    Deprecated: In version 1.20.0 and beyond, Callback URLs can be managed via authorized_redirect_urls.

    debug bool
    Whether or not FusionAuth will log SAML debug messages to the event log. This is useful for debugging purposes.
    default_verification_key_id str
    Default verification key to use for HTTP Redirect Bindings, and for POST Bindings when no key is found in request.
    enabled bool
    Whether or not the SAML IdP for this Application is enabled or not.
    key_id str
    The id of the Key used to sign the SAML response. If you do not specify this property, FusionAuth will create a new key and associate it with this Application.
    logout FusionAuthApplicationSamlv2ConfigurationLogout
    logout_url str
    The URL that the browser is taken to after the user logs out of the SAML service provider. Often service providers need this URL in order to correctly hook up single-logout. Note that FusionAuth does not support the SAML single-logout profile because most service providers to not support it properly.
    required_signed_requests bool
    If set to true, will force verification through the key store.
    xml_signature_canonicalization_method str
    The XML signature canonicalization method used when digesting and signing the SAML response. Unfortunately, many service providers do not correctly implement the XML signature specifications and force a specific canonicalization method. This setting allows you to change the canonicalization method to match the service provider. Often, service providers don’t even document their required method. You might need to contact enterprise support at the service provider to figure out what method they use.
    xml_signature_location str
    The location to place the XML signature when signing a successful SAML response.
    authorizedRedirectUrls List<String>
    An array of URLs that are the authorized redirect URLs for FusionAuth OAuth.
    issuer String
    The issuer that identifies the service provider and allows FusionAuth to load the correct Application and SAML configuration. If you don’t know the issuer, you can often times put in anything here and FusionAuth will display an error message with the issuer from the service provider when you test the SAML login.
    audience String
    The audience for the SAML response sent to back to the service provider from FusionAuth. Some service providers require different audience values than the issuer and this configuration option lets you change the audience in the response.
    callbackUrl String
    The URL of the callback (sometimes called the Assertion Consumer Service or ACS). This is where FusionAuth sends the browser after the user logs in via SAML.

    Deprecated: In version 1.20.0 and beyond, Callback URLs can be managed via authorized_redirect_urls.

    debug Boolean
    Whether or not FusionAuth will log SAML debug messages to the event log. This is useful for debugging purposes.
    defaultVerificationKeyId String
    Default verification key to use for HTTP Redirect Bindings, and for POST Bindings when no key is found in request.
    enabled Boolean
    Whether or not the SAML IdP for this Application is enabled or not.
    keyId String
    The id of the Key used to sign the SAML response. If you do not specify this property, FusionAuth will create a new key and associate it with this Application.
    logout Property Map
    logoutUrl String
    The URL that the browser is taken to after the user logs out of the SAML service provider. Often service providers need this URL in order to correctly hook up single-logout. Note that FusionAuth does not support the SAML single-logout profile because most service providers to not support it properly.
    requiredSignedRequests Boolean
    If set to true, will force verification through the key store.
    xmlSignatureCanonicalizationMethod String
    The XML signature canonicalization method used when digesting and signing the SAML response. Unfortunately, many service providers do not correctly implement the XML signature specifications and force a specific canonicalization method. This setting allows you to change the canonicalization method to match the service provider. Often, service providers don’t even document their required method. You might need to contact enterprise support at the service provider to figure out what method they use.
    xmlSignatureLocation String
    The location to place the XML signature when signing a successful SAML response.

    FusionAuthApplicationSamlv2ConfigurationLogout, FusionAuthApplicationSamlv2ConfigurationLogoutArgs

    Behavior string
    This configuration is functionally equivalent to the Logout Behavior found in the OAuth2 configuration.
    DefaultVerificationKeyId string
    The unique Id of the Key used to verify the signature if the public key cannot be determined by the KeyInfo element when using POST bindings, or the key used to verify the signature when using HTTP Redirect bindings.
    KeyId string
    The unique Id of the Key used to sign the SAML Logout response.
    RequireSignedRequests bool
    Set this parameter equal to true to require the SAML v2 Service Provider to sign the Logout request. When this value is true all Logout requests missing a signature will be rejected.
    SingleLogout theogravity.Fusionauth.Inputs.FusionAuthApplicationSamlv2ConfigurationLogoutSingleLogout
    XmlSignatureCanonicalizationMethod string
    The XML signature canonicalization method used when digesting and signing the SAML Logout response. Unfortunately, many service providers do not correctly implement the XML signature specifications and force a specific canonicalization method. This setting allows you to change the canonicalization method to match the service provider. Often, service providers don’t even document their required method. You might need to contact enterprise support at the service provider to figure out what method they use.
    Behavior string
    This configuration is functionally equivalent to the Logout Behavior found in the OAuth2 configuration.
    DefaultVerificationKeyId string
    The unique Id of the Key used to verify the signature if the public key cannot be determined by the KeyInfo element when using POST bindings, or the key used to verify the signature when using HTTP Redirect bindings.
    KeyId string
    The unique Id of the Key used to sign the SAML Logout response.
    RequireSignedRequests bool
    Set this parameter equal to true to require the SAML v2 Service Provider to sign the Logout request. When this value is true all Logout requests missing a signature will be rejected.
    SingleLogout FusionAuthApplicationSamlv2ConfigurationLogoutSingleLogout
    XmlSignatureCanonicalizationMethod string
    The XML signature canonicalization method used when digesting and signing the SAML Logout response. Unfortunately, many service providers do not correctly implement the XML signature specifications and force a specific canonicalization method. This setting allows you to change the canonicalization method to match the service provider. Often, service providers don’t even document their required method. You might need to contact enterprise support at the service provider to figure out what method they use.
    behavior String
    This configuration is functionally equivalent to the Logout Behavior found in the OAuth2 configuration.
    defaultVerificationKeyId String
    The unique Id of the Key used to verify the signature if the public key cannot be determined by the KeyInfo element when using POST bindings, or the key used to verify the signature when using HTTP Redirect bindings.
    keyId String
    The unique Id of the Key used to sign the SAML Logout response.
    requireSignedRequests Boolean
    Set this parameter equal to true to require the SAML v2 Service Provider to sign the Logout request. When this value is true all Logout requests missing a signature will be rejected.
    singleLogout FusionAuthApplicationSamlv2ConfigurationLogoutSingleLogout
    xmlSignatureCanonicalizationMethod String
    The XML signature canonicalization method used when digesting and signing the SAML Logout response. Unfortunately, many service providers do not correctly implement the XML signature specifications and force a specific canonicalization method. This setting allows you to change the canonicalization method to match the service provider. Often, service providers don’t even document their required method. You might need to contact enterprise support at the service provider to figure out what method they use.
    behavior string
    This configuration is functionally equivalent to the Logout Behavior found in the OAuth2 configuration.
    defaultVerificationKeyId string
    The unique Id of the Key used to verify the signature if the public key cannot be determined by the KeyInfo element when using POST bindings, or the key used to verify the signature when using HTTP Redirect bindings.
    keyId string
    The unique Id of the Key used to sign the SAML Logout response.
    requireSignedRequests boolean
    Set this parameter equal to true to require the SAML v2 Service Provider to sign the Logout request. When this value is true all Logout requests missing a signature will be rejected.
    singleLogout FusionAuthApplicationSamlv2ConfigurationLogoutSingleLogout
    xmlSignatureCanonicalizationMethod string
    The XML signature canonicalization method used when digesting and signing the SAML Logout response. Unfortunately, many service providers do not correctly implement the XML signature specifications and force a specific canonicalization method. This setting allows you to change the canonicalization method to match the service provider. Often, service providers don’t even document their required method. You might need to contact enterprise support at the service provider to figure out what method they use.
    behavior str
    This configuration is functionally equivalent to the Logout Behavior found in the OAuth2 configuration.
    default_verification_key_id str
    The unique Id of the Key used to verify the signature if the public key cannot be determined by the KeyInfo element when using POST bindings, or the key used to verify the signature when using HTTP Redirect bindings.
    key_id str
    The unique Id of the Key used to sign the SAML Logout response.
    require_signed_requests bool
    Set this parameter equal to true to require the SAML v2 Service Provider to sign the Logout request. When this value is true all Logout requests missing a signature will be rejected.
    single_logout FusionAuthApplicationSamlv2ConfigurationLogoutSingleLogout
    xml_signature_canonicalization_method str
    The XML signature canonicalization method used when digesting and signing the SAML Logout response. Unfortunately, many service providers do not correctly implement the XML signature specifications and force a specific canonicalization method. This setting allows you to change the canonicalization method to match the service provider. Often, service providers don’t even document their required method. You might need to contact enterprise support at the service provider to figure out what method they use.
    behavior String
    This configuration is functionally equivalent to the Logout Behavior found in the OAuth2 configuration.
    defaultVerificationKeyId String
    The unique Id of the Key used to verify the signature if the public key cannot be determined by the KeyInfo element when using POST bindings, or the key used to verify the signature when using HTTP Redirect bindings.
    keyId String
    The unique Id of the Key used to sign the SAML Logout response.
    requireSignedRequests Boolean
    Set this parameter equal to true to require the SAML v2 Service Provider to sign the Logout request. When this value is true all Logout requests missing a signature will be rejected.
    singleLogout Property Map
    xmlSignatureCanonicalizationMethod String
    The XML signature canonicalization method used when digesting and signing the SAML Logout response. Unfortunately, many service providers do not correctly implement the XML signature specifications and force a specific canonicalization method. This setting allows you to change the canonicalization method to match the service provider. Often, service providers don’t even document their required method. You might need to contact enterprise support at the service provider to figure out what method they use.

    FusionAuthApplicationSamlv2ConfigurationLogoutSingleLogout, FusionAuthApplicationSamlv2ConfigurationLogoutSingleLogoutArgs

    Enabled bool
    Whether or not SAML Single Logout for this SAML IdP is enabled.
    KeyId string
    The unique Id of the Key used to sign the SAML Single Logout response.
    Url string
    The URL at which you want to receive the LogoutRequest from FusionAuth.
    XmlSignatureCanonicalizationMethod string
    The XML signature canonicalization method used when digesting and signing the SAML Single Logout response. Unfortunately, many service providers do not correctly implement the XML signature specifications and force a specific canonicalization method. This setting allows you to change the canonicalization method to match the service provider. Often, service providers don’t even document their required method. You might need to contact enterprise support at the service provider to figure out what method they use.
    Enabled bool
    Whether or not SAML Single Logout for this SAML IdP is enabled.
    KeyId string
    The unique Id of the Key used to sign the SAML Single Logout response.
    Url string
    The URL at which you want to receive the LogoutRequest from FusionAuth.
    XmlSignatureCanonicalizationMethod string
    The XML signature canonicalization method used when digesting and signing the SAML Single Logout response. Unfortunately, many service providers do not correctly implement the XML signature specifications and force a specific canonicalization method. This setting allows you to change the canonicalization method to match the service provider. Often, service providers don’t even document their required method. You might need to contact enterprise support at the service provider to figure out what method they use.
    enabled Boolean
    Whether or not SAML Single Logout for this SAML IdP is enabled.
    keyId String
    The unique Id of the Key used to sign the SAML Single Logout response.
    url String
    The URL at which you want to receive the LogoutRequest from FusionAuth.
    xmlSignatureCanonicalizationMethod String
    The XML signature canonicalization method used when digesting and signing the SAML Single Logout response. Unfortunately, many service providers do not correctly implement the XML signature specifications and force a specific canonicalization method. This setting allows you to change the canonicalization method to match the service provider. Often, service providers don’t even document their required method. You might need to contact enterprise support at the service provider to figure out what method they use.
    enabled boolean
    Whether or not SAML Single Logout for this SAML IdP is enabled.
    keyId string
    The unique Id of the Key used to sign the SAML Single Logout response.
    url string
    The URL at which you want to receive the LogoutRequest from FusionAuth.
    xmlSignatureCanonicalizationMethod string
    The XML signature canonicalization method used when digesting and signing the SAML Single Logout response. Unfortunately, many service providers do not correctly implement the XML signature specifications and force a specific canonicalization method. This setting allows you to change the canonicalization method to match the service provider. Often, service providers don’t even document their required method. You might need to contact enterprise support at the service provider to figure out what method they use.
    enabled bool
    Whether or not SAML Single Logout for this SAML IdP is enabled.
    key_id str
    The unique Id of the Key used to sign the SAML Single Logout response.
    url str
    The URL at which you want to receive the LogoutRequest from FusionAuth.
    xml_signature_canonicalization_method str
    The XML signature canonicalization method used when digesting and signing the SAML Single Logout response. Unfortunately, many service providers do not correctly implement the XML signature specifications and force a specific canonicalization method. This setting allows you to change the canonicalization method to match the service provider. Often, service providers don’t even document their required method. You might need to contact enterprise support at the service provider to figure out what method they use.
    enabled Boolean
    Whether or not SAML Single Logout for this SAML IdP is enabled.
    keyId String
    The unique Id of the Key used to sign the SAML Single Logout response.
    url String
    The URL at which you want to receive the LogoutRequest from FusionAuth.
    xmlSignatureCanonicalizationMethod String
    The XML signature canonicalization method used when digesting and signing the SAML Single Logout response. Unfortunately, many service providers do not correctly implement the XML signature specifications and force a specific canonicalization method. This setting allows you to change the canonicalization method to match the service provider. Often, service providers don’t even document their required method. You might need to contact enterprise support at the service provider to figure out what method they use.

    Package Details

    Repository
    fusionauth theogravity/pulumi-fusionauth
    License
    MIT
    Notes
    This Pulumi package is based on the fusionauth Terraform Provider.
    fusionauth logo
    FusionAuth v5.1.0 published on Tuesday, Oct 22, 2024 by Theo Gravity