1. Packages
  2. FusionAuth
  3. API Docs
  4. FusionAuthTenant
FusionAuth v5.1.0 published on Tuesday, Oct 22, 2024 by Theo Gravity

fusionauth.FusionAuthTenant

Explore with Pulumi AI

fusionauth logo
FusionAuth v5.1.0 published on Tuesday, Oct 22, 2024 by Theo Gravity

    # Tenant Resource

    A FusionAuth Tenant is a named object that represents a discrete namespace for Users, Applications and Groups. A user is unique by email address or username within a tenant.

    Tenants may be useful to support a multi-tenant application where you wish to use a single instance of FusionAuth but require the ability to have duplicate users across the tenants in your own application. In this scenario a user may exist multiple times with the same email address and different passwords across tenants.

    Tenants may also be useful in a test or staging environment to allow multiple users to call APIs and create and modify users without possibility of collision.

    Tenants API

    Example Usage

    import * as pulumi from "@pulumi/pulumi";
    import * as fusionauth from "pulumi-fusionauth";
    
    const example = new fusionauth.FusionAuthTenant("example", {
        connectorPolicies: [{
            connectorId: "b57b3d0f-f7a4-4831-a838-549717362ea8",
            domains: ["*"],
            migrate: false,
        }],
        emailConfiguration: {
            forgotPasswordEmailTemplateId: fusionauth_email.ForgotPassword_Example.id,
            host: "smtp.sendgrid.net",
            password: "password",
            passwordlessEmailTemplateId: fusionauth_email.PasswordlessLogin_Example.id,
            port: 587,
            security: "TLS",
            setPasswordEmailTemplateId: fusionauth_email.SetupPassword_Example.id,
            username: "username",
            verifyEmail: true,
            verifyEmailWhenChanged: true,
            additionalHeaders: {
                HeaderName1: "HeaderValue1",
                HeaderName2: "HeaderValue2",
            },
        },
        eventConfigurations: [
            {
                enabled: false,
                event: "jwt.public-key.update",
                transactionType: "None",
            },
            {
                enabled: false,
                event: "jwt.refresh-token.revoke",
                transactionType: "None",
            },
            {
                enabled: false,
                event: "jwt.refresh",
                transactionType: "None",
            },
            {
                enabled: false,
                event: "group.create",
                transactionType: "None",
            },
            {
                enabled: false,
                event: "group.create.complete",
                transactionType: "None",
            },
            {
                enabled: false,
                event: "group.delete",
                transactionType: "None",
            },
            {
                enabled: false,
                event: "group.delete.complete",
                transactionType: "None",
            },
            {
                enabled: false,
                event: "group.member.add",
                transactionType: "None",
            },
            {
                enabled: false,
                event: "group.member.add.complete",
                transactionType: "None",
            },
            {
                enabled: false,
                event: "group.member.remove",
                transactionType: "None",
            },
            {
                enabled: false,
                event: "group.member.remove.complete",
                transactionType: "None",
            },
            {
                enabled: false,
                event: "group.member.update",
                transactionType: "None",
            },
            {
                enabled: false,
                event: "group.member.update.complete",
                transactionType: "None",
            },
            {
                enabled: false,
                event: "group.update",
                transactionType: "None",
            },
            {
                enabled: false,
                event: "group.update.complete",
                transactionType: "None",
            },
            {
                enabled: false,
                event: "user.action",
                transactionType: "None",
            },
            {
                event: "user.bulk.create",
                enabled: false,
                transactionType: "None",
            },
            {
                enabled: false,
                event: "user.create",
                transactionType: "None",
            },
            {
                enabled: false,
                event: "user.create.complete",
                transactionType: "None",
            },
            {
                enabled: false,
                event: "user.deactivate",
                transactionType: "None",
            },
            {
                enabled: false,
                event: "user.delete",
                transactionType: "None",
            },
            {
                enabled: false,
                event: "user.delete.complete",
                transactionType: "None",
            },
            {
                enabled: false,
                event: "user.email.update",
                transactionType: "None",
            },
            {
                enabled: false,
                event: "user.email.verified",
                transactionType: "None",
            },
            {
                enabled: false,
                event: "user.identity-provider.link",
                transactionType: "None",
            },
            {
                enabled: false,
                event: "user.identity-provider.unlink",
                transactionType: "None",
            },
            {
                enabled: false,
                event: "user.loginId.duplicate.create",
                transactionType: "None",
            },
            {
                enabled: false,
                event: "user.loginId.duplicate.update",
                transactionType: "None",
            },
            {
                enabled: false,
                event: "user.login.failed",
                transactionType: "None",
            },
            {
                enabled: false,
                event: "user.login.new-device",
                transactionType: "None",
            },
            {
                enabled: false,
                event: "user.login.success",
                transactionType: "None",
            },
            {
                enabled: false,
                event: "user.login.suspicious",
                transactionType: "None",
            },
            {
                enabled: false,
                event: "user.password.breach",
                transactionType: "None",
            },
            {
                enabled: false,
                event: "user.password.reset.send",
                transactionType: "None",
            },
            {
                enabled: false,
                event: "user.password.reset.start",
                transactionType: "None",
            },
            {
                enabled: false,
                event: "user.password.reset.success",
                transactionType: "None",
            },
            {
                enabled: false,
                event: "user.password.update",
                transactionType: "None",
            },
            {
                enabled: false,
                event: "user.reactivate",
                transactionType: "None",
            },
            {
                enabled: false,
                event: "user.registration.create",
                transactionType: "None",
            },
            {
                enabled: false,
                event: "user.registration.create.complete",
                transactionType: "None",
            },
            {
                enabled: false,
                event: "user.registration.delete",
                transactionType: "None",
            },
            {
                enabled: false,
                event: "user.registration.delete.complete",
                transactionType: "None",
            },
            {
                enabled: false,
                event: "user.registration.update",
                transactionType: "None",
            },
            {
                enabled: false,
                event: "user.registration.update.complete",
                transactionType: "None",
            },
            {
                enabled: false,
                event: "user.registration.verified",
                transactionType: "None",
            },
            {
                enabled: false,
                event: "user.two-factor.method.add",
                transactionType: "None",
            },
            {
                enabled: false,
                event: "user.two-factor.method.remove",
                transactionType: "None",
            },
            {
                enabled: false,
                event: "user.update",
                transactionType: "None",
            },
            {
                enabled: false,
                event: "user.update.complete",
                transactionType: "None",
            },
        ],
        externalIdentifierConfiguration: {
            authorizationGrantIdTimeToLiveInSeconds: 30,
            changePasswordIdGenerator: {
                length: 32,
                type: "randomBytes",
            },
            changePasswordIdTimeToLiveInSeconds: 600,
            deviceCodeTimeToLiveInSeconds: 1800,
            deviceUserCodeIdGenerator: {
                length: 6,
                type: "randomAlphaNumeric",
            },
            emailVerificationIdGenerator: {
                length: 32,
                type: "randomBytes",
            },
            emailVerificationIdTimeToLiveInSeconds: 86400,
            emailVerificationOneTimeCodeGenerator: {
                length: 6,
                type: "randomAlphaNumeric",
            },
            externalAuthenticationIdTimeToLiveInSeconds: 300,
            loginIntentTimeToLiveInSeconds: 1800,
            oneTimePasswordTimeToLiveInSeconds: 60,
            passwordlessLoginGenerator: {
                length: 32,
                type: "randomBytes",
            },
            passwordlessLoginTimeToLiveInSeconds: 600,
            registrationVerificationIdGenerator: {
                length: 32,
                type: "randomBytes",
            },
            registrationVerificationIdTimeToLiveInSeconds: 86400,
            registrationVerificationOneTimeCodeGenerator: {
                length: 6,
                type: "randomAlphaNumeric",
            },
            samlV2AuthnRequestIdTtlSeconds: 300,
            setupPasswordIdGenerator: {
                length: 32,
                type: "randomBytes",
            },
            setupPasswordIdTimeToLiveInSeconds: 86400,
            twoFactorIdTimeToLiveInSeconds: 300,
            twoFactorOneTimeCodeIdGenerator: {
                length: 6,
                type: "randomDigits",
            },
            twoFactorOneTimeCodeIdTimeToLiveInSeconds: 60,
            twoFactorTrustIdTimeToLiveInSeconds: 2592000,
        },
        failedAuthenticationConfiguration: {
            actionDuration: 3,
            actionDurationUnit: "MINUTES",
            resetCountInSeconds: 60,
            tooManyAttempts: 5,
        },
        familyConfiguration: {
            allowChildRegistrations: true,
            deleteOrphanedAccounts: false,
            deleteOrphanedAccountsDays: 30,
            enabled: true,
            maximumChildAge: 12,
            minimumOwnerAge: 21,
            parentEmailRequired: false,
        },
        formConfiguration: {
            adminUserFormId: "e92751a5-25f4-4bca-ad91-66cdf67725d2",
        },
        httpSessionMaxInactiveInterval: 3600,
        issuer: "https://example.com",
        jwtConfigurations: [{
            accessTokenKeyId: fusionauth_key.accesstoken.id,
            idTokenKeyId: fusionauth_key.idtoken.id,
            refreshTokenTimeToLiveInMinutes: 43200,
            timeToLiveInSeconds: 3600,
        }],
        loginConfiguration: {
            requireAuthentication: true,
        },
        maximumPasswordAge: {
            days: 180,
            enabled: false,
        },
        minimumPasswordAge: {
            enabled: false,
            seconds: 30,
        },
        oauthConfigurations: [{
            clientCredentialsAccessTokenPopulateLambdaId: fusionauth_lambda.client_jwt_populate.id,
        }],
        passwordEncryptionConfigurations: [{
            encryptionScheme: "salted-pbkdf2-hmac-sha256",
            encryptionSchemeFactor: 24000,
            modifyEncryptionSchemeOnLogin: false,
        }],
        passwordValidationRules: {
            maxLength: 256,
            minLength: 7,
            rememberPreviousPasswords: {
                count: 1,
                enabled: false,
            },
            requiredMixedCase: false,
            requireNonAlpha: false,
            requireNumber: false,
            validateOnLogin: false,
        },
        rateLimitConfiguration: {
            failedLogin: {
                enabled: true,
                limit: 5,
                timePeriodInSeconds: 60,
            },
            forgotPassword: {
                enabled: false,
                limit: 5,
                timePeriodInSeconds: 60,
            },
            sendEmailVerification: {
                enabled: false,
                limit: 5,
                timePeriodInSeconds: 60,
            },
            sendPasswordless: {
                enabled: false,
                limit: 5,
                timePeriodInSeconds: 60,
            },
            sendRegistrationVerification: {
                enabled: false,
                limit: 5,
                timePeriodInSeconds: 60,
            },
            sendTwoFactor: {
                enabled: false,
                limit: 5,
                timePeriodInSeconds: 60,
            },
        },
        registrationConfiguration: {
            blockedDomains: ["example.com"],
        },
        captchaConfiguration: {
            enabled: true,
            captchaMethod: "GoogleRecaptchaV3",
            siteKey: "captcha_site_key",
            secretKey: "captcha_secret_key",
            threshold: 0.5,
        },
        themeId: fusionauth_theme.example_theme.id,
        userDeletePolicy: {
            unverifiedEnabled: false,
            unverifiedNumberOfDaysToRetain: 30,
        },
    });
    
    import pulumi
    import theogravity_pulumi_fusionauth as fusionauth
    
    example = fusionauth.FusionAuthTenant("example",
        connector_policies=[fusionauth.FusionAuthTenantConnectorPolicyArgs(
            connector_id="b57b3d0f-f7a4-4831-a838-549717362ea8",
            domains=["*"],
            migrate=False,
        )],
        email_configuration=fusionauth.FusionAuthTenantEmailConfigurationArgs(
            forgot_password_email_template_id=fusionauth_email["ForgotPassword_Example"]["id"],
            host="smtp.sendgrid.net",
            password="password",
            passwordless_email_template_id=fusionauth_email["PasswordlessLogin_Example"]["id"],
            port=587,
            security="TLS",
            set_password_email_template_id=fusionauth_email["SetupPassword_Example"]["id"],
            username="username",
            verify_email=True,
            verify_email_when_changed=True,
            additional_headers={
                "HeaderName1": "HeaderValue1",
                "HeaderName2": "HeaderValue2",
            },
        ),
        event_configurations=[
            fusionauth.FusionAuthTenantEventConfigurationArgs(
                enabled=False,
                event="jwt.public-key.update",
                transaction_type="None",
            ),
            fusionauth.FusionAuthTenantEventConfigurationArgs(
                enabled=False,
                event="jwt.refresh-token.revoke",
                transaction_type="None",
            ),
            fusionauth.FusionAuthTenantEventConfigurationArgs(
                enabled=False,
                event="jwt.refresh",
                transaction_type="None",
            ),
            fusionauth.FusionAuthTenantEventConfigurationArgs(
                enabled=False,
                event="group.create",
                transaction_type="None",
            ),
            fusionauth.FusionAuthTenantEventConfigurationArgs(
                enabled=False,
                event="group.create.complete",
                transaction_type="None",
            ),
            fusionauth.FusionAuthTenantEventConfigurationArgs(
                enabled=False,
                event="group.delete",
                transaction_type="None",
            ),
            fusionauth.FusionAuthTenantEventConfigurationArgs(
                enabled=False,
                event="group.delete.complete",
                transaction_type="None",
            ),
            fusionauth.FusionAuthTenantEventConfigurationArgs(
                enabled=False,
                event="group.member.add",
                transaction_type="None",
            ),
            fusionauth.FusionAuthTenantEventConfigurationArgs(
                enabled=False,
                event="group.member.add.complete",
                transaction_type="None",
            ),
            fusionauth.FusionAuthTenantEventConfigurationArgs(
                enabled=False,
                event="group.member.remove",
                transaction_type="None",
            ),
            fusionauth.FusionAuthTenantEventConfigurationArgs(
                enabled=False,
                event="group.member.remove.complete",
                transaction_type="None",
            ),
            fusionauth.FusionAuthTenantEventConfigurationArgs(
                enabled=False,
                event="group.member.update",
                transaction_type="None",
            ),
            fusionauth.FusionAuthTenantEventConfigurationArgs(
                enabled=False,
                event="group.member.update.complete",
                transaction_type="None",
            ),
            fusionauth.FusionAuthTenantEventConfigurationArgs(
                enabled=False,
                event="group.update",
                transaction_type="None",
            ),
            fusionauth.FusionAuthTenantEventConfigurationArgs(
                enabled=False,
                event="group.update.complete",
                transaction_type="None",
            ),
            fusionauth.FusionAuthTenantEventConfigurationArgs(
                enabled=False,
                event="user.action",
                transaction_type="None",
            ),
            fusionauth.FusionAuthTenantEventConfigurationArgs(
                event="user.bulk.create",
                enabled=False,
                transaction_type="None",
            ),
            fusionauth.FusionAuthTenantEventConfigurationArgs(
                enabled=False,
                event="user.create",
                transaction_type="None",
            ),
            fusionauth.FusionAuthTenantEventConfigurationArgs(
                enabled=False,
                event="user.create.complete",
                transaction_type="None",
            ),
            fusionauth.FusionAuthTenantEventConfigurationArgs(
                enabled=False,
                event="user.deactivate",
                transaction_type="None",
            ),
            fusionauth.FusionAuthTenantEventConfigurationArgs(
                enabled=False,
                event="user.delete",
                transaction_type="None",
            ),
            fusionauth.FusionAuthTenantEventConfigurationArgs(
                enabled=False,
                event="user.delete.complete",
                transaction_type="None",
            ),
            fusionauth.FusionAuthTenantEventConfigurationArgs(
                enabled=False,
                event="user.email.update",
                transaction_type="None",
            ),
            fusionauth.FusionAuthTenantEventConfigurationArgs(
                enabled=False,
                event="user.email.verified",
                transaction_type="None",
            ),
            fusionauth.FusionAuthTenantEventConfigurationArgs(
                enabled=False,
                event="user.identity-provider.link",
                transaction_type="None",
            ),
            fusionauth.FusionAuthTenantEventConfigurationArgs(
                enabled=False,
                event="user.identity-provider.unlink",
                transaction_type="None",
            ),
            fusionauth.FusionAuthTenantEventConfigurationArgs(
                enabled=False,
                event="user.loginId.duplicate.create",
                transaction_type="None",
            ),
            fusionauth.FusionAuthTenantEventConfigurationArgs(
                enabled=False,
                event="user.loginId.duplicate.update",
                transaction_type="None",
            ),
            fusionauth.FusionAuthTenantEventConfigurationArgs(
                enabled=False,
                event="user.login.failed",
                transaction_type="None",
            ),
            fusionauth.FusionAuthTenantEventConfigurationArgs(
                enabled=False,
                event="user.login.new-device",
                transaction_type="None",
            ),
            fusionauth.FusionAuthTenantEventConfigurationArgs(
                enabled=False,
                event="user.login.success",
                transaction_type="None",
            ),
            fusionauth.FusionAuthTenantEventConfigurationArgs(
                enabled=False,
                event="user.login.suspicious",
                transaction_type="None",
            ),
            fusionauth.FusionAuthTenantEventConfigurationArgs(
                enabled=False,
                event="user.password.breach",
                transaction_type="None",
            ),
            fusionauth.FusionAuthTenantEventConfigurationArgs(
                enabled=False,
                event="user.password.reset.send",
                transaction_type="None",
            ),
            fusionauth.FusionAuthTenantEventConfigurationArgs(
                enabled=False,
                event="user.password.reset.start",
                transaction_type="None",
            ),
            fusionauth.FusionAuthTenantEventConfigurationArgs(
                enabled=False,
                event="user.password.reset.success",
                transaction_type="None",
            ),
            fusionauth.FusionAuthTenantEventConfigurationArgs(
                enabled=False,
                event="user.password.update",
                transaction_type="None",
            ),
            fusionauth.FusionAuthTenantEventConfigurationArgs(
                enabled=False,
                event="user.reactivate",
                transaction_type="None",
            ),
            fusionauth.FusionAuthTenantEventConfigurationArgs(
                enabled=False,
                event="user.registration.create",
                transaction_type="None",
            ),
            fusionauth.FusionAuthTenantEventConfigurationArgs(
                enabled=False,
                event="user.registration.create.complete",
                transaction_type="None",
            ),
            fusionauth.FusionAuthTenantEventConfigurationArgs(
                enabled=False,
                event="user.registration.delete",
                transaction_type="None",
            ),
            fusionauth.FusionAuthTenantEventConfigurationArgs(
                enabled=False,
                event="user.registration.delete.complete",
                transaction_type="None",
            ),
            fusionauth.FusionAuthTenantEventConfigurationArgs(
                enabled=False,
                event="user.registration.update",
                transaction_type="None",
            ),
            fusionauth.FusionAuthTenantEventConfigurationArgs(
                enabled=False,
                event="user.registration.update.complete",
                transaction_type="None",
            ),
            fusionauth.FusionAuthTenantEventConfigurationArgs(
                enabled=False,
                event="user.registration.verified",
                transaction_type="None",
            ),
            fusionauth.FusionAuthTenantEventConfigurationArgs(
                enabled=False,
                event="user.two-factor.method.add",
                transaction_type="None",
            ),
            fusionauth.FusionAuthTenantEventConfigurationArgs(
                enabled=False,
                event="user.two-factor.method.remove",
                transaction_type="None",
            ),
            fusionauth.FusionAuthTenantEventConfigurationArgs(
                enabled=False,
                event="user.update",
                transaction_type="None",
            ),
            fusionauth.FusionAuthTenantEventConfigurationArgs(
                enabled=False,
                event="user.update.complete",
                transaction_type="None",
            ),
        ],
        external_identifier_configuration=fusionauth.FusionAuthTenantExternalIdentifierConfigurationArgs(
            authorization_grant_id_time_to_live_in_seconds=30,
            change_password_id_generator=fusionauth.FusionAuthTenantExternalIdentifierConfigurationChangePasswordIdGeneratorArgs(
                length=32,
                type="randomBytes",
            ),
            change_password_id_time_to_live_in_seconds=600,
            device_code_time_to_live_in_seconds=1800,
            device_user_code_id_generator=fusionauth.FusionAuthTenantExternalIdentifierConfigurationDeviceUserCodeIdGeneratorArgs(
                length=6,
                type="randomAlphaNumeric",
            ),
            email_verification_id_generator=fusionauth.FusionAuthTenantExternalIdentifierConfigurationEmailVerificationIdGeneratorArgs(
                length=32,
                type="randomBytes",
            ),
            email_verification_id_time_to_live_in_seconds=86400,
            email_verification_one_time_code_generator=fusionauth.FusionAuthTenantExternalIdentifierConfigurationEmailVerificationOneTimeCodeGeneratorArgs(
                length=6,
                type="randomAlphaNumeric",
            ),
            external_authentication_id_time_to_live_in_seconds=300,
            login_intent_time_to_live_in_seconds=1800,
            one_time_password_time_to_live_in_seconds=60,
            passwordless_login_generator=fusionauth.FusionAuthTenantExternalIdentifierConfigurationPasswordlessLoginGeneratorArgs(
                length=32,
                type="randomBytes",
            ),
            passwordless_login_time_to_live_in_seconds=600,
            registration_verification_id_generator=fusionauth.FusionAuthTenantExternalIdentifierConfigurationRegistrationVerificationIdGeneratorArgs(
                length=32,
                type="randomBytes",
            ),
            registration_verification_id_time_to_live_in_seconds=86400,
            registration_verification_one_time_code_generator=fusionauth.FusionAuthTenantExternalIdentifierConfigurationRegistrationVerificationOneTimeCodeGeneratorArgs(
                length=6,
                type="randomAlphaNumeric",
            ),
            saml_v2_authn_request_id_ttl_seconds=300,
            setup_password_id_generator=fusionauth.FusionAuthTenantExternalIdentifierConfigurationSetupPasswordIdGeneratorArgs(
                length=32,
                type="randomBytes",
            ),
            setup_password_id_time_to_live_in_seconds=86400,
            two_factor_id_time_to_live_in_seconds=300,
            two_factor_one_time_code_id_generator=fusionauth.FusionAuthTenantExternalIdentifierConfigurationTwoFactorOneTimeCodeIdGeneratorArgs(
                length=6,
                type="randomDigits",
            ),
            two_factor_one_time_code_id_time_to_live_in_seconds=60,
            two_factor_trust_id_time_to_live_in_seconds=2592000,
        ),
        failed_authentication_configuration=fusionauth.FusionAuthTenantFailedAuthenticationConfigurationArgs(
            action_duration=3,
            action_duration_unit="MINUTES",
            reset_count_in_seconds=60,
            too_many_attempts=5,
        ),
        family_configuration=fusionauth.FusionAuthTenantFamilyConfigurationArgs(
            allow_child_registrations=True,
            delete_orphaned_accounts=False,
            delete_orphaned_accounts_days=30,
            enabled=True,
            maximum_child_age=12,
            minimum_owner_age=21,
            parent_email_required=False,
        ),
        form_configuration=fusionauth.FusionAuthTenantFormConfigurationArgs(
            admin_user_form_id="e92751a5-25f4-4bca-ad91-66cdf67725d2",
        ),
        http_session_max_inactive_interval=3600,
        issuer="https://example.com",
        jwt_configurations=[fusionauth.FusionAuthTenantJwtConfigurationArgs(
            access_token_key_id=fusionauth_key["accesstoken"]["id"],
            id_token_key_id=fusionauth_key["idtoken"]["id"],
            refresh_token_time_to_live_in_minutes=43200,
            time_to_live_in_seconds=3600,
        )],
        login_configuration=fusionauth.FusionAuthTenantLoginConfigurationArgs(
            require_authentication=True,
        ),
        maximum_password_age=fusionauth.FusionAuthTenantMaximumPasswordAgeArgs(
            days=180,
            enabled=False,
        ),
        minimum_password_age=fusionauth.FusionAuthTenantMinimumPasswordAgeArgs(
            enabled=False,
            seconds=30,
        ),
        oauth_configurations=[fusionauth.FusionAuthTenantOauthConfigurationArgs(
            client_credentials_access_token_populate_lambda_id=fusionauth_lambda["client_jwt_populate"]["id"],
        )],
        password_encryption_configurations=[fusionauth.FusionAuthTenantPasswordEncryptionConfigurationArgs(
            encryption_scheme="salted-pbkdf2-hmac-sha256",
            encryption_scheme_factor=24000,
            modify_encryption_scheme_on_login=False,
        )],
        password_validation_rules=fusionauth.FusionAuthTenantPasswordValidationRulesArgs(
            max_length=256,
            min_length=7,
            remember_previous_passwords=fusionauth.FusionAuthTenantPasswordValidationRulesRememberPreviousPasswordsArgs(
                count=1,
                enabled=False,
            ),
            required_mixed_case=False,
            require_non_alpha=False,
            require_number=False,
            validate_on_login=False,
        ),
        rate_limit_configuration=fusionauth.FusionAuthTenantRateLimitConfigurationArgs(
            failed_login=fusionauth.FusionAuthTenantRateLimitConfigurationFailedLoginArgs(
                enabled=True,
                limit=5,
                time_period_in_seconds=60,
            ),
            forgot_password=fusionauth.FusionAuthTenantRateLimitConfigurationForgotPasswordArgs(
                enabled=False,
                limit=5,
                time_period_in_seconds=60,
            ),
            send_email_verification=fusionauth.FusionAuthTenantRateLimitConfigurationSendEmailVerificationArgs(
                enabled=False,
                limit=5,
                time_period_in_seconds=60,
            ),
            send_passwordless=fusionauth.FusionAuthTenantRateLimitConfigurationSendPasswordlessArgs(
                enabled=False,
                limit=5,
                time_period_in_seconds=60,
            ),
            send_registration_verification=fusionauth.FusionAuthTenantRateLimitConfigurationSendRegistrationVerificationArgs(
                enabled=False,
                limit=5,
                time_period_in_seconds=60,
            ),
            send_two_factor=fusionauth.FusionAuthTenantRateLimitConfigurationSendTwoFactorArgs(
                enabled=False,
                limit=5,
                time_period_in_seconds=60,
            ),
        ),
        registration_configuration=fusionauth.FusionAuthTenantRegistrationConfigurationArgs(
            blocked_domains=["example.com"],
        ),
        captcha_configuration=fusionauth.FusionAuthTenantCaptchaConfigurationArgs(
            enabled=True,
            captcha_method="GoogleRecaptchaV3",
            site_key="captcha_site_key",
            secret_key="captcha_secret_key",
            threshold=0.5,
        ),
        theme_id=fusionauth_theme["example_theme"]["id"],
        user_delete_policy=fusionauth.FusionAuthTenantUserDeletePolicyArgs(
            unverified_enabled=False,
            unverified_number_of_days_to_retain=30,
        ))
    
    package main
    
    import (
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    	"github.com/theogravity/pulumi-fusionauth/sdk/go/fusionauth"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		_, err := fusionauth.NewFusionAuthTenant(ctx, "example", &fusionauth.FusionAuthTenantArgs{
    			ConnectorPolicies: fusionauth.FusionAuthTenantConnectorPolicyArray{
    				&fusionauth.FusionAuthTenantConnectorPolicyArgs{
    					ConnectorId: pulumi.String("b57b3d0f-f7a4-4831-a838-549717362ea8"),
    					Domains: pulumi.StringArray{
    						pulumi.String("*"),
    					},
    					Migrate: pulumi.Bool(false),
    				},
    			},
    			EmailConfiguration: &fusionauth.FusionAuthTenantEmailConfigurationArgs{
    				ForgotPasswordEmailTemplateId: pulumi.Any(fusionauth_email.ForgotPassword_Example.Id),
    				Host:                          pulumi.String("smtp.sendgrid.net"),
    				Password:                      pulumi.String("password"),
    				PasswordlessEmailTemplateId:   pulumi.Any(fusionauth_email.PasswordlessLogin_Example.Id),
    				Port:                          pulumi.Int(587),
    				Security:                      pulumi.String("TLS"),
    				SetPasswordEmailTemplateId:    pulumi.Any(fusionauth_email.SetupPassword_Example.Id),
    				Username:                      pulumi.String("username"),
    				VerifyEmail:                   pulumi.Bool(true),
    				VerifyEmailWhenChanged:        pulumi.Bool(true),
    				AdditionalHeaders: pulumi.Map{
    					"HeaderName1": pulumi.Any("HeaderValue1"),
    					"HeaderName2": pulumi.Any("HeaderValue2"),
    				},
    			},
    			EventConfigurations: fusionauth.FusionAuthTenantEventConfigurationArray{
    				&fusionauth.FusionAuthTenantEventConfigurationArgs{
    					Enabled:         pulumi.Bool(false),
    					Event:           pulumi.String("jwt.public-key.update"),
    					TransactionType: pulumi.String("None"),
    				},
    				&fusionauth.FusionAuthTenantEventConfigurationArgs{
    					Enabled:         pulumi.Bool(false),
    					Event:           pulumi.String("jwt.refresh-token.revoke"),
    					TransactionType: pulumi.String("None"),
    				},
    				&fusionauth.FusionAuthTenantEventConfigurationArgs{
    					Enabled:         pulumi.Bool(false),
    					Event:           pulumi.String("jwt.refresh"),
    					TransactionType: pulumi.String("None"),
    				},
    				&fusionauth.FusionAuthTenantEventConfigurationArgs{
    					Enabled:         pulumi.Bool(false),
    					Event:           pulumi.String("group.create"),
    					TransactionType: pulumi.String("None"),
    				},
    				&fusionauth.FusionAuthTenantEventConfigurationArgs{
    					Enabled:         pulumi.Bool(false),
    					Event:           pulumi.String("group.create.complete"),
    					TransactionType: pulumi.String("None"),
    				},
    				&fusionauth.FusionAuthTenantEventConfigurationArgs{
    					Enabled:         pulumi.Bool(false),
    					Event:           pulumi.String("group.delete"),
    					TransactionType: pulumi.String("None"),
    				},
    				&fusionauth.FusionAuthTenantEventConfigurationArgs{
    					Enabled:         pulumi.Bool(false),
    					Event:           pulumi.String("group.delete.complete"),
    					TransactionType: pulumi.String("None"),
    				},
    				&fusionauth.FusionAuthTenantEventConfigurationArgs{
    					Enabled:         pulumi.Bool(false),
    					Event:           pulumi.String("group.member.add"),
    					TransactionType: pulumi.String("None"),
    				},
    				&fusionauth.FusionAuthTenantEventConfigurationArgs{
    					Enabled:         pulumi.Bool(false),
    					Event:           pulumi.String("group.member.add.complete"),
    					TransactionType: pulumi.String("None"),
    				},
    				&fusionauth.FusionAuthTenantEventConfigurationArgs{
    					Enabled:         pulumi.Bool(false),
    					Event:           pulumi.String("group.member.remove"),
    					TransactionType: pulumi.String("None"),
    				},
    				&fusionauth.FusionAuthTenantEventConfigurationArgs{
    					Enabled:         pulumi.Bool(false),
    					Event:           pulumi.String("group.member.remove.complete"),
    					TransactionType: pulumi.String("None"),
    				},
    				&fusionauth.FusionAuthTenantEventConfigurationArgs{
    					Enabled:         pulumi.Bool(false),
    					Event:           pulumi.String("group.member.update"),
    					TransactionType: pulumi.String("None"),
    				},
    				&fusionauth.FusionAuthTenantEventConfigurationArgs{
    					Enabled:         pulumi.Bool(false),
    					Event:           pulumi.String("group.member.update.complete"),
    					TransactionType: pulumi.String("None"),
    				},
    				&fusionauth.FusionAuthTenantEventConfigurationArgs{
    					Enabled:         pulumi.Bool(false),
    					Event:           pulumi.String("group.update"),
    					TransactionType: pulumi.String("None"),
    				},
    				&fusionauth.FusionAuthTenantEventConfigurationArgs{
    					Enabled:         pulumi.Bool(false),
    					Event:           pulumi.String("group.update.complete"),
    					TransactionType: pulumi.String("None"),
    				},
    				&fusionauth.FusionAuthTenantEventConfigurationArgs{
    					Enabled:         pulumi.Bool(false),
    					Event:           pulumi.String("user.action"),
    					TransactionType: pulumi.String("None"),
    				},
    				&fusionauth.FusionAuthTenantEventConfigurationArgs{
    					Event:           pulumi.String("user.bulk.create"),
    					Enabled:         pulumi.Bool(false),
    					TransactionType: pulumi.String("None"),
    				},
    				&fusionauth.FusionAuthTenantEventConfigurationArgs{
    					Enabled:         pulumi.Bool(false),
    					Event:           pulumi.String("user.create"),
    					TransactionType: pulumi.String("None"),
    				},
    				&fusionauth.FusionAuthTenantEventConfigurationArgs{
    					Enabled:         pulumi.Bool(false),
    					Event:           pulumi.String("user.create.complete"),
    					TransactionType: pulumi.String("None"),
    				},
    				&fusionauth.FusionAuthTenantEventConfigurationArgs{
    					Enabled:         pulumi.Bool(false),
    					Event:           pulumi.String("user.deactivate"),
    					TransactionType: pulumi.String("None"),
    				},
    				&fusionauth.FusionAuthTenantEventConfigurationArgs{
    					Enabled:         pulumi.Bool(false),
    					Event:           pulumi.String("user.delete"),
    					TransactionType: pulumi.String("None"),
    				},
    				&fusionauth.FusionAuthTenantEventConfigurationArgs{
    					Enabled:         pulumi.Bool(false),
    					Event:           pulumi.String("user.delete.complete"),
    					TransactionType: pulumi.String("None"),
    				},
    				&fusionauth.FusionAuthTenantEventConfigurationArgs{
    					Enabled:         pulumi.Bool(false),
    					Event:           pulumi.String("user.email.update"),
    					TransactionType: pulumi.String("None"),
    				},
    				&fusionauth.FusionAuthTenantEventConfigurationArgs{
    					Enabled:         pulumi.Bool(false),
    					Event:           pulumi.String("user.email.verified"),
    					TransactionType: pulumi.String("None"),
    				},
    				&fusionauth.FusionAuthTenantEventConfigurationArgs{
    					Enabled:         pulumi.Bool(false),
    					Event:           pulumi.String("user.identity-provider.link"),
    					TransactionType: pulumi.String("None"),
    				},
    				&fusionauth.FusionAuthTenantEventConfigurationArgs{
    					Enabled:         pulumi.Bool(false),
    					Event:           pulumi.String("user.identity-provider.unlink"),
    					TransactionType: pulumi.String("None"),
    				},
    				&fusionauth.FusionAuthTenantEventConfigurationArgs{
    					Enabled:         pulumi.Bool(false),
    					Event:           pulumi.String("user.loginId.duplicate.create"),
    					TransactionType: pulumi.String("None"),
    				},
    				&fusionauth.FusionAuthTenantEventConfigurationArgs{
    					Enabled:         pulumi.Bool(false),
    					Event:           pulumi.String("user.loginId.duplicate.update"),
    					TransactionType: pulumi.String("None"),
    				},
    				&fusionauth.FusionAuthTenantEventConfigurationArgs{
    					Enabled:         pulumi.Bool(false),
    					Event:           pulumi.String("user.login.failed"),
    					TransactionType: pulumi.String("None"),
    				},
    				&fusionauth.FusionAuthTenantEventConfigurationArgs{
    					Enabled:         pulumi.Bool(false),
    					Event:           pulumi.String("user.login.new-device"),
    					TransactionType: pulumi.String("None"),
    				},
    				&fusionauth.FusionAuthTenantEventConfigurationArgs{
    					Enabled:         pulumi.Bool(false),
    					Event:           pulumi.String("user.login.success"),
    					TransactionType: pulumi.String("None"),
    				},
    				&fusionauth.FusionAuthTenantEventConfigurationArgs{
    					Enabled:         pulumi.Bool(false),
    					Event:           pulumi.String("user.login.suspicious"),
    					TransactionType: pulumi.String("None"),
    				},
    				&fusionauth.FusionAuthTenantEventConfigurationArgs{
    					Enabled:         pulumi.Bool(false),
    					Event:           pulumi.String("user.password.breach"),
    					TransactionType: pulumi.String("None"),
    				},
    				&fusionauth.FusionAuthTenantEventConfigurationArgs{
    					Enabled:         pulumi.Bool(false),
    					Event:           pulumi.String("user.password.reset.send"),
    					TransactionType: pulumi.String("None"),
    				},
    				&fusionauth.FusionAuthTenantEventConfigurationArgs{
    					Enabled:         pulumi.Bool(false),
    					Event:           pulumi.String("user.password.reset.start"),
    					TransactionType: pulumi.String("None"),
    				},
    				&fusionauth.FusionAuthTenantEventConfigurationArgs{
    					Enabled:         pulumi.Bool(false),
    					Event:           pulumi.String("user.password.reset.success"),
    					TransactionType: pulumi.String("None"),
    				},
    				&fusionauth.FusionAuthTenantEventConfigurationArgs{
    					Enabled:         pulumi.Bool(false),
    					Event:           pulumi.String("user.password.update"),
    					TransactionType: pulumi.String("None"),
    				},
    				&fusionauth.FusionAuthTenantEventConfigurationArgs{
    					Enabled:         pulumi.Bool(false),
    					Event:           pulumi.String("user.reactivate"),
    					TransactionType: pulumi.String("None"),
    				},
    				&fusionauth.FusionAuthTenantEventConfigurationArgs{
    					Enabled:         pulumi.Bool(false),
    					Event:           pulumi.String("user.registration.create"),
    					TransactionType: pulumi.String("None"),
    				},
    				&fusionauth.FusionAuthTenantEventConfigurationArgs{
    					Enabled:         pulumi.Bool(false),
    					Event:           pulumi.String("user.registration.create.complete"),
    					TransactionType: pulumi.String("None"),
    				},
    				&fusionauth.FusionAuthTenantEventConfigurationArgs{
    					Enabled:         pulumi.Bool(false),
    					Event:           pulumi.String("user.registration.delete"),
    					TransactionType: pulumi.String("None"),
    				},
    				&fusionauth.FusionAuthTenantEventConfigurationArgs{
    					Enabled:         pulumi.Bool(false),
    					Event:           pulumi.String("user.registration.delete.complete"),
    					TransactionType: pulumi.String("None"),
    				},
    				&fusionauth.FusionAuthTenantEventConfigurationArgs{
    					Enabled:         pulumi.Bool(false),
    					Event:           pulumi.String("user.registration.update"),
    					TransactionType: pulumi.String("None"),
    				},
    				&fusionauth.FusionAuthTenantEventConfigurationArgs{
    					Enabled:         pulumi.Bool(false),
    					Event:           pulumi.String("user.registration.update.complete"),
    					TransactionType: pulumi.String("None"),
    				},
    				&fusionauth.FusionAuthTenantEventConfigurationArgs{
    					Enabled:         pulumi.Bool(false),
    					Event:           pulumi.String("user.registration.verified"),
    					TransactionType: pulumi.String("None"),
    				},
    				&fusionauth.FusionAuthTenantEventConfigurationArgs{
    					Enabled:         pulumi.Bool(false),
    					Event:           pulumi.String("user.two-factor.method.add"),
    					TransactionType: pulumi.String("None"),
    				},
    				&fusionauth.FusionAuthTenantEventConfigurationArgs{
    					Enabled:         pulumi.Bool(false),
    					Event:           pulumi.String("user.two-factor.method.remove"),
    					TransactionType: pulumi.String("None"),
    				},
    				&fusionauth.FusionAuthTenantEventConfigurationArgs{
    					Enabled:         pulumi.Bool(false),
    					Event:           pulumi.String("user.update"),
    					TransactionType: pulumi.String("None"),
    				},
    				&fusionauth.FusionAuthTenantEventConfigurationArgs{
    					Enabled:         pulumi.Bool(false),
    					Event:           pulumi.String("user.update.complete"),
    					TransactionType: pulumi.String("None"),
    				},
    			},
    			ExternalIdentifierConfiguration: &fusionauth.FusionAuthTenantExternalIdentifierConfigurationArgs{
    				AuthorizationGrantIdTimeToLiveInSeconds: pulumi.Int(30),
    				ChangePasswordIdGenerator: &fusionauth.FusionAuthTenantExternalIdentifierConfigurationChangePasswordIdGeneratorArgs{
    					Length: pulumi.Int(32),
    					Type:   pulumi.String("randomBytes"),
    				},
    				ChangePasswordIdTimeToLiveInSeconds: pulumi.Int(600),
    				DeviceCodeTimeToLiveInSeconds:       pulumi.Int(1800),
    				DeviceUserCodeIdGenerator: &fusionauth.FusionAuthTenantExternalIdentifierConfigurationDeviceUserCodeIdGeneratorArgs{
    					Length: pulumi.Int(6),
    					Type:   pulumi.String("randomAlphaNumeric"),
    				},
    				EmailVerificationIdGenerator: &fusionauth.FusionAuthTenantExternalIdentifierConfigurationEmailVerificationIdGeneratorArgs{
    					Length: pulumi.Int(32),
    					Type:   pulumi.String("randomBytes"),
    				},
    				EmailVerificationIdTimeToLiveInSeconds: pulumi.Int(86400),
    				EmailVerificationOneTimeCodeGenerator: &fusionauth.FusionAuthTenantExternalIdentifierConfigurationEmailVerificationOneTimeCodeGeneratorArgs{
    					Length: pulumi.Int(6),
    					Type:   pulumi.String("randomAlphaNumeric"),
    				},
    				ExternalAuthenticationIdTimeToLiveInSeconds: pulumi.Int(300),
    				LoginIntentTimeToLiveInSeconds:              pulumi.Int(1800),
    				OneTimePasswordTimeToLiveInSeconds:          pulumi.Int(60),
    				PasswordlessLoginGenerator: &fusionauth.FusionAuthTenantExternalIdentifierConfigurationPasswordlessLoginGeneratorArgs{
    					Length: pulumi.Int(32),
    					Type:   pulumi.String("randomBytes"),
    				},
    				PasswordlessLoginTimeToLiveInSeconds: pulumi.Int(600),
    				RegistrationVerificationIdGenerator: &fusionauth.FusionAuthTenantExternalIdentifierConfigurationRegistrationVerificationIdGeneratorArgs{
    					Length: pulumi.Int(32),
    					Type:   pulumi.String("randomBytes"),
    				},
    				RegistrationVerificationIdTimeToLiveInSeconds: pulumi.Int(86400),
    				RegistrationVerificationOneTimeCodeGenerator: &fusionauth.FusionAuthTenantExternalIdentifierConfigurationRegistrationVerificationOneTimeCodeGeneratorArgs{
    					Length: pulumi.Int(6),
    					Type:   pulumi.String("randomAlphaNumeric"),
    				},
    				SamlV2AuthnRequestIdTtlSeconds: pulumi.Int(300),
    				SetupPasswordIdGenerator: &fusionauth.FusionAuthTenantExternalIdentifierConfigurationSetupPasswordIdGeneratorArgs{
    					Length: pulumi.Int(32),
    					Type:   pulumi.String("randomBytes"),
    				},
    				SetupPasswordIdTimeToLiveInSeconds: pulumi.Int(86400),
    				TwoFactorIdTimeToLiveInSeconds:     pulumi.Int(300),
    				TwoFactorOneTimeCodeIdGenerator: &fusionauth.FusionAuthTenantExternalIdentifierConfigurationTwoFactorOneTimeCodeIdGeneratorArgs{
    					Length: pulumi.Int(6),
    					Type:   pulumi.String("randomDigits"),
    				},
    				TwoFactorOneTimeCodeIdTimeToLiveInSeconds: pulumi.Int(60),
    				TwoFactorTrustIdTimeToLiveInSeconds:       pulumi.Int(2592000),
    			},
    			FailedAuthenticationConfiguration: &fusionauth.FusionAuthTenantFailedAuthenticationConfigurationArgs{
    				ActionDuration:      pulumi.Int(3),
    				ActionDurationUnit:  pulumi.String("MINUTES"),
    				ResetCountInSeconds: pulumi.Int(60),
    				TooManyAttempts:     pulumi.Int(5),
    			},
    			FamilyConfiguration: &fusionauth.FusionAuthTenantFamilyConfigurationArgs{
    				AllowChildRegistrations:    pulumi.Bool(true),
    				DeleteOrphanedAccounts:     pulumi.Bool(false),
    				DeleteOrphanedAccountsDays: pulumi.Int(30),
    				Enabled:                    pulumi.Bool(true),
    				MaximumChildAge:            pulumi.Int(12),
    				MinimumOwnerAge:            pulumi.Int(21),
    				ParentEmailRequired:        pulumi.Bool(false),
    			},
    			FormConfiguration: &fusionauth.FusionAuthTenantFormConfigurationArgs{
    				AdminUserFormId: pulumi.String("e92751a5-25f4-4bca-ad91-66cdf67725d2"),
    			},
    			HttpSessionMaxInactiveInterval: pulumi.Int(3600),
    			Issuer:                         pulumi.String("https://example.com"),
    			JwtConfigurations: fusionauth.FusionAuthTenantJwtConfigurationArray{
    				&fusionauth.FusionAuthTenantJwtConfigurationArgs{
    					AccessTokenKeyId:                pulumi.Any(fusionauth_key.Accesstoken.Id),
    					IdTokenKeyId:                    pulumi.Any(fusionauth_key.Idtoken.Id),
    					RefreshTokenTimeToLiveInMinutes: pulumi.Int(43200),
    					TimeToLiveInSeconds:             pulumi.Int(3600),
    				},
    			},
    			LoginConfiguration: &fusionauth.FusionAuthTenantLoginConfigurationArgs{
    				RequireAuthentication: pulumi.Bool(true),
    			},
    			MaximumPasswordAge: &fusionauth.FusionAuthTenantMaximumPasswordAgeArgs{
    				Days:    pulumi.Int(180),
    				Enabled: pulumi.Bool(false),
    			},
    			MinimumPasswordAge: &fusionauth.FusionAuthTenantMinimumPasswordAgeArgs{
    				Enabled: pulumi.Bool(false),
    				Seconds: pulumi.Int(30),
    			},
    			OauthConfigurations: fusionauth.FusionAuthTenantOauthConfigurationArray{
    				&fusionauth.FusionAuthTenantOauthConfigurationArgs{
    					ClientCredentialsAccessTokenPopulateLambdaId: pulumi.Any(fusionauth_lambda.Client_jwt_populate.Id),
    				},
    			},
    			PasswordEncryptionConfigurations: fusionauth.FusionAuthTenantPasswordEncryptionConfigurationArray{
    				&fusionauth.FusionAuthTenantPasswordEncryptionConfigurationArgs{
    					EncryptionScheme:              pulumi.String("salted-pbkdf2-hmac-sha256"),
    					EncryptionSchemeFactor:        pulumi.Int(24000),
    					ModifyEncryptionSchemeOnLogin: pulumi.Bool(false),
    				},
    			},
    			PasswordValidationRules: &fusionauth.FusionAuthTenantPasswordValidationRulesArgs{
    				MaxLength: pulumi.Int(256),
    				MinLength: pulumi.Int(7),
    				RememberPreviousPasswords: &fusionauth.FusionAuthTenantPasswordValidationRulesRememberPreviousPasswordsArgs{
    					Count:   pulumi.Int(1),
    					Enabled: pulumi.Bool(false),
    				},
    				RequiredMixedCase: pulumi.Bool(false),
    				RequireNonAlpha:   pulumi.Bool(false),
    				RequireNumber:     pulumi.Bool(false),
    				ValidateOnLogin:   pulumi.Bool(false),
    			},
    			RateLimitConfiguration: &fusionauth.FusionAuthTenantRateLimitConfigurationArgs{
    				FailedLogin: &fusionauth.FusionAuthTenantRateLimitConfigurationFailedLoginArgs{
    					Enabled:             pulumi.Bool(true),
    					Limit:               pulumi.Int(5),
    					TimePeriodInSeconds: pulumi.Int(60),
    				},
    				ForgotPassword: &fusionauth.FusionAuthTenantRateLimitConfigurationForgotPasswordArgs{
    					Enabled:             pulumi.Bool(false),
    					Limit:               pulumi.Int(5),
    					TimePeriodInSeconds: pulumi.Int(60),
    				},
    				SendEmailVerification: &fusionauth.FusionAuthTenantRateLimitConfigurationSendEmailVerificationArgs{
    					Enabled:             pulumi.Bool(false),
    					Limit:               pulumi.Int(5),
    					TimePeriodInSeconds: pulumi.Int(60),
    				},
    				SendPasswordless: &fusionauth.FusionAuthTenantRateLimitConfigurationSendPasswordlessArgs{
    					Enabled:             pulumi.Bool(false),
    					Limit:               pulumi.Int(5),
    					TimePeriodInSeconds: pulumi.Int(60),
    				},
    				SendRegistrationVerification: &fusionauth.FusionAuthTenantRateLimitConfigurationSendRegistrationVerificationArgs{
    					Enabled:             pulumi.Bool(false),
    					Limit:               pulumi.Int(5),
    					TimePeriodInSeconds: pulumi.Int(60),
    				},
    				SendTwoFactor: &fusionauth.FusionAuthTenantRateLimitConfigurationSendTwoFactorArgs{
    					Enabled:             pulumi.Bool(false),
    					Limit:               pulumi.Int(5),
    					TimePeriodInSeconds: pulumi.Int(60),
    				},
    			},
    			RegistrationConfiguration: &fusionauth.FusionAuthTenantRegistrationConfigurationArgs{
    				BlockedDomains: pulumi.StringArray{
    					pulumi.String("example.com"),
    				},
    			},
    			CaptchaConfiguration: &fusionauth.FusionAuthTenantCaptchaConfigurationArgs{
    				Enabled:       pulumi.Bool(true),
    				CaptchaMethod: pulumi.String("GoogleRecaptchaV3"),
    				SiteKey:       pulumi.String("captcha_site_key"),
    				SecretKey:     pulumi.String("captcha_secret_key"),
    				Threshold:     pulumi.Float64(0.5),
    			},
    			ThemeId: pulumi.Any(fusionauth_theme.Example_theme.Id),
    			UserDeletePolicy: &fusionauth.FusionAuthTenantUserDeletePolicyArgs{
    				UnverifiedEnabled:              pulumi.Bool(false),
    				UnverifiedNumberOfDaysToRetain: pulumi.Int(30),
    			},
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Fusionauth = theogravity.Fusionauth;
    
    return await Deployment.RunAsync(() => 
    {
        var example = new Fusionauth.FusionAuthTenant("example", new()
        {
            ConnectorPolicies = new[]
            {
                new Fusionauth.Inputs.FusionAuthTenantConnectorPolicyArgs
                {
                    ConnectorId = "b57b3d0f-f7a4-4831-a838-549717362ea8",
                    Domains = new[]
                    {
                        "*",
                    },
                    Migrate = false,
                },
            },
            EmailConfiguration = new Fusionauth.Inputs.FusionAuthTenantEmailConfigurationArgs
            {
                ForgotPasswordEmailTemplateId = fusionauth_email.ForgotPassword_Example.Id,
                Host = "smtp.sendgrid.net",
                Password = "password",
                PasswordlessEmailTemplateId = fusionauth_email.PasswordlessLogin_Example.Id,
                Port = 587,
                Security = "TLS",
                SetPasswordEmailTemplateId = fusionauth_email.SetupPassword_Example.Id,
                Username = "username",
                VerifyEmail = true,
                VerifyEmailWhenChanged = true,
                AdditionalHeaders = 
                {
                    { "HeaderName1", "HeaderValue1" },
                    { "HeaderName2", "HeaderValue2" },
                },
            },
            EventConfigurations = new[]
            {
                new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
                {
                    Enabled = false,
                    Event = "jwt.public-key.update",
                    TransactionType = "None",
                },
                new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
                {
                    Enabled = false,
                    Event = "jwt.refresh-token.revoke",
                    TransactionType = "None",
                },
                new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
                {
                    Enabled = false,
                    Event = "jwt.refresh",
                    TransactionType = "None",
                },
                new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
                {
                    Enabled = false,
                    Event = "group.create",
                    TransactionType = "None",
                },
                new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
                {
                    Enabled = false,
                    Event = "group.create.complete",
                    TransactionType = "None",
                },
                new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
                {
                    Enabled = false,
                    Event = "group.delete",
                    TransactionType = "None",
                },
                new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
                {
                    Enabled = false,
                    Event = "group.delete.complete",
                    TransactionType = "None",
                },
                new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
                {
                    Enabled = false,
                    Event = "group.member.add",
                    TransactionType = "None",
                },
                new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
                {
                    Enabled = false,
                    Event = "group.member.add.complete",
                    TransactionType = "None",
                },
                new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
                {
                    Enabled = false,
                    Event = "group.member.remove",
                    TransactionType = "None",
                },
                new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
                {
                    Enabled = false,
                    Event = "group.member.remove.complete",
                    TransactionType = "None",
                },
                new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
                {
                    Enabled = false,
                    Event = "group.member.update",
                    TransactionType = "None",
                },
                new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
                {
                    Enabled = false,
                    Event = "group.member.update.complete",
                    TransactionType = "None",
                },
                new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
                {
                    Enabled = false,
                    Event = "group.update",
                    TransactionType = "None",
                },
                new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
                {
                    Enabled = false,
                    Event = "group.update.complete",
                    TransactionType = "None",
                },
                new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
                {
                    Enabled = false,
                    Event = "user.action",
                    TransactionType = "None",
                },
                new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
                {
                    Event = "user.bulk.create",
                    Enabled = false,
                    TransactionType = "None",
                },
                new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
                {
                    Enabled = false,
                    Event = "user.create",
                    TransactionType = "None",
                },
                new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
                {
                    Enabled = false,
                    Event = "user.create.complete",
                    TransactionType = "None",
                },
                new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
                {
                    Enabled = false,
                    Event = "user.deactivate",
                    TransactionType = "None",
                },
                new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
                {
                    Enabled = false,
                    Event = "user.delete",
                    TransactionType = "None",
                },
                new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
                {
                    Enabled = false,
                    Event = "user.delete.complete",
                    TransactionType = "None",
                },
                new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
                {
                    Enabled = false,
                    Event = "user.email.update",
                    TransactionType = "None",
                },
                new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
                {
                    Enabled = false,
                    Event = "user.email.verified",
                    TransactionType = "None",
                },
                new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
                {
                    Enabled = false,
                    Event = "user.identity-provider.link",
                    TransactionType = "None",
                },
                new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
                {
                    Enabled = false,
                    Event = "user.identity-provider.unlink",
                    TransactionType = "None",
                },
                new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
                {
                    Enabled = false,
                    Event = "user.loginId.duplicate.create",
                    TransactionType = "None",
                },
                new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
                {
                    Enabled = false,
                    Event = "user.loginId.duplicate.update",
                    TransactionType = "None",
                },
                new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
                {
                    Enabled = false,
                    Event = "user.login.failed",
                    TransactionType = "None",
                },
                new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
                {
                    Enabled = false,
                    Event = "user.login.new-device",
                    TransactionType = "None",
                },
                new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
                {
                    Enabled = false,
                    Event = "user.login.success",
                    TransactionType = "None",
                },
                new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
                {
                    Enabled = false,
                    Event = "user.login.suspicious",
                    TransactionType = "None",
                },
                new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
                {
                    Enabled = false,
                    Event = "user.password.breach",
                    TransactionType = "None",
                },
                new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
                {
                    Enabled = false,
                    Event = "user.password.reset.send",
                    TransactionType = "None",
                },
                new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
                {
                    Enabled = false,
                    Event = "user.password.reset.start",
                    TransactionType = "None",
                },
                new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
                {
                    Enabled = false,
                    Event = "user.password.reset.success",
                    TransactionType = "None",
                },
                new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
                {
                    Enabled = false,
                    Event = "user.password.update",
                    TransactionType = "None",
                },
                new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
                {
                    Enabled = false,
                    Event = "user.reactivate",
                    TransactionType = "None",
                },
                new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
                {
                    Enabled = false,
                    Event = "user.registration.create",
                    TransactionType = "None",
                },
                new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
                {
                    Enabled = false,
                    Event = "user.registration.create.complete",
                    TransactionType = "None",
                },
                new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
                {
                    Enabled = false,
                    Event = "user.registration.delete",
                    TransactionType = "None",
                },
                new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
                {
                    Enabled = false,
                    Event = "user.registration.delete.complete",
                    TransactionType = "None",
                },
                new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
                {
                    Enabled = false,
                    Event = "user.registration.update",
                    TransactionType = "None",
                },
                new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
                {
                    Enabled = false,
                    Event = "user.registration.update.complete",
                    TransactionType = "None",
                },
                new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
                {
                    Enabled = false,
                    Event = "user.registration.verified",
                    TransactionType = "None",
                },
                new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
                {
                    Enabled = false,
                    Event = "user.two-factor.method.add",
                    TransactionType = "None",
                },
                new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
                {
                    Enabled = false,
                    Event = "user.two-factor.method.remove",
                    TransactionType = "None",
                },
                new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
                {
                    Enabled = false,
                    Event = "user.update",
                    TransactionType = "None",
                },
                new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
                {
                    Enabled = false,
                    Event = "user.update.complete",
                    TransactionType = "None",
                },
            },
            ExternalIdentifierConfiguration = new Fusionauth.Inputs.FusionAuthTenantExternalIdentifierConfigurationArgs
            {
                AuthorizationGrantIdTimeToLiveInSeconds = 30,
                ChangePasswordIdGenerator = new Fusionauth.Inputs.FusionAuthTenantExternalIdentifierConfigurationChangePasswordIdGeneratorArgs
                {
                    Length = 32,
                    Type = "randomBytes",
                },
                ChangePasswordIdTimeToLiveInSeconds = 600,
                DeviceCodeTimeToLiveInSeconds = 1800,
                DeviceUserCodeIdGenerator = new Fusionauth.Inputs.FusionAuthTenantExternalIdentifierConfigurationDeviceUserCodeIdGeneratorArgs
                {
                    Length = 6,
                    Type = "randomAlphaNumeric",
                },
                EmailVerificationIdGenerator = new Fusionauth.Inputs.FusionAuthTenantExternalIdentifierConfigurationEmailVerificationIdGeneratorArgs
                {
                    Length = 32,
                    Type = "randomBytes",
                },
                EmailVerificationIdTimeToLiveInSeconds = 86400,
                EmailVerificationOneTimeCodeGenerator = new Fusionauth.Inputs.FusionAuthTenantExternalIdentifierConfigurationEmailVerificationOneTimeCodeGeneratorArgs
                {
                    Length = 6,
                    Type = "randomAlphaNumeric",
                },
                ExternalAuthenticationIdTimeToLiveInSeconds = 300,
                LoginIntentTimeToLiveInSeconds = 1800,
                OneTimePasswordTimeToLiveInSeconds = 60,
                PasswordlessLoginGenerator = new Fusionauth.Inputs.FusionAuthTenantExternalIdentifierConfigurationPasswordlessLoginGeneratorArgs
                {
                    Length = 32,
                    Type = "randomBytes",
                },
                PasswordlessLoginTimeToLiveInSeconds = 600,
                RegistrationVerificationIdGenerator = new Fusionauth.Inputs.FusionAuthTenantExternalIdentifierConfigurationRegistrationVerificationIdGeneratorArgs
                {
                    Length = 32,
                    Type = "randomBytes",
                },
                RegistrationVerificationIdTimeToLiveInSeconds = 86400,
                RegistrationVerificationOneTimeCodeGenerator = new Fusionauth.Inputs.FusionAuthTenantExternalIdentifierConfigurationRegistrationVerificationOneTimeCodeGeneratorArgs
                {
                    Length = 6,
                    Type = "randomAlphaNumeric",
                },
                SamlV2AuthnRequestIdTtlSeconds = 300,
                SetupPasswordIdGenerator = new Fusionauth.Inputs.FusionAuthTenantExternalIdentifierConfigurationSetupPasswordIdGeneratorArgs
                {
                    Length = 32,
                    Type = "randomBytes",
                },
                SetupPasswordIdTimeToLiveInSeconds = 86400,
                TwoFactorIdTimeToLiveInSeconds = 300,
                TwoFactorOneTimeCodeIdGenerator = new Fusionauth.Inputs.FusionAuthTenantExternalIdentifierConfigurationTwoFactorOneTimeCodeIdGeneratorArgs
                {
                    Length = 6,
                    Type = "randomDigits",
                },
                TwoFactorOneTimeCodeIdTimeToLiveInSeconds = 60,
                TwoFactorTrustIdTimeToLiveInSeconds = 2592000,
            },
            FailedAuthenticationConfiguration = new Fusionauth.Inputs.FusionAuthTenantFailedAuthenticationConfigurationArgs
            {
                ActionDuration = 3,
                ActionDurationUnit = "MINUTES",
                ResetCountInSeconds = 60,
                TooManyAttempts = 5,
            },
            FamilyConfiguration = new Fusionauth.Inputs.FusionAuthTenantFamilyConfigurationArgs
            {
                AllowChildRegistrations = true,
                DeleteOrphanedAccounts = false,
                DeleteOrphanedAccountsDays = 30,
                Enabled = true,
                MaximumChildAge = 12,
                MinimumOwnerAge = 21,
                ParentEmailRequired = false,
            },
            FormConfiguration = new Fusionauth.Inputs.FusionAuthTenantFormConfigurationArgs
            {
                AdminUserFormId = "e92751a5-25f4-4bca-ad91-66cdf67725d2",
            },
            HttpSessionMaxInactiveInterval = 3600,
            Issuer = "https://example.com",
            JwtConfigurations = new[]
            {
                new Fusionauth.Inputs.FusionAuthTenantJwtConfigurationArgs
                {
                    AccessTokenKeyId = fusionauth_key.Accesstoken.Id,
                    IdTokenKeyId = fusionauth_key.Idtoken.Id,
                    RefreshTokenTimeToLiveInMinutes = 43200,
                    TimeToLiveInSeconds = 3600,
                },
            },
            LoginConfiguration = new Fusionauth.Inputs.FusionAuthTenantLoginConfigurationArgs
            {
                RequireAuthentication = true,
            },
            MaximumPasswordAge = new Fusionauth.Inputs.FusionAuthTenantMaximumPasswordAgeArgs
            {
                Days = 180,
                Enabled = false,
            },
            MinimumPasswordAge = new Fusionauth.Inputs.FusionAuthTenantMinimumPasswordAgeArgs
            {
                Enabled = false,
                Seconds = 30,
            },
            OauthConfigurations = new[]
            {
                new Fusionauth.Inputs.FusionAuthTenantOauthConfigurationArgs
                {
                    ClientCredentialsAccessTokenPopulateLambdaId = fusionauth_lambda.Client_jwt_populate.Id,
                },
            },
            PasswordEncryptionConfigurations = new[]
            {
                new Fusionauth.Inputs.FusionAuthTenantPasswordEncryptionConfigurationArgs
                {
                    EncryptionScheme = "salted-pbkdf2-hmac-sha256",
                    EncryptionSchemeFactor = 24000,
                    ModifyEncryptionSchemeOnLogin = false,
                },
            },
            PasswordValidationRules = new Fusionauth.Inputs.FusionAuthTenantPasswordValidationRulesArgs
            {
                MaxLength = 256,
                MinLength = 7,
                RememberPreviousPasswords = new Fusionauth.Inputs.FusionAuthTenantPasswordValidationRulesRememberPreviousPasswordsArgs
                {
                    Count = 1,
                    Enabled = false,
                },
                RequiredMixedCase = false,
                RequireNonAlpha = false,
                RequireNumber = false,
                ValidateOnLogin = false,
            },
            RateLimitConfiguration = new Fusionauth.Inputs.FusionAuthTenantRateLimitConfigurationArgs
            {
                FailedLogin = new Fusionauth.Inputs.FusionAuthTenantRateLimitConfigurationFailedLoginArgs
                {
                    Enabled = true,
                    Limit = 5,
                    TimePeriodInSeconds = 60,
                },
                ForgotPassword = new Fusionauth.Inputs.FusionAuthTenantRateLimitConfigurationForgotPasswordArgs
                {
                    Enabled = false,
                    Limit = 5,
                    TimePeriodInSeconds = 60,
                },
                SendEmailVerification = new Fusionauth.Inputs.FusionAuthTenantRateLimitConfigurationSendEmailVerificationArgs
                {
                    Enabled = false,
                    Limit = 5,
                    TimePeriodInSeconds = 60,
                },
                SendPasswordless = new Fusionauth.Inputs.FusionAuthTenantRateLimitConfigurationSendPasswordlessArgs
                {
                    Enabled = false,
                    Limit = 5,
                    TimePeriodInSeconds = 60,
                },
                SendRegistrationVerification = new Fusionauth.Inputs.FusionAuthTenantRateLimitConfigurationSendRegistrationVerificationArgs
                {
                    Enabled = false,
                    Limit = 5,
                    TimePeriodInSeconds = 60,
                },
                SendTwoFactor = new Fusionauth.Inputs.FusionAuthTenantRateLimitConfigurationSendTwoFactorArgs
                {
                    Enabled = false,
                    Limit = 5,
                    TimePeriodInSeconds = 60,
                },
            },
            RegistrationConfiguration = new Fusionauth.Inputs.FusionAuthTenantRegistrationConfigurationArgs
            {
                BlockedDomains = new[]
                {
                    "example.com",
                },
            },
            CaptchaConfiguration = new Fusionauth.Inputs.FusionAuthTenantCaptchaConfigurationArgs
            {
                Enabled = true,
                CaptchaMethod = "GoogleRecaptchaV3",
                SiteKey = "captcha_site_key",
                SecretKey = "captcha_secret_key",
                Threshold = 0.5,
            },
            ThemeId = fusionauth_theme.Example_theme.Id,
            UserDeletePolicy = new Fusionauth.Inputs.FusionAuthTenantUserDeletePolicyArgs
            {
                UnverifiedEnabled = false,
                UnverifiedNumberOfDaysToRetain = 30,
            },
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.fusionauth.FusionAuthTenant;
    import com.pulumi.fusionauth.FusionAuthTenantArgs;
    import com.pulumi.fusionauth.inputs.FusionAuthTenantConnectorPolicyArgs;
    import com.pulumi.fusionauth.inputs.FusionAuthTenantEmailConfigurationArgs;
    import com.pulumi.fusionauth.inputs.FusionAuthTenantEventConfigurationArgs;
    import com.pulumi.fusionauth.inputs.FusionAuthTenantExternalIdentifierConfigurationArgs;
    import com.pulumi.fusionauth.inputs.FusionAuthTenantExternalIdentifierConfigurationChangePasswordIdGeneratorArgs;
    import com.pulumi.fusionauth.inputs.FusionAuthTenantExternalIdentifierConfigurationDeviceUserCodeIdGeneratorArgs;
    import com.pulumi.fusionauth.inputs.FusionAuthTenantExternalIdentifierConfigurationEmailVerificationIdGeneratorArgs;
    import com.pulumi.fusionauth.inputs.FusionAuthTenantExternalIdentifierConfigurationEmailVerificationOneTimeCodeGeneratorArgs;
    import com.pulumi.fusionauth.inputs.FusionAuthTenantExternalIdentifierConfigurationPasswordlessLoginGeneratorArgs;
    import com.pulumi.fusionauth.inputs.FusionAuthTenantExternalIdentifierConfigurationRegistrationVerificationIdGeneratorArgs;
    import com.pulumi.fusionauth.inputs.FusionAuthTenantExternalIdentifierConfigurationRegistrationVerificationOneTimeCodeGeneratorArgs;
    import com.pulumi.fusionauth.inputs.FusionAuthTenantExternalIdentifierConfigurationSetupPasswordIdGeneratorArgs;
    import com.pulumi.fusionauth.inputs.FusionAuthTenantExternalIdentifierConfigurationTwoFactorOneTimeCodeIdGeneratorArgs;
    import com.pulumi.fusionauth.inputs.FusionAuthTenantFailedAuthenticationConfigurationArgs;
    import com.pulumi.fusionauth.inputs.FusionAuthTenantFamilyConfigurationArgs;
    import com.pulumi.fusionauth.inputs.FusionAuthTenantFormConfigurationArgs;
    import com.pulumi.fusionauth.inputs.FusionAuthTenantJwtConfigurationArgs;
    import com.pulumi.fusionauth.inputs.FusionAuthTenantLoginConfigurationArgs;
    import com.pulumi.fusionauth.inputs.FusionAuthTenantMaximumPasswordAgeArgs;
    import com.pulumi.fusionauth.inputs.FusionAuthTenantMinimumPasswordAgeArgs;
    import com.pulumi.fusionauth.inputs.FusionAuthTenantOauthConfigurationArgs;
    import com.pulumi.fusionauth.inputs.FusionAuthTenantPasswordEncryptionConfigurationArgs;
    import com.pulumi.fusionauth.inputs.FusionAuthTenantPasswordValidationRulesArgs;
    import com.pulumi.fusionauth.inputs.FusionAuthTenantPasswordValidationRulesRememberPreviousPasswordsArgs;
    import com.pulumi.fusionauth.inputs.FusionAuthTenantRateLimitConfigurationArgs;
    import com.pulumi.fusionauth.inputs.FusionAuthTenantRateLimitConfigurationFailedLoginArgs;
    import com.pulumi.fusionauth.inputs.FusionAuthTenantRateLimitConfigurationForgotPasswordArgs;
    import com.pulumi.fusionauth.inputs.FusionAuthTenantRateLimitConfigurationSendEmailVerificationArgs;
    import com.pulumi.fusionauth.inputs.FusionAuthTenantRateLimitConfigurationSendPasswordlessArgs;
    import com.pulumi.fusionauth.inputs.FusionAuthTenantRateLimitConfigurationSendRegistrationVerificationArgs;
    import com.pulumi.fusionauth.inputs.FusionAuthTenantRateLimitConfigurationSendTwoFactorArgs;
    import com.pulumi.fusionauth.inputs.FusionAuthTenantRegistrationConfigurationArgs;
    import com.pulumi.fusionauth.inputs.FusionAuthTenantCaptchaConfigurationArgs;
    import com.pulumi.fusionauth.inputs.FusionAuthTenantUserDeletePolicyArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var example = new FusionAuthTenant("example", FusionAuthTenantArgs.builder()
                .connectorPolicies(FusionAuthTenantConnectorPolicyArgs.builder()
                    .connectorId("b57b3d0f-f7a4-4831-a838-549717362ea8")
                    .domains("*")
                    .migrate(false)
                    .build())
                .emailConfiguration(FusionAuthTenantEmailConfigurationArgs.builder()
                    .forgotPasswordEmailTemplateId(fusionauth_email.ForgotPassword_Example().id())
                    .host("smtp.sendgrid.net")
                    .password("password")
                    .passwordlessEmailTemplateId(fusionauth_email.PasswordlessLogin_Example().id())
                    .port(587)
                    .security("TLS")
                    .setPasswordEmailTemplateId(fusionauth_email.SetupPassword_Example().id())
                    .username("username")
                    .verifyEmail(true)
                    .verifyEmailWhenChanged(true)
                    .additionalHeaders(Map.ofEntries(
                        Map.entry("HeaderName1", "HeaderValue1"),
                        Map.entry("HeaderName2", "HeaderValue2")
                    ))
                    .build())
                .eventConfigurations(            
                    FusionAuthTenantEventConfigurationArgs.builder()
                        .enabled(false)
                        .event("jwt.public-key.update")
                        .transactionType("None")
                        .build(),
                    FusionAuthTenantEventConfigurationArgs.builder()
                        .enabled(false)
                        .event("jwt.refresh-token.revoke")
                        .transactionType("None")
                        .build(),
                    FusionAuthTenantEventConfigurationArgs.builder()
                        .enabled(false)
                        .event("jwt.refresh")
                        .transactionType("None")
                        .build(),
                    FusionAuthTenantEventConfigurationArgs.builder()
                        .enabled(false)
                        .event("group.create")
                        .transactionType("None")
                        .build(),
                    FusionAuthTenantEventConfigurationArgs.builder()
                        .enabled(false)
                        .event("group.create.complete")
                        .transactionType("None")
                        .build(),
                    FusionAuthTenantEventConfigurationArgs.builder()
                        .enabled(false)
                        .event("group.delete")
                        .transactionType("None")
                        .build(),
                    FusionAuthTenantEventConfigurationArgs.builder()
                        .enabled(false)
                        .event("group.delete.complete")
                        .transactionType("None")
                        .build(),
                    FusionAuthTenantEventConfigurationArgs.builder()
                        .enabled(false)
                        .event("group.member.add")
                        .transactionType("None")
                        .build(),
                    FusionAuthTenantEventConfigurationArgs.builder()
                        .enabled(false)
                        .event("group.member.add.complete")
                        .transactionType("None")
                        .build(),
                    FusionAuthTenantEventConfigurationArgs.builder()
                        .enabled(false)
                        .event("group.member.remove")
                        .transactionType("None")
                        .build(),
                    FusionAuthTenantEventConfigurationArgs.builder()
                        .enabled(false)
                        .event("group.member.remove.complete")
                        .transactionType("None")
                        .build(),
                    FusionAuthTenantEventConfigurationArgs.builder()
                        .enabled(false)
                        .event("group.member.update")
                        .transactionType("None")
                        .build(),
                    FusionAuthTenantEventConfigurationArgs.builder()
                        .enabled(false)
                        .event("group.member.update.complete")
                        .transactionType("None")
                        .build(),
                    FusionAuthTenantEventConfigurationArgs.builder()
                        .enabled(false)
                        .event("group.update")
                        .transactionType("None")
                        .build(),
                    FusionAuthTenantEventConfigurationArgs.builder()
                        .enabled(false)
                        .event("group.update.complete")
                        .transactionType("None")
                        .build(),
                    FusionAuthTenantEventConfigurationArgs.builder()
                        .enabled(false)
                        .event("user.action")
                        .transactionType("None")
                        .build(),
                    FusionAuthTenantEventConfigurationArgs.builder()
                        .event("user.bulk.create")
                        .enabled(false)
                        .transactionType("None")
                        .build(),
                    FusionAuthTenantEventConfigurationArgs.builder()
                        .enabled(false)
                        .event("user.create")
                        .transactionType("None")
                        .build(),
                    FusionAuthTenantEventConfigurationArgs.builder()
                        .enabled(false)
                        .event("user.create.complete")
                        .transactionType("None")
                        .build(),
                    FusionAuthTenantEventConfigurationArgs.builder()
                        .enabled(false)
                        .event("user.deactivate")
                        .transactionType("None")
                        .build(),
                    FusionAuthTenantEventConfigurationArgs.builder()
                        .enabled(false)
                        .event("user.delete")
                        .transactionType("None")
                        .build(),
                    FusionAuthTenantEventConfigurationArgs.builder()
                        .enabled(false)
                        .event("user.delete.complete")
                        .transactionType("None")
                        .build(),
                    FusionAuthTenantEventConfigurationArgs.builder()
                        .enabled(false)
                        .event("user.email.update")
                        .transactionType("None")
                        .build(),
                    FusionAuthTenantEventConfigurationArgs.builder()
                        .enabled(false)
                        .event("user.email.verified")
                        .transactionType("None")
                        .build(),
                    FusionAuthTenantEventConfigurationArgs.builder()
                        .enabled(false)
                        .event("user.identity-provider.link")
                        .transactionType("None")
                        .build(),
                    FusionAuthTenantEventConfigurationArgs.builder()
                        .enabled(false)
                        .event("user.identity-provider.unlink")
                        .transactionType("None")
                        .build(),
                    FusionAuthTenantEventConfigurationArgs.builder()
                        .enabled(false)
                        .event("user.loginId.duplicate.create")
                        .transactionType("None")
                        .build(),
                    FusionAuthTenantEventConfigurationArgs.builder()
                        .enabled(false)
                        .event("user.loginId.duplicate.update")
                        .transactionType("None")
                        .build(),
                    FusionAuthTenantEventConfigurationArgs.builder()
                        .enabled(false)
                        .event("user.login.failed")
                        .transactionType("None")
                        .build(),
                    FusionAuthTenantEventConfigurationArgs.builder()
                        .enabled(false)
                        .event("user.login.new-device")
                        .transactionType("None")
                        .build(),
                    FusionAuthTenantEventConfigurationArgs.builder()
                        .enabled(false)
                        .event("user.login.success")
                        .transactionType("None")
                        .build(),
                    FusionAuthTenantEventConfigurationArgs.builder()
                        .enabled(false)
                        .event("user.login.suspicious")
                        .transactionType("None")
                        .build(),
                    FusionAuthTenantEventConfigurationArgs.builder()
                        .enabled(false)
                        .event("user.password.breach")
                        .transactionType("None")
                        .build(),
                    FusionAuthTenantEventConfigurationArgs.builder()
                        .enabled(false)
                        .event("user.password.reset.send")
                        .transactionType("None")
                        .build(),
                    FusionAuthTenantEventConfigurationArgs.builder()
                        .enabled(false)
                        .event("user.password.reset.start")
                        .transactionType("None")
                        .build(),
                    FusionAuthTenantEventConfigurationArgs.builder()
                        .enabled(false)
                        .event("user.password.reset.success")
                        .transactionType("None")
                        .build(),
                    FusionAuthTenantEventConfigurationArgs.builder()
                        .enabled(false)
                        .event("user.password.update")
                        .transactionType("None")
                        .build(),
                    FusionAuthTenantEventConfigurationArgs.builder()
                        .enabled(false)
                        .event("user.reactivate")
                        .transactionType("None")
                        .build(),
                    FusionAuthTenantEventConfigurationArgs.builder()
                        .enabled(false)
                        .event("user.registration.create")
                        .transactionType("None")
                        .build(),
                    FusionAuthTenantEventConfigurationArgs.builder()
                        .enabled(false)
                        .event("user.registration.create.complete")
                        .transactionType("None")
                        .build(),
                    FusionAuthTenantEventConfigurationArgs.builder()
                        .enabled(false)
                        .event("user.registration.delete")
                        .transactionType("None")
                        .build(),
                    FusionAuthTenantEventConfigurationArgs.builder()
                        .enabled(false)
                        .event("user.registration.delete.complete")
                        .transactionType("None")
                        .build(),
                    FusionAuthTenantEventConfigurationArgs.builder()
                        .enabled(false)
                        .event("user.registration.update")
                        .transactionType("None")
                        .build(),
                    FusionAuthTenantEventConfigurationArgs.builder()
                        .enabled(false)
                        .event("user.registration.update.complete")
                        .transactionType("None")
                        .build(),
                    FusionAuthTenantEventConfigurationArgs.builder()
                        .enabled(false)
                        .event("user.registration.verified")
                        .transactionType("None")
                        .build(),
                    FusionAuthTenantEventConfigurationArgs.builder()
                        .enabled(false)
                        .event("user.two-factor.method.add")
                        .transactionType("None")
                        .build(),
                    FusionAuthTenantEventConfigurationArgs.builder()
                        .enabled(false)
                        .event("user.two-factor.method.remove")
                        .transactionType("None")
                        .build(),
                    FusionAuthTenantEventConfigurationArgs.builder()
                        .enabled(false)
                        .event("user.update")
                        .transactionType("None")
                        .build(),
                    FusionAuthTenantEventConfigurationArgs.builder()
                        .enabled(false)
                        .event("user.update.complete")
                        .transactionType("None")
                        .build())
                .externalIdentifierConfiguration(FusionAuthTenantExternalIdentifierConfigurationArgs.builder()
                    .authorizationGrantIdTimeToLiveInSeconds(30)
                    .changePasswordIdGenerator(FusionAuthTenantExternalIdentifierConfigurationChangePasswordIdGeneratorArgs.builder()
                        .length(32)
                        .type("randomBytes")
                        .build())
                    .changePasswordIdTimeToLiveInSeconds(600)
                    .deviceCodeTimeToLiveInSeconds(1800)
                    .deviceUserCodeIdGenerator(FusionAuthTenantExternalIdentifierConfigurationDeviceUserCodeIdGeneratorArgs.builder()
                        .length(6)
                        .type("randomAlphaNumeric")
                        .build())
                    .emailVerificationIdGenerator(FusionAuthTenantExternalIdentifierConfigurationEmailVerificationIdGeneratorArgs.builder()
                        .length(32)
                        .type("randomBytes")
                        .build())
                    .emailVerificationIdTimeToLiveInSeconds(86400)
                    .emailVerificationOneTimeCodeGenerator(FusionAuthTenantExternalIdentifierConfigurationEmailVerificationOneTimeCodeGeneratorArgs.builder()
                        .length(6)
                        .type("randomAlphaNumeric")
                        .build())
                    .externalAuthenticationIdTimeToLiveInSeconds(300)
                    .loginIntentTimeToLiveInSeconds(1800)
                    .oneTimePasswordTimeToLiveInSeconds(60)
                    .passwordlessLoginGenerator(FusionAuthTenantExternalIdentifierConfigurationPasswordlessLoginGeneratorArgs.builder()
                        .length(32)
                        .type("randomBytes")
                        .build())
                    .passwordlessLoginTimeToLiveInSeconds(600)
                    .registrationVerificationIdGenerator(FusionAuthTenantExternalIdentifierConfigurationRegistrationVerificationIdGeneratorArgs.builder()
                        .length(32)
                        .type("randomBytes")
                        .build())
                    .registrationVerificationIdTimeToLiveInSeconds(86400)
                    .registrationVerificationOneTimeCodeGenerator(FusionAuthTenantExternalIdentifierConfigurationRegistrationVerificationOneTimeCodeGeneratorArgs.builder()
                        .length(6)
                        .type("randomAlphaNumeric")
                        .build())
                    .samlV2AuthnRequestIdTtlSeconds(300)
                    .setupPasswordIdGenerator(FusionAuthTenantExternalIdentifierConfigurationSetupPasswordIdGeneratorArgs.builder()
                        .length(32)
                        .type("randomBytes")
                        .build())
                    .setupPasswordIdTimeToLiveInSeconds(86400)
                    .twoFactorIdTimeToLiveInSeconds(300)
                    .twoFactorOneTimeCodeIdGenerator(FusionAuthTenantExternalIdentifierConfigurationTwoFactorOneTimeCodeIdGeneratorArgs.builder()
                        .length(6)
                        .type("randomDigits")
                        .build())
                    .twoFactorOneTimeCodeIdTimeToLiveInSeconds(60)
                    .twoFactorTrustIdTimeToLiveInSeconds(2592000)
                    .build())
                .failedAuthenticationConfiguration(FusionAuthTenantFailedAuthenticationConfigurationArgs.builder()
                    .actionDuration(3)
                    .actionDurationUnit("MINUTES")
                    .resetCountInSeconds(60)
                    .tooManyAttempts(5)
                    .build())
                .familyConfiguration(FusionAuthTenantFamilyConfigurationArgs.builder()
                    .allowChildRegistrations(true)
                    .deleteOrphanedAccounts(false)
                    .deleteOrphanedAccountsDays(30)
                    .enabled(true)
                    .maximumChildAge(12)
                    .minimumOwnerAge(21)
                    .parentEmailRequired(false)
                    .build())
                .formConfiguration(FusionAuthTenantFormConfigurationArgs.builder()
                    .adminUserFormId("e92751a5-25f4-4bca-ad91-66cdf67725d2")
                    .build())
                .httpSessionMaxInactiveInterval(3600)
                .issuer("https://example.com")
                .jwtConfigurations(FusionAuthTenantJwtConfigurationArgs.builder()
                    .accessTokenKeyId(fusionauth_key.accesstoken().id())
                    .idTokenKeyId(fusionauth_key.idtoken().id())
                    .refreshTokenTimeToLiveInMinutes(43200)
                    .timeToLiveInSeconds(3600)
                    .build())
                .loginConfiguration(FusionAuthTenantLoginConfigurationArgs.builder()
                    .requireAuthentication(true)
                    .build())
                .maximumPasswordAge(FusionAuthTenantMaximumPasswordAgeArgs.builder()
                    .days(180)
                    .enabled(false)
                    .build())
                .minimumPasswordAge(FusionAuthTenantMinimumPasswordAgeArgs.builder()
                    .enabled(false)
                    .seconds(30)
                    .build())
                .oauthConfigurations(FusionAuthTenantOauthConfigurationArgs.builder()
                    .clientCredentialsAccessTokenPopulateLambdaId(fusionauth_lambda.client_jwt_populate().id())
                    .build())
                .passwordEncryptionConfigurations(FusionAuthTenantPasswordEncryptionConfigurationArgs.builder()
                    .encryptionScheme("salted-pbkdf2-hmac-sha256")
                    .encryptionSchemeFactor(24000)
                    .modifyEncryptionSchemeOnLogin(false)
                    .build())
                .passwordValidationRules(FusionAuthTenantPasswordValidationRulesArgs.builder()
                    .maxLength(256)
                    .minLength(7)
                    .rememberPreviousPasswords(FusionAuthTenantPasswordValidationRulesRememberPreviousPasswordsArgs.builder()
                        .count(1)
                        .enabled(false)
                        .build())
                    .requiredMixedCase(false)
                    .requireNonAlpha(false)
                    .requireNumber(false)
                    .validateOnLogin(false)
                    .build())
                .rateLimitConfiguration(FusionAuthTenantRateLimitConfigurationArgs.builder()
                    .failedLogin(FusionAuthTenantRateLimitConfigurationFailedLoginArgs.builder()
                        .enabled(true)
                        .limit(5)
                        .timePeriodInSeconds(60)
                        .build())
                    .forgotPassword(FusionAuthTenantRateLimitConfigurationForgotPasswordArgs.builder()
                        .enabled(false)
                        .limit(5)
                        .timePeriodInSeconds(60)
                        .build())
                    .sendEmailVerification(FusionAuthTenantRateLimitConfigurationSendEmailVerificationArgs.builder()
                        .enabled(false)
                        .limit(5)
                        .timePeriodInSeconds(60)
                        .build())
                    .sendPasswordless(FusionAuthTenantRateLimitConfigurationSendPasswordlessArgs.builder()
                        .enabled(false)
                        .limit(5)
                        .timePeriodInSeconds(60)
                        .build())
                    .sendRegistrationVerification(FusionAuthTenantRateLimitConfigurationSendRegistrationVerificationArgs.builder()
                        .enabled(false)
                        .limit(5)
                        .timePeriodInSeconds(60)
                        .build())
                    .sendTwoFactor(FusionAuthTenantRateLimitConfigurationSendTwoFactorArgs.builder()
                        .enabled(false)
                        .limit(5)
                        .timePeriodInSeconds(60)
                        .build())
                    .build())
                .registrationConfiguration(FusionAuthTenantRegistrationConfigurationArgs.builder()
                    .blockedDomains("example.com")
                    .build())
                .captchaConfiguration(FusionAuthTenantCaptchaConfigurationArgs.builder()
                    .enabled(true)
                    .captchaMethod("GoogleRecaptchaV3")
                    .siteKey("captcha_site_key")
                    .secretKey("captcha_secret_key")
                    .threshold(0.5)
                    .build())
                .themeId(fusionauth_theme.example_theme().id())
                .userDeletePolicy(FusionAuthTenantUserDeletePolicyArgs.builder()
                    .unverifiedEnabled(false)
                    .unverifiedNumberOfDaysToRetain(30)
                    .build())
                .build());
    
        }
    }
    
    resources:
      example:
        type: fusionauth:FusionAuthTenant
        properties:
          connectorPolicies:
            - connectorId: b57b3d0f-f7a4-4831-a838-549717362ea8
              domains:
                - '*'
              migrate: false
          emailConfiguration:
            forgotPasswordEmailTemplateId: ${fusionauth_email.ForgotPassword_Example.id}
            host: smtp.sendgrid.net
            password: password
            passwordlessEmailTemplateId: ${fusionauth_email.PasswordlessLogin_Example.id}
            port: 587
            security: TLS
            setPasswordEmailTemplateId: ${fusionauth_email.SetupPassword_Example.id}
            username: username
            verifyEmail: true
            verifyEmailWhenChanged: true
            additionalHeaders:
              HeaderName1: HeaderValue1
              HeaderName2: HeaderValue2
          eventConfigurations:
            - enabled: false
              event: jwt.public-key.update
              transactionType: None
            - enabled: false
              event: jwt.refresh-token.revoke
              transactionType: None
            - enabled: false
              event: jwt.refresh
              transactionType: None
            - enabled: false
              event: group.create
              transactionType: None
            - enabled: false
              event: group.create.complete
              transactionType: None
            - enabled: false
              event: group.delete
              transactionType: None
            - enabled: false
              event: group.delete.complete
              transactionType: None
            - enabled: false
              event: group.member.add
              transactionType: None
            - enabled: false
              event: group.member.add.complete
              transactionType: None
            - enabled: false
              event: group.member.remove
              transactionType: None
            - enabled: false
              event: group.member.remove.complete
              transactionType: None
            - enabled: false
              event: group.member.update
              transactionType: None
            - enabled: false
              event: group.member.update.complete
              transactionType: None
            - enabled: false
              event: group.update
              transactionType: None
            - enabled: false
              event: group.update.complete
              transactionType: None
            - enabled: false
              event: user.action
              transactionType: None
            - event: user.bulk.create
              enabled: false
              transactionType: None
            - enabled: false
              event: user.create
              transactionType: None
            - enabled: false
              event: user.create.complete
              transactionType: None
            - enabled: false
              event: user.deactivate
              transactionType: None
            - enabled: false
              event: user.delete
              transactionType: None
            - enabled: false
              event: user.delete.complete
              transactionType: None
            - enabled: false
              event: user.email.update
              transactionType: None
            - enabled: false
              event: user.email.verified
              transactionType: None
            - enabled: false
              event: user.identity-provider.link
              transactionType: None
            - enabled: false
              event: user.identity-provider.unlink
              transactionType: None
            - enabled: false
              event: user.loginId.duplicate.create
              transactionType: None
            - enabled: false
              event: user.loginId.duplicate.update
              transactionType: None
            - enabled: false
              event: user.login.failed
              transactionType: None
            - enabled: false
              event: user.login.new-device
              transactionType: None
            - enabled: false
              event: user.login.success
              transactionType: None
            - enabled: false
              event: user.login.suspicious
              transactionType: None
            - enabled: false
              event: user.password.breach
              transactionType: None
            - enabled: false
              event: user.password.reset.send
              transactionType: None
            - enabled: false
              event: user.password.reset.start
              transactionType: None
            - enabled: false
              event: user.password.reset.success
              transactionType: None
            - enabled: false
              event: user.password.update
              transactionType: None
            - enabled: false
              event: user.reactivate
              transactionType: None
            - enabled: false
              event: user.registration.create
              transactionType: None
            - enabled: false
              event: user.registration.create.complete
              transactionType: None
            - enabled: false
              event: user.registration.delete
              transactionType: None
            - enabled: false
              event: user.registration.delete.complete
              transactionType: None
            - enabled: false
              event: user.registration.update
              transactionType: None
            - enabled: false
              event: user.registration.update.complete
              transactionType: None
            - enabled: false
              event: user.registration.verified
              transactionType: None
            - enabled: false
              event: user.two-factor.method.add
              transactionType: None
            - enabled: false
              event: user.two-factor.method.remove
              transactionType: None
            - enabled: false
              event: user.update
              transactionType: None
            - enabled: false
              event: user.update.complete
              transactionType: None
          externalIdentifierConfiguration:
            authorizationGrantIdTimeToLiveInSeconds: 30
            changePasswordIdGenerator:
              length: 32
              type: randomBytes
            changePasswordIdTimeToLiveInSeconds: 600
            deviceCodeTimeToLiveInSeconds: 1800
            deviceUserCodeIdGenerator:
              length: 6
              type: randomAlphaNumeric
            emailVerificationIdGenerator:
              length: 32
              type: randomBytes
            emailVerificationIdTimeToLiveInSeconds: 86400
            emailVerificationOneTimeCodeGenerator:
              length: 6
              type: randomAlphaNumeric
            externalAuthenticationIdTimeToLiveInSeconds: 300
            loginIntentTimeToLiveInSeconds: 1800
            oneTimePasswordTimeToLiveInSeconds: 60
            passwordlessLoginGenerator:
              length: 32
              type: randomBytes
            passwordlessLoginTimeToLiveInSeconds: 600
            registrationVerificationIdGenerator:
              length: 32
              type: randomBytes
            registrationVerificationIdTimeToLiveInSeconds: 86400
            registrationVerificationOneTimeCodeGenerator:
              length: 6
              type: randomAlphaNumeric
            samlV2AuthnRequestIdTtlSeconds: 300
            setupPasswordIdGenerator:
              length: 32
              type: randomBytes
            setupPasswordIdTimeToLiveInSeconds: 86400
            twoFactorIdTimeToLiveInSeconds: 300
            twoFactorOneTimeCodeIdGenerator:
              length: 6
              type: randomDigits
            twoFactorOneTimeCodeIdTimeToLiveInSeconds: 60
            twoFactorTrustIdTimeToLiveInSeconds: 2.592e+06
          failedAuthenticationConfiguration:
            actionDuration: 3
            actionDurationUnit: MINUTES
            resetCountInSeconds: 60
            tooManyAttempts: 5
          familyConfiguration:
            allowChildRegistrations: true
            deleteOrphanedAccounts: false
            deleteOrphanedAccountsDays: 30
            enabled: true
            maximumChildAge: 12
            minimumOwnerAge: 21
            parentEmailRequired: false
          formConfiguration:
            adminUserFormId: e92751a5-25f4-4bca-ad91-66cdf67725d2
          httpSessionMaxInactiveInterval: 3600
          issuer: https://example.com
          jwtConfigurations:
            - accessTokenKeyId: ${fusionauth_key.accesstoken.id}
              idTokenKeyId: ${fusionauth_key.idtoken.id}
              refreshTokenTimeToLiveInMinutes: 43200
              timeToLiveInSeconds: 3600
          loginConfiguration:
            requireAuthentication: true
          maximumPasswordAge:
            days: 180
            enabled: false
          minimumPasswordAge:
            enabled: false
            seconds: 30
          oauthConfigurations:
            - clientCredentialsAccessTokenPopulateLambdaId: ${fusionauth_lambda.client_jwt_populate.id}
          passwordEncryptionConfigurations:
            - encryptionScheme: salted-pbkdf2-hmac-sha256
              encryptionSchemeFactor: 24000
              modifyEncryptionSchemeOnLogin: false
          passwordValidationRules:
            maxLength: 256
            minLength: 7
            rememberPreviousPasswords:
              count: 1
              enabled: false
            requiredMixedCase: false
            requireNonAlpha: false
            requireNumber: false
            validateOnLogin: false
          rateLimitConfiguration:
            failedLogin:
              enabled: true
              limit: 5
              timePeriodInSeconds: 60
            forgotPassword:
              enabled: false
              limit: 5
              timePeriodInSeconds: 60
            sendEmailVerification:
              enabled: false
              limit: 5
              timePeriodInSeconds: 60
            sendPasswordless:
              enabled: false
              limit: 5
              timePeriodInSeconds: 60
            sendRegistrationVerification:
              enabled: false
              limit: 5
              timePeriodInSeconds: 60
            sendTwoFactor:
              enabled: false
              limit: 5
              timePeriodInSeconds: 60
          registrationConfiguration:
            blockedDomains:
              - example.com
          captchaConfiguration:
            enabled: true
            captchaMethod: GoogleRecaptchaV3
            siteKey: captcha_site_key
            secretKey: captcha_secret_key
            threshold: 0.5
          themeId: ${fusionauth_theme.example_theme.id}
          userDeletePolicy:
            unverifiedEnabled: false
            unverifiedNumberOfDaysToRetain: 30
    

    Create FusionAuthTenant Resource

    Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

    Constructor syntax

    new FusionAuthTenant(name: string, args: FusionAuthTenantArgs, opts?: CustomResourceOptions);
    @overload
    def FusionAuthTenant(resource_name: str,
                         args: FusionAuthTenantArgs,
                         opts: Optional[ResourceOptions] = None)
    
    @overload
    def FusionAuthTenant(resource_name: str,
                         opts: Optional[ResourceOptions] = None,
                         external_identifier_configuration: Optional[FusionAuthTenantExternalIdentifierConfigurationArgs] = None,
                         theme_id: Optional[str] = None,
                         jwt_configurations: Optional[Sequence[FusionAuthTenantJwtConfigurationArgs]] = None,
                         issuer: Optional[str] = None,
                         email_configuration: Optional[FusionAuthTenantEmailConfigurationArgs] = None,
                         logout_url: Optional[str] = None,
                         name: Optional[str] = None,
                         failed_authentication_configuration: Optional[FusionAuthTenantFailedAuthenticationConfigurationArgs] = None,
                         family_configuration: Optional[FusionAuthTenantFamilyConfigurationArgs] = None,
                         form_configuration: Optional[FusionAuthTenantFormConfigurationArgs] = None,
                         http_session_max_inactive_interval: Optional[int] = None,
                         data: Optional[Mapping[str, Any]] = None,
                         connector_policies: Optional[Sequence[FusionAuthTenantConnectorPolicyArgs]] = None,
                         login_configuration: Optional[FusionAuthTenantLoginConfigurationArgs] = None,
                         access_control_configuration: Optional[FusionAuthTenantAccessControlConfigurationArgs] = None,
                         maximum_password_age: Optional[FusionAuthTenantMaximumPasswordAgeArgs] = None,
                         minimum_password_age: Optional[FusionAuthTenantMinimumPasswordAgeArgs] = None,
                         multi_factor_configuration: Optional[FusionAuthTenantMultiFactorConfigurationArgs] = None,
                         event_configurations: Optional[Sequence[FusionAuthTenantEventConfigurationArgs]] = None,
                         oauth_configurations: Optional[Sequence[FusionAuthTenantOauthConfigurationArgs]] = None,
                         password_encryption_configurations: Optional[Sequence[FusionAuthTenantPasswordEncryptionConfigurationArgs]] = None,
                         password_validation_rules: Optional[FusionAuthTenantPasswordValidationRulesArgs] = None,
                         rate_limit_configuration: Optional[FusionAuthTenantRateLimitConfigurationArgs] = None,
                         registration_configuration: Optional[FusionAuthTenantRegistrationConfigurationArgs] = None,
                         source_tenant_id: Optional[str] = None,
                         tenant_id: Optional[str] = None,
                         captcha_configuration: Optional[FusionAuthTenantCaptchaConfigurationArgs] = None,
                         user_delete_policy: Optional[FusionAuthTenantUserDeletePolicyArgs] = None,
                         username_configuration: Optional[FusionAuthTenantUsernameConfigurationArgs] = None,
                         webhook_ids: Optional[Sequence[str]] = None)
    func NewFusionAuthTenant(ctx *Context, name string, args FusionAuthTenantArgs, opts ...ResourceOption) (*FusionAuthTenant, error)
    public FusionAuthTenant(string name, FusionAuthTenantArgs args, CustomResourceOptions? opts = null)
    public FusionAuthTenant(String name, FusionAuthTenantArgs args)
    public FusionAuthTenant(String name, FusionAuthTenantArgs args, CustomResourceOptions options)
    
    type: fusionauth:FusionAuthTenant
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    

    Parameters

    name string
    The unique name of the resource.
    args FusionAuthTenantArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args FusionAuthTenantArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args FusionAuthTenantArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args FusionAuthTenantArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args FusionAuthTenantArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    Constructor example

    The following reference example uses placeholder values for all input properties.

    var fusionAuthTenantResource = new Fusionauth.FusionAuthTenant("fusionAuthTenantResource", new()
    {
        ExternalIdentifierConfiguration = new Fusionauth.Inputs.FusionAuthTenantExternalIdentifierConfigurationArgs
        {
            PasswordlessLoginTimeToLiveInSeconds = 0,
            DeviceUserCodeIdGenerator = new Fusionauth.Inputs.FusionAuthTenantExternalIdentifierConfigurationDeviceUserCodeIdGeneratorArgs
            {
                Length = 0,
                Type = "string",
            },
            AuthorizationGrantIdTimeToLiveInSeconds = 0,
            DeviceCodeTimeToLiveInSeconds = 0,
            TwoFactorTrustIdTimeToLiveInSeconds = 0,
            EmailVerificationIdGenerator = new Fusionauth.Inputs.FusionAuthTenantExternalIdentifierConfigurationEmailVerificationIdGeneratorArgs
            {
                Length = 0,
                Type = "string",
            },
            EmailVerificationIdTimeToLiveInSeconds = 0,
            RegistrationVerificationIdGenerator = new Fusionauth.Inputs.FusionAuthTenantExternalIdentifierConfigurationRegistrationVerificationIdGeneratorArgs
            {
                Length = 0,
                Type = "string",
            },
            ExternalAuthenticationIdTimeToLiveInSeconds = 0,
            LoginIntentTimeToLiveInSeconds = 0,
            OneTimePasswordTimeToLiveInSeconds = 0,
            PasswordlessLoginGenerator = new Fusionauth.Inputs.FusionAuthTenantExternalIdentifierConfigurationPasswordlessLoginGeneratorArgs
            {
                Length = 0,
                Type = "string",
            },
            ChangePasswordIdTimeToLiveInSeconds = 0,
            ChangePasswordIdGenerator = new Fusionauth.Inputs.FusionAuthTenantExternalIdentifierConfigurationChangePasswordIdGeneratorArgs
            {
                Length = 0,
                Type = "string",
            },
            EmailVerificationOneTimeCodeGenerator = new Fusionauth.Inputs.FusionAuthTenantExternalIdentifierConfigurationEmailVerificationOneTimeCodeGeneratorArgs
            {
                Length = 0,
                Type = "string",
            },
            RegistrationVerificationIdTimeToLiveInSeconds = 0,
            RegistrationVerificationOneTimeCodeGenerator = new Fusionauth.Inputs.FusionAuthTenantExternalIdentifierConfigurationRegistrationVerificationOneTimeCodeGeneratorArgs
            {
                Length = 0,
                Type = "string",
            },
            TwoFactorOneTimeCodeIdGenerator = new Fusionauth.Inputs.FusionAuthTenantExternalIdentifierConfigurationTwoFactorOneTimeCodeIdGeneratorArgs
            {
                Length = 0,
                Type = "string",
            },
            SetupPasswordIdGenerator = new Fusionauth.Inputs.FusionAuthTenantExternalIdentifierConfigurationSetupPasswordIdGeneratorArgs
            {
                Length = 0,
                Type = "string",
            },
            SetupPasswordIdTimeToLiveInSeconds = 0,
            TwoFactorIdTimeToLiveInSeconds = 0,
            TrustTokenTimeToLiveInSeconds = 0,
            SamlV2AuthnRequestIdTtlSeconds = 0,
            TwoFactorOneTimeCodeIdTimeToLiveInSeconds = 0,
            PendingAccountLinkTimeToLiveInSeconds = 0,
        },
        ThemeId = "string",
        JwtConfigurations = new[]
        {
            new Fusionauth.Inputs.FusionAuthTenantJwtConfigurationArgs
            {
                RefreshTokenTimeToLiveInMinutes = 0,
                TimeToLiveInSeconds = 0,
                AccessTokenKeyId = "string",
                IdTokenKeyId = "string",
                RefreshTokenExpirationPolicy = "string",
                RefreshTokenRevocationPolicyOnLoginPrevented = false,
                RefreshTokenRevocationPolicyOnPasswordChange = false,
                RefreshTokenSlidingWindowMaximumTimeToLiveInMinutes = 0,
                RefreshTokenUsagePolicy = "string",
            },
        },
        Issuer = "string",
        EmailConfiguration = new Fusionauth.Inputs.FusionAuthTenantEmailConfigurationArgs
        {
            Host = "string",
            Port = 0,
            PasswordUpdateEmailTemplateId = "string",
            EmailVerifiedEmailTemplateId = "string",
            PasswordlessEmailTemplateId = "string",
            DefaultFromEmail = "string",
            DefaultFromName = "string",
            ImplicitEmailVerificationAllowed = false,
            LoginIdInUseOnCreateEmailTemplateId = "string",
            LoginIdInUseOnUpdateEmailTemplateId = "string",
            LoginNewDeviceEmailTemplateId = "string",
            LoginSuspiciousEmailTemplateId = "string",
            Password = "string",
            PasswordResetSuccessEmailTemplateId = "string",
            VerifyEmailWhenChanged = false,
            EmailUpdateEmailTemplateId = "string",
            ForgotPasswordEmailTemplateId = "string",
            Properties = "string",
            Security = "string",
            SetPasswordEmailTemplateId = "string",
            TwoFactorMethodAddEmailTemplateId = "string",
            TwoFactorMethodRemoveEmailTemplateId = "string",
            Unverified = new Fusionauth.Inputs.FusionAuthTenantEmailConfigurationUnverifiedArgs
            {
                AllowEmailChangeWhenGated = false,
                Behavior = "string",
            },
            Username = "string",
            VerificationEmailTemplateId = "string",
            VerificationStrategy = "string",
            VerifyEmail = false,
            AdditionalHeaders = 
            {
                { "string", "any" },
            },
        },
        LogoutUrl = "string",
        Name = "string",
        FailedAuthenticationConfiguration = new Fusionauth.Inputs.FusionAuthTenantFailedAuthenticationConfigurationArgs
        {
            ActionCancelPolicyOnPasswordReset = false,
            ActionDuration = 0,
            ActionDurationUnit = "string",
            EmailUser = false,
            ResetCountInSeconds = 0,
            TooManyAttempts = 0,
            UserActionId = "string",
        },
        FamilyConfiguration = new Fusionauth.Inputs.FusionAuthTenantFamilyConfigurationArgs
        {
            AllowChildRegistrations = false,
            ConfirmChildEmailTemplateId = "string",
            DeleteOrphanedAccounts = false,
            DeleteOrphanedAccountsDays = 0,
            Enabled = false,
            FamilyRequestEmailTemplateId = "string",
            MaximumChildAge = 0,
            MinimumOwnerAge = 0,
            ParentEmailRequired = false,
            ParentRegistrationEmailTemplateId = "string",
        },
        FormConfiguration = new Fusionauth.Inputs.FusionAuthTenantFormConfigurationArgs
        {
            AdminUserFormId = "string",
        },
        HttpSessionMaxInactiveInterval = 0,
        Data = 
        {
            { "string", "any" },
        },
        ConnectorPolicies = new[]
        {
            new Fusionauth.Inputs.FusionAuthTenantConnectorPolicyArgs
            {
                ConnectorId = "string",
                Domains = new[]
                {
                    "string",
                },
                Migrate = false,
            },
        },
        LoginConfiguration = new Fusionauth.Inputs.FusionAuthTenantLoginConfigurationArgs
        {
            RequireAuthentication = false,
        },
        AccessControlConfiguration = new Fusionauth.Inputs.FusionAuthTenantAccessControlConfigurationArgs
        {
            UiIpAccessControlListId = "string",
        },
        MaximumPasswordAge = new Fusionauth.Inputs.FusionAuthTenantMaximumPasswordAgeArgs
        {
            Days = 0,
            Enabled = false,
        },
        MinimumPasswordAge = new Fusionauth.Inputs.FusionAuthTenantMinimumPasswordAgeArgs
        {
            Enabled = false,
            Seconds = 0,
        },
        MultiFactorConfiguration = new Fusionauth.Inputs.FusionAuthTenantMultiFactorConfigurationArgs
        {
            Authenticator = new Fusionauth.Inputs.FusionAuthTenantMultiFactorConfigurationAuthenticatorArgs
            {
                Enabled = false,
            },
            Email = new Fusionauth.Inputs.FusionAuthTenantMultiFactorConfigurationEmailArgs
            {
                Enabled = false,
                TemplateId = "string",
            },
            LoginPolicy = "string",
            Sms = new Fusionauth.Inputs.FusionAuthTenantMultiFactorConfigurationSmsArgs
            {
                Enabled = false,
                MessengerId = "string",
                TemplateId = "string",
            },
        },
        EventConfigurations = new[]
        {
            new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
            {
                Enabled = false,
                Event = "string",
                TransactionType = "string",
            },
        },
        OauthConfigurations = new[]
        {
            new Fusionauth.Inputs.FusionAuthTenantOauthConfigurationArgs
            {
                ClientCredentialsAccessTokenPopulateLambdaId = "string",
            },
        },
        PasswordEncryptionConfigurations = new[]
        {
            new Fusionauth.Inputs.FusionAuthTenantPasswordEncryptionConfigurationArgs
            {
                EncryptionScheme = "string",
                EncryptionSchemeFactor = 0,
                ModifyEncryptionSchemeOnLogin = false,
            },
        },
        PasswordValidationRules = new Fusionauth.Inputs.FusionAuthTenantPasswordValidationRulesArgs
        {
            BreachDetection = new Fusionauth.Inputs.FusionAuthTenantPasswordValidationRulesBreachDetectionArgs
            {
                Enabled = false,
                MatchMode = "string",
                NotifyUserEmailTemplateId = "string",
                OnLogin = "string",
            },
            MaxLength = 0,
            MinLength = 0,
            RememberPreviousPasswords = new Fusionauth.Inputs.FusionAuthTenantPasswordValidationRulesRememberPreviousPasswordsArgs
            {
                Count = 0,
                Enabled = false,
            },
            RequireNonAlpha = false,
            RequireNumber = false,
            RequiredMixedCase = false,
            ValidateOnLogin = false,
        },
        RateLimitConfiguration = new Fusionauth.Inputs.FusionAuthTenantRateLimitConfigurationArgs
        {
            FailedLogin = new Fusionauth.Inputs.FusionAuthTenantRateLimitConfigurationFailedLoginArgs
            {
                Enabled = false,
                Limit = 0,
                TimePeriodInSeconds = 0,
            },
            ForgotPassword = new Fusionauth.Inputs.FusionAuthTenantRateLimitConfigurationForgotPasswordArgs
            {
                Enabled = false,
                Limit = 0,
                TimePeriodInSeconds = 0,
            },
            SendEmailVerification = new Fusionauth.Inputs.FusionAuthTenantRateLimitConfigurationSendEmailVerificationArgs
            {
                Enabled = false,
                Limit = 0,
                TimePeriodInSeconds = 0,
            },
            SendPasswordless = new Fusionauth.Inputs.FusionAuthTenantRateLimitConfigurationSendPasswordlessArgs
            {
                Enabled = false,
                Limit = 0,
                TimePeriodInSeconds = 0,
            },
            SendRegistrationVerification = new Fusionauth.Inputs.FusionAuthTenantRateLimitConfigurationSendRegistrationVerificationArgs
            {
                Enabled = false,
                Limit = 0,
                TimePeriodInSeconds = 0,
            },
            SendTwoFactor = new Fusionauth.Inputs.FusionAuthTenantRateLimitConfigurationSendTwoFactorArgs
            {
                Enabled = false,
                Limit = 0,
                TimePeriodInSeconds = 0,
            },
        },
        RegistrationConfiguration = new Fusionauth.Inputs.FusionAuthTenantRegistrationConfigurationArgs
        {
            BlockedDomains = new[]
            {
                "string",
            },
        },
        SourceTenantId = "string",
        TenantId = "string",
        CaptchaConfiguration = new Fusionauth.Inputs.FusionAuthTenantCaptchaConfigurationArgs
        {
            CaptchaMethod = "string",
            Enabled = false,
            SecretKey = "string",
            SiteKey = "string",
            Threshold = 0,
        },
        UserDeletePolicy = new Fusionauth.Inputs.FusionAuthTenantUserDeletePolicyArgs
        {
            UnverifiedEnabled = false,
            UnverifiedNumberOfDaysToRetain = 0,
        },
        UsernameConfiguration = new Fusionauth.Inputs.FusionAuthTenantUsernameConfigurationArgs
        {
            Unique = new Fusionauth.Inputs.FusionAuthTenantUsernameConfigurationUniqueArgs
            {
                Enabled = false,
                NumberOfDigits = 0,
                Separator = "string",
                Strategy = "string",
            },
        },
        WebhookIds = new[]
        {
            "string",
        },
    });
    
    example, err := fusionauth.NewFusionAuthTenant(ctx, "fusionAuthTenantResource", &fusionauth.FusionAuthTenantArgs{
    	ExternalIdentifierConfiguration: &fusionauth.FusionAuthTenantExternalIdentifierConfigurationArgs{
    		PasswordlessLoginTimeToLiveInSeconds: pulumi.Int(0),
    		DeviceUserCodeIdGenerator: &fusionauth.FusionAuthTenantExternalIdentifierConfigurationDeviceUserCodeIdGeneratorArgs{
    			Length: pulumi.Int(0),
    			Type:   pulumi.String("string"),
    		},
    		AuthorizationGrantIdTimeToLiveInSeconds: pulumi.Int(0),
    		DeviceCodeTimeToLiveInSeconds:           pulumi.Int(0),
    		TwoFactorTrustIdTimeToLiveInSeconds:     pulumi.Int(0),
    		EmailVerificationIdGenerator: &fusionauth.FusionAuthTenantExternalIdentifierConfigurationEmailVerificationIdGeneratorArgs{
    			Length: pulumi.Int(0),
    			Type:   pulumi.String("string"),
    		},
    		EmailVerificationIdTimeToLiveInSeconds: pulumi.Int(0),
    		RegistrationVerificationIdGenerator: &fusionauth.FusionAuthTenantExternalIdentifierConfigurationRegistrationVerificationIdGeneratorArgs{
    			Length: pulumi.Int(0),
    			Type:   pulumi.String("string"),
    		},
    		ExternalAuthenticationIdTimeToLiveInSeconds: pulumi.Int(0),
    		LoginIntentTimeToLiveInSeconds:              pulumi.Int(0),
    		OneTimePasswordTimeToLiveInSeconds:          pulumi.Int(0),
    		PasswordlessLoginGenerator: &fusionauth.FusionAuthTenantExternalIdentifierConfigurationPasswordlessLoginGeneratorArgs{
    			Length: pulumi.Int(0),
    			Type:   pulumi.String("string"),
    		},
    		ChangePasswordIdTimeToLiveInSeconds: pulumi.Int(0),
    		ChangePasswordIdGenerator: &fusionauth.FusionAuthTenantExternalIdentifierConfigurationChangePasswordIdGeneratorArgs{
    			Length: pulumi.Int(0),
    			Type:   pulumi.String("string"),
    		},
    		EmailVerificationOneTimeCodeGenerator: &fusionauth.FusionAuthTenantExternalIdentifierConfigurationEmailVerificationOneTimeCodeGeneratorArgs{
    			Length: pulumi.Int(0),
    			Type:   pulumi.String("string"),
    		},
    		RegistrationVerificationIdTimeToLiveInSeconds: pulumi.Int(0),
    		RegistrationVerificationOneTimeCodeGenerator: &fusionauth.FusionAuthTenantExternalIdentifierConfigurationRegistrationVerificationOneTimeCodeGeneratorArgs{
    			Length: pulumi.Int(0),
    			Type:   pulumi.String("string"),
    		},
    		TwoFactorOneTimeCodeIdGenerator: &fusionauth.FusionAuthTenantExternalIdentifierConfigurationTwoFactorOneTimeCodeIdGeneratorArgs{
    			Length: pulumi.Int(0),
    			Type:   pulumi.String("string"),
    		},
    		SetupPasswordIdGenerator: &fusionauth.FusionAuthTenantExternalIdentifierConfigurationSetupPasswordIdGeneratorArgs{
    			Length: pulumi.Int(0),
    			Type:   pulumi.String("string"),
    		},
    		SetupPasswordIdTimeToLiveInSeconds:        pulumi.Int(0),
    		TwoFactorIdTimeToLiveInSeconds:            pulumi.Int(0),
    		TrustTokenTimeToLiveInSeconds:             pulumi.Int(0),
    		SamlV2AuthnRequestIdTtlSeconds:            pulumi.Int(0),
    		TwoFactorOneTimeCodeIdTimeToLiveInSeconds: pulumi.Int(0),
    		PendingAccountLinkTimeToLiveInSeconds:     pulumi.Int(0),
    	},
    	ThemeId: pulumi.String("string"),
    	JwtConfigurations: fusionauth.FusionAuthTenantJwtConfigurationArray{
    		&fusionauth.FusionAuthTenantJwtConfigurationArgs{
    			RefreshTokenTimeToLiveInMinutes:                     pulumi.Int(0),
    			TimeToLiveInSeconds:                                 pulumi.Int(0),
    			AccessTokenKeyId:                                    pulumi.String("string"),
    			IdTokenKeyId:                                        pulumi.String("string"),
    			RefreshTokenExpirationPolicy:                        pulumi.String("string"),
    			RefreshTokenRevocationPolicyOnLoginPrevented:        pulumi.Bool(false),
    			RefreshTokenRevocationPolicyOnPasswordChange:        pulumi.Bool(false),
    			RefreshTokenSlidingWindowMaximumTimeToLiveInMinutes: pulumi.Int(0),
    			RefreshTokenUsagePolicy:                             pulumi.String("string"),
    		},
    	},
    	Issuer: pulumi.String("string"),
    	EmailConfiguration: &fusionauth.FusionAuthTenantEmailConfigurationArgs{
    		Host:                                 pulumi.String("string"),
    		Port:                                 pulumi.Int(0),
    		PasswordUpdateEmailTemplateId:        pulumi.String("string"),
    		EmailVerifiedEmailTemplateId:         pulumi.String("string"),
    		PasswordlessEmailTemplateId:          pulumi.String("string"),
    		DefaultFromEmail:                     pulumi.String("string"),
    		DefaultFromName:                      pulumi.String("string"),
    		ImplicitEmailVerificationAllowed:     pulumi.Bool(false),
    		LoginIdInUseOnCreateEmailTemplateId:  pulumi.String("string"),
    		LoginIdInUseOnUpdateEmailTemplateId:  pulumi.String("string"),
    		LoginNewDeviceEmailTemplateId:        pulumi.String("string"),
    		LoginSuspiciousEmailTemplateId:       pulumi.String("string"),
    		Password:                             pulumi.String("string"),
    		PasswordResetSuccessEmailTemplateId:  pulumi.String("string"),
    		VerifyEmailWhenChanged:               pulumi.Bool(false),
    		EmailUpdateEmailTemplateId:           pulumi.String("string"),
    		ForgotPasswordEmailTemplateId:        pulumi.String("string"),
    		Properties:                           pulumi.String("string"),
    		Security:                             pulumi.String("string"),
    		SetPasswordEmailTemplateId:           pulumi.String("string"),
    		TwoFactorMethodAddEmailTemplateId:    pulumi.String("string"),
    		TwoFactorMethodRemoveEmailTemplateId: pulumi.String("string"),
    		Unverified: &fusionauth.FusionAuthTenantEmailConfigurationUnverifiedArgs{
    			AllowEmailChangeWhenGated: pulumi.Bool(false),
    			Behavior:                  pulumi.String("string"),
    		},
    		Username:                    pulumi.String("string"),
    		VerificationEmailTemplateId: pulumi.String("string"),
    		VerificationStrategy:        pulumi.String("string"),
    		VerifyEmail:                 pulumi.Bool(false),
    		AdditionalHeaders: pulumi.Map{
    			"string": pulumi.Any("any"),
    		},
    	},
    	LogoutUrl: pulumi.String("string"),
    	Name:      pulumi.String("string"),
    	FailedAuthenticationConfiguration: &fusionauth.FusionAuthTenantFailedAuthenticationConfigurationArgs{
    		ActionCancelPolicyOnPasswordReset: pulumi.Bool(false),
    		ActionDuration:                    pulumi.Int(0),
    		ActionDurationUnit:                pulumi.String("string"),
    		EmailUser:                         pulumi.Bool(false),
    		ResetCountInSeconds:               pulumi.Int(0),
    		TooManyAttempts:                   pulumi.Int(0),
    		UserActionId:                      pulumi.String("string"),
    	},
    	FamilyConfiguration: &fusionauth.FusionAuthTenantFamilyConfigurationArgs{
    		AllowChildRegistrations:           pulumi.Bool(false),
    		ConfirmChildEmailTemplateId:       pulumi.String("string"),
    		DeleteOrphanedAccounts:            pulumi.Bool(false),
    		DeleteOrphanedAccountsDays:        pulumi.Int(0),
    		Enabled:                           pulumi.Bool(false),
    		FamilyRequestEmailTemplateId:      pulumi.String("string"),
    		MaximumChildAge:                   pulumi.Int(0),
    		MinimumOwnerAge:                   pulumi.Int(0),
    		ParentEmailRequired:               pulumi.Bool(false),
    		ParentRegistrationEmailTemplateId: pulumi.String("string"),
    	},
    	FormConfiguration: &fusionauth.FusionAuthTenantFormConfigurationArgs{
    		AdminUserFormId: pulumi.String("string"),
    	},
    	HttpSessionMaxInactiveInterval: pulumi.Int(0),
    	Data: pulumi.Map{
    		"string": pulumi.Any("any"),
    	},
    	ConnectorPolicies: fusionauth.FusionAuthTenantConnectorPolicyArray{
    		&fusionauth.FusionAuthTenantConnectorPolicyArgs{
    			ConnectorId: pulumi.String("string"),
    			Domains: pulumi.StringArray{
    				pulumi.String("string"),
    			},
    			Migrate: pulumi.Bool(false),
    		},
    	},
    	LoginConfiguration: &fusionauth.FusionAuthTenantLoginConfigurationArgs{
    		RequireAuthentication: pulumi.Bool(false),
    	},
    	AccessControlConfiguration: &fusionauth.FusionAuthTenantAccessControlConfigurationArgs{
    		UiIpAccessControlListId: pulumi.String("string"),
    	},
    	MaximumPasswordAge: &fusionauth.FusionAuthTenantMaximumPasswordAgeArgs{
    		Days:    pulumi.Int(0),
    		Enabled: pulumi.Bool(false),
    	},
    	MinimumPasswordAge: &fusionauth.FusionAuthTenantMinimumPasswordAgeArgs{
    		Enabled: pulumi.Bool(false),
    		Seconds: pulumi.Int(0),
    	},
    	MultiFactorConfiguration: &fusionauth.FusionAuthTenantMultiFactorConfigurationArgs{
    		Authenticator: &fusionauth.FusionAuthTenantMultiFactorConfigurationAuthenticatorArgs{
    			Enabled: pulumi.Bool(false),
    		},
    		Email: &fusionauth.FusionAuthTenantMultiFactorConfigurationEmailArgs{
    			Enabled:    pulumi.Bool(false),
    			TemplateId: pulumi.String("string"),
    		},
    		LoginPolicy: pulumi.String("string"),
    		Sms: &fusionauth.FusionAuthTenantMultiFactorConfigurationSmsArgs{
    			Enabled:     pulumi.Bool(false),
    			MessengerId: pulumi.String("string"),
    			TemplateId:  pulumi.String("string"),
    		},
    	},
    	EventConfigurations: fusionauth.FusionAuthTenantEventConfigurationArray{
    		&fusionauth.FusionAuthTenantEventConfigurationArgs{
    			Enabled:         pulumi.Bool(false),
    			Event:           pulumi.String("string"),
    			TransactionType: pulumi.String("string"),
    		},
    	},
    	OauthConfigurations: fusionauth.FusionAuthTenantOauthConfigurationArray{
    		&fusionauth.FusionAuthTenantOauthConfigurationArgs{
    			ClientCredentialsAccessTokenPopulateLambdaId: pulumi.String("string"),
    		},
    	},
    	PasswordEncryptionConfigurations: fusionauth.FusionAuthTenantPasswordEncryptionConfigurationArray{
    		&fusionauth.FusionAuthTenantPasswordEncryptionConfigurationArgs{
    			EncryptionScheme:              pulumi.String("string"),
    			EncryptionSchemeFactor:        pulumi.Int(0),
    			ModifyEncryptionSchemeOnLogin: pulumi.Bool(false),
    		},
    	},
    	PasswordValidationRules: &fusionauth.FusionAuthTenantPasswordValidationRulesArgs{
    		BreachDetection: &fusionauth.FusionAuthTenantPasswordValidationRulesBreachDetectionArgs{
    			Enabled:                   pulumi.Bool(false),
    			MatchMode:                 pulumi.String("string"),
    			NotifyUserEmailTemplateId: pulumi.String("string"),
    			OnLogin:                   pulumi.String("string"),
    		},
    		MaxLength: pulumi.Int(0),
    		MinLength: pulumi.Int(0),
    		RememberPreviousPasswords: &fusionauth.FusionAuthTenantPasswordValidationRulesRememberPreviousPasswordsArgs{
    			Count:   pulumi.Int(0),
    			Enabled: pulumi.Bool(false),
    		},
    		RequireNonAlpha:   pulumi.Bool(false),
    		RequireNumber:     pulumi.Bool(false),
    		RequiredMixedCase: pulumi.Bool(false),
    		ValidateOnLogin:   pulumi.Bool(false),
    	},
    	RateLimitConfiguration: &fusionauth.FusionAuthTenantRateLimitConfigurationArgs{
    		FailedLogin: &fusionauth.FusionAuthTenantRateLimitConfigurationFailedLoginArgs{
    			Enabled:             pulumi.Bool(false),
    			Limit:               pulumi.Int(0),
    			TimePeriodInSeconds: pulumi.Int(0),
    		},
    		ForgotPassword: &fusionauth.FusionAuthTenantRateLimitConfigurationForgotPasswordArgs{
    			Enabled:             pulumi.Bool(false),
    			Limit:               pulumi.Int(0),
    			TimePeriodInSeconds: pulumi.Int(0),
    		},
    		SendEmailVerification: &fusionauth.FusionAuthTenantRateLimitConfigurationSendEmailVerificationArgs{
    			Enabled:             pulumi.Bool(false),
    			Limit:               pulumi.Int(0),
    			TimePeriodInSeconds: pulumi.Int(0),
    		},
    		SendPasswordless: &fusionauth.FusionAuthTenantRateLimitConfigurationSendPasswordlessArgs{
    			Enabled:             pulumi.Bool(false),
    			Limit:               pulumi.Int(0),
    			TimePeriodInSeconds: pulumi.Int(0),
    		},
    		SendRegistrationVerification: &fusionauth.FusionAuthTenantRateLimitConfigurationSendRegistrationVerificationArgs{
    			Enabled:             pulumi.Bool(false),
    			Limit:               pulumi.Int(0),
    			TimePeriodInSeconds: pulumi.Int(0),
    		},
    		SendTwoFactor: &fusionauth.FusionAuthTenantRateLimitConfigurationSendTwoFactorArgs{
    			Enabled:             pulumi.Bool(false),
    			Limit:               pulumi.Int(0),
    			TimePeriodInSeconds: pulumi.Int(0),
    		},
    	},
    	RegistrationConfiguration: &fusionauth.FusionAuthTenantRegistrationConfigurationArgs{
    		BlockedDomains: pulumi.StringArray{
    			pulumi.String("string"),
    		},
    	},
    	SourceTenantId: pulumi.String("string"),
    	TenantId:       pulumi.String("string"),
    	CaptchaConfiguration: &fusionauth.FusionAuthTenantCaptchaConfigurationArgs{
    		CaptchaMethod: pulumi.String("string"),
    		Enabled:       pulumi.Bool(false),
    		SecretKey:     pulumi.String("string"),
    		SiteKey:       pulumi.String("string"),
    		Threshold:     pulumi.Float64(0),
    	},
    	UserDeletePolicy: &fusionauth.FusionAuthTenantUserDeletePolicyArgs{
    		UnverifiedEnabled:              pulumi.Bool(false),
    		UnverifiedNumberOfDaysToRetain: pulumi.Int(0),
    	},
    	UsernameConfiguration: &fusionauth.FusionAuthTenantUsernameConfigurationArgs{
    		Unique: &fusionauth.FusionAuthTenantUsernameConfigurationUniqueArgs{
    			Enabled:        pulumi.Bool(false),
    			NumberOfDigits: pulumi.Int(0),
    			Separator:      pulumi.String("string"),
    			Strategy:       pulumi.String("string"),
    		},
    	},
    	WebhookIds: pulumi.StringArray{
    		pulumi.String("string"),
    	},
    })
    
    var fusionAuthTenantResource = new FusionAuthTenant("fusionAuthTenantResource", FusionAuthTenantArgs.builder()
        .externalIdentifierConfiguration(FusionAuthTenantExternalIdentifierConfigurationArgs.builder()
            .passwordlessLoginTimeToLiveInSeconds(0)
            .deviceUserCodeIdGenerator(FusionAuthTenantExternalIdentifierConfigurationDeviceUserCodeIdGeneratorArgs.builder()
                .length(0)
                .type("string")
                .build())
            .authorizationGrantIdTimeToLiveInSeconds(0)
            .deviceCodeTimeToLiveInSeconds(0)
            .twoFactorTrustIdTimeToLiveInSeconds(0)
            .emailVerificationIdGenerator(FusionAuthTenantExternalIdentifierConfigurationEmailVerificationIdGeneratorArgs.builder()
                .length(0)
                .type("string")
                .build())
            .emailVerificationIdTimeToLiveInSeconds(0)
            .registrationVerificationIdGenerator(FusionAuthTenantExternalIdentifierConfigurationRegistrationVerificationIdGeneratorArgs.builder()
                .length(0)
                .type("string")
                .build())
            .externalAuthenticationIdTimeToLiveInSeconds(0)
            .loginIntentTimeToLiveInSeconds(0)
            .oneTimePasswordTimeToLiveInSeconds(0)
            .passwordlessLoginGenerator(FusionAuthTenantExternalIdentifierConfigurationPasswordlessLoginGeneratorArgs.builder()
                .length(0)
                .type("string")
                .build())
            .changePasswordIdTimeToLiveInSeconds(0)
            .changePasswordIdGenerator(FusionAuthTenantExternalIdentifierConfigurationChangePasswordIdGeneratorArgs.builder()
                .length(0)
                .type("string")
                .build())
            .emailVerificationOneTimeCodeGenerator(FusionAuthTenantExternalIdentifierConfigurationEmailVerificationOneTimeCodeGeneratorArgs.builder()
                .length(0)
                .type("string")
                .build())
            .registrationVerificationIdTimeToLiveInSeconds(0)
            .registrationVerificationOneTimeCodeGenerator(FusionAuthTenantExternalIdentifierConfigurationRegistrationVerificationOneTimeCodeGeneratorArgs.builder()
                .length(0)
                .type("string")
                .build())
            .twoFactorOneTimeCodeIdGenerator(FusionAuthTenantExternalIdentifierConfigurationTwoFactorOneTimeCodeIdGeneratorArgs.builder()
                .length(0)
                .type("string")
                .build())
            .setupPasswordIdGenerator(FusionAuthTenantExternalIdentifierConfigurationSetupPasswordIdGeneratorArgs.builder()
                .length(0)
                .type("string")
                .build())
            .setupPasswordIdTimeToLiveInSeconds(0)
            .twoFactorIdTimeToLiveInSeconds(0)
            .trustTokenTimeToLiveInSeconds(0)
            .samlV2AuthnRequestIdTtlSeconds(0)
            .twoFactorOneTimeCodeIdTimeToLiveInSeconds(0)
            .pendingAccountLinkTimeToLiveInSeconds(0)
            .build())
        .themeId("string")
        .jwtConfigurations(FusionAuthTenantJwtConfigurationArgs.builder()
            .refreshTokenTimeToLiveInMinutes(0)
            .timeToLiveInSeconds(0)
            .accessTokenKeyId("string")
            .idTokenKeyId("string")
            .refreshTokenExpirationPolicy("string")
            .refreshTokenRevocationPolicyOnLoginPrevented(false)
            .refreshTokenRevocationPolicyOnPasswordChange(false)
            .refreshTokenSlidingWindowMaximumTimeToLiveInMinutes(0)
            .refreshTokenUsagePolicy("string")
            .build())
        .issuer("string")
        .emailConfiguration(FusionAuthTenantEmailConfigurationArgs.builder()
            .host("string")
            .port(0)
            .passwordUpdateEmailTemplateId("string")
            .emailVerifiedEmailTemplateId("string")
            .passwordlessEmailTemplateId("string")
            .defaultFromEmail("string")
            .defaultFromName("string")
            .implicitEmailVerificationAllowed(false)
            .loginIdInUseOnCreateEmailTemplateId("string")
            .loginIdInUseOnUpdateEmailTemplateId("string")
            .loginNewDeviceEmailTemplateId("string")
            .loginSuspiciousEmailTemplateId("string")
            .password("string")
            .passwordResetSuccessEmailTemplateId("string")
            .verifyEmailWhenChanged(false)
            .emailUpdateEmailTemplateId("string")
            .forgotPasswordEmailTemplateId("string")
            .properties("string")
            .security("string")
            .setPasswordEmailTemplateId("string")
            .twoFactorMethodAddEmailTemplateId("string")
            .twoFactorMethodRemoveEmailTemplateId("string")
            .unverified(FusionAuthTenantEmailConfigurationUnverifiedArgs.builder()
                .allowEmailChangeWhenGated(false)
                .behavior("string")
                .build())
            .username("string")
            .verificationEmailTemplateId("string")
            .verificationStrategy("string")
            .verifyEmail(false)
            .additionalHeaders(Map.of("string", "any"))
            .build())
        .logoutUrl("string")
        .name("string")
        .failedAuthenticationConfiguration(FusionAuthTenantFailedAuthenticationConfigurationArgs.builder()
            .actionCancelPolicyOnPasswordReset(false)
            .actionDuration(0)
            .actionDurationUnit("string")
            .emailUser(false)
            .resetCountInSeconds(0)
            .tooManyAttempts(0)
            .userActionId("string")
            .build())
        .familyConfiguration(FusionAuthTenantFamilyConfigurationArgs.builder()
            .allowChildRegistrations(false)
            .confirmChildEmailTemplateId("string")
            .deleteOrphanedAccounts(false)
            .deleteOrphanedAccountsDays(0)
            .enabled(false)
            .familyRequestEmailTemplateId("string")
            .maximumChildAge(0)
            .minimumOwnerAge(0)
            .parentEmailRequired(false)
            .parentRegistrationEmailTemplateId("string")
            .build())
        .formConfiguration(FusionAuthTenantFormConfigurationArgs.builder()
            .adminUserFormId("string")
            .build())
        .httpSessionMaxInactiveInterval(0)
        .data(Map.of("string", "any"))
        .connectorPolicies(FusionAuthTenantConnectorPolicyArgs.builder()
            .connectorId("string")
            .domains("string")
            .migrate(false)
            .build())
        .loginConfiguration(FusionAuthTenantLoginConfigurationArgs.builder()
            .requireAuthentication(false)
            .build())
        .accessControlConfiguration(FusionAuthTenantAccessControlConfigurationArgs.builder()
            .uiIpAccessControlListId("string")
            .build())
        .maximumPasswordAge(FusionAuthTenantMaximumPasswordAgeArgs.builder()
            .days(0)
            .enabled(false)
            .build())
        .minimumPasswordAge(FusionAuthTenantMinimumPasswordAgeArgs.builder()
            .enabled(false)
            .seconds(0)
            .build())
        .multiFactorConfiguration(FusionAuthTenantMultiFactorConfigurationArgs.builder()
            .authenticator(FusionAuthTenantMultiFactorConfigurationAuthenticatorArgs.builder()
                .enabled(false)
                .build())
            .email(FusionAuthTenantMultiFactorConfigurationEmailArgs.builder()
                .enabled(false)
                .templateId("string")
                .build())
            .loginPolicy("string")
            .sms(FusionAuthTenantMultiFactorConfigurationSmsArgs.builder()
                .enabled(false)
                .messengerId("string")
                .templateId("string")
                .build())
            .build())
        .eventConfigurations(FusionAuthTenantEventConfigurationArgs.builder()
            .enabled(false)
            .event("string")
            .transactionType("string")
            .build())
        .oauthConfigurations(FusionAuthTenantOauthConfigurationArgs.builder()
            .clientCredentialsAccessTokenPopulateLambdaId("string")
            .build())
        .passwordEncryptionConfigurations(FusionAuthTenantPasswordEncryptionConfigurationArgs.builder()
            .encryptionScheme("string")
            .encryptionSchemeFactor(0)
            .modifyEncryptionSchemeOnLogin(false)
            .build())
        .passwordValidationRules(FusionAuthTenantPasswordValidationRulesArgs.builder()
            .breachDetection(FusionAuthTenantPasswordValidationRulesBreachDetectionArgs.builder()
                .enabled(false)
                .matchMode("string")
                .notifyUserEmailTemplateId("string")
                .onLogin("string")
                .build())
            .maxLength(0)
            .minLength(0)
            .rememberPreviousPasswords(FusionAuthTenantPasswordValidationRulesRememberPreviousPasswordsArgs.builder()
                .count(0)
                .enabled(false)
                .build())
            .requireNonAlpha(false)
            .requireNumber(false)
            .requiredMixedCase(false)
            .validateOnLogin(false)
            .build())
        .rateLimitConfiguration(FusionAuthTenantRateLimitConfigurationArgs.builder()
            .failedLogin(FusionAuthTenantRateLimitConfigurationFailedLoginArgs.builder()
                .enabled(false)
                .limit(0)
                .timePeriodInSeconds(0)
                .build())
            .forgotPassword(FusionAuthTenantRateLimitConfigurationForgotPasswordArgs.builder()
                .enabled(false)
                .limit(0)
                .timePeriodInSeconds(0)
                .build())
            .sendEmailVerification(FusionAuthTenantRateLimitConfigurationSendEmailVerificationArgs.builder()
                .enabled(false)
                .limit(0)
                .timePeriodInSeconds(0)
                .build())
            .sendPasswordless(FusionAuthTenantRateLimitConfigurationSendPasswordlessArgs.builder()
                .enabled(false)
                .limit(0)
                .timePeriodInSeconds(0)
                .build())
            .sendRegistrationVerification(FusionAuthTenantRateLimitConfigurationSendRegistrationVerificationArgs.builder()
                .enabled(false)
                .limit(0)
                .timePeriodInSeconds(0)
                .build())
            .sendTwoFactor(FusionAuthTenantRateLimitConfigurationSendTwoFactorArgs.builder()
                .enabled(false)
                .limit(0)
                .timePeriodInSeconds(0)
                .build())
            .build())
        .registrationConfiguration(FusionAuthTenantRegistrationConfigurationArgs.builder()
            .blockedDomains("string")
            .build())
        .sourceTenantId("string")
        .tenantId("string")
        .captchaConfiguration(FusionAuthTenantCaptchaConfigurationArgs.builder()
            .captchaMethod("string")
            .enabled(false)
            .secretKey("string")
            .siteKey("string")
            .threshold(0)
            .build())
        .userDeletePolicy(FusionAuthTenantUserDeletePolicyArgs.builder()
            .unverifiedEnabled(false)
            .unverifiedNumberOfDaysToRetain(0)
            .build())
        .usernameConfiguration(FusionAuthTenantUsernameConfigurationArgs.builder()
            .unique(FusionAuthTenantUsernameConfigurationUniqueArgs.builder()
                .enabled(false)
                .numberOfDigits(0)
                .separator("string")
                .strategy("string")
                .build())
            .build())
        .webhookIds("string")
        .build());
    
    fusion_auth_tenant_resource = fusionauth.FusionAuthTenant("fusionAuthTenantResource",
        external_identifier_configuration={
            "passwordless_login_time_to_live_in_seconds": 0,
            "device_user_code_id_generator": {
                "length": 0,
                "type": "string",
            },
            "authorization_grant_id_time_to_live_in_seconds": 0,
            "device_code_time_to_live_in_seconds": 0,
            "two_factor_trust_id_time_to_live_in_seconds": 0,
            "email_verification_id_generator": {
                "length": 0,
                "type": "string",
            },
            "email_verification_id_time_to_live_in_seconds": 0,
            "registration_verification_id_generator": {
                "length": 0,
                "type": "string",
            },
            "external_authentication_id_time_to_live_in_seconds": 0,
            "login_intent_time_to_live_in_seconds": 0,
            "one_time_password_time_to_live_in_seconds": 0,
            "passwordless_login_generator": {
                "length": 0,
                "type": "string",
            },
            "change_password_id_time_to_live_in_seconds": 0,
            "change_password_id_generator": {
                "length": 0,
                "type": "string",
            },
            "email_verification_one_time_code_generator": {
                "length": 0,
                "type": "string",
            },
            "registration_verification_id_time_to_live_in_seconds": 0,
            "registration_verification_one_time_code_generator": {
                "length": 0,
                "type": "string",
            },
            "two_factor_one_time_code_id_generator": {
                "length": 0,
                "type": "string",
            },
            "setup_password_id_generator": {
                "length": 0,
                "type": "string",
            },
            "setup_password_id_time_to_live_in_seconds": 0,
            "two_factor_id_time_to_live_in_seconds": 0,
            "trust_token_time_to_live_in_seconds": 0,
            "saml_v2_authn_request_id_ttl_seconds": 0,
            "two_factor_one_time_code_id_time_to_live_in_seconds": 0,
            "pending_account_link_time_to_live_in_seconds": 0,
        },
        theme_id="string",
        jwt_configurations=[{
            "refresh_token_time_to_live_in_minutes": 0,
            "time_to_live_in_seconds": 0,
            "access_token_key_id": "string",
            "id_token_key_id": "string",
            "refresh_token_expiration_policy": "string",
            "refresh_token_revocation_policy_on_login_prevented": False,
            "refresh_token_revocation_policy_on_password_change": False,
            "refresh_token_sliding_window_maximum_time_to_live_in_minutes": 0,
            "refresh_token_usage_policy": "string",
        }],
        issuer="string",
        email_configuration={
            "host": "string",
            "port": 0,
            "password_update_email_template_id": "string",
            "email_verified_email_template_id": "string",
            "passwordless_email_template_id": "string",
            "default_from_email": "string",
            "default_from_name": "string",
            "implicit_email_verification_allowed": False,
            "login_id_in_use_on_create_email_template_id": "string",
            "login_id_in_use_on_update_email_template_id": "string",
            "login_new_device_email_template_id": "string",
            "login_suspicious_email_template_id": "string",
            "password": "string",
            "password_reset_success_email_template_id": "string",
            "verify_email_when_changed": False,
            "email_update_email_template_id": "string",
            "forgot_password_email_template_id": "string",
            "properties": "string",
            "security": "string",
            "set_password_email_template_id": "string",
            "two_factor_method_add_email_template_id": "string",
            "two_factor_method_remove_email_template_id": "string",
            "unverified": {
                "allow_email_change_when_gated": False,
                "behavior": "string",
            },
            "username": "string",
            "verification_email_template_id": "string",
            "verification_strategy": "string",
            "verify_email": False,
            "additional_headers": {
                "string": "any",
            },
        },
        logout_url="string",
        name="string",
        failed_authentication_configuration={
            "action_cancel_policy_on_password_reset": False,
            "action_duration": 0,
            "action_duration_unit": "string",
            "email_user": False,
            "reset_count_in_seconds": 0,
            "too_many_attempts": 0,
            "user_action_id": "string",
        },
        family_configuration={
            "allow_child_registrations": False,
            "confirm_child_email_template_id": "string",
            "delete_orphaned_accounts": False,
            "delete_orphaned_accounts_days": 0,
            "enabled": False,
            "family_request_email_template_id": "string",
            "maximum_child_age": 0,
            "minimum_owner_age": 0,
            "parent_email_required": False,
            "parent_registration_email_template_id": "string",
        },
        form_configuration={
            "admin_user_form_id": "string",
        },
        http_session_max_inactive_interval=0,
        data={
            "string": "any",
        },
        connector_policies=[{
            "connector_id": "string",
            "domains": ["string"],
            "migrate": False,
        }],
        login_configuration={
            "require_authentication": False,
        },
        access_control_configuration={
            "ui_ip_access_control_list_id": "string",
        },
        maximum_password_age={
            "days": 0,
            "enabled": False,
        },
        minimum_password_age={
            "enabled": False,
            "seconds": 0,
        },
        multi_factor_configuration={
            "authenticator": {
                "enabled": False,
            },
            "email": {
                "enabled": False,
                "template_id": "string",
            },
            "login_policy": "string",
            "sms": {
                "enabled": False,
                "messenger_id": "string",
                "template_id": "string",
            },
        },
        event_configurations=[{
            "enabled": False,
            "event": "string",
            "transaction_type": "string",
        }],
        oauth_configurations=[{
            "client_credentials_access_token_populate_lambda_id": "string",
        }],
        password_encryption_configurations=[{
            "encryption_scheme": "string",
            "encryption_scheme_factor": 0,
            "modify_encryption_scheme_on_login": False,
        }],
        password_validation_rules={
            "breach_detection": {
                "enabled": False,
                "match_mode": "string",
                "notify_user_email_template_id": "string",
                "on_login": "string",
            },
            "max_length": 0,
            "min_length": 0,
            "remember_previous_passwords": {
                "count": 0,
                "enabled": False,
            },
            "require_non_alpha": False,
            "require_number": False,
            "required_mixed_case": False,
            "validate_on_login": False,
        },
        rate_limit_configuration={
            "failed_login": {
                "enabled": False,
                "limit": 0,
                "time_period_in_seconds": 0,
            },
            "forgot_password": {
                "enabled": False,
                "limit": 0,
                "time_period_in_seconds": 0,
            },
            "send_email_verification": {
                "enabled": False,
                "limit": 0,
                "time_period_in_seconds": 0,
            },
            "send_passwordless": {
                "enabled": False,
                "limit": 0,
                "time_period_in_seconds": 0,
            },
            "send_registration_verification": {
                "enabled": False,
                "limit": 0,
                "time_period_in_seconds": 0,
            },
            "send_two_factor": {
                "enabled": False,
                "limit": 0,
                "time_period_in_seconds": 0,
            },
        },
        registration_configuration={
            "blocked_domains": ["string"],
        },
        source_tenant_id="string",
        tenant_id="string",
        captcha_configuration={
            "captcha_method": "string",
            "enabled": False,
            "secret_key": "string",
            "site_key": "string",
            "threshold": 0,
        },
        user_delete_policy={
            "unverified_enabled": False,
            "unverified_number_of_days_to_retain": 0,
        },
        username_configuration={
            "unique": {
                "enabled": False,
                "number_of_digits": 0,
                "separator": "string",
                "strategy": "string",
            },
        },
        webhook_ids=["string"])
    
    const fusionAuthTenantResource = new fusionauth.FusionAuthTenant("fusionAuthTenantResource", {
        externalIdentifierConfiguration: {
            passwordlessLoginTimeToLiveInSeconds: 0,
            deviceUserCodeIdGenerator: {
                length: 0,
                type: "string",
            },
            authorizationGrantIdTimeToLiveInSeconds: 0,
            deviceCodeTimeToLiveInSeconds: 0,
            twoFactorTrustIdTimeToLiveInSeconds: 0,
            emailVerificationIdGenerator: {
                length: 0,
                type: "string",
            },
            emailVerificationIdTimeToLiveInSeconds: 0,
            registrationVerificationIdGenerator: {
                length: 0,
                type: "string",
            },
            externalAuthenticationIdTimeToLiveInSeconds: 0,
            loginIntentTimeToLiveInSeconds: 0,
            oneTimePasswordTimeToLiveInSeconds: 0,
            passwordlessLoginGenerator: {
                length: 0,
                type: "string",
            },
            changePasswordIdTimeToLiveInSeconds: 0,
            changePasswordIdGenerator: {
                length: 0,
                type: "string",
            },
            emailVerificationOneTimeCodeGenerator: {
                length: 0,
                type: "string",
            },
            registrationVerificationIdTimeToLiveInSeconds: 0,
            registrationVerificationOneTimeCodeGenerator: {
                length: 0,
                type: "string",
            },
            twoFactorOneTimeCodeIdGenerator: {
                length: 0,
                type: "string",
            },
            setupPasswordIdGenerator: {
                length: 0,
                type: "string",
            },
            setupPasswordIdTimeToLiveInSeconds: 0,
            twoFactorIdTimeToLiveInSeconds: 0,
            trustTokenTimeToLiveInSeconds: 0,
            samlV2AuthnRequestIdTtlSeconds: 0,
            twoFactorOneTimeCodeIdTimeToLiveInSeconds: 0,
            pendingAccountLinkTimeToLiveInSeconds: 0,
        },
        themeId: "string",
        jwtConfigurations: [{
            refreshTokenTimeToLiveInMinutes: 0,
            timeToLiveInSeconds: 0,
            accessTokenKeyId: "string",
            idTokenKeyId: "string",
            refreshTokenExpirationPolicy: "string",
            refreshTokenRevocationPolicyOnLoginPrevented: false,
            refreshTokenRevocationPolicyOnPasswordChange: false,
            refreshTokenSlidingWindowMaximumTimeToLiveInMinutes: 0,
            refreshTokenUsagePolicy: "string",
        }],
        issuer: "string",
        emailConfiguration: {
            host: "string",
            port: 0,
            passwordUpdateEmailTemplateId: "string",
            emailVerifiedEmailTemplateId: "string",
            passwordlessEmailTemplateId: "string",
            defaultFromEmail: "string",
            defaultFromName: "string",
            implicitEmailVerificationAllowed: false,
            loginIdInUseOnCreateEmailTemplateId: "string",
            loginIdInUseOnUpdateEmailTemplateId: "string",
            loginNewDeviceEmailTemplateId: "string",
            loginSuspiciousEmailTemplateId: "string",
            password: "string",
            passwordResetSuccessEmailTemplateId: "string",
            verifyEmailWhenChanged: false,
            emailUpdateEmailTemplateId: "string",
            forgotPasswordEmailTemplateId: "string",
            properties: "string",
            security: "string",
            setPasswordEmailTemplateId: "string",
            twoFactorMethodAddEmailTemplateId: "string",
            twoFactorMethodRemoveEmailTemplateId: "string",
            unverified: {
                allowEmailChangeWhenGated: false,
                behavior: "string",
            },
            username: "string",
            verificationEmailTemplateId: "string",
            verificationStrategy: "string",
            verifyEmail: false,
            additionalHeaders: {
                string: "any",
            },
        },
        logoutUrl: "string",
        name: "string",
        failedAuthenticationConfiguration: {
            actionCancelPolicyOnPasswordReset: false,
            actionDuration: 0,
            actionDurationUnit: "string",
            emailUser: false,
            resetCountInSeconds: 0,
            tooManyAttempts: 0,
            userActionId: "string",
        },
        familyConfiguration: {
            allowChildRegistrations: false,
            confirmChildEmailTemplateId: "string",
            deleteOrphanedAccounts: false,
            deleteOrphanedAccountsDays: 0,
            enabled: false,
            familyRequestEmailTemplateId: "string",
            maximumChildAge: 0,
            minimumOwnerAge: 0,
            parentEmailRequired: false,
            parentRegistrationEmailTemplateId: "string",
        },
        formConfiguration: {
            adminUserFormId: "string",
        },
        httpSessionMaxInactiveInterval: 0,
        data: {
            string: "any",
        },
        connectorPolicies: [{
            connectorId: "string",
            domains: ["string"],
            migrate: false,
        }],
        loginConfiguration: {
            requireAuthentication: false,
        },
        accessControlConfiguration: {
            uiIpAccessControlListId: "string",
        },
        maximumPasswordAge: {
            days: 0,
            enabled: false,
        },
        minimumPasswordAge: {
            enabled: false,
            seconds: 0,
        },
        multiFactorConfiguration: {
            authenticator: {
                enabled: false,
            },
            email: {
                enabled: false,
                templateId: "string",
            },
            loginPolicy: "string",
            sms: {
                enabled: false,
                messengerId: "string",
                templateId: "string",
            },
        },
        eventConfigurations: [{
            enabled: false,
            event: "string",
            transactionType: "string",
        }],
        oauthConfigurations: [{
            clientCredentialsAccessTokenPopulateLambdaId: "string",
        }],
        passwordEncryptionConfigurations: [{
            encryptionScheme: "string",
            encryptionSchemeFactor: 0,
            modifyEncryptionSchemeOnLogin: false,
        }],
        passwordValidationRules: {
            breachDetection: {
                enabled: false,
                matchMode: "string",
                notifyUserEmailTemplateId: "string",
                onLogin: "string",
            },
            maxLength: 0,
            minLength: 0,
            rememberPreviousPasswords: {
                count: 0,
                enabled: false,
            },
            requireNonAlpha: false,
            requireNumber: false,
            requiredMixedCase: false,
            validateOnLogin: false,
        },
        rateLimitConfiguration: {
            failedLogin: {
                enabled: false,
                limit: 0,
                timePeriodInSeconds: 0,
            },
            forgotPassword: {
                enabled: false,
                limit: 0,
                timePeriodInSeconds: 0,
            },
            sendEmailVerification: {
                enabled: false,
                limit: 0,
                timePeriodInSeconds: 0,
            },
            sendPasswordless: {
                enabled: false,
                limit: 0,
                timePeriodInSeconds: 0,
            },
            sendRegistrationVerification: {
                enabled: false,
                limit: 0,
                timePeriodInSeconds: 0,
            },
            sendTwoFactor: {
                enabled: false,
                limit: 0,
                timePeriodInSeconds: 0,
            },
        },
        registrationConfiguration: {
            blockedDomains: ["string"],
        },
        sourceTenantId: "string",
        tenantId: "string",
        captchaConfiguration: {
            captchaMethod: "string",
            enabled: false,
            secretKey: "string",
            siteKey: "string",
            threshold: 0,
        },
        userDeletePolicy: {
            unverifiedEnabled: false,
            unverifiedNumberOfDaysToRetain: 0,
        },
        usernameConfiguration: {
            unique: {
                enabled: false,
                numberOfDigits: 0,
                separator: "string",
                strategy: "string",
            },
        },
        webhookIds: ["string"],
    });
    
    type: fusionauth:FusionAuthTenant
    properties:
        accessControlConfiguration:
            uiIpAccessControlListId: string
        captchaConfiguration:
            captchaMethod: string
            enabled: false
            secretKey: string
            siteKey: string
            threshold: 0
        connectorPolicies:
            - connectorId: string
              domains:
                - string
              migrate: false
        data:
            string: any
        emailConfiguration:
            additionalHeaders:
                string: any
            defaultFromEmail: string
            defaultFromName: string
            emailUpdateEmailTemplateId: string
            emailVerifiedEmailTemplateId: string
            forgotPasswordEmailTemplateId: string
            host: string
            implicitEmailVerificationAllowed: false
            loginIdInUseOnCreateEmailTemplateId: string
            loginIdInUseOnUpdateEmailTemplateId: string
            loginNewDeviceEmailTemplateId: string
            loginSuspiciousEmailTemplateId: string
            password: string
            passwordResetSuccessEmailTemplateId: string
            passwordUpdateEmailTemplateId: string
            passwordlessEmailTemplateId: string
            port: 0
            properties: string
            security: string
            setPasswordEmailTemplateId: string
            twoFactorMethodAddEmailTemplateId: string
            twoFactorMethodRemoveEmailTemplateId: string
            unverified:
                allowEmailChangeWhenGated: false
                behavior: string
            username: string
            verificationEmailTemplateId: string
            verificationStrategy: string
            verifyEmail: false
            verifyEmailWhenChanged: false
        eventConfigurations:
            - enabled: false
              event: string
              transactionType: string
        externalIdentifierConfiguration:
            authorizationGrantIdTimeToLiveInSeconds: 0
            changePasswordIdGenerator:
                length: 0
                type: string
            changePasswordIdTimeToLiveInSeconds: 0
            deviceCodeTimeToLiveInSeconds: 0
            deviceUserCodeIdGenerator:
                length: 0
                type: string
            emailVerificationIdGenerator:
                length: 0
                type: string
            emailVerificationIdTimeToLiveInSeconds: 0
            emailVerificationOneTimeCodeGenerator:
                length: 0
                type: string
            externalAuthenticationIdTimeToLiveInSeconds: 0
            loginIntentTimeToLiveInSeconds: 0
            oneTimePasswordTimeToLiveInSeconds: 0
            passwordlessLoginGenerator:
                length: 0
                type: string
            passwordlessLoginTimeToLiveInSeconds: 0
            pendingAccountLinkTimeToLiveInSeconds: 0
            registrationVerificationIdGenerator:
                length: 0
                type: string
            registrationVerificationIdTimeToLiveInSeconds: 0
            registrationVerificationOneTimeCodeGenerator:
                length: 0
                type: string
            samlV2AuthnRequestIdTtlSeconds: 0
            setupPasswordIdGenerator:
                length: 0
                type: string
            setupPasswordIdTimeToLiveInSeconds: 0
            trustTokenTimeToLiveInSeconds: 0
            twoFactorIdTimeToLiveInSeconds: 0
            twoFactorOneTimeCodeIdGenerator:
                length: 0
                type: string
            twoFactorOneTimeCodeIdTimeToLiveInSeconds: 0
            twoFactorTrustIdTimeToLiveInSeconds: 0
        failedAuthenticationConfiguration:
            actionCancelPolicyOnPasswordReset: false
            actionDuration: 0
            actionDurationUnit: string
            emailUser: false
            resetCountInSeconds: 0
            tooManyAttempts: 0
            userActionId: string
        familyConfiguration:
            allowChildRegistrations: false
            confirmChildEmailTemplateId: string
            deleteOrphanedAccounts: false
            deleteOrphanedAccountsDays: 0
            enabled: false
            familyRequestEmailTemplateId: string
            maximumChildAge: 0
            minimumOwnerAge: 0
            parentEmailRequired: false
            parentRegistrationEmailTemplateId: string
        formConfiguration:
            adminUserFormId: string
        httpSessionMaxInactiveInterval: 0
        issuer: string
        jwtConfigurations:
            - accessTokenKeyId: string
              idTokenKeyId: string
              refreshTokenExpirationPolicy: string
              refreshTokenRevocationPolicyOnLoginPrevented: false
              refreshTokenRevocationPolicyOnPasswordChange: false
              refreshTokenSlidingWindowMaximumTimeToLiveInMinutes: 0
              refreshTokenTimeToLiveInMinutes: 0
              refreshTokenUsagePolicy: string
              timeToLiveInSeconds: 0
        loginConfiguration:
            requireAuthentication: false
        logoutUrl: string
        maximumPasswordAge:
            days: 0
            enabled: false
        minimumPasswordAge:
            enabled: false
            seconds: 0
        multiFactorConfiguration:
            authenticator:
                enabled: false
            email:
                enabled: false
                templateId: string
            loginPolicy: string
            sms:
                enabled: false
                messengerId: string
                templateId: string
        name: string
        oauthConfigurations:
            - clientCredentialsAccessTokenPopulateLambdaId: string
        passwordEncryptionConfigurations:
            - encryptionScheme: string
              encryptionSchemeFactor: 0
              modifyEncryptionSchemeOnLogin: false
        passwordValidationRules:
            breachDetection:
                enabled: false
                matchMode: string
                notifyUserEmailTemplateId: string
                onLogin: string
            maxLength: 0
            minLength: 0
            rememberPreviousPasswords:
                count: 0
                enabled: false
            requireNonAlpha: false
            requireNumber: false
            requiredMixedCase: false
            validateOnLogin: false
        rateLimitConfiguration:
            failedLogin:
                enabled: false
                limit: 0
                timePeriodInSeconds: 0
            forgotPassword:
                enabled: false
                limit: 0
                timePeriodInSeconds: 0
            sendEmailVerification:
                enabled: false
                limit: 0
                timePeriodInSeconds: 0
            sendPasswordless:
                enabled: false
                limit: 0
                timePeriodInSeconds: 0
            sendRegistrationVerification:
                enabled: false
                limit: 0
                timePeriodInSeconds: 0
            sendTwoFactor:
                enabled: false
                limit: 0
                timePeriodInSeconds: 0
        registrationConfiguration:
            blockedDomains:
                - string
        sourceTenantId: string
        tenantId: string
        themeId: string
        userDeletePolicy:
            unverifiedEnabled: false
            unverifiedNumberOfDaysToRetain: 0
        usernameConfiguration:
            unique:
                enabled: false
                numberOfDigits: 0
                separator: string
                strategy: string
        webhookIds:
            - string
    

    FusionAuthTenant Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

    The FusionAuthTenant resource accepts the following input properties:

    EmailConfiguration theogravity.Fusionauth.Inputs.FusionAuthTenantEmailConfiguration
    ExternalIdentifierConfiguration theogravity.Fusionauth.Inputs.FusionAuthTenantExternalIdentifierConfiguration
    Issuer string
    The named issuer used to sign tokens, this is generally your public fully qualified domain.
    JwtConfigurations List<theogravity.Fusionauth.Inputs.FusionAuthTenantJwtConfiguration>
    ThemeId string
    The unique Id of the theme to be used to style the login page and other end user templates.
    AccessControlConfiguration theogravity.Fusionauth.Inputs.FusionAuthTenantAccessControlConfiguration
    CaptchaConfiguration theogravity.Fusionauth.Inputs.FusionAuthTenantCaptchaConfiguration
    ConnectorPolicies List<theogravity.Fusionauth.Inputs.FusionAuthTenantConnectorPolicy>
    A list of Connector policies. Users will be authenticated against Connectors in order. Each Connector can be included in this list at most once and must exist.
    Data Dictionary<string, object>
    An object that can hold any information about the Tenant that should be persisted.
    EventConfigurations List<theogravity.Fusionauth.Inputs.FusionAuthTenantEventConfiguration>
    FailedAuthenticationConfiguration theogravity.Fusionauth.Inputs.FusionAuthTenantFailedAuthenticationConfiguration
    FamilyConfiguration theogravity.Fusionauth.Inputs.FusionAuthTenantFamilyConfiguration
    FormConfiguration theogravity.Fusionauth.Inputs.FusionAuthTenantFormConfiguration
    HttpSessionMaxInactiveInterval int
    Time in seconds until an inactive session will be invalidated. Used when creating a new session in the FusionAuth OAuth frontend.
    LoginConfiguration theogravity.Fusionauth.Inputs.FusionAuthTenantLoginConfiguration
    LogoutUrl string
    The logout redirect URL when sending the user’s browser to the /oauth2/logout URI of the FusionAuth Front End. This value is only used when a logout URL is not defined in your Application.
    MaximumPasswordAge theogravity.Fusionauth.Inputs.FusionAuthTenantMaximumPasswordAge
    MinimumPasswordAge theogravity.Fusionauth.Inputs.FusionAuthTenantMinimumPasswordAge
    MultiFactorConfiguration theogravity.Fusionauth.Inputs.FusionAuthTenantMultiFactorConfiguration
    Name string
    The unique name of the Tenant.
    OauthConfigurations List<theogravity.Fusionauth.Inputs.FusionAuthTenantOauthConfiguration>
    PasswordEncryptionConfigurations List<theogravity.Fusionauth.Inputs.FusionAuthTenantPasswordEncryptionConfiguration>
    PasswordValidationRules theogravity.Fusionauth.Inputs.FusionAuthTenantPasswordValidationRules
    RateLimitConfiguration theogravity.Fusionauth.Inputs.FusionAuthTenantRateLimitConfiguration
    RegistrationConfiguration theogravity.Fusionauth.Inputs.FusionAuthTenantRegistrationConfiguration
    SourceTenantId string
    The optional Id of an existing Tenant to make a copy of. If present, the tenant.id and tenant.name values of the request body will be applied to the new Tenant, all other values will be copied from the source Tenant to the new Tenant.
    TenantId string
    The Id to use for the new Tenant. If not specified a secure random UUID will be generated.
    UserDeletePolicy theogravity.Fusionauth.Inputs.FusionAuthTenantUserDeletePolicy
    UsernameConfiguration theogravity.Fusionauth.Inputs.FusionAuthTenantUsernameConfiguration
    WebhookIds List<string>
    An array of Webhook Ids. For Webhooks that are not already configured for All Tenants, specifying an Id on this request will indicate the associated Webhook should handle events for this tenant.
    EmailConfiguration FusionAuthTenantEmailConfigurationArgs
    ExternalIdentifierConfiguration FusionAuthTenantExternalIdentifierConfigurationArgs
    Issuer string
    The named issuer used to sign tokens, this is generally your public fully qualified domain.
    JwtConfigurations []FusionAuthTenantJwtConfigurationArgs
    ThemeId string
    The unique Id of the theme to be used to style the login page and other end user templates.
    AccessControlConfiguration FusionAuthTenantAccessControlConfigurationArgs
    CaptchaConfiguration FusionAuthTenantCaptchaConfigurationArgs
    ConnectorPolicies []FusionAuthTenantConnectorPolicyArgs
    A list of Connector policies. Users will be authenticated against Connectors in order. Each Connector can be included in this list at most once and must exist.
    Data map[string]interface{}
    An object that can hold any information about the Tenant that should be persisted.
    EventConfigurations []FusionAuthTenantEventConfigurationArgs
    FailedAuthenticationConfiguration FusionAuthTenantFailedAuthenticationConfigurationArgs
    FamilyConfiguration FusionAuthTenantFamilyConfigurationArgs
    FormConfiguration FusionAuthTenantFormConfigurationArgs
    HttpSessionMaxInactiveInterval int
    Time in seconds until an inactive session will be invalidated. Used when creating a new session in the FusionAuth OAuth frontend.
    LoginConfiguration FusionAuthTenantLoginConfigurationArgs
    LogoutUrl string
    The logout redirect URL when sending the user’s browser to the /oauth2/logout URI of the FusionAuth Front End. This value is only used when a logout URL is not defined in your Application.
    MaximumPasswordAge FusionAuthTenantMaximumPasswordAgeArgs
    MinimumPasswordAge FusionAuthTenantMinimumPasswordAgeArgs
    MultiFactorConfiguration FusionAuthTenantMultiFactorConfigurationArgs
    Name string
    The unique name of the Tenant.
    OauthConfigurations []FusionAuthTenantOauthConfigurationArgs
    PasswordEncryptionConfigurations []FusionAuthTenantPasswordEncryptionConfigurationArgs
    PasswordValidationRules FusionAuthTenantPasswordValidationRulesArgs
    RateLimitConfiguration FusionAuthTenantRateLimitConfigurationArgs
    RegistrationConfiguration FusionAuthTenantRegistrationConfigurationArgs
    SourceTenantId string
    The optional Id of an existing Tenant to make a copy of. If present, the tenant.id and tenant.name values of the request body will be applied to the new Tenant, all other values will be copied from the source Tenant to the new Tenant.
    TenantId string
    The Id to use for the new Tenant. If not specified a secure random UUID will be generated.
    UserDeletePolicy FusionAuthTenantUserDeletePolicyArgs
    UsernameConfiguration FusionAuthTenantUsernameConfigurationArgs
    WebhookIds []string
    An array of Webhook Ids. For Webhooks that are not already configured for All Tenants, specifying an Id on this request will indicate the associated Webhook should handle events for this tenant.
    emailConfiguration FusionAuthTenantEmailConfiguration
    externalIdentifierConfiguration FusionAuthTenantExternalIdentifierConfiguration
    issuer String
    The named issuer used to sign tokens, this is generally your public fully qualified domain.
    jwtConfigurations List<FusionAuthTenantJwtConfiguration>
    themeId String
    The unique Id of the theme to be used to style the login page and other end user templates.
    accessControlConfiguration FusionAuthTenantAccessControlConfiguration
    captchaConfiguration FusionAuthTenantCaptchaConfiguration
    connectorPolicies List<FusionAuthTenantConnectorPolicy>
    A list of Connector policies. Users will be authenticated against Connectors in order. Each Connector can be included in this list at most once and must exist.
    data Map<String,Object>
    An object that can hold any information about the Tenant that should be persisted.
    eventConfigurations List<FusionAuthTenantEventConfiguration>
    failedAuthenticationConfiguration FusionAuthTenantFailedAuthenticationConfiguration
    familyConfiguration FusionAuthTenantFamilyConfiguration
    formConfiguration FusionAuthTenantFormConfiguration
    httpSessionMaxInactiveInterval Integer
    Time in seconds until an inactive session will be invalidated. Used when creating a new session in the FusionAuth OAuth frontend.
    loginConfiguration FusionAuthTenantLoginConfiguration
    logoutUrl String
    The logout redirect URL when sending the user’s browser to the /oauth2/logout URI of the FusionAuth Front End. This value is only used when a logout URL is not defined in your Application.
    maximumPasswordAge FusionAuthTenantMaximumPasswordAge
    minimumPasswordAge FusionAuthTenantMinimumPasswordAge
    multiFactorConfiguration FusionAuthTenantMultiFactorConfiguration
    name String
    The unique name of the Tenant.
    oauthConfigurations List<FusionAuthTenantOauthConfiguration>
    passwordEncryptionConfigurations List<FusionAuthTenantPasswordEncryptionConfiguration>
    passwordValidationRules FusionAuthTenantPasswordValidationRules
    rateLimitConfiguration FusionAuthTenantRateLimitConfiguration
    registrationConfiguration FusionAuthTenantRegistrationConfiguration
    sourceTenantId String
    The optional Id of an existing Tenant to make a copy of. If present, the tenant.id and tenant.name values of the request body will be applied to the new Tenant, all other values will be copied from the source Tenant to the new Tenant.
    tenantId String
    The Id to use for the new Tenant. If not specified a secure random UUID will be generated.
    userDeletePolicy FusionAuthTenantUserDeletePolicy
    usernameConfiguration FusionAuthTenantUsernameConfiguration
    webhookIds List<String>
    An array of Webhook Ids. For Webhooks that are not already configured for All Tenants, specifying an Id on this request will indicate the associated Webhook should handle events for this tenant.
    emailConfiguration FusionAuthTenantEmailConfiguration
    externalIdentifierConfiguration FusionAuthTenantExternalIdentifierConfiguration
    issuer string
    The named issuer used to sign tokens, this is generally your public fully qualified domain.
    jwtConfigurations FusionAuthTenantJwtConfiguration[]
    themeId string
    The unique Id of the theme to be used to style the login page and other end user templates.
    accessControlConfiguration FusionAuthTenantAccessControlConfiguration
    captchaConfiguration FusionAuthTenantCaptchaConfiguration
    connectorPolicies FusionAuthTenantConnectorPolicy[]
    A list of Connector policies. Users will be authenticated against Connectors in order. Each Connector can be included in this list at most once and must exist.
    data {[key: string]: any}
    An object that can hold any information about the Tenant that should be persisted.
    eventConfigurations FusionAuthTenantEventConfiguration[]
    failedAuthenticationConfiguration FusionAuthTenantFailedAuthenticationConfiguration
    familyConfiguration FusionAuthTenantFamilyConfiguration
    formConfiguration FusionAuthTenantFormConfiguration
    httpSessionMaxInactiveInterval number
    Time in seconds until an inactive session will be invalidated. Used when creating a new session in the FusionAuth OAuth frontend.
    loginConfiguration FusionAuthTenantLoginConfiguration
    logoutUrl string
    The logout redirect URL when sending the user’s browser to the /oauth2/logout URI of the FusionAuth Front End. This value is only used when a logout URL is not defined in your Application.
    maximumPasswordAge FusionAuthTenantMaximumPasswordAge
    minimumPasswordAge FusionAuthTenantMinimumPasswordAge
    multiFactorConfiguration FusionAuthTenantMultiFactorConfiguration
    name string
    The unique name of the Tenant.
    oauthConfigurations FusionAuthTenantOauthConfiguration[]
    passwordEncryptionConfigurations FusionAuthTenantPasswordEncryptionConfiguration[]
    passwordValidationRules FusionAuthTenantPasswordValidationRules
    rateLimitConfiguration FusionAuthTenantRateLimitConfiguration
    registrationConfiguration FusionAuthTenantRegistrationConfiguration
    sourceTenantId string
    The optional Id of an existing Tenant to make a copy of. If present, the tenant.id and tenant.name values of the request body will be applied to the new Tenant, all other values will be copied from the source Tenant to the new Tenant.
    tenantId string
    The Id to use for the new Tenant. If not specified a secure random UUID will be generated.
    userDeletePolicy FusionAuthTenantUserDeletePolicy
    usernameConfiguration FusionAuthTenantUsernameConfiguration
    webhookIds string[]
    An array of Webhook Ids. For Webhooks that are not already configured for All Tenants, specifying an Id on this request will indicate the associated Webhook should handle events for this tenant.
    email_configuration FusionAuthTenantEmailConfigurationArgs
    external_identifier_configuration FusionAuthTenantExternalIdentifierConfigurationArgs
    issuer str
    The named issuer used to sign tokens, this is generally your public fully qualified domain.
    jwt_configurations Sequence[FusionAuthTenantJwtConfigurationArgs]
    theme_id str
    The unique Id of the theme to be used to style the login page and other end user templates.
    access_control_configuration FusionAuthTenantAccessControlConfigurationArgs
    captcha_configuration FusionAuthTenantCaptchaConfigurationArgs
    connector_policies Sequence[FusionAuthTenantConnectorPolicyArgs]
    A list of Connector policies. Users will be authenticated against Connectors in order. Each Connector can be included in this list at most once and must exist.
    data Mapping[str, Any]
    An object that can hold any information about the Tenant that should be persisted.
    event_configurations Sequence[FusionAuthTenantEventConfigurationArgs]
    failed_authentication_configuration FusionAuthTenantFailedAuthenticationConfigurationArgs
    family_configuration FusionAuthTenantFamilyConfigurationArgs
    form_configuration FusionAuthTenantFormConfigurationArgs
    http_session_max_inactive_interval int
    Time in seconds until an inactive session will be invalidated. Used when creating a new session in the FusionAuth OAuth frontend.
    login_configuration FusionAuthTenantLoginConfigurationArgs
    logout_url str
    The logout redirect URL when sending the user’s browser to the /oauth2/logout URI of the FusionAuth Front End. This value is only used when a logout URL is not defined in your Application.
    maximum_password_age FusionAuthTenantMaximumPasswordAgeArgs
    minimum_password_age FusionAuthTenantMinimumPasswordAgeArgs
    multi_factor_configuration FusionAuthTenantMultiFactorConfigurationArgs
    name str
    The unique name of the Tenant.
    oauth_configurations Sequence[FusionAuthTenantOauthConfigurationArgs]
    password_encryption_configurations Sequence[FusionAuthTenantPasswordEncryptionConfigurationArgs]
    password_validation_rules FusionAuthTenantPasswordValidationRulesArgs
    rate_limit_configuration FusionAuthTenantRateLimitConfigurationArgs
    registration_configuration FusionAuthTenantRegistrationConfigurationArgs
    source_tenant_id str
    The optional Id of an existing Tenant to make a copy of. If present, the tenant.id and tenant.name values of the request body will be applied to the new Tenant, all other values will be copied from the source Tenant to the new Tenant.
    tenant_id str
    The Id to use for the new Tenant. If not specified a secure random UUID will be generated.
    user_delete_policy FusionAuthTenantUserDeletePolicyArgs
    username_configuration FusionAuthTenantUsernameConfigurationArgs
    webhook_ids Sequence[str]
    An array of Webhook Ids. For Webhooks that are not already configured for All Tenants, specifying an Id on this request will indicate the associated Webhook should handle events for this tenant.
    emailConfiguration Property Map
    externalIdentifierConfiguration Property Map
    issuer String
    The named issuer used to sign tokens, this is generally your public fully qualified domain.
    jwtConfigurations List<Property Map>
    themeId String
    The unique Id of the theme to be used to style the login page and other end user templates.
    accessControlConfiguration Property Map
    captchaConfiguration Property Map
    connectorPolicies List<Property Map>
    A list of Connector policies. Users will be authenticated against Connectors in order. Each Connector can be included in this list at most once and must exist.
    data Map<Any>
    An object that can hold any information about the Tenant that should be persisted.
    eventConfigurations List<Property Map>
    failedAuthenticationConfiguration Property Map
    familyConfiguration Property Map
    formConfiguration Property Map
    httpSessionMaxInactiveInterval Number
    Time in seconds until an inactive session will be invalidated. Used when creating a new session in the FusionAuth OAuth frontend.
    loginConfiguration Property Map
    logoutUrl String
    The logout redirect URL when sending the user’s browser to the /oauth2/logout URI of the FusionAuth Front End. This value is only used when a logout URL is not defined in your Application.
    maximumPasswordAge Property Map
    minimumPasswordAge Property Map
    multiFactorConfiguration Property Map
    name String
    The unique name of the Tenant.
    oauthConfigurations List<Property Map>
    passwordEncryptionConfigurations List<Property Map>
    passwordValidationRules Property Map
    rateLimitConfiguration Property Map
    registrationConfiguration Property Map
    sourceTenantId String
    The optional Id of an existing Tenant to make a copy of. If present, the tenant.id and tenant.name values of the request body will be applied to the new Tenant, all other values will be copied from the source Tenant to the new Tenant.
    tenantId String
    The Id to use for the new Tenant. If not specified a secure random UUID will be generated.
    userDeletePolicy Property Map
    usernameConfiguration Property Map
    webhookIds List<String>
    An array of Webhook Ids. For Webhooks that are not already configured for All Tenants, specifying an Id on this request will indicate the associated Webhook should handle events for this tenant.

    Outputs

    All input properties are implicitly available as output properties. Additionally, the FusionAuthTenant resource produces the following output properties:

    Id string
    The provider-assigned unique ID for this managed resource.
    Id string
    The provider-assigned unique ID for this managed resource.
    id String
    The provider-assigned unique ID for this managed resource.
    id string
    The provider-assigned unique ID for this managed resource.
    id str
    The provider-assigned unique ID for this managed resource.
    id String
    The provider-assigned unique ID for this managed resource.

    Look up Existing FusionAuthTenant Resource

    Get an existing FusionAuthTenant resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: FusionAuthTenantState, opts?: CustomResourceOptions): FusionAuthTenant
    @staticmethod
    def get(resource_name: str,
            id: str,
            opts: Optional[ResourceOptions] = None,
            access_control_configuration: Optional[FusionAuthTenantAccessControlConfigurationArgs] = None,
            captcha_configuration: Optional[FusionAuthTenantCaptchaConfigurationArgs] = None,
            connector_policies: Optional[Sequence[FusionAuthTenantConnectorPolicyArgs]] = None,
            data: Optional[Mapping[str, Any]] = None,
            email_configuration: Optional[FusionAuthTenantEmailConfigurationArgs] = None,
            event_configurations: Optional[Sequence[FusionAuthTenantEventConfigurationArgs]] = None,
            external_identifier_configuration: Optional[FusionAuthTenantExternalIdentifierConfigurationArgs] = None,
            failed_authentication_configuration: Optional[FusionAuthTenantFailedAuthenticationConfigurationArgs] = None,
            family_configuration: Optional[FusionAuthTenantFamilyConfigurationArgs] = None,
            form_configuration: Optional[FusionAuthTenantFormConfigurationArgs] = None,
            http_session_max_inactive_interval: Optional[int] = None,
            issuer: Optional[str] = None,
            jwt_configurations: Optional[Sequence[FusionAuthTenantJwtConfigurationArgs]] = None,
            login_configuration: Optional[FusionAuthTenantLoginConfigurationArgs] = None,
            logout_url: Optional[str] = None,
            maximum_password_age: Optional[FusionAuthTenantMaximumPasswordAgeArgs] = None,
            minimum_password_age: Optional[FusionAuthTenantMinimumPasswordAgeArgs] = None,
            multi_factor_configuration: Optional[FusionAuthTenantMultiFactorConfigurationArgs] = None,
            name: Optional[str] = None,
            oauth_configurations: Optional[Sequence[FusionAuthTenantOauthConfigurationArgs]] = None,
            password_encryption_configurations: Optional[Sequence[FusionAuthTenantPasswordEncryptionConfigurationArgs]] = None,
            password_validation_rules: Optional[FusionAuthTenantPasswordValidationRulesArgs] = None,
            rate_limit_configuration: Optional[FusionAuthTenantRateLimitConfigurationArgs] = None,
            registration_configuration: Optional[FusionAuthTenantRegistrationConfigurationArgs] = None,
            source_tenant_id: Optional[str] = None,
            tenant_id: Optional[str] = None,
            theme_id: Optional[str] = None,
            user_delete_policy: Optional[FusionAuthTenantUserDeletePolicyArgs] = None,
            username_configuration: Optional[FusionAuthTenantUsernameConfigurationArgs] = None,
            webhook_ids: Optional[Sequence[str]] = None) -> FusionAuthTenant
    func GetFusionAuthTenant(ctx *Context, name string, id IDInput, state *FusionAuthTenantState, opts ...ResourceOption) (*FusionAuthTenant, error)
    public static FusionAuthTenant Get(string name, Input<string> id, FusionAuthTenantState? state, CustomResourceOptions? opts = null)
    public static FusionAuthTenant get(String name, Output<String> id, FusionAuthTenantState state, CustomResourceOptions options)
    Resource lookup is not supported in YAML
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    AccessControlConfiguration theogravity.Fusionauth.Inputs.FusionAuthTenantAccessControlConfiguration
    CaptchaConfiguration theogravity.Fusionauth.Inputs.FusionAuthTenantCaptchaConfiguration
    ConnectorPolicies List<theogravity.Fusionauth.Inputs.FusionAuthTenantConnectorPolicy>
    A list of Connector policies. Users will be authenticated against Connectors in order. Each Connector can be included in this list at most once and must exist.
    Data Dictionary<string, object>
    An object that can hold any information about the Tenant that should be persisted.
    EmailConfiguration theogravity.Fusionauth.Inputs.FusionAuthTenantEmailConfiguration
    EventConfigurations List<theogravity.Fusionauth.Inputs.FusionAuthTenantEventConfiguration>
    ExternalIdentifierConfiguration theogravity.Fusionauth.Inputs.FusionAuthTenantExternalIdentifierConfiguration
    FailedAuthenticationConfiguration theogravity.Fusionauth.Inputs.FusionAuthTenantFailedAuthenticationConfiguration
    FamilyConfiguration theogravity.Fusionauth.Inputs.FusionAuthTenantFamilyConfiguration
    FormConfiguration theogravity.Fusionauth.Inputs.FusionAuthTenantFormConfiguration
    HttpSessionMaxInactiveInterval int
    Time in seconds until an inactive session will be invalidated. Used when creating a new session in the FusionAuth OAuth frontend.
    Issuer string
    The named issuer used to sign tokens, this is generally your public fully qualified domain.
    JwtConfigurations List<theogravity.Fusionauth.Inputs.FusionAuthTenantJwtConfiguration>
    LoginConfiguration theogravity.Fusionauth.Inputs.FusionAuthTenantLoginConfiguration
    LogoutUrl string
    The logout redirect URL when sending the user’s browser to the /oauth2/logout URI of the FusionAuth Front End. This value is only used when a logout URL is not defined in your Application.
    MaximumPasswordAge theogravity.Fusionauth.Inputs.FusionAuthTenantMaximumPasswordAge
    MinimumPasswordAge theogravity.Fusionauth.Inputs.FusionAuthTenantMinimumPasswordAge
    MultiFactorConfiguration theogravity.Fusionauth.Inputs.FusionAuthTenantMultiFactorConfiguration
    Name string
    The unique name of the Tenant.
    OauthConfigurations List<theogravity.Fusionauth.Inputs.FusionAuthTenantOauthConfiguration>
    PasswordEncryptionConfigurations List<theogravity.Fusionauth.Inputs.FusionAuthTenantPasswordEncryptionConfiguration>
    PasswordValidationRules theogravity.Fusionauth.Inputs.FusionAuthTenantPasswordValidationRules
    RateLimitConfiguration theogravity.Fusionauth.Inputs.FusionAuthTenantRateLimitConfiguration
    RegistrationConfiguration theogravity.Fusionauth.Inputs.FusionAuthTenantRegistrationConfiguration
    SourceTenantId string
    The optional Id of an existing Tenant to make a copy of. If present, the tenant.id and tenant.name values of the request body will be applied to the new Tenant, all other values will be copied from the source Tenant to the new Tenant.
    TenantId string
    The Id to use for the new Tenant. If not specified a secure random UUID will be generated.
    ThemeId string
    The unique Id of the theme to be used to style the login page and other end user templates.
    UserDeletePolicy theogravity.Fusionauth.Inputs.FusionAuthTenantUserDeletePolicy
    UsernameConfiguration theogravity.Fusionauth.Inputs.FusionAuthTenantUsernameConfiguration
    WebhookIds List<string>
    An array of Webhook Ids. For Webhooks that are not already configured for All Tenants, specifying an Id on this request will indicate the associated Webhook should handle events for this tenant.
    AccessControlConfiguration FusionAuthTenantAccessControlConfigurationArgs
    CaptchaConfiguration FusionAuthTenantCaptchaConfigurationArgs
    ConnectorPolicies []FusionAuthTenantConnectorPolicyArgs
    A list of Connector policies. Users will be authenticated against Connectors in order. Each Connector can be included in this list at most once and must exist.
    Data map[string]interface{}
    An object that can hold any information about the Tenant that should be persisted.
    EmailConfiguration FusionAuthTenantEmailConfigurationArgs
    EventConfigurations []FusionAuthTenantEventConfigurationArgs
    ExternalIdentifierConfiguration FusionAuthTenantExternalIdentifierConfigurationArgs
    FailedAuthenticationConfiguration FusionAuthTenantFailedAuthenticationConfigurationArgs
    FamilyConfiguration FusionAuthTenantFamilyConfigurationArgs
    FormConfiguration FusionAuthTenantFormConfigurationArgs
    HttpSessionMaxInactiveInterval int
    Time in seconds until an inactive session will be invalidated. Used when creating a new session in the FusionAuth OAuth frontend.
    Issuer string
    The named issuer used to sign tokens, this is generally your public fully qualified domain.
    JwtConfigurations []FusionAuthTenantJwtConfigurationArgs
    LoginConfiguration FusionAuthTenantLoginConfigurationArgs
    LogoutUrl string
    The logout redirect URL when sending the user’s browser to the /oauth2/logout URI of the FusionAuth Front End. This value is only used when a logout URL is not defined in your Application.
    MaximumPasswordAge FusionAuthTenantMaximumPasswordAgeArgs
    MinimumPasswordAge FusionAuthTenantMinimumPasswordAgeArgs
    MultiFactorConfiguration FusionAuthTenantMultiFactorConfigurationArgs
    Name string
    The unique name of the Tenant.
    OauthConfigurations []FusionAuthTenantOauthConfigurationArgs
    PasswordEncryptionConfigurations []FusionAuthTenantPasswordEncryptionConfigurationArgs
    PasswordValidationRules FusionAuthTenantPasswordValidationRulesArgs
    RateLimitConfiguration FusionAuthTenantRateLimitConfigurationArgs
    RegistrationConfiguration FusionAuthTenantRegistrationConfigurationArgs
    SourceTenantId string
    The optional Id of an existing Tenant to make a copy of. If present, the tenant.id and tenant.name values of the request body will be applied to the new Tenant, all other values will be copied from the source Tenant to the new Tenant.
    TenantId string
    The Id to use for the new Tenant. If not specified a secure random UUID will be generated.
    ThemeId string
    The unique Id of the theme to be used to style the login page and other end user templates.
    UserDeletePolicy FusionAuthTenantUserDeletePolicyArgs
    UsernameConfiguration FusionAuthTenantUsernameConfigurationArgs
    WebhookIds []string
    An array of Webhook Ids. For Webhooks that are not already configured for All Tenants, specifying an Id on this request will indicate the associated Webhook should handle events for this tenant.
    accessControlConfiguration FusionAuthTenantAccessControlConfiguration
    captchaConfiguration FusionAuthTenantCaptchaConfiguration
    connectorPolicies List<FusionAuthTenantConnectorPolicy>
    A list of Connector policies. Users will be authenticated against Connectors in order. Each Connector can be included in this list at most once and must exist.
    data Map<String,Object>
    An object that can hold any information about the Tenant that should be persisted.
    emailConfiguration FusionAuthTenantEmailConfiguration
    eventConfigurations List<FusionAuthTenantEventConfiguration>
    externalIdentifierConfiguration FusionAuthTenantExternalIdentifierConfiguration
    failedAuthenticationConfiguration FusionAuthTenantFailedAuthenticationConfiguration
    familyConfiguration FusionAuthTenantFamilyConfiguration
    formConfiguration FusionAuthTenantFormConfiguration
    httpSessionMaxInactiveInterval Integer
    Time in seconds until an inactive session will be invalidated. Used when creating a new session in the FusionAuth OAuth frontend.
    issuer String
    The named issuer used to sign tokens, this is generally your public fully qualified domain.
    jwtConfigurations List<FusionAuthTenantJwtConfiguration>
    loginConfiguration FusionAuthTenantLoginConfiguration
    logoutUrl String
    The logout redirect URL when sending the user’s browser to the /oauth2/logout URI of the FusionAuth Front End. This value is only used when a logout URL is not defined in your Application.
    maximumPasswordAge FusionAuthTenantMaximumPasswordAge
    minimumPasswordAge FusionAuthTenantMinimumPasswordAge
    multiFactorConfiguration FusionAuthTenantMultiFactorConfiguration
    name String
    The unique name of the Tenant.
    oauthConfigurations List<FusionAuthTenantOauthConfiguration>
    passwordEncryptionConfigurations List<FusionAuthTenantPasswordEncryptionConfiguration>
    passwordValidationRules FusionAuthTenantPasswordValidationRules
    rateLimitConfiguration FusionAuthTenantRateLimitConfiguration
    registrationConfiguration FusionAuthTenantRegistrationConfiguration
    sourceTenantId String
    The optional Id of an existing Tenant to make a copy of. If present, the tenant.id and tenant.name values of the request body will be applied to the new Tenant, all other values will be copied from the source Tenant to the new Tenant.
    tenantId String
    The Id to use for the new Tenant. If not specified a secure random UUID will be generated.
    themeId String
    The unique Id of the theme to be used to style the login page and other end user templates.
    userDeletePolicy FusionAuthTenantUserDeletePolicy
    usernameConfiguration FusionAuthTenantUsernameConfiguration
    webhookIds List<String>
    An array of Webhook Ids. For Webhooks that are not already configured for All Tenants, specifying an Id on this request will indicate the associated Webhook should handle events for this tenant.
    accessControlConfiguration FusionAuthTenantAccessControlConfiguration
    captchaConfiguration FusionAuthTenantCaptchaConfiguration
    connectorPolicies FusionAuthTenantConnectorPolicy[]
    A list of Connector policies. Users will be authenticated against Connectors in order. Each Connector can be included in this list at most once and must exist.
    data {[key: string]: any}
    An object that can hold any information about the Tenant that should be persisted.
    emailConfiguration FusionAuthTenantEmailConfiguration
    eventConfigurations FusionAuthTenantEventConfiguration[]
    externalIdentifierConfiguration FusionAuthTenantExternalIdentifierConfiguration
    failedAuthenticationConfiguration FusionAuthTenantFailedAuthenticationConfiguration
    familyConfiguration FusionAuthTenantFamilyConfiguration
    formConfiguration FusionAuthTenantFormConfiguration
    httpSessionMaxInactiveInterval number
    Time in seconds until an inactive session will be invalidated. Used when creating a new session in the FusionAuth OAuth frontend.
    issuer string
    The named issuer used to sign tokens, this is generally your public fully qualified domain.
    jwtConfigurations FusionAuthTenantJwtConfiguration[]
    loginConfiguration FusionAuthTenantLoginConfiguration
    logoutUrl string
    The logout redirect URL when sending the user’s browser to the /oauth2/logout URI of the FusionAuth Front End. This value is only used when a logout URL is not defined in your Application.
    maximumPasswordAge FusionAuthTenantMaximumPasswordAge
    minimumPasswordAge FusionAuthTenantMinimumPasswordAge
    multiFactorConfiguration FusionAuthTenantMultiFactorConfiguration
    name string
    The unique name of the Tenant.
    oauthConfigurations FusionAuthTenantOauthConfiguration[]
    passwordEncryptionConfigurations FusionAuthTenantPasswordEncryptionConfiguration[]
    passwordValidationRules FusionAuthTenantPasswordValidationRules
    rateLimitConfiguration FusionAuthTenantRateLimitConfiguration
    registrationConfiguration FusionAuthTenantRegistrationConfiguration
    sourceTenantId string
    The optional Id of an existing Tenant to make a copy of. If present, the tenant.id and tenant.name values of the request body will be applied to the new Tenant, all other values will be copied from the source Tenant to the new Tenant.
    tenantId string
    The Id to use for the new Tenant. If not specified a secure random UUID will be generated.
    themeId string
    The unique Id of the theme to be used to style the login page and other end user templates.
    userDeletePolicy FusionAuthTenantUserDeletePolicy
    usernameConfiguration FusionAuthTenantUsernameConfiguration
    webhookIds string[]
    An array of Webhook Ids. For Webhooks that are not already configured for All Tenants, specifying an Id on this request will indicate the associated Webhook should handle events for this tenant.
    access_control_configuration FusionAuthTenantAccessControlConfigurationArgs
    captcha_configuration FusionAuthTenantCaptchaConfigurationArgs
    connector_policies Sequence[FusionAuthTenantConnectorPolicyArgs]
    A list of Connector policies. Users will be authenticated against Connectors in order. Each Connector can be included in this list at most once and must exist.
    data Mapping[str, Any]
    An object that can hold any information about the Tenant that should be persisted.
    email_configuration FusionAuthTenantEmailConfigurationArgs
    event_configurations Sequence[FusionAuthTenantEventConfigurationArgs]
    external_identifier_configuration FusionAuthTenantExternalIdentifierConfigurationArgs
    failed_authentication_configuration FusionAuthTenantFailedAuthenticationConfigurationArgs
    family_configuration FusionAuthTenantFamilyConfigurationArgs
    form_configuration FusionAuthTenantFormConfigurationArgs
    http_session_max_inactive_interval int
    Time in seconds until an inactive session will be invalidated. Used when creating a new session in the FusionAuth OAuth frontend.
    issuer str
    The named issuer used to sign tokens, this is generally your public fully qualified domain.
    jwt_configurations Sequence[FusionAuthTenantJwtConfigurationArgs]
    login_configuration FusionAuthTenantLoginConfigurationArgs
    logout_url str
    The logout redirect URL when sending the user’s browser to the /oauth2/logout URI of the FusionAuth Front End. This value is only used when a logout URL is not defined in your Application.
    maximum_password_age FusionAuthTenantMaximumPasswordAgeArgs
    minimum_password_age FusionAuthTenantMinimumPasswordAgeArgs
    multi_factor_configuration FusionAuthTenantMultiFactorConfigurationArgs
    name str
    The unique name of the Tenant.
    oauth_configurations Sequence[FusionAuthTenantOauthConfigurationArgs]
    password_encryption_configurations Sequence[FusionAuthTenantPasswordEncryptionConfigurationArgs]
    password_validation_rules FusionAuthTenantPasswordValidationRulesArgs
    rate_limit_configuration FusionAuthTenantRateLimitConfigurationArgs
    registration_configuration FusionAuthTenantRegistrationConfigurationArgs
    source_tenant_id str
    The optional Id of an existing Tenant to make a copy of. If present, the tenant.id and tenant.name values of the request body will be applied to the new Tenant, all other values will be copied from the source Tenant to the new Tenant.
    tenant_id str
    The Id to use for the new Tenant. If not specified a secure random UUID will be generated.
    theme_id str
    The unique Id of the theme to be used to style the login page and other end user templates.
    user_delete_policy FusionAuthTenantUserDeletePolicyArgs
    username_configuration FusionAuthTenantUsernameConfigurationArgs
    webhook_ids Sequence[str]
    An array of Webhook Ids. For Webhooks that are not already configured for All Tenants, specifying an Id on this request will indicate the associated Webhook should handle events for this tenant.
    accessControlConfiguration Property Map
    captchaConfiguration Property Map
    connectorPolicies List<Property Map>
    A list of Connector policies. Users will be authenticated against Connectors in order. Each Connector can be included in this list at most once and must exist.
    data Map<Any>
    An object that can hold any information about the Tenant that should be persisted.
    emailConfiguration Property Map
    eventConfigurations List<Property Map>
    externalIdentifierConfiguration Property Map
    failedAuthenticationConfiguration Property Map
    familyConfiguration Property Map
    formConfiguration Property Map
    httpSessionMaxInactiveInterval Number
    Time in seconds until an inactive session will be invalidated. Used when creating a new session in the FusionAuth OAuth frontend.
    issuer String
    The named issuer used to sign tokens, this is generally your public fully qualified domain.
    jwtConfigurations List<Property Map>
    loginConfiguration Property Map
    logoutUrl String
    The logout redirect URL when sending the user’s browser to the /oauth2/logout URI of the FusionAuth Front End. This value is only used when a logout URL is not defined in your Application.
    maximumPasswordAge Property Map
    minimumPasswordAge Property Map
    multiFactorConfiguration Property Map
    name String
    The unique name of the Tenant.
    oauthConfigurations List<Property Map>
    passwordEncryptionConfigurations List<Property Map>
    passwordValidationRules Property Map
    rateLimitConfiguration Property Map
    registrationConfiguration Property Map
    sourceTenantId String
    The optional Id of an existing Tenant to make a copy of. If present, the tenant.id and tenant.name values of the request body will be applied to the new Tenant, all other values will be copied from the source Tenant to the new Tenant.
    tenantId String
    The Id to use for the new Tenant. If not specified a secure random UUID will be generated.
    themeId String
    The unique Id of the theme to be used to style the login page and other end user templates.
    userDeletePolicy Property Map
    usernameConfiguration Property Map
    webhookIds List<String>
    An array of Webhook Ids. For Webhooks that are not already configured for All Tenants, specifying an Id on this request will indicate the associated Webhook should handle events for this tenant.

    Supporting Types

    FusionAuthTenantAccessControlConfiguration, FusionAuthTenantAccessControlConfigurationArgs

    UiIpAccessControlListId string
    The Id of the IP Access Control List limiting access to all applications in this tenant.
    UiIpAccessControlListId string
    The Id of the IP Access Control List limiting access to all applications in this tenant.
    uiIpAccessControlListId String
    The Id of the IP Access Control List limiting access to all applications in this tenant.
    uiIpAccessControlListId string
    The Id of the IP Access Control List limiting access to all applications in this tenant.
    ui_ip_access_control_list_id str
    The Id of the IP Access Control List limiting access to all applications in this tenant.
    uiIpAccessControlListId String
    The Id of the IP Access Control List limiting access to all applications in this tenant.

    FusionAuthTenantCaptchaConfiguration, FusionAuthTenantCaptchaConfigurationArgs

    CaptchaMethod string
    The type of captcha method to use. This field is required when tenant.captchaConfiguration.enabled is set to true.
    Enabled bool
    Whether captcha configuration is enabled.
    SecretKey string
    The secret key for this captcha method. This field is required when tenant.captchaConfiguration.enabled is set to true.
    SiteKey string
    The site key for this captcha method. This field is required when tenant.captchaConfiguration.enabled is set to true.
    Threshold double
    The numeric threshold which separates a passing score from a failing one. This value only applies if using either the Google v3 or HCaptcha Enterprise method, otherwise this value is ignored.
    CaptchaMethod string
    The type of captcha method to use. This field is required when tenant.captchaConfiguration.enabled is set to true.
    Enabled bool
    Whether captcha configuration is enabled.
    SecretKey string
    The secret key for this captcha method. This field is required when tenant.captchaConfiguration.enabled is set to true.
    SiteKey string
    The site key for this captcha method. This field is required when tenant.captchaConfiguration.enabled is set to true.
    Threshold float64
    The numeric threshold which separates a passing score from a failing one. This value only applies if using either the Google v3 or HCaptcha Enterprise method, otherwise this value is ignored.
    captchaMethod String
    The type of captcha method to use. This field is required when tenant.captchaConfiguration.enabled is set to true.
    enabled Boolean
    Whether captcha configuration is enabled.
    secretKey String
    The secret key for this captcha method. This field is required when tenant.captchaConfiguration.enabled is set to true.
    siteKey String
    The site key for this captcha method. This field is required when tenant.captchaConfiguration.enabled is set to true.
    threshold Double
    The numeric threshold which separates a passing score from a failing one. This value only applies if using either the Google v3 or HCaptcha Enterprise method, otherwise this value is ignored.
    captchaMethod string
    The type of captcha method to use. This field is required when tenant.captchaConfiguration.enabled is set to true.
    enabled boolean
    Whether captcha configuration is enabled.
    secretKey string
    The secret key for this captcha method. This field is required when tenant.captchaConfiguration.enabled is set to true.
    siteKey string
    The site key for this captcha method. This field is required when tenant.captchaConfiguration.enabled is set to true.
    threshold number
    The numeric threshold which separates a passing score from a failing one. This value only applies if using either the Google v3 or HCaptcha Enterprise method, otherwise this value is ignored.
    captcha_method str
    The type of captcha method to use. This field is required when tenant.captchaConfiguration.enabled is set to true.
    enabled bool
    Whether captcha configuration is enabled.
    secret_key str
    The secret key for this captcha method. This field is required when tenant.captchaConfiguration.enabled is set to true.
    site_key str
    The site key for this captcha method. This field is required when tenant.captchaConfiguration.enabled is set to true.
    threshold float
    The numeric threshold which separates a passing score from a failing one. This value only applies if using either the Google v3 or HCaptcha Enterprise method, otherwise this value is ignored.
    captchaMethod String
    The type of captcha method to use. This field is required when tenant.captchaConfiguration.enabled is set to true.
    enabled Boolean
    Whether captcha configuration is enabled.
    secretKey String
    The secret key for this captcha method. This field is required when tenant.captchaConfiguration.enabled is set to true.
    siteKey String
    The site key for this captcha method. This field is required when tenant.captchaConfiguration.enabled is set to true.
    threshold Number
    The numeric threshold which separates a passing score from a failing one. This value only applies if using either the Google v3 or HCaptcha Enterprise method, otherwise this value is ignored.

    FusionAuthTenantConnectorPolicy, FusionAuthTenantConnectorPolicyArgs

    ConnectorId string
    The identifier of the Connector to which this policy refers.
    Domains List<string>
    A list of email domains to which this connector should apply. A value of ["*"] indicates this connector applies to all users.
    Migrate bool
    If true, the user’s data will be migrated to FusionAuth at first successful authentication; subsequent authentications will occur against the FusionAuth datastore. If false, the Connector’s source will be treated as authoritative.
    ConnectorId string
    The identifier of the Connector to which this policy refers.
    Domains []string
    A list of email domains to which this connector should apply. A value of ["*"] indicates this connector applies to all users.
    Migrate bool
    If true, the user’s data will be migrated to FusionAuth at first successful authentication; subsequent authentications will occur against the FusionAuth datastore. If false, the Connector’s source will be treated as authoritative.
    connectorId String
    The identifier of the Connector to which this policy refers.
    domains List<String>
    A list of email domains to which this connector should apply. A value of ["*"] indicates this connector applies to all users.
    migrate Boolean
    If true, the user’s data will be migrated to FusionAuth at first successful authentication; subsequent authentications will occur against the FusionAuth datastore. If false, the Connector’s source will be treated as authoritative.
    connectorId string
    The identifier of the Connector to which this policy refers.
    domains string[]
    A list of email domains to which this connector should apply. A value of ["*"] indicates this connector applies to all users.
    migrate boolean
    If true, the user’s data will be migrated to FusionAuth at first successful authentication; subsequent authentications will occur against the FusionAuth datastore. If false, the Connector’s source will be treated as authoritative.
    connector_id str
    The identifier of the Connector to which this policy refers.
    domains Sequence[str]
    A list of email domains to which this connector should apply. A value of ["*"] indicates this connector applies to all users.
    migrate bool
    If true, the user’s data will be migrated to FusionAuth at first successful authentication; subsequent authentications will occur against the FusionAuth datastore. If false, the Connector’s source will be treated as authoritative.
    connectorId String
    The identifier of the Connector to which this policy refers.
    domains List<String>
    A list of email domains to which this connector should apply. A value of ["*"] indicates this connector applies to all users.
    migrate Boolean
    If true, the user’s data will be migrated to FusionAuth at first successful authentication; subsequent authentications will occur against the FusionAuth datastore. If false, the Connector’s source will be treated as authoritative.

    FusionAuthTenantEmailConfiguration, FusionAuthTenantEmailConfigurationArgs

    Host string
    The host name of the SMTP server that FusionAuth will use.
    Port int
    The port of the SMTP server that FusionAuth will use.
    AdditionalHeaders Dictionary<string, object>
    The additional SMTP headers to be added to each outgoing email. Each SMTP header consists of a name and a value.
    DefaultFromEmail string
    The default email address that emails will be sent from when a from address is not provided on an individual email template. This is the address part email address (i.e. Jared Dunn jared@piedpiper.com).
    DefaultFromName string
    The default From Name used in sending emails when a from name is not provided on an individual email template. This is the display name part of the email address ( i.e. Jared Dunn jared@piedpiper.com).
    EmailUpdateEmailTemplateId string
    The Id of the Email Template that is used when a user is sent a forgot password email.
    EmailVerifiedEmailTemplateId string
    The Id of the Email Template used to verify user emails.
    ForgotPasswordEmailTemplateId string
    The Id of the Email Template that is used when a user is sent a forgot password email.
    ImplicitEmailVerificationAllowed bool
    When set to true, this allows email to be verified as a result of completing a similar email based workflow such as change password. When seto false, the user must explicitly complete the email verification workflow even if the user has already completed a similar email workflow such as change password.
    LoginIdInUseOnCreateEmailTemplateId string
    The Id of the Email Template used to send emails to users when another user attempts to create an account with their login Id.
    LoginIdInUseOnUpdateEmailTemplateId string
    The Id of the Email Template used to send emails to users when another user attempts to create an account with their login Id.
    LoginNewDeviceEmailTemplateId string
    The Id of the Email Template used to send emails to users when they log in on a new device.
    LoginSuspiciousEmailTemplateId string
    The Id of the Email Template used to send emails to users when a suspicious login occurs.
    Password string
    An optional password FusionAuth will use to authenticate with the SMTP server.
    PasswordResetSuccessEmailTemplateId string
    The Id of the Email Template used to send emails to users when they have completed a 'forgot password' workflow and their password habeen reset.
    PasswordUpdateEmailTemplateId string
    The Id of the Email Template used to send emails to users when they have completed a 'forgot password' workflow and their password has been rese
    PasswordlessEmailTemplateId string
    The Id of the Passwordless Email Template.
    Properties string
    Additional Email Configuration in a properties file formatted String.
    Security string
    The type of security protocol FusionAuth will use when connecting to the SMTP server.
    SetPasswordEmailTemplateId string
    The Id of the Email Template that is used when a user had their account created for them and they must set their password manually and they are sent an email to set their password.
    TwoFactorMethodAddEmailTemplateId string
    The Id of the Email Template used to send emails to users when a MFA method has been added to their account.
    TwoFactorMethodRemoveEmailTemplateId string
    The Id of the Email Template used to send emails to users when a MFA method has been removed from their account.
    Unverified theogravity.Fusionauth.Inputs.FusionAuthTenantEmailConfigurationUnverified
    Username string
    An optional username FusionAuth will to authenticate with the SMTP server.
    VerificationEmailTemplateId string
    The Id of the Email Template that is used to send the verification emails to users. These emails are used to verify that a user’s email address ivalid. If either the verifyEmail or verifyEmailWhenChanged fields are true this field is required.
    VerificationStrategy string
    The process by which the user will verify their email address. Possible values are ClickableLink or FormField.
    VerifyEmail bool
    Whether the user’s email addresses are verified when the registers with your application.
    VerifyEmailWhenChanged bool
    Whether the user’s email addresses are verified when the user changes them.
    Host string
    The host name of the SMTP server that FusionAuth will use.
    Port int
    The port of the SMTP server that FusionAuth will use.
    AdditionalHeaders map[string]interface{}
    The additional SMTP headers to be added to each outgoing email. Each SMTP header consists of a name and a value.
    DefaultFromEmail string
    The default email address that emails will be sent from when a from address is not provided on an individual email template. This is the address part email address (i.e. Jared Dunn jared@piedpiper.com).
    DefaultFromName string
    The default From Name used in sending emails when a from name is not provided on an individual email template. This is the display name part of the email address ( i.e. Jared Dunn jared@piedpiper.com).
    EmailUpdateEmailTemplateId string
    The Id of the Email Template that is used when a user is sent a forgot password email.
    EmailVerifiedEmailTemplateId string
    The Id of the Email Template used to verify user emails.
    ForgotPasswordEmailTemplateId string
    The Id of the Email Template that is used when a user is sent a forgot password email.
    ImplicitEmailVerificationAllowed bool
    When set to true, this allows email to be verified as a result of completing a similar email based workflow such as change password. When seto false, the user must explicitly complete the email verification workflow even if the user has already completed a similar email workflow such as change password.
    LoginIdInUseOnCreateEmailTemplateId string
    The Id of the Email Template used to send emails to users when another user attempts to create an account with their login Id.
    LoginIdInUseOnUpdateEmailTemplateId string
    The Id of the Email Template used to send emails to users when another user attempts to create an account with their login Id.
    LoginNewDeviceEmailTemplateId string
    The Id of the Email Template used to send emails to users when they log in on a new device.
    LoginSuspiciousEmailTemplateId string
    The Id of the Email Template used to send emails to users when a suspicious login occurs.
    Password string
    An optional password FusionAuth will use to authenticate with the SMTP server.
    PasswordResetSuccessEmailTemplateId string
    The Id of the Email Template used to send emails to users when they have completed a 'forgot password' workflow and their password habeen reset.
    PasswordUpdateEmailTemplateId string
    The Id of the Email Template used to send emails to users when they have completed a 'forgot password' workflow and their password has been rese
    PasswordlessEmailTemplateId string
    The Id of the Passwordless Email Template.
    Properties string
    Additional Email Configuration in a properties file formatted String.
    Security string
    The type of security protocol FusionAuth will use when connecting to the SMTP server.
    SetPasswordEmailTemplateId string
    The Id of the Email Template that is used when a user had their account created for them and they must set their password manually and they are sent an email to set their password.
    TwoFactorMethodAddEmailTemplateId string
    The Id of the Email Template used to send emails to users when a MFA method has been added to their account.
    TwoFactorMethodRemoveEmailTemplateId string
    The Id of the Email Template used to send emails to users when a MFA method has been removed from their account.
    Unverified FusionAuthTenantEmailConfigurationUnverified
    Username string
    An optional username FusionAuth will to authenticate with the SMTP server.
    VerificationEmailTemplateId string
    The Id of the Email Template that is used to send the verification emails to users. These emails are used to verify that a user’s email address ivalid. If either the verifyEmail or verifyEmailWhenChanged fields are true this field is required.
    VerificationStrategy string
    The process by which the user will verify their email address. Possible values are ClickableLink or FormField.
    VerifyEmail bool
    Whether the user’s email addresses are verified when the registers with your application.
    VerifyEmailWhenChanged bool
    Whether the user’s email addresses are verified when the user changes them.
    host String
    The host name of the SMTP server that FusionAuth will use.
    port Integer
    The port of the SMTP server that FusionAuth will use.
    additionalHeaders Map<String,Object>
    The additional SMTP headers to be added to each outgoing email. Each SMTP header consists of a name and a value.
    defaultFromEmail String
    The default email address that emails will be sent from when a from address is not provided on an individual email template. This is the address part email address (i.e. Jared Dunn jared@piedpiper.com).
    defaultFromName String
    The default From Name used in sending emails when a from name is not provided on an individual email template. This is the display name part of the email address ( i.e. Jared Dunn jared@piedpiper.com).
    emailUpdateEmailTemplateId String
    The Id of the Email Template that is used when a user is sent a forgot password email.
    emailVerifiedEmailTemplateId String
    The Id of the Email Template used to verify user emails.
    forgotPasswordEmailTemplateId String
    The Id of the Email Template that is used when a user is sent a forgot password email.
    implicitEmailVerificationAllowed Boolean
    When set to true, this allows email to be verified as a result of completing a similar email based workflow such as change password. When seto false, the user must explicitly complete the email verification workflow even if the user has already completed a similar email workflow such as change password.
    loginIdInUseOnCreateEmailTemplateId String
    The Id of the Email Template used to send emails to users when another user attempts to create an account with their login Id.
    loginIdInUseOnUpdateEmailTemplateId String
    The Id of the Email Template used to send emails to users when another user attempts to create an account with their login Id.
    loginNewDeviceEmailTemplateId String
    The Id of the Email Template used to send emails to users when they log in on a new device.
    loginSuspiciousEmailTemplateId String
    The Id of the Email Template used to send emails to users when a suspicious login occurs.
    password String
    An optional password FusionAuth will use to authenticate with the SMTP server.
    passwordResetSuccessEmailTemplateId String
    The Id of the Email Template used to send emails to users when they have completed a 'forgot password' workflow and their password habeen reset.
    passwordUpdateEmailTemplateId String
    The Id of the Email Template used to send emails to users when they have completed a 'forgot password' workflow and their password has been rese
    passwordlessEmailTemplateId String
    The Id of the Passwordless Email Template.
    properties String
    Additional Email Configuration in a properties file formatted String.
    security String
    The type of security protocol FusionAuth will use when connecting to the SMTP server.
    setPasswordEmailTemplateId String
    The Id of the Email Template that is used when a user had their account created for them and they must set their password manually and they are sent an email to set their password.
    twoFactorMethodAddEmailTemplateId String
    The Id of the Email Template used to send emails to users when a MFA method has been added to their account.
    twoFactorMethodRemoveEmailTemplateId String
    The Id of the Email Template used to send emails to users when a MFA method has been removed from their account.
    unverified FusionAuthTenantEmailConfigurationUnverified
    username String
    An optional username FusionAuth will to authenticate with the SMTP server.
    verificationEmailTemplateId String
    The Id of the Email Template that is used to send the verification emails to users. These emails are used to verify that a user’s email address ivalid. If either the verifyEmail or verifyEmailWhenChanged fields are true this field is required.
    verificationStrategy String
    The process by which the user will verify their email address. Possible values are ClickableLink or FormField.
    verifyEmail Boolean
    Whether the user’s email addresses are verified when the registers with your application.
    verifyEmailWhenChanged Boolean
    Whether the user’s email addresses are verified when the user changes them.
    host string
    The host name of the SMTP server that FusionAuth will use.
    port number
    The port of the SMTP server that FusionAuth will use.
    additionalHeaders {[key: string]: any}
    The additional SMTP headers to be added to each outgoing email. Each SMTP header consists of a name and a value.
    defaultFromEmail string
    The default email address that emails will be sent from when a from address is not provided on an individual email template. This is the address part email address (i.e. Jared Dunn jared@piedpiper.com).
    defaultFromName string
    The default From Name used in sending emails when a from name is not provided on an individual email template. This is the display name part of the email address ( i.e. Jared Dunn jared@piedpiper.com).
    emailUpdateEmailTemplateId string
    The Id of the Email Template that is used when a user is sent a forgot password email.
    emailVerifiedEmailTemplateId string
    The Id of the Email Template used to verify user emails.
    forgotPasswordEmailTemplateId string
    The Id of the Email Template that is used when a user is sent a forgot password email.
    implicitEmailVerificationAllowed boolean
    When set to true, this allows email to be verified as a result of completing a similar email based workflow such as change password. When seto false, the user must explicitly complete the email verification workflow even if the user has already completed a similar email workflow such as change password.
    loginIdInUseOnCreateEmailTemplateId string
    The Id of the Email Template used to send emails to users when another user attempts to create an account with their login Id.
    loginIdInUseOnUpdateEmailTemplateId string
    The Id of the Email Template used to send emails to users when another user attempts to create an account with their login Id.
    loginNewDeviceEmailTemplateId string
    The Id of the Email Template used to send emails to users when they log in on a new device.
    loginSuspiciousEmailTemplateId string
    The Id of the Email Template used to send emails to users when a suspicious login occurs.
    password string
    An optional password FusionAuth will use to authenticate with the SMTP server.
    passwordResetSuccessEmailTemplateId string
    The Id of the Email Template used to send emails to users when they have completed a 'forgot password' workflow and their password habeen reset.
    passwordUpdateEmailTemplateId string
    The Id of the Email Template used to send emails to users when they have completed a 'forgot password' workflow and their password has been rese
    passwordlessEmailTemplateId string
    The Id of the Passwordless Email Template.
    properties string
    Additional Email Configuration in a properties file formatted String.
    security string
    The type of security protocol FusionAuth will use when connecting to the SMTP server.
    setPasswordEmailTemplateId string
    The Id of the Email Template that is used when a user had their account created for them and they must set their password manually and they are sent an email to set their password.
    twoFactorMethodAddEmailTemplateId string
    The Id of the Email Template used to send emails to users when a MFA method has been added to their account.
    twoFactorMethodRemoveEmailTemplateId string
    The Id of the Email Template used to send emails to users when a MFA method has been removed from their account.
    unverified FusionAuthTenantEmailConfigurationUnverified
    username string
    An optional username FusionAuth will to authenticate with the SMTP server.
    verificationEmailTemplateId string
    The Id of the Email Template that is used to send the verification emails to users. These emails are used to verify that a user’s email address ivalid. If either the verifyEmail or verifyEmailWhenChanged fields are true this field is required.
    verificationStrategy string
    The process by which the user will verify their email address. Possible values are ClickableLink or FormField.
    verifyEmail boolean
    Whether the user’s email addresses are verified when the registers with your application.
    verifyEmailWhenChanged boolean
    Whether the user’s email addresses are verified when the user changes them.
    host str
    The host name of the SMTP server that FusionAuth will use.
    port int
    The port of the SMTP server that FusionAuth will use.
    additional_headers Mapping[str, Any]
    The additional SMTP headers to be added to each outgoing email. Each SMTP header consists of a name and a value.
    default_from_email str
    The default email address that emails will be sent from when a from address is not provided on an individual email template. This is the address part email address (i.e. Jared Dunn jared@piedpiper.com).
    default_from_name str
    The default From Name used in sending emails when a from name is not provided on an individual email template. This is the display name part of the email address ( i.e. Jared Dunn jared@piedpiper.com).
    email_update_email_template_id str
    The Id of the Email Template that is used when a user is sent a forgot password email.
    email_verified_email_template_id str
    The Id of the Email Template used to verify user emails.
    forgot_password_email_template_id str
    The Id of the Email Template that is used when a user is sent a forgot password email.
    implicit_email_verification_allowed bool
    When set to true, this allows email to be verified as a result of completing a similar email based workflow such as change password. When seto false, the user must explicitly complete the email verification workflow even if the user has already completed a similar email workflow such as change password.
    login_id_in_use_on_create_email_template_id str
    The Id of the Email Template used to send emails to users when another user attempts to create an account with their login Id.
    login_id_in_use_on_update_email_template_id str
    The Id of the Email Template used to send emails to users when another user attempts to create an account with their login Id.
    login_new_device_email_template_id str
    The Id of the Email Template used to send emails to users when they log in on a new device.
    login_suspicious_email_template_id str
    The Id of the Email Template used to send emails to users when a suspicious login occurs.
    password str
    An optional password FusionAuth will use to authenticate with the SMTP server.
    password_reset_success_email_template_id str
    The Id of the Email Template used to send emails to users when they have completed a 'forgot password' workflow and their password habeen reset.
    password_update_email_template_id str
    The Id of the Email Template used to send emails to users when they have completed a 'forgot password' workflow and their password has been rese
    passwordless_email_template_id str
    The Id of the Passwordless Email Template.
    properties str
    Additional Email Configuration in a properties file formatted String.
    security str
    The type of security protocol FusionAuth will use when connecting to the SMTP server.
    set_password_email_template_id str
    The Id of the Email Template that is used when a user had their account created for them and they must set their password manually and they are sent an email to set their password.
    two_factor_method_add_email_template_id str
    The Id of the Email Template used to send emails to users when a MFA method has been added to their account.
    two_factor_method_remove_email_template_id str
    The Id of the Email Template used to send emails to users when a MFA method has been removed from their account.
    unverified FusionAuthTenantEmailConfigurationUnverified
    username str
    An optional username FusionAuth will to authenticate with the SMTP server.
    verification_email_template_id str
    The Id of the Email Template that is used to send the verification emails to users. These emails are used to verify that a user’s email address ivalid. If either the verifyEmail or verifyEmailWhenChanged fields are true this field is required.
    verification_strategy str
    The process by which the user will verify their email address. Possible values are ClickableLink or FormField.
    verify_email bool
    Whether the user’s email addresses are verified when the registers with your application.
    verify_email_when_changed bool
    Whether the user’s email addresses are verified when the user changes them.
    host String
    The host name of the SMTP server that FusionAuth will use.
    port Number
    The port of the SMTP server that FusionAuth will use.
    additionalHeaders Map<Any>
    The additional SMTP headers to be added to each outgoing email. Each SMTP header consists of a name and a value.
    defaultFromEmail String
    The default email address that emails will be sent from when a from address is not provided on an individual email template. This is the address part email address (i.e. Jared Dunn jared@piedpiper.com).
    defaultFromName String
    The default From Name used in sending emails when a from name is not provided on an individual email template. This is the display name part of the email address ( i.e. Jared Dunn jared@piedpiper.com).
    emailUpdateEmailTemplateId String
    The Id of the Email Template that is used when a user is sent a forgot password email.
    emailVerifiedEmailTemplateId String
    The Id of the Email Template used to verify user emails.
    forgotPasswordEmailTemplateId String
    The Id of the Email Template that is used when a user is sent a forgot password email.
    implicitEmailVerificationAllowed Boolean
    When set to true, this allows email to be verified as a result of completing a similar email based workflow such as change password. When seto false, the user must explicitly complete the email verification workflow even if the user has already completed a similar email workflow such as change password.
    loginIdInUseOnCreateEmailTemplateId String
    The Id of the Email Template used to send emails to users when another user attempts to create an account with their login Id.
    loginIdInUseOnUpdateEmailTemplateId String
    The Id of the Email Template used to send emails to users when another user attempts to create an account with their login Id.
    loginNewDeviceEmailTemplateId String
    The Id of the Email Template used to send emails to users when they log in on a new device.
    loginSuspiciousEmailTemplateId String
    The Id of the Email Template used to send emails to users when a suspicious login occurs.
    password String
    An optional password FusionAuth will use to authenticate with the SMTP server.
    passwordResetSuccessEmailTemplateId String
    The Id of the Email Template used to send emails to users when they have completed a 'forgot password' workflow and their password habeen reset.
    passwordUpdateEmailTemplateId String
    The Id of the Email Template used to send emails to users when they have completed a 'forgot password' workflow and their password has been rese
    passwordlessEmailTemplateId String
    The Id of the Passwordless Email Template.
    properties String
    Additional Email Configuration in a properties file formatted String.
    security String
    The type of security protocol FusionAuth will use when connecting to the SMTP server.
    setPasswordEmailTemplateId String
    The Id of the Email Template that is used when a user had their account created for them and they must set their password manually and they are sent an email to set their password.
    twoFactorMethodAddEmailTemplateId String
    The Id of the Email Template used to send emails to users when a MFA method has been added to their account.
    twoFactorMethodRemoveEmailTemplateId String
    The Id of the Email Template used to send emails to users when a MFA method has been removed from their account.
    unverified Property Map
    username String
    An optional username FusionAuth will to authenticate with the SMTP server.
    verificationEmailTemplateId String
    The Id of the Email Template that is used to send the verification emails to users. These emails are used to verify that a user’s email address ivalid. If either the verifyEmail or verifyEmailWhenChanged fields are true this field is required.
    verificationStrategy String
    The process by which the user will verify their email address. Possible values are ClickableLink or FormField.
    verifyEmail Boolean
    Whether the user’s email addresses are verified when the registers with your application.
    verifyEmailWhenChanged Boolean
    Whether the user’s email addresses are verified when the user changes them.

    FusionAuthTenantEmailConfigurationUnverified, FusionAuthTenantEmailConfigurationUnverifiedArgs

    AllowEmailChangeWhenGated bool
    When this value is set to true, the user is allowed to change their email address when they are gated because they haven’t verified their email address.
    Behavior string
    = (Optional) The behavior when detecting breaches at time of user login
    AllowEmailChangeWhenGated bool
    When this value is set to true, the user is allowed to change their email address when they are gated because they haven’t verified their email address.
    Behavior string
    = (Optional) The behavior when detecting breaches at time of user login
    allowEmailChangeWhenGated Boolean
    When this value is set to true, the user is allowed to change their email address when they are gated because they haven’t verified their email address.
    behavior String
    = (Optional) The behavior when detecting breaches at time of user login
    allowEmailChangeWhenGated boolean
    When this value is set to true, the user is allowed to change their email address when they are gated because they haven’t verified their email address.
    behavior string
    = (Optional) The behavior when detecting breaches at time of user login
    allow_email_change_when_gated bool
    When this value is set to true, the user is allowed to change their email address when they are gated because they haven’t verified their email address.
    behavior str
    = (Optional) The behavior when detecting breaches at time of user login
    allowEmailChangeWhenGated Boolean
    When this value is set to true, the user is allowed to change their email address when they are gated because they haven’t verified their email address.
    behavior String
    = (Optional) The behavior when detecting breaches at time of user login

    FusionAuthTenantEventConfiguration, FusionAuthTenantEventConfigurationArgs

    Enabled bool
    Whether or not FusionAuth should send these types of events to any configured Webhooks.
    Event string
    The event type
    TransactionType string
    The transaction type that FusionAuth uses when sending these types of events to any configured Webhooks.
    Enabled bool
    Whether or not FusionAuth should send these types of events to any configured Webhooks.
    Event string
    The event type
    TransactionType string
    The transaction type that FusionAuth uses when sending these types of events to any configured Webhooks.
    enabled Boolean
    Whether or not FusionAuth should send these types of events to any configured Webhooks.
    event String
    The event type
    transactionType String
    The transaction type that FusionAuth uses when sending these types of events to any configured Webhooks.
    enabled boolean
    Whether or not FusionAuth should send these types of events to any configured Webhooks.
    event string
    The event type
    transactionType string
    The transaction type that FusionAuth uses when sending these types of events to any configured Webhooks.
    enabled bool
    Whether or not FusionAuth should send these types of events to any configured Webhooks.
    event str
    The event type
    transaction_type str
    The transaction type that FusionAuth uses when sending these types of events to any configured Webhooks.
    enabled Boolean
    Whether or not FusionAuth should send these types of events to any configured Webhooks.
    event String
    The event type
    transactionType String
    The transaction type that FusionAuth uses when sending these types of events to any configured Webhooks.

    FusionAuthTenantExternalIdentifierConfiguration, FusionAuthTenantExternalIdentifierConfigurationArgs

    AuthorizationGrantIdTimeToLiveInSeconds int
    The time in seconds until a OAuth authorization code in no longer valid to be exchanged for an access token. This is essentially the time allowed between the start of an Authorization request during the Authorization code grant and when you request an access token using this authorization code on the Token endpoint.
    ChangePasswordIdGenerator theogravity.Fusionauth.Inputs.FusionAuthTenantExternalIdentifierConfigurationChangePasswordIdGenerator
    ChangePasswordIdTimeToLiveInSeconds int
    The time in seconds until a change password Id is no longer valid and cannot be used by the Change Password API. Value must be greater than 0.
    DeviceCodeTimeToLiveInSeconds int
    The time in seconds until a device code Id is no longer valid and cannot be used by the Token API. Value must be greater than 0.
    DeviceUserCodeIdGenerator theogravity.Fusionauth.Inputs.FusionAuthTenantExternalIdentifierConfigurationDeviceUserCodeIdGenerator
    EmailVerificationIdGenerator theogravity.Fusionauth.Inputs.FusionAuthTenantExternalIdentifierConfigurationEmailVerificationIdGenerator
    EmailVerificationIdTimeToLiveInSeconds int
    The time in seconds until a email verification Id is no longer valid and cannot be used by the Verify Email API. Value must be greater than 0.
    EmailVerificationOneTimeCodeGenerator theogravity.Fusionauth.Inputs.FusionAuthTenantExternalIdentifierConfigurationEmailVerificationOneTimeCodeGenerator
    ExternalAuthenticationIdTimeToLiveInSeconds int
    The time in seconds until an external authentication Id is no longer valid and cannot be used by the Token API. Value must be greater than 0.
    LoginIntentTimeToLiveInSeconds int
    The number of seconds before the Login Timeout identifier is no longer valid to complete post-authentication steps in the OAuth workflow. Must be greater than 0.
    OneTimePasswordTimeToLiveInSeconds int
    The time in seconds until a One Time Password is no longer valid and cannot be used by the Login API. Value must be greater than 0.
    PasswordlessLoginGenerator theogravity.Fusionauth.Inputs.FusionAuthTenantExternalIdentifierConfigurationPasswordlessLoginGenerator
    PasswordlessLoginTimeToLiveInSeconds int
    The time in seconds until a passwordless code is no longer valid and cannot be used by the Passwordless API. Value must be greater than 0.
    RegistrationVerificationIdGenerator theogravity.Fusionauth.Inputs.FusionAuthTenantExternalIdentifierConfigurationRegistrationVerificationIdGenerator
    RegistrationVerificationIdTimeToLiveInSeconds int
    The time in seconds until a registration verification Id is no longer valid and cannot be used by the Verify Registration API. Value must be greater than 0.
    RegistrationVerificationOneTimeCodeGenerator theogravity.Fusionauth.Inputs.FusionAuthTenantExternalIdentifierConfigurationRegistrationVerificationOneTimeCodeGenerator
    SetupPasswordIdGenerator theogravity.Fusionauth.Inputs.FusionAuthTenantExternalIdentifierConfigurationSetupPasswordIdGenerator
    SetupPasswordIdTimeToLiveInSeconds int
    The time in seconds until a setup password Id is no longer valid and cannot be used by the Change Password API. Value must be greater than 0.
    TwoFactorIdTimeToLiveInSeconds int
    The time in seconds until a two factor Id is no longer valid and cannot be used by the Two Factor Login API. Value must be greater than 0.
    TwoFactorOneTimeCodeIdGenerator theogravity.Fusionauth.Inputs.FusionAuthTenantExternalIdentifierConfigurationTwoFactorOneTimeCodeIdGenerator
    TwoFactorTrustIdTimeToLiveInSeconds int
    The time in seconds until an issued Two Factor trust Id is no longer valid and the User will be required to complete Two Factor authentication during the next authentication attempt. Value must be greater than 0.
    PendingAccountLinkTimeToLiveInSeconds int
    The number of seconds before the pending account link identifier is no longer valid to complete an account link request. Value must be greater than 0.
    SamlV2AuthnRequestIdTtlSeconds int
    The time in seconds that a SAML AuthN request will be eligible for use to authenticate with FusionAuth.
    TrustTokenTimeToLiveInSeconds int
    The number of seconds before the Trust Token is no longer valid to complete a request that requires trust. Value must be greater than 0.
    TwoFactorOneTimeCodeIdTimeToLiveInSeconds int
    The number of seconds before the Two-Factor One Time Code used to enable or disable a two-factor method is no longer valid. Must be greater than 0.
    AuthorizationGrantIdTimeToLiveInSeconds int
    The time in seconds until a OAuth authorization code in no longer valid to be exchanged for an access token. This is essentially the time allowed between the start of an Authorization request during the Authorization code grant and when you request an access token using this authorization code on the Token endpoint.
    ChangePasswordIdGenerator FusionAuthTenantExternalIdentifierConfigurationChangePasswordIdGenerator
    ChangePasswordIdTimeToLiveInSeconds int
    The time in seconds until a change password Id is no longer valid and cannot be used by the Change Password API. Value must be greater than 0.
    DeviceCodeTimeToLiveInSeconds int
    The time in seconds until a device code Id is no longer valid and cannot be used by the Token API. Value must be greater than 0.
    DeviceUserCodeIdGenerator FusionAuthTenantExternalIdentifierConfigurationDeviceUserCodeIdGenerator
    EmailVerificationIdGenerator FusionAuthTenantExternalIdentifierConfigurationEmailVerificationIdGenerator
    EmailVerificationIdTimeToLiveInSeconds int
    The time in seconds until a email verification Id is no longer valid and cannot be used by the Verify Email API. Value must be greater than 0.
    EmailVerificationOneTimeCodeGenerator FusionAuthTenantExternalIdentifierConfigurationEmailVerificationOneTimeCodeGenerator
    ExternalAuthenticationIdTimeToLiveInSeconds int
    The time in seconds until an external authentication Id is no longer valid and cannot be used by the Token API. Value must be greater than 0.
    LoginIntentTimeToLiveInSeconds int
    The number of seconds before the Login Timeout identifier is no longer valid to complete post-authentication steps in the OAuth workflow. Must be greater than 0.
    OneTimePasswordTimeToLiveInSeconds int
    The time in seconds until a One Time Password is no longer valid and cannot be used by the Login API. Value must be greater than 0.
    PasswordlessLoginGenerator FusionAuthTenantExternalIdentifierConfigurationPasswordlessLoginGenerator
    PasswordlessLoginTimeToLiveInSeconds int
    The time in seconds until a passwordless code is no longer valid and cannot be used by the Passwordless API. Value must be greater than 0.
    RegistrationVerificationIdGenerator FusionAuthTenantExternalIdentifierConfigurationRegistrationVerificationIdGenerator
    RegistrationVerificationIdTimeToLiveInSeconds int
    The time in seconds until a registration verification Id is no longer valid and cannot be used by the Verify Registration API. Value must be greater than 0.
    RegistrationVerificationOneTimeCodeGenerator FusionAuthTenantExternalIdentifierConfigurationRegistrationVerificationOneTimeCodeGenerator
    SetupPasswordIdGenerator FusionAuthTenantExternalIdentifierConfigurationSetupPasswordIdGenerator
    SetupPasswordIdTimeToLiveInSeconds int
    The time in seconds until a setup password Id is no longer valid and cannot be used by the Change Password API. Value must be greater than 0.
    TwoFactorIdTimeToLiveInSeconds int
    The time in seconds until a two factor Id is no longer valid and cannot be used by the Two Factor Login API. Value must be greater than 0.
    TwoFactorOneTimeCodeIdGenerator FusionAuthTenantExternalIdentifierConfigurationTwoFactorOneTimeCodeIdGenerator
    TwoFactorTrustIdTimeToLiveInSeconds int
    The time in seconds until an issued Two Factor trust Id is no longer valid and the User will be required to complete Two Factor authentication during the next authentication attempt. Value must be greater than 0.
    PendingAccountLinkTimeToLiveInSeconds int
    The number of seconds before the pending account link identifier is no longer valid to complete an account link request. Value must be greater than 0.
    SamlV2AuthnRequestIdTtlSeconds int
    The time in seconds that a SAML AuthN request will be eligible for use to authenticate with FusionAuth.
    TrustTokenTimeToLiveInSeconds int
    The number of seconds before the Trust Token is no longer valid to complete a request that requires trust. Value must be greater than 0.
    TwoFactorOneTimeCodeIdTimeToLiveInSeconds int
    The number of seconds before the Two-Factor One Time Code used to enable or disable a two-factor method is no longer valid. Must be greater than 0.
    authorizationGrantIdTimeToLiveInSeconds Integer
    The time in seconds until a OAuth authorization code in no longer valid to be exchanged for an access token. This is essentially the time allowed between the start of an Authorization request during the Authorization code grant and when you request an access token using this authorization code on the Token endpoint.
    changePasswordIdGenerator FusionAuthTenantExternalIdentifierConfigurationChangePasswordIdGenerator
    changePasswordIdTimeToLiveInSeconds Integer
    The time in seconds until a change password Id is no longer valid and cannot be used by the Change Password API. Value must be greater than 0.
    deviceCodeTimeToLiveInSeconds Integer
    The time in seconds until a device code Id is no longer valid and cannot be used by the Token API. Value must be greater than 0.
    deviceUserCodeIdGenerator FusionAuthTenantExternalIdentifierConfigurationDeviceUserCodeIdGenerator
    emailVerificationIdGenerator FusionAuthTenantExternalIdentifierConfigurationEmailVerificationIdGenerator
    emailVerificationIdTimeToLiveInSeconds Integer
    The time in seconds until a email verification Id is no longer valid and cannot be used by the Verify Email API. Value must be greater than 0.
    emailVerificationOneTimeCodeGenerator FusionAuthTenantExternalIdentifierConfigurationEmailVerificationOneTimeCodeGenerator
    externalAuthenticationIdTimeToLiveInSeconds Integer
    The time in seconds until an external authentication Id is no longer valid and cannot be used by the Token API. Value must be greater than 0.
    loginIntentTimeToLiveInSeconds Integer
    The number of seconds before the Login Timeout identifier is no longer valid to complete post-authentication steps in the OAuth workflow. Must be greater than 0.
    oneTimePasswordTimeToLiveInSeconds Integer
    The time in seconds until a One Time Password is no longer valid and cannot be used by the Login API. Value must be greater than 0.
    passwordlessLoginGenerator FusionAuthTenantExternalIdentifierConfigurationPasswordlessLoginGenerator
    passwordlessLoginTimeToLiveInSeconds Integer
    The time in seconds until a passwordless code is no longer valid and cannot be used by the Passwordless API. Value must be greater than 0.
    registrationVerificationIdGenerator FusionAuthTenantExternalIdentifierConfigurationRegistrationVerificationIdGenerator
    registrationVerificationIdTimeToLiveInSeconds Integer
    The time in seconds until a registration verification Id is no longer valid and cannot be used by the Verify Registration API. Value must be greater than 0.
    registrationVerificationOneTimeCodeGenerator FusionAuthTenantExternalIdentifierConfigurationRegistrationVerificationOneTimeCodeGenerator
    setupPasswordIdGenerator FusionAuthTenantExternalIdentifierConfigurationSetupPasswordIdGenerator
    setupPasswordIdTimeToLiveInSeconds Integer
    The time in seconds until a setup password Id is no longer valid and cannot be used by the Change Password API. Value must be greater than 0.
    twoFactorIdTimeToLiveInSeconds Integer
    The time in seconds until a two factor Id is no longer valid and cannot be used by the Two Factor Login API. Value must be greater than 0.
    twoFactorOneTimeCodeIdGenerator FusionAuthTenantExternalIdentifierConfigurationTwoFactorOneTimeCodeIdGenerator
    twoFactorTrustIdTimeToLiveInSeconds Integer
    The time in seconds until an issued Two Factor trust Id is no longer valid and the User will be required to complete Two Factor authentication during the next authentication attempt. Value must be greater than 0.
    pendingAccountLinkTimeToLiveInSeconds Integer
    The number of seconds before the pending account link identifier is no longer valid to complete an account link request. Value must be greater than 0.
    samlV2AuthnRequestIdTtlSeconds Integer
    The time in seconds that a SAML AuthN request will be eligible for use to authenticate with FusionAuth.
    trustTokenTimeToLiveInSeconds Integer
    The number of seconds before the Trust Token is no longer valid to complete a request that requires trust. Value must be greater than 0.
    twoFactorOneTimeCodeIdTimeToLiveInSeconds Integer
    The number of seconds before the Two-Factor One Time Code used to enable or disable a two-factor method is no longer valid. Must be greater than 0.
    authorizationGrantIdTimeToLiveInSeconds number
    The time in seconds until a OAuth authorization code in no longer valid to be exchanged for an access token. This is essentially the time allowed between the start of an Authorization request during the Authorization code grant and when you request an access token using this authorization code on the Token endpoint.
    changePasswordIdGenerator FusionAuthTenantExternalIdentifierConfigurationChangePasswordIdGenerator
    changePasswordIdTimeToLiveInSeconds number
    The time in seconds until a change password Id is no longer valid and cannot be used by the Change Password API. Value must be greater than 0.
    deviceCodeTimeToLiveInSeconds number
    The time in seconds until a device code Id is no longer valid and cannot be used by the Token API. Value must be greater than 0.
    deviceUserCodeIdGenerator FusionAuthTenantExternalIdentifierConfigurationDeviceUserCodeIdGenerator
    emailVerificationIdGenerator FusionAuthTenantExternalIdentifierConfigurationEmailVerificationIdGenerator
    emailVerificationIdTimeToLiveInSeconds number
    The time in seconds until a email verification Id is no longer valid and cannot be used by the Verify Email API. Value must be greater than 0.
    emailVerificationOneTimeCodeGenerator FusionAuthTenantExternalIdentifierConfigurationEmailVerificationOneTimeCodeGenerator
    externalAuthenticationIdTimeToLiveInSeconds number
    The time in seconds until an external authentication Id is no longer valid and cannot be used by the Token API. Value must be greater than 0.
    loginIntentTimeToLiveInSeconds number
    The number of seconds before the Login Timeout identifier is no longer valid to complete post-authentication steps in the OAuth workflow. Must be greater than 0.
    oneTimePasswordTimeToLiveInSeconds number
    The time in seconds until a One Time Password is no longer valid and cannot be used by the Login API. Value must be greater than 0.
    passwordlessLoginGenerator FusionAuthTenantExternalIdentifierConfigurationPasswordlessLoginGenerator
    passwordlessLoginTimeToLiveInSeconds number
    The time in seconds until a passwordless code is no longer valid and cannot be used by the Passwordless API. Value must be greater than 0.
    registrationVerificationIdGenerator FusionAuthTenantExternalIdentifierConfigurationRegistrationVerificationIdGenerator
    registrationVerificationIdTimeToLiveInSeconds number
    The time in seconds until a registration verification Id is no longer valid and cannot be used by the Verify Registration API. Value must be greater than 0.
    registrationVerificationOneTimeCodeGenerator FusionAuthTenantExternalIdentifierConfigurationRegistrationVerificationOneTimeCodeGenerator
    setupPasswordIdGenerator FusionAuthTenantExternalIdentifierConfigurationSetupPasswordIdGenerator
    setupPasswordIdTimeToLiveInSeconds number
    The time in seconds until a setup password Id is no longer valid and cannot be used by the Change Password API. Value must be greater than 0.
    twoFactorIdTimeToLiveInSeconds number
    The time in seconds until a two factor Id is no longer valid and cannot be used by the Two Factor Login API. Value must be greater than 0.
    twoFactorOneTimeCodeIdGenerator FusionAuthTenantExternalIdentifierConfigurationTwoFactorOneTimeCodeIdGenerator
    twoFactorTrustIdTimeToLiveInSeconds number
    The time in seconds until an issued Two Factor trust Id is no longer valid and the User will be required to complete Two Factor authentication during the next authentication attempt. Value must be greater than 0.
    pendingAccountLinkTimeToLiveInSeconds number
    The number of seconds before the pending account link identifier is no longer valid to complete an account link request. Value must be greater than 0.
    samlV2AuthnRequestIdTtlSeconds number
    The time in seconds that a SAML AuthN request will be eligible for use to authenticate with FusionAuth.
    trustTokenTimeToLiveInSeconds number
    The number of seconds before the Trust Token is no longer valid to complete a request that requires trust. Value must be greater than 0.
    twoFactorOneTimeCodeIdTimeToLiveInSeconds number
    The number of seconds before the Two-Factor One Time Code used to enable or disable a two-factor method is no longer valid. Must be greater than 0.
    authorization_grant_id_time_to_live_in_seconds int
    The time in seconds until a OAuth authorization code in no longer valid to be exchanged for an access token. This is essentially the time allowed between the start of an Authorization request during the Authorization code grant and when you request an access token using this authorization code on the Token endpoint.
    change_password_id_generator FusionAuthTenantExternalIdentifierConfigurationChangePasswordIdGenerator
    change_password_id_time_to_live_in_seconds int
    The time in seconds until a change password Id is no longer valid and cannot be used by the Change Password API. Value must be greater than 0.
    device_code_time_to_live_in_seconds int
    The time in seconds until a device code Id is no longer valid and cannot be used by the Token API. Value must be greater than 0.
    device_user_code_id_generator FusionAuthTenantExternalIdentifierConfigurationDeviceUserCodeIdGenerator
    email_verification_id_generator FusionAuthTenantExternalIdentifierConfigurationEmailVerificationIdGenerator
    email_verification_id_time_to_live_in_seconds int
    The time in seconds until a email verification Id is no longer valid and cannot be used by the Verify Email API. Value must be greater than 0.
    email_verification_one_time_code_generator FusionAuthTenantExternalIdentifierConfigurationEmailVerificationOneTimeCodeGenerator
    external_authentication_id_time_to_live_in_seconds int
    The time in seconds until an external authentication Id is no longer valid and cannot be used by the Token API. Value must be greater than 0.
    login_intent_time_to_live_in_seconds int
    The number of seconds before the Login Timeout identifier is no longer valid to complete post-authentication steps in the OAuth workflow. Must be greater than 0.
    one_time_password_time_to_live_in_seconds int
    The time in seconds until a One Time Password is no longer valid and cannot be used by the Login API. Value must be greater than 0.
    passwordless_login_generator FusionAuthTenantExternalIdentifierConfigurationPasswordlessLoginGenerator
    passwordless_login_time_to_live_in_seconds int
    The time in seconds until a passwordless code is no longer valid and cannot be used by the Passwordless API. Value must be greater than 0.
    registration_verification_id_generator FusionAuthTenantExternalIdentifierConfigurationRegistrationVerificationIdGenerator
    registration_verification_id_time_to_live_in_seconds int
    The time in seconds until a registration verification Id is no longer valid and cannot be used by the Verify Registration API. Value must be greater than 0.
    registration_verification_one_time_code_generator FusionAuthTenantExternalIdentifierConfigurationRegistrationVerificationOneTimeCodeGenerator
    setup_password_id_generator FusionAuthTenantExternalIdentifierConfigurationSetupPasswordIdGenerator
    setup_password_id_time_to_live_in_seconds int
    The time in seconds until a setup password Id is no longer valid and cannot be used by the Change Password API. Value must be greater than 0.
    two_factor_id_time_to_live_in_seconds int
    The time in seconds until a two factor Id is no longer valid and cannot be used by the Two Factor Login API. Value must be greater than 0.
    two_factor_one_time_code_id_generator FusionAuthTenantExternalIdentifierConfigurationTwoFactorOneTimeCodeIdGenerator
    two_factor_trust_id_time_to_live_in_seconds int
    The time in seconds until an issued Two Factor trust Id is no longer valid and the User will be required to complete Two Factor authentication during the next authentication attempt. Value must be greater than 0.
    pending_account_link_time_to_live_in_seconds int
    The number of seconds before the pending account link identifier is no longer valid to complete an account link request. Value must be greater than 0.
    saml_v2_authn_request_id_ttl_seconds int
    The time in seconds that a SAML AuthN request will be eligible for use to authenticate with FusionAuth.
    trust_token_time_to_live_in_seconds int
    The number of seconds before the Trust Token is no longer valid to complete a request that requires trust. Value must be greater than 0.
    two_factor_one_time_code_id_time_to_live_in_seconds int
    The number of seconds before the Two-Factor One Time Code used to enable or disable a two-factor method is no longer valid. Must be greater than 0.
    authorizationGrantIdTimeToLiveInSeconds Number
    The time in seconds until a OAuth authorization code in no longer valid to be exchanged for an access token. This is essentially the time allowed between the start of an Authorization request during the Authorization code grant and when you request an access token using this authorization code on the Token endpoint.
    changePasswordIdGenerator Property Map
    changePasswordIdTimeToLiveInSeconds Number
    The time in seconds until a change password Id is no longer valid and cannot be used by the Change Password API. Value must be greater than 0.
    deviceCodeTimeToLiveInSeconds Number
    The time in seconds until a device code Id is no longer valid and cannot be used by the Token API. Value must be greater than 0.
    deviceUserCodeIdGenerator Property Map
    emailVerificationIdGenerator Property Map
    emailVerificationIdTimeToLiveInSeconds Number
    The time in seconds until a email verification Id is no longer valid and cannot be used by the Verify Email API. Value must be greater than 0.
    emailVerificationOneTimeCodeGenerator Property Map
    externalAuthenticationIdTimeToLiveInSeconds Number
    The time in seconds until an external authentication Id is no longer valid and cannot be used by the Token API. Value must be greater than 0.
    loginIntentTimeToLiveInSeconds Number
    The number of seconds before the Login Timeout identifier is no longer valid to complete post-authentication steps in the OAuth workflow. Must be greater than 0.
    oneTimePasswordTimeToLiveInSeconds Number
    The time in seconds until a One Time Password is no longer valid and cannot be used by the Login API. Value must be greater than 0.
    passwordlessLoginGenerator Property Map
    passwordlessLoginTimeToLiveInSeconds Number
    The time in seconds until a passwordless code is no longer valid and cannot be used by the Passwordless API. Value must be greater than 0.
    registrationVerificationIdGenerator Property Map
    registrationVerificationIdTimeToLiveInSeconds Number
    The time in seconds until a registration verification Id is no longer valid and cannot be used by the Verify Registration API. Value must be greater than 0.
    registrationVerificationOneTimeCodeGenerator Property Map
    setupPasswordIdGenerator Property Map
    setupPasswordIdTimeToLiveInSeconds Number
    The time in seconds until a setup password Id is no longer valid and cannot be used by the Change Password API. Value must be greater than 0.
    twoFactorIdTimeToLiveInSeconds Number
    The time in seconds until a two factor Id is no longer valid and cannot be used by the Two Factor Login API. Value must be greater than 0.
    twoFactorOneTimeCodeIdGenerator Property Map
    twoFactorTrustIdTimeToLiveInSeconds Number
    The time in seconds until an issued Two Factor trust Id is no longer valid and the User will be required to complete Two Factor authentication during the next authentication attempt. Value must be greater than 0.
    pendingAccountLinkTimeToLiveInSeconds Number
    The number of seconds before the pending account link identifier is no longer valid to complete an account link request. Value must be greater than 0.
    samlV2AuthnRequestIdTtlSeconds Number
    The time in seconds that a SAML AuthN request will be eligible for use to authenticate with FusionAuth.
    trustTokenTimeToLiveInSeconds Number
    The number of seconds before the Trust Token is no longer valid to complete a request that requires trust. Value must be greater than 0.
    twoFactorOneTimeCodeIdTimeToLiveInSeconds Number
    The number of seconds before the Two-Factor One Time Code used to enable or disable a two-factor method is no longer valid. Must be greater than 0.

    FusionAuthTenantExternalIdentifierConfigurationChangePasswordIdGenerator, FusionAuthTenantExternalIdentifierConfigurationChangePasswordIdGeneratorArgs

    Length int
    The length of the secure generator used for generating the change password Id.
    Type string
    The type of the secure generator used for generating the change password Id.
    Length int
    The length of the secure generator used for generating the change password Id.
    Type string
    The type of the secure generator used for generating the change password Id.
    length Integer
    The length of the secure generator used for generating the change password Id.
    type String
    The type of the secure generator used for generating the change password Id.
    length number
    The length of the secure generator used for generating the change password Id.
    type string
    The type of the secure generator used for generating the change password Id.
    length int
    The length of the secure generator used for generating the change password Id.
    type str
    The type of the secure generator used for generating the change password Id.
    length Number
    The length of the secure generator used for generating the change password Id.
    type String
    The type of the secure generator used for generating the change password Id.

    FusionAuthTenantExternalIdentifierConfigurationDeviceUserCodeIdGenerator, FusionAuthTenantExternalIdentifierConfigurationDeviceUserCodeIdGeneratorArgs

    Length int
    The length of the secure generator used for generating the change password Id.
    Type string
    The type of the secure generator used for generating the change password Id.
    Length int
    The length of the secure generator used for generating the change password Id.
    Type string
    The type of the secure generator used for generating the change password Id.
    length Integer
    The length of the secure generator used for generating the change password Id.
    type String
    The type of the secure generator used for generating the change password Id.
    length number
    The length of the secure generator used for generating the change password Id.
    type string
    The type of the secure generator used for generating the change password Id.
    length int
    The length of the secure generator used for generating the change password Id.
    type str
    The type of the secure generator used for generating the change password Id.
    length Number
    The length of the secure generator used for generating the change password Id.
    type String
    The type of the secure generator used for generating the change password Id.

    FusionAuthTenantExternalIdentifierConfigurationEmailVerificationIdGenerator, FusionAuthTenantExternalIdentifierConfigurationEmailVerificationIdGeneratorArgs

    Length int
    The length of the secure generator used for generating the change password Id.
    Type string
    The type of the secure generator used for generating the change password Id.
    Length int
    The length of the secure generator used for generating the change password Id.
    Type string
    The type of the secure generator used for generating the change password Id.
    length Integer
    The length of the secure generator used for generating the change password Id.
    type String
    The type of the secure generator used for generating the change password Id.
    length number
    The length of the secure generator used for generating the change password Id.
    type string
    The type of the secure generator used for generating the change password Id.
    length int
    The length of the secure generator used for generating the change password Id.
    type str
    The type of the secure generator used for generating the change password Id.
    length Number
    The length of the secure generator used for generating the change password Id.
    type String
    The type of the secure generator used for generating the change password Id.

    FusionAuthTenantExternalIdentifierConfigurationEmailVerificationOneTimeCodeGenerator, FusionAuthTenantExternalIdentifierConfigurationEmailVerificationOneTimeCodeGeneratorArgs

    Length int
    The length of the secure generator used for generating the email verification one time code.
    Type string
    The type of the secure generator used for generating the email verification one time code.
    Length int
    The length of the secure generator used for generating the email verification one time code.
    Type string
    The type of the secure generator used for generating the email verification one time code.
    length Integer
    The length of the secure generator used for generating the email verification one time code.
    type String
    The type of the secure generator used for generating the email verification one time code.
    length number
    The length of the secure generator used for generating the email verification one time code.
    type string
    The type of the secure generator used for generating the email verification one time code.
    length int
    The length of the secure generator used for generating the email verification one time code.
    type str
    The type of the secure generator used for generating the email verification one time code.
    length Number
    The length of the secure generator used for generating the email verification one time code.
    type String
    The type of the secure generator used for generating the email verification one time code.

    FusionAuthTenantExternalIdentifierConfigurationPasswordlessLoginGenerator, FusionAuthTenantExternalIdentifierConfigurationPasswordlessLoginGeneratorArgs

    Length int
    The length of the secure generator used for generating the change password Id.
    Type string
    The type of the secure generator used for generating the change password Id.
    Length int
    The length of the secure generator used for generating the change password Id.
    Type string
    The type of the secure generator used for generating the change password Id.
    length Integer
    The length of the secure generator used for generating the change password Id.
    type String
    The type of the secure generator used for generating the change password Id.
    length number
    The length of the secure generator used for generating the change password Id.
    type string
    The type of the secure generator used for generating the change password Id.
    length int
    The length of the secure generator used for generating the change password Id.
    type str
    The type of the secure generator used for generating the change password Id.
    length Number
    The length of the secure generator used for generating the change password Id.
    type String
    The type of the secure generator used for generating the change password Id.

    FusionAuthTenantExternalIdentifierConfigurationRegistrationVerificationIdGenerator, FusionAuthTenantExternalIdentifierConfigurationRegistrationVerificationIdGeneratorArgs

    Length int
    The length of the secure generator used for generating the change password Id.
    Type string
    The type of the secure generator used for generating the change password Id.
    Length int
    The length of the secure generator used for generating the change password Id.
    Type string
    The type of the secure generator used for generating the change password Id.
    length Integer
    The length of the secure generator used for generating the change password Id.
    type String
    The type of the secure generator used for generating the change password Id.
    length number
    The length of the secure generator used for generating the change password Id.
    type string
    The type of the secure generator used for generating the change password Id.
    length int
    The length of the secure generator used for generating the change password Id.
    type str
    The type of the secure generator used for generating the change password Id.
    length Number
    The length of the secure generator used for generating the change password Id.
    type String
    The type of the secure generator used for generating the change password Id.

    FusionAuthTenantExternalIdentifierConfigurationRegistrationVerificationOneTimeCodeGenerator, FusionAuthTenantExternalIdentifierConfigurationRegistrationVerificationOneTimeCodeGeneratorArgs

    Length int
    The length of the secure generator used for generating the registration verification one time code.
    Type string
    The type of the secure generator used for generating the registration verification one time code.
    Length int
    The length of the secure generator used for generating the registration verification one time code.
    Type string
    The type of the secure generator used for generating the registration verification one time code.
    length Integer
    The length of the secure generator used for generating the registration verification one time code.
    type String
    The type of the secure generator used for generating the registration verification one time code.
    length number
    The length of the secure generator used for generating the registration verification one time code.
    type string
    The type of the secure generator used for generating the registration verification one time code.
    length int
    The length of the secure generator used for generating the registration verification one time code.
    type str
    The type of the secure generator used for generating the registration verification one time code.
    length Number
    The length of the secure generator used for generating the registration verification one time code.
    type String
    The type of the secure generator used for generating the registration verification one time code.

    FusionAuthTenantExternalIdentifierConfigurationSetupPasswordIdGenerator, FusionAuthTenantExternalIdentifierConfigurationSetupPasswordIdGeneratorArgs

    Length int
    The length of the secure generator used for generating the change password Id.
    Type string
    The type of the secure generator used for generating the change password Id.
    Length int
    The length of the secure generator used for generating the change password Id.
    Type string
    The type of the secure generator used for generating the change password Id.
    length Integer
    The length of the secure generator used for generating the change password Id.
    type String
    The type of the secure generator used for generating the change password Id.
    length number
    The length of the secure generator used for generating the change password Id.
    type string
    The type of the secure generator used for generating the change password Id.
    length int
    The length of the secure generator used for generating the change password Id.
    type str
    The type of the secure generator used for generating the change password Id.
    length Number
    The length of the secure generator used for generating the change password Id.
    type String
    The type of the secure generator used for generating the change password Id.

    FusionAuthTenantExternalIdentifierConfigurationTwoFactorOneTimeCodeIdGenerator, FusionAuthTenantExternalIdentifierConfigurationTwoFactorOneTimeCodeIdGeneratorArgs

    Length int
    TThe length of the secure generator used for generating the the two factor code Id.
    Type string
    The type of the secure generator used for generating the two factor one time code Id.
    Length int
    TThe length of the secure generator used for generating the the two factor code Id.
    Type string
    The type of the secure generator used for generating the two factor one time code Id.
    length Integer
    TThe length of the secure generator used for generating the the two factor code Id.
    type String
    The type of the secure generator used for generating the two factor one time code Id.
    length number
    TThe length of the secure generator used for generating the the two factor code Id.
    type string
    The type of the secure generator used for generating the two factor one time code Id.
    length int
    TThe length of the secure generator used for generating the the two factor code Id.
    type str
    The type of the secure generator used for generating the two factor one time code Id.
    length Number
    TThe length of the secure generator used for generating the the two factor code Id.
    type String
    The type of the secure generator used for generating the two factor one time code Id.

    FusionAuthTenantFailedAuthenticationConfiguration, FusionAuthTenantFailedAuthenticationConfigurationArgs

    ActionCancelPolicyOnPasswordReset bool
    Indicates whether you want the user to be able to self-service unlock their account prior to the action duration by completing a password reset workflow.
    ActionDuration int
    The duration of the User Action. This value along with the actionDurationUnit will be used to set the duration of the User Action. Value must be greater than 0.
    ActionDurationUnit string
    The unit of time associated with a duration.
    EmailUser bool
    Indicates you would like to email the user when the user’s account is locked due to this action being taken. This requires the User Action specified by the tenant.failedAuthenticationConfiguration.userActionId to also be configured for email. If the User Action is not configured to be able to email the user, this configuration will be ignored.
    ResetCountInSeconds int
    The length of time in seconds before the failed authentication count will be reset. Value must be greater than 0.
    TooManyAttempts int
    The number of failed attempts considered to be too many. Once this threshold is reached the specified User Action will be applied to the user for the duration specified. Value must be greater than 0.
    UserActionId string
    The Id of the User Action that is applied when the threshold is reached for too many failed authentication attempts.
    ActionCancelPolicyOnPasswordReset bool
    Indicates whether you want the user to be able to self-service unlock their account prior to the action duration by completing a password reset workflow.
    ActionDuration int
    The duration of the User Action. This value along with the actionDurationUnit will be used to set the duration of the User Action. Value must be greater than 0.
    ActionDurationUnit string
    The unit of time associated with a duration.
    EmailUser bool
    Indicates you would like to email the user when the user’s account is locked due to this action being taken. This requires the User Action specified by the tenant.failedAuthenticationConfiguration.userActionId to also be configured for email. If the User Action is not configured to be able to email the user, this configuration will be ignored.
    ResetCountInSeconds int
    The length of time in seconds before the failed authentication count will be reset. Value must be greater than 0.
    TooManyAttempts int
    The number of failed attempts considered to be too many. Once this threshold is reached the specified User Action will be applied to the user for the duration specified. Value must be greater than 0.
    UserActionId string
    The Id of the User Action that is applied when the threshold is reached for too many failed authentication attempts.
    actionCancelPolicyOnPasswordReset Boolean
    Indicates whether you want the user to be able to self-service unlock their account prior to the action duration by completing a password reset workflow.
    actionDuration Integer
    The duration of the User Action. This value along with the actionDurationUnit will be used to set the duration of the User Action. Value must be greater than 0.
    actionDurationUnit String
    The unit of time associated with a duration.
    emailUser Boolean
    Indicates you would like to email the user when the user’s account is locked due to this action being taken. This requires the User Action specified by the tenant.failedAuthenticationConfiguration.userActionId to also be configured for email. If the User Action is not configured to be able to email the user, this configuration will be ignored.
    resetCountInSeconds Integer
    The length of time in seconds before the failed authentication count will be reset. Value must be greater than 0.
    tooManyAttempts Integer
    The number of failed attempts considered to be too many. Once this threshold is reached the specified User Action will be applied to the user for the duration specified. Value must be greater than 0.
    userActionId String
    The Id of the User Action that is applied when the threshold is reached for too many failed authentication attempts.
    actionCancelPolicyOnPasswordReset boolean
    Indicates whether you want the user to be able to self-service unlock their account prior to the action duration by completing a password reset workflow.
    actionDuration number
    The duration of the User Action. This value along with the actionDurationUnit will be used to set the duration of the User Action. Value must be greater than 0.
    actionDurationUnit string
    The unit of time associated with a duration.
    emailUser boolean
    Indicates you would like to email the user when the user’s account is locked due to this action being taken. This requires the User Action specified by the tenant.failedAuthenticationConfiguration.userActionId to also be configured for email. If the User Action is not configured to be able to email the user, this configuration will be ignored.
    resetCountInSeconds number
    The length of time in seconds before the failed authentication count will be reset. Value must be greater than 0.
    tooManyAttempts number
    The number of failed attempts considered to be too many. Once this threshold is reached the specified User Action will be applied to the user for the duration specified. Value must be greater than 0.
    userActionId string
    The Id of the User Action that is applied when the threshold is reached for too many failed authentication attempts.
    action_cancel_policy_on_password_reset bool
    Indicates whether you want the user to be able to self-service unlock their account prior to the action duration by completing a password reset workflow.
    action_duration int
    The duration of the User Action. This value along with the actionDurationUnit will be used to set the duration of the User Action. Value must be greater than 0.
    action_duration_unit str
    The unit of time associated with a duration.
    email_user bool
    Indicates you would like to email the user when the user’s account is locked due to this action being taken. This requires the User Action specified by the tenant.failedAuthenticationConfiguration.userActionId to also be configured for email. If the User Action is not configured to be able to email the user, this configuration will be ignored.
    reset_count_in_seconds int
    The length of time in seconds before the failed authentication count will be reset. Value must be greater than 0.
    too_many_attempts int
    The number of failed attempts considered to be too many. Once this threshold is reached the specified User Action will be applied to the user for the duration specified. Value must be greater than 0.
    user_action_id str
    The Id of the User Action that is applied when the threshold is reached for too many failed authentication attempts.
    actionCancelPolicyOnPasswordReset Boolean
    Indicates whether you want the user to be able to self-service unlock their account prior to the action duration by completing a password reset workflow.
    actionDuration Number
    The duration of the User Action. This value along with the actionDurationUnit will be used to set the duration of the User Action. Value must be greater than 0.
    actionDurationUnit String
    The unit of time associated with a duration.
    emailUser Boolean
    Indicates you would like to email the user when the user’s account is locked due to this action being taken. This requires the User Action specified by the tenant.failedAuthenticationConfiguration.userActionId to also be configured for email. If the User Action is not configured to be able to email the user, this configuration will be ignored.
    resetCountInSeconds Number
    The length of time in seconds before the failed authentication count will be reset. Value must be greater than 0.
    tooManyAttempts Number
    The number of failed attempts considered to be too many. Once this threshold is reached the specified User Action will be applied to the user for the duration specified. Value must be greater than 0.
    userActionId String
    The Id of the User Action that is applied when the threshold is reached for too many failed authentication attempts.

    FusionAuthTenantFamilyConfiguration, FusionAuthTenantFamilyConfigurationArgs

    AllowChildRegistrations bool
    Whether to allow child registrations.
    ConfirmChildEmailTemplateId string
    The unique Id of the email template to use when confirming a child.
    DeleteOrphanedAccounts bool
    Indicates that child users without parental verification will be permanently deleted after tenant.familyConfiguration.deleteOrphanedAccountsDays days.
    DeleteOrphanedAccountsDays int
    The number of days from creation child users will be retained before being deleted for not completing parental verification. Value must be greater than 0.
    Enabled bool
    Whether family configuration is enabled.
    FamilyRequestEmailTemplateId string
    The unique Id of the email template to use when a family request is made.
    MaximumChildAge int
    The maximum age of a child. Value must be greater than 0.
    MinimumOwnerAge int
    The minimum age to be an owner. Value must be greater than 0.
    ParentEmailRequired bool
    Whether a parent email is required.
    ParentRegistrationEmailTemplateId string
    The unique Id of the email template to use for parent registration.
    AllowChildRegistrations bool
    Whether to allow child registrations.
    ConfirmChildEmailTemplateId string
    The unique Id of the email template to use when confirming a child.
    DeleteOrphanedAccounts bool
    Indicates that child users without parental verification will be permanently deleted after tenant.familyConfiguration.deleteOrphanedAccountsDays days.
    DeleteOrphanedAccountsDays int
    The number of days from creation child users will be retained before being deleted for not completing parental verification. Value must be greater than 0.
    Enabled bool
    Whether family configuration is enabled.
    FamilyRequestEmailTemplateId string
    The unique Id of the email template to use when a family request is made.
    MaximumChildAge int
    The maximum age of a child. Value must be greater than 0.
    MinimumOwnerAge int
    The minimum age to be an owner. Value must be greater than 0.
    ParentEmailRequired bool
    Whether a parent email is required.
    ParentRegistrationEmailTemplateId string
    The unique Id of the email template to use for parent registration.
    allowChildRegistrations Boolean
    Whether to allow child registrations.
    confirmChildEmailTemplateId String
    The unique Id of the email template to use when confirming a child.
    deleteOrphanedAccounts Boolean
    Indicates that child users without parental verification will be permanently deleted after tenant.familyConfiguration.deleteOrphanedAccountsDays days.
    deleteOrphanedAccountsDays Integer
    The number of days from creation child users will be retained before being deleted for not completing parental verification. Value must be greater than 0.
    enabled Boolean
    Whether family configuration is enabled.
    familyRequestEmailTemplateId String
    The unique Id of the email template to use when a family request is made.
    maximumChildAge Integer
    The maximum age of a child. Value must be greater than 0.
    minimumOwnerAge Integer
    The minimum age to be an owner. Value must be greater than 0.
    parentEmailRequired Boolean
    Whether a parent email is required.
    parentRegistrationEmailTemplateId String
    The unique Id of the email template to use for parent registration.
    allowChildRegistrations boolean
    Whether to allow child registrations.
    confirmChildEmailTemplateId string
    The unique Id of the email template to use when confirming a child.
    deleteOrphanedAccounts boolean
    Indicates that child users without parental verification will be permanently deleted after tenant.familyConfiguration.deleteOrphanedAccountsDays days.
    deleteOrphanedAccountsDays number
    The number of days from creation child users will be retained before being deleted for not completing parental verification. Value must be greater than 0.
    enabled boolean
    Whether family configuration is enabled.
    familyRequestEmailTemplateId string
    The unique Id of the email template to use when a family request is made.
    maximumChildAge number
    The maximum age of a child. Value must be greater than 0.
    minimumOwnerAge number
    The minimum age to be an owner. Value must be greater than 0.
    parentEmailRequired boolean
    Whether a parent email is required.
    parentRegistrationEmailTemplateId string
    The unique Id of the email template to use for parent registration.
    allow_child_registrations bool
    Whether to allow child registrations.
    confirm_child_email_template_id str
    The unique Id of the email template to use when confirming a child.
    delete_orphaned_accounts bool
    Indicates that child users without parental verification will be permanently deleted after tenant.familyConfiguration.deleteOrphanedAccountsDays days.
    delete_orphaned_accounts_days int
    The number of days from creation child users will be retained before being deleted for not completing parental verification. Value must be greater than 0.
    enabled bool
    Whether family configuration is enabled.
    family_request_email_template_id str
    The unique Id of the email template to use when a family request is made.
    maximum_child_age int
    The maximum age of a child. Value must be greater than 0.
    minimum_owner_age int
    The minimum age to be an owner. Value must be greater than 0.
    parent_email_required bool
    Whether a parent email is required.
    parent_registration_email_template_id str
    The unique Id of the email template to use for parent registration.
    allowChildRegistrations Boolean
    Whether to allow child registrations.
    confirmChildEmailTemplateId String
    The unique Id of the email template to use when confirming a child.
    deleteOrphanedAccounts Boolean
    Indicates that child users without parental verification will be permanently deleted after tenant.familyConfiguration.deleteOrphanedAccountsDays days.
    deleteOrphanedAccountsDays Number
    The number of days from creation child users will be retained before being deleted for not completing parental verification. Value must be greater than 0.
    enabled Boolean
    Whether family configuration is enabled.
    familyRequestEmailTemplateId String
    The unique Id of the email template to use when a family request is made.
    maximumChildAge Number
    The maximum age of a child. Value must be greater than 0.
    minimumOwnerAge Number
    The minimum age to be an owner. Value must be greater than 0.
    parentEmailRequired Boolean
    Whether a parent email is required.
    parentRegistrationEmailTemplateId String
    The unique Id of the email template to use for parent registration.

    FusionAuthTenantFormConfiguration, FusionAuthTenantFormConfigurationArgs

    AdminUserFormId string
    The unique Id of the form to use for the Add and Edit User form when used in the FusionAuth admin UI.
    AdminUserFormId string
    The unique Id of the form to use for the Add and Edit User form when used in the FusionAuth admin UI.
    adminUserFormId String
    The unique Id of the form to use for the Add and Edit User form when used in the FusionAuth admin UI.
    adminUserFormId string
    The unique Id of the form to use for the Add and Edit User form when used in the FusionAuth admin UI.
    admin_user_form_id str
    The unique Id of the form to use for the Add and Edit User form when used in the FusionAuth admin UI.
    adminUserFormId String
    The unique Id of the form to use for the Add and Edit User form when used in the FusionAuth admin UI.

    FusionAuthTenantJwtConfiguration, FusionAuthTenantJwtConfigurationArgs

    RefreshTokenTimeToLiveInMinutes int
    The length of time in minutes a Refresh Token is valid from the time it was issued. Value must be greater than 0.
    TimeToLiveInSeconds int
    The length of time in seconds this JWT is valid from the time it was issued. Value must be greater than 0.
    AccessTokenKeyId string
    The unique id of the signing key used to sign the access token. Required prior to 1.30.0.
    IdTokenKeyId string
    The unique id of the signing key used to sign the Id token. Required prior to 1.30.0.
    RefreshTokenExpirationPolicy string
    The refresh token expiration policy.
    RefreshTokenRevocationPolicyOnLoginPrevented bool
    When enabled, the refresh token will be revoked when a user action, such as locking an account based on a number of failed login attempts, prevents user login.
    RefreshTokenRevocationPolicyOnPasswordChange bool
    When enabled, the refresh token will be revoked when a user changes their password."
    RefreshTokenSlidingWindowMaximumTimeToLiveInMinutes int
    The maximum lifetime of a refresh token when using a refresh token expiration policy of SlidingWindowWithMaximumLifetime. Value must be greater than 0.
    RefreshTokenUsagePolicy string
    The refresh token usage policy.
    RefreshTokenTimeToLiveInMinutes int
    The length of time in minutes a Refresh Token is valid from the time it was issued. Value must be greater than 0.
    TimeToLiveInSeconds int
    The length of time in seconds this JWT is valid from the time it was issued. Value must be greater than 0.
    AccessTokenKeyId string
    The unique id of the signing key used to sign the access token. Required prior to 1.30.0.
    IdTokenKeyId string
    The unique id of the signing key used to sign the Id token. Required prior to 1.30.0.
    RefreshTokenExpirationPolicy string
    The refresh token expiration policy.
    RefreshTokenRevocationPolicyOnLoginPrevented bool
    When enabled, the refresh token will be revoked when a user action, such as locking an account based on a number of failed login attempts, prevents user login.
    RefreshTokenRevocationPolicyOnPasswordChange bool
    When enabled, the refresh token will be revoked when a user changes their password."
    RefreshTokenSlidingWindowMaximumTimeToLiveInMinutes int
    The maximum lifetime of a refresh token when using a refresh token expiration policy of SlidingWindowWithMaximumLifetime. Value must be greater than 0.
    RefreshTokenUsagePolicy string
    The refresh token usage policy.
    refreshTokenTimeToLiveInMinutes Integer
    The length of time in minutes a Refresh Token is valid from the time it was issued. Value must be greater than 0.
    timeToLiveInSeconds Integer
    The length of time in seconds this JWT is valid from the time it was issued. Value must be greater than 0.
    accessTokenKeyId String
    The unique id of the signing key used to sign the access token. Required prior to 1.30.0.
    idTokenKeyId String
    The unique id of the signing key used to sign the Id token. Required prior to 1.30.0.
    refreshTokenExpirationPolicy String
    The refresh token expiration policy.
    refreshTokenRevocationPolicyOnLoginPrevented Boolean
    When enabled, the refresh token will be revoked when a user action, such as locking an account based on a number of failed login attempts, prevents user login.
    refreshTokenRevocationPolicyOnPasswordChange Boolean
    When enabled, the refresh token will be revoked when a user changes their password."
    refreshTokenSlidingWindowMaximumTimeToLiveInMinutes Integer
    The maximum lifetime of a refresh token when using a refresh token expiration policy of SlidingWindowWithMaximumLifetime. Value must be greater than 0.
    refreshTokenUsagePolicy String
    The refresh token usage policy.
    refreshTokenTimeToLiveInMinutes number
    The length of time in minutes a Refresh Token is valid from the time it was issued. Value must be greater than 0.
    timeToLiveInSeconds number
    The length of time in seconds this JWT is valid from the time it was issued. Value must be greater than 0.
    accessTokenKeyId string
    The unique id of the signing key used to sign the access token. Required prior to 1.30.0.
    idTokenKeyId string
    The unique id of the signing key used to sign the Id token. Required prior to 1.30.0.
    refreshTokenExpirationPolicy string
    The refresh token expiration policy.
    refreshTokenRevocationPolicyOnLoginPrevented boolean
    When enabled, the refresh token will be revoked when a user action, such as locking an account based on a number of failed login attempts, prevents user login.
    refreshTokenRevocationPolicyOnPasswordChange boolean
    When enabled, the refresh token will be revoked when a user changes their password."
    refreshTokenSlidingWindowMaximumTimeToLiveInMinutes number
    The maximum lifetime of a refresh token when using a refresh token expiration policy of SlidingWindowWithMaximumLifetime. Value must be greater than 0.
    refreshTokenUsagePolicy string
    The refresh token usage policy.
    refresh_token_time_to_live_in_minutes int
    The length of time in minutes a Refresh Token is valid from the time it was issued. Value must be greater than 0.
    time_to_live_in_seconds int
    The length of time in seconds this JWT is valid from the time it was issued. Value must be greater than 0.
    access_token_key_id str
    The unique id of the signing key used to sign the access token. Required prior to 1.30.0.
    id_token_key_id str
    The unique id of the signing key used to sign the Id token. Required prior to 1.30.0.
    refresh_token_expiration_policy str
    The refresh token expiration policy.
    refresh_token_revocation_policy_on_login_prevented bool
    When enabled, the refresh token will be revoked when a user action, such as locking an account based on a number of failed login attempts, prevents user login.
    refresh_token_revocation_policy_on_password_change bool
    When enabled, the refresh token will be revoked when a user changes their password."
    refresh_token_sliding_window_maximum_time_to_live_in_minutes int
    The maximum lifetime of a refresh token when using a refresh token expiration policy of SlidingWindowWithMaximumLifetime. Value must be greater than 0.
    refresh_token_usage_policy str
    The refresh token usage policy.
    refreshTokenTimeToLiveInMinutes Number
    The length of time in minutes a Refresh Token is valid from the time it was issued. Value must be greater than 0.
    timeToLiveInSeconds Number
    The length of time in seconds this JWT is valid from the time it was issued. Value must be greater than 0.
    accessTokenKeyId String
    The unique id of the signing key used to sign the access token. Required prior to 1.30.0.
    idTokenKeyId String
    The unique id of the signing key used to sign the Id token. Required prior to 1.30.0.
    refreshTokenExpirationPolicy String
    The refresh token expiration policy.
    refreshTokenRevocationPolicyOnLoginPrevented Boolean
    When enabled, the refresh token will be revoked when a user action, such as locking an account based on a number of failed login attempts, prevents user login.
    refreshTokenRevocationPolicyOnPasswordChange Boolean
    When enabled, the refresh token will be revoked when a user changes their password."
    refreshTokenSlidingWindowMaximumTimeToLiveInMinutes Number
    The maximum lifetime of a refresh token when using a refresh token expiration policy of SlidingWindowWithMaximumLifetime. Value must be greater than 0.
    refreshTokenUsagePolicy String
    The refresh token usage policy.

    FusionAuthTenantLoginConfiguration, FusionAuthTenantLoginConfigurationArgs

    RequireAuthentication bool
    Indicates whether to require an API key for the Login API when an applicationId is not provided. When an applicationId is provided to the Login API call, the application configuration will take precedence. In almost all cases, you will want to this to be true.
    RequireAuthentication bool
    Indicates whether to require an API key for the Login API when an applicationId is not provided. When an applicationId is provided to the Login API call, the application configuration will take precedence. In almost all cases, you will want to this to be true.
    requireAuthentication Boolean
    Indicates whether to require an API key for the Login API when an applicationId is not provided. When an applicationId is provided to the Login API call, the application configuration will take precedence. In almost all cases, you will want to this to be true.
    requireAuthentication boolean
    Indicates whether to require an API key for the Login API when an applicationId is not provided. When an applicationId is provided to the Login API call, the application configuration will take precedence. In almost all cases, you will want to this to be true.
    require_authentication bool
    Indicates whether to require an API key for the Login API when an applicationId is not provided. When an applicationId is provided to the Login API call, the application configuration will take precedence. In almost all cases, you will want to this to be true.
    requireAuthentication Boolean
    Indicates whether to require an API key for the Login API when an applicationId is not provided. When an applicationId is provided to the Login API call, the application configuration will take precedence. In almost all cases, you will want to this to be true.

    FusionAuthTenantMaximumPasswordAge, FusionAuthTenantMaximumPasswordAgeArgs

    Days int
    The password maximum age in days. The number of days after which FusionAuth will require a user to change their password. Required when systemConfiguration.maximumPasswordAge.enabled is set to true.
    Enabled bool
    Indicates that the maximum password age is enabled and being enforced.
    Days int
    The password maximum age in days. The number of days after which FusionAuth will require a user to change their password. Required when systemConfiguration.maximumPasswordAge.enabled is set to true.
    Enabled bool
    Indicates that the maximum password age is enabled and being enforced.
    days Integer
    The password maximum age in days. The number of days after which FusionAuth will require a user to change their password. Required when systemConfiguration.maximumPasswordAge.enabled is set to true.
    enabled Boolean
    Indicates that the maximum password age is enabled and being enforced.
    days number
    The password maximum age in days. The number of days after which FusionAuth will require a user to change their password. Required when systemConfiguration.maximumPasswordAge.enabled is set to true.
    enabled boolean
    Indicates that the maximum password age is enabled and being enforced.
    days int
    The password maximum age in days. The number of days after which FusionAuth will require a user to change their password. Required when systemConfiguration.maximumPasswordAge.enabled is set to true.
    enabled bool
    Indicates that the maximum password age is enabled and being enforced.
    days Number
    The password maximum age in days. The number of days after which FusionAuth will require a user to change their password. Required when systemConfiguration.maximumPasswordAge.enabled is set to true.
    enabled Boolean
    Indicates that the maximum password age is enabled and being enforced.

    FusionAuthTenantMinimumPasswordAge, FusionAuthTenantMinimumPasswordAgeArgs

    Enabled bool
    Indicates that the minimum password age is enabled and being enforced.
    Seconds int
    The password minimum age in seconds. When enabled FusionAuth will not allow a password to be changed until it reaches this minimum age. Required when systemConfiguration.minimumPasswordAge.enabled is set to true.
    Enabled bool
    Indicates that the minimum password age is enabled and being enforced.
    Seconds int
    The password minimum age in seconds. When enabled FusionAuth will not allow a password to be changed until it reaches this minimum age. Required when systemConfiguration.minimumPasswordAge.enabled is set to true.
    enabled Boolean
    Indicates that the minimum password age is enabled and being enforced.
    seconds Integer
    The password minimum age in seconds. When enabled FusionAuth will not allow a password to be changed until it reaches this minimum age. Required when systemConfiguration.minimumPasswordAge.enabled is set to true.
    enabled boolean
    Indicates that the minimum password age is enabled and being enforced.
    seconds number
    The password minimum age in seconds. When enabled FusionAuth will not allow a password to be changed until it reaches this minimum age. Required when systemConfiguration.minimumPasswordAge.enabled is set to true.
    enabled bool
    Indicates that the minimum password age is enabled and being enforced.
    seconds int
    The password minimum age in seconds. When enabled FusionAuth will not allow a password to be changed until it reaches this minimum age. Required when systemConfiguration.minimumPasswordAge.enabled is set to true.
    enabled Boolean
    Indicates that the minimum password age is enabled and being enforced.
    seconds Number
    The password minimum age in seconds. When enabled FusionAuth will not allow a password to be changed until it reaches this minimum age. Required when systemConfiguration.minimumPasswordAge.enabled is set to true.

    FusionAuthTenantMultiFactorConfiguration, FusionAuthTenantMultiFactorConfigurationArgs

    Authenticator theogravity.Fusionauth.Inputs.FusionAuthTenantMultiFactorConfigurationAuthenticator
    Email theogravity.Fusionauth.Inputs.FusionAuthTenantMultiFactorConfigurationEmail
    LoginPolicy string
    When set to Enabled and a user has one or more two-factor methods configured, the user will be required to complete a two-factor challenge during login. When set to Disabled, even when a user has configured one or more two-factor methods, the user will not be required to complete a two-factor challenge during login. When the login policy is to Required, a two-factor challenge will be required during login. If a user does not have configured two-factor methods, they will not be able to log in.
    Sms theogravity.Fusionauth.Inputs.FusionAuthTenantMultiFactorConfigurationSms
    Authenticator FusionAuthTenantMultiFactorConfigurationAuthenticator
    Email FusionAuthTenantMultiFactorConfigurationEmail
    LoginPolicy string
    When set to Enabled and a user has one or more two-factor methods configured, the user will be required to complete a two-factor challenge during login. When set to Disabled, even when a user has configured one or more two-factor methods, the user will not be required to complete a two-factor challenge during login. When the login policy is to Required, a two-factor challenge will be required during login. If a user does not have configured two-factor methods, they will not be able to log in.
    Sms FusionAuthTenantMultiFactorConfigurationSms
    authenticator FusionAuthTenantMultiFactorConfigurationAuthenticator
    email FusionAuthTenantMultiFactorConfigurationEmail
    loginPolicy String
    When set to Enabled and a user has one or more two-factor methods configured, the user will be required to complete a two-factor challenge during login. When set to Disabled, even when a user has configured one or more two-factor methods, the user will not be required to complete a two-factor challenge during login. When the login policy is to Required, a two-factor challenge will be required during login. If a user does not have configured two-factor methods, they will not be able to log in.
    sms FusionAuthTenantMultiFactorConfigurationSms
    authenticator FusionAuthTenantMultiFactorConfigurationAuthenticator
    email FusionAuthTenantMultiFactorConfigurationEmail
    loginPolicy string
    When set to Enabled and a user has one or more two-factor methods configured, the user will be required to complete a two-factor challenge during login. When set to Disabled, even when a user has configured one or more two-factor methods, the user will not be required to complete a two-factor challenge during login. When the login policy is to Required, a two-factor challenge will be required during login. If a user does not have configured two-factor methods, they will not be able to log in.
    sms FusionAuthTenantMultiFactorConfigurationSms
    authenticator FusionAuthTenantMultiFactorConfigurationAuthenticator
    email FusionAuthTenantMultiFactorConfigurationEmail
    login_policy str
    When set to Enabled and a user has one or more two-factor methods configured, the user will be required to complete a two-factor challenge during login. When set to Disabled, even when a user has configured one or more two-factor methods, the user will not be required to complete a two-factor challenge during login. When the login policy is to Required, a two-factor challenge will be required during login. If a user does not have configured two-factor methods, they will not be able to log in.
    sms FusionAuthTenantMultiFactorConfigurationSms
    authenticator Property Map
    email Property Map
    loginPolicy String
    When set to Enabled and a user has one or more two-factor methods configured, the user will be required to complete a two-factor challenge during login. When set to Disabled, even when a user has configured one or more two-factor methods, the user will not be required to complete a two-factor challenge during login. When the login policy is to Required, a two-factor challenge will be required during login. If a user does not have configured two-factor methods, they will not be able to log in.
    sms Property Map

    FusionAuthTenantMultiFactorConfigurationAuthenticator, FusionAuthTenantMultiFactorConfigurationAuthenticatorArgs

    Enabled bool
    When enabled, users may utilize an authenticator application to complete a multi-factor authentication request. This method uses TOTP (Time-Based One-Time Password) as defined in RFC 6238 and often uses an native mobile app such as Google Authenticator.
    Enabled bool
    When enabled, users may utilize an authenticator application to complete a multi-factor authentication request. This method uses TOTP (Time-Based One-Time Password) as defined in RFC 6238 and often uses an native mobile app such as Google Authenticator.
    enabled Boolean
    When enabled, users may utilize an authenticator application to complete a multi-factor authentication request. This method uses TOTP (Time-Based One-Time Password) as defined in RFC 6238 and often uses an native mobile app such as Google Authenticator.
    enabled boolean
    When enabled, users may utilize an authenticator application to complete a multi-factor authentication request. This method uses TOTP (Time-Based One-Time Password) as defined in RFC 6238 and often uses an native mobile app such as Google Authenticator.
    enabled bool
    When enabled, users may utilize an authenticator application to complete a multi-factor authentication request. This method uses TOTP (Time-Based One-Time Password) as defined in RFC 6238 and often uses an native mobile app such as Google Authenticator.
    enabled Boolean
    When enabled, users may utilize an authenticator application to complete a multi-factor authentication request. This method uses TOTP (Time-Based One-Time Password) as defined in RFC 6238 and often uses an native mobile app such as Google Authenticator.

    FusionAuthTenantMultiFactorConfigurationEmail, FusionAuthTenantMultiFactorConfigurationEmailArgs

    Enabled bool
    When enabled, users may utilize an email address to complete a multi-factor authentication request.
    TemplateId string
    The Id of the email template that is used when notifying a user to complete a multi-factor authentication request.
    Enabled bool
    When enabled, users may utilize an email address to complete a multi-factor authentication request.
    TemplateId string
    The Id of the email template that is used when notifying a user to complete a multi-factor authentication request.
    enabled Boolean
    When enabled, users may utilize an email address to complete a multi-factor authentication request.
    templateId String
    The Id of the email template that is used when notifying a user to complete a multi-factor authentication request.
    enabled boolean
    When enabled, users may utilize an email address to complete a multi-factor authentication request.
    templateId string
    The Id of the email template that is used when notifying a user to complete a multi-factor authentication request.
    enabled bool
    When enabled, users may utilize an email address to complete a multi-factor authentication request.
    template_id str
    The Id of the email template that is used when notifying a user to complete a multi-factor authentication request.
    enabled Boolean
    When enabled, users may utilize an email address to complete a multi-factor authentication request.
    templateId String
    The Id of the email template that is used when notifying a user to complete a multi-factor authentication request.

    FusionAuthTenantMultiFactorConfigurationSms, FusionAuthTenantMultiFactorConfigurationSmsArgs

    Enabled bool
    When enabled, users may utilize a mobile phone number to complete a multi-factor authentication request.
    MessengerId string
    The messenger that is used to deliver a SMS multi-factor authentication request.
    TemplateId string
    The Id of the SMS template that is used when notifying a user to complete a multi-factor authentication request.
    Enabled bool
    When enabled, users may utilize a mobile phone number to complete a multi-factor authentication request.
    MessengerId string
    The messenger that is used to deliver a SMS multi-factor authentication request.
    TemplateId string
    The Id of the SMS template that is used when notifying a user to complete a multi-factor authentication request.
    enabled Boolean
    When enabled, users may utilize a mobile phone number to complete a multi-factor authentication request.
    messengerId String
    The messenger that is used to deliver a SMS multi-factor authentication request.
    templateId String
    The Id of the SMS template that is used when notifying a user to complete a multi-factor authentication request.
    enabled boolean
    When enabled, users may utilize a mobile phone number to complete a multi-factor authentication request.
    messengerId string
    The messenger that is used to deliver a SMS multi-factor authentication request.
    templateId string
    The Id of the SMS template that is used when notifying a user to complete a multi-factor authentication request.
    enabled bool
    When enabled, users may utilize a mobile phone number to complete a multi-factor authentication request.
    messenger_id str
    The messenger that is used to deliver a SMS multi-factor authentication request.
    template_id str
    The Id of the SMS template that is used when notifying a user to complete a multi-factor authentication request.
    enabled Boolean
    When enabled, users may utilize a mobile phone number to complete a multi-factor authentication request.
    messengerId String
    The messenger that is used to deliver a SMS multi-factor authentication request.
    templateId String
    The Id of the SMS template that is used when notifying a user to complete a multi-factor authentication request.

    FusionAuthTenantOauthConfiguration, FusionAuthTenantOauthConfigurationArgs

    ClientCredentialsAccessTokenPopulateLambdaId string
    The Id of a lambda that will be called to populate the JWT during a client credentials grant. Note: A paid edition of FusionAuth is required to utilize client credentials grant.
    ClientCredentialsAccessTokenPopulateLambdaId string
    The Id of a lambda that will be called to populate the JWT during a client credentials grant. Note: A paid edition of FusionAuth is required to utilize client credentials grant.
    clientCredentialsAccessTokenPopulateLambdaId String
    The Id of a lambda that will be called to populate the JWT during a client credentials grant. Note: A paid edition of FusionAuth is required to utilize client credentials grant.
    clientCredentialsAccessTokenPopulateLambdaId string
    The Id of a lambda that will be called to populate the JWT during a client credentials grant. Note: A paid edition of FusionAuth is required to utilize client credentials grant.
    client_credentials_access_token_populate_lambda_id str
    The Id of a lambda that will be called to populate the JWT during a client credentials grant. Note: A paid edition of FusionAuth is required to utilize client credentials grant.
    clientCredentialsAccessTokenPopulateLambdaId String
    The Id of a lambda that will be called to populate the JWT during a client credentials grant. Note: A paid edition of FusionAuth is required to utilize client credentials grant.

    FusionAuthTenantPasswordEncryptionConfiguration, FusionAuthTenantPasswordEncryptionConfigurationArgs

    EncryptionScheme string
    The default method for encrypting the User’s password.
    EncryptionSchemeFactor int
    The factor used by the password encryption scheme. If not provided, the PasswordEncryptor provides a default value. Generally this will be used as an iteration count to generate the hash. The actual use of this value is up to the PasswordEncryptor implementation.
    ModifyEncryptionSchemeOnLogin bool
    When enabled a user’s hash configuration will be modified to match these configured settings. This can be useful to increase a password hash strength over time or upgrade imported users to a more secure encryption scheme after an initial import.
    EncryptionScheme string
    The default method for encrypting the User’s password.
    EncryptionSchemeFactor int
    The factor used by the password encryption scheme. If not provided, the PasswordEncryptor provides a default value. Generally this will be used as an iteration count to generate the hash. The actual use of this value is up to the PasswordEncryptor implementation.
    ModifyEncryptionSchemeOnLogin bool
    When enabled a user’s hash configuration will be modified to match these configured settings. This can be useful to increase a password hash strength over time or upgrade imported users to a more secure encryption scheme after an initial import.
    encryptionScheme String
    The default method for encrypting the User’s password.
    encryptionSchemeFactor Integer
    The factor used by the password encryption scheme. If not provided, the PasswordEncryptor provides a default value. Generally this will be used as an iteration count to generate the hash. The actual use of this value is up to the PasswordEncryptor implementation.
    modifyEncryptionSchemeOnLogin Boolean
    When enabled a user’s hash configuration will be modified to match these configured settings. This can be useful to increase a password hash strength over time or upgrade imported users to a more secure encryption scheme after an initial import.
    encryptionScheme string
    The default method for encrypting the User’s password.
    encryptionSchemeFactor number
    The factor used by the password encryption scheme. If not provided, the PasswordEncryptor provides a default value. Generally this will be used as an iteration count to generate the hash. The actual use of this value is up to the PasswordEncryptor implementation.
    modifyEncryptionSchemeOnLogin boolean
    When enabled a user’s hash configuration will be modified to match these configured settings. This can be useful to increase a password hash strength over time or upgrade imported users to a more secure encryption scheme after an initial import.
    encryption_scheme str
    The default method for encrypting the User’s password.
    encryption_scheme_factor int
    The factor used by the password encryption scheme. If not provided, the PasswordEncryptor provides a default value. Generally this will be used as an iteration count to generate the hash. The actual use of this value is up to the PasswordEncryptor implementation.
    modify_encryption_scheme_on_login bool
    When enabled a user’s hash configuration will be modified to match these configured settings. This can be useful to increase a password hash strength over time or upgrade imported users to a more secure encryption scheme after an initial import.
    encryptionScheme String
    The default method for encrypting the User’s password.
    encryptionSchemeFactor Number
    The factor used by the password encryption scheme. If not provided, the PasswordEncryptor provides a default value. Generally this will be used as an iteration count to generate the hash. The actual use of this value is up to the PasswordEncryptor implementation.
    modifyEncryptionSchemeOnLogin Boolean
    When enabled a user’s hash configuration will be modified to match these configured settings. This can be useful to increase a password hash strength over time or upgrade imported users to a more secure encryption scheme after an initial import.

    FusionAuthTenantPasswordValidationRules, FusionAuthTenantPasswordValidationRulesArgs

    BreachDetection theogravity.Fusionauth.Inputs.FusionAuthTenantPasswordValidationRulesBreachDetection
    MaxLength int
    The maximum length of a password when a new user is created or a user requests a password change. This value must be greater than 0 and less than or equal to 256. When passwordEncryptionConfiguration.encryptionScheme is equal to bcrypt, the maximum will be limited to 50.
    MinLength int
    The minimum length of a password when a new user is created or a user requests a password change.
    RememberPreviousPasswords theogravity.Fusionauth.Inputs.FusionAuthTenantPasswordValidationRulesRememberPreviousPasswords
    RequireNonAlpha bool
    Whether to force the user to use at least one non-alphanumeric character.
    RequireNumber bool
    Whether to force the user to use at least one number.
    RequiredMixedCase bool
    Whether to force the user to use at least one uppercase and one lowercase character.
    ValidateOnLogin bool
    When enabled the user’s password will be validated during login. If the password does not meet the currently configured validation rules the user will be required to change their password.
    BreachDetection FusionAuthTenantPasswordValidationRulesBreachDetection
    MaxLength int
    The maximum length of a password when a new user is created or a user requests a password change. This value must be greater than 0 and less than or equal to 256. When passwordEncryptionConfiguration.encryptionScheme is equal to bcrypt, the maximum will be limited to 50.
    MinLength int
    The minimum length of a password when a new user is created or a user requests a password change.
    RememberPreviousPasswords FusionAuthTenantPasswordValidationRulesRememberPreviousPasswords
    RequireNonAlpha bool
    Whether to force the user to use at least one non-alphanumeric character.
    RequireNumber bool
    Whether to force the user to use at least one number.
    RequiredMixedCase bool
    Whether to force the user to use at least one uppercase and one lowercase character.
    ValidateOnLogin bool
    When enabled the user’s password will be validated during login. If the password does not meet the currently configured validation rules the user will be required to change their password.
    breachDetection FusionAuthTenantPasswordValidationRulesBreachDetection
    maxLength Integer
    The maximum length of a password when a new user is created or a user requests a password change. This value must be greater than 0 and less than or equal to 256. When passwordEncryptionConfiguration.encryptionScheme is equal to bcrypt, the maximum will be limited to 50.
    minLength Integer
    The minimum length of a password when a new user is created or a user requests a password change.
    rememberPreviousPasswords FusionAuthTenantPasswordValidationRulesRememberPreviousPasswords
    requireNonAlpha Boolean
    Whether to force the user to use at least one non-alphanumeric character.
    requireNumber Boolean
    Whether to force the user to use at least one number.
    requiredMixedCase Boolean
    Whether to force the user to use at least one uppercase and one lowercase character.
    validateOnLogin Boolean
    When enabled the user’s password will be validated during login. If the password does not meet the currently configured validation rules the user will be required to change their password.
    breachDetection FusionAuthTenantPasswordValidationRulesBreachDetection
    maxLength number
    The maximum length of a password when a new user is created or a user requests a password change. This value must be greater than 0 and less than or equal to 256. When passwordEncryptionConfiguration.encryptionScheme is equal to bcrypt, the maximum will be limited to 50.
    minLength number
    The minimum length of a password when a new user is created or a user requests a password change.
    rememberPreviousPasswords FusionAuthTenantPasswordValidationRulesRememberPreviousPasswords
    requireNonAlpha boolean
    Whether to force the user to use at least one non-alphanumeric character.
    requireNumber boolean
    Whether to force the user to use at least one number.
    requiredMixedCase boolean
    Whether to force the user to use at least one uppercase and one lowercase character.
    validateOnLogin boolean
    When enabled the user’s password will be validated during login. If the password does not meet the currently configured validation rules the user will be required to change their password.
    breach_detection FusionAuthTenantPasswordValidationRulesBreachDetection
    max_length int
    The maximum length of a password when a new user is created or a user requests a password change. This value must be greater than 0 and less than or equal to 256. When passwordEncryptionConfiguration.encryptionScheme is equal to bcrypt, the maximum will be limited to 50.
    min_length int
    The minimum length of a password when a new user is created or a user requests a password change.
    remember_previous_passwords FusionAuthTenantPasswordValidationRulesRememberPreviousPasswords
    require_non_alpha bool
    Whether to force the user to use at least one non-alphanumeric character.
    require_number bool
    Whether to force the user to use at least one number.
    required_mixed_case bool
    Whether to force the user to use at least one uppercase and one lowercase character.
    validate_on_login bool
    When enabled the user’s password will be validated during login. If the password does not meet the currently configured validation rules the user will be required to change their password.
    breachDetection Property Map
    maxLength Number
    The maximum length of a password when a new user is created or a user requests a password change. This value must be greater than 0 and less than or equal to 256. When passwordEncryptionConfiguration.encryptionScheme is equal to bcrypt, the maximum will be limited to 50.
    minLength Number
    The minimum length of a password when a new user is created or a user requests a password change.
    rememberPreviousPasswords Property Map
    requireNonAlpha Boolean
    Whether to force the user to use at least one non-alphanumeric character.
    requireNumber Boolean
    Whether to force the user to use at least one number.
    requiredMixedCase Boolean
    Whether to force the user to use at least one uppercase and one lowercase character.
    validateOnLogin Boolean
    When enabled the user’s password will be validated during login. If the password does not meet the currently configured validation rules the user will be required to change their password.

    FusionAuthTenantPasswordValidationRulesBreachDetection, FusionAuthTenantPasswordValidationRulesBreachDetectionArgs

    Enabled bool
    Whether to enable Reactor breach detection. Requires an activated license.
    MatchMode string
    The level of severity where Reactor will consider a breach.
    NotifyUserEmailTemplateId string
    The Id of the email template to use when notifying user of breached password. Required if tenant.passwordValidationRules.breachDetection.onLogin is set to NotifyUser.
    OnLogin string
    The behavior when detecting breaches at time of user login
    Enabled bool
    Whether to enable Reactor breach detection. Requires an activated license.
    MatchMode string
    The level of severity where Reactor will consider a breach.
    NotifyUserEmailTemplateId string
    The Id of the email template to use when notifying user of breached password. Required if tenant.passwordValidationRules.breachDetection.onLogin is set to NotifyUser.
    OnLogin string
    The behavior when detecting breaches at time of user login
    enabled Boolean
    Whether to enable Reactor breach detection. Requires an activated license.
    matchMode String
    The level of severity where Reactor will consider a breach.
    notifyUserEmailTemplateId String
    The Id of the email template to use when notifying user of breached password. Required if tenant.passwordValidationRules.breachDetection.onLogin is set to NotifyUser.
    onLogin String
    The behavior when detecting breaches at time of user login
    enabled boolean
    Whether to enable Reactor breach detection. Requires an activated license.
    matchMode string
    The level of severity where Reactor will consider a breach.
    notifyUserEmailTemplateId string
    The Id of the email template to use when notifying user of breached password. Required if tenant.passwordValidationRules.breachDetection.onLogin is set to NotifyUser.
    onLogin string
    The behavior when detecting breaches at time of user login
    enabled bool
    Whether to enable Reactor breach detection. Requires an activated license.
    match_mode str
    The level of severity where Reactor will consider a breach.
    notify_user_email_template_id str
    The Id of the email template to use when notifying user of breached password. Required if tenant.passwordValidationRules.breachDetection.onLogin is set to NotifyUser.
    on_login str
    The behavior when detecting breaches at time of user login
    enabled Boolean
    Whether to enable Reactor breach detection. Requires an activated license.
    matchMode String
    The level of severity where Reactor will consider a breach.
    notifyUserEmailTemplateId String
    The Id of the email template to use when notifying user of breached password. Required if tenant.passwordValidationRules.breachDetection.onLogin is set to NotifyUser.
    onLogin String
    The behavior when detecting breaches at time of user login

    FusionAuthTenantPasswordValidationRulesRememberPreviousPasswords, FusionAuthTenantPasswordValidationRulesRememberPreviousPasswordsArgs

    Count int
    The number of previous passwords to remember. Value must be greater than 0.
    Enabled bool
    Whether to prevent a user from using any of their previous passwords.
    Count int
    The number of previous passwords to remember. Value must be greater than 0.
    Enabled bool
    Whether to prevent a user from using any of their previous passwords.
    count Integer
    The number of previous passwords to remember. Value must be greater than 0.
    enabled Boolean
    Whether to prevent a user from using any of their previous passwords.
    count number
    The number of previous passwords to remember. Value must be greater than 0.
    enabled boolean
    Whether to prevent a user from using any of their previous passwords.
    count int
    The number of previous passwords to remember. Value must be greater than 0.
    enabled bool
    Whether to prevent a user from using any of their previous passwords.
    count Number
    The number of previous passwords to remember. Value must be greater than 0.
    enabled Boolean
    Whether to prevent a user from using any of their previous passwords.

    FusionAuthTenantRateLimitConfiguration, FusionAuthTenantRateLimitConfigurationArgs

    FusionAuthTenantRateLimitConfigurationFailedLogin, FusionAuthTenantRateLimitConfigurationFailedLoginArgs

    Enabled bool
    Whether rate limiting is enabled for failed login.
    Limit int
    The number of times a user can fail to login within the configured time_period_in_seconds duration. If a Failed authentication action has been configured then it will take precedence.
    TimePeriodInSeconds int
    The duration for the number of times a user can fail login before being rate limited.
    Enabled bool
    Whether rate limiting is enabled for failed login.
    Limit int
    The number of times a user can fail to login within the configured time_period_in_seconds duration. If a Failed authentication action has been configured then it will take precedence.
    TimePeriodInSeconds int
    The duration for the number of times a user can fail login before being rate limited.
    enabled Boolean
    Whether rate limiting is enabled for failed login.
    limit Integer
    The number of times a user can fail to login within the configured time_period_in_seconds duration. If a Failed authentication action has been configured then it will take precedence.
    timePeriodInSeconds Integer
    The duration for the number of times a user can fail login before being rate limited.
    enabled boolean
    Whether rate limiting is enabled for failed login.
    limit number
    The number of times a user can fail to login within the configured time_period_in_seconds duration. If a Failed authentication action has been configured then it will take precedence.
    timePeriodInSeconds number
    The duration for the number of times a user can fail login before being rate limited.
    enabled bool
    Whether rate limiting is enabled for failed login.
    limit int
    The number of times a user can fail to login within the configured time_period_in_seconds duration. If a Failed authentication action has been configured then it will take precedence.
    time_period_in_seconds int
    The duration for the number of times a user can fail login before being rate limited.
    enabled Boolean
    Whether rate limiting is enabled for failed login.
    limit Number
    The number of times a user can fail to login within the configured time_period_in_seconds duration. If a Failed authentication action has been configured then it will take precedence.
    timePeriodInSeconds Number
    The duration for the number of times a user can fail login before being rate limited.

    FusionAuthTenantRateLimitConfigurationForgotPassword, FusionAuthTenantRateLimitConfigurationForgotPasswordArgs

    Enabled bool
    Whether rate limiting is enabled for forgot password.
    Limit int
    The number of times a user can request a forgot password email within the configured time_period_in_seconds duration.
    TimePeriodInSeconds int
    The duration for the number of times a user can request a forgot password email before being rate limited.
    Enabled bool
    Whether rate limiting is enabled for forgot password.
    Limit int
    The number of times a user can request a forgot password email within the configured time_period_in_seconds duration.
    TimePeriodInSeconds int
    The duration for the number of times a user can request a forgot password email before being rate limited.
    enabled Boolean
    Whether rate limiting is enabled for forgot password.
    limit Integer
    The number of times a user can request a forgot password email within the configured time_period_in_seconds duration.
    timePeriodInSeconds Integer
    The duration for the number of times a user can request a forgot password email before being rate limited.
    enabled boolean
    Whether rate limiting is enabled for forgot password.
    limit number
    The number of times a user can request a forgot password email within the configured time_period_in_seconds duration.
    timePeriodInSeconds number
    The duration for the number of times a user can request a forgot password email before being rate limited.
    enabled bool
    Whether rate limiting is enabled for forgot password.
    limit int
    The number of times a user can request a forgot password email within the configured time_period_in_seconds duration.
    time_period_in_seconds int
    The duration for the number of times a user can request a forgot password email before being rate limited.
    enabled Boolean
    Whether rate limiting is enabled for forgot password.
    limit Number
    The number of times a user can request a forgot password email within the configured time_period_in_seconds duration.
    timePeriodInSeconds Number
    The duration for the number of times a user can request a forgot password email before being rate limited.

    FusionAuthTenantRateLimitConfigurationSendEmailVerification, FusionAuthTenantRateLimitConfigurationSendEmailVerificationArgs

    Enabled bool
    Whether rate limiting is enabled for send email verification.
    Limit int
    The number of times a user can request a verification email within the configured time_period_in_seconds duration.
    TimePeriodInSeconds int
    The duration for the number of times a user can request a verification email before being rate limited.
    Enabled bool
    Whether rate limiting is enabled for send email verification.
    Limit int
    The number of times a user can request a verification email within the configured time_period_in_seconds duration.
    TimePeriodInSeconds int
    The duration for the number of times a user can request a verification email before being rate limited.
    enabled Boolean
    Whether rate limiting is enabled for send email verification.
    limit Integer
    The number of times a user can request a verification email within the configured time_period_in_seconds duration.
    timePeriodInSeconds Integer
    The duration for the number of times a user can request a verification email before being rate limited.
    enabled boolean
    Whether rate limiting is enabled for send email verification.
    limit number
    The number of times a user can request a verification email within the configured time_period_in_seconds duration.
    timePeriodInSeconds number
    The duration for the number of times a user can request a verification email before being rate limited.
    enabled bool
    Whether rate limiting is enabled for send email verification.
    limit int
    The number of times a user can request a verification email within the configured time_period_in_seconds duration.
    time_period_in_seconds int
    The duration for the number of times a user can request a verification email before being rate limited.
    enabled Boolean
    Whether rate limiting is enabled for send email verification.
    limit Number
    The number of times a user can request a verification email within the configured time_period_in_seconds duration.
    timePeriodInSeconds Number
    The duration for the number of times a user can request a verification email before being rate limited.

    FusionAuthTenantRateLimitConfigurationSendPasswordless, FusionAuthTenantRateLimitConfigurationSendPasswordlessArgs

    Enabled bool
    Whether rate limiting is enabled for send passwordless.
    Limit int
    The number of times a user can request a passwordless login email within the configured time_period_in_seconds duration.
    TimePeriodInSeconds int
    The duration for the number of times a user can request a passwordless login email before being rate limited.
    Enabled bool
    Whether rate limiting is enabled for send passwordless.
    Limit int
    The number of times a user can request a passwordless login email within the configured time_period_in_seconds duration.
    TimePeriodInSeconds int
    The duration for the number of times a user can request a passwordless login email before being rate limited.
    enabled Boolean
    Whether rate limiting is enabled for send passwordless.
    limit Integer
    The number of times a user can request a passwordless login email within the configured time_period_in_seconds duration.
    timePeriodInSeconds Integer
    The duration for the number of times a user can request a passwordless login email before being rate limited.
    enabled boolean
    Whether rate limiting is enabled for send passwordless.
    limit number
    The number of times a user can request a passwordless login email within the configured time_period_in_seconds duration.
    timePeriodInSeconds number
    The duration for the number of times a user can request a passwordless login email before being rate limited.
    enabled bool
    Whether rate limiting is enabled for send passwordless.
    limit int
    The number of times a user can request a passwordless login email within the configured time_period_in_seconds duration.
    time_period_in_seconds int
    The duration for the number of times a user can request a passwordless login email before being rate limited.
    enabled Boolean
    Whether rate limiting is enabled for send passwordless.
    limit Number
    The number of times a user can request a passwordless login email within the configured time_period_in_seconds duration.
    timePeriodInSeconds Number
    The duration for the number of times a user can request a passwordless login email before being rate limited.

    FusionAuthTenantRateLimitConfigurationSendRegistrationVerification, FusionAuthTenantRateLimitConfigurationSendRegistrationVerificationArgs

    Enabled bool
    Whether rate limiting is enabled for send registration verification.
    Limit int
    The number of times a user can request a registration verification email within the configured time_period_in_seconds duration.
    TimePeriodInSeconds int
    The duration for the number of times a user can request a registration verification email before being rate limited.
    Enabled bool
    Whether rate limiting is enabled for send registration verification.
    Limit int
    The number of times a user can request a registration verification email within the configured time_period_in_seconds duration.
    TimePeriodInSeconds int
    The duration for the number of times a user can request a registration verification email before being rate limited.
    enabled Boolean
    Whether rate limiting is enabled for send registration verification.
    limit Integer
    The number of times a user can request a registration verification email within the configured time_period_in_seconds duration.
    timePeriodInSeconds Integer
    The duration for the number of times a user can request a registration verification email before being rate limited.
    enabled boolean
    Whether rate limiting is enabled for send registration verification.
    limit number
    The number of times a user can request a registration verification email within the configured time_period_in_seconds duration.
    timePeriodInSeconds number
    The duration for the number of times a user can request a registration verification email before being rate limited.
    enabled bool
    Whether rate limiting is enabled for send registration verification.
    limit int
    The number of times a user can request a registration verification email within the configured time_period_in_seconds duration.
    time_period_in_seconds int
    The duration for the number of times a user can request a registration verification email before being rate limited.
    enabled Boolean
    Whether rate limiting is enabled for send registration verification.
    limit Number
    The number of times a user can request a registration verification email within the configured time_period_in_seconds duration.
    timePeriodInSeconds Number
    The duration for the number of times a user can request a registration verification email before being rate limited.

    FusionAuthTenantRateLimitConfigurationSendTwoFactor, FusionAuthTenantRateLimitConfigurationSendTwoFactorArgs

    Enabled bool
    Whether rate limiting is enabled for send two factor.
    Limit int
    The number of times a user can request a two-factor code by email or SMS within the configured time_period_in_seconds duration.
    TimePeriodInSeconds int
    The duration for the number of times a user can request a two-factor code by email or SMS before being rate limited.
    Enabled bool
    Whether rate limiting is enabled for send two factor.
    Limit int
    The number of times a user can request a two-factor code by email or SMS within the configured time_period_in_seconds duration.
    TimePeriodInSeconds int
    The duration for the number of times a user can request a two-factor code by email or SMS before being rate limited.
    enabled Boolean
    Whether rate limiting is enabled for send two factor.
    limit Integer
    The number of times a user can request a two-factor code by email or SMS within the configured time_period_in_seconds duration.
    timePeriodInSeconds Integer
    The duration for the number of times a user can request a two-factor code by email or SMS before being rate limited.
    enabled boolean
    Whether rate limiting is enabled for send two factor.
    limit number
    The number of times a user can request a two-factor code by email or SMS within the configured time_period_in_seconds duration.
    timePeriodInSeconds number
    The duration for the number of times a user can request a two-factor code by email or SMS before being rate limited.
    enabled bool
    Whether rate limiting is enabled for send two factor.
    limit int
    The number of times a user can request a two-factor code by email or SMS within the configured time_period_in_seconds duration.
    time_period_in_seconds int
    The duration for the number of times a user can request a two-factor code by email or SMS before being rate limited.
    enabled Boolean
    Whether rate limiting is enabled for send two factor.
    limit Number
    The number of times a user can request a two-factor code by email or SMS within the configured time_period_in_seconds duration.
    timePeriodInSeconds Number
    The duration for the number of times a user can request a two-factor code by email or SMS before being rate limited.

    FusionAuthTenantRegistrationConfiguration, FusionAuthTenantRegistrationConfigurationArgs

    BlockedDomains List<string>
    A list of unique domains that are not allowed to register when self service is enabled.
    BlockedDomains []string
    A list of unique domains that are not allowed to register when self service is enabled.
    blockedDomains List<String>
    A list of unique domains that are not allowed to register when self service is enabled.
    blockedDomains string[]
    A list of unique domains that are not allowed to register when self service is enabled.
    blocked_domains Sequence[str]
    A list of unique domains that are not allowed to register when self service is enabled.
    blockedDomains List<String>
    A list of unique domains that are not allowed to register when self service is enabled.

    FusionAuthTenantUserDeletePolicy, FusionAuthTenantUserDeletePolicyArgs

    UnverifiedEnabled bool
    Indicates that users without a verified email address will be permanently deleted after tenant.userDeletePolicy.unverified.numberOfDaysToRetain days.
    UnverifiedNumberOfDaysToRetain int
    The number of days from creation users will be retained before being deleted for not completing email verification. This field is required when tenant.userDeletePolicy.unverified.enabled is set to true. Value must be greater than 0.
    UnverifiedEnabled bool
    Indicates that users without a verified email address will be permanently deleted after tenant.userDeletePolicy.unverified.numberOfDaysToRetain days.
    UnverifiedNumberOfDaysToRetain int
    The number of days from creation users will be retained before being deleted for not completing email verification. This field is required when tenant.userDeletePolicy.unverified.enabled is set to true. Value must be greater than 0.
    unverifiedEnabled Boolean
    Indicates that users without a verified email address will be permanently deleted after tenant.userDeletePolicy.unverified.numberOfDaysToRetain days.
    unverifiedNumberOfDaysToRetain Integer
    The number of days from creation users will be retained before being deleted for not completing email verification. This field is required when tenant.userDeletePolicy.unverified.enabled is set to true. Value must be greater than 0.
    unverifiedEnabled boolean
    Indicates that users without a verified email address will be permanently deleted after tenant.userDeletePolicy.unverified.numberOfDaysToRetain days.
    unverifiedNumberOfDaysToRetain number
    The number of days from creation users will be retained before being deleted for not completing email verification. This field is required when tenant.userDeletePolicy.unverified.enabled is set to true. Value must be greater than 0.
    unverified_enabled bool
    Indicates that users without a verified email address will be permanently deleted after tenant.userDeletePolicy.unverified.numberOfDaysToRetain days.
    unverified_number_of_days_to_retain int
    The number of days from creation users will be retained before being deleted for not completing email verification. This field is required when tenant.userDeletePolicy.unverified.enabled is set to true. Value must be greater than 0.
    unverifiedEnabled Boolean
    Indicates that users without a verified email address will be permanently deleted after tenant.userDeletePolicy.unverified.numberOfDaysToRetain days.
    unverifiedNumberOfDaysToRetain Number
    The number of days from creation users will be retained before being deleted for not completing email verification. This field is required when tenant.userDeletePolicy.unverified.enabled is set to true. Value must be greater than 0.

    FusionAuthTenantUsernameConfiguration, FusionAuthTenantUsernameConfigurationArgs

    Unique theogravity.Fusionauth.Inputs.FusionAuthTenantUsernameConfigurationUnique
    Indicates that users without a verified email address will be permanently deleted after tenant.userDeletePolicy.unverified.numberOfDaysToRetain days.
    Unique FusionAuthTenantUsernameConfigurationUnique
    Indicates that users without a verified email address will be permanently deleted after tenant.userDeletePolicy.unverified.numberOfDaysToRetain days.
    unique FusionAuthTenantUsernameConfigurationUnique
    Indicates that users without a verified email address will be permanently deleted after tenant.userDeletePolicy.unverified.numberOfDaysToRetain days.
    unique FusionAuthTenantUsernameConfigurationUnique
    Indicates that users without a verified email address will be permanently deleted after tenant.userDeletePolicy.unverified.numberOfDaysToRetain days.
    unique FusionAuthTenantUsernameConfigurationUnique
    Indicates that users without a verified email address will be permanently deleted after tenant.userDeletePolicy.unverified.numberOfDaysToRetain days.
    unique Property Map
    Indicates that users without a verified email address will be permanently deleted after tenant.userDeletePolicy.unverified.numberOfDaysToRetain days.

    FusionAuthTenantUsernameConfigurationUnique, FusionAuthTenantUsernameConfigurationUniqueArgs

    Enabled bool
    When true, FusionAuth will handle username collisions by generating a random suffix.
    NumberOfDigits int
    The maximum number of digits to use when building a unique suffix for a username. A number will be randomly selected and will be 1 or more digits up to this configured value in length. For example, if this value is 5, the suffix will be a number between 00001 and 99999, inclusive.
    Separator string
    A single character to use as a separator from the requested username and a unique suffix that is added when a duplicate username is detected. This value can be a single non-alphanumeric ASCII character.
    Strategy string
    When enabled the user’s password will be validated during login. If the password does not meet the currently configured validation rules the user will be required to change their password.
    Enabled bool
    When true, FusionAuth will handle username collisions by generating a random suffix.
    NumberOfDigits int
    The maximum number of digits to use when building a unique suffix for a username. A number will be randomly selected and will be 1 or more digits up to this configured value in length. For example, if this value is 5, the suffix will be a number between 00001 and 99999, inclusive.
    Separator string
    A single character to use as a separator from the requested username and a unique suffix that is added when a duplicate username is detected. This value can be a single non-alphanumeric ASCII character.
    Strategy string
    When enabled the user’s password will be validated during login. If the password does not meet the currently configured validation rules the user will be required to change their password.
    enabled Boolean
    When true, FusionAuth will handle username collisions by generating a random suffix.
    numberOfDigits Integer
    The maximum number of digits to use when building a unique suffix for a username. A number will be randomly selected and will be 1 or more digits up to this configured value in length. For example, if this value is 5, the suffix will be a number between 00001 and 99999, inclusive.
    separator String
    A single character to use as a separator from the requested username and a unique suffix that is added when a duplicate username is detected. This value can be a single non-alphanumeric ASCII character.
    strategy String
    When enabled the user’s password will be validated during login. If the password does not meet the currently configured validation rules the user will be required to change their password.
    enabled boolean
    When true, FusionAuth will handle username collisions by generating a random suffix.
    numberOfDigits number
    The maximum number of digits to use when building a unique suffix for a username. A number will be randomly selected and will be 1 or more digits up to this configured value in length. For example, if this value is 5, the suffix will be a number between 00001 and 99999, inclusive.
    separator string
    A single character to use as a separator from the requested username and a unique suffix that is added when a duplicate username is detected. This value can be a single non-alphanumeric ASCII character.
    strategy string
    When enabled the user’s password will be validated during login. If the password does not meet the currently configured validation rules the user will be required to change their password.
    enabled bool
    When true, FusionAuth will handle username collisions by generating a random suffix.
    number_of_digits int
    The maximum number of digits to use when building a unique suffix for a username. A number will be randomly selected and will be 1 or more digits up to this configured value in length. For example, if this value is 5, the suffix will be a number between 00001 and 99999, inclusive.
    separator str
    A single character to use as a separator from the requested username and a unique suffix that is added when a duplicate username is detected. This value can be a single non-alphanumeric ASCII character.
    strategy str
    When enabled the user’s password will be validated during login. If the password does not meet the currently configured validation rules the user will be required to change their password.
    enabled Boolean
    When true, FusionAuth will handle username collisions by generating a random suffix.
    numberOfDigits Number
    The maximum number of digits to use when building a unique suffix for a username. A number will be randomly selected and will be 1 or more digits up to this configured value in length. For example, if this value is 5, the suffix will be a number between 00001 and 99999, inclusive.
    separator String
    A single character to use as a separator from the requested username and a unique suffix that is added when a duplicate username is detected. This value can be a single non-alphanumeric ASCII character.
    strategy String
    When enabled the user’s password will be validated during login. If the password does not meet the currently configured validation rules the user will be required to change their password.

    Package Details

    Repository
    fusionauth theogravity/pulumi-fusionauth
    License
    MIT
    Notes
    This Pulumi package is based on the fusionauth Terraform Provider.
    fusionauth logo
    FusionAuth v5.1.0 published on Tuesday, Oct 22, 2024 by Theo Gravity