1. Packages
  2. Keycloak Provider
  3. API Docs
  4. openid
  5. getClient
Keycloak v5.3.5 published on Wednesday, Oct 16, 2024 by Pulumi

keycloak.openid.getClient

Explore with Pulumi AI

keycloak logo
Keycloak v5.3.5 published on Wednesday, Oct 16, 2024 by Pulumi

    # keycloak.openid.Client data source

    This data source can be used to fetch properties of a Keycloak OpenID client for usage with other resources.

    Example Usage

    import * as pulumi from "@pulumi/pulumi";
    import * as keycloak from "@pulumi/keycloak";
    
    const realmManagement = keycloak.openid.getClient({
        realmId: "my-realm",
        clientId: "realm-management",
    });
    // use the data source
    const admin = realmManagement.then(realmManagement => keycloak.getRole({
        realmId: "my-realm",
        clientId: realmManagement.id,
        name: "realm-admin",
    }));
    
    import pulumi
    import pulumi_keycloak as keycloak
    
    realm_management = keycloak.openid.get_client(realm_id="my-realm",
        client_id="realm-management")
    # use the data source
    admin = keycloak.get_role(realm_id="my-realm",
        client_id=realm_management.id,
        name="realm-admin")
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-keycloak/sdk/v5/go/keycloak"
    	"github.com/pulumi/pulumi-keycloak/sdk/v5/go/keycloak/openid"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		realmManagement, err := openid.LookupClient(ctx, &openid.LookupClientArgs{
    			RealmId:  "my-realm",
    			ClientId: "realm-management",
    		}, nil)
    		if err != nil {
    			return err
    		}
    		// use the data source
    		_, err = keycloak.LookupRole(ctx, &keycloak.LookupRoleArgs{
    			RealmId:  "my-realm",
    			ClientId: pulumi.StringRef(realmManagement.Id),
    			Name:     "realm-admin",
    		}, nil)
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Keycloak = Pulumi.Keycloak;
    
    return await Deployment.RunAsync(() => 
    {
        var realmManagement = Keycloak.OpenId.GetClient.Invoke(new()
        {
            RealmId = "my-realm",
            ClientId = "realm-management",
        });
    
        // use the data source
        var admin = Keycloak.GetRole.Invoke(new()
        {
            RealmId = "my-realm",
            ClientId = realmManagement.Apply(getClientResult => getClientResult.Id),
            Name = "realm-admin",
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.keycloak.openid.OpenidFunctions;
    import com.pulumi.keycloak.openid.inputs.GetClientArgs;
    import com.pulumi.keycloak.KeycloakFunctions;
    import com.pulumi.keycloak.inputs.GetRoleArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            final var realmManagement = OpenidFunctions.getClient(GetClientArgs.builder()
                .realmId("my-realm")
                .clientId("realm-management")
                .build());
    
            // use the data source
            final var admin = KeycloakFunctions.getRole(GetRoleArgs.builder()
                .realmId("my-realm")
                .clientId(realmManagement.applyValue(getClientResult -> getClientResult.id()))
                .name("realm-admin")
                .build());
    
        }
    }
    
    variables:
      realmManagement:
        fn::invoke:
          Function: keycloak:openid:getClient
          Arguments:
            realmId: my-realm
            clientId: realm-management
      # use the data source
      admin:
        fn::invoke:
          Function: keycloak:getRole
          Arguments:
            realmId: my-realm
            clientId: ${realmManagement.id}
            name: realm-admin
    

    Argument Reference

    The following arguments are supported:

    • realm_id - (Required) The realm id.
    • client_id - (Required) The client id.

    Attributes Reference

    See the docs for the keycloak.openid.Client resource for details on the exported attributes.

    Using getClient

    Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.

    function getClient(args: GetClientArgs, opts?: InvokeOptions): Promise<GetClientResult>
    function getClientOutput(args: GetClientOutputArgs, opts?: InvokeOptions): Output<GetClientResult>
    def get_client(client_id: Optional[str] = None,
                   consent_screen_text: Optional[str] = None,
                   display_on_consent_screen: Optional[bool] = None,
                   extra_config: Optional[Mapping[str, str]] = None,
                   oauth2_device_authorization_grant_enabled: Optional[bool] = None,
                   oauth2_device_code_lifespan: Optional[str] = None,
                   oauth2_device_polling_interval: Optional[str] = None,
                   realm_id: Optional[str] = None,
                   opts: Optional[InvokeOptions] = None) -> GetClientResult
    def get_client_output(client_id: Optional[pulumi.Input[str]] = None,
                   consent_screen_text: Optional[pulumi.Input[str]] = None,
                   display_on_consent_screen: Optional[pulumi.Input[bool]] = None,
                   extra_config: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
                   oauth2_device_authorization_grant_enabled: Optional[pulumi.Input[bool]] = None,
                   oauth2_device_code_lifespan: Optional[pulumi.Input[str]] = None,
                   oauth2_device_polling_interval: Optional[pulumi.Input[str]] = None,
                   realm_id: Optional[pulumi.Input[str]] = None,
                   opts: Optional[InvokeOptions] = None) -> Output[GetClientResult]
    func LookupClient(ctx *Context, args *LookupClientArgs, opts ...InvokeOption) (*LookupClientResult, error)
    func LookupClientOutput(ctx *Context, args *LookupClientOutputArgs, opts ...InvokeOption) LookupClientResultOutput

    > Note: This function is named LookupClient in the Go SDK.

    public static class GetClient 
    {
        public static Task<GetClientResult> InvokeAsync(GetClientArgs args, InvokeOptions? opts = null)
        public static Output<GetClientResult> Invoke(GetClientInvokeArgs args, InvokeOptions? opts = null)
    }
    public static CompletableFuture<GetClientResult> getClient(GetClientArgs args, InvokeOptions options)
    // Output-based functions aren't available in Java yet
    
    fn::invoke:
      function: keycloak:openid/getClient:getClient
      arguments:
        # arguments dictionary

    The following arguments are supported:

    getClient Result

    The following output properties are available:

    AccessTokenLifespan string
    AccessType string
    AdminUrl string
    AuthenticationFlowBindingOverrides List<GetClientAuthenticationFlowBindingOverride>
    Authorizations List<GetClientAuthorization>
    BackchannelLogoutRevokeOfflineSessions bool
    BackchannelLogoutSessionRequired bool
    BackchannelLogoutUrl string
    BaseUrl string
    ClientAuthenticatorType string
    ClientId string
    ClientOfflineSessionIdleTimeout string
    ClientOfflineSessionMaxLifespan string
    ClientSecret string
    ClientSessionIdleTimeout string
    ClientSessionMaxLifespan string
    ConsentRequired bool
    Description string
    DirectAccessGrantsEnabled bool
    Enabled bool
    ExcludeSessionStateFromAuthResponse bool
    ExtraConfig Dictionary<string, string>
    FrontchannelLogoutEnabled bool
    FrontchannelLogoutUrl string
    FullScopeAllowed bool
    Id string
    The provider-assigned unique ID for this managed resource.
    ImplicitFlowEnabled bool
    LoginTheme string
    Name string
    PkceCodeChallengeMethod string
    RealmId string
    ResourceServerId string
    RootUrl string
    ServiceAccountUserId string
    ServiceAccountsEnabled bool
    StandardFlowEnabled bool
    UseRefreshTokens bool
    UseRefreshTokensClientCredentials bool
    ValidPostLogoutRedirectUris List<string>
    ValidRedirectUris List<string>
    WebOrigins List<string>
    ConsentScreenText string
    DisplayOnConsentScreen bool
    Oauth2DeviceAuthorizationGrantEnabled bool
    Oauth2DeviceCodeLifespan string
    Oauth2DevicePollingInterval string
    AccessTokenLifespan string
    AccessType string
    AdminUrl string
    AuthenticationFlowBindingOverrides []GetClientAuthenticationFlowBindingOverride
    Authorizations []GetClientAuthorization
    BackchannelLogoutRevokeOfflineSessions bool
    BackchannelLogoutSessionRequired bool
    BackchannelLogoutUrl string
    BaseUrl string
    ClientAuthenticatorType string
    ClientId string
    ClientOfflineSessionIdleTimeout string
    ClientOfflineSessionMaxLifespan string
    ClientSecret string
    ClientSessionIdleTimeout string
    ClientSessionMaxLifespan string
    ConsentRequired bool
    Description string
    DirectAccessGrantsEnabled bool
    Enabled bool
    ExcludeSessionStateFromAuthResponse bool
    ExtraConfig map[string]string
    FrontchannelLogoutEnabled bool
    FrontchannelLogoutUrl string
    FullScopeAllowed bool
    Id string
    The provider-assigned unique ID for this managed resource.
    ImplicitFlowEnabled bool
    LoginTheme string
    Name string
    PkceCodeChallengeMethod string
    RealmId string
    ResourceServerId string
    RootUrl string
    ServiceAccountUserId string
    ServiceAccountsEnabled bool
    StandardFlowEnabled bool
    UseRefreshTokens bool
    UseRefreshTokensClientCredentials bool
    ValidPostLogoutRedirectUris []string
    ValidRedirectUris []string
    WebOrigins []string
    ConsentScreenText string
    DisplayOnConsentScreen bool
    Oauth2DeviceAuthorizationGrantEnabled bool
    Oauth2DeviceCodeLifespan string
    Oauth2DevicePollingInterval string
    accessTokenLifespan String
    accessType String
    adminUrl String
    authenticationFlowBindingOverrides List<GetClientAuthenticationFlowBindingOverride>
    authorizations List<GetClientAuthorization>
    backchannelLogoutRevokeOfflineSessions Boolean
    backchannelLogoutSessionRequired Boolean
    backchannelLogoutUrl String
    baseUrl String
    clientAuthenticatorType String
    clientId String
    clientOfflineSessionIdleTimeout String
    clientOfflineSessionMaxLifespan String
    clientSecret String
    clientSessionIdleTimeout String
    clientSessionMaxLifespan String
    consentRequired Boolean
    description String
    directAccessGrantsEnabled Boolean
    enabled Boolean
    excludeSessionStateFromAuthResponse Boolean
    extraConfig Map<String,String>
    frontchannelLogoutEnabled Boolean
    frontchannelLogoutUrl String
    fullScopeAllowed Boolean
    id String
    The provider-assigned unique ID for this managed resource.
    implicitFlowEnabled Boolean
    loginTheme String
    name String
    pkceCodeChallengeMethod String
    realmId String
    resourceServerId String
    rootUrl String
    serviceAccountUserId String
    serviceAccountsEnabled Boolean
    standardFlowEnabled Boolean
    useRefreshTokens Boolean
    useRefreshTokensClientCredentials Boolean
    validPostLogoutRedirectUris List<String>
    validRedirectUris List<String>
    webOrigins List<String>
    consentScreenText String
    displayOnConsentScreen Boolean
    oauth2DeviceAuthorizationGrantEnabled Boolean
    oauth2DeviceCodeLifespan String
    oauth2DevicePollingInterval String
    accessTokenLifespan string
    accessType string
    adminUrl string
    authenticationFlowBindingOverrides GetClientAuthenticationFlowBindingOverride[]
    authorizations GetClientAuthorization[]
    backchannelLogoutRevokeOfflineSessions boolean
    backchannelLogoutSessionRequired boolean
    backchannelLogoutUrl string
    baseUrl string
    clientAuthenticatorType string
    clientId string
    clientOfflineSessionIdleTimeout string
    clientOfflineSessionMaxLifespan string
    clientSecret string
    clientSessionIdleTimeout string
    clientSessionMaxLifespan string
    consentRequired boolean
    description string
    directAccessGrantsEnabled boolean
    enabled boolean
    excludeSessionStateFromAuthResponse boolean
    extraConfig {[key: string]: string}
    frontchannelLogoutEnabled boolean
    frontchannelLogoutUrl string
    fullScopeAllowed boolean
    id string
    The provider-assigned unique ID for this managed resource.
    implicitFlowEnabled boolean
    loginTheme string
    name string
    pkceCodeChallengeMethod string
    realmId string
    resourceServerId string
    rootUrl string
    serviceAccountUserId string
    serviceAccountsEnabled boolean
    standardFlowEnabled boolean
    useRefreshTokens boolean
    useRefreshTokensClientCredentials boolean
    validPostLogoutRedirectUris string[]
    validRedirectUris string[]
    webOrigins string[]
    consentScreenText string
    displayOnConsentScreen boolean
    oauth2DeviceAuthorizationGrantEnabled boolean
    oauth2DeviceCodeLifespan string
    oauth2DevicePollingInterval string
    access_token_lifespan str
    access_type str
    admin_url str
    authentication_flow_binding_overrides Sequence[GetClientAuthenticationFlowBindingOverride]
    authorizations Sequence[GetClientAuthorization]
    backchannel_logout_revoke_offline_sessions bool
    backchannel_logout_session_required bool
    backchannel_logout_url str
    base_url str
    client_authenticator_type str
    client_id str
    client_offline_session_idle_timeout str
    client_offline_session_max_lifespan str
    client_secret str
    client_session_idle_timeout str
    client_session_max_lifespan str
    consent_required bool
    description str
    direct_access_grants_enabled bool
    enabled bool
    exclude_session_state_from_auth_response bool
    extra_config Mapping[str, str]
    frontchannel_logout_enabled bool
    frontchannel_logout_url str
    full_scope_allowed bool
    id str
    The provider-assigned unique ID for this managed resource.
    implicit_flow_enabled bool
    login_theme str
    name str
    pkce_code_challenge_method str
    realm_id str
    resource_server_id str
    root_url str
    service_account_user_id str
    service_accounts_enabled bool
    standard_flow_enabled bool
    use_refresh_tokens bool
    use_refresh_tokens_client_credentials bool
    valid_post_logout_redirect_uris Sequence[str]
    valid_redirect_uris Sequence[str]
    web_origins Sequence[str]
    consent_screen_text str
    display_on_consent_screen bool
    oauth2_device_authorization_grant_enabled bool
    oauth2_device_code_lifespan str
    oauth2_device_polling_interval str
    accessTokenLifespan String
    accessType String
    adminUrl String
    authenticationFlowBindingOverrides List<Property Map>
    authorizations List<Property Map>
    backchannelLogoutRevokeOfflineSessions Boolean
    backchannelLogoutSessionRequired Boolean
    backchannelLogoutUrl String
    baseUrl String
    clientAuthenticatorType String
    clientId String
    clientOfflineSessionIdleTimeout String
    clientOfflineSessionMaxLifespan String
    clientSecret String
    clientSessionIdleTimeout String
    clientSessionMaxLifespan String
    consentRequired Boolean
    description String
    directAccessGrantsEnabled Boolean
    enabled Boolean
    excludeSessionStateFromAuthResponse Boolean
    extraConfig Map<String>
    frontchannelLogoutEnabled Boolean
    frontchannelLogoutUrl String
    fullScopeAllowed Boolean
    id String
    The provider-assigned unique ID for this managed resource.
    implicitFlowEnabled Boolean
    loginTheme String
    name String
    pkceCodeChallengeMethod String
    realmId String
    resourceServerId String
    rootUrl String
    serviceAccountUserId String
    serviceAccountsEnabled Boolean
    standardFlowEnabled Boolean
    useRefreshTokens Boolean
    useRefreshTokensClientCredentials Boolean
    validPostLogoutRedirectUris List<String>
    validRedirectUris List<String>
    webOrigins List<String>
    consentScreenText String
    displayOnConsentScreen Boolean
    oauth2DeviceAuthorizationGrantEnabled Boolean
    oauth2DeviceCodeLifespan String
    oauth2DevicePollingInterval String

    Supporting Types

    GetClientAuthenticationFlowBindingOverride

    GetClientAuthorization

    Package Details

    Repository
    Keycloak pulumi/pulumi-keycloak
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the keycloak Terraform Provider.
    keycloak logo
    Keycloak v5.3.5 published on Wednesday, Oct 16, 2024 by Pulumi