1. Packages
  2. Keycloak Provider
  3. API Docs
  4. openid
  5. UserAttributeProtocolMapper
Keycloak v5.3.5 published on Wednesday, Oct 16, 2024 by Pulumi

keycloak.openid.UserAttributeProtocolMapper

Explore with Pulumi AI

keycloak logo
Keycloak v5.3.5 published on Wednesday, Oct 16, 2024 by Pulumi

    # keycloak.openid.UserAttributeProtocolMapper

    Allows for creating and managing user attribute protocol mappers within Keycloak.

    User attribute protocol mappers allow you to map custom attributes defined for a user within Keycloak to a claim in a token. Protocol mappers can be defined for a single client, or they can be defined for a client scope which can be shared between multiple different clients.

    Example Usage (Client)

    import * as pulumi from "@pulumi/pulumi";
    import * as keycloak from "@pulumi/keycloak";
    
    const realm = new keycloak.Realm("realm", {
        realm: "my-realm",
        enabled: true,
    });
    const openidClient = new keycloak.openid.Client("openid_client", {
        realmId: realm.id,
        clientId: "test-client",
        name: "test client",
        enabled: true,
        accessType: "CONFIDENTIAL",
        validRedirectUris: ["http://localhost:8080/openid-callback"],
    });
    const userAttributeMapper = new keycloak.openid.UserAttributeProtocolMapper("user_attribute_mapper", {
        realmId: realm.id,
        clientId: openidClient.id,
        name: "test-mapper",
        userAttribute: "foo",
        claimName: "bar",
    });
    
    import pulumi
    import pulumi_keycloak as keycloak
    
    realm = keycloak.Realm("realm",
        realm="my-realm",
        enabled=True)
    openid_client = keycloak.openid.Client("openid_client",
        realm_id=realm.id,
        client_id="test-client",
        name="test client",
        enabled=True,
        access_type="CONFIDENTIAL",
        valid_redirect_uris=["http://localhost:8080/openid-callback"])
    user_attribute_mapper = keycloak.openid.UserAttributeProtocolMapper("user_attribute_mapper",
        realm_id=realm.id,
        client_id=openid_client.id,
        name="test-mapper",
        user_attribute="foo",
        claim_name="bar")
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-keycloak/sdk/v5/go/keycloak"
    	"github.com/pulumi/pulumi-keycloak/sdk/v5/go/keycloak/openid"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		realm, err := keycloak.NewRealm(ctx, "realm", &keycloak.RealmArgs{
    			Realm:   pulumi.String("my-realm"),
    			Enabled: pulumi.Bool(true),
    		})
    		if err != nil {
    			return err
    		}
    		openidClient, err := openid.NewClient(ctx, "openid_client", &openid.ClientArgs{
    			RealmId:    realm.ID(),
    			ClientId:   pulumi.String("test-client"),
    			Name:       pulumi.String("test client"),
    			Enabled:    pulumi.Bool(true),
    			AccessType: pulumi.String("CONFIDENTIAL"),
    			ValidRedirectUris: pulumi.StringArray{
    				pulumi.String("http://localhost:8080/openid-callback"),
    			},
    		})
    		if err != nil {
    			return err
    		}
    		_, err = openid.NewUserAttributeProtocolMapper(ctx, "user_attribute_mapper", &openid.UserAttributeProtocolMapperArgs{
    			RealmId:       realm.ID(),
    			ClientId:      openidClient.ID(),
    			Name:          pulumi.String("test-mapper"),
    			UserAttribute: pulumi.String("foo"),
    			ClaimName:     pulumi.String("bar"),
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Keycloak = Pulumi.Keycloak;
    
    return await Deployment.RunAsync(() => 
    {
        var realm = new Keycloak.Realm("realm", new()
        {
            RealmName = "my-realm",
            Enabled = true,
        });
    
        var openidClient = new Keycloak.OpenId.Client("openid_client", new()
        {
            RealmId = realm.Id,
            ClientId = "test-client",
            Name = "test client",
            Enabled = true,
            AccessType = "CONFIDENTIAL",
            ValidRedirectUris = new[]
            {
                "http://localhost:8080/openid-callback",
            },
        });
    
        var userAttributeMapper = new Keycloak.OpenId.UserAttributeProtocolMapper("user_attribute_mapper", new()
        {
            RealmId = realm.Id,
            ClientId = openidClient.Id,
            Name = "test-mapper",
            UserAttribute = "foo",
            ClaimName = "bar",
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.keycloak.Realm;
    import com.pulumi.keycloak.RealmArgs;
    import com.pulumi.keycloak.openid.Client;
    import com.pulumi.keycloak.openid.ClientArgs;
    import com.pulumi.keycloak.openid.UserAttributeProtocolMapper;
    import com.pulumi.keycloak.openid.UserAttributeProtocolMapperArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var realm = new Realm("realm", RealmArgs.builder()
                .realm("my-realm")
                .enabled(true)
                .build());
    
            var openidClient = new Client("openidClient", ClientArgs.builder()
                .realmId(realm.id())
                .clientId("test-client")
                .name("test client")
                .enabled(true)
                .accessType("CONFIDENTIAL")
                .validRedirectUris("http://localhost:8080/openid-callback")
                .build());
    
            var userAttributeMapper = new UserAttributeProtocolMapper("userAttributeMapper", UserAttributeProtocolMapperArgs.builder()
                .realmId(realm.id())
                .clientId(openidClient.id())
                .name("test-mapper")
                .userAttribute("foo")
                .claimName("bar")
                .build());
    
        }
    }
    
    resources:
      realm:
        type: keycloak:Realm
        properties:
          realm: my-realm
          enabled: true
      openidClient:
        type: keycloak:openid:Client
        name: openid_client
        properties:
          realmId: ${realm.id}
          clientId: test-client
          name: test client
          enabled: true
          accessType: CONFIDENTIAL
          validRedirectUris:
            - http://localhost:8080/openid-callback
      userAttributeMapper:
        type: keycloak:openid:UserAttributeProtocolMapper
        name: user_attribute_mapper
        properties:
          realmId: ${realm.id}
          clientId: ${openidClient.id}
          name: test-mapper
          userAttribute: foo
          claimName: bar
    

    Example Usage (Client Scope)

    import * as pulumi from "@pulumi/pulumi";
    import * as keycloak from "@pulumi/keycloak";
    
    const realm = new keycloak.Realm("realm", {
        realm: "my-realm",
        enabled: true,
    });
    const clientScope = new keycloak.openid.ClientScope("client_scope", {
        realmId: realm.id,
        name: "test-client-scope",
    });
    const userAttributeMapper = new keycloak.openid.UserAttributeProtocolMapper("user_attribute_mapper", {
        realmId: realm.id,
        clientScopeId: clientScope.id,
        name: "test-mapper",
        userAttribute: "foo",
        claimName: "bar",
    });
    
    import pulumi
    import pulumi_keycloak as keycloak
    
    realm = keycloak.Realm("realm",
        realm="my-realm",
        enabled=True)
    client_scope = keycloak.openid.ClientScope("client_scope",
        realm_id=realm.id,
        name="test-client-scope")
    user_attribute_mapper = keycloak.openid.UserAttributeProtocolMapper("user_attribute_mapper",
        realm_id=realm.id,
        client_scope_id=client_scope.id,
        name="test-mapper",
        user_attribute="foo",
        claim_name="bar")
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-keycloak/sdk/v5/go/keycloak"
    	"github.com/pulumi/pulumi-keycloak/sdk/v5/go/keycloak/openid"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		realm, err := keycloak.NewRealm(ctx, "realm", &keycloak.RealmArgs{
    			Realm:   pulumi.String("my-realm"),
    			Enabled: pulumi.Bool(true),
    		})
    		if err != nil {
    			return err
    		}
    		clientScope, err := openid.NewClientScope(ctx, "client_scope", &openid.ClientScopeArgs{
    			RealmId: realm.ID(),
    			Name:    pulumi.String("test-client-scope"),
    		})
    		if err != nil {
    			return err
    		}
    		_, err = openid.NewUserAttributeProtocolMapper(ctx, "user_attribute_mapper", &openid.UserAttributeProtocolMapperArgs{
    			RealmId:       realm.ID(),
    			ClientScopeId: clientScope.ID(),
    			Name:          pulumi.String("test-mapper"),
    			UserAttribute: pulumi.String("foo"),
    			ClaimName:     pulumi.String("bar"),
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Keycloak = Pulumi.Keycloak;
    
    return await Deployment.RunAsync(() => 
    {
        var realm = new Keycloak.Realm("realm", new()
        {
            RealmName = "my-realm",
            Enabled = true,
        });
    
        var clientScope = new Keycloak.OpenId.ClientScope("client_scope", new()
        {
            RealmId = realm.Id,
            Name = "test-client-scope",
        });
    
        var userAttributeMapper = new Keycloak.OpenId.UserAttributeProtocolMapper("user_attribute_mapper", new()
        {
            RealmId = realm.Id,
            ClientScopeId = clientScope.Id,
            Name = "test-mapper",
            UserAttribute = "foo",
            ClaimName = "bar",
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.keycloak.Realm;
    import com.pulumi.keycloak.RealmArgs;
    import com.pulumi.keycloak.openid.ClientScope;
    import com.pulumi.keycloak.openid.ClientScopeArgs;
    import com.pulumi.keycloak.openid.UserAttributeProtocolMapper;
    import com.pulumi.keycloak.openid.UserAttributeProtocolMapperArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var realm = new Realm("realm", RealmArgs.builder()
                .realm("my-realm")
                .enabled(true)
                .build());
    
            var clientScope = new ClientScope("clientScope", ClientScopeArgs.builder()
                .realmId(realm.id())
                .name("test-client-scope")
                .build());
    
            var userAttributeMapper = new UserAttributeProtocolMapper("userAttributeMapper", UserAttributeProtocolMapperArgs.builder()
                .realmId(realm.id())
                .clientScopeId(clientScope.id())
                .name("test-mapper")
                .userAttribute("foo")
                .claimName("bar")
                .build());
    
        }
    }
    
    resources:
      realm:
        type: keycloak:Realm
        properties:
          realm: my-realm
          enabled: true
      clientScope:
        type: keycloak:openid:ClientScope
        name: client_scope
        properties:
          realmId: ${realm.id}
          name: test-client-scope
      userAttributeMapper:
        type: keycloak:openid:UserAttributeProtocolMapper
        name: user_attribute_mapper
        properties:
          realmId: ${realm.id}
          clientScopeId: ${clientScope.id}
          name: test-mapper
          userAttribute: foo
          claimName: bar
    

    Argument Reference

    The following arguments are supported:

    • realm_id - (Required) The realm this protocol mapper exists within.
    • client_id - (Required if client_scope_id is not specified) The client this protocol mapper is attached to.
    • client_scope_id - (Required if client_id is not specified) The client scope this protocol mapper is attached to.
    • name - (Required) The display name of this protocol mapper in the GUI.
    • user_attribute - (Required) The custom user attribute to map a claim for.
    • claim_name - (Required) The name of the claim to insert into a token.
    • claim_value_type - (Optional) The claim type used when serializing JSON tokens. Can be one of String, long, int, or boolean. Defaults to String.
    • multivalued - (Optional) Indicates whether this attribute is a single value or an array of values. Defaults to false.
    • add_to_id_token - (Optional) Indicates if the attribute should be added as a claim to the id token. Defaults to true.
    • add_to_access_token - (Optional) Indicates if the attribute should be added as a claim to the access token. Defaults to true.
    • add_to_userinfo - (Optional) Indicates if the attribute should be added as a claim to the UserInfo response body. Defaults to true.

    Import

    Protocol mappers can be imported using one of the following formats:

    • Client: {{realm_id}}/client/{{client_keycloak_id}}/{{protocol_mapper_id}}
    • Client Scope: {{realm_id}}/client-scope/{{client_scope_keycloak_id}}/{{protocol_mapper_id}}

    Example:

    $ terraform import keycloak_openid_user_attribute_protocol_mapper.user_attribute_mapper my-realm/client/a7202154-8793-4656-b655-1dd18c181e14/71602afa-f7d1-4788-8c49-ef8fd00af0f4
    $ terraform import keycloak_openid_user_attribute_protocol_mapper.user_attribute_mapper my-realm/client-scope/b799ea7e-73ee-4a73-990a-1eafebe8e20a/71602afa-f7d1-4788-8c49-ef8fd00af0f4
    

    Create UserAttributeProtocolMapper Resource

    Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

    Constructor syntax

    new UserAttributeProtocolMapper(name: string, args: UserAttributeProtocolMapperArgs, opts?: CustomResourceOptions);
    @overload
    def UserAttributeProtocolMapper(resource_name: str,
                                    args: UserAttributeProtocolMapperArgs,
                                    opts: Optional[ResourceOptions] = None)
    
    @overload
    def UserAttributeProtocolMapper(resource_name: str,
                                    opts: Optional[ResourceOptions] = None,
                                    claim_name: Optional[str] = None,
                                    realm_id: Optional[str] = None,
                                    user_attribute: Optional[str] = None,
                                    add_to_access_token: Optional[bool] = None,
                                    add_to_id_token: Optional[bool] = None,
                                    add_to_userinfo: Optional[bool] = None,
                                    aggregate_attributes: Optional[bool] = None,
                                    claim_value_type: Optional[str] = None,
                                    client_id: Optional[str] = None,
                                    client_scope_id: Optional[str] = None,
                                    multivalued: Optional[bool] = None,
                                    name: Optional[str] = None)
    func NewUserAttributeProtocolMapper(ctx *Context, name string, args UserAttributeProtocolMapperArgs, opts ...ResourceOption) (*UserAttributeProtocolMapper, error)
    public UserAttributeProtocolMapper(string name, UserAttributeProtocolMapperArgs args, CustomResourceOptions? opts = null)
    public UserAttributeProtocolMapper(String name, UserAttributeProtocolMapperArgs args)
    public UserAttributeProtocolMapper(String name, UserAttributeProtocolMapperArgs args, CustomResourceOptions options)
    
    type: keycloak:openid:UserAttributeProtocolMapper
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    

    Parameters

    name string
    The unique name of the resource.
    args UserAttributeProtocolMapperArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args UserAttributeProtocolMapperArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args UserAttributeProtocolMapperArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args UserAttributeProtocolMapperArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args UserAttributeProtocolMapperArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    Constructor example

    The following reference example uses placeholder values for all input properties.

    var userAttributeProtocolMapperResource = new Keycloak.OpenId.UserAttributeProtocolMapper("userAttributeProtocolMapperResource", new()
    {
        ClaimName = "string",
        RealmId = "string",
        UserAttribute = "string",
        AddToAccessToken = false,
        AddToIdToken = false,
        AddToUserinfo = false,
        AggregateAttributes = false,
        ClaimValueType = "string",
        ClientId = "string",
        ClientScopeId = "string",
        Multivalued = false,
        Name = "string",
    });
    
    example, err := openid.NewUserAttributeProtocolMapper(ctx, "userAttributeProtocolMapperResource", &openid.UserAttributeProtocolMapperArgs{
    	ClaimName:           pulumi.String("string"),
    	RealmId:             pulumi.String("string"),
    	UserAttribute:       pulumi.String("string"),
    	AddToAccessToken:    pulumi.Bool(false),
    	AddToIdToken:        pulumi.Bool(false),
    	AddToUserinfo:       pulumi.Bool(false),
    	AggregateAttributes: pulumi.Bool(false),
    	ClaimValueType:      pulumi.String("string"),
    	ClientId:            pulumi.String("string"),
    	ClientScopeId:       pulumi.String("string"),
    	Multivalued:         pulumi.Bool(false),
    	Name:                pulumi.String("string"),
    })
    
    var userAttributeProtocolMapperResource = new UserAttributeProtocolMapper("userAttributeProtocolMapperResource", UserAttributeProtocolMapperArgs.builder()
        .claimName("string")
        .realmId("string")
        .userAttribute("string")
        .addToAccessToken(false)
        .addToIdToken(false)
        .addToUserinfo(false)
        .aggregateAttributes(false)
        .claimValueType("string")
        .clientId("string")
        .clientScopeId("string")
        .multivalued(false)
        .name("string")
        .build());
    
    user_attribute_protocol_mapper_resource = keycloak.openid.UserAttributeProtocolMapper("userAttributeProtocolMapperResource",
        claim_name="string",
        realm_id="string",
        user_attribute="string",
        add_to_access_token=False,
        add_to_id_token=False,
        add_to_userinfo=False,
        aggregate_attributes=False,
        claim_value_type="string",
        client_id="string",
        client_scope_id="string",
        multivalued=False,
        name="string")
    
    const userAttributeProtocolMapperResource = new keycloak.openid.UserAttributeProtocolMapper("userAttributeProtocolMapperResource", {
        claimName: "string",
        realmId: "string",
        userAttribute: "string",
        addToAccessToken: false,
        addToIdToken: false,
        addToUserinfo: false,
        aggregateAttributes: false,
        claimValueType: "string",
        clientId: "string",
        clientScopeId: "string",
        multivalued: false,
        name: "string",
    });
    
    type: keycloak:openid:UserAttributeProtocolMapper
    properties:
        addToAccessToken: false
        addToIdToken: false
        addToUserinfo: false
        aggregateAttributes: false
        claimName: string
        claimValueType: string
        clientId: string
        clientScopeId: string
        multivalued: false
        name: string
        realmId: string
        userAttribute: string
    

    UserAttributeProtocolMapper Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

    The UserAttributeProtocolMapper resource accepts the following input properties:

    ClaimName string
    RealmId string
    The realm id where the associated client or client scope exists.
    UserAttribute string
    AddToAccessToken bool
    Indicates if the attribute should be a claim in the access token.
    AddToIdToken bool
    Indicates if the attribute should be a claim in the id token.
    AddToUserinfo bool
    Indicates if the attribute should appear in the userinfo response body.
    AggregateAttributes bool
    Indicates if attribute values should be aggregated within the group attributes
    ClaimValueType string
    Claim type used when serializing tokens.
    ClientId string
    The mapper's associated client. Cannot be used at the same time as client_scope_id.
    ClientScopeId string
    The mapper's associated client scope. Cannot be used at the same time as client_id.
    Multivalued bool
    Indicates whether this attribute is a single value or an array of values.
    Name string
    A human-friendly name that will appear in the Keycloak console.
    ClaimName string
    RealmId string
    The realm id where the associated client or client scope exists.
    UserAttribute string
    AddToAccessToken bool
    Indicates if the attribute should be a claim in the access token.
    AddToIdToken bool
    Indicates if the attribute should be a claim in the id token.
    AddToUserinfo bool
    Indicates if the attribute should appear in the userinfo response body.
    AggregateAttributes bool
    Indicates if attribute values should be aggregated within the group attributes
    ClaimValueType string
    Claim type used when serializing tokens.
    ClientId string
    The mapper's associated client. Cannot be used at the same time as client_scope_id.
    ClientScopeId string
    The mapper's associated client scope. Cannot be used at the same time as client_id.
    Multivalued bool
    Indicates whether this attribute is a single value or an array of values.
    Name string
    A human-friendly name that will appear in the Keycloak console.
    claimName String
    realmId String
    The realm id where the associated client or client scope exists.
    userAttribute String
    addToAccessToken Boolean
    Indicates if the attribute should be a claim in the access token.
    addToIdToken Boolean
    Indicates if the attribute should be a claim in the id token.
    addToUserinfo Boolean
    Indicates if the attribute should appear in the userinfo response body.
    aggregateAttributes Boolean
    Indicates if attribute values should be aggregated within the group attributes
    claimValueType String
    Claim type used when serializing tokens.
    clientId String
    The mapper's associated client. Cannot be used at the same time as client_scope_id.
    clientScopeId String
    The mapper's associated client scope. Cannot be used at the same time as client_id.
    multivalued Boolean
    Indicates whether this attribute is a single value or an array of values.
    name String
    A human-friendly name that will appear in the Keycloak console.
    claimName string
    realmId string
    The realm id where the associated client or client scope exists.
    userAttribute string
    addToAccessToken boolean
    Indicates if the attribute should be a claim in the access token.
    addToIdToken boolean
    Indicates if the attribute should be a claim in the id token.
    addToUserinfo boolean
    Indicates if the attribute should appear in the userinfo response body.
    aggregateAttributes boolean
    Indicates if attribute values should be aggregated within the group attributes
    claimValueType string
    Claim type used when serializing tokens.
    clientId string
    The mapper's associated client. Cannot be used at the same time as client_scope_id.
    clientScopeId string
    The mapper's associated client scope. Cannot be used at the same time as client_id.
    multivalued boolean
    Indicates whether this attribute is a single value or an array of values.
    name string
    A human-friendly name that will appear in the Keycloak console.
    claim_name str
    realm_id str
    The realm id where the associated client or client scope exists.
    user_attribute str
    add_to_access_token bool
    Indicates if the attribute should be a claim in the access token.
    add_to_id_token bool
    Indicates if the attribute should be a claim in the id token.
    add_to_userinfo bool
    Indicates if the attribute should appear in the userinfo response body.
    aggregate_attributes bool
    Indicates if attribute values should be aggregated within the group attributes
    claim_value_type str
    Claim type used when serializing tokens.
    client_id str
    The mapper's associated client. Cannot be used at the same time as client_scope_id.
    client_scope_id str
    The mapper's associated client scope. Cannot be used at the same time as client_id.
    multivalued bool
    Indicates whether this attribute is a single value or an array of values.
    name str
    A human-friendly name that will appear in the Keycloak console.
    claimName String
    realmId String
    The realm id where the associated client or client scope exists.
    userAttribute String
    addToAccessToken Boolean
    Indicates if the attribute should be a claim in the access token.
    addToIdToken Boolean
    Indicates if the attribute should be a claim in the id token.
    addToUserinfo Boolean
    Indicates if the attribute should appear in the userinfo response body.
    aggregateAttributes Boolean
    Indicates if attribute values should be aggregated within the group attributes
    claimValueType String
    Claim type used when serializing tokens.
    clientId String
    The mapper's associated client. Cannot be used at the same time as client_scope_id.
    clientScopeId String
    The mapper's associated client scope. Cannot be used at the same time as client_id.
    multivalued Boolean
    Indicates whether this attribute is a single value or an array of values.
    name String
    A human-friendly name that will appear in the Keycloak console.

    Outputs

    All input properties are implicitly available as output properties. Additionally, the UserAttributeProtocolMapper resource produces the following output properties:

    Id string
    The provider-assigned unique ID for this managed resource.
    Id string
    The provider-assigned unique ID for this managed resource.
    id String
    The provider-assigned unique ID for this managed resource.
    id string
    The provider-assigned unique ID for this managed resource.
    id str
    The provider-assigned unique ID for this managed resource.
    id String
    The provider-assigned unique ID for this managed resource.

    Look up Existing UserAttributeProtocolMapper Resource

    Get an existing UserAttributeProtocolMapper resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: UserAttributeProtocolMapperState, opts?: CustomResourceOptions): UserAttributeProtocolMapper
    @staticmethod
    def get(resource_name: str,
            id: str,
            opts: Optional[ResourceOptions] = None,
            add_to_access_token: Optional[bool] = None,
            add_to_id_token: Optional[bool] = None,
            add_to_userinfo: Optional[bool] = None,
            aggregate_attributes: Optional[bool] = None,
            claim_name: Optional[str] = None,
            claim_value_type: Optional[str] = None,
            client_id: Optional[str] = None,
            client_scope_id: Optional[str] = None,
            multivalued: Optional[bool] = None,
            name: Optional[str] = None,
            realm_id: Optional[str] = None,
            user_attribute: Optional[str] = None) -> UserAttributeProtocolMapper
    func GetUserAttributeProtocolMapper(ctx *Context, name string, id IDInput, state *UserAttributeProtocolMapperState, opts ...ResourceOption) (*UserAttributeProtocolMapper, error)
    public static UserAttributeProtocolMapper Get(string name, Input<string> id, UserAttributeProtocolMapperState? state, CustomResourceOptions? opts = null)
    public static UserAttributeProtocolMapper get(String name, Output<String> id, UserAttributeProtocolMapperState state, CustomResourceOptions options)
    Resource lookup is not supported in YAML
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    AddToAccessToken bool
    Indicates if the attribute should be a claim in the access token.
    AddToIdToken bool
    Indicates if the attribute should be a claim in the id token.
    AddToUserinfo bool
    Indicates if the attribute should appear in the userinfo response body.
    AggregateAttributes bool
    Indicates if attribute values should be aggregated within the group attributes
    ClaimName string
    ClaimValueType string
    Claim type used when serializing tokens.
    ClientId string
    The mapper's associated client. Cannot be used at the same time as client_scope_id.
    ClientScopeId string
    The mapper's associated client scope. Cannot be used at the same time as client_id.
    Multivalued bool
    Indicates whether this attribute is a single value or an array of values.
    Name string
    A human-friendly name that will appear in the Keycloak console.
    RealmId string
    The realm id where the associated client or client scope exists.
    UserAttribute string
    AddToAccessToken bool
    Indicates if the attribute should be a claim in the access token.
    AddToIdToken bool
    Indicates if the attribute should be a claim in the id token.
    AddToUserinfo bool
    Indicates if the attribute should appear in the userinfo response body.
    AggregateAttributes bool
    Indicates if attribute values should be aggregated within the group attributes
    ClaimName string
    ClaimValueType string
    Claim type used when serializing tokens.
    ClientId string
    The mapper's associated client. Cannot be used at the same time as client_scope_id.
    ClientScopeId string
    The mapper's associated client scope. Cannot be used at the same time as client_id.
    Multivalued bool
    Indicates whether this attribute is a single value or an array of values.
    Name string
    A human-friendly name that will appear in the Keycloak console.
    RealmId string
    The realm id where the associated client or client scope exists.
    UserAttribute string
    addToAccessToken Boolean
    Indicates if the attribute should be a claim in the access token.
    addToIdToken Boolean
    Indicates if the attribute should be a claim in the id token.
    addToUserinfo Boolean
    Indicates if the attribute should appear in the userinfo response body.
    aggregateAttributes Boolean
    Indicates if attribute values should be aggregated within the group attributes
    claimName String
    claimValueType String
    Claim type used when serializing tokens.
    clientId String
    The mapper's associated client. Cannot be used at the same time as client_scope_id.
    clientScopeId String
    The mapper's associated client scope. Cannot be used at the same time as client_id.
    multivalued Boolean
    Indicates whether this attribute is a single value or an array of values.
    name String
    A human-friendly name that will appear in the Keycloak console.
    realmId String
    The realm id where the associated client or client scope exists.
    userAttribute String
    addToAccessToken boolean
    Indicates if the attribute should be a claim in the access token.
    addToIdToken boolean
    Indicates if the attribute should be a claim in the id token.
    addToUserinfo boolean
    Indicates if the attribute should appear in the userinfo response body.
    aggregateAttributes boolean
    Indicates if attribute values should be aggregated within the group attributes
    claimName string
    claimValueType string
    Claim type used when serializing tokens.
    clientId string
    The mapper's associated client. Cannot be used at the same time as client_scope_id.
    clientScopeId string
    The mapper's associated client scope. Cannot be used at the same time as client_id.
    multivalued boolean
    Indicates whether this attribute is a single value or an array of values.
    name string
    A human-friendly name that will appear in the Keycloak console.
    realmId string
    The realm id where the associated client or client scope exists.
    userAttribute string
    add_to_access_token bool
    Indicates if the attribute should be a claim in the access token.
    add_to_id_token bool
    Indicates if the attribute should be a claim in the id token.
    add_to_userinfo bool
    Indicates if the attribute should appear in the userinfo response body.
    aggregate_attributes bool
    Indicates if attribute values should be aggregated within the group attributes
    claim_name str
    claim_value_type str
    Claim type used when serializing tokens.
    client_id str
    The mapper's associated client. Cannot be used at the same time as client_scope_id.
    client_scope_id str
    The mapper's associated client scope. Cannot be used at the same time as client_id.
    multivalued bool
    Indicates whether this attribute is a single value or an array of values.
    name str
    A human-friendly name that will appear in the Keycloak console.
    realm_id str
    The realm id where the associated client or client scope exists.
    user_attribute str
    addToAccessToken Boolean
    Indicates if the attribute should be a claim in the access token.
    addToIdToken Boolean
    Indicates if the attribute should be a claim in the id token.
    addToUserinfo Boolean
    Indicates if the attribute should appear in the userinfo response body.
    aggregateAttributes Boolean
    Indicates if attribute values should be aggregated within the group attributes
    claimName String
    claimValueType String
    Claim type used when serializing tokens.
    clientId String
    The mapper's associated client. Cannot be used at the same time as client_scope_id.
    clientScopeId String
    The mapper's associated client scope. Cannot be used at the same time as client_id.
    multivalued Boolean
    Indicates whether this attribute is a single value or an array of values.
    name String
    A human-friendly name that will appear in the Keycloak console.
    realmId String
    The realm id where the associated client or client scope exists.
    userAttribute String

    Package Details

    Repository
    Keycloak pulumi/pulumi-keycloak
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the keycloak Terraform Provider.
    keycloak logo
    Keycloak v5.3.5 published on Wednesday, Oct 16, 2024 by Pulumi