keycloak.saml.Client
Explore with Pulumi AI
# keycloak.saml.Client
Allows for creating and managing Keycloak clients that use the SAML protocol.
Clients are entities that can use Keycloak for user authentication. Typically, clients are applications that redirect users to Keycloak for authentication in order to take advantage of Keycloak’s user sessions for SSO.
Import
Clients can be imported using the format {{realm_id}}/{{client_keycloak_id}}
, where client_keycloak_id
is the unique ID that Keycloak
assigns to the client upon creation. This value can be found in the URI when editing this client in the GUI, and is typically a GUID.
Example:
$ terraform import keycloak_saml_client.saml_client my-realm/dcbc4c73-e478-4928-ae2e-d5e420223352
Create Client Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new Client(name: string, args: ClientArgs, opts?: CustomResourceOptions);
@overload
def Client(resource_name: str,
args: ClientArgs,
opts: Optional[ResourceOptions] = None)
@overload
def Client(resource_name: str,
opts: Optional[ResourceOptions] = None,
client_id: Optional[str] = None,
realm_id: Optional[str] = None,
idp_initiated_sso_relay_state: Optional[str] = None,
signing_certificate: Optional[str] = None,
canonicalization_method: Optional[str] = None,
authentication_flow_binding_overrides: Optional[ClientAuthenticationFlowBindingOverridesArgs] = None,
client_signature_required: Optional[bool] = None,
description: Optional[str] = None,
include_authn_statement: Optional[bool] = None,
encrypt_assertions: Optional[bool] = None,
encryption_certificate: Optional[str] = None,
extra_config: Optional[Mapping[str, str]] = None,
force_name_id_format: Optional[bool] = None,
force_post_binding: Optional[bool] = None,
front_channel_logout: Optional[bool] = None,
full_scope_allowed: Optional[bool] = None,
valid_redirect_uris: Optional[Sequence[str]] = None,
base_url: Optional[str] = None,
enabled: Optional[bool] = None,
login_theme: Optional[str] = None,
logout_service_post_binding_url: Optional[str] = None,
logout_service_redirect_binding_url: Optional[str] = None,
master_saml_processing_url: Optional[str] = None,
name: Optional[str] = None,
name_id_format: Optional[str] = None,
assertion_consumer_redirect_url: Optional[str] = None,
root_url: Optional[str] = None,
sign_assertions: Optional[bool] = None,
sign_documents: Optional[bool] = None,
signature_algorithm: Optional[str] = None,
signature_key_name: Optional[str] = None,
idp_initiated_sso_url_name: Optional[str] = None,
signing_private_key: Optional[str] = None,
assertion_consumer_post_url: Optional[str] = None)
func NewClient(ctx *Context, name string, args ClientArgs, opts ...ResourceOption) (*Client, error)
public Client(string name, ClientArgs args, CustomResourceOptions? opts = null)
public Client(String name, ClientArgs args)
public Client(String name, ClientArgs args, CustomResourceOptions options)
type: keycloak:saml:Client
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args ClientArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args ClientArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args ClientArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args ClientArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args ClientArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var keycloakClientResource = new Keycloak.Saml.Client("keycloakClientResource", new()
{
ClientId = "string",
RealmId = "string",
IdpInitiatedSsoRelayState = "string",
SigningCertificate = "string",
CanonicalizationMethod = "string",
AuthenticationFlowBindingOverrides = new Keycloak.Saml.Inputs.ClientAuthenticationFlowBindingOverridesArgs
{
BrowserId = "string",
DirectGrantId = "string",
},
ClientSignatureRequired = false,
Description = "string",
IncludeAuthnStatement = false,
EncryptAssertions = false,
EncryptionCertificate = "string",
ExtraConfig =
{
{ "string", "string" },
},
ForceNameIdFormat = false,
ForcePostBinding = false,
FrontChannelLogout = false,
FullScopeAllowed = false,
ValidRedirectUris = new[]
{
"string",
},
BaseUrl = "string",
Enabled = false,
LoginTheme = "string",
LogoutServicePostBindingUrl = "string",
LogoutServiceRedirectBindingUrl = "string",
MasterSamlProcessingUrl = "string",
Name = "string",
NameIdFormat = "string",
AssertionConsumerRedirectUrl = "string",
RootUrl = "string",
SignAssertions = false,
SignDocuments = false,
SignatureAlgorithm = "string",
SignatureKeyName = "string",
IdpInitiatedSsoUrlName = "string",
SigningPrivateKey = "string",
AssertionConsumerPostUrl = "string",
});
example, err := saml.NewClient(ctx, "keycloakClientResource", &saml.ClientArgs{
ClientId: pulumi.String("string"),
RealmId: pulumi.String("string"),
IdpInitiatedSsoRelayState: pulumi.String("string"),
SigningCertificate: pulumi.String("string"),
CanonicalizationMethod: pulumi.String("string"),
AuthenticationFlowBindingOverrides: &saml.ClientAuthenticationFlowBindingOverridesArgs{
BrowserId: pulumi.String("string"),
DirectGrantId: pulumi.String("string"),
},
ClientSignatureRequired: pulumi.Bool(false),
Description: pulumi.String("string"),
IncludeAuthnStatement: pulumi.Bool(false),
EncryptAssertions: pulumi.Bool(false),
EncryptionCertificate: pulumi.String("string"),
ExtraConfig: pulumi.StringMap{
"string": pulumi.String("string"),
},
ForceNameIdFormat: pulumi.Bool(false),
ForcePostBinding: pulumi.Bool(false),
FrontChannelLogout: pulumi.Bool(false),
FullScopeAllowed: pulumi.Bool(false),
ValidRedirectUris: pulumi.StringArray{
pulumi.String("string"),
},
BaseUrl: pulumi.String("string"),
Enabled: pulumi.Bool(false),
LoginTheme: pulumi.String("string"),
LogoutServicePostBindingUrl: pulumi.String("string"),
LogoutServiceRedirectBindingUrl: pulumi.String("string"),
MasterSamlProcessingUrl: pulumi.String("string"),
Name: pulumi.String("string"),
NameIdFormat: pulumi.String("string"),
AssertionConsumerRedirectUrl: pulumi.String("string"),
RootUrl: pulumi.String("string"),
SignAssertions: pulumi.Bool(false),
SignDocuments: pulumi.Bool(false),
SignatureAlgorithm: pulumi.String("string"),
SignatureKeyName: pulumi.String("string"),
IdpInitiatedSsoUrlName: pulumi.String("string"),
SigningPrivateKey: pulumi.String("string"),
AssertionConsumerPostUrl: pulumi.String("string"),
})
var keycloakClientResource = new Client("keycloakClientResource", ClientArgs.builder()
.clientId("string")
.realmId("string")
.idpInitiatedSsoRelayState("string")
.signingCertificate("string")
.canonicalizationMethod("string")
.authenticationFlowBindingOverrides(ClientAuthenticationFlowBindingOverridesArgs.builder()
.browserId("string")
.directGrantId("string")
.build())
.clientSignatureRequired(false)
.description("string")
.includeAuthnStatement(false)
.encryptAssertions(false)
.encryptionCertificate("string")
.extraConfig(Map.of("string", "string"))
.forceNameIdFormat(false)
.forcePostBinding(false)
.frontChannelLogout(false)
.fullScopeAllowed(false)
.validRedirectUris("string")
.baseUrl("string")
.enabled(false)
.loginTheme("string")
.logoutServicePostBindingUrl("string")
.logoutServiceRedirectBindingUrl("string")
.masterSamlProcessingUrl("string")
.name("string")
.nameIdFormat("string")
.assertionConsumerRedirectUrl("string")
.rootUrl("string")
.signAssertions(false)
.signDocuments(false)
.signatureAlgorithm("string")
.signatureKeyName("string")
.idpInitiatedSsoUrlName("string")
.signingPrivateKey("string")
.assertionConsumerPostUrl("string")
.build());
keycloak_client_resource = keycloak.saml.Client("keycloakClientResource",
client_id="string",
realm_id="string",
idp_initiated_sso_relay_state="string",
signing_certificate="string",
canonicalization_method="string",
authentication_flow_binding_overrides={
"browser_id": "string",
"direct_grant_id": "string",
},
client_signature_required=False,
description="string",
include_authn_statement=False,
encrypt_assertions=False,
encryption_certificate="string",
extra_config={
"string": "string",
},
force_name_id_format=False,
force_post_binding=False,
front_channel_logout=False,
full_scope_allowed=False,
valid_redirect_uris=["string"],
base_url="string",
enabled=False,
login_theme="string",
logout_service_post_binding_url="string",
logout_service_redirect_binding_url="string",
master_saml_processing_url="string",
name="string",
name_id_format="string",
assertion_consumer_redirect_url="string",
root_url="string",
sign_assertions=False,
sign_documents=False,
signature_algorithm="string",
signature_key_name="string",
idp_initiated_sso_url_name="string",
signing_private_key="string",
assertion_consumer_post_url="string")
const keycloakClientResource = new keycloak.saml.Client("keycloakClientResource", {
clientId: "string",
realmId: "string",
idpInitiatedSsoRelayState: "string",
signingCertificate: "string",
canonicalizationMethod: "string",
authenticationFlowBindingOverrides: {
browserId: "string",
directGrantId: "string",
},
clientSignatureRequired: false,
description: "string",
includeAuthnStatement: false,
encryptAssertions: false,
encryptionCertificate: "string",
extraConfig: {
string: "string",
},
forceNameIdFormat: false,
forcePostBinding: false,
frontChannelLogout: false,
fullScopeAllowed: false,
validRedirectUris: ["string"],
baseUrl: "string",
enabled: false,
loginTheme: "string",
logoutServicePostBindingUrl: "string",
logoutServiceRedirectBindingUrl: "string",
masterSamlProcessingUrl: "string",
name: "string",
nameIdFormat: "string",
assertionConsumerRedirectUrl: "string",
rootUrl: "string",
signAssertions: false,
signDocuments: false,
signatureAlgorithm: "string",
signatureKeyName: "string",
idpInitiatedSsoUrlName: "string",
signingPrivateKey: "string",
assertionConsumerPostUrl: "string",
});
type: keycloak:saml:Client
properties:
assertionConsumerPostUrl: string
assertionConsumerRedirectUrl: string
authenticationFlowBindingOverrides:
browserId: string
directGrantId: string
baseUrl: string
canonicalizationMethod: string
clientId: string
clientSignatureRequired: false
description: string
enabled: false
encryptAssertions: false
encryptionCertificate: string
extraConfig:
string: string
forceNameIdFormat: false
forcePostBinding: false
frontChannelLogout: false
fullScopeAllowed: false
idpInitiatedSsoRelayState: string
idpInitiatedSsoUrlName: string
includeAuthnStatement: false
loginTheme: string
logoutServicePostBindingUrl: string
logoutServiceRedirectBindingUrl: string
masterSamlProcessingUrl: string
name: string
nameIdFormat: string
realmId: string
rootUrl: string
signAssertions: false
signDocuments: false
signatureAlgorithm: string
signatureKeyName: string
signingCertificate: string
signingPrivateKey: string
validRedirectUris:
- string
Client Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The Client resource accepts the following input properties:
- Client
Id string - Realm
Id string - Assertion
Consumer stringPost Url - Assertion
Consumer stringRedirect Url - Authentication
Flow ClientBinding Overrides Authentication Flow Binding Overrides - Base
Url string - Canonicalization
Method string - Client
Signature boolRequired - Description string
- Enabled bool
- Encrypt
Assertions bool - Encryption
Certificate string - Extra
Config Dictionary<string, string> - Force
Name boolId Format - Force
Post boolBinding - Front
Channel boolLogout - Full
Scope boolAllowed - Idp
Initiated stringSso Relay State - Idp
Initiated stringSso Url Name - Include
Authn boolStatement - Login
Theme string - Logout
Service stringPost Binding Url - Logout
Service stringRedirect Binding Url - Master
Saml stringProcessing Url - Name string
- Name
Id stringFormat - Root
Url string - Sign
Assertions bool - Sign
Documents bool - Signature
Algorithm string - Signature
Key stringName - Signing
Certificate string - Signing
Private stringKey - Valid
Redirect List<string>Uris
- Client
Id string - Realm
Id string - Assertion
Consumer stringPost Url - Assertion
Consumer stringRedirect Url - Authentication
Flow ClientBinding Overrides Authentication Flow Binding Overrides Args - Base
Url string - Canonicalization
Method string - Client
Signature boolRequired - Description string
- Enabled bool
- Encrypt
Assertions bool - Encryption
Certificate string - Extra
Config map[string]string - Force
Name boolId Format - Force
Post boolBinding - Front
Channel boolLogout - Full
Scope boolAllowed - Idp
Initiated stringSso Relay State - Idp
Initiated stringSso Url Name - Include
Authn boolStatement - Login
Theme string - Logout
Service stringPost Binding Url - Logout
Service stringRedirect Binding Url - Master
Saml stringProcessing Url - Name string
- Name
Id stringFormat - Root
Url string - Sign
Assertions bool - Sign
Documents bool - Signature
Algorithm string - Signature
Key stringName - Signing
Certificate string - Signing
Private stringKey - Valid
Redirect []stringUris
- client
Id String - realm
Id String - assertion
Consumer StringPost Url - assertion
Consumer StringRedirect Url - authentication
Flow ClientBinding Overrides Authentication Flow Binding Overrides - base
Url String - canonicalization
Method String - client
Signature BooleanRequired - description String
- enabled Boolean
- encrypt
Assertions Boolean - encryption
Certificate String - extra
Config Map<String,String> - force
Name BooleanId Format - force
Post BooleanBinding - front
Channel BooleanLogout - full
Scope BooleanAllowed - idp
Initiated StringSso Relay State - idp
Initiated StringSso Url Name - include
Authn BooleanStatement - login
Theme String - logout
Service StringPost Binding Url - logout
Service StringRedirect Binding Url - master
Saml StringProcessing Url - name String
- name
Id StringFormat - root
Url String - sign
Assertions Boolean - sign
Documents Boolean - signature
Algorithm String - signature
Key StringName - signing
Certificate String - signing
Private StringKey - valid
Redirect List<String>Uris
- client
Id string - realm
Id string - assertion
Consumer stringPost Url - assertion
Consumer stringRedirect Url - authentication
Flow ClientBinding Overrides Authentication Flow Binding Overrides - base
Url string - canonicalization
Method string - client
Signature booleanRequired - description string
- enabled boolean
- encrypt
Assertions boolean - encryption
Certificate string - extra
Config {[key: string]: string} - force
Name booleanId Format - force
Post booleanBinding - front
Channel booleanLogout - full
Scope booleanAllowed - idp
Initiated stringSso Relay State - idp
Initiated stringSso Url Name - include
Authn booleanStatement - login
Theme string - logout
Service stringPost Binding Url - logout
Service stringRedirect Binding Url - master
Saml stringProcessing Url - name string
- name
Id stringFormat - root
Url string - sign
Assertions boolean - sign
Documents boolean - signature
Algorithm string - signature
Key stringName - signing
Certificate string - signing
Private stringKey - valid
Redirect string[]Uris
- client_
id str - realm_
id str - assertion_
consumer_ strpost_ url - assertion_
consumer_ strredirect_ url - authentication_
flow_ Clientbinding_ overrides Authentication Flow Binding Overrides Args - base_
url str - canonicalization_
method str - client_
signature_ boolrequired - description str
- enabled bool
- encrypt_
assertions bool - encryption_
certificate str - extra_
config Mapping[str, str] - force_
name_ boolid_ format - force_
post_ boolbinding - front_
channel_ boollogout - full_
scope_ boolallowed - idp_
initiated_ strsso_ relay_ state - idp_
initiated_ strsso_ url_ name - include_
authn_ boolstatement - login_
theme str - logout_
service_ strpost_ binding_ url - logout_
service_ strredirect_ binding_ url - master_
saml_ strprocessing_ url - name str
- name_
id_ strformat - root_
url str - sign_
assertions bool - sign_
documents bool - signature_
algorithm str - signature_
key_ strname - signing_
certificate str - signing_
private_ strkey - valid_
redirect_ Sequence[str]uris
- client
Id String - realm
Id String - assertion
Consumer StringPost Url - assertion
Consumer StringRedirect Url - authentication
Flow Property MapBinding Overrides - base
Url String - canonicalization
Method String - client
Signature BooleanRequired - description String
- enabled Boolean
- encrypt
Assertions Boolean - encryption
Certificate String - extra
Config Map<String> - force
Name BooleanId Format - force
Post BooleanBinding - front
Channel BooleanLogout - full
Scope BooleanAllowed - idp
Initiated StringSso Relay State - idp
Initiated StringSso Url Name - include
Authn BooleanStatement - login
Theme String - logout
Service StringPost Binding Url - logout
Service StringRedirect Binding Url - master
Saml StringProcessing Url - name String
- name
Id StringFormat - root
Url String - sign
Assertions Boolean - sign
Documents Boolean - signature
Algorithm String - signature
Key StringName - signing
Certificate String - signing
Private StringKey - valid
Redirect List<String>Uris
Outputs
All input properties are implicitly available as output properties. Additionally, the Client resource produces the following output properties:
- Encryption
Certificate stringSha1 - Id string
- The provider-assigned unique ID for this managed resource.
- Signing
Certificate stringSha1 - Signing
Private stringKey Sha1
- Encryption
Certificate stringSha1 - Id string
- The provider-assigned unique ID for this managed resource.
- Signing
Certificate stringSha1 - Signing
Private stringKey Sha1
- encryption
Certificate StringSha1 - id String
- The provider-assigned unique ID for this managed resource.
- signing
Certificate StringSha1 - signing
Private StringKey Sha1
- encryption
Certificate stringSha1 - id string
- The provider-assigned unique ID for this managed resource.
- signing
Certificate stringSha1 - signing
Private stringKey Sha1
- encryption_
certificate_ strsha1 - id str
- The provider-assigned unique ID for this managed resource.
- signing_
certificate_ strsha1 - signing_
private_ strkey_ sha1
- encryption
Certificate StringSha1 - id String
- The provider-assigned unique ID for this managed resource.
- signing
Certificate StringSha1 - signing
Private StringKey Sha1
Look up Existing Client Resource
Get an existing Client resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: ClientState, opts?: CustomResourceOptions): Client
@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
assertion_consumer_post_url: Optional[str] = None,
assertion_consumer_redirect_url: Optional[str] = None,
authentication_flow_binding_overrides: Optional[ClientAuthenticationFlowBindingOverridesArgs] = None,
base_url: Optional[str] = None,
canonicalization_method: Optional[str] = None,
client_id: Optional[str] = None,
client_signature_required: Optional[bool] = None,
description: Optional[str] = None,
enabled: Optional[bool] = None,
encrypt_assertions: Optional[bool] = None,
encryption_certificate: Optional[str] = None,
encryption_certificate_sha1: Optional[str] = None,
extra_config: Optional[Mapping[str, str]] = None,
force_name_id_format: Optional[bool] = None,
force_post_binding: Optional[bool] = None,
front_channel_logout: Optional[bool] = None,
full_scope_allowed: Optional[bool] = None,
idp_initiated_sso_relay_state: Optional[str] = None,
idp_initiated_sso_url_name: Optional[str] = None,
include_authn_statement: Optional[bool] = None,
login_theme: Optional[str] = None,
logout_service_post_binding_url: Optional[str] = None,
logout_service_redirect_binding_url: Optional[str] = None,
master_saml_processing_url: Optional[str] = None,
name: Optional[str] = None,
name_id_format: Optional[str] = None,
realm_id: Optional[str] = None,
root_url: Optional[str] = None,
sign_assertions: Optional[bool] = None,
sign_documents: Optional[bool] = None,
signature_algorithm: Optional[str] = None,
signature_key_name: Optional[str] = None,
signing_certificate: Optional[str] = None,
signing_certificate_sha1: Optional[str] = None,
signing_private_key: Optional[str] = None,
signing_private_key_sha1: Optional[str] = None,
valid_redirect_uris: Optional[Sequence[str]] = None) -> Client
func GetClient(ctx *Context, name string, id IDInput, state *ClientState, opts ...ResourceOption) (*Client, error)
public static Client Get(string name, Input<string> id, ClientState? state, CustomResourceOptions? opts = null)
public static Client get(String name, Output<String> id, ClientState state, CustomResourceOptions options)
Resource lookup is not supported in YAML
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Assertion
Consumer stringPost Url - Assertion
Consumer stringRedirect Url - Authentication
Flow ClientBinding Overrides Authentication Flow Binding Overrides - Base
Url string - Canonicalization
Method string - Client
Id string - Client
Signature boolRequired - Description string
- Enabled bool
- Encrypt
Assertions bool - Encryption
Certificate string - Encryption
Certificate stringSha1 - Extra
Config Dictionary<string, string> - Force
Name boolId Format - Force
Post boolBinding - Front
Channel boolLogout - Full
Scope boolAllowed - Idp
Initiated stringSso Relay State - Idp
Initiated stringSso Url Name - Include
Authn boolStatement - Login
Theme string - Logout
Service stringPost Binding Url - Logout
Service stringRedirect Binding Url - Master
Saml stringProcessing Url - Name string
- Name
Id stringFormat - Realm
Id string - Root
Url string - Sign
Assertions bool - Sign
Documents bool - Signature
Algorithm string - Signature
Key stringName - Signing
Certificate string - Signing
Certificate stringSha1 - Signing
Private stringKey - Signing
Private stringKey Sha1 - Valid
Redirect List<string>Uris
- Assertion
Consumer stringPost Url - Assertion
Consumer stringRedirect Url - Authentication
Flow ClientBinding Overrides Authentication Flow Binding Overrides Args - Base
Url string - Canonicalization
Method string - Client
Id string - Client
Signature boolRequired - Description string
- Enabled bool
- Encrypt
Assertions bool - Encryption
Certificate string - Encryption
Certificate stringSha1 - Extra
Config map[string]string - Force
Name boolId Format - Force
Post boolBinding - Front
Channel boolLogout - Full
Scope boolAllowed - Idp
Initiated stringSso Relay State - Idp
Initiated stringSso Url Name - Include
Authn boolStatement - Login
Theme string - Logout
Service stringPost Binding Url - Logout
Service stringRedirect Binding Url - Master
Saml stringProcessing Url - Name string
- Name
Id stringFormat - Realm
Id string - Root
Url string - Sign
Assertions bool - Sign
Documents bool - Signature
Algorithm string - Signature
Key stringName - Signing
Certificate string - Signing
Certificate stringSha1 - Signing
Private stringKey - Signing
Private stringKey Sha1 - Valid
Redirect []stringUris
- assertion
Consumer StringPost Url - assertion
Consumer StringRedirect Url - authentication
Flow ClientBinding Overrides Authentication Flow Binding Overrides - base
Url String - canonicalization
Method String - client
Id String - client
Signature BooleanRequired - description String
- enabled Boolean
- encrypt
Assertions Boolean - encryption
Certificate String - encryption
Certificate StringSha1 - extra
Config Map<String,String> - force
Name BooleanId Format - force
Post BooleanBinding - front
Channel BooleanLogout - full
Scope BooleanAllowed - idp
Initiated StringSso Relay State - idp
Initiated StringSso Url Name - include
Authn BooleanStatement - login
Theme String - logout
Service StringPost Binding Url - logout
Service StringRedirect Binding Url - master
Saml StringProcessing Url - name String
- name
Id StringFormat - realm
Id String - root
Url String - sign
Assertions Boolean - sign
Documents Boolean - signature
Algorithm String - signature
Key StringName - signing
Certificate String - signing
Certificate StringSha1 - signing
Private StringKey - signing
Private StringKey Sha1 - valid
Redirect List<String>Uris
- assertion
Consumer stringPost Url - assertion
Consumer stringRedirect Url - authentication
Flow ClientBinding Overrides Authentication Flow Binding Overrides - base
Url string - canonicalization
Method string - client
Id string - client
Signature booleanRequired - description string
- enabled boolean
- encrypt
Assertions boolean - encryption
Certificate string - encryption
Certificate stringSha1 - extra
Config {[key: string]: string} - force
Name booleanId Format - force
Post booleanBinding - front
Channel booleanLogout - full
Scope booleanAllowed - idp
Initiated stringSso Relay State - idp
Initiated stringSso Url Name - include
Authn booleanStatement - login
Theme string - logout
Service stringPost Binding Url - logout
Service stringRedirect Binding Url - master
Saml stringProcessing Url - name string
- name
Id stringFormat - realm
Id string - root
Url string - sign
Assertions boolean - sign
Documents boolean - signature
Algorithm string - signature
Key stringName - signing
Certificate string - signing
Certificate stringSha1 - signing
Private stringKey - signing
Private stringKey Sha1 - valid
Redirect string[]Uris
- assertion_
consumer_ strpost_ url - assertion_
consumer_ strredirect_ url - authentication_
flow_ Clientbinding_ overrides Authentication Flow Binding Overrides Args - base_
url str - canonicalization_
method str - client_
id str - client_
signature_ boolrequired - description str
- enabled bool
- encrypt_
assertions bool - encryption_
certificate str - encryption_
certificate_ strsha1 - extra_
config Mapping[str, str] - force_
name_ boolid_ format - force_
post_ boolbinding - front_
channel_ boollogout - full_
scope_ boolallowed - idp_
initiated_ strsso_ relay_ state - idp_
initiated_ strsso_ url_ name - include_
authn_ boolstatement - login_
theme str - logout_
service_ strpost_ binding_ url - logout_
service_ strredirect_ binding_ url - master_
saml_ strprocessing_ url - name str
- name_
id_ strformat - realm_
id str - root_
url str - sign_
assertions bool - sign_
documents bool - signature_
algorithm str - signature_
key_ strname - signing_
certificate str - signing_
certificate_ strsha1 - signing_
private_ strkey - signing_
private_ strkey_ sha1 - valid_
redirect_ Sequence[str]uris
- assertion
Consumer StringPost Url - assertion
Consumer StringRedirect Url - authentication
Flow Property MapBinding Overrides - base
Url String - canonicalization
Method String - client
Id String - client
Signature BooleanRequired - description String
- enabled Boolean
- encrypt
Assertions Boolean - encryption
Certificate String - encryption
Certificate StringSha1 - extra
Config Map<String> - force
Name BooleanId Format - force
Post BooleanBinding - front
Channel BooleanLogout - full
Scope BooleanAllowed - idp
Initiated StringSso Relay State - idp
Initiated StringSso Url Name - include
Authn BooleanStatement - login
Theme String - logout
Service StringPost Binding Url - logout
Service StringRedirect Binding Url - master
Saml StringProcessing Url - name String
- name
Id StringFormat - realm
Id String - root
Url String - sign
Assertions Boolean - sign
Documents Boolean - signature
Algorithm String - signature
Key StringName - signing
Certificate String - signing
Certificate StringSha1 - signing
Private StringKey - signing
Private StringKey Sha1 - valid
Redirect List<String>Uris
Supporting Types
ClientAuthenticationFlowBindingOverrides, ClientAuthenticationFlowBindingOverridesArgs
- Browser
Id string - Direct
Grant stringId
- Browser
Id string - Direct
Grant stringId
- browser
Id String - direct
Grant StringId
- browser
Id string - direct
Grant stringId
- browser_
id str - direct_
grant_ strid
- browser
Id String - direct
Grant StringId
Package Details
- Repository
- Keycloak pulumi/pulumi-keycloak
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
keycloak
Terraform Provider.