1. Packages
  2. MongoDB Atlas
  3. API Docs
  4. FederatedSettingsIdentityProvider
MongoDB Atlas v3.16.2 published on Friday, Jun 21, 2024 by Pulumi

mongodbatlas.FederatedSettingsIdentityProvider

Explore with Pulumi AI

mongodbatlas logo
MongoDB Atlas v3.16.2 published on Friday, Jun 21, 2024 by Pulumi

    mongodbatlas.FederatedSettingsIdentityProvider provides an Atlas federated settings identity provider resource provides a subset of settings to be maintained post import of the existing resource.

    Example Usage

    IMPORTANT If you want to use a SAML Identity Provider, you MUST import this resource before you can manage it with this provider.

    SAML IdP:

    import * as pulumi from "@pulumi/pulumi";
    import * as mongodbatlas from "@pulumi/mongodbatlas";
    
    const identityProvider = new mongodbatlas.FederatedSettingsIdentityProvider("identity_provider", {
        federationSettingsId: "627a9687f7f7f7f774de306f14",
        name: "mongodb_federation_test",
        associatedDomains: ["yourdomain.com"],
        ssoDebugEnabled: true,
        status: "ACTIVE",
        ssoUrl: "https://mysso.oktapreview.com/app/mysso_terraformtestsso/exk17q7f7f7f7f50h8/sso/saml",
        issuerUri: "http://www.okta.com/exk17q7f7f7f7fp50h8",
        requestBinding: "HTTP-POST",
        responseSignatureAlgorithm: "SHA-256",
    });
    
    import pulumi
    import pulumi_mongodbatlas as mongodbatlas
    
    identity_provider = mongodbatlas.FederatedSettingsIdentityProvider("identity_provider",
        federation_settings_id="627a9687f7f7f7f774de306f14",
        name="mongodb_federation_test",
        associated_domains=["yourdomain.com"],
        sso_debug_enabled=True,
        status="ACTIVE",
        sso_url="https://mysso.oktapreview.com/app/mysso_terraformtestsso/exk17q7f7f7f7f50h8/sso/saml",
        issuer_uri="http://www.okta.com/exk17q7f7f7f7fp50h8",
        request_binding="HTTP-POST",
        response_signature_algorithm="SHA-256")
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-mongodbatlas/sdk/v3/go/mongodbatlas"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		_, err := mongodbatlas.NewFederatedSettingsIdentityProvider(ctx, "identity_provider", &mongodbatlas.FederatedSettingsIdentityProviderArgs{
    			FederationSettingsId: pulumi.String("627a9687f7f7f7f774de306f14"),
    			Name:                 pulumi.String("mongodb_federation_test"),
    			AssociatedDomains: pulumi.StringArray{
    				pulumi.String("yourdomain.com"),
    			},
    			SsoDebugEnabled:            pulumi.Bool(true),
    			Status:                     pulumi.String("ACTIVE"),
    			SsoUrl:                     pulumi.String("https://mysso.oktapreview.com/app/mysso_terraformtestsso/exk17q7f7f7f7f50h8/sso/saml"),
    			IssuerUri:                  pulumi.String("http://www.okta.com/exk17q7f7f7f7fp50h8"),
    			RequestBinding:             pulumi.String("HTTP-POST"),
    			ResponseSignatureAlgorithm: pulumi.String("SHA-256"),
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Mongodbatlas = Pulumi.Mongodbatlas;
    
    return await Deployment.RunAsync(() => 
    {
        var identityProvider = new Mongodbatlas.FederatedSettingsIdentityProvider("identity_provider", new()
        {
            FederationSettingsId = "627a9687f7f7f7f774de306f14",
            Name = "mongodb_federation_test",
            AssociatedDomains = new[]
            {
                "yourdomain.com",
            },
            SsoDebugEnabled = true,
            Status = "ACTIVE",
            SsoUrl = "https://mysso.oktapreview.com/app/mysso_terraformtestsso/exk17q7f7f7f7f50h8/sso/saml",
            IssuerUri = "http://www.okta.com/exk17q7f7f7f7fp50h8",
            RequestBinding = "HTTP-POST",
            ResponseSignatureAlgorithm = "SHA-256",
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.mongodbatlas.FederatedSettingsIdentityProvider;
    import com.pulumi.mongodbatlas.FederatedSettingsIdentityProviderArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var identityProvider = new FederatedSettingsIdentityProvider("identityProvider", FederatedSettingsIdentityProviderArgs.builder()
                .federationSettingsId("627a9687f7f7f7f774de306f14")
                .name("mongodb_federation_test")
                .associatedDomains("yourdomain.com")
                .ssoDebugEnabled(true)
                .status("ACTIVE")
                .ssoUrl("https://mysso.oktapreview.com/app/mysso_terraformtestsso/exk17q7f7f7f7f50h8/sso/saml")
                .issuerUri("http://www.okta.com/exk17q7f7f7f7fp50h8")
                .requestBinding("HTTP-POST")
                .responseSignatureAlgorithm("SHA-256")
                .build());
    
        }
    }
    
    resources:
      identityProvider:
        type: mongodbatlas:FederatedSettingsIdentityProvider
        name: identity_provider
        properties:
          federationSettingsId: 627a9687f7f7f7f774de306f14
          name: mongodb_federation_test
          associatedDomains:
            - yourdomain.com
          ssoDebugEnabled: true
          status: ACTIVE
          ssoUrl: https://mysso.oktapreview.com/app/mysso_terraformtestsso/exk17q7f7f7f7f50h8/sso/saml
          issuerUri: http://www.okta.com/exk17q7f7f7f7fp50h8
          requestBinding: HTTP-POST
          responseSignatureAlgorithm: SHA-256
    

    OIDC IdP:

    import * as pulumi from "@pulumi/pulumi";
    import * as mongodbatlas from "@pulumi/mongodbatlas";
    
    const oidc = new mongodbatlas.FederatedSettingsIdentityProvider("oidc", {
        federationSettingsId: _this.id,
        audience: tokenAudience,
        authorizationType: "USER",
        description: "oidc",
        issuerUri: `https://sts.windows.net/${thisAzurermUserAssignedIdentity.tenantId}/`,
        idpType: "WORKLOAD",
        name: "OIDC-for-azure",
        protocol: "OIDC",
        userClaim: "sub",
    });
    
    import pulumi
    import pulumi_mongodbatlas as mongodbatlas
    
    oidc = mongodbatlas.FederatedSettingsIdentityProvider("oidc",
        federation_settings_id=this["id"],
        audience=token_audience,
        authorization_type="USER",
        description="oidc",
        issuer_uri=f"https://sts.windows.net/{this_azurerm_user_assigned_identity['tenantId']}/",
        idp_type="WORKLOAD",
        name="OIDC-for-azure",
        protocol="OIDC",
        user_claim="sub")
    
    package main
    
    import (
    	"fmt"
    
    	"github.com/pulumi/pulumi-mongodbatlas/sdk/v3/go/mongodbatlas"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		_, err := mongodbatlas.NewFederatedSettingsIdentityProvider(ctx, "oidc", &mongodbatlas.FederatedSettingsIdentityProviderArgs{
    			FederationSettingsId: pulumi.Any(this.Id),
    			Audience:             pulumi.Any(tokenAudience),
    			AuthorizationType:    pulumi.String("USER"),
    			Description:          pulumi.String("oidc"),
    			IssuerUri:            pulumi.String(fmt.Sprintf("https://sts.windows.net/%v/", thisAzurermUserAssignedIdentity.TenantId)),
    			IdpType:              pulumi.String("WORKLOAD"),
    			Name:                 pulumi.String("OIDC-for-azure"),
    			Protocol:             pulumi.String("OIDC"),
    			UserClaim:            pulumi.String("sub"),
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Mongodbatlas = Pulumi.Mongodbatlas;
    
    return await Deployment.RunAsync(() => 
    {
        var oidc = new Mongodbatlas.FederatedSettingsIdentityProvider("oidc", new()
        {
            FederationSettingsId = @this.Id,
            Audience = tokenAudience,
            AuthorizationType = "USER",
            Description = "oidc",
            IssuerUri = $"https://sts.windows.net/{thisAzurermUserAssignedIdentity.TenantId}/",
            IdpType = "WORKLOAD",
            Name = "OIDC-for-azure",
            Protocol = "OIDC",
            UserClaim = "sub",
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.mongodbatlas.FederatedSettingsIdentityProvider;
    import com.pulumi.mongodbatlas.FederatedSettingsIdentityProviderArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var oidc = new FederatedSettingsIdentityProvider("oidc", FederatedSettingsIdentityProviderArgs.builder()
                .federationSettingsId(this_.id())
                .audience(tokenAudience)
                .authorizationType("USER")
                .description("oidc")
                .issuerUri(String.format("https://sts.windows.net/%s/", thisAzurermUserAssignedIdentity.tenantId()))
                .idpType("WORKLOAD")
                .name("OIDC-for-azure")
                .protocol("OIDC")
                .userClaim("sub")
                .build());
    
        }
    }
    
    resources:
      oidc:
        type: mongodbatlas:FederatedSettingsIdentityProvider
        properties:
          federationSettingsId: ${this.id}
          audience: ${tokenAudience}
          authorizationType: USER
          description: oidc
          issuerUri: https://sts.windows.net/${thisAzurermUserAssignedIdentity.tenantId}/
          idpType: WORKLOAD
          name: OIDC-for-azure
          protocol: OIDC
          userClaim: sub
    

    Create FederatedSettingsIdentityProvider Resource

    Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

    Constructor syntax

    new FederatedSettingsIdentityProvider(name: string, args: FederatedSettingsIdentityProviderArgs, opts?: CustomResourceOptions);
    @overload
    def FederatedSettingsIdentityProvider(resource_name: str,
                                          args: FederatedSettingsIdentityProviderArgs,
                                          opts: Optional[ResourceOptions] = None)
    
    @overload
    def FederatedSettingsIdentityProvider(resource_name: str,
                                          opts: Optional[ResourceOptions] = None,
                                          federation_settings_id: Optional[str] = None,
                                          issuer_uri: Optional[str] = None,
                                          description: Optional[str] = None,
                                          name: Optional[str] = None,
                                          associated_domains: Optional[Sequence[str]] = None,
                                          authorization_type: Optional[str] = None,
                                          groups_claim: Optional[str] = None,
                                          idp_type: Optional[str] = None,
                                          audience: Optional[str] = None,
                                          client_id: Optional[str] = None,
                                          protocol: Optional[str] = None,
                                          request_binding: Optional[str] = None,
                                          requested_scopes: Optional[Sequence[str]] = None,
                                          response_signature_algorithm: Optional[str] = None,
                                          sso_debug_enabled: Optional[bool] = None,
                                          sso_url: Optional[str] = None,
                                          status: Optional[str] = None,
                                          user_claim: Optional[str] = None)
    func NewFederatedSettingsIdentityProvider(ctx *Context, name string, args FederatedSettingsIdentityProviderArgs, opts ...ResourceOption) (*FederatedSettingsIdentityProvider, error)
    public FederatedSettingsIdentityProvider(string name, FederatedSettingsIdentityProviderArgs args, CustomResourceOptions? opts = null)
    public FederatedSettingsIdentityProvider(String name, FederatedSettingsIdentityProviderArgs args)
    public FederatedSettingsIdentityProvider(String name, FederatedSettingsIdentityProviderArgs args, CustomResourceOptions options)
    
    type: mongodbatlas:FederatedSettingsIdentityProvider
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    

    Parameters

    name string
    The unique name of the resource.
    args FederatedSettingsIdentityProviderArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args FederatedSettingsIdentityProviderArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args FederatedSettingsIdentityProviderArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args FederatedSettingsIdentityProviderArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args FederatedSettingsIdentityProviderArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    Constructor example

    The following reference example uses placeholder values for all input properties.

    var federatedSettingsIdentityProviderResource = new Mongodbatlas.FederatedSettingsIdentityProvider("federatedSettingsIdentityProviderResource", new()
    {
        FederationSettingsId = "string",
        IssuerUri = "string",
        Description = "string",
        Name = "string",
        AssociatedDomains = new[]
        {
            "string",
        },
        AuthorizationType = "string",
        GroupsClaim = "string",
        IdpType = "string",
        Audience = "string",
        ClientId = "string",
        Protocol = "string",
        RequestBinding = "string",
        RequestedScopes = new[]
        {
            "string",
        },
        ResponseSignatureAlgorithm = "string",
        SsoDebugEnabled = false,
        SsoUrl = "string",
        Status = "string",
        UserClaim = "string",
    });
    
    example, err := mongodbatlas.NewFederatedSettingsIdentityProvider(ctx, "federatedSettingsIdentityProviderResource", &mongodbatlas.FederatedSettingsIdentityProviderArgs{
    	FederationSettingsId: pulumi.String("string"),
    	IssuerUri:            pulumi.String("string"),
    	Description:          pulumi.String("string"),
    	Name:                 pulumi.String("string"),
    	AssociatedDomains: pulumi.StringArray{
    		pulumi.String("string"),
    	},
    	AuthorizationType: pulumi.String("string"),
    	GroupsClaim:       pulumi.String("string"),
    	IdpType:           pulumi.String("string"),
    	Audience:          pulumi.String("string"),
    	ClientId:          pulumi.String("string"),
    	Protocol:          pulumi.String("string"),
    	RequestBinding:    pulumi.String("string"),
    	RequestedScopes: pulumi.StringArray{
    		pulumi.String("string"),
    	},
    	ResponseSignatureAlgorithm: pulumi.String("string"),
    	SsoDebugEnabled:            pulumi.Bool(false),
    	SsoUrl:                     pulumi.String("string"),
    	Status:                     pulumi.String("string"),
    	UserClaim:                  pulumi.String("string"),
    })
    
    var federatedSettingsIdentityProviderResource = new FederatedSettingsIdentityProvider("federatedSettingsIdentityProviderResource", FederatedSettingsIdentityProviderArgs.builder()
        .federationSettingsId("string")
        .issuerUri("string")
        .description("string")
        .name("string")
        .associatedDomains("string")
        .authorizationType("string")
        .groupsClaim("string")
        .idpType("string")
        .audience("string")
        .clientId("string")
        .protocol("string")
        .requestBinding("string")
        .requestedScopes("string")
        .responseSignatureAlgorithm("string")
        .ssoDebugEnabled(false)
        .ssoUrl("string")
        .status("string")
        .userClaim("string")
        .build());
    
    federated_settings_identity_provider_resource = mongodbatlas.FederatedSettingsIdentityProvider("federatedSettingsIdentityProviderResource",
        federation_settings_id="string",
        issuer_uri="string",
        description="string",
        name="string",
        associated_domains=["string"],
        authorization_type="string",
        groups_claim="string",
        idp_type="string",
        audience="string",
        client_id="string",
        protocol="string",
        request_binding="string",
        requested_scopes=["string"],
        response_signature_algorithm="string",
        sso_debug_enabled=False,
        sso_url="string",
        status="string",
        user_claim="string")
    
    const federatedSettingsIdentityProviderResource = new mongodbatlas.FederatedSettingsIdentityProvider("federatedSettingsIdentityProviderResource", {
        federationSettingsId: "string",
        issuerUri: "string",
        description: "string",
        name: "string",
        associatedDomains: ["string"],
        authorizationType: "string",
        groupsClaim: "string",
        idpType: "string",
        audience: "string",
        clientId: "string",
        protocol: "string",
        requestBinding: "string",
        requestedScopes: ["string"],
        responseSignatureAlgorithm: "string",
        ssoDebugEnabled: false,
        ssoUrl: "string",
        status: "string",
        userClaim: "string",
    });
    
    type: mongodbatlas:FederatedSettingsIdentityProvider
    properties:
        associatedDomains:
            - string
        audience: string
        authorizationType: string
        clientId: string
        description: string
        federationSettingsId: string
        groupsClaim: string
        idpType: string
        issuerUri: string
        name: string
        protocol: string
        requestBinding: string
        requestedScopes:
            - string
        responseSignatureAlgorithm: string
        ssoDebugEnabled: false
        ssoUrl: string
        status: string
        userClaim: string
    

    FederatedSettingsIdentityProvider Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    The FederatedSettingsIdentityProvider resource accepts the following input properties:

    FederationSettingsId string
    Unique 24-hexadecimal digit string that identifies the federated authentication configuration.
    IssuerUri string
    Unique string that identifies the issuer of the IdP.
    AssociatedDomains List<string>
    List that contains the domains associated with the identity provider.
    Audience string
    Identifier of the intended recipient of the token used in OIDC IdP.
    AuthorizationType string
    Indicates whether authorization is granted based on group membership or user ID. Valid values are GROUP or USER.
    ClientId string
    Client identifier that is assigned to an application by the OIDC Identity Provider.
    Description string
    The description of the identity provider.
    GroupsClaim string
    Identifier of the claim which contains OIDC IdP Group IDs in the token.
    IdpType string
    Name string
    Human-readable label that identifies the identity provider.
    Protocol string
    The protocol of the identity provider. Either SAML or OIDC.
    RequestBinding string
    SAML Authentication Request Protocol HTTP method binding (POST or REDIRECT) that Federated Authentication uses to send the authentication request. Atlas supports the following binding values:

    • HTTP POST
    • HTTP REDIRECT
    RequestedScopes List<string>
    Scopes that MongoDB applications will request from the authorization endpoint used for OIDC IdPs.
    ResponseSignatureAlgorithm string
    Signature algorithm that Federated Authentication uses to encrypt the identity provider signature. Valid values include SHA-1 and SHA-256.
    SsoDebugEnabled bool
    Flag that indicates whether the identity provider has SSO debug enabled.
    SsoUrl string
    Unique string that identifies the intended audience of the SAML assertion.
    Status string
    String enum that indicates whether the identity provider is active or not. Accepted values are ACTIVE or INACTIVE.
    UserClaim string
    Identifier of the claim which contains the user ID in the token used for OIDC IdPs. userClaim is required for OIDC IdP with authorizationType GROUP and USER.
    FederationSettingsId string
    Unique 24-hexadecimal digit string that identifies the federated authentication configuration.
    IssuerUri string
    Unique string that identifies the issuer of the IdP.
    AssociatedDomains []string
    List that contains the domains associated with the identity provider.
    Audience string
    Identifier of the intended recipient of the token used in OIDC IdP.
    AuthorizationType string
    Indicates whether authorization is granted based on group membership or user ID. Valid values are GROUP or USER.
    ClientId string
    Client identifier that is assigned to an application by the OIDC Identity Provider.
    Description string
    The description of the identity provider.
    GroupsClaim string
    Identifier of the claim which contains OIDC IdP Group IDs in the token.
    IdpType string
    Name string
    Human-readable label that identifies the identity provider.
    Protocol string
    The protocol of the identity provider. Either SAML or OIDC.
    RequestBinding string
    SAML Authentication Request Protocol HTTP method binding (POST or REDIRECT) that Federated Authentication uses to send the authentication request. Atlas supports the following binding values:

    • HTTP POST
    • HTTP REDIRECT
    RequestedScopes []string
    Scopes that MongoDB applications will request from the authorization endpoint used for OIDC IdPs.
    ResponseSignatureAlgorithm string
    Signature algorithm that Federated Authentication uses to encrypt the identity provider signature. Valid values include SHA-1 and SHA-256.
    SsoDebugEnabled bool
    Flag that indicates whether the identity provider has SSO debug enabled.
    SsoUrl string
    Unique string that identifies the intended audience of the SAML assertion.
    Status string
    String enum that indicates whether the identity provider is active or not. Accepted values are ACTIVE or INACTIVE.
    UserClaim string
    Identifier of the claim which contains the user ID in the token used for OIDC IdPs. userClaim is required for OIDC IdP with authorizationType GROUP and USER.
    federationSettingsId String
    Unique 24-hexadecimal digit string that identifies the federated authentication configuration.
    issuerUri String
    Unique string that identifies the issuer of the IdP.
    associatedDomains List<String>
    List that contains the domains associated with the identity provider.
    audience String
    Identifier of the intended recipient of the token used in OIDC IdP.
    authorizationType String
    Indicates whether authorization is granted based on group membership or user ID. Valid values are GROUP or USER.
    clientId String
    Client identifier that is assigned to an application by the OIDC Identity Provider.
    description String
    The description of the identity provider.
    groupsClaim String
    Identifier of the claim which contains OIDC IdP Group IDs in the token.
    idpType String
    name String
    Human-readable label that identifies the identity provider.
    protocol String
    The protocol of the identity provider. Either SAML or OIDC.
    requestBinding String
    SAML Authentication Request Protocol HTTP method binding (POST or REDIRECT) that Federated Authentication uses to send the authentication request. Atlas supports the following binding values:

    • HTTP POST
    • HTTP REDIRECT
    requestedScopes List<String>
    Scopes that MongoDB applications will request from the authorization endpoint used for OIDC IdPs.
    responseSignatureAlgorithm String
    Signature algorithm that Federated Authentication uses to encrypt the identity provider signature. Valid values include SHA-1 and SHA-256.
    ssoDebugEnabled Boolean
    Flag that indicates whether the identity provider has SSO debug enabled.
    ssoUrl String
    Unique string that identifies the intended audience of the SAML assertion.
    status String
    String enum that indicates whether the identity provider is active or not. Accepted values are ACTIVE or INACTIVE.
    userClaim String
    Identifier of the claim which contains the user ID in the token used for OIDC IdPs. userClaim is required for OIDC IdP with authorizationType GROUP and USER.
    federationSettingsId string
    Unique 24-hexadecimal digit string that identifies the federated authentication configuration.
    issuerUri string
    Unique string that identifies the issuer of the IdP.
    associatedDomains string[]
    List that contains the domains associated with the identity provider.
    audience string
    Identifier of the intended recipient of the token used in OIDC IdP.
    authorizationType string
    Indicates whether authorization is granted based on group membership or user ID. Valid values are GROUP or USER.
    clientId string
    Client identifier that is assigned to an application by the OIDC Identity Provider.
    description string
    The description of the identity provider.
    groupsClaim string
    Identifier of the claim which contains OIDC IdP Group IDs in the token.
    idpType string
    name string
    Human-readable label that identifies the identity provider.
    protocol string
    The protocol of the identity provider. Either SAML or OIDC.
    requestBinding string
    SAML Authentication Request Protocol HTTP method binding (POST or REDIRECT) that Federated Authentication uses to send the authentication request. Atlas supports the following binding values:

    • HTTP POST
    • HTTP REDIRECT
    requestedScopes string[]
    Scopes that MongoDB applications will request from the authorization endpoint used for OIDC IdPs.
    responseSignatureAlgorithm string
    Signature algorithm that Federated Authentication uses to encrypt the identity provider signature. Valid values include SHA-1 and SHA-256.
    ssoDebugEnabled boolean
    Flag that indicates whether the identity provider has SSO debug enabled.
    ssoUrl string
    Unique string that identifies the intended audience of the SAML assertion.
    status string
    String enum that indicates whether the identity provider is active or not. Accepted values are ACTIVE or INACTIVE.
    userClaim string
    Identifier of the claim which contains the user ID in the token used for OIDC IdPs. userClaim is required for OIDC IdP with authorizationType GROUP and USER.
    federation_settings_id str
    Unique 24-hexadecimal digit string that identifies the federated authentication configuration.
    issuer_uri str
    Unique string that identifies the issuer of the IdP.
    associated_domains Sequence[str]
    List that contains the domains associated with the identity provider.
    audience str
    Identifier of the intended recipient of the token used in OIDC IdP.
    authorization_type str
    Indicates whether authorization is granted based on group membership or user ID. Valid values are GROUP or USER.
    client_id str
    Client identifier that is assigned to an application by the OIDC Identity Provider.
    description str
    The description of the identity provider.
    groups_claim str
    Identifier of the claim which contains OIDC IdP Group IDs in the token.
    idp_type str
    name str
    Human-readable label that identifies the identity provider.
    protocol str
    The protocol of the identity provider. Either SAML or OIDC.
    request_binding str
    SAML Authentication Request Protocol HTTP method binding (POST or REDIRECT) that Federated Authentication uses to send the authentication request. Atlas supports the following binding values:

    • HTTP POST
    • HTTP REDIRECT
    requested_scopes Sequence[str]
    Scopes that MongoDB applications will request from the authorization endpoint used for OIDC IdPs.
    response_signature_algorithm str
    Signature algorithm that Federated Authentication uses to encrypt the identity provider signature. Valid values include SHA-1 and SHA-256.
    sso_debug_enabled bool
    Flag that indicates whether the identity provider has SSO debug enabled.
    sso_url str
    Unique string that identifies the intended audience of the SAML assertion.
    status str
    String enum that indicates whether the identity provider is active or not. Accepted values are ACTIVE or INACTIVE.
    user_claim str
    Identifier of the claim which contains the user ID in the token used for OIDC IdPs. userClaim is required for OIDC IdP with authorizationType GROUP and USER.
    federationSettingsId String
    Unique 24-hexadecimal digit string that identifies the federated authentication configuration.
    issuerUri String
    Unique string that identifies the issuer of the IdP.
    associatedDomains List<String>
    List that contains the domains associated with the identity provider.
    audience String
    Identifier of the intended recipient of the token used in OIDC IdP.
    authorizationType String
    Indicates whether authorization is granted based on group membership or user ID. Valid values are GROUP or USER.
    clientId String
    Client identifier that is assigned to an application by the OIDC Identity Provider.
    description String
    The description of the identity provider.
    groupsClaim String
    Identifier of the claim which contains OIDC IdP Group IDs in the token.
    idpType String
    name String
    Human-readable label that identifies the identity provider.
    protocol String
    The protocol of the identity provider. Either SAML or OIDC.
    requestBinding String
    SAML Authentication Request Protocol HTTP method binding (POST or REDIRECT) that Federated Authentication uses to send the authentication request. Atlas supports the following binding values:

    • HTTP POST
    • HTTP REDIRECT
    requestedScopes List<String>
    Scopes that MongoDB applications will request from the authorization endpoint used for OIDC IdPs.
    responseSignatureAlgorithm String
    Signature algorithm that Federated Authentication uses to encrypt the identity provider signature. Valid values include SHA-1 and SHA-256.
    ssoDebugEnabled Boolean
    Flag that indicates whether the identity provider has SSO debug enabled.
    ssoUrl String
    Unique string that identifies the intended audience of the SAML assertion.
    status String
    String enum that indicates whether the identity provider is active or not. Accepted values are ACTIVE or INACTIVE.
    userClaim String
    Identifier of the claim which contains the user ID in the token used for OIDC IdPs. userClaim is required for OIDC IdP with authorizationType GROUP and USER.

    Outputs

    All input properties are implicitly available as output properties. Additionally, the FederatedSettingsIdentityProvider resource produces the following output properties:

    Id string
    The provider-assigned unique ID for this managed resource.
    IdpId string
    Unique 24-hexadecimal digit string that identifies the IdP.
    OktaIdpId string
    Unique 20-hexadecimal digit string that identifies the IdP.
    Id string
    The provider-assigned unique ID for this managed resource.
    IdpId string
    Unique 24-hexadecimal digit string that identifies the IdP.
    OktaIdpId string
    Unique 20-hexadecimal digit string that identifies the IdP.
    id String
    The provider-assigned unique ID for this managed resource.
    idpId String
    Unique 24-hexadecimal digit string that identifies the IdP.
    oktaIdpId String
    Unique 20-hexadecimal digit string that identifies the IdP.
    id string
    The provider-assigned unique ID for this managed resource.
    idpId string
    Unique 24-hexadecimal digit string that identifies the IdP.
    oktaIdpId string
    Unique 20-hexadecimal digit string that identifies the IdP.
    id str
    The provider-assigned unique ID for this managed resource.
    idp_id str
    Unique 24-hexadecimal digit string that identifies the IdP.
    okta_idp_id str
    Unique 20-hexadecimal digit string that identifies the IdP.
    id String
    The provider-assigned unique ID for this managed resource.
    idpId String
    Unique 24-hexadecimal digit string that identifies the IdP.
    oktaIdpId String
    Unique 20-hexadecimal digit string that identifies the IdP.

    Look up Existing FederatedSettingsIdentityProvider Resource

    Get an existing FederatedSettingsIdentityProvider resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: FederatedSettingsIdentityProviderState, opts?: CustomResourceOptions): FederatedSettingsIdentityProvider
    @staticmethod
    def get(resource_name: str,
            id: str,
            opts: Optional[ResourceOptions] = None,
            associated_domains: Optional[Sequence[str]] = None,
            audience: Optional[str] = None,
            authorization_type: Optional[str] = None,
            client_id: Optional[str] = None,
            description: Optional[str] = None,
            federation_settings_id: Optional[str] = None,
            groups_claim: Optional[str] = None,
            idp_id: Optional[str] = None,
            idp_type: Optional[str] = None,
            issuer_uri: Optional[str] = None,
            name: Optional[str] = None,
            okta_idp_id: Optional[str] = None,
            protocol: Optional[str] = None,
            request_binding: Optional[str] = None,
            requested_scopes: Optional[Sequence[str]] = None,
            response_signature_algorithm: Optional[str] = None,
            sso_debug_enabled: Optional[bool] = None,
            sso_url: Optional[str] = None,
            status: Optional[str] = None,
            user_claim: Optional[str] = None) -> FederatedSettingsIdentityProvider
    func GetFederatedSettingsIdentityProvider(ctx *Context, name string, id IDInput, state *FederatedSettingsIdentityProviderState, opts ...ResourceOption) (*FederatedSettingsIdentityProvider, error)
    public static FederatedSettingsIdentityProvider Get(string name, Input<string> id, FederatedSettingsIdentityProviderState? state, CustomResourceOptions? opts = null)
    public static FederatedSettingsIdentityProvider get(String name, Output<String> id, FederatedSettingsIdentityProviderState state, CustomResourceOptions options)
    Resource lookup is not supported in YAML
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    AssociatedDomains List<string>
    List that contains the domains associated with the identity provider.
    Audience string
    Identifier of the intended recipient of the token used in OIDC IdP.
    AuthorizationType string
    Indicates whether authorization is granted based on group membership or user ID. Valid values are GROUP or USER.
    ClientId string
    Client identifier that is assigned to an application by the OIDC Identity Provider.
    Description string
    The description of the identity provider.
    FederationSettingsId string
    Unique 24-hexadecimal digit string that identifies the federated authentication configuration.
    GroupsClaim string
    Identifier of the claim which contains OIDC IdP Group IDs in the token.
    IdpId string
    Unique 24-hexadecimal digit string that identifies the IdP.
    IdpType string
    IssuerUri string
    Unique string that identifies the issuer of the IdP.
    Name string
    Human-readable label that identifies the identity provider.
    OktaIdpId string
    Unique 20-hexadecimal digit string that identifies the IdP.
    Protocol string
    The protocol of the identity provider. Either SAML or OIDC.
    RequestBinding string
    SAML Authentication Request Protocol HTTP method binding (POST or REDIRECT) that Federated Authentication uses to send the authentication request. Atlas supports the following binding values:

    • HTTP POST
    • HTTP REDIRECT
    RequestedScopes List<string>
    Scopes that MongoDB applications will request from the authorization endpoint used for OIDC IdPs.
    ResponseSignatureAlgorithm string
    Signature algorithm that Federated Authentication uses to encrypt the identity provider signature. Valid values include SHA-1 and SHA-256.
    SsoDebugEnabled bool
    Flag that indicates whether the identity provider has SSO debug enabled.
    SsoUrl string
    Unique string that identifies the intended audience of the SAML assertion.
    Status string
    String enum that indicates whether the identity provider is active or not. Accepted values are ACTIVE or INACTIVE.
    UserClaim string
    Identifier of the claim which contains the user ID in the token used for OIDC IdPs. userClaim is required for OIDC IdP with authorizationType GROUP and USER.
    AssociatedDomains []string
    List that contains the domains associated with the identity provider.
    Audience string
    Identifier of the intended recipient of the token used in OIDC IdP.
    AuthorizationType string
    Indicates whether authorization is granted based on group membership or user ID. Valid values are GROUP or USER.
    ClientId string
    Client identifier that is assigned to an application by the OIDC Identity Provider.
    Description string
    The description of the identity provider.
    FederationSettingsId string
    Unique 24-hexadecimal digit string that identifies the federated authentication configuration.
    GroupsClaim string
    Identifier of the claim which contains OIDC IdP Group IDs in the token.
    IdpId string
    Unique 24-hexadecimal digit string that identifies the IdP.
    IdpType string
    IssuerUri string
    Unique string that identifies the issuer of the IdP.
    Name string
    Human-readable label that identifies the identity provider.
    OktaIdpId string
    Unique 20-hexadecimal digit string that identifies the IdP.
    Protocol string
    The protocol of the identity provider. Either SAML or OIDC.
    RequestBinding string
    SAML Authentication Request Protocol HTTP method binding (POST or REDIRECT) that Federated Authentication uses to send the authentication request. Atlas supports the following binding values:

    • HTTP POST
    • HTTP REDIRECT
    RequestedScopes []string
    Scopes that MongoDB applications will request from the authorization endpoint used for OIDC IdPs.
    ResponseSignatureAlgorithm string
    Signature algorithm that Federated Authentication uses to encrypt the identity provider signature. Valid values include SHA-1 and SHA-256.
    SsoDebugEnabled bool
    Flag that indicates whether the identity provider has SSO debug enabled.
    SsoUrl string
    Unique string that identifies the intended audience of the SAML assertion.
    Status string
    String enum that indicates whether the identity provider is active or not. Accepted values are ACTIVE or INACTIVE.
    UserClaim string
    Identifier of the claim which contains the user ID in the token used for OIDC IdPs. userClaim is required for OIDC IdP with authorizationType GROUP and USER.
    associatedDomains List<String>
    List that contains the domains associated with the identity provider.
    audience String
    Identifier of the intended recipient of the token used in OIDC IdP.
    authorizationType String
    Indicates whether authorization is granted based on group membership or user ID. Valid values are GROUP or USER.
    clientId String
    Client identifier that is assigned to an application by the OIDC Identity Provider.
    description String
    The description of the identity provider.
    federationSettingsId String
    Unique 24-hexadecimal digit string that identifies the federated authentication configuration.
    groupsClaim String
    Identifier of the claim which contains OIDC IdP Group IDs in the token.
    idpId String
    Unique 24-hexadecimal digit string that identifies the IdP.
    idpType String
    issuerUri String
    Unique string that identifies the issuer of the IdP.
    name String
    Human-readable label that identifies the identity provider.
    oktaIdpId String
    Unique 20-hexadecimal digit string that identifies the IdP.
    protocol String
    The protocol of the identity provider. Either SAML or OIDC.
    requestBinding String
    SAML Authentication Request Protocol HTTP method binding (POST or REDIRECT) that Federated Authentication uses to send the authentication request. Atlas supports the following binding values:

    • HTTP POST
    • HTTP REDIRECT
    requestedScopes List<String>
    Scopes that MongoDB applications will request from the authorization endpoint used for OIDC IdPs.
    responseSignatureAlgorithm String
    Signature algorithm that Federated Authentication uses to encrypt the identity provider signature. Valid values include SHA-1 and SHA-256.
    ssoDebugEnabled Boolean
    Flag that indicates whether the identity provider has SSO debug enabled.
    ssoUrl String
    Unique string that identifies the intended audience of the SAML assertion.
    status String
    String enum that indicates whether the identity provider is active or not. Accepted values are ACTIVE or INACTIVE.
    userClaim String
    Identifier of the claim which contains the user ID in the token used for OIDC IdPs. userClaim is required for OIDC IdP with authorizationType GROUP and USER.
    associatedDomains string[]
    List that contains the domains associated with the identity provider.
    audience string
    Identifier of the intended recipient of the token used in OIDC IdP.
    authorizationType string
    Indicates whether authorization is granted based on group membership or user ID. Valid values are GROUP or USER.
    clientId string
    Client identifier that is assigned to an application by the OIDC Identity Provider.
    description string
    The description of the identity provider.
    federationSettingsId string
    Unique 24-hexadecimal digit string that identifies the federated authentication configuration.
    groupsClaim string
    Identifier of the claim which contains OIDC IdP Group IDs in the token.
    idpId string
    Unique 24-hexadecimal digit string that identifies the IdP.
    idpType string
    issuerUri string
    Unique string that identifies the issuer of the IdP.
    name string
    Human-readable label that identifies the identity provider.
    oktaIdpId string
    Unique 20-hexadecimal digit string that identifies the IdP.
    protocol string
    The protocol of the identity provider. Either SAML or OIDC.
    requestBinding string
    SAML Authentication Request Protocol HTTP method binding (POST or REDIRECT) that Federated Authentication uses to send the authentication request. Atlas supports the following binding values:

    • HTTP POST
    • HTTP REDIRECT
    requestedScopes string[]
    Scopes that MongoDB applications will request from the authorization endpoint used for OIDC IdPs.
    responseSignatureAlgorithm string
    Signature algorithm that Federated Authentication uses to encrypt the identity provider signature. Valid values include SHA-1 and SHA-256.
    ssoDebugEnabled boolean
    Flag that indicates whether the identity provider has SSO debug enabled.
    ssoUrl string
    Unique string that identifies the intended audience of the SAML assertion.
    status string
    String enum that indicates whether the identity provider is active or not. Accepted values are ACTIVE or INACTIVE.
    userClaim string
    Identifier of the claim which contains the user ID in the token used for OIDC IdPs. userClaim is required for OIDC IdP with authorizationType GROUP and USER.
    associated_domains Sequence[str]
    List that contains the domains associated with the identity provider.
    audience str
    Identifier of the intended recipient of the token used in OIDC IdP.
    authorization_type str
    Indicates whether authorization is granted based on group membership or user ID. Valid values are GROUP or USER.
    client_id str
    Client identifier that is assigned to an application by the OIDC Identity Provider.
    description str
    The description of the identity provider.
    federation_settings_id str
    Unique 24-hexadecimal digit string that identifies the federated authentication configuration.
    groups_claim str
    Identifier of the claim which contains OIDC IdP Group IDs in the token.
    idp_id str
    Unique 24-hexadecimal digit string that identifies the IdP.
    idp_type str
    issuer_uri str
    Unique string that identifies the issuer of the IdP.
    name str
    Human-readable label that identifies the identity provider.
    okta_idp_id str
    Unique 20-hexadecimal digit string that identifies the IdP.
    protocol str
    The protocol of the identity provider. Either SAML or OIDC.
    request_binding str
    SAML Authentication Request Protocol HTTP method binding (POST or REDIRECT) that Federated Authentication uses to send the authentication request. Atlas supports the following binding values:

    • HTTP POST
    • HTTP REDIRECT
    requested_scopes Sequence[str]
    Scopes that MongoDB applications will request from the authorization endpoint used for OIDC IdPs.
    response_signature_algorithm str
    Signature algorithm that Federated Authentication uses to encrypt the identity provider signature. Valid values include SHA-1 and SHA-256.
    sso_debug_enabled bool
    Flag that indicates whether the identity provider has SSO debug enabled.
    sso_url str
    Unique string that identifies the intended audience of the SAML assertion.
    status str
    String enum that indicates whether the identity provider is active or not. Accepted values are ACTIVE or INACTIVE.
    user_claim str
    Identifier of the claim which contains the user ID in the token used for OIDC IdPs. userClaim is required for OIDC IdP with authorizationType GROUP and USER.
    associatedDomains List<String>
    List that contains the domains associated with the identity provider.
    audience String
    Identifier of the intended recipient of the token used in OIDC IdP.
    authorizationType String
    Indicates whether authorization is granted based on group membership or user ID. Valid values are GROUP or USER.
    clientId String
    Client identifier that is assigned to an application by the OIDC Identity Provider.
    description String
    The description of the identity provider.
    federationSettingsId String
    Unique 24-hexadecimal digit string that identifies the federated authentication configuration.
    groupsClaim String
    Identifier of the claim which contains OIDC IdP Group IDs in the token.
    idpId String
    Unique 24-hexadecimal digit string that identifies the IdP.
    idpType String
    issuerUri String
    Unique string that identifies the issuer of the IdP.
    name String
    Human-readable label that identifies the identity provider.
    oktaIdpId String
    Unique 20-hexadecimal digit string that identifies the IdP.
    protocol String
    The protocol of the identity provider. Either SAML or OIDC.
    requestBinding String
    SAML Authentication Request Protocol HTTP method binding (POST or REDIRECT) that Federated Authentication uses to send the authentication request. Atlas supports the following binding values:

    • HTTP POST
    • HTTP REDIRECT
    requestedScopes List<String>
    Scopes that MongoDB applications will request from the authorization endpoint used for OIDC IdPs.
    responseSignatureAlgorithm String
    Signature algorithm that Federated Authentication uses to encrypt the identity provider signature. Valid values include SHA-1 and SHA-256.
    ssoDebugEnabled Boolean
    Flag that indicates whether the identity provider has SSO debug enabled.
    ssoUrl String
    Unique string that identifies the intended audience of the SAML assertion.
    status String
    String enum that indicates whether the identity provider is active or not. Accepted values are ACTIVE or INACTIVE.
    userClaim String
    Identifier of the claim which contains the user ID in the token used for OIDC IdPs. userClaim is required for OIDC IdP with authorizationType GROUP and USER.

    Import

    Identity Provider must be imported before using federation_settings_id-idp_id, e.g.

    $ pulumi import mongodbatlas:index/federatedSettingsIdentityProvider:FederatedSettingsIdentityProvider identity_provider 6287a663c660f52b1c441c6c-0oad4fas87jL5Xnk12971234
    

    For more information see: MongoDB Atlas API Reference.

    To learn more about importing existing cloud resources, see Importing resources.

    Package Details

    Repository
    MongoDB Atlas pulumi/pulumi-mongodbatlas
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the mongodbatlas Terraform Provider.
    mongodbatlas logo
    MongoDB Atlas v3.16.2 published on Friday, Jun 21, 2024 by Pulumi