@pulumi/auth0 3.32.0-alpha.1762406290 → 3.32.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/attackProtection.d.ts +108 -0
- package/attackProtection.js +88 -0
- package/attackProtection.js.map +1 -1
- package/client.d.ts +12 -0
- package/client.js +2 -0
- package/client.js.map +1 -1
- package/connectionScimToken.d.ts +139 -0
- package/connectionScimToken.js +117 -0
- package/connectionScimToken.js.map +1 -0
- package/emailProvider.d.ts +1 -1
- package/emailProvider.js +1 -1
- package/getAttackProtection.d.ts +8 -0
- package/getAttackProtection.js.map +1 -1
- package/getClient.d.ts +4 -0
- package/getClient.js.map +1 -1
- package/index.d.ts +3 -0
- package/index.js +8 -3
- package/index.js.map +1 -1
- package/package.json +2 -2
- package/phoneProvider.d.ts +1 -1
- package/phoneProvider.js +1 -1
- package/types/input.d.ts +128 -0
- package/types/output.d.ts +262 -2
package/attackProtection.d.ts
CHANGED
|
@@ -55,7 +55,91 @@ import * as outputs from "./types/output";
|
|
|
55
55
|
* ],
|
|
56
56
|
* },
|
|
57
57
|
* },
|
|
58
|
+
* botDetection: {
|
|
59
|
+
* botDetectionLevel: "medium",
|
|
60
|
+
* challengePasswordPolicy: "when_risky",
|
|
61
|
+
* challengePasswordlessPolicy: "when_risky",
|
|
62
|
+
* challengePasswordResetPolicy: "always",
|
|
63
|
+
* allowlists: [
|
|
64
|
+
* "192.168.1.0",
|
|
65
|
+
* "10.0.0.0",
|
|
66
|
+
* ],
|
|
67
|
+
* monitoringModeEnabled: true,
|
|
68
|
+
* },
|
|
58
69
|
* });
|
|
70
|
+
* // ============================================================================
|
|
71
|
+
* // CAPTCHA PROVIDER EXAMPLES - One per Provider
|
|
72
|
+
* // ============================================================================
|
|
73
|
+
* const config = new pulumi.Config();
|
|
74
|
+
* // Google reCAPTCHA v2 site key
|
|
75
|
+
* const recaptchaV2SiteKey = config.require("recaptchaV2SiteKey");
|
|
76
|
+
* // Google reCAPTCHA v2 secret key
|
|
77
|
+
* const recaptchaV2Secret = config.require("recaptchaV2Secret");
|
|
78
|
+
* // Example 1: reCAPTCHA v2
|
|
79
|
+
* const captchaRecaptchaV2 = new auth0.AttackProtection("captcha_recaptcha_v2", {captcha: {
|
|
80
|
+
* activeProviderId: "recaptcha_v2",
|
|
81
|
+
* recaptchaV2: {
|
|
82
|
+
* siteKey: recaptchaV2SiteKey,
|
|
83
|
+
* secret: recaptchaV2Secret,
|
|
84
|
+
* },
|
|
85
|
+
* }});
|
|
86
|
+
* // Google reCAPTCHA Enterprise site key
|
|
87
|
+
* const recaptchaEnterpriseSiteKey = config.require("recaptchaEnterpriseSiteKey");
|
|
88
|
+
* // Google reCAPTCHA Enterprise API key
|
|
89
|
+
* const recaptchaEnterpriseApiKey = config.require("recaptchaEnterpriseApiKey");
|
|
90
|
+
* // Google reCAPTCHA Enterprise project ID
|
|
91
|
+
* const recaptchaEnterpriseProjectId = config.require("recaptchaEnterpriseProjectId");
|
|
92
|
+
* // Example 2: reCAPTCHA Enterprise
|
|
93
|
+
* const captchaRecaptchaEnterprise = new auth0.AttackProtection("captcha_recaptcha_enterprise", {captcha: {
|
|
94
|
+
* activeProviderId: "recaptcha_enterprise",
|
|
95
|
+
* recaptchaEnterprise: {
|
|
96
|
+
* siteKey: recaptchaEnterpriseSiteKey,
|
|
97
|
+
* apiKey: recaptchaEnterpriseApiKey,
|
|
98
|
+
* projectId: recaptchaEnterpriseProjectId,
|
|
99
|
+
* },
|
|
100
|
+
* }});
|
|
101
|
+
* // hCaptcha site key
|
|
102
|
+
* const hcaptchaSiteKey = config.require("hcaptchaSiteKey");
|
|
103
|
+
* // hCaptcha secret key
|
|
104
|
+
* const hcaptchaSecret = config.require("hcaptchaSecret");
|
|
105
|
+
* // Example 3: hCaptcha
|
|
106
|
+
* const captchaHcaptcha = new auth0.AttackProtection("captcha_hcaptcha", {captcha: {
|
|
107
|
+
* activeProviderId: "hcaptcha",
|
|
108
|
+
* hcaptcha: {
|
|
109
|
+
* siteKey: hcaptchaSiteKey,
|
|
110
|
+
* secret: hcaptchaSecret,
|
|
111
|
+
* },
|
|
112
|
+
* }});
|
|
113
|
+
* // Friendly Captcha site key
|
|
114
|
+
* const friendlyCaptchaSiteKey = config.require("friendlyCaptchaSiteKey");
|
|
115
|
+
* // Friendly Captcha secret key
|
|
116
|
+
* const friendlyCaptchaSecret = config.require("friendlyCaptchaSecret");
|
|
117
|
+
* // Example 4: Friendly Captcha
|
|
118
|
+
* const captchaFriendlyCaptcha = new auth0.AttackProtection("captcha_friendly_captcha", {captcha: {
|
|
119
|
+
* activeProviderId: "friendly_captcha",
|
|
120
|
+
* friendlyCaptcha: {
|
|
121
|
+
* siteKey: friendlyCaptchaSiteKey,
|
|
122
|
+
* secret: friendlyCaptchaSecret,
|
|
123
|
+
* },
|
|
124
|
+
* }});
|
|
125
|
+
* // Arkose Labs site key
|
|
126
|
+
* const arkoseSiteKey = config.require("arkoseSiteKey");
|
|
127
|
+
* // Arkose Labs secret key
|
|
128
|
+
* const arkoseSecret = config.require("arkoseSecret");
|
|
129
|
+
* // Example 5: Arkose Labs
|
|
130
|
+
* const captchaArkose = new auth0.AttackProtection("captcha_arkose", {captcha: {
|
|
131
|
+
* activeProviderId: "arkose",
|
|
132
|
+
* arkose: {
|
|
133
|
+
* siteKey: arkoseSiteKey,
|
|
134
|
+
* secret: arkoseSecret,
|
|
135
|
+
* clientSubdomain: "client.example.com",
|
|
136
|
+
* verifySubdomain: "verify.example.com",
|
|
137
|
+
* failOpen: false,
|
|
138
|
+
* },
|
|
139
|
+
* }});
|
|
140
|
+
* // ============================================================================
|
|
141
|
+
* // VARIABLES FOR SENSITIVE DATA
|
|
142
|
+
* // ============================================================================
|
|
59
143
|
* ```
|
|
60
144
|
*
|
|
61
145
|
* ## Import
|
|
@@ -88,6 +172,10 @@ export declare class AttackProtection extends pulumi.CustomResource {
|
|
|
88
172
|
* when multiple copies of the Pulumi SDK have been loaded into the same process.
|
|
89
173
|
*/
|
|
90
174
|
static isInstance(obj: any): obj is AttackProtection;
|
|
175
|
+
/**
|
|
176
|
+
* Bot detection configuration to identify and prevent automated threats.
|
|
177
|
+
*/
|
|
178
|
+
readonly botDetection: pulumi.Output<outputs.AttackProtectionBotDetection>;
|
|
91
179
|
/**
|
|
92
180
|
* Breached password detection protects your applications from bad actors logging in with stolen credentials.
|
|
93
181
|
*/
|
|
@@ -96,6 +184,10 @@ export declare class AttackProtection extends pulumi.CustomResource {
|
|
|
96
184
|
* Brute-force protection safeguards against a single IP address attacking a single user account.
|
|
97
185
|
*/
|
|
98
186
|
readonly bruteForceProtection: pulumi.Output<outputs.AttackProtectionBruteForceProtection>;
|
|
187
|
+
/**
|
|
188
|
+
* CAPTCHA configuration for attack protection.
|
|
189
|
+
*/
|
|
190
|
+
readonly captcha: pulumi.Output<outputs.AttackProtectionCaptcha>;
|
|
99
191
|
/**
|
|
100
192
|
* Suspicious IP throttling blocks traffic from any IP address that rapidly attempts too many logins or signups.
|
|
101
193
|
*/
|
|
@@ -113,6 +205,10 @@ export declare class AttackProtection extends pulumi.CustomResource {
|
|
|
113
205
|
* Input properties used for looking up and filtering AttackProtection resources.
|
|
114
206
|
*/
|
|
115
207
|
export interface AttackProtectionState {
|
|
208
|
+
/**
|
|
209
|
+
* Bot detection configuration to identify and prevent automated threats.
|
|
210
|
+
*/
|
|
211
|
+
botDetection?: pulumi.Input<inputs.AttackProtectionBotDetection>;
|
|
116
212
|
/**
|
|
117
213
|
* Breached password detection protects your applications from bad actors logging in with stolen credentials.
|
|
118
214
|
*/
|
|
@@ -121,6 +217,10 @@ export interface AttackProtectionState {
|
|
|
121
217
|
* Brute-force protection safeguards against a single IP address attacking a single user account.
|
|
122
218
|
*/
|
|
123
219
|
bruteForceProtection?: pulumi.Input<inputs.AttackProtectionBruteForceProtection>;
|
|
220
|
+
/**
|
|
221
|
+
* CAPTCHA configuration for attack protection.
|
|
222
|
+
*/
|
|
223
|
+
captcha?: pulumi.Input<inputs.AttackProtectionCaptcha>;
|
|
124
224
|
/**
|
|
125
225
|
* Suspicious IP throttling blocks traffic from any IP address that rapidly attempts too many logins or signups.
|
|
126
226
|
*/
|
|
@@ -130,6 +230,10 @@ export interface AttackProtectionState {
|
|
|
130
230
|
* The set of arguments for constructing a AttackProtection resource.
|
|
131
231
|
*/
|
|
132
232
|
export interface AttackProtectionArgs {
|
|
233
|
+
/**
|
|
234
|
+
* Bot detection configuration to identify and prevent automated threats.
|
|
235
|
+
*/
|
|
236
|
+
botDetection?: pulumi.Input<inputs.AttackProtectionBotDetection>;
|
|
133
237
|
/**
|
|
134
238
|
* Breached password detection protects your applications from bad actors logging in with stolen credentials.
|
|
135
239
|
*/
|
|
@@ -138,6 +242,10 @@ export interface AttackProtectionArgs {
|
|
|
138
242
|
* Brute-force protection safeguards against a single IP address attacking a single user account.
|
|
139
243
|
*/
|
|
140
244
|
bruteForceProtection?: pulumi.Input<inputs.AttackProtectionBruteForceProtection>;
|
|
245
|
+
/**
|
|
246
|
+
* CAPTCHA configuration for attack protection.
|
|
247
|
+
*/
|
|
248
|
+
captcha?: pulumi.Input<inputs.AttackProtectionCaptcha>;
|
|
141
249
|
/**
|
|
142
250
|
* Suspicious IP throttling blocks traffic from any IP address that rapidly attempts too many logins or signups.
|
|
143
251
|
*/
|
package/attackProtection.js
CHANGED
|
@@ -59,7 +59,91 @@ const utilities = require("./utilities");
|
|
|
59
59
|
* ],
|
|
60
60
|
* },
|
|
61
61
|
* },
|
|
62
|
+
* botDetection: {
|
|
63
|
+
* botDetectionLevel: "medium",
|
|
64
|
+
* challengePasswordPolicy: "when_risky",
|
|
65
|
+
* challengePasswordlessPolicy: "when_risky",
|
|
66
|
+
* challengePasswordResetPolicy: "always",
|
|
67
|
+
* allowlists: [
|
|
68
|
+
* "192.168.1.0",
|
|
69
|
+
* "10.0.0.0",
|
|
70
|
+
* ],
|
|
71
|
+
* monitoringModeEnabled: true,
|
|
72
|
+
* },
|
|
62
73
|
* });
|
|
74
|
+
* // ============================================================================
|
|
75
|
+
* // CAPTCHA PROVIDER EXAMPLES - One per Provider
|
|
76
|
+
* // ============================================================================
|
|
77
|
+
* const config = new pulumi.Config();
|
|
78
|
+
* // Google reCAPTCHA v2 site key
|
|
79
|
+
* const recaptchaV2SiteKey = config.require("recaptchaV2SiteKey");
|
|
80
|
+
* // Google reCAPTCHA v2 secret key
|
|
81
|
+
* const recaptchaV2Secret = config.require("recaptchaV2Secret");
|
|
82
|
+
* // Example 1: reCAPTCHA v2
|
|
83
|
+
* const captchaRecaptchaV2 = new auth0.AttackProtection("captcha_recaptcha_v2", {captcha: {
|
|
84
|
+
* activeProviderId: "recaptcha_v2",
|
|
85
|
+
* recaptchaV2: {
|
|
86
|
+
* siteKey: recaptchaV2SiteKey,
|
|
87
|
+
* secret: recaptchaV2Secret,
|
|
88
|
+
* },
|
|
89
|
+
* }});
|
|
90
|
+
* // Google reCAPTCHA Enterprise site key
|
|
91
|
+
* const recaptchaEnterpriseSiteKey = config.require("recaptchaEnterpriseSiteKey");
|
|
92
|
+
* // Google reCAPTCHA Enterprise API key
|
|
93
|
+
* const recaptchaEnterpriseApiKey = config.require("recaptchaEnterpriseApiKey");
|
|
94
|
+
* // Google reCAPTCHA Enterprise project ID
|
|
95
|
+
* const recaptchaEnterpriseProjectId = config.require("recaptchaEnterpriseProjectId");
|
|
96
|
+
* // Example 2: reCAPTCHA Enterprise
|
|
97
|
+
* const captchaRecaptchaEnterprise = new auth0.AttackProtection("captcha_recaptcha_enterprise", {captcha: {
|
|
98
|
+
* activeProviderId: "recaptcha_enterprise",
|
|
99
|
+
* recaptchaEnterprise: {
|
|
100
|
+
* siteKey: recaptchaEnterpriseSiteKey,
|
|
101
|
+
* apiKey: recaptchaEnterpriseApiKey,
|
|
102
|
+
* projectId: recaptchaEnterpriseProjectId,
|
|
103
|
+
* },
|
|
104
|
+
* }});
|
|
105
|
+
* // hCaptcha site key
|
|
106
|
+
* const hcaptchaSiteKey = config.require("hcaptchaSiteKey");
|
|
107
|
+
* // hCaptcha secret key
|
|
108
|
+
* const hcaptchaSecret = config.require("hcaptchaSecret");
|
|
109
|
+
* // Example 3: hCaptcha
|
|
110
|
+
* const captchaHcaptcha = new auth0.AttackProtection("captcha_hcaptcha", {captcha: {
|
|
111
|
+
* activeProviderId: "hcaptcha",
|
|
112
|
+
* hcaptcha: {
|
|
113
|
+
* siteKey: hcaptchaSiteKey,
|
|
114
|
+
* secret: hcaptchaSecret,
|
|
115
|
+
* },
|
|
116
|
+
* }});
|
|
117
|
+
* // Friendly Captcha site key
|
|
118
|
+
* const friendlyCaptchaSiteKey = config.require("friendlyCaptchaSiteKey");
|
|
119
|
+
* // Friendly Captcha secret key
|
|
120
|
+
* const friendlyCaptchaSecret = config.require("friendlyCaptchaSecret");
|
|
121
|
+
* // Example 4: Friendly Captcha
|
|
122
|
+
* const captchaFriendlyCaptcha = new auth0.AttackProtection("captcha_friendly_captcha", {captcha: {
|
|
123
|
+
* activeProviderId: "friendly_captcha",
|
|
124
|
+
* friendlyCaptcha: {
|
|
125
|
+
* siteKey: friendlyCaptchaSiteKey,
|
|
126
|
+
* secret: friendlyCaptchaSecret,
|
|
127
|
+
* },
|
|
128
|
+
* }});
|
|
129
|
+
* // Arkose Labs site key
|
|
130
|
+
* const arkoseSiteKey = config.require("arkoseSiteKey");
|
|
131
|
+
* // Arkose Labs secret key
|
|
132
|
+
* const arkoseSecret = config.require("arkoseSecret");
|
|
133
|
+
* // Example 5: Arkose Labs
|
|
134
|
+
* const captchaArkose = new auth0.AttackProtection("captcha_arkose", {captcha: {
|
|
135
|
+
* activeProviderId: "arkose",
|
|
136
|
+
* arkose: {
|
|
137
|
+
* siteKey: arkoseSiteKey,
|
|
138
|
+
* secret: arkoseSecret,
|
|
139
|
+
* clientSubdomain: "client.example.com",
|
|
140
|
+
* verifySubdomain: "verify.example.com",
|
|
141
|
+
* failOpen: false,
|
|
142
|
+
* },
|
|
143
|
+
* }});
|
|
144
|
+
* // ============================================================================
|
|
145
|
+
* // VARIABLES FOR SENSITIVE DATA
|
|
146
|
+
* // ============================================================================
|
|
63
147
|
* ```
|
|
64
148
|
*
|
|
65
149
|
* ## Import
|
|
@@ -104,14 +188,18 @@ class AttackProtection extends pulumi.CustomResource {
|
|
|
104
188
|
opts = opts || {};
|
|
105
189
|
if (opts.id) {
|
|
106
190
|
const state = argsOrState;
|
|
191
|
+
resourceInputs["botDetection"] = state?.botDetection;
|
|
107
192
|
resourceInputs["breachedPasswordDetection"] = state?.breachedPasswordDetection;
|
|
108
193
|
resourceInputs["bruteForceProtection"] = state?.bruteForceProtection;
|
|
194
|
+
resourceInputs["captcha"] = state?.captcha;
|
|
109
195
|
resourceInputs["suspiciousIpThrottling"] = state?.suspiciousIpThrottling;
|
|
110
196
|
}
|
|
111
197
|
else {
|
|
112
198
|
const args = argsOrState;
|
|
199
|
+
resourceInputs["botDetection"] = args?.botDetection;
|
|
113
200
|
resourceInputs["breachedPasswordDetection"] = args?.breachedPasswordDetection;
|
|
114
201
|
resourceInputs["bruteForceProtection"] = args?.bruteForceProtection;
|
|
202
|
+
resourceInputs["captcha"] = args?.captcha;
|
|
115
203
|
resourceInputs["suspiciousIpThrottling"] = args?.suspiciousIpThrottling;
|
|
116
204
|
}
|
|
117
205
|
opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts);
|
package/attackProtection.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"attackProtection.js","sourceRoot":"","sources":["../attackProtection.ts"],"names":[],"mappings":";AAAA,sEAAsE;AACtE,iFAAiF;;;AAEjF,yCAAyC;AAGzC,yCAAyC;AAEzC
|
|
1
|
+
{"version":3,"file":"attackProtection.js","sourceRoot":"","sources":["../attackProtection.ts"],"names":[],"mappings":";AAAA,sEAAsE;AACtE,iFAAiF;;;AAEjF,yCAAyC;AAGzC,yCAAyC;AAEzC;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA0JG;AACH,MAAa,gBAAiB,SAAQ,MAAM,CAAC,cAAc;IACvD;;;;;;;;OAQG;IACI,MAAM,CAAC,GAAG,CAAC,IAAY,EAAE,EAA2B,EAAE,KAA6B,EAAE,IAAmC;QAC3H,OAAO,IAAI,gBAAgB,CAAC,IAAI,EAAO,KAAK,EAAE,EAAE,GAAG,IAAI,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;IACvE,CAAC;IAKD;;;OAGG;IACI,MAAM,CAAC,UAAU,CAAC,GAAQ;QAC7B,IAAI,GAAG,KAAK,SAAS,IAAI,GAAG,KAAK,IAAI,EAAE;YACnC,OAAO,KAAK,CAAC;SAChB;QACD,OAAO,GAAG,CAAC,cAAc,CAAC,KAAK,gBAAgB,CAAC,YAAY,CAAC;IACjE,CAAC;IA+BD,YAAY,IAAY,EAAE,WAA0D,EAAE,IAAmC;QACrH,IAAI,cAAc,GAAkB,EAAE,CAAC;QACvC,IAAI,GAAG,IAAI,IAAI,EAAE,CAAC;QAClB,IAAI,IAAI,CAAC,EAAE,EAAE;YACT,MAAM,KAAK,GAAG,WAAgD,CAAC;YAC/D,cAAc,CAAC,cAAc,CAAC,GAAG,KAAK,EAAE,YAAY,CAAC;YACrD,cAAc,CAAC,2BAA2B,CAAC,GAAG,KAAK,EAAE,yBAAyB,CAAC;YAC/E,cAAc,CAAC,sBAAsB,CAAC,GAAG,KAAK,EAAE,oBAAoB,CAAC;YACrE,cAAc,CAAC,SAAS,CAAC,GAAG,KAAK,EAAE,OAAO,CAAC;YAC3C,cAAc,CAAC,wBAAwB,CAAC,GAAG,KAAK,EAAE,sBAAsB,CAAC;SAC5E;aAAM;YACH,MAAM,IAAI,GAAG,WAA+C,CAAC;YAC7D,cAAc,CAAC,cAAc,CAAC,GAAG,IAAI,EAAE,YAAY,CAAC;YACpD,cAAc,CAAC,2BAA2B,CAAC,GAAG,IAAI,EAAE,yBAAyB,CAAC;YAC9E,cAAc,CAAC,sBAAsB,CAAC,GAAG,IAAI,EAAE,oBAAoB,CAAC;YACpE,cAAc,CAAC,SAAS,CAAC,GAAG,IAAI,EAAE,OAAO,CAAC;YAC1C,cAAc,CAAC,wBAAwB,CAAC,GAAG,IAAI,EAAE,sBAAsB,CAAC;SAC3E;QACD,IAAI,GAAG,MAAM,CAAC,YAAY,CAAC,SAAS,CAAC,oBAAoB,EAAE,EAAE,IAAI,CAAC,CAAC;QACnE,KAAK,CAAC,gBAAgB,CAAC,YAAY,EAAE,IAAI,EAAE,cAAc,EAAE,IAAI,CAAC,CAAC;IACrE,CAAC;;AA7EL,4CA8EC;AAhEG,gBAAgB;AACO,6BAAY,GAAG,+CAA+C,CAAC"}
|
package/client.d.ts
CHANGED
|
@@ -50,6 +50,10 @@ export declare class Client extends pulumi.CustomResource {
|
|
|
50
50
|
* Type of application the client represents. Possible values are: `native`, `spa`, `regularWeb`, `nonInteractive`, `resourceServer`,`ssoIntegration`. Specific SSO integrations types accepted as well are: `rms`, `box`, `cloudbees`, `concur`, `dropbox`, `mscrm`, `echosign`, `egnyte`, `newrelic`, `office365`, `salesforce`, `sentry`, `sharepoint`, `slack`, `springcm`, `zendesk`, `zoom`.
|
|
51
51
|
*/
|
|
52
52
|
readonly appType: pulumi.Output<string | undefined>;
|
|
53
|
+
/**
|
|
54
|
+
* List of notification channels enabled for CIBA (Client-Initiated Backchannel Authentication) requests initiated by this client. Valid values are `guardian-push` and `email`. The order is significant as this is the order in which notification channels will be evaluated. Defaults to `["guardian-push"]` if not specified.
|
|
55
|
+
*/
|
|
56
|
+
readonly asyncApprovalNotificationChannels: pulumi.Output<string[]>;
|
|
53
57
|
/**
|
|
54
58
|
* URLs that Auth0 may call back to after a user authenticates for the client. Make sure to specify the protocol (https://) otherwise the callback may fail in some cases. With the exception of custom URI schemes for native clients, all callbacks should use protocol https://.
|
|
55
59
|
*/
|
|
@@ -248,6 +252,10 @@ export interface ClientState {
|
|
|
248
252
|
* Type of application the client represents. Possible values are: `native`, `spa`, `regularWeb`, `nonInteractive`, `resourceServer`,`ssoIntegration`. Specific SSO integrations types accepted as well are: `rms`, `box`, `cloudbees`, `concur`, `dropbox`, `mscrm`, `echosign`, `egnyte`, `newrelic`, `office365`, `salesforce`, `sentry`, `sharepoint`, `slack`, `springcm`, `zendesk`, `zoom`.
|
|
249
253
|
*/
|
|
250
254
|
appType?: pulumi.Input<string>;
|
|
255
|
+
/**
|
|
256
|
+
* List of notification channels enabled for CIBA (Client-Initiated Backchannel Authentication) requests initiated by this client. Valid values are `guardian-push` and `email`. The order is significant as this is the order in which notification channels will be evaluated. Defaults to `["guardian-push"]` if not specified.
|
|
257
|
+
*/
|
|
258
|
+
asyncApprovalNotificationChannels?: pulumi.Input<pulumi.Input<string>[]>;
|
|
251
259
|
/**
|
|
252
260
|
* URLs that Auth0 may call back to after a user authenticates for the client. Make sure to specify the protocol (https://) otherwise the callback may fail in some cases. With the exception of custom URI schemes for native clients, all callbacks should use protocol https://.
|
|
253
261
|
*/
|
|
@@ -438,6 +446,10 @@ export interface ClientArgs {
|
|
|
438
446
|
* Type of application the client represents. Possible values are: `native`, `spa`, `regularWeb`, `nonInteractive`, `resourceServer`,`ssoIntegration`. Specific SSO integrations types accepted as well are: `rms`, `box`, `cloudbees`, `concur`, `dropbox`, `mscrm`, `echosign`, `egnyte`, `newrelic`, `office365`, `salesforce`, `sentry`, `sharepoint`, `slack`, `springcm`, `zendesk`, `zoom`.
|
|
439
447
|
*/
|
|
440
448
|
appType?: pulumi.Input<string>;
|
|
449
|
+
/**
|
|
450
|
+
* List of notification channels enabled for CIBA (Client-Initiated Backchannel Authentication) requests initiated by this client. Valid values are `guardian-push` and `email`. The order is significant as this is the order in which notification channels will be evaluated. Defaults to `["guardian-push"]` if not specified.
|
|
451
|
+
*/
|
|
452
|
+
asyncApprovalNotificationChannels?: pulumi.Input<pulumi.Input<string>[]>;
|
|
441
453
|
/**
|
|
442
454
|
* URLs that Auth0 may call back to after a user authenticates for the client. Make sure to specify the protocol (https://) otherwise the callback may fail in some cases. With the exception of custom URI schemes for native clients, all callbacks should use protocol https://.
|
|
443
455
|
*/
|
package/client.js
CHANGED
|
@@ -51,6 +51,7 @@ class Client extends pulumi.CustomResource {
|
|
|
51
51
|
resourceInputs["allowedLogoutUrls"] = state?.allowedLogoutUrls;
|
|
52
52
|
resourceInputs["allowedOrigins"] = state?.allowedOrigins;
|
|
53
53
|
resourceInputs["appType"] = state?.appType;
|
|
54
|
+
resourceInputs["asyncApprovalNotificationChannels"] = state?.asyncApprovalNotificationChannels;
|
|
54
55
|
resourceInputs["callbacks"] = state?.callbacks;
|
|
55
56
|
resourceInputs["clientAliases"] = state?.clientAliases;
|
|
56
57
|
resourceInputs["clientId"] = state?.clientId;
|
|
@@ -99,6 +100,7 @@ class Client extends pulumi.CustomResource {
|
|
|
99
100
|
resourceInputs["allowedLogoutUrls"] = args?.allowedLogoutUrls;
|
|
100
101
|
resourceInputs["allowedOrigins"] = args?.allowedOrigins;
|
|
101
102
|
resourceInputs["appType"] = args?.appType;
|
|
103
|
+
resourceInputs["asyncApprovalNotificationChannels"] = args?.asyncApprovalNotificationChannels;
|
|
102
104
|
resourceInputs["callbacks"] = args?.callbacks;
|
|
103
105
|
resourceInputs["clientAliases"] = args?.clientAliases;
|
|
104
106
|
resourceInputs["clientMetadata"] = args?.clientMetadata;
|
package/client.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"client.js","sourceRoot":"","sources":["../client.ts"],"names":[],"mappings":";AAAA,sEAAsE;AACtE,iFAAiF;;;AAEjF,yCAAyC;AAGzC,yCAAyC;AAEzC;;;;;;;;;;;;GAYG;AACH,MAAa,MAAO,SAAQ,MAAM,CAAC,cAAc;IAC7C;;;;;;;;OAQG;IACI,MAAM,CAAC,GAAG,CAAC,IAAY,EAAE,EAA2B,EAAE,KAAmB,EAAE,IAAmC;QACjH,OAAO,IAAI,MAAM,CAAC,IAAI,EAAO,KAAK,EAAE,EAAE,GAAG,IAAI,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;IAC7D,CAAC;IAKD;;;OAGG;IACI,MAAM,CAAC,UAAU,CAAC,GAAQ;QAC7B,IAAI,GAAG,KAAK,SAAS,IAAI,GAAG,KAAK,IAAI,EAAE;YACnC,OAAO,KAAK,CAAC;SAChB;QACD,OAAO,GAAG,CAAC,cAAc,CAAC,KAAK,MAAM,CAAC,YAAY,CAAC;IACvD,CAAC;
|
|
1
|
+
{"version":3,"file":"client.js","sourceRoot":"","sources":["../client.ts"],"names":[],"mappings":";AAAA,sEAAsE;AACtE,iFAAiF;;;AAEjF,yCAAyC;AAGzC,yCAAyC;AAEzC;;;;;;;;;;;;GAYG;AACH,MAAa,MAAO,SAAQ,MAAM,CAAC,cAAc;IAC7C;;;;;;;;OAQG;IACI,MAAM,CAAC,GAAG,CAAC,IAAY,EAAE,EAA2B,EAAE,KAAmB,EAAE,IAAmC;QACjH,OAAO,IAAI,MAAM,CAAC,IAAI,EAAO,KAAK,EAAE,EAAE,GAAG,IAAI,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;IAC7D,CAAC;IAKD;;;OAGG;IACI,MAAM,CAAC,UAAU,CAAC,GAAQ;QAC7B,IAAI,GAAG,KAAK,SAAS,IAAI,GAAG,KAAK,IAAI,EAAE;YACnC,OAAO,KAAK,CAAC;SAChB;QACD,OAAO,GAAG,CAAC,cAAc,CAAC,KAAK,MAAM,CAAC,YAAY,CAAC;IACvD,CAAC;IAkMD,YAAY,IAAY,EAAE,WAAsC,EAAE,IAAmC;QACjG,IAAI,cAAc,GAAkB,EAAE,CAAC;QACvC,IAAI,GAAG,IAAI,IAAI,EAAE,CAAC;QAClB,IAAI,IAAI,CAAC,EAAE,EAAE;YACT,MAAM,KAAK,GAAG,WAAsC,CAAC;YACrD,cAAc,CAAC,QAAQ,CAAC,GAAG,KAAK,EAAE,MAAM,CAAC;YACzC,cAAc,CAAC,gBAAgB,CAAC,GAAG,KAAK,EAAE,cAAc,CAAC;YACzD,cAAc,CAAC,mBAAmB,CAAC,GAAG,KAAK,EAAE,iBAAiB,CAAC;YAC/D,cAAc,CAAC,gBAAgB,CAAC,GAAG,KAAK,EAAE,cAAc,CAAC;YACzD,cAAc,CAAC,SAAS,CAAC,GAAG,KAAK,EAAE,OAAO,CAAC;YAC3C,cAAc,CAAC,mCAAmC,CAAC,GAAG,KAAK,EAAE,iCAAiC,CAAC;YAC/F,cAAc,CAAC,WAAW,CAAC,GAAG,KAAK,EAAE,SAAS,CAAC;YAC/C,cAAc,CAAC,eAAe,CAAC,GAAG,KAAK,EAAE,aAAa,CAAC;YACvD,cAAc,CAAC,UAAU,CAAC,GAAG,KAAK,EAAE,QAAQ,CAAC;YAC7C,cAAc,CAAC,gBAAgB,CAAC,GAAG,KAAK,EAAE,cAAc,CAAC;YACzD,cAAc,CAAC,iBAAiB,CAAC,GAAG,KAAK,EAAE,eAAe,CAAC;YAC3D,cAAc,CAAC,iBAAiB,CAAC,GAAG,KAAK,EAAE,eAAe,CAAC;YAC3D,cAAc,CAAC,gBAAgB,CAAC,GAAG,KAAK,EAAE,cAAc,CAAC;YACzD,cAAc,CAAC,iBAAiB,CAAC,GAAG,KAAK,EAAE,eAAe,CAAC;YAC3D,cAAc,CAAC,mBAAmB,CAAC,GAAG,KAAK,EAAE,iBAAiB,CAAC;YAC/D,cAAc,CAAC,qBAAqB,CAAC,GAAG,KAAK,EAAE,mBAAmB,CAAC;YACnE,cAAc,CAAC,aAAa,CAAC,GAAG,KAAK,EAAE,WAAW,CAAC;YACnD,cAAc,CAAC,eAAe,CAAC,GAAG,KAAK,EAAE,aAAa,CAAC;YACvD,cAAc,CAAC,cAAc,CAAC,GAAG,KAAK,EAAE,YAAY,CAAC;YACrD,cAAc,CAAC,YAAY,CAAC,GAAG,KAAK,EAAE,UAAU,CAAC;YACjD,cAAc,CAAC,kBAAkB,CAAC,GAAG,KAAK,EAAE,gBAAgB,CAAC;YAC7D,cAAc,CAAC,cAAc,CAAC,GAAG,KAAK,EAAE,YAAY,CAAC;YACrD,cAAc,CAAC,gCAAgC,CAAC,GAAG,KAAK,EAAE,8BAA8B,CAAC;YACzF,cAAc,CAAC,kBAAkB,CAAC,GAAG,KAAK,EAAE,gBAAgB,CAAC;YAC7D,cAAc,CAAC,SAAS,CAAC,GAAG,KAAK,EAAE,OAAO,CAAC;YAC3C,cAAc,CAAC,QAAQ,CAAC,GAAG,KAAK,EAAE,MAAM,CAAC;YACzC,cAAc,CAAC,MAAM,CAAC,GAAG,KAAK,EAAE,IAAI,CAAC;YACrC,cAAc,CAAC,mBAAmB,CAAC,GAAG,KAAK,EAAE,iBAAiB,CAAC;YAC/D,cAAc,CAAC,2BAA2B,CAAC,GAAG,KAAK,EAAE,yBAAyB,CAAC;YAC/E,cAAc,CAAC,gBAAgB,CAAC,GAAG,KAAK,EAAE,cAAc,CAAC;YACzD,cAAc,CAAC,YAAY,CAAC,GAAG,KAAK,EAAE,UAAU,CAAC;YACjD,cAAc,CAAC,8BAA8B,CAAC,GAAG,KAAK,EAAE,4BAA4B,CAAC;YACrF,cAAc,CAAC,6BAA6B,CAAC,GAAG,KAAK,EAAE,2BAA2B,CAAC;YACnF,cAAc,CAAC,mBAAmB,CAAC,GAAG,KAAK,EAAE,iBAAiB,CAAC;YAC/D,cAAc,CAAC,cAAc,CAAC,GAAG,KAAK,EAAE,YAAY,CAAC;YACrD,cAAc,CAAC,0BAA0B,CAAC,GAAG,KAAK,EAAE,wBAAwB,CAAC;YAC7E,cAAc,CAAC,oCAAoC,CAAC,GAAG,KAAK,EAAE,kCAAkC,CAAC;YACjG,cAAc,CAAC,0BAA0B,CAAC,GAAG,KAAK,EAAE,wBAAwB,CAAC;YAC7E,cAAc,CAAC,iBAAiB,CAAC,GAAG,KAAK,EAAE,eAAe,CAAC;YAC3D,cAAc,CAAC,aAAa,CAAC,GAAG,KAAK,EAAE,WAAW,CAAC;YACnD,cAAc,CAAC,gDAAgD,CAAC,GAAG,KAAK,EAAE,8CAA8C,CAAC;YACzH,cAAc,CAAC,KAAK,CAAC,GAAG,KAAK,EAAE,GAAG,CAAC;YACnC,cAAc,CAAC,aAAa,CAAC,GAAG,KAAK,EAAE,WAAW,CAAC;YACnD,cAAc,CAAC,eAAe,CAAC,GAAG,KAAK,EAAE,aAAa,CAAC;YACvD,cAAc,CAAC,YAAY,CAAC,GAAG,KAAK,EAAE,UAAU,CAAC;YACjD,cAAc,CAAC,YAAY,CAAC,GAAG,KAAK,EAAE,UAAU,CAAC;SACpD;aAAM;YACH,MAAM,IAAI,GAAG,WAAqC,CAAC;YACnD,cAAc,CAAC,QAAQ,CAAC,GAAG,IAAI,EAAE,MAAM,CAAC;YACxC,cAAc,CAAC,gBAAgB,CAAC,GAAG,IAAI,EAAE,cAAc,CAAC;YACxD,cAAc,CAAC,mBAAmB,CAAC,GAAG,IAAI,EAAE,iBAAiB,CAAC;YAC9D,cAAc,CAAC,gBAAgB,CAAC,GAAG,IAAI,EAAE,cAAc,CAAC;YACxD,cAAc,CAAC,SAAS,CAAC,GAAG,IAAI,EAAE,OAAO,CAAC;YAC1C,cAAc,CAAC,mCAAmC,CAAC,GAAG,IAAI,EAAE,iCAAiC,CAAC;YAC9F,cAAc,CAAC,WAAW,CAAC,GAAG,IAAI,EAAE,SAAS,CAAC;YAC9C,cAAc,CAAC,eAAe,CAAC,GAAG,IAAI,EAAE,aAAa,CAAC;YACtD,cAAc,CAAC,gBAAgB,CAAC,GAAG,IAAI,EAAE,cAAc,CAAC;YACxD,cAAc,CAAC,iBAAiB,CAAC,GAAG,IAAI,EAAE,eAAe,CAAC;YAC1D,cAAc,CAAC,iBAAiB,CAAC,GAAG,IAAI,EAAE,eAAe,CAAC;YAC1D,cAAc,CAAC,gBAAgB,CAAC,GAAG,IAAI,EAAE,cAAc,CAAC;YACxD,cAAc,CAAC,iBAAiB,CAAC,GAAG,IAAI,EAAE,eAAe,CAAC;YAC1D,cAAc,CAAC,mBAAmB,CAAC,GAAG,IAAI,EAAE,iBAAiB,CAAC;YAC9D,cAAc,CAAC,qBAAqB,CAAC,GAAG,IAAI,EAAE,mBAAmB,CAAC;YAClE,cAAc,CAAC,aAAa,CAAC,GAAG,CAAC,IAAI,EAAE,WAAW,CAAC,IAAI,mBAAmB,CAAC;YAC3E,cAAc,CAAC,eAAe,CAAC,GAAG,IAAI,EAAE,aAAa,CAAC;YACtD,cAAc,CAAC,cAAc,CAAC,GAAG,IAAI,EAAE,YAAY,CAAC;YACpD,cAAc,CAAC,YAAY,CAAC,GAAG,IAAI,EAAE,UAAU,CAAC;YAChD,cAAc,CAAC,kBAAkB,CAAC,GAAG,IAAI,EAAE,gBAAgB,CAAC;YAC5D,cAAc,CAAC,cAAc,CAAC,GAAG,IAAI,EAAE,YAAY,CAAC;YACpD,cAAc,CAAC,gCAAgC,CAAC,GAAG,IAAI,EAAE,8BAA8B,CAAC;YACxF,cAAc,CAAC,kBAAkB,CAAC,GAAG,IAAI,EAAE,gBAAgB,CAAC;YAC5D,cAAc,CAAC,SAAS,CAAC,GAAG,IAAI,EAAE,OAAO,CAAC;YAC1C,cAAc,CAAC,QAAQ,CAAC,GAAG,IAAI,EAAE,MAAM,CAAC;YACxC,cAAc,CAAC,MAAM,CAAC,GAAG,IAAI,EAAE,IAAI,CAAC;YACpC,cAAc,CAAC,mBAAmB,CAAC,GAAG,IAAI,EAAE,iBAAiB,CAAC;YAC9D,cAAc,CAAC,2BAA2B,CAAC,GAAG,IAAI,EAAE,yBAAyB,CAAC;YAC9E,cAAc,CAAC,gBAAgB,CAAC,GAAG,IAAI,EAAE,cAAc,CAAC;YACxD,cAAc,CAAC,YAAY,CAAC,GAAG,IAAI,EAAE,UAAU,CAAC;YAChD,cAAc,CAAC,8BAA8B,CAAC,GAAG,IAAI,EAAE,4BAA4B,CAAC;YACpF,cAAc,CAAC,6BAA6B,CAAC,GAAG,IAAI,EAAE,2BAA2B,CAAC;YAClF,cAAc,CAAC,mBAAmB,CAAC,GAAG,IAAI,EAAE,iBAAiB,CAAC;YAC9D,cAAc,CAAC,cAAc,CAAC,GAAG,IAAI,EAAE,YAAY,CAAC;YACpD,cAAc,CAAC,0BAA0B,CAAC,GAAG,IAAI,EAAE,wBAAwB,CAAC;YAC5E,cAAc,CAAC,oCAAoC,CAAC,GAAG,IAAI,EAAE,kCAAkC,CAAC;YAChG,cAAc,CAAC,0BAA0B,CAAC,GAAG,IAAI,EAAE,wBAAwB,CAAC;YAC5E,cAAc,CAAC,iBAAiB,CAAC,GAAG,IAAI,EAAE,eAAe,CAAC;YAC1D,cAAc,CAAC,gDAAgD,CAAC,GAAG,IAAI,EAAE,8CAA8C,CAAC;YACxH,cAAc,CAAC,KAAK,CAAC,GAAG,IAAI,EAAE,GAAG,CAAC;YAClC,cAAc,CAAC,aAAa,CAAC,GAAG,IAAI,EAAE,WAAW,CAAC;YAClD,cAAc,CAAC,eAAe,CAAC,GAAG,IAAI,EAAE,aAAa,CAAC;YACtD,cAAc,CAAC,YAAY,CAAC,GAAG,IAAI,EAAE,UAAU,CAAC;YAChD,cAAc,CAAC,YAAY,CAAC,GAAG,IAAI,EAAE,UAAU,CAAC;YAChD,cAAc,CAAC,UAAU,CAAC,GAAG,SAAS,CAAC,OAAO,CAAC;YAC/C,cAAc,CAAC,aAAa,CAAC,GAAG,SAAS,CAAC,OAAO,CAAC;SACrD;QACD,IAAI,GAAG,MAAM,CAAC,YAAY,CAAC,SAAS,CAAC,oBAAoB,EAAE,EAAE,IAAI,CAAC,CAAC;QACnE,MAAM,UAAU,GAAG,EAAE,uBAAuB,EAAE,CAAC,aAAa,CAAC,EAAE,CAAC;QAChE,IAAI,GAAG,MAAM,CAAC,YAAY,CAAC,IAAI,EAAE,UAAU,CAAC,CAAC;QAC7C,KAAK,CAAC,MAAM,CAAC,YAAY,EAAE,IAAI,EAAE,cAAc,EAAE,IAAI,CAAC,CAAC;IAC3D,CAAC;;AApUL,wBAqUC;AAvTG,gBAAgB;AACO,mBAAY,GAAG,2BAA2B,CAAC"}
|
|
@@ -0,0 +1,139 @@
|
|
|
1
|
+
import * as pulumi from "@pulumi/pulumi";
|
|
2
|
+
/**
|
|
3
|
+
* With this resource, you can create and manage SCIM bearer tokens for a connection. This resource only works with enterprise connections
|
|
4
|
+
*
|
|
5
|
+
* ## Example Usage
|
|
6
|
+
*
|
|
7
|
+
* ```typescript
|
|
8
|
+
* import * as pulumi from "@pulumi/pulumi";
|
|
9
|
+
* import * as auth0 from "@pulumi/auth0";
|
|
10
|
+
*
|
|
11
|
+
* const azureAd = new auth0.Connection("azure_ad", {
|
|
12
|
+
* name: "Acceptance-Test-Azure-AD",
|
|
13
|
+
* strategy: "waad",
|
|
14
|
+
* showAsButton: true,
|
|
15
|
+
* options: {
|
|
16
|
+
* identityApi: "microsoft-identity-platform-v2.0",
|
|
17
|
+
* clientId: "123456",
|
|
18
|
+
* clientSecret: "123456",
|
|
19
|
+
* strategyVersion: 2,
|
|
20
|
+
* tenantDomain: "example.onmicrosoft.com",
|
|
21
|
+
* domain: "example.onmicrosoft.com",
|
|
22
|
+
* domainAliases: [
|
|
23
|
+
* "example.com",
|
|
24
|
+
* "api.example.com",
|
|
25
|
+
* ],
|
|
26
|
+
* useWsfed: false,
|
|
27
|
+
* waadProtocol: "openid-connect",
|
|
28
|
+
* waadCommonEndpoint: false,
|
|
29
|
+
* userIdAttribute: "oid",
|
|
30
|
+
* apiEnableUsers: true,
|
|
31
|
+
* scopes: [
|
|
32
|
+
* "basic_profile",
|
|
33
|
+
* "ext_groups",
|
|
34
|
+
* "ext_profile",
|
|
35
|
+
* ],
|
|
36
|
+
* setUserRootAttributes: "on_each_login",
|
|
37
|
+
* shouldTrustEmailVerifiedConnection: "never_set_emails_as_verified",
|
|
38
|
+
* upstreamParams: JSON.stringify({
|
|
39
|
+
* screen_name: {
|
|
40
|
+
* alias: "login_hint",
|
|
41
|
+
* },
|
|
42
|
+
* }),
|
|
43
|
+
* },
|
|
44
|
+
* });
|
|
45
|
+
* const myScimConfig = new auth0.ConnectionScimConfiguration("my_scim_config", {connectionId: azureAd.id});
|
|
46
|
+
* const myScimToken = new auth0.ConnectionScimToken("my_scim_token", {
|
|
47
|
+
* connectionId: azureAd.id,
|
|
48
|
+
* scopes: [
|
|
49
|
+
* "post:users",
|
|
50
|
+
* "get:users",
|
|
51
|
+
* ],
|
|
52
|
+
* }, {
|
|
53
|
+
* dependsOn: [myScimConfig],
|
|
54
|
+
* });
|
|
55
|
+
* ```
|
|
56
|
+
*/
|
|
57
|
+
export declare class ConnectionScimToken extends pulumi.CustomResource {
|
|
58
|
+
/**
|
|
59
|
+
* Get an existing ConnectionScimToken resource's state with the given name, ID, and optional extra
|
|
60
|
+
* properties used to qualify the lookup.
|
|
61
|
+
*
|
|
62
|
+
* @param name The _unique_ name of the resulting resource.
|
|
63
|
+
* @param id The _unique_ provider ID of the resource to lookup.
|
|
64
|
+
* @param state Any extra arguments used during the lookup.
|
|
65
|
+
* @param opts Optional settings to control the behavior of the CustomResource.
|
|
66
|
+
*/
|
|
67
|
+
static get(name: string, id: pulumi.Input<pulumi.ID>, state?: ConnectionScimTokenState, opts?: pulumi.CustomResourceOptions): ConnectionScimToken;
|
|
68
|
+
/**
|
|
69
|
+
* Returns true if the given object is an instance of ConnectionScimToken. This is designed to work even
|
|
70
|
+
* when multiple copies of the Pulumi SDK have been loaded into the same process.
|
|
71
|
+
*/
|
|
72
|
+
static isInstance(obj: any): obj is ConnectionScimToken;
|
|
73
|
+
/**
|
|
74
|
+
* ID of the connection for this SCIM token.
|
|
75
|
+
*/
|
|
76
|
+
readonly connectionId: pulumi.Output<string>;
|
|
77
|
+
/**
|
|
78
|
+
* The date and time when the token was created (ISO8601 format).
|
|
79
|
+
*/
|
|
80
|
+
readonly createdAt: pulumi.Output<string>;
|
|
81
|
+
/**
|
|
82
|
+
* The scopes associated with the SCIM token.
|
|
83
|
+
*/
|
|
84
|
+
readonly scopes: pulumi.Output<string[] | undefined>;
|
|
85
|
+
/**
|
|
86
|
+
* The SCIM bearer token value.
|
|
87
|
+
*/
|
|
88
|
+
readonly token: pulumi.Output<string>;
|
|
89
|
+
/**
|
|
90
|
+
* The ID of the SCIM token.
|
|
91
|
+
*/
|
|
92
|
+
readonly tokenId: pulumi.Output<string>;
|
|
93
|
+
/**
|
|
94
|
+
* Create a ConnectionScimToken resource with the given unique name, arguments, and options.
|
|
95
|
+
*
|
|
96
|
+
* @param name The _unique_ name of the resource.
|
|
97
|
+
* @param args The arguments to use to populate this resource's properties.
|
|
98
|
+
* @param opts A bag of options that control this resource's behavior.
|
|
99
|
+
*/
|
|
100
|
+
constructor(name: string, args: ConnectionScimTokenArgs, opts?: pulumi.CustomResourceOptions);
|
|
101
|
+
}
|
|
102
|
+
/**
|
|
103
|
+
* Input properties used for looking up and filtering ConnectionScimToken resources.
|
|
104
|
+
*/
|
|
105
|
+
export interface ConnectionScimTokenState {
|
|
106
|
+
/**
|
|
107
|
+
* ID of the connection for this SCIM token.
|
|
108
|
+
*/
|
|
109
|
+
connectionId?: pulumi.Input<string>;
|
|
110
|
+
/**
|
|
111
|
+
* The date and time when the token was created (ISO8601 format).
|
|
112
|
+
*/
|
|
113
|
+
createdAt?: pulumi.Input<string>;
|
|
114
|
+
/**
|
|
115
|
+
* The scopes associated with the SCIM token.
|
|
116
|
+
*/
|
|
117
|
+
scopes?: pulumi.Input<pulumi.Input<string>[]>;
|
|
118
|
+
/**
|
|
119
|
+
* The SCIM bearer token value.
|
|
120
|
+
*/
|
|
121
|
+
token?: pulumi.Input<string>;
|
|
122
|
+
/**
|
|
123
|
+
* The ID of the SCIM token.
|
|
124
|
+
*/
|
|
125
|
+
tokenId?: pulumi.Input<string>;
|
|
126
|
+
}
|
|
127
|
+
/**
|
|
128
|
+
* The set of arguments for constructing a ConnectionScimToken resource.
|
|
129
|
+
*/
|
|
130
|
+
export interface ConnectionScimTokenArgs {
|
|
131
|
+
/**
|
|
132
|
+
* ID of the connection for this SCIM token.
|
|
133
|
+
*/
|
|
134
|
+
connectionId: pulumi.Input<string>;
|
|
135
|
+
/**
|
|
136
|
+
* The scopes associated with the SCIM token.
|
|
137
|
+
*/
|
|
138
|
+
scopes?: pulumi.Input<pulumi.Input<string>[]>;
|
|
139
|
+
}
|
|
@@ -0,0 +1,117 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
// *** WARNING: this file was generated by pulumi-language-nodejs. ***
|
|
3
|
+
// *** Do not edit by hand unless you're certain you know what you are doing! ***
|
|
4
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
5
|
+
exports.ConnectionScimToken = void 0;
|
|
6
|
+
const pulumi = require("@pulumi/pulumi");
|
|
7
|
+
const utilities = require("./utilities");
|
|
8
|
+
/**
|
|
9
|
+
* With this resource, you can create and manage SCIM bearer tokens for a connection. This resource only works with enterprise connections
|
|
10
|
+
*
|
|
11
|
+
* ## Example Usage
|
|
12
|
+
*
|
|
13
|
+
* ```typescript
|
|
14
|
+
* import * as pulumi from "@pulumi/pulumi";
|
|
15
|
+
* import * as auth0 from "@pulumi/auth0";
|
|
16
|
+
*
|
|
17
|
+
* const azureAd = new auth0.Connection("azure_ad", {
|
|
18
|
+
* name: "Acceptance-Test-Azure-AD",
|
|
19
|
+
* strategy: "waad",
|
|
20
|
+
* showAsButton: true,
|
|
21
|
+
* options: {
|
|
22
|
+
* identityApi: "microsoft-identity-platform-v2.0",
|
|
23
|
+
* clientId: "123456",
|
|
24
|
+
* clientSecret: "123456",
|
|
25
|
+
* strategyVersion: 2,
|
|
26
|
+
* tenantDomain: "example.onmicrosoft.com",
|
|
27
|
+
* domain: "example.onmicrosoft.com",
|
|
28
|
+
* domainAliases: [
|
|
29
|
+
* "example.com",
|
|
30
|
+
* "api.example.com",
|
|
31
|
+
* ],
|
|
32
|
+
* useWsfed: false,
|
|
33
|
+
* waadProtocol: "openid-connect",
|
|
34
|
+
* waadCommonEndpoint: false,
|
|
35
|
+
* userIdAttribute: "oid",
|
|
36
|
+
* apiEnableUsers: true,
|
|
37
|
+
* scopes: [
|
|
38
|
+
* "basic_profile",
|
|
39
|
+
* "ext_groups",
|
|
40
|
+
* "ext_profile",
|
|
41
|
+
* ],
|
|
42
|
+
* setUserRootAttributes: "on_each_login",
|
|
43
|
+
* shouldTrustEmailVerifiedConnection: "never_set_emails_as_verified",
|
|
44
|
+
* upstreamParams: JSON.stringify({
|
|
45
|
+
* screen_name: {
|
|
46
|
+
* alias: "login_hint",
|
|
47
|
+
* },
|
|
48
|
+
* }),
|
|
49
|
+
* },
|
|
50
|
+
* });
|
|
51
|
+
* const myScimConfig = new auth0.ConnectionScimConfiguration("my_scim_config", {connectionId: azureAd.id});
|
|
52
|
+
* const myScimToken = new auth0.ConnectionScimToken("my_scim_token", {
|
|
53
|
+
* connectionId: azureAd.id,
|
|
54
|
+
* scopes: [
|
|
55
|
+
* "post:users",
|
|
56
|
+
* "get:users",
|
|
57
|
+
* ],
|
|
58
|
+
* }, {
|
|
59
|
+
* dependsOn: [myScimConfig],
|
|
60
|
+
* });
|
|
61
|
+
* ```
|
|
62
|
+
*/
|
|
63
|
+
class ConnectionScimToken extends pulumi.CustomResource {
|
|
64
|
+
/**
|
|
65
|
+
* Get an existing ConnectionScimToken resource's state with the given name, ID, and optional extra
|
|
66
|
+
* properties used to qualify the lookup.
|
|
67
|
+
*
|
|
68
|
+
* @param name The _unique_ name of the resulting resource.
|
|
69
|
+
* @param id The _unique_ provider ID of the resource to lookup.
|
|
70
|
+
* @param state Any extra arguments used during the lookup.
|
|
71
|
+
* @param opts Optional settings to control the behavior of the CustomResource.
|
|
72
|
+
*/
|
|
73
|
+
static get(name, id, state, opts) {
|
|
74
|
+
return new ConnectionScimToken(name, state, { ...opts, id: id });
|
|
75
|
+
}
|
|
76
|
+
/**
|
|
77
|
+
* Returns true if the given object is an instance of ConnectionScimToken. This is designed to work even
|
|
78
|
+
* when multiple copies of the Pulumi SDK have been loaded into the same process.
|
|
79
|
+
*/
|
|
80
|
+
static isInstance(obj) {
|
|
81
|
+
if (obj === undefined || obj === null) {
|
|
82
|
+
return false;
|
|
83
|
+
}
|
|
84
|
+
return obj['__pulumiType'] === ConnectionScimToken.__pulumiType;
|
|
85
|
+
}
|
|
86
|
+
constructor(name, argsOrState, opts) {
|
|
87
|
+
let resourceInputs = {};
|
|
88
|
+
opts = opts || {};
|
|
89
|
+
if (opts.id) {
|
|
90
|
+
const state = argsOrState;
|
|
91
|
+
resourceInputs["connectionId"] = state?.connectionId;
|
|
92
|
+
resourceInputs["createdAt"] = state?.createdAt;
|
|
93
|
+
resourceInputs["scopes"] = state?.scopes;
|
|
94
|
+
resourceInputs["token"] = state?.token;
|
|
95
|
+
resourceInputs["tokenId"] = state?.tokenId;
|
|
96
|
+
}
|
|
97
|
+
else {
|
|
98
|
+
const args = argsOrState;
|
|
99
|
+
if (args?.connectionId === undefined && !opts.urn) {
|
|
100
|
+
throw new Error("Missing required property 'connectionId'");
|
|
101
|
+
}
|
|
102
|
+
resourceInputs["connectionId"] = args?.connectionId;
|
|
103
|
+
resourceInputs["scopes"] = args?.scopes;
|
|
104
|
+
resourceInputs["createdAt"] = undefined /*out*/;
|
|
105
|
+
resourceInputs["token"] = undefined /*out*/;
|
|
106
|
+
resourceInputs["tokenId"] = undefined /*out*/;
|
|
107
|
+
}
|
|
108
|
+
opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts);
|
|
109
|
+
const secretOpts = { additionalSecretOutputs: ["token"] };
|
|
110
|
+
opts = pulumi.mergeOptions(opts, secretOpts);
|
|
111
|
+
super(ConnectionScimToken.__pulumiType, name, resourceInputs, opts);
|
|
112
|
+
}
|
|
113
|
+
}
|
|
114
|
+
exports.ConnectionScimToken = ConnectionScimToken;
|
|
115
|
+
/** @internal */
|
|
116
|
+
ConnectionScimToken.__pulumiType = 'auth0:index/connectionScimToken:ConnectionScimToken';
|
|
117
|
+
//# sourceMappingURL=connectionScimToken.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"connectionScimToken.js","sourceRoot":"","sources":["../connectionScimToken.ts"],"names":[],"mappings":";AAAA,sEAAsE;AACtE,iFAAiF;;;AAEjF,yCAAyC;AACzC,yCAAyC;AAEzC;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAsDG;AACH,MAAa,mBAAoB,SAAQ,MAAM,CAAC,cAAc;IAC1D;;;;;;;;OAQG;IACI,MAAM,CAAC,GAAG,CAAC,IAAY,EAAE,EAA2B,EAAE,KAAgC,EAAE,IAAmC;QAC9H,OAAO,IAAI,mBAAmB,CAAC,IAAI,EAAO,KAAK,EAAE,EAAE,GAAG,IAAI,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;IAC1E,CAAC;IAKD;;;OAGG;IACI,MAAM,CAAC,UAAU,CAAC,GAAQ;QAC7B,IAAI,GAAG,KAAK,SAAS,IAAI,GAAG,KAAK,IAAI,EAAE;YACnC,OAAO,KAAK,CAAC;SAChB;QACD,OAAO,GAAG,CAAC,cAAc,CAAC,KAAK,mBAAmB,CAAC,YAAY,CAAC;IACpE,CAAC;IA+BD,YAAY,IAAY,EAAE,WAAgE,EAAE,IAAmC;QAC3H,IAAI,cAAc,GAAkB,EAAE,CAAC;QACvC,IAAI,GAAG,IAAI,IAAI,EAAE,CAAC;QAClB,IAAI,IAAI,CAAC,EAAE,EAAE;YACT,MAAM,KAAK,GAAG,WAAmD,CAAC;YAClE,cAAc,CAAC,cAAc,CAAC,GAAG,KAAK,EAAE,YAAY,CAAC;YACrD,cAAc,CAAC,WAAW,CAAC,GAAG,KAAK,EAAE,SAAS,CAAC;YAC/C,cAAc,CAAC,QAAQ,CAAC,GAAG,KAAK,EAAE,MAAM,CAAC;YACzC,cAAc,CAAC,OAAO,CAAC,GAAG,KAAK,EAAE,KAAK,CAAC;YACvC,cAAc,CAAC,SAAS,CAAC,GAAG,KAAK,EAAE,OAAO,CAAC;SAC9C;aAAM;YACH,MAAM,IAAI,GAAG,WAAkD,CAAC;YAChE,IAAI,IAAI,EAAE,YAAY,KAAK,SAAS,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBAC/C,MAAM,IAAI,KAAK,CAAC,0CAA0C,CAAC,CAAC;aAC/D;YACD,cAAc,CAAC,cAAc,CAAC,GAAG,IAAI,EAAE,YAAY,CAAC;YACpD,cAAc,CAAC,QAAQ,CAAC,GAAG,IAAI,EAAE,MAAM,CAAC;YACxC,cAAc,CAAC,WAAW,CAAC,GAAG,SAAS,CAAC,OAAO,CAAC;YAChD,cAAc,CAAC,OAAO,CAAC,GAAG,SAAS,CAAC,OAAO,CAAC;YAC5C,cAAc,CAAC,SAAS,CAAC,GAAG,SAAS,CAAC,OAAO,CAAC;SACjD;QACD,IAAI,GAAG,MAAM,CAAC,YAAY,CAAC,SAAS,CAAC,oBAAoB,EAAE,EAAE,IAAI,CAAC,CAAC;QACnE,MAAM,UAAU,GAAG,EAAE,uBAAuB,EAAE,CAAC,OAAO,CAAC,EAAE,CAAC;QAC1D,IAAI,GAAG,MAAM,CAAC,YAAY,CAAC,IAAI,EAAE,UAAU,CAAC,CAAC;QAC7C,KAAK,CAAC,mBAAmB,CAAC,YAAY,EAAE,IAAI,EAAE,cAAc,EAAE,IAAI,CAAC,CAAC;IACxE,CAAC;;AAlFL,kDAmFC;AArEG,gBAAgB;AACO,gCAAY,GAAG,qDAAqD,CAAC"}
|
package/emailProvider.d.ts
CHANGED
|
@@ -71,7 +71,7 @@ import * as outputs from "./types/output";
|
|
|
71
71
|
* // The action with custom-email-provider as supported_triggers is a prerequisite.
|
|
72
72
|
* const customEmailProviderAction = new auth0.Action("custom_email_provider_action", {
|
|
73
73
|
* name: "custom-email-provider-action",
|
|
74
|
-
* runtime: "
|
|
74
|
+
* runtime: "node22",
|
|
75
75
|
* deploy: true,
|
|
76
76
|
* code: `/**
|
|
77
77
|
* * Handler to be executed while sending an email notification.
|
package/emailProvider.js
CHANGED
|
@@ -75,7 +75,7 @@ const utilities = require("./utilities");
|
|
|
75
75
|
* // The action with custom-email-provider as supported_triggers is a prerequisite.
|
|
76
76
|
* const customEmailProviderAction = new auth0.Action("custom_email_provider_action", {
|
|
77
77
|
* name: "custom-email-provider-action",
|
|
78
|
-
* runtime: "
|
|
78
|
+
* runtime: "node22",
|
|
79
79
|
* deploy: true,
|
|
80
80
|
* code: `/**
|
|
81
81
|
* * Handler to be executed while sending an email notification.
|
package/getAttackProtection.d.ts
CHANGED
|
@@ -17,6 +17,10 @@ export declare function getAttackProtection(opts?: pulumi.InvokeOptions): Promis
|
|
|
17
17
|
* A collection of values returned by getAttackProtection.
|
|
18
18
|
*/
|
|
19
19
|
export interface GetAttackProtectionResult {
|
|
20
|
+
/**
|
|
21
|
+
* Bot detection configuration to identify and prevent automated threats.
|
|
22
|
+
*/
|
|
23
|
+
readonly botDetections: outputs.GetAttackProtectionBotDetection[];
|
|
20
24
|
/**
|
|
21
25
|
* Breached password detection protects your applications from bad actors logging in with stolen credentials.
|
|
22
26
|
*/
|
|
@@ -25,6 +29,10 @@ export interface GetAttackProtectionResult {
|
|
|
25
29
|
* Brute-force protection safeguards against a single IP address attacking a single user account.
|
|
26
30
|
*/
|
|
27
31
|
readonly bruteForceProtections: outputs.GetAttackProtectionBruteForceProtection[];
|
|
32
|
+
/**
|
|
33
|
+
* CAPTCHA configuration for attack protection.
|
|
34
|
+
*/
|
|
35
|
+
readonly captchas: outputs.GetAttackProtectionCaptcha[];
|
|
28
36
|
/**
|
|
29
37
|
* The provider-assigned unique ID for this managed resource.
|
|
30
38
|
*/
|