platform 2.2.2, Apr 3 25

platform 2.2.2 published on Thursday, Apr 3, 2025 by jfrog

platform.SamlSettings

Explore with Pulumi AI

platform 2.2.2 published on Thursday, Apr 3, 2025 by jfrog

Example Usage

TypeScript
Python
Go
C#
Java
YAML

import * as pulumi from "@pulumi/pulumi";
import * as platform from "@pulumi/platform";

const my_okta_saml_settings = new platform.SamlSettings("my-okta-saml-settings", {
    allowUserToAccessProfile: true,
    autoRedirect: true,
    autoUserCreation: true,
    certificate: "MIICTjCCA...gPRXbm49Mz4o1nbwH",
    emailAttribute: "email",
    enable: true,
    groupAttribute: "group",
    loginUrl: "http://tempurl.org/saml",
    logoutUrl: "https://myaccount.okta.com",
    nameIdAttribute: "id",
    serviceProviderName: "okta",
    syncGroups: true,
    useEncryptedAssertion: false,
    verifyAudienceRestriction: true,
});

import pulumi
import pulumi_platform as platform

my_okta_saml_settings = platform.SamlSettings("my-okta-saml-settings",
    allow_user_to_access_profile=True,
    auto_redirect=True,
    auto_user_creation=True,
    certificate="MIICTjCCA...gPRXbm49Mz4o1nbwH",
    email_attribute="email",
    enable=True,
    group_attribute="group",
    login_url="http://tempurl.org/saml",
    logout_url="https://myaccount.okta.com",
    name_id_attribute="id",
    service_provider_name="okta",
    sync_groups=True,
    use_encrypted_assertion=False,
    verify_audience_restriction=True)

package main

import (
	"github.com/pulumi/pulumi-terraform-provider/sdks/go/platform/v2/platform"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := platform.NewSamlSettings(ctx, "my-okta-saml-settings", &platform.SamlSettingsArgs{
			AllowUserToAccessProfile:  pulumi.Bool(true),
			AutoRedirect:              pulumi.Bool(true),
			AutoUserCreation:          pulumi.Bool(true),
			Certificate:               pulumi.String("MIICTjCCA...gPRXbm49Mz4o1nbwH"),
			EmailAttribute:            pulumi.String("email"),
			Enable:                    pulumi.Bool(true),
			GroupAttribute:            pulumi.String("group"),
			LoginUrl:                  pulumi.String("http://tempurl.org/saml"),
			LogoutUrl:                 pulumi.String("https://myaccount.okta.com"),
			NameIdAttribute:           pulumi.String("id"),
			ServiceProviderName:       pulumi.String("okta"),
			SyncGroups:                pulumi.Bool(true),
			UseEncryptedAssertion:     pulumi.Bool(false),
			VerifyAudienceRestriction: pulumi.Bool(true),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Platform = Pulumi.Platform;

return await Deployment.RunAsync(() => 
{
    var my_okta_saml_settings = new Platform.SamlSettings("my-okta-saml-settings", new()
    {
        AllowUserToAccessProfile = true,
        AutoRedirect = true,
        AutoUserCreation = true,
        Certificate = "MIICTjCCA...gPRXbm49Mz4o1nbwH",
        EmailAttribute = "email",
        Enable = true,
        GroupAttribute = "group",
        LoginUrl = "http://tempurl.org/saml",
        LogoutUrl = "https://myaccount.okta.com",
        NameIdAttribute = "id",
        ServiceProviderName = "okta",
        SyncGroups = true,
        UseEncryptedAssertion = false,
        VerifyAudienceRestriction = true,
    });

});

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.platform.SamlSettings;
import com.pulumi.platform.SamlSettingsArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var my_okta_saml_settings = new SamlSettings("my-okta-saml-settings", SamlSettingsArgs.builder()
            .allowUserToAccessProfile(true)
            .autoRedirect(true)
            .autoUserCreation(true)
            .certificate("MIICTjCCA...gPRXbm49Mz4o1nbwH")
            .emailAttribute("email")
            .enable(true)
            .groupAttribute("group")
            .loginUrl("http://tempurl.org/saml")
            .logoutUrl("https://myaccount.okta.com")
            .nameIdAttribute("id")
            .serviceProviderName("okta")
            .syncGroups(true)
            .useEncryptedAssertion(false)
            .verifyAudienceRestriction(true)
            .build());

    }
}

resources:
  my-okta-saml-settings:
    type: platform:SamlSettings
    properties:
      allowUserToAccessProfile: true
      autoRedirect: true
      autoUserCreation: true
      certificate: MIICTjCCA...gPRXbm49Mz4o1nbwH
      emailAttribute: email
      enable: true
      groupAttribute: group
      loginUrl: http://tempurl.org/saml
      logoutUrl: https://myaccount.okta.com
      nameIdAttribute: id
      serviceProviderName: okta
      syncGroups: true
      useEncryptedAssertion: false
      verifyAudienceRestriction: true

Create SamlSettings Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

new SamlSettings(name: string, args: SamlSettingsArgs, opts?: CustomResourceOptions);

@overload
def SamlSettings(resource_name: str,
                 args: SamlSettingsArgs,
                 opts: Optional[ResourceOptions] = None)

@overload
def SamlSettings(resource_name: str,
                 opts: Optional[ResourceOptions] = None,
                 service_provider_name: Optional[str] = None,
                 logout_url: Optional[str] = None,
                 login_url: Optional[str] = None,
                 certificate: Optional[str] = None,
                 email_attribute: Optional[str] = None,
                 enable: Optional[bool] = None,
                 auto_redirect: Optional[bool] = None,
                 group_attribute: Optional[str] = None,
                 auto_user_creation: Optional[bool] = None,
                 ldap_group_settings: Optional[Sequence[str]] = None,
                 name: Optional[str] = None,
                 name_id_attribute: Optional[str] = None,
                 allow_user_to_access_profile: Optional[bool] = None,
                 sync_groups: Optional[bool] = None,
                 use_encrypted_assertion: Optional[bool] = None,
                 verify_audience_restriction: Optional[bool] = None)

func NewSamlSettings(ctx *Context, name string, args SamlSettingsArgs, opts ...ResourceOption) (*SamlSettings, error)

public SamlSettings(string name, SamlSettingsArgs args, CustomResourceOptions? opts = null)

public SamlSettings(String name, SamlSettingsArgs args)
public SamlSettings(String name, SamlSettingsArgs args, CustomResourceOptions options)

type: platform:SamlSettings
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name string: The unique name of the resource.
args SamlSettingsArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args SamlSettingsArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args SamlSettingsArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args SamlSettingsArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args SamlSettingsArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

Constructor example

The following reference example uses placeholder values for all input properties.

TypeScript
Python
Go
C#
Java
YAML

var samlSettingsResource = new Platform.SamlSettings("samlSettingsResource", new()
{
    ServiceProviderName = "string",
    LogoutUrl = "string",
    LoginUrl = "string",
    Certificate = "string",
    EmailAttribute = "string",
    Enable = false,
    AutoRedirect = false,
    GroupAttribute = "string",
    AutoUserCreation = false,
    LdapGroupSettings = new[]
    {
        "string",
    },
    Name = "string",
    NameIdAttribute = "string",
    AllowUserToAccessProfile = false,
    SyncGroups = false,
    UseEncryptedAssertion = false,
    VerifyAudienceRestriction = false,
});

example, err := platform.NewSamlSettings(ctx, "samlSettingsResource", &platform.SamlSettingsArgs{
ServiceProviderName: pulumi.String("string"),
LogoutUrl: pulumi.String("string"),
LoginUrl: pulumi.String("string"),
Certificate: pulumi.String("string"),
EmailAttribute: pulumi.String("string"),
Enable: pulumi.Bool(false),
AutoRedirect: pulumi.Bool(false),
GroupAttribute: pulumi.String("string"),
AutoUserCreation: pulumi.Bool(false),
LdapGroupSettings: pulumi.StringArray{
pulumi.String("string"),
},
Name: pulumi.String("string"),
NameIdAttribute: pulumi.String("string"),
AllowUserToAccessProfile: pulumi.Bool(false),
SyncGroups: pulumi.Bool(false),
UseEncryptedAssertion: pulumi.Bool(false),
VerifyAudienceRestriction: pulumi.Bool(false),
})

var samlSettingsResource = new SamlSettings("samlSettingsResource", SamlSettingsArgs.builder()
    .serviceProviderName("string")
    .logoutUrl("string")
    .loginUrl("string")
    .certificate("string")
    .emailAttribute("string")
    .enable(false)
    .autoRedirect(false)
    .groupAttribute("string")
    .autoUserCreation(false)
    .ldapGroupSettings("string")
    .name("string")
    .nameIdAttribute("string")
    .allowUserToAccessProfile(false)
    .syncGroups(false)
    .useEncryptedAssertion(false)
    .verifyAudienceRestriction(false)
    .build());

saml_settings_resource = platform.SamlSettings("samlSettingsResource",
    service_provider_name="string",
    logout_url="string",
    login_url="string",
    certificate="string",
    email_attribute="string",
    enable=False,
    auto_redirect=False,
    group_attribute="string",
    auto_user_creation=False,
    ldap_group_settings=["string"],
    name="string",
    name_id_attribute="string",
    allow_user_to_access_profile=False,
    sync_groups=False,
    use_encrypted_assertion=False,
    verify_audience_restriction=False)

const samlSettingsResource = new platform.SamlSettings("samlSettingsResource", {
    serviceProviderName: "string",
    logoutUrl: "string",
    loginUrl: "string",
    certificate: "string",
    emailAttribute: "string",
    enable: false,
    autoRedirect: false,
    groupAttribute: "string",
    autoUserCreation: false,
    ldapGroupSettings: ["string"],
    name: "string",
    nameIdAttribute: "string",
    allowUserToAccessProfile: false,
    syncGroups: false,
    useEncryptedAssertion: false,
    verifyAudienceRestriction: false,
});

type: platform:SamlSettings
properties:
    allowUserToAccessProfile: false
    autoRedirect: false
    autoUserCreation: false
    certificate: string
    emailAttribute: string
    enable: false
    groupAttribute: string
    ldapGroupSettings:
        - string
    loginUrl: string
    logoutUrl: string
    name: string
    nameIdAttribute: string
    serviceProviderName: string
    syncGroups: false
    useEncryptedAssertion: false
    verifyAudienceRestriction: false

SamlSettings Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

The SamlSettings resource accepts the following input properties:

Certificate string: The certificate for SAML Authentication in Base64 format. NOTE! The certificate must contain the public key to allow Artifactory to verify sign-in requests.
LoginUrl string: The identity provider login URL (when you try to login, the service provider redirects to this URL).
LogoutUrl string: The identity provider logout URL (when you try to logout, the service provider redirects to this URL).
ServiceProviderName string: The SAML service provider name. This should be a URI that is also known as the entityID, providerID, or entity identity.
AllowUserToAccessProfile bool: When set, auto created users will have access to their profile page and will be able to perform actions such as generating an API key. Default value is false.
AutoRedirect bool: When set, clicking on the login link will direct users to the configured SAML login URL. Default value is false.
AutoUserCreation bool: When set, authenticated users are automatically created in Artifactory. When not set, for every request from an SSO user, the user is temporarily associated with default groups (if such groups are defined), and the permissions for these groups apply. Without automatic user creation, you must manually create the user inside Artifactory to manage user permissions not attached to their default groups. Default value is true.
EmailAttribute string: If auto_user_creation is enabled or an internal user exists, the system will set the user's email to the value in this attribute that is returned by the SAML login XML response.
Enable bool: When set, SAML integration is enabled and users may be authenticated via a SAML server. Default value is true.
GroupAttribute string: The group attribute in the SAML login XML response. Note that the system will search for a case-sensitive match to an existing group..
LdapGroupSettings List<string>: List of LDAP group setting names. Only support in Artifactory 7.98 or later. See Enabling Synchronization of LDAP Groups for SAML SSO for more details.
Name string: SAML Settings name.
NameIdAttribute string: The username attribute used to configure the SSO URL for the identity provider.
SyncGroups bool: When set, in addition to the groups the user is already associated with, he will also be associated with the groups returned in the SAML login response. Note that the user's association with the returned groups is not persistent. It is only valid for the current login session. Default value is false.
UseEncryptedAssertion bool: When set, an X.509 public certificate will be created by Artifactory. Download this certificate and upload it to your IDP and choose your own encryption algorithm. This process will let you encrypt the assertion section in your SAML response. Default value is false.
VerifyAudienceRestriction bool: Set this flag to specify who the assertion is intended for. The "audience" will be the service provider and is typically a URL but can technically be formatted as any string of data. Default value is true.

Certificate string: The certificate for SAML Authentication in Base64 format. NOTE! The certificate must contain the public key to allow Artifactory to verify sign-in requests.
LoginUrl string: The identity provider login URL (when you try to login, the service provider redirects to this URL).
LogoutUrl string: The identity provider logout URL (when you try to logout, the service provider redirects to this URL).
ServiceProviderName string: The SAML service provider name. This should be a URI that is also known as the entityID, providerID, or entity identity.
AllowUserToAccessProfile bool: When set, auto created users will have access to their profile page and will be able to perform actions such as generating an API key. Default value is false.
AutoRedirect bool: When set, clicking on the login link will direct users to the configured SAML login URL. Default value is false.
AutoUserCreation bool: When set, authenticated users are automatically created in Artifactory. When not set, for every request from an SSO user, the user is temporarily associated with default groups (if such groups are defined), and the permissions for these groups apply. Without automatic user creation, you must manually create the user inside Artifactory to manage user permissions not attached to their default groups. Default value is true.
EmailAttribute string: If auto_user_creation is enabled or an internal user exists, the system will set the user's email to the value in this attribute that is returned by the SAML login XML response.
Enable bool: When set, SAML integration is enabled and users may be authenticated via a SAML server. Default value is true.
GroupAttribute string: The group attribute in the SAML login XML response. Note that the system will search for a case-sensitive match to an existing group..
LdapGroupSettings []string: List of LDAP group setting names. Only support in Artifactory 7.98 or later. See Enabling Synchronization of LDAP Groups for SAML SSO for more details.
Name string: SAML Settings name.
NameIdAttribute string: The username attribute used to configure the SSO URL for the identity provider.
SyncGroups bool: When set, in addition to the groups the user is already associated with, he will also be associated with the groups returned in the SAML login response. Note that the user's association with the returned groups is not persistent. It is only valid for the current login session. Default value is false.
UseEncryptedAssertion bool: When set, an X.509 public certificate will be created by Artifactory. Download this certificate and upload it to your IDP and choose your own encryption algorithm. This process will let you encrypt the assertion section in your SAML response. Default value is false.
VerifyAudienceRestriction bool: Set this flag to specify who the assertion is intended for. The "audience" will be the service provider and is typically a URL but can technically be formatted as any string of data. Default value is true.

certificate String: The certificate for SAML Authentication in Base64 format. NOTE! The certificate must contain the public key to allow Artifactory to verify sign-in requests.
loginUrl String: The identity provider login URL (when you try to login, the service provider redirects to this URL).
logoutUrl String: The identity provider logout URL (when you try to logout, the service provider redirects to this URL).
serviceProviderName String: The SAML service provider name. This should be a URI that is also known as the entityID, providerID, or entity identity.
allowUserToAccessProfile Boolean: When set, auto created users will have access to their profile page and will be able to perform actions such as generating an API key. Default value is false.
autoRedirect Boolean: When set, clicking on the login link will direct users to the configured SAML login URL. Default value is false.
autoUserCreation Boolean: When set, authenticated users are automatically created in Artifactory. When not set, for every request from an SSO user, the user is temporarily associated with default groups (if such groups are defined), and the permissions for these groups apply. Without automatic user creation, you must manually create the user inside Artifactory to manage user permissions not attached to their default groups. Default value is true.
emailAttribute String: If auto_user_creation is enabled or an internal user exists, the system will set the user's email to the value in this attribute that is returned by the SAML login XML response.
enable Boolean: When set, SAML integration is enabled and users may be authenticated via a SAML server. Default value is true.
groupAttribute String: The group attribute in the SAML login XML response. Note that the system will search for a case-sensitive match to an existing group..
ldapGroupSettings List<String>: List of LDAP group setting names. Only support in Artifactory 7.98 or later. See Enabling Synchronization of LDAP Groups for SAML SSO for more details.
name String: SAML Settings name.
nameIdAttribute String: The username attribute used to configure the SSO URL for the identity provider.
syncGroups Boolean: When set, in addition to the groups the user is already associated with, he will also be associated with the groups returned in the SAML login response. Note that the user's association with the returned groups is not persistent. It is only valid for the current login session. Default value is false.
useEncryptedAssertion Boolean: When set, an X.509 public certificate will be created by Artifactory. Download this certificate and upload it to your IDP and choose your own encryption algorithm. This process will let you encrypt the assertion section in your SAML response. Default value is false.
verifyAudienceRestriction Boolean: Set this flag to specify who the assertion is intended for. The "audience" will be the service provider and is typically a URL but can technically be formatted as any string of data. Default value is true.

certificate string: The certificate for SAML Authentication in Base64 format. NOTE! The certificate must contain the public key to allow Artifactory to verify sign-in requests.
loginUrl string: The identity provider login URL (when you try to login, the service provider redirects to this URL).
logoutUrl string: The identity provider logout URL (when you try to logout, the service provider redirects to this URL).
serviceProviderName string: The SAML service provider name. This should be a URI that is also known as the entityID, providerID, or entity identity.
allowUserToAccessProfile boolean: When set, auto created users will have access to their profile page and will be able to perform actions such as generating an API key. Default value is false.
autoRedirect boolean: When set, clicking on the login link will direct users to the configured SAML login URL. Default value is false.
autoUserCreation boolean: When set, authenticated users are automatically created in Artifactory. When not set, for every request from an SSO user, the user is temporarily associated with default groups (if such groups are defined), and the permissions for these groups apply. Without automatic user creation, you must manually create the user inside Artifactory to manage user permissions not attached to their default groups. Default value is true.
emailAttribute string: If auto_user_creation is enabled or an internal user exists, the system will set the user's email to the value in this attribute that is returned by the SAML login XML response.
enable boolean: When set, SAML integration is enabled and users may be authenticated via a SAML server. Default value is true.
groupAttribute string: The group attribute in the SAML login XML response. Note that the system will search for a case-sensitive match to an existing group..
ldapGroupSettings string[]: List of LDAP group setting names. Only support in Artifactory 7.98 or later. See Enabling Synchronization of LDAP Groups for SAML SSO for more details.
name string: SAML Settings name.
nameIdAttribute string: The username attribute used to configure the SSO URL for the identity provider.
syncGroups boolean: When set, in addition to the groups the user is already associated with, he will also be associated with the groups returned in the SAML login response. Note that the user's association with the returned groups is not persistent. It is only valid for the current login session. Default value is false.
useEncryptedAssertion boolean: When set, an X.509 public certificate will be created by Artifactory. Download this certificate and upload it to your IDP and choose your own encryption algorithm. This process will let you encrypt the assertion section in your SAML response. Default value is false.
verifyAudienceRestriction boolean: Set this flag to specify who the assertion is intended for. The "audience" will be the service provider and is typically a URL but can technically be formatted as any string of data. Default value is true.

certificate str: The certificate for SAML Authentication in Base64 format. NOTE! The certificate must contain the public key to allow Artifactory to verify sign-in requests.
login_url str: The identity provider login URL (when you try to login, the service provider redirects to this URL).
logout_url str: The identity provider logout URL (when you try to logout, the service provider redirects to this URL).
service_provider_name str: The SAML service provider name. This should be a URI that is also known as the entityID, providerID, or entity identity.
allow_user_to_access_profile bool: When set, auto created users will have access to their profile page and will be able to perform actions such as generating an API key. Default value is false.
auto_redirect bool: When set, clicking on the login link will direct users to the configured SAML login URL. Default value is false.
auto_user_creation bool: When set, authenticated users are automatically created in Artifactory. When not set, for every request from an SSO user, the user is temporarily associated with default groups (if such groups are defined), and the permissions for these groups apply. Without automatic user creation, you must manually create the user inside Artifactory to manage user permissions not attached to their default groups. Default value is true.
email_attribute str: If auto_user_creation is enabled or an internal user exists, the system will set the user's email to the value in this attribute that is returned by the SAML login XML response.
enable bool: When set, SAML integration is enabled and users may be authenticated via a SAML server. Default value is true.
group_attribute str: The group attribute in the SAML login XML response. Note that the system will search for a case-sensitive match to an existing group..
ldap_group_settings Sequence[str]: List of LDAP group setting names. Only support in Artifactory 7.98 or later. See Enabling Synchronization of LDAP Groups for SAML SSO for more details.
name str: SAML Settings name.
name_id_attribute str: The username attribute used to configure the SSO URL for the identity provider.
sync_groups bool: When set, in addition to the groups the user is already associated with, he will also be associated with the groups returned in the SAML login response. Note that the user's association with the returned groups is not persistent. It is only valid for the current login session. Default value is false.
use_encrypted_assertion bool: When set, an X.509 public certificate will be created by Artifactory. Download this certificate and upload it to your IDP and choose your own encryption algorithm. This process will let you encrypt the assertion section in your SAML response. Default value is false.
verify_audience_restriction bool: Set this flag to specify who the assertion is intended for. The "audience" will be the service provider and is typically a URL but can technically be formatted as any string of data. Default value is true.

certificate String: The certificate for SAML Authentication in Base64 format. NOTE! The certificate must contain the public key to allow Artifactory to verify sign-in requests.
loginUrl String: The identity provider login URL (when you try to login, the service provider redirects to this URL).
logoutUrl String: The identity provider logout URL (when you try to logout, the service provider redirects to this URL).
serviceProviderName String: The SAML service provider name. This should be a URI that is also known as the entityID, providerID, or entity identity.
allowUserToAccessProfile Boolean: When set, auto created users will have access to their profile page and will be able to perform actions such as generating an API key. Default value is false.
autoRedirect Boolean: When set, clicking on the login link will direct users to the configured SAML login URL. Default value is false.
autoUserCreation Boolean: When set, authenticated users are automatically created in Artifactory. When not set, for every request from an SSO user, the user is temporarily associated with default groups (if such groups are defined), and the permissions for these groups apply. Without automatic user creation, you must manually create the user inside Artifactory to manage user permissions not attached to their default groups. Default value is true.
emailAttribute String: If auto_user_creation is enabled or an internal user exists, the system will set the user's email to the value in this attribute that is returned by the SAML login XML response.
enable Boolean: When set, SAML integration is enabled and users may be authenticated via a SAML server. Default value is true.
groupAttribute String: The group attribute in the SAML login XML response. Note that the system will search for a case-sensitive match to an existing group..
ldapGroupSettings List<String>: List of LDAP group setting names. Only support in Artifactory 7.98 or later. See Enabling Synchronization of LDAP Groups for SAML SSO for more details.
name String: SAML Settings name.
nameIdAttribute String: The username attribute used to configure the SSO URL for the identity provider.
syncGroups Boolean: When set, in addition to the groups the user is already associated with, he will also be associated with the groups returned in the SAML login response. Note that the user's association with the returned groups is not persistent. It is only valid for the current login session. Default value is false.
useEncryptedAssertion Boolean: When set, an X.509 public certificate will be created by Artifactory. Download this certificate and upload it to your IDP and choose your own encryption algorithm. This process will let you encrypt the assertion section in your SAML response. Default value is false.
verifyAudienceRestriction Boolean: Set this flag to specify who the assertion is intended for. The "audience" will be the service provider and is typically a URL but can technically be formatted as any string of data. Default value is true.

Outputs

All input properties are implicitly available as output properties. Additionally, the SamlSettings resource produces the following output properties:

Id string: The provider-assigned unique ID for this managed resource.

Id string: The provider-assigned unique ID for this managed resource.

id String: The provider-assigned unique ID for this managed resource.

id string: The provider-assigned unique ID for this managed resource.

id str: The provider-assigned unique ID for this managed resource.

id String: The provider-assigned unique ID for this managed resource.

Look up Existing SamlSettings Resource

Get an existing SamlSettings resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

TypeScript
Python
Go
C#
Java
YAML

public static get(name: string, id: Input<ID>, state?: SamlSettingsState, opts?: CustomResourceOptions): SamlSettings

@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        allow_user_to_access_profile: Optional[bool] = None,
        auto_redirect: Optional[bool] = None,
        auto_user_creation: Optional[bool] = None,
        certificate: Optional[str] = None,
        email_attribute: Optional[str] = None,
        enable: Optional[bool] = None,
        group_attribute: Optional[str] = None,
        ldap_group_settings: Optional[Sequence[str]] = None,
        login_url: Optional[str] = None,
        logout_url: Optional[str] = None,
        name: Optional[str] = None,
        name_id_attribute: Optional[str] = None,
        service_provider_name: Optional[str] = None,
        sync_groups: Optional[bool] = None,
        use_encrypted_assertion: Optional[bool] = None,
        verify_audience_restriction: Optional[bool] = None) -> SamlSettings

func GetSamlSettings(ctx *Context, name string, id IDInput, state *SamlSettingsState, opts ...ResourceOption) (*SamlSettings, error)

public static SamlSettings Get(string name, Input<string> id, SamlSettingsState? state, CustomResourceOptions? opts = null)

public static SamlSettings get(String name, Output<String> id, SamlSettingsState state, CustomResourceOptions options)

resources:  _:    type: platform:SamlSettings    get:      id: ${id}

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

AllowUserToAccessProfile bool: When set, auto created users will have access to their profile page and will be able to perform actions such as generating an API key. Default value is false.
AutoRedirect bool: When set, clicking on the login link will direct users to the configured SAML login URL. Default value is false.
AutoUserCreation bool: When set, authenticated users are automatically created in Artifactory. When not set, for every request from an SSO user, the user is temporarily associated with default groups (if such groups are defined), and the permissions for these groups apply. Without automatic user creation, you must manually create the user inside Artifactory to manage user permissions not attached to their default groups. Default value is true.
Certificate string: The certificate for SAML Authentication in Base64 format. NOTE! The certificate must contain the public key to allow Artifactory to verify sign-in requests.
EmailAttribute string: If auto_user_creation is enabled or an internal user exists, the system will set the user's email to the value in this attribute that is returned by the SAML login XML response.
Enable bool: When set, SAML integration is enabled and users may be authenticated via a SAML server. Default value is true.
GroupAttribute string: The group attribute in the SAML login XML response. Note that the system will search for a case-sensitive match to an existing group..
LdapGroupSettings List<string>: List of LDAP group setting names. Only support in Artifactory 7.98 or later. See Enabling Synchronization of LDAP Groups for SAML SSO for more details.
LoginUrl string: The identity provider login URL (when you try to login, the service provider redirects to this URL).
LogoutUrl string: The identity provider logout URL (when you try to logout, the service provider redirects to this URL).
Name string: SAML Settings name.
NameIdAttribute string: The username attribute used to configure the SSO URL for the identity provider.
ServiceProviderName string: The SAML service provider name. This should be a URI that is also known as the entityID, providerID, or entity identity.
SyncGroups bool: When set, in addition to the groups the user is already associated with, he will also be associated with the groups returned in the SAML login response. Note that the user's association with the returned groups is not persistent. It is only valid for the current login session. Default value is false.
UseEncryptedAssertion bool: When set, an X.509 public certificate will be created by Artifactory. Download this certificate and upload it to your IDP and choose your own encryption algorithm. This process will let you encrypt the assertion section in your SAML response. Default value is false.
VerifyAudienceRestriction bool: Set this flag to specify who the assertion is intended for. The "audience" will be the service provider and is typically a URL but can technically be formatted as any string of data. Default value is true.

AllowUserToAccessProfile bool: When set, auto created users will have access to their profile page and will be able to perform actions such as generating an API key. Default value is false.
AutoRedirect bool: When set, clicking on the login link will direct users to the configured SAML login URL. Default value is false.
AutoUserCreation bool: When set, authenticated users are automatically created in Artifactory. When not set, for every request from an SSO user, the user is temporarily associated with default groups (if such groups are defined), and the permissions for these groups apply. Without automatic user creation, you must manually create the user inside Artifactory to manage user permissions not attached to their default groups. Default value is true.
Certificate string: The certificate for SAML Authentication in Base64 format. NOTE! The certificate must contain the public key to allow Artifactory to verify sign-in requests.
EmailAttribute string: If auto_user_creation is enabled or an internal user exists, the system will set the user's email to the value in this attribute that is returned by the SAML login XML response.
Enable bool: When set, SAML integration is enabled and users may be authenticated via a SAML server. Default value is true.
GroupAttribute string: The group attribute in the SAML login XML response. Note that the system will search for a case-sensitive match to an existing group..
LdapGroupSettings []string: List of LDAP group setting names. Only support in Artifactory 7.98 or later. See Enabling Synchronization of LDAP Groups for SAML SSO for more details.
LoginUrl string: The identity provider login URL (when you try to login, the service provider redirects to this URL).
LogoutUrl string: The identity provider logout URL (when you try to logout, the service provider redirects to this URL).
Name string: SAML Settings name.
NameIdAttribute string: The username attribute used to configure the SSO URL for the identity provider.
ServiceProviderName string: The SAML service provider name. This should be a URI that is also known as the entityID, providerID, or entity identity.
SyncGroups bool: When set, in addition to the groups the user is already associated with, he will also be associated with the groups returned in the SAML login response. Note that the user's association with the returned groups is not persistent. It is only valid for the current login session. Default value is false.
UseEncryptedAssertion bool: When set, an X.509 public certificate will be created by Artifactory. Download this certificate and upload it to your IDP and choose your own encryption algorithm. This process will let you encrypt the assertion section in your SAML response. Default value is false.
VerifyAudienceRestriction bool: Set this flag to specify who the assertion is intended for. The "audience" will be the service provider and is typically a URL but can technically be formatted as any string of data. Default value is true.

allowUserToAccessProfile Boolean: When set, auto created users will have access to their profile page and will be able to perform actions such as generating an API key. Default value is false.
autoRedirect Boolean: When set, clicking on the login link will direct users to the configured SAML login URL. Default value is false.
autoUserCreation Boolean: When set, authenticated users are automatically created in Artifactory. When not set, for every request from an SSO user, the user is temporarily associated with default groups (if such groups are defined), and the permissions for these groups apply. Without automatic user creation, you must manually create the user inside Artifactory to manage user permissions not attached to their default groups. Default value is true.
certificate String: The certificate for SAML Authentication in Base64 format. NOTE! The certificate must contain the public key to allow Artifactory to verify sign-in requests.
emailAttribute String: If auto_user_creation is enabled or an internal user exists, the system will set the user's email to the value in this attribute that is returned by the SAML login XML response.
enable Boolean: When set, SAML integration is enabled and users may be authenticated via a SAML server. Default value is true.
groupAttribute String: The group attribute in the SAML login XML response. Note that the system will search for a case-sensitive match to an existing group..
ldapGroupSettings List<String>: List of LDAP group setting names. Only support in Artifactory 7.98 or later. See Enabling Synchronization of LDAP Groups for SAML SSO for more details.
loginUrl String: The identity provider login URL (when you try to login, the service provider redirects to this URL).
logoutUrl String: The identity provider logout URL (when you try to logout, the service provider redirects to this URL).
name String: SAML Settings name.
nameIdAttribute String: The username attribute used to configure the SSO URL for the identity provider.
serviceProviderName String: The SAML service provider name. This should be a URI that is also known as the entityID, providerID, or entity identity.
syncGroups Boolean: When set, in addition to the groups the user is already associated with, he will also be associated with the groups returned in the SAML login response. Note that the user's association with the returned groups is not persistent. It is only valid for the current login session. Default value is false.
useEncryptedAssertion Boolean: When set, an X.509 public certificate will be created by Artifactory. Download this certificate and upload it to your IDP and choose your own encryption algorithm. This process will let you encrypt the assertion section in your SAML response. Default value is false.
verifyAudienceRestriction Boolean: Set this flag to specify who the assertion is intended for. The "audience" will be the service provider and is typically a URL but can technically be formatted as any string of data. Default value is true.

allowUserToAccessProfile boolean: When set, auto created users will have access to their profile page and will be able to perform actions such as generating an API key. Default value is false.
autoRedirect boolean: When set, clicking on the login link will direct users to the configured SAML login URL. Default value is false.
autoUserCreation boolean: When set, authenticated users are automatically created in Artifactory. When not set, for every request from an SSO user, the user is temporarily associated with default groups (if such groups are defined), and the permissions for these groups apply. Without automatic user creation, you must manually create the user inside Artifactory to manage user permissions not attached to their default groups. Default value is true.
certificate string: The certificate for SAML Authentication in Base64 format. NOTE! The certificate must contain the public key to allow Artifactory to verify sign-in requests.
emailAttribute string: If auto_user_creation is enabled or an internal user exists, the system will set the user's email to the value in this attribute that is returned by the SAML login XML response.
enable boolean: When set, SAML integration is enabled and users may be authenticated via a SAML server. Default value is true.
groupAttribute string: The group attribute in the SAML login XML response. Note that the system will search for a case-sensitive match to an existing group..
ldapGroupSettings string[]: List of LDAP group setting names. Only support in Artifactory 7.98 or later. See Enabling Synchronization of LDAP Groups for SAML SSO for more details.
loginUrl string: The identity provider login URL (when you try to login, the service provider redirects to this URL).
logoutUrl string: The identity provider logout URL (when you try to logout, the service provider redirects to this URL).
name string: SAML Settings name.
nameIdAttribute string: The username attribute used to configure the SSO URL for the identity provider.
serviceProviderName string: The SAML service provider name. This should be a URI that is also known as the entityID, providerID, or entity identity.
syncGroups boolean: When set, in addition to the groups the user is already associated with, he will also be associated with the groups returned in the SAML login response. Note that the user's association with the returned groups is not persistent. It is only valid for the current login session. Default value is false.
useEncryptedAssertion boolean: When set, an X.509 public certificate will be created by Artifactory. Download this certificate and upload it to your IDP and choose your own encryption algorithm. This process will let you encrypt the assertion section in your SAML response. Default value is false.
verifyAudienceRestriction boolean: Set this flag to specify who the assertion is intended for. The "audience" will be the service provider and is typically a URL but can technically be formatted as any string of data. Default value is true.

allow_user_to_access_profile bool: When set, auto created users will have access to their profile page and will be able to perform actions such as generating an API key. Default value is false.
auto_redirect bool: When set, clicking on the login link will direct users to the configured SAML login URL. Default value is false.
auto_user_creation bool: When set, authenticated users are automatically created in Artifactory. When not set, for every request from an SSO user, the user is temporarily associated with default groups (if such groups are defined), and the permissions for these groups apply. Without automatic user creation, you must manually create the user inside Artifactory to manage user permissions not attached to their default groups. Default value is true.
certificate str: The certificate for SAML Authentication in Base64 format. NOTE! The certificate must contain the public key to allow Artifactory to verify sign-in requests.
email_attribute str: If auto_user_creation is enabled or an internal user exists, the system will set the user's email to the value in this attribute that is returned by the SAML login XML response.
enable bool: When set, SAML integration is enabled and users may be authenticated via a SAML server. Default value is true.
group_attribute str: The group attribute in the SAML login XML response. Note that the system will search for a case-sensitive match to an existing group..
ldap_group_settings Sequence[str]: List of LDAP group setting names. Only support in Artifactory 7.98 or later. See Enabling Synchronization of LDAP Groups for SAML SSO for more details.
login_url str: The identity provider login URL (when you try to login, the service provider redirects to this URL).
logout_url str: The identity provider logout URL (when you try to logout, the service provider redirects to this URL).
name str: SAML Settings name.
name_id_attribute str: The username attribute used to configure the SSO URL for the identity provider.
service_provider_name str: The SAML service provider name. This should be a URI that is also known as the entityID, providerID, or entity identity.
sync_groups bool: When set, in addition to the groups the user is already associated with, he will also be associated with the groups returned in the SAML login response. Note that the user's association with the returned groups is not persistent. It is only valid for the current login session. Default value is false.
use_encrypted_assertion bool: When set, an X.509 public certificate will be created by Artifactory. Download this certificate and upload it to your IDP and choose your own encryption algorithm. This process will let you encrypt the assertion section in your SAML response. Default value is false.
verify_audience_restriction bool: Set this flag to specify who the assertion is intended for. The "audience" will be the service provider and is typically a URL but can technically be formatted as any string of data. Default value is true.

allowUserToAccessProfile Boolean: When set, auto created users will have access to their profile page and will be able to perform actions such as generating an API key. Default value is false.
autoRedirect Boolean: When set, clicking on the login link will direct users to the configured SAML login URL. Default value is false.
autoUserCreation Boolean: When set, authenticated users are automatically created in Artifactory. When not set, for every request from an SSO user, the user is temporarily associated with default groups (if such groups are defined), and the permissions for these groups apply. Without automatic user creation, you must manually create the user inside Artifactory to manage user permissions not attached to their default groups. Default value is true.
certificate String: The certificate for SAML Authentication in Base64 format. NOTE! The certificate must contain the public key to allow Artifactory to verify sign-in requests.
emailAttribute String: If auto_user_creation is enabled or an internal user exists, the system will set the user's email to the value in this attribute that is returned by the SAML login XML response.
enable Boolean: When set, SAML integration is enabled and users may be authenticated via a SAML server. Default value is true.
groupAttribute String: The group attribute in the SAML login XML response. Note that the system will search for a case-sensitive match to an existing group..
ldapGroupSettings List<String>: List of LDAP group setting names. Only support in Artifactory 7.98 or later. See Enabling Synchronization of LDAP Groups for SAML SSO for more details.
loginUrl String: The identity provider login URL (when you try to login, the service provider redirects to this URL).
logoutUrl String: The identity provider logout URL (when you try to logout, the service provider redirects to this URL).
name String: SAML Settings name.
nameIdAttribute String: The username attribute used to configure the SSO URL for the identity provider.
serviceProviderName String: The SAML service provider name. This should be a URI that is also known as the entityID, providerID, or entity identity.
syncGroups Boolean: When set, in addition to the groups the user is already associated with, he will also be associated with the groups returned in the SAML login response. Note that the user's association with the returned groups is not persistent. It is only valid for the current login session. Default value is false.
useEncryptedAssertion Boolean: When set, an X.509 public certificate will be created by Artifactory. Download this certificate and upload it to your IDP and choose your own encryption algorithm. This process will let you encrypt the assertion section in your SAML response. Default value is false.
verifyAudienceRestriction Boolean: Set this flag to specify who the assertion is intended for. The "audience" will be the service provider and is typically a URL but can technically be formatted as any string of data. Default value is true.

Import

$ pulumi import platform:index/samlSettings:SamlSettings my-okta-saml-settings my-okta-saml-settings

To learn more about importing existing cloud resources, see Importing resources.

Package Details

Repository: platform jfrog/terraform-provider-platform
License
Notes: This Pulumi package is based on the platform Terraform Provider.

platform 2.2.2 published on Thursday, Apr 3, 2025 by jfrog

jfrog/terraform-provider-platform

platform.SamlSettings

On this page

On this page

Example Usage

Create SamlSettings Resource

Constructor syntax

Parameters

Constructor example

SamlSettings Resource Properties

Inputs

Outputs

Look up Existing SamlSettings Resource

Import

Package Details

On this page

On this page