Keycloak v5.3.4, Sep 20 24

Keycloak v5.3.4 published on Friday, Sep 20, 2024 by Pulumi

keycloak.openid.getClient

Explore with Pulumi AI

Keycloak v5.3.4 published on Friday, Sep 20, 2024 by Pulumi

pulumi/pulumi-keycloak

# keycloak.openid.Client data source

This data source can be used to fetch properties of a Keycloak OpenID client for usage with other resources.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as keycloak from "@pulumi/keycloak";

const realmManagement = keycloak.openid.getClient({
    realmId: "my-realm",
    clientId: "realm-management",
});
// use the data source
const admin = realmManagement.then(realmManagement => keycloak.getRole({
    realmId: "my-realm",
    clientId: realmManagement.id,
    name: "realm-admin",
}));

import pulumi
import pulumi_keycloak as keycloak

realm_management = keycloak.openid.get_client(realm_id="my-realm",
    client_id="realm-management")
# use the data source
admin = keycloak.get_role(realm_id="my-realm",
    client_id=realm_management.id,
    name="realm-admin")

package main

import (
	"github.com/pulumi/pulumi-keycloak/sdk/v5/go/keycloak"
	"github.com/pulumi/pulumi-keycloak/sdk/v5/go/keycloak/openid"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		realmManagement, err := openid.LookupClient(ctx, &openid.LookupClientArgs{
			RealmId:  "my-realm",
			ClientId: "realm-management",
		}, nil)
		if err != nil {
			return err
		}
		// use the data source
		_, err = keycloak.LookupRole(ctx, &keycloak.LookupRoleArgs{
			RealmId:  "my-realm",
			ClientId: pulumi.StringRef(realmManagement.Id),
			Name:     "realm-admin",
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Keycloak = Pulumi.Keycloak;

return await Deployment.RunAsync(() => 
{
    var realmManagement = Keycloak.OpenId.GetClient.Invoke(new()
    {
        RealmId = "my-realm",
        ClientId = "realm-management",
    });

    // use the data source
    var admin = Keycloak.GetRole.Invoke(new()
    {
        RealmId = "my-realm",
        ClientId = realmManagement.Apply(getClientResult => getClientResult.Id),
        Name = "realm-admin",
    });

});

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.keycloak.openid.OpenidFunctions;
import com.pulumi.keycloak.openid.inputs.GetClientArgs;
import com.pulumi.keycloak.KeycloakFunctions;
import com.pulumi.keycloak.inputs.GetRoleArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        final var realmManagement = OpenidFunctions.getClient(GetClientArgs.builder()
            .realmId("my-realm")
            .clientId("realm-management")
            .build());

        // use the data source
        final var admin = KeycloakFunctions.getRole(GetRoleArgs.builder()
            .realmId("my-realm")
            .clientId(realmManagement.applyValue(getClientResult -> getClientResult.id()))
            .name("realm-admin")
            .build());

    }
}

variables:
  realmManagement:
    fn::invoke:
      Function: keycloak:openid:getClient
      Arguments:
        realmId: my-realm
        clientId: realm-management
  # use the data source
  admin:
    fn::invoke:
      Function: keycloak:getRole
      Arguments:
        realmId: my-realm
        clientId: ${realmManagement.id}
        name: realm-admin

Argument Reference

The following arguments are supported:

realm_id - (Required) The realm id.
client_id - (Required) The client id.

Attributes Reference

See the docs for the keycloak.openid.Client resource for details on the exported attributes.

Using getClient

Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.

function getClient(args: GetClientArgs, opts?: InvokeOptions): Promise<GetClientResult>
function getClientOutput(args: GetClientOutputArgs, opts?: InvokeOptions): Output<GetClientResult>

def get_client(client_id: Optional[str] = None,
               consent_screen_text: Optional[str] = None,
               display_on_consent_screen: Optional[bool] = None,
               extra_config: Optional[Mapping[str, str]] = None,
               oauth2_device_authorization_grant_enabled: Optional[bool] = None,
               oauth2_device_code_lifespan: Optional[str] = None,
               oauth2_device_polling_interval: Optional[str] = None,
               realm_id: Optional[str] = None,
               opts: Optional[InvokeOptions] = None) -> GetClientResult
def get_client_output(client_id: Optional[pulumi.Input[str]] = None,
               consent_screen_text: Optional[pulumi.Input[str]] = None,
               display_on_consent_screen: Optional[pulumi.Input[bool]] = None,
               extra_config: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
               oauth2_device_authorization_grant_enabled: Optional[pulumi.Input[bool]] = None,
               oauth2_device_code_lifespan: Optional[pulumi.Input[str]] = None,
               oauth2_device_polling_interval: Optional[pulumi.Input[str]] = None,
               realm_id: Optional[pulumi.Input[str]] = None,
               opts: Optional[InvokeOptions] = None) -> Output[GetClientResult]

func LookupClient(ctx *Context, args *LookupClientArgs, opts ...InvokeOption) (*LookupClientResult, error)
func LookupClientOutput(ctx *Context, args *LookupClientOutputArgs, opts ...InvokeOption) LookupClientResultOutput

> Note: This function is named LookupClient in the Go SDK.

public static class GetClient 
{
    public static Task<GetClientResult> InvokeAsync(GetClientArgs args, InvokeOptions? opts = null)
    public static Output<GetClientResult> Invoke(GetClientInvokeArgs args, InvokeOptions? opts = null)
}

public static CompletableFuture<GetClientResult> getClient(GetClientArgs args, InvokeOptions options)
// Output-based functions aren't available in Java yet

fn::invoke:
  function: keycloak:openid/getClient:getClient
  arguments:
    # arguments dictionary

The following arguments are supported:

ClientId string
RealmId string
ConsentScreenText string
DisplayOnConsentScreen bool
ExtraConfig Dictionary<string, string>
Oauth2DeviceAuthorizationGrantEnabled bool
Oauth2DeviceCodeLifespan string
Oauth2DevicePollingInterval string

ClientId string
RealmId string
ConsentScreenText string
DisplayOnConsentScreen bool
ExtraConfig map[string]string
Oauth2DeviceAuthorizationGrantEnabled bool
Oauth2DeviceCodeLifespan string
Oauth2DevicePollingInterval string

clientId String
realmId String
consentScreenText String
displayOnConsentScreen Boolean
extraConfig Map<String,String>
oauth2DeviceAuthorizationGrantEnabled Boolean
oauth2DeviceCodeLifespan String
oauth2DevicePollingInterval String

clientId string
realmId string
consentScreenText string
displayOnConsentScreen boolean
extraConfig {[key: string]: string}
oauth2DeviceAuthorizationGrantEnabled boolean
oauth2DeviceCodeLifespan string
oauth2DevicePollingInterval string

client_id str
realm_id str
consent_screen_text str
display_on_consent_screen bool
extra_config Mapping[str, str]
oauth2_device_authorization_grant_enabled bool
oauth2_device_code_lifespan str
oauth2_device_polling_interval str

clientId String
realmId String
consentScreenText String
displayOnConsentScreen Boolean
extraConfig Map<String>
oauth2DeviceAuthorizationGrantEnabled Boolean
oauth2DeviceCodeLifespan String
oauth2DevicePollingInterval String

getClient Result

The following output properties are available:

AccessTokenLifespan string
AccessType string
AdminUrl string
AuthenticationFlowBindingOverrides List<GetClientAuthenticationFlowBindingOverride>
Authorizations List<GetClientAuthorization>
BackchannelLogoutRevokeOfflineSessions bool
BackchannelLogoutSessionRequired bool
BackchannelLogoutUrl string
BaseUrl string
ClientAuthenticatorType string
ClientId string
ClientOfflineSessionIdleTimeout string
ClientOfflineSessionMaxLifespan string
ClientSecret string
ClientSessionIdleTimeout string
ClientSessionMaxLifespan string
ConsentRequired bool
Description string
DirectAccessGrantsEnabled bool
Enabled bool
ExcludeSessionStateFromAuthResponse bool
ExtraConfig Dictionary<string, string>
FrontchannelLogoutEnabled bool
FrontchannelLogoutUrl string
FullScopeAllowed bool
Id string: The provider-assigned unique ID for this managed resource.
ImplicitFlowEnabled bool
LoginTheme string
Name string
PkceCodeChallengeMethod string
RealmId string
ResourceServerId string
RootUrl string
ServiceAccountUserId string
ServiceAccountsEnabled bool
StandardFlowEnabled bool
UseRefreshTokens bool
UseRefreshTokensClientCredentials bool
ValidPostLogoutRedirectUris List<string>
ValidRedirectUris List<string>
WebOrigins List<string>
ConsentScreenText string
DisplayOnConsentScreen bool
Oauth2DeviceAuthorizationGrantEnabled bool
Oauth2DeviceCodeLifespan string
Oauth2DevicePollingInterval string

AccessTokenLifespan string
AccessType string
AdminUrl string
AuthenticationFlowBindingOverrides []GetClientAuthenticationFlowBindingOverride
Authorizations []GetClientAuthorization
BackchannelLogoutRevokeOfflineSessions bool
BackchannelLogoutSessionRequired bool
BackchannelLogoutUrl string
BaseUrl string
ClientAuthenticatorType string
ClientId string
ClientOfflineSessionIdleTimeout string
ClientOfflineSessionMaxLifespan string
ClientSecret string
ClientSessionIdleTimeout string
ClientSessionMaxLifespan string
ConsentRequired bool
Description string
DirectAccessGrantsEnabled bool
Enabled bool
ExcludeSessionStateFromAuthResponse bool
ExtraConfig map[string]string
FrontchannelLogoutEnabled bool
FrontchannelLogoutUrl string
FullScopeAllowed bool
Id string: The provider-assigned unique ID for this managed resource.
ImplicitFlowEnabled bool
LoginTheme string
Name string
PkceCodeChallengeMethod string
RealmId string
ResourceServerId string
RootUrl string
ServiceAccountUserId string
ServiceAccountsEnabled bool
StandardFlowEnabled bool
UseRefreshTokens bool
UseRefreshTokensClientCredentials bool
ValidPostLogoutRedirectUris []string
ValidRedirectUris []string
WebOrigins []string
ConsentScreenText string
DisplayOnConsentScreen bool
Oauth2DeviceAuthorizationGrantEnabled bool
Oauth2DeviceCodeLifespan string
Oauth2DevicePollingInterval string

accessTokenLifespan String
accessType String
adminUrl String
authenticationFlowBindingOverrides List<GetClientAuthenticationFlowBindingOverride>
authorizations List<GetClientAuthorization>
backchannelLogoutRevokeOfflineSessions Boolean
backchannelLogoutSessionRequired Boolean
backchannelLogoutUrl String
baseUrl String
clientAuthenticatorType String
clientId String
clientOfflineSessionIdleTimeout String
clientOfflineSessionMaxLifespan String
clientSecret String
clientSessionIdleTimeout String
clientSessionMaxLifespan String
consentRequired Boolean
description String
directAccessGrantsEnabled Boolean
enabled Boolean
excludeSessionStateFromAuthResponse Boolean
extraConfig Map<String,String>
frontchannelLogoutEnabled Boolean
frontchannelLogoutUrl String
fullScopeAllowed Boolean
id String: The provider-assigned unique ID for this managed resource.
implicitFlowEnabled Boolean
loginTheme String
name String
pkceCodeChallengeMethod String
realmId String
resourceServerId String
rootUrl String
serviceAccountUserId String
serviceAccountsEnabled Boolean
standardFlowEnabled Boolean
useRefreshTokens Boolean
useRefreshTokensClientCredentials Boolean
validPostLogoutRedirectUris List<String>
validRedirectUris List<String>
webOrigins List<String>
consentScreenText String
displayOnConsentScreen Boolean
oauth2DeviceAuthorizationGrantEnabled Boolean
oauth2DeviceCodeLifespan String
oauth2DevicePollingInterval String

accessTokenLifespan string
accessType string
adminUrl string
authenticationFlowBindingOverrides GetClientAuthenticationFlowBindingOverride[]
authorizations GetClientAuthorization[]
backchannelLogoutRevokeOfflineSessions boolean
backchannelLogoutSessionRequired boolean
backchannelLogoutUrl string
baseUrl string
clientAuthenticatorType string
clientId string
clientOfflineSessionIdleTimeout string
clientOfflineSessionMaxLifespan string
clientSecret string
clientSessionIdleTimeout string
clientSessionMaxLifespan string
consentRequired boolean
description string
directAccessGrantsEnabled boolean
enabled boolean
excludeSessionStateFromAuthResponse boolean
extraConfig {[key: string]: string}
frontchannelLogoutEnabled boolean
frontchannelLogoutUrl string
fullScopeAllowed boolean
id string: The provider-assigned unique ID for this managed resource.
implicitFlowEnabled boolean
loginTheme string
name string
pkceCodeChallengeMethod string
realmId string
resourceServerId string
rootUrl string
serviceAccountUserId string
serviceAccountsEnabled boolean
standardFlowEnabled boolean
useRefreshTokens boolean
useRefreshTokensClientCredentials boolean
validPostLogoutRedirectUris string[]
validRedirectUris string[]
webOrigins string[]
consentScreenText string
displayOnConsentScreen boolean
oauth2DeviceAuthorizationGrantEnabled boolean
oauth2DeviceCodeLifespan string
oauth2DevicePollingInterval string

access_token_lifespan str
access_type str
admin_url str
authentication_flow_binding_overrides Sequence[GetClientAuthenticationFlowBindingOverride]
authorizations Sequence[GetClientAuthorization]
backchannel_logout_revoke_offline_sessions bool
backchannel_logout_session_required bool
backchannel_logout_url str
base_url str
client_authenticator_type str
client_id str
client_offline_session_idle_timeout str
client_offline_session_max_lifespan str
client_secret str
client_session_idle_timeout str
client_session_max_lifespan str
consent_required bool
description str
direct_access_grants_enabled bool
enabled bool
exclude_session_state_from_auth_response bool
extra_config Mapping[str, str]
frontchannel_logout_enabled bool
frontchannel_logout_url str
full_scope_allowed bool
id str: The provider-assigned unique ID for this managed resource.
implicit_flow_enabled bool
login_theme str
name str
pkce_code_challenge_method str
realm_id str
resource_server_id str
root_url str
service_account_user_id str
service_accounts_enabled bool
standard_flow_enabled bool
use_refresh_tokens bool
use_refresh_tokens_client_credentials bool
valid_post_logout_redirect_uris Sequence[str]
valid_redirect_uris Sequence[str]
web_origins Sequence[str]
consent_screen_text str
display_on_consent_screen bool
oauth2_device_authorization_grant_enabled bool
oauth2_device_code_lifespan str
oauth2_device_polling_interval str

accessTokenLifespan String
accessType String
adminUrl String
authenticationFlowBindingOverrides List<Property Map>
authorizations List<Property Map>
backchannelLogoutRevokeOfflineSessions Boolean
backchannelLogoutSessionRequired Boolean
backchannelLogoutUrl String
baseUrl String
clientAuthenticatorType String
clientId String
clientOfflineSessionIdleTimeout String
clientOfflineSessionMaxLifespan String
clientSecret String
clientSessionIdleTimeout String
clientSessionMaxLifespan String
consentRequired Boolean
description String
directAccessGrantsEnabled Boolean
enabled Boolean
excludeSessionStateFromAuthResponse Boolean
extraConfig Map<String>
frontchannelLogoutEnabled Boolean
frontchannelLogoutUrl String
fullScopeAllowed Boolean
id String: The provider-assigned unique ID for this managed resource.
implicitFlowEnabled Boolean
loginTheme String
name String
pkceCodeChallengeMethod String
realmId String
resourceServerId String
rootUrl String
serviceAccountUserId String
serviceAccountsEnabled Boolean
standardFlowEnabled Boolean
useRefreshTokens Boolean
useRefreshTokensClientCredentials Boolean
validPostLogoutRedirectUris List<String>
validRedirectUris List<String>
webOrigins List<String>
consentScreenText String
displayOnConsentScreen Boolean
oauth2DeviceAuthorizationGrantEnabled Boolean
oauth2DeviceCodeLifespan String
oauth2DevicePollingInterval String

Supporting Types

GetClientAuthenticationFlowBindingOverride

BrowserId string
DirectGrantId string

BrowserId string
DirectGrantId string

browserId String
directGrantId String

browserId string
directGrantId string

browser_id str
direct_grant_id str

browserId String
directGrantId String

AllowRemoteResourceManagement bool
DecisionStrategy string
KeepDefaults bool
PolicyEnforcementMode string

allowRemoteResourceManagement Boolean
decisionStrategy String
keepDefaults Boolean
policyEnforcementMode String

allowRemoteResourceManagement boolean
decisionStrategy string
keepDefaults boolean
policyEnforcementMode string

allow_remote_resource_management bool
decision_strategy str
keep_defaults bool
policy_enforcement_mode str

allowRemoteResourceManagement Boolean
decisionStrategy String
keepDefaults Boolean
policyEnforcementMode String

Package Details

Repository: Keycloak pulumi/pulumi-keycloak
License: Apache-2.0
Notes: This Pulumi package is based on the keycloak Terraform Provider.

Keycloak v5.3.4 published on Friday, Sep 20, 2024 by Pulumi

pulumi/pulumi-keycloak

keycloak.openid.getClient

On this page

On this page

# keycloak.openid.Client data source

Example Usage

Argument Reference

Attributes Reference

Using getClient

getClient Result

Supporting Types

GetClientAuthenticationFlowBindingOverride

GetClientAuthorization

Package Details

On this page

On this page