import * as pulumi from "@pulumi/pulumi"; import * as outputs from "./types/output"; /** * Data source to retrieve a specific Auth0 resource server by `resourceServerId` or `identifier`. * * ## Example Usage * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as auth0 from "@pulumi/auth0"; * * // An Auth0 Resource Server loaded using its identifier. * const some_resource_server_by_identifier = auth0.getResourceServer({ * identifier: "https://my-api.com/v1", * }); * // An Auth0 Resource Server loaded using its ID. * const some_resource_server_by_id = auth0.getResourceServer({ * resourceServerId: "abcdefghkijklmnopqrstuvwxyz0123456789", * }); * ``` */ export declare function getResourceServer(args?: GetResourceServerArgs, opts?: pulumi.InvokeOptions): Promise; /** * A collection of arguments for invoking getResourceServer. */ export interface GetResourceServerArgs { /** * Unique identifier for the resource server. Used as the audience parameter for authorization calls. If not provided, `resourceServerId` must be set. */ identifier?: string; /** * The ID of the resource server. If not provided, `identifier` must be set. */ resourceServerId?: string; } /** * A collection of values returned by getResourceServer. */ export interface GetResourceServerResult { /** * Indicates whether refresh tokens can be issued for this resource server. */ readonly allowOfflineAccess: boolean; /** * Authorization details for this resource server. */ readonly authorizationDetails: outputs.GetResourceServerAuthorizationDetail[]; /** * The ID of the client associated with this resource server. If a client has been created and linked to this resource server, this field will be populated with that client's ID. */ readonly clientId: string; /** * Consent policy for this resource server. Options include `transactional-authorization-with-mfa`, or `null` to disable. */ readonly consentPolicy: string; /** * If this setting is enabled, RBAC authorization policies will be enforced for this API. Role and permission assignments will be evaluated during the login transaction. */ readonly enforcePolicies: boolean; /** * The provider-assigned unique ID for this managed resource. */ readonly id: string; /** * Unique identifier for the resource server. Used as the audience parameter for authorization calls. If not provided, `resourceServerId` must be set. */ readonly identifier?: string; /** * Friendly name for the resource server. Cannot include `<` or `>` characters. */ readonly name: string; /** * Configuration settings for proof-of-possession for this resource server. */ readonly proofOfPossessions: outputs.GetResourceServerProofOfPossession[]; /** * The ID of the resource server. If not provided, `identifier` must be set. */ readonly resourceServerId?: string; /** * List of permissions (scopes) used by this resource server. */ readonly scopes: outputs.GetResourceServerScope[]; /** * Algorithm used to sign JWTs. Options include `HS256`, `RS256`, and `PS256`. */ readonly signingAlg: string; /** * Secret used to sign tokens when using symmetric algorithms (HS256). */ readonly signingSecret: string; /** * Indicates whether to skip user consent for applications flagged as first party. */ readonly skipConsentForVerifiableFirstPartyClients: boolean; /** * Authorization policies for user and client flows. */ readonly subjectTypeAuthorizations: outputs.GetResourceServerSubjectTypeAuthorization[]; /** * Dialect of access tokens that should be issued for this resource server. Options include `accessToken`, `rfc9068Profile`, `accessTokenAuthz`, and `rfc9068ProfileAuthz`. `accessToken` is a JWT containing standard Auth0 claims. `rfc9068Profile` is a JWT conforming to the IETF JWT Access Token Profile. `accessTokenAuthz` is a JWT containing standard Auth0 claims, including RBAC permissions claims. `rfc9068ProfileAuthz` is a JWT conforming to the IETF JWT Access Token Profile, including RBAC permissions claims. RBAC permissions claims are available if RBAC (`enforcePolicies`) is enabled for this API. For more details, refer to [Access Token Profiles](https://auth0.com/docs/secure/tokens/access-tokens/access-token-profiles). */ readonly tokenDialect: string; /** * Configuration for JSON Web Encryption(JWE) of tokens for this resource server. */ readonly tokenEncryptions: outputs.GetResourceServerTokenEncryption[]; /** * Number of seconds during which access tokens issued for this resource server from the token endpoint remain valid. */ readonly tokenLifetime: number; /** * Number of seconds during which access tokens issued for this resource server via implicit or hybrid flows remain valid. Cannot be greater than the `tokenLifetime` value. */ readonly tokenLifetimeForWeb: number; /** * URL from which to retrieve JWKs for this resource server. Used for verifying the JWT sent to Auth0 for token introspection. */ readonly verificationLocation: string; } /** * Data source to retrieve a specific Auth0 resource server by `resourceServerId` or `identifier`. * * ## Example Usage * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as auth0 from "@pulumi/auth0"; * * // An Auth0 Resource Server loaded using its identifier. * const some_resource_server_by_identifier = auth0.getResourceServer({ * identifier: "https://my-api.com/v1", * }); * // An Auth0 Resource Server loaded using its ID. * const some_resource_server_by_id = auth0.getResourceServer({ * resourceServerId: "abcdefghkijklmnopqrstuvwxyz0123456789", * }); * ``` */ export declare function getResourceServerOutput(args?: GetResourceServerOutputArgs, opts?: pulumi.InvokeOutputOptions): pulumi.Output; /** * A collection of arguments for invoking getResourceServer. */ export interface GetResourceServerOutputArgs { /** * Unique identifier for the resource server. Used as the audience parameter for authorization calls. If not provided, `resourceServerId` must be set. */ identifier?: pulumi.Input; /** * The ID of the resource server. If not provided, `identifier` must be set. */ resourceServerId?: pulumi.Input; }