import * as pulumi from "@pulumi/pulumi"; import * as inputs from "./types/input"; import * as outputs from "./types/output"; /** * With this resource, you can manage Auth0 tenants, including setting logos and support contact information, setting error pages, and configuring default tenant behaviors. * * > Creating tenants through the Management API is not currently supported. Therefore, this resource can only * manage an existing tenant created through the Auth0 dashboard. * * ## Example Usage * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as auth0 from "@pulumi/auth0"; * * const myTenant = new auth0.Tenant("my_tenant", { * friendlyName: "Tenant Name", * pictureUrl: "http://example.com/logo.png", * supportEmail: "support@example.com", * supportUrl: "http://example.com/support", * allowedLogoutUrls: ["http://example.com/logout"], * sessionLifetime: 8760, * sandboxVersion: "22", * enabledLocales: ["en"], * defaultRedirectionUri: "https://example.com/login", * flags: { * disableClickjackProtectionHeaders: true, * enablePublicSignupUserExistsError: true, * useScopeDescriptionsForConsent: true, * noDiscloseEnterpriseConnections: false, * disableManagementApiSmsObfuscation: false, * disableFieldsMapFix: false, * }, * sessionCookie: { * mode: "non-persistent", * }, * sessions: { * oidcLogoutPromptEnabled: false, * }, * errorPage: { * html: "", * showLogLink: false, * url: "https://example.com/error", * }, * }); * ``` * * ## Import * * As this is not a resource identifiable by an ID within the Auth0 Management API, * * tenant can be imported using a random string. * * We recommend [Version 4 UUID](https://www.uuidgenerator.net/version4) * * Example: * * ```sh * $ pulumi import auth0:index/tenant:Tenant my_tenant "82f4f21b-017a-319d-92e7-2291c1ca36c4" * ``` */ export declare class Tenant extends pulumi.CustomResource { /** * Get an existing Tenant resource's state with the given name, ID, and optional extra * properties used to qualify the lookup. * * @param name The _unique_ name of the resulting resource. * @param id The _unique_ provider ID of the resource to lookup. * @param state Any extra arguments used during the lookup. * @param opts Optional settings to control the behavior of the CustomResource. */ static get(name: string, id: pulumi.Input, state?: TenantState, opts?: pulumi.CustomResourceOptions): Tenant; /** * Returns true if the given object is an instance of Tenant. This is designed to work even * when multiple copies of the Pulumi SDK have been loaded into the same process. */ static isInstance(obj: any): obj is Tenant; /** * List of supported ACR values. */ readonly acrValuesSupporteds: pulumi.Output; /** * Whether to accept an organization name instead of an ID on auth endpoints. */ readonly allowOrganizationNameInAuthenticationApi: pulumi.Output; /** * URLs that Auth0 may redirect to after logout. */ readonly allowedLogoutUrls: pulumi.Output; /** * Whether to enable flexible factors for MFA in the PostLogin action. */ readonly customizeMfaInPostloginAction: pulumi.Output; /** * API Audience to use by default for API Authorization flows. This setting is equivalent to appending the audience to every authorization request made to the tenant for every application. */ readonly defaultAudience: pulumi.Output; /** * Name of the connection to be used for Password Grant exchanges. Options include `auth0-adldap`, `ad`, `auth0`, `email`, `sms`, `waad`, and `adfs`. */ readonly defaultDirectory: pulumi.Output; /** * The default absolute redirection URI. Must be HTTPS or an empty string. */ readonly defaultRedirectionUri: pulumi.Output; /** * Token Quota configuration. */ readonly defaultTokenQuota: pulumi.Output; /** * Disable list of supported ACR values. */ readonly disableAcrValuesSupported: pulumi.Output; /** * Supported locales for the user interface. The first locale in the list will be used to set the default locale. */ readonly enabledLocales: pulumi.Output; /** * Configuration for the error page */ readonly errorPage: pulumi.Output; /** * Configuration settings for tenant flags. */ readonly flags: pulumi.Output; /** * Friendly name for the tenant. */ readonly friendlyName: pulumi.Output; /** * Number of hours during which a session can be inactive before the user must log in again. */ readonly idleSessionLifetime: pulumi.Output; /** * Configuration for mTLS. */ readonly mtls: pulumi.Output; /** * Settings related to OIDC RP-initiated Logout. */ readonly oidcLogout: pulumi.Output; /** * URL of logo to be shown for the tenant. Recommended size is 150px x 150px. If no URL is provided, the Auth0 logo will be used. */ readonly pictureUrl: pulumi.Output; /** * Enable pushed authorization requests. */ readonly pushedAuthorizationRequestsSupported: pulumi.Output; /** * Selected sandbox version for the extensibility environment, which allows you to use custom scripts to extend parts of Auth0's functionality. */ readonly sandboxVersion: pulumi.Output; /** * Alters behavior of tenant's session cookie. Contains a single `mode` property. */ readonly sessionCookie: pulumi.Output; /** * Number of hours during which a session will stay valid. */ readonly sessionLifetime: pulumi.Output; /** * Sessions related settings for the tenant. */ readonly sessions: pulumi.Output; /** * Indicates whether the confirmation prompt appears when using non-verifiable callback URIs. Set to true to skip the prompt, false to show it, or null to unset. Accepts (true/false/null) or ("true"/"false"/"null") */ readonly skipNonVerifiableCallbackUriConfirmationPrompt: pulumi.Output; /** * Support email address for authenticating users. */ readonly supportEmail: pulumi.Output; /** * Support URL for authenticating users. */ readonly supportUrl: pulumi.Output; /** * Create a Tenant resource with the given unique name, arguments, and options. * * @param name The _unique_ name of the resource. * @param args The arguments to use to populate this resource's properties. * @param opts A bag of options that control this resource's behavior. */ constructor(name: string, args?: TenantArgs, opts?: pulumi.CustomResourceOptions); } /** * Input properties used for looking up and filtering Tenant resources. */ export interface TenantState { /** * List of supported ACR values. */ acrValuesSupporteds?: pulumi.Input[]>; /** * Whether to accept an organization name instead of an ID on auth endpoints. */ allowOrganizationNameInAuthenticationApi?: pulumi.Input; /** * URLs that Auth0 may redirect to after logout. */ allowedLogoutUrls?: pulumi.Input[]>; /** * Whether to enable flexible factors for MFA in the PostLogin action. */ customizeMfaInPostloginAction?: pulumi.Input; /** * API Audience to use by default for API Authorization flows. This setting is equivalent to appending the audience to every authorization request made to the tenant for every application. */ defaultAudience?: pulumi.Input; /** * Name of the connection to be used for Password Grant exchanges. Options include `auth0-adldap`, `ad`, `auth0`, `email`, `sms`, `waad`, and `adfs`. */ defaultDirectory?: pulumi.Input; /** * The default absolute redirection URI. Must be HTTPS or an empty string. */ defaultRedirectionUri?: pulumi.Input; /** * Token Quota configuration. */ defaultTokenQuota?: pulumi.Input; /** * Disable list of supported ACR values. */ disableAcrValuesSupported?: pulumi.Input; /** * Supported locales for the user interface. The first locale in the list will be used to set the default locale. */ enabledLocales?: pulumi.Input[]>; /** * Configuration for the error page */ errorPage?: pulumi.Input; /** * Configuration settings for tenant flags. */ flags?: pulumi.Input; /** * Friendly name for the tenant. */ friendlyName?: pulumi.Input; /** * Number of hours during which a session can be inactive before the user must log in again. */ idleSessionLifetime?: pulumi.Input; /** * Configuration for mTLS. */ mtls?: pulumi.Input; /** * Settings related to OIDC RP-initiated Logout. */ oidcLogout?: pulumi.Input; /** * URL of logo to be shown for the tenant. Recommended size is 150px x 150px. If no URL is provided, the Auth0 logo will be used. */ pictureUrl?: pulumi.Input; /** * Enable pushed authorization requests. */ pushedAuthorizationRequestsSupported?: pulumi.Input; /** * Selected sandbox version for the extensibility environment, which allows you to use custom scripts to extend parts of Auth0's functionality. */ sandboxVersion?: pulumi.Input; /** * Alters behavior of tenant's session cookie. Contains a single `mode` property. */ sessionCookie?: pulumi.Input; /** * Number of hours during which a session will stay valid. */ sessionLifetime?: pulumi.Input; /** * Sessions related settings for the tenant. */ sessions?: pulumi.Input; /** * Indicates whether the confirmation prompt appears when using non-verifiable callback URIs. Set to true to skip the prompt, false to show it, or null to unset. Accepts (true/false/null) or ("true"/"false"/"null") */ skipNonVerifiableCallbackUriConfirmationPrompt?: pulumi.Input; /** * Support email address for authenticating users. */ supportEmail?: pulumi.Input; /** * Support URL for authenticating users. */ supportUrl?: pulumi.Input; } /** * The set of arguments for constructing a Tenant resource. */ export interface TenantArgs { /** * List of supported ACR values. */ acrValuesSupporteds?: pulumi.Input[]>; /** * Whether to accept an organization name instead of an ID on auth endpoints. */ allowOrganizationNameInAuthenticationApi?: pulumi.Input; /** * URLs that Auth0 may redirect to after logout. */ allowedLogoutUrls?: pulumi.Input[]>; /** * Whether to enable flexible factors for MFA in the PostLogin action. */ customizeMfaInPostloginAction?: pulumi.Input; /** * API Audience to use by default for API Authorization flows. This setting is equivalent to appending the audience to every authorization request made to the tenant for every application. */ defaultAudience?: pulumi.Input; /** * Name of the connection to be used for Password Grant exchanges. Options include `auth0-adldap`, `ad`, `auth0`, `email`, `sms`, `waad`, and `adfs`. */ defaultDirectory?: pulumi.Input; /** * The default absolute redirection URI. Must be HTTPS or an empty string. */ defaultRedirectionUri?: pulumi.Input; /** * Token Quota configuration. */ defaultTokenQuota?: pulumi.Input; /** * Disable list of supported ACR values. */ disableAcrValuesSupported?: pulumi.Input; /** * Supported locales for the user interface. The first locale in the list will be used to set the default locale. */ enabledLocales?: pulumi.Input[]>; /** * Configuration for the error page */ errorPage?: pulumi.Input; /** * Configuration settings for tenant flags. */ flags?: pulumi.Input; /** * Friendly name for the tenant. */ friendlyName?: pulumi.Input; /** * Number of hours during which a session can be inactive before the user must log in again. */ idleSessionLifetime?: pulumi.Input; /** * Configuration for mTLS. */ mtls?: pulumi.Input; /** * Settings related to OIDC RP-initiated Logout. */ oidcLogout?: pulumi.Input; /** * URL of logo to be shown for the tenant. Recommended size is 150px x 150px. If no URL is provided, the Auth0 logo will be used. */ pictureUrl?: pulumi.Input; /** * Enable pushed authorization requests. */ pushedAuthorizationRequestsSupported?: pulumi.Input; /** * Selected sandbox version for the extensibility environment, which allows you to use custom scripts to extend parts of Auth0's functionality. */ sandboxVersion?: pulumi.Input; /** * Alters behavior of tenant's session cookie. Contains a single `mode` property. */ sessionCookie?: pulumi.Input; /** * Number of hours during which a session will stay valid. */ sessionLifetime?: pulumi.Input; /** * Sessions related settings for the tenant. */ sessions?: pulumi.Input; /** * Indicates whether the confirmation prompt appears when using non-verifiable callback URIs. Set to true to skip the prompt, false to show it, or null to unset. Accepts (true/false/null) or ("true"/"false"/"null") */ skipNonVerifiableCallbackUriConfirmationPrompt?: pulumi.Input; /** * Support email address for authenticating users. */ supportEmail?: pulumi.Input; /** * Support URL for authenticating users. */ supportUrl?: pulumi.Input; }