import * as pulumi from "@pulumi/pulumi"; import * as inputs from "../types/input"; import * as outputs from "../types/output"; /** * Manages an Authorization Server within an API Management Service. * * ## Example Usage * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as azure from "@pulumi/azure"; * * const example = azure.apimanagement.getService({ * name: "search-api", * resourceGroupName: "search-service", * }); * const exampleAuthorizationServer = new azure.apimanagement.AuthorizationServer("example", { * name: "test-server", * apiManagementName: example.then(example => example.name), * resourceGroupName: example.then(example => example.resourceGroupName), * displayName: "Test Server", * authorizationEndpoint: "https://example.mydomain.com/client/authorize", * clientId: "42424242-4242-4242-4242-424242424242", * clientRegistrationEndpoint: "https://example.mydomain.com/client/register", * grantTypes: ["authorizationCode"], * authorizationMethods: ["GET"], * }); * ``` * * ## API Providers * * * This resource uses the following Azure API Providers: * * * `Microsoft.ApiManagement` - 2022-08-01 * * ## Import * * API Management Authorization Servers can be imported using the `resource id`, e.g. * * ```sh * $ pulumi import azure:apimanagement/authorizationServer:AuthorizationServer example /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/group1/providers/Microsoft.ApiManagement/service/service1/authorizationServers/server1 * ``` */ export declare class AuthorizationServer extends pulumi.CustomResource { /** * Get an existing AuthorizationServer resource's state with the given name, ID, and optional extra * properties used to qualify the lookup. * * @param name The _unique_ name of the resulting resource. * @param id The _unique_ provider ID of the resource to lookup. * @param state Any extra arguments used during the lookup. * @param opts Optional settings to control the behavior of the CustomResource. */ static get(name: string, id: pulumi.Input, state?: AuthorizationServerState, opts?: pulumi.CustomResourceOptions): AuthorizationServer; /** * Returns true if the given object is an instance of AuthorizationServer. This is designed to work even * when multiple copies of the Pulumi SDK have been loaded into the same process. */ static isInstance(obj: any): obj is AuthorizationServer; /** * The name of the API Management Service in which this Authorization Server should be created. Changing this forces a new resource to be created. */ readonly apiManagementName: pulumi.Output; /** * The OAUTH Authorization Endpoint. */ readonly authorizationEndpoint: pulumi.Output; /** * The HTTP Verbs supported by the Authorization Endpoint. Possible values are `DELETE`, `GET`, `HEAD`, `OPTIONS`, `PATCH`, `POST`, `PUT` and `TRACE`. * * > **Note:** `GET` must always be present. */ readonly authorizationMethods: pulumi.Output; /** * The mechanism by which Access Tokens are passed to the API. Possible values are `authorizationHeader` and `query`. */ readonly bearerTokenSendingMethods: pulumi.Output; /** * The Authentication Methods supported by the Token endpoint of this Authorization Server.. Possible values are `Basic` and `Body`. */ readonly clientAuthenticationMethods: pulumi.Output; /** * The Client/App ID registered with this Authorization Server. */ readonly clientId: pulumi.Output; /** * The URI of page where Client/App Registration is performed for this Authorization Server. */ readonly clientRegistrationEndpoint: pulumi.Output; /** * The Client/App Secret registered with this Authorization Server. */ readonly clientSecret: pulumi.Output; /** * The Default Scope used when requesting an Access Token, specified as a string containing space-delimited values. */ readonly defaultScope: pulumi.Output; /** * A description of the Authorization Server, which may contain HTML formatting tags. */ readonly description: pulumi.Output; /** * The user-friendly name of this Authorization Server. */ readonly displayName: pulumi.Output; /** * Form of Authorization Grants required when requesting an Access Token. Possible values are `authorizationCode`, `clientCredentials`, `implicit` and `resourceOwnerPassword`. */ readonly grantTypes: pulumi.Output; /** * The name of this Authorization Server. Changing this forces a new resource to be created. */ readonly name: pulumi.Output; /** * The name of the Resource Group in which the API Management Service exists. Changing this forces a new resource to be created. */ readonly resourceGroupName: pulumi.Output; /** * The password associated with the Resource Owner. * * > **Note:** This can only be specified when `grantType` includes `resourceOwnerPassword`. */ readonly resourceOwnerPassword: pulumi.Output; /** * The username associated with the Resource Owner. * * > **Note:** This can only be specified when `grantType` includes `resourceOwnerPassword`. */ readonly resourceOwnerUsername: pulumi.Output; /** * Does this Authorization Server support State? If this is set to `true` the client may use the state parameter to raise protocol security. */ readonly supportState: pulumi.Output; /** * A `tokenBodyParameter` block as defined below. */ readonly tokenBodyParameters: pulumi.Output; /** * The OAUTH Token Endpoint. */ readonly tokenEndpoint: pulumi.Output; /** * Create a AuthorizationServer resource with the given unique name, arguments, and options. * * @param name The _unique_ name of the resource. * @param args The arguments to use to populate this resource's properties. * @param opts A bag of options that control this resource's behavior. */ constructor(name: string, args: AuthorizationServerArgs, opts?: pulumi.CustomResourceOptions); } /** * Input properties used for looking up and filtering AuthorizationServer resources. */ export interface AuthorizationServerState { /** * The name of the API Management Service in which this Authorization Server should be created. Changing this forces a new resource to be created. */ apiManagementName?: pulumi.Input; /** * The OAUTH Authorization Endpoint. */ authorizationEndpoint?: pulumi.Input; /** * The HTTP Verbs supported by the Authorization Endpoint. Possible values are `DELETE`, `GET`, `HEAD`, `OPTIONS`, `PATCH`, `POST`, `PUT` and `TRACE`. * * > **Note:** `GET` must always be present. */ authorizationMethods?: pulumi.Input[]>; /** * The mechanism by which Access Tokens are passed to the API. Possible values are `authorizationHeader` and `query`. */ bearerTokenSendingMethods?: pulumi.Input[]>; /** * The Authentication Methods supported by the Token endpoint of this Authorization Server.. Possible values are `Basic` and `Body`. */ clientAuthenticationMethods?: pulumi.Input[]>; /** * The Client/App ID registered with this Authorization Server. */ clientId?: pulumi.Input; /** * The URI of page where Client/App Registration is performed for this Authorization Server. */ clientRegistrationEndpoint?: pulumi.Input; /** * The Client/App Secret registered with this Authorization Server. */ clientSecret?: pulumi.Input; /** * The Default Scope used when requesting an Access Token, specified as a string containing space-delimited values. */ defaultScope?: pulumi.Input; /** * A description of the Authorization Server, which may contain HTML formatting tags. */ description?: pulumi.Input; /** * The user-friendly name of this Authorization Server. */ displayName?: pulumi.Input; /** * Form of Authorization Grants required when requesting an Access Token. Possible values are `authorizationCode`, `clientCredentials`, `implicit` and `resourceOwnerPassword`. */ grantTypes?: pulumi.Input[]>; /** * The name of this Authorization Server. Changing this forces a new resource to be created. */ name?: pulumi.Input; /** * The name of the Resource Group in which the API Management Service exists. Changing this forces a new resource to be created. */ resourceGroupName?: pulumi.Input; /** * The password associated with the Resource Owner. * * > **Note:** This can only be specified when `grantType` includes `resourceOwnerPassword`. */ resourceOwnerPassword?: pulumi.Input; /** * The username associated with the Resource Owner. * * > **Note:** This can only be specified when `grantType` includes `resourceOwnerPassword`. */ resourceOwnerUsername?: pulumi.Input; /** * Does this Authorization Server support State? If this is set to `true` the client may use the state parameter to raise protocol security. */ supportState?: pulumi.Input; /** * A `tokenBodyParameter` block as defined below. */ tokenBodyParameters?: pulumi.Input[]>; /** * The OAUTH Token Endpoint. */ tokenEndpoint?: pulumi.Input; } /** * The set of arguments for constructing a AuthorizationServer resource. */ export interface AuthorizationServerArgs { /** * The name of the API Management Service in which this Authorization Server should be created. Changing this forces a new resource to be created. */ apiManagementName: pulumi.Input; /** * The OAUTH Authorization Endpoint. */ authorizationEndpoint: pulumi.Input; /** * The HTTP Verbs supported by the Authorization Endpoint. Possible values are `DELETE`, `GET`, `HEAD`, `OPTIONS`, `PATCH`, `POST`, `PUT` and `TRACE`. * * > **Note:** `GET` must always be present. */ authorizationMethods: pulumi.Input[]>; /** * The mechanism by which Access Tokens are passed to the API. Possible values are `authorizationHeader` and `query`. */ bearerTokenSendingMethods?: pulumi.Input[]>; /** * The Authentication Methods supported by the Token endpoint of this Authorization Server.. Possible values are `Basic` and `Body`. */ clientAuthenticationMethods?: pulumi.Input[]>; /** * The Client/App ID registered with this Authorization Server. */ clientId: pulumi.Input; /** * The URI of page where Client/App Registration is performed for this Authorization Server. */ clientRegistrationEndpoint: pulumi.Input; /** * The Client/App Secret registered with this Authorization Server. */ clientSecret?: pulumi.Input; /** * The Default Scope used when requesting an Access Token, specified as a string containing space-delimited values. */ defaultScope?: pulumi.Input; /** * A description of the Authorization Server, which may contain HTML formatting tags. */ description?: pulumi.Input; /** * The user-friendly name of this Authorization Server. */ displayName: pulumi.Input; /** * Form of Authorization Grants required when requesting an Access Token. Possible values are `authorizationCode`, `clientCredentials`, `implicit` and `resourceOwnerPassword`. */ grantTypes: pulumi.Input[]>; /** * The name of this Authorization Server. Changing this forces a new resource to be created. */ name?: pulumi.Input; /** * The name of the Resource Group in which the API Management Service exists. Changing this forces a new resource to be created. */ resourceGroupName: pulumi.Input; /** * The password associated with the Resource Owner. * * > **Note:** This can only be specified when `grantType` includes `resourceOwnerPassword`. */ resourceOwnerPassword?: pulumi.Input; /** * The username associated with the Resource Owner. * * > **Note:** This can only be specified when `grantType` includes `resourceOwnerPassword`. */ resourceOwnerUsername?: pulumi.Input; /** * Does this Authorization Server support State? If this is set to `true` the client may use the state parameter to raise protocol security. */ supportState?: pulumi.Input; /** * A `tokenBodyParameter` block as defined below. */ tokenBodyParameters?: pulumi.Input[]>; /** * The OAUTH Token Endpoint. */ tokenEndpoint?: pulumi.Input; }