@pulumi/azure-native

Version:

[![Slack](http://www.pulumi.com/images/docs/badges/slack.svg)](https://slack.pulumi.com) [![NPM version](https://badge.fury.io/js/%40pulumi%2Fazure-native.svg)](https://npmjs.com/package/@pulumi/azure-native) [![Python version](https://badge.fury.io/py/pu

pulumi.com

pulumi/pulumi-azure-native

271 lines (270 loc) • 12.5 kB

TypeScript

import * as pulumi from "@pulumi/pulumi"; /** * Description for Gets the Authentication/Authorization settings of an app. * * Uses Azure REST API version 2024-04-01. * * Other available API versions: 2016-08-01, 2018-02-01, 2018-11-01, 2019-08-01, 2020-06-01, 2020-09-01, 2020-10-01, 2020-12-01, 2021-01-01, 2021-01-15, 2021-02-01, 2021-03-01, 2022-03-01, 2022-09-01, 2023-01-01, 2023-12-01, 2024-11-01. These can be accessed by generating a local SDK package using the CLI command `pulumi package add azure-native web [ApiVersion]`. See the [version guide](../../../version-guide/#accessing-any-api-version-via-local-packages) for details. */ export declare function listWebAppAuthSettingsSlot(args: ListWebAppAuthSettingsSlotArgs, opts?: pulumi.InvokeOptions): Promise<ListWebAppAuthSettingsSlotResult>; export interface ListWebAppAuthSettingsSlotArgs { /** * Name of the app. */ name: string; /** * Name of the resource group to which the resource belongs. */ resourceGroupName: string; /** * Name of the deployment slot. If a slot is not specified, the API will get the settings for the production slot. */ slot: string; } /** * Configuration settings for the Azure App Service Authentication / Authorization feature. */ export interface ListWebAppAuthSettingsSlotResult { /** * Gets a JSON string containing the Azure AD Acl settings. */ readonly aadClaimsAuthorization?: string; /** * Login parameters to send to the OpenID Connect authorization endpoint when * a user logs in. Each parameter must be in the form "key=value". */ readonly additionalLoginParams?: string[]; /** * Allowed audience values to consider when validating JSON Web Tokens issued by * Azure Active Directory. Note that the <code>ClientID</code> value is always considered an * allowed audience, regardless of this setting. */ readonly allowedAudiences?: string[]; /** * External URLs that can be redirected to as part of logging in or logging out of the app. Note that the query string part of the URL is ignored. * This is an advanced setting typically only needed by Windows Store application backends. * Note that URLs within the current domain are always implicitly allowed. */ readonly allowedExternalRedirectUrls?: string[]; /** * The path of the config file containing auth settings. * If the path is relative, base will the site's root directory. */ readonly authFilePath?: string; /** * The Client ID of this relying party application, known as the client_id. * This setting is required for enabling OpenID Connection authentication with Azure Active Directory or * other 3rd party OpenID Connect providers. * More information on OpenID Connect: http://openid.net/specs/openid-connect-core-1_0.html */ readonly clientId?: string; /** * The Client Secret of this relying party application (in Azure Active Directory, this is also referred to as the Key). * This setting is optional. If no client secret is configured, the OpenID Connect implicit auth flow is used to authenticate end users. * Otherwise, the OpenID Connect Authorization Code Flow is used to authenticate end users. * More information on OpenID Connect: http://openid.net/specs/openid-connect-core-1_0.html */ readonly clientSecret?: string; /** * An alternative to the client secret, that is the thumbprint of a certificate used for signing purposes. This property acts as * a replacement for the Client Secret. It is also optional. */ readonly clientSecretCertificateThumbprint?: string; /** * The app setting name that contains the client secret of the relying party application. */ readonly clientSecretSettingName?: string; /** * The ConfigVersion of the Authentication / Authorization feature in use for the current app. * The setting in this value can control the behavior of the control plane for Authentication / Authorization. */ readonly configVersion?: string; /** * The default authentication provider to use when multiple providers are configured. * This setting is only needed if multiple providers are configured and the unauthenticated client * action is set to "RedirectToLoginPage". */ readonly defaultProvider?: string; /** * <code>true</code> if the Authentication / Authorization feature is enabled for the current app; otherwise, <code>false</code>. */ readonly enabled?: boolean; /** * The App ID of the Facebook app used for login. * This setting is required for enabling Facebook Login. * Facebook Login documentation: https://developers.facebook.com/docs/facebook-login */ readonly facebookAppId?: string; /** * The App Secret of the Facebook app used for Facebook Login. * This setting is required for enabling Facebook Login. * Facebook Login documentation: https://developers.facebook.com/docs/facebook-login */ readonly facebookAppSecret?: string; /** * The app setting name that contains the app secret used for Facebook Login. */ readonly facebookAppSecretSettingName?: string; /** * The OAuth 2.0 scopes that will be requested as part of Facebook Login authentication. * This setting is optional. * Facebook Login documentation: https://developers.facebook.com/docs/facebook-login */ readonly facebookOAuthScopes?: string[]; /** * The Client Id of the GitHub app used for login. * This setting is required for enabling Github login */ readonly gitHubClientId?: string; /** * The Client Secret of the GitHub app used for Github Login. * This setting is required for enabling Github login. */ readonly gitHubClientSecret?: string; /** * The app setting name that contains the client secret of the Github * app used for GitHub Login. */ readonly gitHubClientSecretSettingName?: string; /** * The OAuth 2.0 scopes that will be requested as part of GitHub Login authentication. * This setting is optional */ readonly gitHubOAuthScopes?: string[]; /** * The OpenID Connect Client ID for the Google web application. * This setting is required for enabling Google Sign-In. * Google Sign-In documentation: https://developers.google.com/identity/sign-in/web/ */ readonly googleClientId?: string; /** * The client secret associated with the Google web application. * This setting is required for enabling Google Sign-In. * Google Sign-In documentation: https://developers.google.com/identity/sign-in/web/ */ readonly googleClientSecret?: string; /** * The app setting name that contains the client secret associated with * the Google web application. */ readonly googleClientSecretSettingName?: string; /** * The OAuth 2.0 scopes that will be requested as part of Google Sign-In authentication. * This setting is optional. If not specified, "openid", "profile", and "email" are used as default scopes. * Google Sign-In documentation: https://developers.google.com/identity/sign-in/web/ */ readonly googleOAuthScopes?: string[]; /** * Resource Id. */ readonly id: string; /** * "true" if the auth config settings should be read from a file, * "false" otherwise */ readonly isAuthFromFile?: string; /** * The OpenID Connect Issuer URI that represents the entity which issues access tokens for this application. * When using Azure Active Directory, this value is the URI of the directory tenant, e.g. `https://sts.windows.net/{tenant-guid}/`. * This URI is a case-sensitive identifier for the token issuer. * More information on OpenID Connect Discovery: http://openid.net/specs/openid-connect-discovery-1_0.html */ readonly issuer?: string; /** * Kind of resource. */ readonly kind?: string; /** * The OAuth 2.0 client ID that was created for the app used for authentication. * This setting is required for enabling Microsoft Account authentication. * Microsoft Account OAuth documentation: https://dev.onedrive.com/auth/msa_oauth.htm */ readonly microsoftAccountClientId?: string; /** * The OAuth 2.0 client secret that was created for the app used for authentication. * This setting is required for enabling Microsoft Account authentication. * Microsoft Account OAuth documentation: https://dev.onedrive.com/auth/msa_oauth.htm */ readonly microsoftAccountClientSecret?: string; /** * The app setting name containing the OAuth 2.0 client secret that was created for the * app used for authentication. */ readonly microsoftAccountClientSecretSettingName?: string; /** * The OAuth 2.0 scopes that will be requested as part of Microsoft Account authentication. * This setting is optional. If not specified, "wl.basic" is used as the default scope. * Microsoft Account Scopes and permissions documentation: https://msdn.microsoft.com/en-us/library/dn631845.aspx */ readonly microsoftAccountOAuthScopes?: string[]; /** * Resource Name. */ readonly name: string; /** * The RuntimeVersion of the Authentication / Authorization feature in use for the current app. * The setting in this value can control the behavior of certain features in the Authentication / Authorization module. */ readonly runtimeVersion?: string; /** * The number of hours after session token expiration that a session token can be used to * call the token refresh API. The default is 72 hours. */ readonly tokenRefreshExtensionHours?: number; /** * <code>true</code> to durably store platform-specific security tokens that are obtained during login flows; otherwise, <code>false</code>. * The default is <code>false</code>. */ readonly tokenStoreEnabled?: boolean; /** * The OAuth 1.0a consumer key of the Twitter application used for sign-in. * This setting is required for enabling Twitter Sign-In. * Twitter Sign-In documentation: https://dev.twitter.com/web/sign-in */ readonly twitterConsumerKey?: string; /** * The OAuth 1.0a consumer secret of the Twitter application used for sign-in. * This setting is required for enabling Twitter Sign-In. * Twitter Sign-In documentation: https://dev.twitter.com/web/sign-in */ readonly twitterConsumerSecret?: string; /** * The app setting name that contains the OAuth 1.0a consumer secret of the Twitter * application used for sign-in. */ readonly twitterConsumerSecretSettingName?: string; /** * Resource type. */ readonly type: string; /** * The action to take when an unauthenticated client attempts to access the app. */ readonly unauthenticatedClientAction?: string; /** * Gets a value indicating whether the issuer should be a valid HTTPS url and be validated as such. */ readonly validateIssuer?: boolean; } /** * Description for Gets the Authentication/Authorization settings of an app. * * Uses Azure REST API version 2024-04-01. * * Other available API versions: 2016-08-01, 2018-02-01, 2018-11-01, 2019-08-01, 2020-06-01, 2020-09-01, 2020-10-01, 2020-12-01, 2021-01-01, 2021-01-15, 2021-02-01, 2021-03-01, 2022-03-01, 2022-09-01, 2023-01-01, 2023-12-01, 2024-11-01. These can be accessed by generating a local SDK package using the CLI command `pulumi package add azure-native web [ApiVersion]`. See the [version guide](../../../version-guide/#accessing-any-api-version-via-local-packages) for details. */ export declare function listWebAppAuthSettingsSlotOutput(args: ListWebAppAuthSettingsSlotOutputArgs, opts?: pulumi.InvokeOutputOptions): pulumi.Output<ListWebAppAuthSettingsSlotResult>; export interface ListWebAppAuthSettingsSlotOutputArgs { /** * Name of the app. */ name: pulumi.Input<string>; /** * Name of the resource group to which the resource belongs. */ resourceGroupName: pulumi.Input<string>; /** * Name of the deployment slot. If a slot is not specified, the API will get the settings for the production slot. */ slot: pulumi.Input<string>; }