fortimanager 1.13.0, Mar 13 25

fortimanager 1.13.0 published on Thursday, Mar 13, 2025 by fortinetdev

fortinetdev/terraform-provider-fortimanager

fortimanager.ObjectUserSamlDynamicMapping

Explore with Pulumi AI

fortimanager 1.13.0 published on Thursday, Mar 13, 2025 by fortinetdev

fortinetdev/terraform-provider-fortimanager

Create ObjectUserSamlDynamicMapping Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

new ObjectUserSamlDynamicMapping(name: string, args: ObjectUserSamlDynamicMappingArgs, opts?: CustomResourceOptions);

@overload
def ObjectUserSamlDynamicMapping(resource_name: str,
                                 args: ObjectUserSamlDynamicMappingInitArgs,
                                 opts: Optional[ResourceOptions] = None)

@overload
def ObjectUserSamlDynamicMapping(resource_name: str,
                                 opts: Optional[ResourceOptions] = None,
                                 saml: Optional[str] = None,
                                 digest_method: Optional[str] = None,
                                 single_sign_on_url: Optional[str] = None,
                                 auth_url: Optional[str] = None,
                                 cert: Optional[str] = None,
                                 clock_tolerance: Optional[float] = None,
                                 _scopes: Optional[Sequence[ObjectUserSamlDynamicMapping_ScopeArgs]] = None,
                                 dynamic_sort_subtable: Optional[str] = None,
                                 entity_id: Optional[str] = None,
                                 group_claim_type: Optional[str] = None,
                                 group_name: Optional[str] = None,
                                 user_name: Optional[str] = None,
                                 adom: Optional[str] = None,
                                 limit_relaystate: Optional[str] = None,
                                 idp_single_sign_on_url: Optional[str] = None,
                                 idp_single_logout_url: Optional[str] = None,
                                 object_user_saml_dynamic_mapping_id: Optional[str] = None,
                                 reauth: Optional[str] = None,
                                 adfs_claim: Optional[str] = None,
                                 scim_clients: Optional[Sequence[str]] = None,
                                 scopetype: Optional[str] = None,
                                 single_logout_url: Optional[str] = None,
                                 idp_entity_id: Optional[str] = None,
                                 user_claim_type: Optional[str] = None,
                                 idp_cert: Optional[str] = None)

func NewObjectUserSamlDynamicMapping(ctx *Context, name string, args ObjectUserSamlDynamicMappingArgs, opts ...ResourceOption) (*ObjectUserSamlDynamicMapping, error)

public ObjectUserSamlDynamicMapping(string name, ObjectUserSamlDynamicMappingArgs args, CustomResourceOptions? opts = null)

public ObjectUserSamlDynamicMapping(String name, ObjectUserSamlDynamicMappingArgs args)
public ObjectUserSamlDynamicMapping(String name, ObjectUserSamlDynamicMappingArgs args, CustomResourceOptions options)

type: fortimanager:ObjectUserSamlDynamicMapping
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name string: The unique name of the resource.
args ObjectUserSamlDynamicMappingArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args ObjectUserSamlDynamicMappingInitArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args ObjectUserSamlDynamicMappingArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args ObjectUserSamlDynamicMappingArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args ObjectUserSamlDynamicMappingArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

Constructor example

The following reference example uses placeholder values for all input properties.

TypeScript
Python
Go
C#
Java
YAML

var objectUserSamlDynamicMappingResource = new Fortimanager.ObjectUserSamlDynamicMapping("objectUserSamlDynamicMappingResource", new()
{
    Saml = "string",
    DigestMethod = "string",
    SingleSignOnUrl = "string",
    AuthUrl = "string",
    Cert = "string",
    ClockTolerance = 0,
    _scopes = new[]
    {
        new Fortimanager.Inputs.ObjectUserSamlDynamicMapping_ScopeArgs
        {
            Name = "string",
            Vdom = "string",
        },
    },
    DynamicSortSubtable = "string",
    EntityId = "string",
    GroupClaimType = "string",
    GroupName = "string",
    UserName = "string",
    Adom = "string",
    LimitRelaystate = "string",
    IdpSingleSignOnUrl = "string",
    IdpSingleLogoutUrl = "string",
    ObjectUserSamlDynamicMappingId = "string",
    Reauth = "string",
    AdfsClaim = "string",
    ScimClients = new[]
    {
        "string",
    },
    Scopetype = "string",
    SingleLogoutUrl = "string",
    IdpEntityId = "string",
    UserClaimType = "string",
    IdpCert = "string",
});

example, err := fortimanager.NewObjectUserSamlDynamicMapping(ctx, "objectUserSamlDynamicMappingResource", &fortimanager.ObjectUserSamlDynamicMappingArgs{
Saml: pulumi.String("string"),
DigestMethod: pulumi.String("string"),
SingleSignOnUrl: pulumi.String("string"),
AuthUrl: pulumi.String("string"),
Cert: pulumi.String("string"),
ClockTolerance: pulumi.Float64(0),
_scopes: .ObjectUserSamlDynamicMapping_ScopeArray{
&.ObjectUserSamlDynamicMapping_ScopeArgs{
Name: pulumi.String("string"),
Vdom: pulumi.String("string"),
},
},
DynamicSortSubtable: pulumi.String("string"),
EntityId: pulumi.String("string"),
GroupClaimType: pulumi.String("string"),
GroupName: pulumi.String("string"),
UserName: pulumi.String("string"),
Adom: pulumi.String("string"),
LimitRelaystate: pulumi.String("string"),
IdpSingleSignOnUrl: pulumi.String("string"),
IdpSingleLogoutUrl: pulumi.String("string"),
ObjectUserSamlDynamicMappingId: pulumi.String("string"),
Reauth: pulumi.String("string"),
AdfsClaim: pulumi.String("string"),
ScimClients: pulumi.StringArray{
pulumi.String("string"),
},
Scopetype: pulumi.String("string"),
SingleLogoutUrl: pulumi.String("string"),
IdpEntityId: pulumi.String("string"),
UserClaimType: pulumi.String("string"),
IdpCert: pulumi.String("string"),
})

var objectUserSamlDynamicMappingResource = new ObjectUserSamlDynamicMapping("objectUserSamlDynamicMappingResource", ObjectUserSamlDynamicMappingArgs.builder()
    .saml("string")
    .digestMethod("string")
    .singleSignOnUrl("string")
    .authUrl("string")
    .cert("string")
    .clockTolerance(0)
    ._scopes(ObjectUserSamlDynamicMapping_ScopeArgs.builder()
        .name("string")
        .vdom("string")
        .build())
    .dynamicSortSubtable("string")
    .entityId("string")
    .groupClaimType("string")
    .groupName("string")
    .userName("string")
    .adom("string")
    .limitRelaystate("string")
    .idpSingleSignOnUrl("string")
    .idpSingleLogoutUrl("string")
    .objectUserSamlDynamicMappingId("string")
    .reauth("string")
    .adfsClaim("string")
    .scimClients("string")
    .scopetype("string")
    .singleLogoutUrl("string")
    .idpEntityId("string")
    .userClaimType("string")
    .idpCert("string")
    .build());

object_user_saml_dynamic_mapping_resource = fortimanager.ObjectUserSamlDynamicMapping("objectUserSamlDynamicMappingResource",
    saml="string",
    digest_method="string",
    single_sign_on_url="string",
    auth_url="string",
    cert="string",
    clock_tolerance=0,
    _scopes=[{
        "name": "string",
        "vdom": "string",
    }],
    dynamic_sort_subtable="string",
    entity_id="string",
    group_claim_type="string",
    group_name="string",
    user_name="string",
    adom="string",
    limit_relaystate="string",
    idp_single_sign_on_url="string",
    idp_single_logout_url="string",
    object_user_saml_dynamic_mapping_id="string",
    reauth="string",
    adfs_claim="string",
    scim_clients=["string"],
    scopetype="string",
    single_logout_url="string",
    idp_entity_id="string",
    user_claim_type="string",
    idp_cert="string")

const objectUserSamlDynamicMappingResource = new fortimanager.ObjectUserSamlDynamicMapping("objectUserSamlDynamicMappingResource", {
    saml: "string",
    digestMethod: "string",
    singleSignOnUrl: "string",
    authUrl: "string",
    cert: "string",
    clockTolerance: 0,
    _scopes: [{
        name: "string",
        vdom: "string",
    }],
    dynamicSortSubtable: "string",
    entityId: "string",
    groupClaimType: "string",
    groupName: "string",
    userName: "string",
    adom: "string",
    limitRelaystate: "string",
    idpSingleSignOnUrl: "string",
    idpSingleLogoutUrl: "string",
    objectUserSamlDynamicMappingId: "string",
    reauth: "string",
    adfsClaim: "string",
    scimClients: ["string"],
    scopetype: "string",
    singleLogoutUrl: "string",
    idpEntityId: "string",
    userClaimType: "string",
    idpCert: "string",
});

type: fortimanager:ObjectUserSamlDynamicMapping
properties:
    _scopes:
        - name: string
          vdom: string
    adfsClaim: string
    adom: string
    authUrl: string
    cert: string
    clockTolerance: 0
    digestMethod: string
    dynamicSortSubtable: string
    entityId: string
    groupClaimType: string
    groupName: string
    idpCert: string
    idpEntityId: string
    idpSingleLogoutUrl: string
    idpSingleSignOnUrl: string
    limitRelaystate: string
    objectUserSamlDynamicMappingId: string
    reauth: string
    saml: string
    scimClients:
        - string
    scopetype: string
    singleLogoutUrl: string
    singleSignOnUrl: string
    userClaimType: string
    userName: string

ObjectUserSamlDynamicMapping Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

The ObjectUserSamlDynamicMapping resource accepts the following input properties:

Saml string: Saml.
AdfsClaim string: Enable/disable ADFS Claim for user/group attribute in assertion statement (default = disable). Valid values: disable, enable.
Adom string: Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
AuthUrl string: URL to verify authentication.
Cert string: Certificate to sign SAML messages.
ClockTolerance double: Clock skew tolerance in seconds (0 - 300, default = 15, 0 = no tolerance).
DigestMethod string: Digest method algorithm (default = sha1). Valid values: sha1, sha256.
DynamicSortSubtable string: true or false, set this parameter to true when using dynamic for_each + toset to configure and sort sub-tables, please do not set this parameter when configuring static sub-tables.
EntityId string: SP entity ID.
GroupClaimType string: Group claim in assertion statement. Valid values: email, given-name, name, upn, common-name, email-adfs-1x, group, upn-adfs-1x, role, sur-name, ppid, name-identifier, authentication-method, deny-only-group-sid, deny-only-primary-sid, deny-only-primary-group-sid, group-sid, primary-group-sid, primary-sid, windows-account-name.
GroupName string: Group name in assertion statement.
IdpCert string: IDP Certificate name.
IdpEntityId string: IDP entity ID.
IdpSingleLogoutUrl string: IDP single logout url.
IdpSingleSignOnUrl string: IDP single sign-on URL.
LimitRelaystate string: Enable/disable limiting of relay-state parameter when it exceeds SAML 2.0 specification limits (80 bytes). Valid values: disable, enable.
ObjectUserSamlDynamicMappingId string: an identifier for the resource with format "{{_scope.name}} {{_scope.vdom}}".
Reauth string: Enable/disable signalling of IDP to force user re-authentication (default = disable). Valid values: disable, enable.
ScimClients List<string>: SCIM client name.
Scopetype string: The scope of application of the resource. Valid values: inherit, adom, global. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
SingleLogoutUrl string: SP single logout URL.
SingleSignOnUrl string: SP single sign-on URL.
UserClaimType string: User name claim in assertion statement. Valid values: email, given-name, name, upn, common-name, email-adfs-1x, group, upn-adfs-1x, role, sur-name, ppid, name-identifier, authentication-method, deny-only-group-sid, deny-only-primary-sid, deny-only-primary-group-sid, group-sid, primary-group-sid, primary-sid, windows-account-name.
UserName string: User name in assertion statement.
_scopes List<ObjectUserSamlDynamicMapping_Scope>: _Scope. The structure of _scope block is documented below.

Saml string: Saml.
AdfsClaim string: Enable/disable ADFS Claim for user/group attribute in assertion statement (default = disable). Valid values: disable, enable.
Adom string: Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
AuthUrl string: URL to verify authentication.
Cert string: Certificate to sign SAML messages.
ClockTolerance float64: Clock skew tolerance in seconds (0 - 300, default = 15, 0 = no tolerance).
DigestMethod string: Digest method algorithm (default = sha1). Valid values: sha1, sha256.
DynamicSortSubtable string: true or false, set this parameter to true when using dynamic for_each + toset to configure and sort sub-tables, please do not set this parameter when configuring static sub-tables.
EntityId string: SP entity ID.
GroupClaimType string: Group claim in assertion statement. Valid values: email, given-name, name, upn, common-name, email-adfs-1x, group, upn-adfs-1x, role, sur-name, ppid, name-identifier, authentication-method, deny-only-group-sid, deny-only-primary-sid, deny-only-primary-group-sid, group-sid, primary-group-sid, primary-sid, windows-account-name.
GroupName string: Group name in assertion statement.
IdpCert string: IDP Certificate name.
IdpEntityId string: IDP entity ID.
IdpSingleLogoutUrl string: IDP single logout url.
IdpSingleSignOnUrl string: IDP single sign-on URL.
LimitRelaystate string: Enable/disable limiting of relay-state parameter when it exceeds SAML 2.0 specification limits (80 bytes). Valid values: disable, enable.
ObjectUserSamlDynamicMappingId string: an identifier for the resource with format "{{_scope.name}} {{_scope.vdom}}".
Reauth string: Enable/disable signalling of IDP to force user re-authentication (default = disable). Valid values: disable, enable.
ScimClients []string: SCIM client name.
Scopetype string: The scope of application of the resource. Valid values: inherit, adom, global. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
SingleLogoutUrl string: SP single logout URL.
SingleSignOnUrl string: SP single sign-on URL.
UserClaimType string: User name claim in assertion statement. Valid values: email, given-name, name, upn, common-name, email-adfs-1x, group, upn-adfs-1x, role, sur-name, ppid, name-identifier, authentication-method, deny-only-group-sid, deny-only-primary-sid, deny-only-primary-group-sid, group-sid, primary-group-sid, primary-sid, windows-account-name.
UserName string: User name in assertion statement.
_scopes []ObjectUserSamlDynamicMapping_ScopeArgs: _Scope. The structure of _scope block is documented below.

saml String: Saml.
_scopes List<ObjectUserSamlDynamicMapping_Scope>: _Scope. The structure of _scope block is documented below.
adfsClaim String: Enable/disable ADFS Claim for user/group attribute in assertion statement (default = disable). Valid values: disable, enable.
adom String: Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
authUrl String: URL to verify authentication.
cert String: Certificate to sign SAML messages.
clockTolerance Double: Clock skew tolerance in seconds (0 - 300, default = 15, 0 = no tolerance).
digestMethod String: Digest method algorithm (default = sha1). Valid values: sha1, sha256.
dynamicSortSubtable String: true or false, set this parameter to true when using dynamic for_each + toset to configure and sort sub-tables, please do not set this parameter when configuring static sub-tables.
entityId String: SP entity ID.
groupClaimType String: Group claim in assertion statement. Valid values: email, given-name, name, upn, common-name, email-adfs-1x, group, upn-adfs-1x, role, sur-name, ppid, name-identifier, authentication-method, deny-only-group-sid, deny-only-primary-sid, deny-only-primary-group-sid, group-sid, primary-group-sid, primary-sid, windows-account-name.
groupName String: Group name in assertion statement.
idpCert String: IDP Certificate name.
idpEntityId String: IDP entity ID.
idpSingleLogoutUrl String: IDP single logout url.
idpSingleSignOnUrl String: IDP single sign-on URL.
limitRelaystate String: Enable/disable limiting of relay-state parameter when it exceeds SAML 2.0 specification limits (80 bytes). Valid values: disable, enable.
objectUserSamlDynamicMappingId String: an identifier for the resource with format "{{_scope.name}} {{_scope.vdom}}".
reauth String: Enable/disable signalling of IDP to force user re-authentication (default = disable). Valid values: disable, enable.
scimClients List<String>: SCIM client name.
scopetype String: The scope of application of the resource. Valid values: inherit, adom, global. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
singleLogoutUrl String: SP single logout URL.
singleSignOnUrl String: SP single sign-on URL.
userClaimType String: User name claim in assertion statement. Valid values: email, given-name, name, upn, common-name, email-adfs-1x, group, upn-adfs-1x, role, sur-name, ppid, name-identifier, authentication-method, deny-only-group-sid, deny-only-primary-sid, deny-only-primary-group-sid, group-sid, primary-group-sid, primary-sid, windows-account-name.
userName String: User name in assertion statement.

saml string: Saml.
_scopes ObjectUserSamlDynamicMapping_Scope[]: _Scope. The structure of _scope block is documented below.
adfsClaim string: Enable/disable ADFS Claim for user/group attribute in assertion statement (default = disable). Valid values: disable, enable.
adom string: Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
authUrl string: URL to verify authentication.
cert string: Certificate to sign SAML messages.
clockTolerance number: Clock skew tolerance in seconds (0 - 300, default = 15, 0 = no tolerance).
digestMethod string: Digest method algorithm (default = sha1). Valid values: sha1, sha256.
dynamicSortSubtable string: true or false, set this parameter to true when using dynamic for_each + toset to configure and sort sub-tables, please do not set this parameter when configuring static sub-tables.
entityId string: SP entity ID.
groupClaimType string: Group claim in assertion statement. Valid values: email, given-name, name, upn, common-name, email-adfs-1x, group, upn-adfs-1x, role, sur-name, ppid, name-identifier, authentication-method, deny-only-group-sid, deny-only-primary-sid, deny-only-primary-group-sid, group-sid, primary-group-sid, primary-sid, windows-account-name.
groupName string: Group name in assertion statement.
idpCert string: IDP Certificate name.
idpEntityId string: IDP entity ID.
idpSingleLogoutUrl string: IDP single logout url.
idpSingleSignOnUrl string: IDP single sign-on URL.
limitRelaystate string: Enable/disable limiting of relay-state parameter when it exceeds SAML 2.0 specification limits (80 bytes). Valid values: disable, enable.
objectUserSamlDynamicMappingId string: an identifier for the resource with format "{{_scope.name}} {{_scope.vdom}}".
reauth string: Enable/disable signalling of IDP to force user re-authentication (default = disable). Valid values: disable, enable.
scimClients string[]: SCIM client name.
scopetype string: The scope of application of the resource. Valid values: inherit, adom, global. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
singleLogoutUrl string: SP single logout URL.
singleSignOnUrl string: SP single sign-on URL.
userClaimType string: User name claim in assertion statement. Valid values: email, given-name, name, upn, common-name, email-adfs-1x, group, upn-adfs-1x, role, sur-name, ppid, name-identifier, authentication-method, deny-only-group-sid, deny-only-primary-sid, deny-only-primary-group-sid, group-sid, primary-group-sid, primary-sid, windows-account-name.
userName string: User name in assertion statement.

saml str: Saml.
_scopes Sequence[ObjectUserSamlDynamicMapping_ScopeArgs]: _Scope. The structure of _scope block is documented below.
adfs_claim str: Enable/disable ADFS Claim for user/group attribute in assertion statement (default = disable). Valid values: disable, enable.
adom str: Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
auth_url str: URL to verify authentication.
cert str: Certificate to sign SAML messages.
clock_tolerance float: Clock skew tolerance in seconds (0 - 300, default = 15, 0 = no tolerance).
digest_method str: Digest method algorithm (default = sha1). Valid values: sha1, sha256.
dynamic_sort_subtable str: true or false, set this parameter to true when using dynamic for_each + toset to configure and sort sub-tables, please do not set this parameter when configuring static sub-tables.
entity_id str: SP entity ID.
group_claim_type str: Group claim in assertion statement. Valid values: email, given-name, name, upn, common-name, email-adfs-1x, group, upn-adfs-1x, role, sur-name, ppid, name-identifier, authentication-method, deny-only-group-sid, deny-only-primary-sid, deny-only-primary-group-sid, group-sid, primary-group-sid, primary-sid, windows-account-name.
group_name str: Group name in assertion statement.
idp_cert str: IDP Certificate name.
idp_entity_id str: IDP entity ID.
idp_single_logout_url str: IDP single logout url.
idp_single_sign_on_url str: IDP single sign-on URL.
limit_relaystate str: Enable/disable limiting of relay-state parameter when it exceeds SAML 2.0 specification limits (80 bytes). Valid values: disable, enable.
object_user_saml_dynamic_mapping_id str: an identifier for the resource with format "{{_scope.name}} {{_scope.vdom}}".
reauth str: Enable/disable signalling of IDP to force user re-authentication (default = disable). Valid values: disable, enable.
scim_clients Sequence[str]: SCIM client name.
scopetype str: The scope of application of the resource. Valid values: inherit, adom, global. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
single_logout_url str: SP single logout URL.
single_sign_on_url str: SP single sign-on URL.
user_claim_type str: User name claim in assertion statement. Valid values: email, given-name, name, upn, common-name, email-adfs-1x, group, upn-adfs-1x, role, sur-name, ppid, name-identifier, authentication-method, deny-only-group-sid, deny-only-primary-sid, deny-only-primary-group-sid, group-sid, primary-group-sid, primary-sid, windows-account-name.
user_name str: User name in assertion statement.

saml String: Saml.
_scopes List<Property Map>: _Scope. The structure of _scope block is documented below.
adfsClaim String: Enable/disable ADFS Claim for user/group attribute in assertion statement (default = disable). Valid values: disable, enable.
adom String: Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
authUrl String: URL to verify authentication.
cert String: Certificate to sign SAML messages.
clockTolerance Number: Clock skew tolerance in seconds (0 - 300, default = 15, 0 = no tolerance).
digestMethod String: Digest method algorithm (default = sha1). Valid values: sha1, sha256.
dynamicSortSubtable String: true or false, set this parameter to true when using dynamic for_each + toset to configure and sort sub-tables, please do not set this parameter when configuring static sub-tables.
entityId String: SP entity ID.
groupClaimType String: Group claim in assertion statement. Valid values: email, given-name, name, upn, common-name, email-adfs-1x, group, upn-adfs-1x, role, sur-name, ppid, name-identifier, authentication-method, deny-only-group-sid, deny-only-primary-sid, deny-only-primary-group-sid, group-sid, primary-group-sid, primary-sid, windows-account-name.
groupName String: Group name in assertion statement.
idpCert String: IDP Certificate name.
idpEntityId String: IDP entity ID.
idpSingleLogoutUrl String: IDP single logout url.
idpSingleSignOnUrl String: IDP single sign-on URL.
limitRelaystate String: Enable/disable limiting of relay-state parameter when it exceeds SAML 2.0 specification limits (80 bytes). Valid values: disable, enable.
objectUserSamlDynamicMappingId String: an identifier for the resource with format "{{_scope.name}} {{_scope.vdom}}".
reauth String: Enable/disable signalling of IDP to force user re-authentication (default = disable). Valid values: disable, enable.
scimClients List<String>: SCIM client name.
scopetype String: The scope of application of the resource. Valid values: inherit, adom, global. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
singleLogoutUrl String: SP single logout URL.
singleSignOnUrl String: SP single sign-on URL.
userClaimType String: User name claim in assertion statement. Valid values: email, given-name, name, upn, common-name, email-adfs-1x, group, upn-adfs-1x, role, sur-name, ppid, name-identifier, authentication-method, deny-only-group-sid, deny-only-primary-sid, deny-only-primary-group-sid, group-sid, primary-group-sid, primary-sid, windows-account-name.
userName String: User name in assertion statement.

Outputs

All input properties are implicitly available as output properties. Additionally, the ObjectUserSamlDynamicMapping resource produces the following output properties:

Id string: The provider-assigned unique ID for this managed resource.

Id string: The provider-assigned unique ID for this managed resource.

id String: The provider-assigned unique ID for this managed resource.

id string: The provider-assigned unique ID for this managed resource.

id str: The provider-assigned unique ID for this managed resource.

id String: The provider-assigned unique ID for this managed resource.

Look up Existing ObjectUserSamlDynamicMapping Resource

Get an existing ObjectUserSamlDynamicMapping resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

TypeScript
Python
Go
C#
Java
YAML

public static get(name: string, id: Input<ID>, state?: ObjectUserSamlDynamicMappingState, opts?: CustomResourceOptions): ObjectUserSamlDynamicMapping

@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        _scopes: Optional[Sequence[ObjectUserSamlDynamicMapping_ScopeArgs]] = None,
        adfs_claim: Optional[str] = None,
        adom: Optional[str] = None,
        auth_url: Optional[str] = None,
        cert: Optional[str] = None,
        clock_tolerance: Optional[float] = None,
        digest_method: Optional[str] = None,
        dynamic_sort_subtable: Optional[str] = None,
        entity_id: Optional[str] = None,
        group_claim_type: Optional[str] = None,
        group_name: Optional[str] = None,
        idp_cert: Optional[str] = None,
        idp_entity_id: Optional[str] = None,
        idp_single_logout_url: Optional[str] = None,
        idp_single_sign_on_url: Optional[str] = None,
        limit_relaystate: Optional[str] = None,
        object_user_saml_dynamic_mapping_id: Optional[str] = None,
        reauth: Optional[str] = None,
        saml: Optional[str] = None,
        scim_clients: Optional[Sequence[str]] = None,
        scopetype: Optional[str] = None,
        single_logout_url: Optional[str] = None,
        single_sign_on_url: Optional[str] = None,
        user_claim_type: Optional[str] = None,
        user_name: Optional[str] = None) -> ObjectUserSamlDynamicMapping

func GetObjectUserSamlDynamicMapping(ctx *Context, name string, id IDInput, state *ObjectUserSamlDynamicMappingState, opts ...ResourceOption) (*ObjectUserSamlDynamicMapping, error)

public static ObjectUserSamlDynamicMapping Get(string name, Input<string> id, ObjectUserSamlDynamicMappingState? state, CustomResourceOptions? opts = null)

public static ObjectUserSamlDynamicMapping get(String name, Output<String> id, ObjectUserSamlDynamicMappingState state, CustomResourceOptions options)

resources:  _:    type: fortimanager:ObjectUserSamlDynamicMapping    get:      id: ${id}

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

AdfsClaim string: Enable/disable ADFS Claim for user/group attribute in assertion statement (default = disable). Valid values: disable, enable.
Adom string: Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
AuthUrl string: URL to verify authentication.
Cert string: Certificate to sign SAML messages.
ClockTolerance double: Clock skew tolerance in seconds (0 - 300, default = 15, 0 = no tolerance).
DigestMethod string: Digest method algorithm (default = sha1). Valid values: sha1, sha256.
DynamicSortSubtable string: true or false, set this parameter to true when using dynamic for_each + toset to configure and sort sub-tables, please do not set this parameter when configuring static sub-tables.
EntityId string: SP entity ID.
GroupClaimType string: Group claim in assertion statement. Valid values: email, given-name, name, upn, common-name, email-adfs-1x, group, upn-adfs-1x, role, sur-name, ppid, name-identifier, authentication-method, deny-only-group-sid, deny-only-primary-sid, deny-only-primary-group-sid, group-sid, primary-group-sid, primary-sid, windows-account-name.
GroupName string: Group name in assertion statement.
IdpCert string: IDP Certificate name.
IdpEntityId string: IDP entity ID.
IdpSingleLogoutUrl string: IDP single logout url.
IdpSingleSignOnUrl string: IDP single sign-on URL.
LimitRelaystate string: Enable/disable limiting of relay-state parameter when it exceeds SAML 2.0 specification limits (80 bytes). Valid values: disable, enable.
ObjectUserSamlDynamicMappingId string: an identifier for the resource with format "{{_scope.name}} {{_scope.vdom}}".
Reauth string: Enable/disable signalling of IDP to force user re-authentication (default = disable). Valid values: disable, enable.
Saml string: Saml.
ScimClients List<string>: SCIM client name.
Scopetype string: The scope of application of the resource. Valid values: inherit, adom, global. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
SingleLogoutUrl string: SP single logout URL.
SingleSignOnUrl string: SP single sign-on URL.
UserClaimType string: User name claim in assertion statement. Valid values: email, given-name, name, upn, common-name, email-adfs-1x, group, upn-adfs-1x, role, sur-name, ppid, name-identifier, authentication-method, deny-only-group-sid, deny-only-primary-sid, deny-only-primary-group-sid, group-sid, primary-group-sid, primary-sid, windows-account-name.
UserName string: User name in assertion statement.
_scopes List<ObjectUserSamlDynamicMapping_Scope>: _Scope. The structure of _scope block is documented below.

AdfsClaim string: Enable/disable ADFS Claim for user/group attribute in assertion statement (default = disable). Valid values: disable, enable.
Adom string: Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
AuthUrl string: URL to verify authentication.
Cert string: Certificate to sign SAML messages.
ClockTolerance float64: Clock skew tolerance in seconds (0 - 300, default = 15, 0 = no tolerance).
DigestMethod string: Digest method algorithm (default = sha1). Valid values: sha1, sha256.
DynamicSortSubtable string: true or false, set this parameter to true when using dynamic for_each + toset to configure and sort sub-tables, please do not set this parameter when configuring static sub-tables.
EntityId string: SP entity ID.
GroupClaimType string: Group claim in assertion statement. Valid values: email, given-name, name, upn, common-name, email-adfs-1x, group, upn-adfs-1x, role, sur-name, ppid, name-identifier, authentication-method, deny-only-group-sid, deny-only-primary-sid, deny-only-primary-group-sid, group-sid, primary-group-sid, primary-sid, windows-account-name.
GroupName string: Group name in assertion statement.
IdpCert string: IDP Certificate name.
IdpEntityId string: IDP entity ID.
IdpSingleLogoutUrl string: IDP single logout url.
IdpSingleSignOnUrl string: IDP single sign-on URL.
LimitRelaystate string: Enable/disable limiting of relay-state parameter when it exceeds SAML 2.0 specification limits (80 bytes). Valid values: disable, enable.
ObjectUserSamlDynamicMappingId string: an identifier for the resource with format "{{_scope.name}} {{_scope.vdom}}".
Reauth string: Enable/disable signalling of IDP to force user re-authentication (default = disable). Valid values: disable, enable.
Saml string: Saml.
ScimClients []string: SCIM client name.
Scopetype string: The scope of application of the resource. Valid values: inherit, adom, global. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
SingleLogoutUrl string: SP single logout URL.
SingleSignOnUrl string: SP single sign-on URL.
UserClaimType string: User name claim in assertion statement. Valid values: email, given-name, name, upn, common-name, email-adfs-1x, group, upn-adfs-1x, role, sur-name, ppid, name-identifier, authentication-method, deny-only-group-sid, deny-only-primary-sid, deny-only-primary-group-sid, group-sid, primary-group-sid, primary-sid, windows-account-name.
UserName string: User name in assertion statement.
_scopes []ObjectUserSamlDynamicMapping_ScopeArgs: _Scope. The structure of _scope block is documented below.

_scopes List<ObjectUserSamlDynamicMapping_Scope>: _Scope. The structure of _scope block is documented below.
adfsClaim String: Enable/disable ADFS Claim for user/group attribute in assertion statement (default = disable). Valid values: disable, enable.
adom String: Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
authUrl String: URL to verify authentication.
cert String: Certificate to sign SAML messages.
clockTolerance Double: Clock skew tolerance in seconds (0 - 300, default = 15, 0 = no tolerance).
digestMethod String: Digest method algorithm (default = sha1). Valid values: sha1, sha256.
dynamicSortSubtable String: true or false, set this parameter to true when using dynamic for_each + toset to configure and sort sub-tables, please do not set this parameter when configuring static sub-tables.
entityId String: SP entity ID.
groupClaimType String: Group claim in assertion statement. Valid values: email, given-name, name, upn, common-name, email-adfs-1x, group, upn-adfs-1x, role, sur-name, ppid, name-identifier, authentication-method, deny-only-group-sid, deny-only-primary-sid, deny-only-primary-group-sid, group-sid, primary-group-sid, primary-sid, windows-account-name.
groupName String: Group name in assertion statement.
idpCert String: IDP Certificate name.
idpEntityId String: IDP entity ID.
idpSingleLogoutUrl String: IDP single logout url.
idpSingleSignOnUrl String: IDP single sign-on URL.
limitRelaystate String: Enable/disable limiting of relay-state parameter when it exceeds SAML 2.0 specification limits (80 bytes). Valid values: disable, enable.
objectUserSamlDynamicMappingId String: an identifier for the resource with format "{{_scope.name}} {{_scope.vdom}}".
reauth String: Enable/disable signalling of IDP to force user re-authentication (default = disable). Valid values: disable, enable.
saml String: Saml.
scimClients List<String>: SCIM client name.
scopetype String: The scope of application of the resource. Valid values: inherit, adom, global. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
singleLogoutUrl String: SP single logout URL.
singleSignOnUrl String: SP single sign-on URL.
userClaimType String: User name claim in assertion statement. Valid values: email, given-name, name, upn, common-name, email-adfs-1x, group, upn-adfs-1x, role, sur-name, ppid, name-identifier, authentication-method, deny-only-group-sid, deny-only-primary-sid, deny-only-primary-group-sid, group-sid, primary-group-sid, primary-sid, windows-account-name.
userName String: User name in assertion statement.

_scopes ObjectUserSamlDynamicMapping_Scope[]: _Scope. The structure of _scope block is documented below.
adfsClaim string: Enable/disable ADFS Claim for user/group attribute in assertion statement (default = disable). Valid values: disable, enable.
adom string: Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
authUrl string: URL to verify authentication.
cert string: Certificate to sign SAML messages.
clockTolerance number: Clock skew tolerance in seconds (0 - 300, default = 15, 0 = no tolerance).
digestMethod string: Digest method algorithm (default = sha1). Valid values: sha1, sha256.
dynamicSortSubtable string: true or false, set this parameter to true when using dynamic for_each + toset to configure and sort sub-tables, please do not set this parameter when configuring static sub-tables.
entityId string: SP entity ID.
groupClaimType string: Group claim in assertion statement. Valid values: email, given-name, name, upn, common-name, email-adfs-1x, group, upn-adfs-1x, role, sur-name, ppid, name-identifier, authentication-method, deny-only-group-sid, deny-only-primary-sid, deny-only-primary-group-sid, group-sid, primary-group-sid, primary-sid, windows-account-name.
groupName string: Group name in assertion statement.
idpCert string: IDP Certificate name.
idpEntityId string: IDP entity ID.
idpSingleLogoutUrl string: IDP single logout url.
idpSingleSignOnUrl string: IDP single sign-on URL.
limitRelaystate string: Enable/disable limiting of relay-state parameter when it exceeds SAML 2.0 specification limits (80 bytes). Valid values: disable, enable.
objectUserSamlDynamicMappingId string: an identifier for the resource with format "{{_scope.name}} {{_scope.vdom}}".
reauth string: Enable/disable signalling of IDP to force user re-authentication (default = disable). Valid values: disable, enable.
saml string: Saml.
scimClients string[]: SCIM client name.
scopetype string: The scope of application of the resource. Valid values: inherit, adom, global. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
singleLogoutUrl string: SP single logout URL.
singleSignOnUrl string: SP single sign-on URL.
userClaimType string: User name claim in assertion statement. Valid values: email, given-name, name, upn, common-name, email-adfs-1x, group, upn-adfs-1x, role, sur-name, ppid, name-identifier, authentication-method, deny-only-group-sid, deny-only-primary-sid, deny-only-primary-group-sid, group-sid, primary-group-sid, primary-sid, windows-account-name.
userName string: User name in assertion statement.

_scopes Sequence[ObjectUserSamlDynamicMapping_ScopeArgs]: _Scope. The structure of _scope block is documented below.
adfs_claim str: Enable/disable ADFS Claim for user/group attribute in assertion statement (default = disable). Valid values: disable, enable.
adom str: Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
auth_url str: URL to verify authentication.
cert str: Certificate to sign SAML messages.
clock_tolerance float: Clock skew tolerance in seconds (0 - 300, default = 15, 0 = no tolerance).
digest_method str: Digest method algorithm (default = sha1). Valid values: sha1, sha256.
dynamic_sort_subtable str: true or false, set this parameter to true when using dynamic for_each + toset to configure and sort sub-tables, please do not set this parameter when configuring static sub-tables.
entity_id str: SP entity ID.
group_claim_type str: Group claim in assertion statement. Valid values: email, given-name, name, upn, common-name, email-adfs-1x, group, upn-adfs-1x, role, sur-name, ppid, name-identifier, authentication-method, deny-only-group-sid, deny-only-primary-sid, deny-only-primary-group-sid, group-sid, primary-group-sid, primary-sid, windows-account-name.
group_name str: Group name in assertion statement.
idp_cert str: IDP Certificate name.
idp_entity_id str: IDP entity ID.
idp_single_logout_url str: IDP single logout url.
idp_single_sign_on_url str: IDP single sign-on URL.
limit_relaystate str: Enable/disable limiting of relay-state parameter when it exceeds SAML 2.0 specification limits (80 bytes). Valid values: disable, enable.
object_user_saml_dynamic_mapping_id str: an identifier for the resource with format "{{_scope.name}} {{_scope.vdom}}".
reauth str: Enable/disable signalling of IDP to force user re-authentication (default = disable). Valid values: disable, enable.
saml str: Saml.
scim_clients Sequence[str]: SCIM client name.
scopetype str: The scope of application of the resource. Valid values: inherit, adom, global. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
single_logout_url str: SP single logout URL.
single_sign_on_url str: SP single sign-on URL.
user_claim_type str: User name claim in assertion statement. Valid values: email, given-name, name, upn, common-name, email-adfs-1x, group, upn-adfs-1x, role, sur-name, ppid, name-identifier, authentication-method, deny-only-group-sid, deny-only-primary-sid, deny-only-primary-group-sid, group-sid, primary-group-sid, primary-sid, windows-account-name.
user_name str: User name in assertion statement.

_scopes List<Property Map>: _Scope. The structure of _scope block is documented below.
adfsClaim String: Enable/disable ADFS Claim for user/group attribute in assertion statement (default = disable). Valid values: disable, enable.
adom String: Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
authUrl String: URL to verify authentication.
cert String: Certificate to sign SAML messages.
clockTolerance Number: Clock skew tolerance in seconds (0 - 300, default = 15, 0 = no tolerance).
digestMethod String: Digest method algorithm (default = sha1). Valid values: sha1, sha256.
dynamicSortSubtable String: true or false, set this parameter to true when using dynamic for_each + toset to configure and sort sub-tables, please do not set this parameter when configuring static sub-tables.
entityId String: SP entity ID.
groupClaimType String: Group claim in assertion statement. Valid values: email, given-name, name, upn, common-name, email-adfs-1x, group, upn-adfs-1x, role, sur-name, ppid, name-identifier, authentication-method, deny-only-group-sid, deny-only-primary-sid, deny-only-primary-group-sid, group-sid, primary-group-sid, primary-sid, windows-account-name.
groupName String: Group name in assertion statement.
idpCert String: IDP Certificate name.
idpEntityId String: IDP entity ID.
idpSingleLogoutUrl String: IDP single logout url.
idpSingleSignOnUrl String: IDP single sign-on URL.
limitRelaystate String: Enable/disable limiting of relay-state parameter when it exceeds SAML 2.0 specification limits (80 bytes). Valid values: disable, enable.
objectUserSamlDynamicMappingId String: an identifier for the resource with format "{{_scope.name}} {{_scope.vdom}}".
reauth String: Enable/disable signalling of IDP to force user re-authentication (default = disable). Valid values: disable, enable.
saml String: Saml.
scimClients List<String>: SCIM client name.
scopetype String: The scope of application of the resource. Valid values: inherit, adom, global. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
singleLogoutUrl String: SP single logout URL.
singleSignOnUrl String: SP single sign-on URL.
userClaimType String: User name claim in assertion statement. Valid values: email, given-name, name, upn, common-name, email-adfs-1x, group, upn-adfs-1x, role, sur-name, ppid, name-identifier, authentication-method, deny-only-group-sid, deny-only-primary-sid, deny-only-primary-group-sid, group-sid, primary-group-sid, primary-sid, windows-account-name.
userName String: User name in assertion statement.

Supporting Types

ObjectUserSamlDynamicMapping_Scope
, ObjectUserSamlDynamicMapping_ScopeArgs

Name string: Name.
Vdom string: Vdom.

Name string: Name.
Vdom string: Vdom.

name String: Name.
vdom String: Vdom.

name string: Name.
vdom string: Vdom.

name str: Name.
vdom str: Vdom.

name String: Name.
vdom String: Vdom.

Import

ObjectUser SamlDynamicMapping can be imported using any of these accepted formats:

Set import_options = [“saml=YOUR_VALUE”] in the provider section.

$ export “FORTIMANAGER_IMPORT_TABLE”=“true”

$ pulumi import fortimanager:index/objectUserSamlDynamicMapping:ObjectUserSamlDynamicMapping labelname {{_scope.name}}.{{_scope.vdom}}

$ unset “FORTIMANAGER_IMPORT_TABLE”

-> Hint: The scopetype and adom for import will directly inherit the scopetype and adom configuration of the provider.

To learn more about importing existing cloud resources, see Importing resources.

Package Details

Repository: fortimanager fortinetdev/terraform-provider-fortimanager
License
Notes: This Pulumi package is based on the fortimanager Terraform Provider.

fortimanager 1.13.0 published on Thursday, Mar 13, 2025 by fortinetdev

fortinetdev/terraform-provider-fortimanager

fortimanager.ObjectUserSamlDynamicMapping

On this page

On this page

Create ObjectUserSamlDynamicMapping Resource

Constructor syntax

Parameters

Constructor example

ObjectUserSamlDynamicMapping Resource Properties

Inputs

Outputs

Look up Existing ObjectUserSamlDynamicMapping Resource

Supporting Types

ObjectUserSamlDynamicMapping_Scope
, ObjectUserSamlDynamicMapping_ScopeArgs

Import

Package Details

On this page

On this page

fortimanager.ObjectUserSamlDynamicMapping

On this page

On this page

Create ObjectUserSamlDynamicMapping Resource

Constructor syntax

Parameters

Constructor example

ObjectUserSamlDynamicMapping Resource Properties

Inputs

Outputs

Look up Existing ObjectUserSamlDynamicMapping Resource

Supporting Types

ObjectUserSamlDynamicMapping_Scope, ObjectUserSamlDynamicMapping_ScopeArgs

Import

Package Details

On this page

On this page

ObjectUserSamlDynamicMapping_Scope
, ObjectUserSamlDynamicMapping_ScopeArgs