You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Access expiration date in Unix timestamp (select 0 for access without expiry date)
[optional][default to 0]
allowed_redirect_uri
Array<String>
Allowed redirect URIs after the authentication
[optional]
audience
String
Audience claim to be used as part of the authentication flow. In case set, it must match the one configured on the Identity Provider's Application
[optional]
audit_logs_claims
Array<String>
Subclaims to include in audit logs, e.g "--audit-logs-claims email --audit-logs-claims username"
[optional]
bound_ips
Array<String>
A CIDR whitelist with the IPs that the access is restricted to
[optional]
client_id
String
Client ID
[optional]
client_secret
String
Client Secret
[optional]
delete_protection
String
Protection from accidental deletion of this object [true/false]
[optional]
description
String
Auth Method description
[optional]
force_sub_claims
Boolean
if true: enforce role-association must include sub claims
[optional]
gw_bound_ips
Array<String>
A CIDR whitelist with the GW IPs that the access is restricted to
[optional]
issuer
String
Issuer URL
[optional]
json
Boolean
Set output format to JSON
[optional][default to false]
jwt_ttl
Integer
Jwt TTL
[optional][default to 0]
name
String
Auth Method name
product_type
Array<String>
Choose the relevant product type for the auth method [sm, sra, pm, dp, ca]
[optional]
required_scopes
Array<String>
RequiredScopes is a list of required scopes that the oidc method will request from the oidc provider and the user must approve
[optional]
required_scopes_prefix
String
RequiredScopesPrefix is a a prefix to add to all required-scopes when requesting them from the oidc server (for example, azures' Application ID URI)
[optional]
subclaims_delimiters
Array<String>
A list of additional sub claims delimiters (relevant only for SAML, OIDC, OAuth2/JWT)
[optional]
token
String
Authentication token (see `/auth` and `/configure`)
[optional]
uid_token
String
The universal identity token, Required only for universal_identity authentication
[optional]
unique_identifier
String
A unique identifier (ID) value should be configured for OIDC, OAuth2, LDAP and SAML authentication method types and is usually a value such as the email, username, or upn for example. Whenever a user logs in with a token, these authentication types issue a "sub claim" that contains details uniquely identifying that user. This sub claim includes a key containing the ID value that you configured, and is used to distinguish between different users from within the same organization.