{"name":"okta","version":"6.2.3","description":"A Pulumi package for creating and managing okta resources.","keywords":["pulumi","okta"],"homepage":"https://pulumi.io","license":"Apache-2.0","attribution":"This Pulumi package is based on the [`okta` Terraform Provider](https://github.com/okta/terraform-provider-okta).","repository":"https://github.com/pulumi/pulumi-okta","meta":{"moduleFormat":"(.*)(?:/[^/]*)"},"language":{"csharp":{"packageReferences":{"Pulumi":"3.*"},"namespaces":{"app":"App","auth":"Auth","factor":"Factor","group":"Group","idp":"Idp","index":"Index","inline":"Inline","network":"Network","okta":"Okta","policy":"Policy","profile":"Profile","trustedorigin":"TrustedOrigin","user":"User"},"compatibility":"tfbridge20","respectSchemaVersion":true},"go":{"importBasePath":"github.com/pulumi/pulumi-okta/sdk/v6/go/okta","generateResourceContainerTypes":true,"generateExtraInputTypes":true,"respectSchemaVersion":true},"nodejs":{"packageDescription":"A Pulumi package for creating and managing okta resources.. Based on terraform-provider-okta: version v6.5.5","readme":"\u003e This provider is a derived work of the [Terraform Provider](https://github.com/okta/terraform-provider-okta)\n\u003e distributed under [MPL 2.0](https://www.mozilla.org/en-US/MPL/2.0/). If you encounter a bug or missing feature,\n\u003e first check the [`pulumi-okta` repo](https://github.com/pulumi/pulumi-okta/issues); however, if that doesn't turn up anything,\n\u003e please consult the source [`terraform-provider-okta` repo](https://github.com/okta/terraform-provider-okta/issues).","devDependencies":{"@types/mime":"^2.0.0","@types/node":"^10.0.0"},"compatibility":"tfbridge20","disableUnionOutputTypes":true,"respectSchemaVersion":true},"python":{"readme":"\u003e This provider is a derived work of the [Terraform Provider](https://github.com/okta/terraform-provider-okta)\n\u003e distributed under [MPL 2.0](https://www.mozilla.org/en-US/MPL/2.0/). If you encounter a bug or missing feature,\n\u003e first check the [`pulumi-okta` repo](https://github.com/pulumi/pulumi-okta/issues); however, if that doesn't turn up anything,\n\u003e please consult the source [`terraform-provider-okta` repo](https://github.com/okta/terraform-provider-okta/issues).","compatibility":"tfbridge20","respectSchemaVersion":true,"pyproject":{"enabled":true}}},"config":{"variables":{"accessToken":{"type":"string","description":"Bearer token granting privileges to Okta API.","secret":true},"apiToken":{"type":"string","description":"API Token granting privileges to Okta API.","secret":true},"backoff":{"type":"boolean","description":"Use exponential back off strategy for rate limits."},"baseUrl":{"type":"string","description":"The Okta url. (Use 'oktapreview.com' for Okta testing)"},"clientId":{"type":"string","description":"API Token granting privileges to Okta API."},"httpProxy":{"type":"string","description":"Alternate HTTP proxy of scheme://hostname or scheme://hostname:port format"},"logLevel":{"type":"integer","description":"providers log level. Minimum is 1 (TRACE), and maximum is 5 (ERROR)"},"maxApiCapacity":{"type":"integer","description":"Sets what percentage of capacity the provider can use of the total rate limit capacity while making calls to the Okta management API endpoints. Okta API operates in one minute buckets. See Okta Management API Rate Limits: https://developer.okta.com/docs/reference/rl-global-mgmt/"},"maxRetries":{"type":"integer","description":"maximum number of retries to attempt before erroring out."},"maxWaitSeconds":{"type":"integer","description":"maximum seconds to wait when rate limit is hit. We use exponential backoffs when backoff is enabled."},"minWaitSeconds":{"type":"integer","description":"minimum seconds to wait when rate limit is hit. We use exponential backoffs when backoff is enabled."},"orgName":{"type":"string","description":"The organization to manage in Okta."},"parallelism":{"type":"integer","description":"Number of concurrent requests to make within a resource where bulk operations are not possible. Take note of https://developer.okta.com/docs/api/getting_started/rate-limits."},"privateKey":{"type":"string","description":"API Token granting privileges to Okta API.","secret":true},"privateKeyId":{"type":"string","description":"API Token Id granting privileges to Okta API."},"requestTimeout":{"type":"integer","description":"Timeout for single request (in seconds) which is made to Okta, the default is \u003cspan pulumi-lang-nodejs=\"`0`\" pulumi-lang-dotnet=\"`0`\" pulumi-lang-go=\"`0`\" pulumi-lang-python=\"`0`\" pulumi-lang-yaml=\"`0`\" pulumi-lang-java=\"`0`\"\u003e`0`\u003c/span\u003e (means no limit is set). The maximum value can be \u003cspan pulumi-lang-nodejs=\"`300`\" pulumi-lang-dotnet=\"`300`\" pulumi-lang-go=\"`300`\" pulumi-lang-python=\"`300`\" pulumi-lang-yaml=\"`300`\" pulumi-lang-java=\"`300`\"\u003e`300`\u003c/span\u003e."},"scopes":{"type":"array","items":{"type":"string"},"description":"API Token granting privileges to Okta API."}}},"types":{"okta:app/ConnectionProfile:ConnectionProfile":{"properties":{"authScheme":{"type":"string","description":"Authentication scheme. Valid values are TOKEN or OAUTH2.\n"},"clientId":{"type":"string","description":"OAuth2 client ID (required for OAUTH2 auth scheme).\n"},"settings":{"$ref":"#/types/okta:app/ConnectionProfileSettings:ConnectionProfileSettings","description":"Additional settings for OAuth2 authentication.\n"},"signing":{"$ref":"#/types/okta:app/ConnectionProfileSigning:ConnectionProfileSigning","description":"Signing configuration.\n"},"token":{"type":"string","description":"Authentication token (required for TOKEN auth scheme).\n","secret":true}},"type":"object","required":["authScheme"]},"okta:app/ConnectionProfileSettings:ConnectionProfileSettings":{"properties":{"adminPassword":{"type":"string","description":"Admin password for OAuth2.\n","secret":true},"adminUsername":{"type":"string","description":"Admin username for OAuth2.\n"}},"type":"object"},"okta:app/ConnectionProfileSigning:ConnectionProfileSigning":{"properties":{"rotationMode":{"type":"string","description":"Token rotation mode.\n"}},"type":"object"},"okta:app/FeaturesCapabilities:FeaturesCapabilities":{"properties":{"create":{"$ref":"#/types/okta:app/FeaturesCapabilitiesCreate:FeaturesCapabilitiesCreate","description":"(Optional) Block for create lifecycle settings:\n"},"importRules":{"$ref":"#/types/okta:app/FeaturesCapabilitiesImportRules:FeaturesCapabilitiesImportRules","description":"(Optional) Block for import rules configuration:\n"},"importSettings":{"$ref":"#/types/okta:app/FeaturesCapabilitiesImportSettings:FeaturesCapabilitiesImportSettings","description":"(Optional) Block for import settings configuration:\n"},"update":{"$ref":"#/types/okta:app/FeaturesCapabilitiesUpdate:FeaturesCapabilitiesUpdate","description":"(Optional) Block for update settings:\n"}},"type":"object"},"okta:app/FeaturesCapabilitiesCreate:FeaturesCapabilitiesCreate":{"properties":{"lifecycleCreate":{"$ref":"#/types/okta:app/FeaturesCapabilitiesCreateLifecycleCreate:FeaturesCapabilitiesCreateLifecycleCreate","description":"(Optional) Block for create lifecycle configuration:\n"}},"type":"object"},"okta:app/FeaturesCapabilitiesCreateLifecycleCreate:FeaturesCapabilitiesCreateLifecycleCreate":{"properties":{"status":{"type":"string","description":"The status of the feature. Valid values are `ENABLED` or `DISABLED`.\n"}},"type":"object"},"okta:app/FeaturesCapabilitiesImportRules:FeaturesCapabilitiesImportRules":{"properties":{"userCreateAndMatch":{"$ref":"#/types/okta:app/FeaturesCapabilitiesImportRulesUserCreateAndMatch:FeaturesCapabilitiesImportRulesUserCreateAndMatch","description":"(Optional) Block for user matching and creation rules:\n"}},"type":"object"},"okta:app/FeaturesCapabilitiesImportRulesUserCreateAndMatch:FeaturesCapabilitiesImportRulesUserCreateAndMatch":{"properties":{"allowPartialMatch":{"type":"boolean","description":"(Optional) Whether to allow partial matching based on first and last names.\n"},"autoActivateNewUsers":{"type":"boolean","description":"(Optional) Whether imported new users are automatically activated.\n"},"autoconfirmExactMatch":{"type":"boolean","description":"(Optional) Whether exact-matched users are automatically confirmed.\n"},"autoconfirmNewUsers":{"type":"boolean","description":"(Optional) Whether imported new users are automatically confirmed.\n"},"autoconfirmPartialMatch":{"type":"boolean","description":"(Optional) Whether partially matched users are automatically confirmed.\n"},"exactMatchCriteria":{"type":"string","description":"(Optional) Attribute used for exact matching (e.g., `USERNAME`, `EMAIL`).\n"}},"type":"object"},"okta:app/FeaturesCapabilitiesImportSettings:FeaturesCapabilitiesImportSettings":{"properties":{"schedule":{"$ref":"#/types/okta:app/FeaturesCapabilitiesImportSettingsSchedule:FeaturesCapabilitiesImportSettingsSchedule","description":"(Optional) Block for import schedule configuration:\n"},"username":{"$ref":"#/types/okta:app/FeaturesCapabilitiesImportSettingsUsername:FeaturesCapabilitiesImportSettingsUsername","description":"(Optional) Block for username configuration:\n"}},"type":"object"},"okta:app/FeaturesCapabilitiesImportSettingsSchedule:FeaturesCapabilitiesImportSettingsSchedule":{"properties":{"fullImport":{"$ref":"#/types/okta:app/FeaturesCapabilitiesImportSettingsScheduleFullImport:FeaturesCapabilitiesImportSettingsScheduleFullImport","description":"(Optional) Block for full import schedule:\n"},"incrementalImport":{"$ref":"#/types/okta:app/FeaturesCapabilitiesImportSettingsScheduleIncrementalImport:FeaturesCapabilitiesImportSettingsScheduleIncrementalImport","description":"(Optional) Block for incremental import schedule:\n"},"status":{"type":"string","description":"The status of the feature. Valid values are `ENABLED` or `DISABLED`.\n"}},"type":"object"},"okta:app/FeaturesCapabilitiesImportSettingsScheduleFullImport:FeaturesCapabilitiesImportSettingsScheduleFullImport":{"properties":{"expression":{"type":"string","description":"(Optional) UNIX cron expression for incremental import schedule.\n"},"timezone":{"type":"string","description":"(Optional) IANA timezone name for the schedule.\n"}},"type":"object"},"okta:app/FeaturesCapabilitiesImportSettingsScheduleIncrementalImport:FeaturesCapabilitiesImportSettingsScheduleIncrementalImport":{"properties":{"expression":{"type":"string","description":"(Optional) UNIX cron expression for incremental import schedule.\n"},"timezone":{"type":"string","description":"(Optional) IANA timezone name for the schedule.\n"}},"type":"object"},"okta:app/FeaturesCapabilitiesImportSettingsUsername:FeaturesCapabilitiesImportSettingsUsername":{"properties":{"usernameExpression":{"type":"string","description":"(Optional) Okta Expression Language statement for custom username format.\n"},"usernameFormat":{"type":"string","description":"(Optional) Format for usernames (e.g., `EMAIL`, `CUSTOM`).\n"}},"type":"object"},"okta:app/FeaturesCapabilitiesUpdate:FeaturesCapabilitiesUpdate":{"properties":{"lifecycleDeactivate":{"$ref":"#/types/okta:app/FeaturesCapabilitiesUpdateLifecycleDeactivate:FeaturesCapabilitiesUpdateLifecycleDeactivate","description":"(Optional) Block for deactivation lifecycle configuration:\n"},"password":{"$ref":"#/types/okta:app/FeaturesCapabilitiesUpdatePassword:FeaturesCapabilitiesUpdatePassword","description":"(Optional) Block for password synchronization settings:\n"},"profile":{"$ref":"#/types/okta:app/FeaturesCapabilitiesUpdateProfile:FeaturesCapabilitiesUpdateProfile","description":"(Optional) Block for profile update settings:\n"}},"type":"object"},"okta:app/FeaturesCapabilitiesUpdateLifecycleDeactivate:FeaturesCapabilitiesUpdateLifecycleDeactivate":{"properties":{"status":{"type":"string","description":"The status of the feature. Valid values are `ENABLED` or `DISABLED`.\n"}},"type":"object"},"okta:app/FeaturesCapabilitiesUpdatePassword:FeaturesCapabilitiesUpdatePassword":{"properties":{"change":{"type":"string","description":"(Optional) Determines password change behavior. Valid values are `CHANGE` or `KEEP_EXISTING`.\n"},"seed":{"type":"string","description":"(Optional) Determines password source. Valid values are `OKTA` or `RANDOM`.\n"},"status":{"type":"string","description":"The status of the feature. Valid values are `ENABLED` or `DISABLED`.\n"}},"type":"object"},"okta:app/FeaturesCapabilitiesUpdateProfile:FeaturesCapabilitiesUpdateProfile":{"properties":{"status":{"type":"string","description":"The status of the feature. Valid values are `ENABLED` or `DISABLED`.\n"}},"type":"object"},"okta:app/OAuthGroupsClaim:OAuthGroupsClaim":{"properties":{"filterType":{"type":"string","description":"Groups claim filter. Can only be set if type is FILTER.\n"},"issuerMode":{"type":"string","description":"Issuer mode inherited from OAuth App\n"},"name":{"type":"string","description":"Name of the claim that will be used in the token.\n"},"type":{"type":"string","description":"Groups claim type.\n"},"value":{"type":"string","description":"Value of the claim. Can be an Okta Expression Language statement that evaluates at the time the token is minted.\n"}},"type":"object","required":["name","type","value"],"language":{"nodejs":{"requiredOutputs":["issuerMode","name","type","value"]}}},"okta:app/OAuthJwk:OAuthJwk":{"properties":{"e":{"type":"string","description":"RSA Exponent\n"},"kid":{"type":"string","description":"Key ID\n"},"kty":{"type":"string","description":"Key type\n"},"n":{"type":"string","description":"RSA Modulus\n"},"x":{"type":"string","description":"X coordinate of the elliptic curve point\n"},"y":{"type":"string","description":"Y coordinate of the elliptic curve point\n"}},"type":"object","required":["kid","kty"]},"okta:app/SamlAcsEndpointsIndex:SamlAcsEndpointsIndex":{"properties":{"index":{"type":"integer"},"url":{"type":"string"}},"type":"object","required":["index","url"]},"okta:app/SamlAttributeStatement:SamlAttributeStatement":{"properties":{"filterType":{"type":"string","description":"Type of group attribute filter. Valid values are: `STARTS_WITH`, `EQUALS`, `CONTAINS`, or `REGEX`\n"},"filterValue":{"type":"string","description":"Filter value to use\n"},"name":{"type":"string","description":"The reference name of the attribute statement\n"},"namespace":{"type":"string","description":"The attribute namespace. It can be set to `urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified`, `urn:oasis:names:tc:SAML:2.0:attrname-format:uri`, or `urn:oasis:names:tc:SAML:2.0:attrname-format:basic`\n"},"type":{"type":"string","description":"The type of attribute statements object\n"},"values":{"type":"array","items":{"type":"string"}}},"type":"object","required":["name"]},"okta:app/SamlKey:SamlKey":{"properties":{"created":{"type":"string","description":"Created date\n"},"e":{"type":"string","description":"RSA exponent\n"},"expiresAt":{"type":"string","description":"Expiration date\n"},"kid":{"type":"string","description":"Key ID\n"},"kty":{"type":"string","description":"Key type. Identifies the cryptographic algorithm family used with the key.\n"},"lastUpdated":{"type":"string","description":"Last updated date\n"},"n":{"type":"string","description":"RSA modulus\n"},"use":{"type":"string","description":"Intended use of the public key.\n"},"x5cs":{"type":"array","items":{"type":"string"},"description":"X.509 Certificate Chain\n"},"x5tS256":{"type":"string","description":"X.509 certificate SHA-256 thumbprint\n"}},"type":"object","language":{"nodejs":{"requiredOutputs":["created","e","expiresAt","kid","kty","lastUpdated","n","use","x5cs","x5tS256"]}}},"okta:app/getConnectionProfile:getConnectionProfile":{"properties":{"authScheme":{"type":"string","description":"Defines the method of authentication.\n"}},"type":"object","required":["authScheme"],"language":{"nodejs":{"requiredInputs":[]}}},"okta:app/getFeaturesCapabilities:getFeaturesCapabilities":{"properties":{"create":{"$ref":"#/types/okta:app/getFeaturesCapabilitiesCreate:getFeaturesCapabilitiesCreate","description":"Block for create lifecycle settings:\n"},"importRules":{"$ref":"#/types/okta:app/getFeaturesCapabilitiesImportRules:getFeaturesCapabilitiesImportRules","description":"Block for import rules configuration:\n"},"importSettings":{"$ref":"#/types/okta:app/getFeaturesCapabilitiesImportSettings:getFeaturesCapabilitiesImportSettings","description":"Block for import settings configuration:\n"},"update":{"$ref":"#/types/okta:app/getFeaturesCapabilitiesUpdate:getFeaturesCapabilitiesUpdate","description":"Block for update settings:\n"}},"type":"object"},"okta:app/getFeaturesCapabilitiesCreate:getFeaturesCapabilitiesCreate":{"properties":{"lifecycleCreate":{"$ref":"#/types/okta:app/getFeaturesCapabilitiesCreateLifecycleCreate:getFeaturesCapabilitiesCreateLifecycleCreate","description":"Block for create lifecycle configuration:\n"}},"type":"object"},"okta:app/getFeaturesCapabilitiesCreateLifecycleCreate:getFeaturesCapabilitiesCreateLifecycleCreate":{"properties":{"status":{"type":"string","description":"(String) Status of the import schedule. Valid values are `ENABLED` or `DISABLED`.\n"}},"type":"object","required":["status"],"language":{"nodejs":{"requiredInputs":[]}}},"okta:app/getFeaturesCapabilitiesImportRules:getFeaturesCapabilitiesImportRules":{"properties":{"userCreateAndMatch":{"$ref":"#/types/okta:app/getFeaturesCapabilitiesImportRulesUserCreateAndMatch:getFeaturesCapabilitiesImportRulesUserCreateAndMatch","description":"Block for user matching and creation rules:\n"}},"type":"object"},"okta:app/getFeaturesCapabilitiesImportRulesUserCreateAndMatch:getFeaturesCapabilitiesImportRulesUserCreateAndMatch":{"properties":{"allowPartialMatch":{"type":"boolean","description":"(Boolean) Whether to allow partial matching based on first and last names.\n"},"autoActivateNewUsers":{"type":"boolean","description":"(Boolean) Whether imported new users are automatically activated.\n"},"autoconfirmExactMatch":{"type":"boolean","description":"(Boolean) Whether exact-matched users are automatically confirmed.\n"},"autoconfirmNewUsers":{"type":"boolean","description":"(Boolean) Whether imported new users are automatically confirmed.\n"},"autoconfirmPartialMatch":{"type":"boolean","description":"(Boolean) Whether partially matched users are automatically confirmed.\n"},"exactMatchCriteria":{"type":"string","description":"(String) Attribute used for exact matching (e.g., `USERNAME`, `EMAIL`).\n"}},"type":"object","required":["allowPartialMatch","autoActivateNewUsers","autoconfirmExactMatch","autoconfirmNewUsers","autoconfirmPartialMatch","exactMatchCriteria"],"language":{"nodejs":{"requiredInputs":[]}}},"okta:app/getFeaturesCapabilitiesImportSettings:getFeaturesCapabilitiesImportSettings":{"properties":{"schedule":{"$ref":"#/types/okta:app/getFeaturesCapabilitiesImportSettingsSchedule:getFeaturesCapabilitiesImportSettingsSchedule","description":"Block for import schedule configuration:\n"},"username":{"$ref":"#/types/okta:app/getFeaturesCapabilitiesImportSettingsUsername:getFeaturesCapabilitiesImportSettingsUsername","description":"Block for username configuration:\n"}},"type":"object"},"okta:app/getFeaturesCapabilitiesImportSettingsSchedule:getFeaturesCapabilitiesImportSettingsSchedule":{"properties":{"fullImport":{"$ref":"#/types/okta:app/getFeaturesCapabilitiesImportSettingsScheduleFullImport:getFeaturesCapabilitiesImportSettingsScheduleFullImport","description":"Block for full import schedule:\n"},"incrementalImport":{"$ref":"#/types/okta:app/getFeaturesCapabilitiesImportSettingsScheduleIncrementalImport:getFeaturesCapabilitiesImportSettingsScheduleIncrementalImport","description":"Block for incremental import schedule:\n"},"status":{"type":"string","description":"(String) Status of the import schedule. Valid values are `ENABLED` or `DISABLED`.\n"}},"type":"object","required":["status"],"language":{"nodejs":{"requiredInputs":[]}}},"okta:app/getFeaturesCapabilitiesImportSettingsScheduleFullImport:getFeaturesCapabilitiesImportSettingsScheduleFullImport":{"properties":{"expression":{"type":"string","description":"(String) UNIX cron expression for incremental import schedule.\n"},"timezone":{"type":"string","description":"(String) IANA timezone name for the schedule.\n"}},"type":"object","required":["expression","timezone"],"language":{"nodejs":{"requiredInputs":[]}}},"okta:app/getFeaturesCapabilitiesImportSettingsScheduleIncrementalImport:getFeaturesCapabilitiesImportSettingsScheduleIncrementalImport":{"properties":{"expression":{"type":"string","description":"(String) UNIX cron expression for incremental import schedule.\n"},"timezone":{"type":"string","description":"(String) IANA timezone name for the schedule.\n"}},"type":"object","required":["expression","timezone"],"language":{"nodejs":{"requiredInputs":[]}}},"okta:app/getFeaturesCapabilitiesImportSettingsUsername:getFeaturesCapabilitiesImportSettingsUsername":{"properties":{"usernameExpression":{"type":"string","description":"(String) Okta Expression Language statement for custom username format.\n"},"usernameFormat":{"type":"string","description":"(String) Format for usernames (e.g., `EMAIL`, `CUSTOM`).\n"}},"type":"object","required":["usernameExpression","usernameFormat"],"language":{"nodejs":{"requiredInputs":[]}}},"okta:app/getFeaturesCapabilitiesUpdate:getFeaturesCapabilitiesUpdate":{"properties":{"lifecycleDeactivate":{"$ref":"#/types/okta:app/getFeaturesCapabilitiesUpdateLifecycleDeactivate:getFeaturesCapabilitiesUpdateLifecycleDeactivate","description":"Block for deactivation lifecycle configuration:\n"},"password":{"$ref":"#/types/okta:app/getFeaturesCapabilitiesUpdatePassword:getFeaturesCapabilitiesUpdatePassword","description":"Block for password synchronization settings:\n"},"profile":{"$ref":"#/types/okta:app/getFeaturesCapabilitiesUpdateProfile:getFeaturesCapabilitiesUpdateProfile","description":"Block for profile update settings:\n"}},"type":"object"},"okta:app/getFeaturesCapabilitiesUpdateLifecycleDeactivate:getFeaturesCapabilitiesUpdateLifecycleDeactivate":{"properties":{"status":{"type":"string","description":"(String) Status of the import schedule. Valid values are `ENABLED` or `DISABLED`.\n"}},"type":"object","required":["status"],"language":{"nodejs":{"requiredInputs":[]}}},"okta:app/getFeaturesCapabilitiesUpdatePassword:getFeaturesCapabilitiesUpdatePassword":{"properties":{"change":{"type":"string","description":"(String) Determines password change behavior. Valid values are `CHANGE` or `KEEP_EXISTING`.\n"},"seed":{"type":"string","description":"(String) Determines password source. Valid values are `OKTA` or `RANDOM`.\n"},"status":{"type":"string","description":"(String) Status of the import schedule. Valid values are `ENABLED` or `DISABLED`.\n"}},"type":"object","required":["change","seed","status"],"language":{"nodejs":{"requiredInputs":[]}}},"okta:app/getFeaturesCapabilitiesUpdateProfile:getFeaturesCapabilitiesUpdateProfile":{"properties":{"status":{"type":"string","description":"(String) Status of the import schedule. Valid values are `ENABLED` or `DISABLED`.\n"}},"type":"object","required":["status"],"language":{"nodejs":{"requiredInputs":[]}}},"okta:app/getSamlAttributeStatement:getSamlAttributeStatement":{"properties":{"filterType":{"type":"string","description":"Type of group attribute filter\n"},"filterValue":{"type":"string","description":"Filter value to use\n"},"name":{"type":"string","description":"The reference name of the attribute statement\n"},"namespace":{"type":"string","description":"The name format of the attribute\n"},"type":{"type":"string","description":"The type of attribute statements object\n"},"values":{"type":"array","items":{"type":"string"}}},"type":"object","required":["filterType","filterValue","name","namespace","type","values"],"language":{"nodejs":{"requiredInputs":[]}}},"okta:auth/getServerScopesScope:getServerScopesScope":{"properties":{"consent":{"type":"string","description":"Indicates whether a consent dialog is needed for the Scope\n"},"default":{"type":"boolean","description":"Whether the Scope is a default Scope\n"},"description":{"type":"string","description":"Description of the Scope\n"},"displayName":{"type":"string","description":"Name of the end user displayed in a consent dialog box\n"},"id":{"type":"string","description":"ID of the Scope\n"},"metadataPublish":{"type":"string","description":"Whether the Scope should be included in the metadata\n"},"name":{"type":"string","description":"Name of the Scope\n"},"optional":{"type":"boolean","description":"Whether the Scope is optional\n"},"system":{"type":"boolean","description":"Whether Okta created the Scope\n"}},"type":"object","required":["consent","default","description","displayName","id","metadataPublish","name","optional","system"],"language":{"nodejs":{"requiredInputs":[]}}},"okta:index/AgentPoolUpdateAgent:AgentPoolUpdateAgent":{"properties":{"id":{"type":"string","description":"The unique identifier of the agent.\n"},"poolId":{"type":"string","description":"Pool ID.\n"}},"type":"object","language":{"nodejs":{"requiredOutputs":["id","poolId"]}}},"okta:index/AgentPoolUpdateSchedule:AgentPoolUpdateSchedule":{"properties":{"cron":{"type":"string","description":"The schedule of the update in cron format.\n"},"delay":{"type":"integer","description":"Delay in days.\n"},"duration":{"type":"integer","description":"Duration in minutes.\n"},"lastUpdated":{"type":"string","description":"Timestamp when the update finished (only for a successful or failed update, not for a cancelled update). Null is returned if the job hasn't finished once yet.\n"},"timezone":{"type":"string","description":"Timezone of where the scheduled job takes place.\n"}},"type":"object","language":{"nodejs":{"requiredOutputs":["lastUpdated"]}}},"okta:index/ApiServiceIntegrationGrantedScope:ApiServiceIntegrationGrantedScope":{"properties":{"scope":{"type":"string","description":"The scope of the API service integration\n"}},"type":"object","required":["scope"]},"okta:index/ApiTokenNetwork:ApiTokenNetwork":{"properties":{"connection":{"type":"string","description":"The connection type of the Network Condition.\n"},"excludes":{"type":"array","items":{"type":"string"},"description":"The IP address the excluded zone.\n"},"includes":{"type":"array","items":{"type":"string"},"description":"The IP address the included zone.\n"}},"type":"object","language":{"nodejs":{"requiredOutputs":["excludes","includes"]}}},"okta:index/AppGroupAssignmentsGroup:AppGroupAssignmentsGroup":{"properties":{"id":{"type":"string","description":"A group to associate with the application\n"},"priority":{"type":"integer","description":"Priority of group assignment\n"},"profile":{"type":"string","description":"JSON document containing [application profile](https://developer.okta.com/docs/reference/api/apps/#profile-object)\n"}},"type":"object","required":["id","profile"]},"okta:index/AppSignonPolicyRulePlatformInclude:AppSignonPolicyRulePlatformInclude":{"properties":{"osExpression":{"type":"string","description":"Only available with OTHER OS type\n"},"osType":{"type":"string"},"type":{"type":"string"}},"type":"object"},"okta:index/AppUserSchemaPropertyArrayOneOf:AppUserSchemaPropertyArrayOneOf":{"properties":{"const":{"type":"string","description":"Value mapping to member of \u003cspan pulumi-lang-nodejs=\"`arrayEnum`\" pulumi-lang-dotnet=\"`ArrayEnum`\" pulumi-lang-go=\"`arrayEnum`\" pulumi-lang-python=\"`array_enum`\" pulumi-lang-yaml=\"`arrayEnum`\" pulumi-lang-java=\"`arrayEnum`\"\u003e`array_enum`\u003c/span\u003e\n"},"title":{"type":"string","description":"Display name for the enum value.\n"}},"type":"object","required":["const","title"]},"okta:index/AppUserSchemaPropertyOneOf:AppUserSchemaPropertyOneOf":{"properties":{"const":{"type":"string","description":"Enum value\n"},"title":{"type":"string","description":"Enum title\n"}},"type":"object","required":["const","title"]},"okta:index/CampaignNotificationSettings:CampaignNotificationSettings":{"properties":{"notifyReviewPeriodEnd":{"type":"boolean","description":"To indicate whether a notification should be sent to the reviewer when a given reviewer level period is about to end.\n"},"notifyReviewerAtCampaignEnd":{"type":"boolean","description":"To indicate whether a notification should be sent to the reviewers when campaign has come to an end.\n"},"notifyReviewerDuringMidpointOfReview":{"type":"boolean","description":"To indicate whether a notification should be sent to the reviewer during the midpoint of the review process.\n"},"notifyReviewerWhenOverdue":{"type":"boolean","description":"To indicate whether a notification should be sent to the reviewer when the review is overdue.\n"},"notifyReviewerWhenReviewAssigned":{"type":"boolean","description":"To indicate whether a notification should be sent to the reviewer when actionable reviews are assigned.\n"},"remindersReviewerBeforeCampaignCloseInSecs":{"type":"array","items":{"type":"integer"},"description":"Specifies times (in seconds) to send reminders to reviewers before the campaign closes. Max 3 values. Example: [86400, 172800, 604800]\n"}},"type":"object","required":["notifyReviewPeriodEnd","notifyReviewerAtCampaignEnd","notifyReviewerDuringMidpointOfReview","notifyReviewerWhenOverdue","notifyReviewerWhenReviewAssigned"],"language":{"nodejs":{"requiredOutputs":["notifyReviewPeriodEnd","notifyReviewerAtCampaignEnd","notifyReviewerDuringMidpointOfReview","notifyReviewerWhenOverdue","notifyReviewerWhenReviewAssigned","remindersReviewerBeforeCampaignCloseInSecs"]}}},"okta:index/CampaignPrincipalScopeSettings:CampaignPrincipalScopeSettings":{"properties":{"excludedUserIds":{"type":"array","items":{"type":"string"},"description":"An array of Okta user IDs excluded from access certification or the campaign. This field is optional. A maximum of 50 users can be specified in the array.\n"},"groupIds":{"type":"array","items":{"type":"string"},"description":"An array of Okta group IDs included from access certification or the campaign. userIds, groupIds or userScopeExpression is required if campaign type is USER. A maximum of 5 groups can be specified in the array.\n"},"includeOnlyActiveUsers":{"type":"boolean","description":"If set to true, only active Okta users are included in the campaign.\n"},"onlyIncludeUsersWithSodConflicts":{"type":"boolean","description":"If set to true, only includes users that have at least one SOD conflict that was caused due to entitlement(s) within Campaign scope.\n"},"predefinedInactiveUsersScopes":{"type":"array","items":{"$ref":"#/types/okta:index/CampaignPrincipalScopeSettingsPredefinedInactiveUsersScope:CampaignPrincipalScopeSettingsPredefinedInactiveUsersScope"}},"type":{"type":"string","description":"Specifies the type for principal_scope_settings.\n"},"userIds":{"type":"array","items":{"type":"string"},"description":"An array of Okta user IDs included from access certification or the campaign. userIds, groupIds or userScopeExpression is required if campaign type is USER. A maximum of 100 users can be specified in the array.\n"},"userScopeExpression":{"type":"string","description":"The Okta expression language user expression on the resourceSettings to include users in the campaign.\n"}},"type":"object","required":["type"],"language":{"nodejs":{"requiredOutputs":["includeOnlyActiveUsers","onlyIncludeUsersWithSodConflicts","type"]}}},"okta:index/CampaignPrincipalScopeSettingsPredefinedInactiveUsersScope:CampaignPrincipalScopeSettingsPredefinedInactiveUsersScope":{"properties":{"inactiveDays":{"type":"integer","description":"The duration the users have not used single sign on (SSO) to access their account within the specific time frame. Minimum 30 days and maximum 365 days are supported.\n"}},"type":"object"},"okta:index/CampaignRemediationSettings:CampaignRemediationSettings":{"properties":{"accessApproved":{"type":"string","description":"Specifies the action by default if the reviewer approves access. NO_ACTION indicates there is no remediation action and the user retains access.\n"},"accessRevoked":{"type":"string","description":"Specifies the action if the reviewer revokes access. NO_ACTION indicates the user retains the same access. DENY indicates the user will have their access revoked as long as they are not assigned to a group through Group Rules.\n"},"autoRemediationSettings":{"$ref":"#/types/okta:index/CampaignRemediationSettingsAutoRemediationSettings:CampaignRemediationSettingsAutoRemediationSettings"},"noResponse":{"type":"string","description":"Specifies the action if the reviewer doesn't respond to the request or if the campaign is closed before an action is taken.\n"}},"type":"object","required":["accessApproved","accessRevoked","noResponse"]},"okta:index/CampaignRemediationSettingsAutoRemediationSettings:CampaignRemediationSettingsAutoRemediationSettings":{"properties":{"includeAllIndirectAssignments":{"type":"boolean","description":"If true, all indirect assignments will be included in the campaign. If false, only direct assignments will be included.\n"},"includeOnlies":{"type":"array","items":{"$ref":"#/types/okta:index/CampaignRemediationSettingsAutoRemediationSettingsIncludeOnly:CampaignRemediationSettingsAutoRemediationSettingsIncludeOnly"}}},"type":"object"},"okta:index/CampaignRemediationSettingsAutoRemediationSettingsIncludeOnly:CampaignRemediationSettingsAutoRemediationSettingsIncludeOnly":{"properties":{"resourceId":{"type":"string","description":"The ID of the resource to include in the campaign.\n"},"resourceType":{"type":"string","description":"The type of the resource to include in the campaign. Valid values are 'APPLICATION', 'GROUP', 'ENTITLEMENT', 'ENTITLEMENT_BUNDLE'.\n"}},"type":"object"},"okta:index/CampaignResourceSettings:CampaignResourceSettings":{"properties":{"excludedResources":{"type":"array","items":{"$ref":"#/types/okta:index/CampaignResourceSettingsExcludedResource:CampaignResourceSettingsExcludedResource"},"description":"An array of resources that are excluded from the review.\n"},"includeAdminRoles":{"type":"boolean","description":"Include admin roles.\n"},"includeEntitlements":{"type":"boolean","description":"Include entitlements for this application. This property is only applicable if\u003cspan pulumi-lang-nodejs=\" resourceType \" pulumi-lang-dotnet=\" ResourceType \" pulumi-lang-go=\" resourceType \" pulumi-lang-python=\" resource_type \" pulumi-lang-yaml=\" resourceType \" pulumi-lang-java=\" resourceType \"\u003e resource_type \u003c/span\u003e= APPLICATION and Entitlement Management is enabled.\n"},"individuallyAssignedAppsOnly":{"type":"boolean","description":"Only include individually assigned apps. This is only applicable if campaign type is USER.\n"},"individuallyAssignedGroupsOnly":{"type":"boolean","description":"Only include individually assigned groups. This is only applicable if campaign type is USER.\n"},"onlyIncludeOutOfPolicyEntitlements":{"type":"boolean","description":"Only include out-of-policy entitlements. Only applicable if\u003cspan pulumi-lang-nodejs=\" resourceType \" pulumi-lang-dotnet=\" ResourceType \" pulumi-lang-go=\" resourceType \" pulumi-lang-python=\" resource_type \" pulumi-lang-yaml=\" resourceType \" pulumi-lang-java=\" resourceType \"\u003e resource_type \u003c/span\u003e= APPLICATION and Entitlement Management is enabled.\n"},"targetResources":{"type":"array","items":{"$ref":"#/types/okta:index/CampaignResourceSettingsTargetResource:CampaignResourceSettingsTargetResource"},"description":"Represents a resource that will be part of Access certifications. If the app is enabled for Access Certifications, it's possible to review entitlements and entitlement bundles.\n"},"type":{"type":"string","description":"The type of Okta resource.\n"}},"type":"object","required":["type"],"language":{"nodejs":{"requiredOutputs":["includeAdminRoles","includeEntitlements","individuallyAssignedAppsOnly","individuallyAssignedGroupsOnly","onlyIncludeOutOfPolicyEntitlements","type"]}}},"okta:index/CampaignResourceSettingsExcludedResource:CampaignResourceSettingsExcludedResource":{"properties":{"resourceId":{"type":"string","description":"The ID of the resource to exclude in the campaign.\n"},"resourceType":{"type":"string","description":"The type of resource to exclude in the campaign.\n"}},"type":"object"},"okta:index/CampaignResourceSettingsTargetResource:CampaignResourceSettingsTargetResource":{"properties":{"entitlementBundles":{"type":"array","items":{"$ref":"#/types/okta:index/CampaignResourceSettingsTargetResourceEntitlementBundle:CampaignResourceSettingsTargetResourceEntitlementBundle"},"description":"An array of entitlement bundles for this application.\n"},"entitlements":{"type":"array","items":{"$ref":"#/types/okta:index/CampaignResourceSettingsTargetResourceEntitlement:CampaignResourceSettingsTargetResourceEntitlement"},"description":"An array of entitlements associated with resourceId that should be chosen as target when creating reviews\n"},"includeAllEntitlementsAndBundles":{"type":"boolean","description":"Include all entitlements and entitlement bundles for this application. Only applicable if the resourcetype = APPLICATION and Entitlement Management is enabled.\n"},"resourceId":{"type":"string","description":"The resource ID that is being reviewed.\n"},"resourceType":{"type":"string","description":"The type of Okta resource.\n"}},"type":"object","required":["resourceId","resourceType"],"language":{"nodejs":{"requiredOutputs":["includeAllEntitlementsAndBundles","resourceId","resourceType"]}}},"okta:index/CampaignResourceSettingsTargetResourceEntitlement:CampaignResourceSettingsTargetResourceEntitlement":{"properties":{"id":{"type":"string","description":"Campaign id\n"},"includeAllValues":{"type":"boolean","description":"Whether to include all entitlement values. If false we must provide the values property.\n"},"values":{"type":"array","items":{"$ref":"#/types/okta:index/CampaignResourceSettingsTargetResourceEntitlementValue:CampaignResourceSettingsTargetResourceEntitlementValue"}}},"type":"object","required":["id"]},"okta:index/CampaignResourceSettingsTargetResourceEntitlementBundle:CampaignResourceSettingsTargetResourceEntitlementBundle":{"properties":{"id":{"type":"string","description":"Campaign id\n"}},"type":"object","required":["id"]},"okta:index/CampaignResourceSettingsTargetResourceEntitlementValue:CampaignResourceSettingsTargetResourceEntitlementValue":{"properties":{"id":{"type":"string","description":"Campaign id\n"}},"type":"object","required":["id"]},"okta:index/CampaignReviewerSettings:CampaignReviewerSettings":{"properties":{"bulkDecisionDisabled":{"type":"boolean","description":"When approving or revoking review items, bulk actions are disabled if true.\n"},"fallbackReviewerId":{"type":"string","description":"The ID of the fallback reviewer. Required when the type=`REVIEWER_EXPRESSION` or type=`RESOURCE_OWNER`\n"},"justificationRequired":{"type":"boolean","description":"When approving or revoking review items, a justification is required if true.\n"},"reassignmentDisabled":{"type":"boolean","description":"Reassignment is disabled for reviewers if true.\n"},"reviewerGroupId":{"type":"string","description":"The ID of the reviewer group to which the reviewer is assigned.\n"},"reviewerId":{"type":"string"},"reviewerLevels":{"type":"array","items":{"$ref":"#/types/okta:index/CampaignReviewerSettingsReviewerLevel:CampaignReviewerSettingsReviewerLevel"},"description":"Definition of reviewer level for a given campaign. Each reviewer level defines the kind of reviewer who is going to review.\n"},"reviewerScopeExpression":{"type":"string","description":"This property is required when type=`USER`\n"},"selfReviewDisabled":{"type":"boolean","description":"This property is required to be true for resource-centric campaigns when the Okta Admin Console is one of the resources.\n"},"type":{"type":"string","description":"Identifies the kind of reviewer for Access Certification.\n"}},"type":"object","required":["type"],"language":{"nodejs":{"requiredOutputs":["bulkDecisionDisabled","justificationRequired","reassignmentDisabled","selfReviewDisabled","type"]}}},"okta:index/CampaignReviewerSettingsReviewerLevel:CampaignReviewerSettingsReviewerLevel":{"properties":{"fallbackReviewerId":{"type":"string","description":"Required when the type=`REVIEWER_EXPRESSION` or type=`RESOURCE_OWNER`\n"},"reviewerGroupId":{"type":"string","description":"The ID of the reviewer group to which the reviewer is assigned.This property is required when type=`GROUP`\n"},"reviewerId":{"type":"string","description":"The ID of the reviewer to which the reviewer is assigned.This property is required when type=`USER`.\n"},"reviewerScopeExpression":{"type":"string","description":"This property is required when type=`REVIEWER_EXPRESSION`\n"},"selfReviewDisabled":{"type":"boolean","description":"This property is used to prevent self review.\n"},"startReviews":{"type":"array","items":{"$ref":"#/types/okta:index/CampaignReviewerSettingsReviewerLevelStartReview:CampaignReviewerSettingsReviewerLevelStartReview"},"description":"The rules for which the reviews can move to that level.\n"},"type":{"type":"string","description":"Identifies the kind of reviewer.\n"}},"type":"object","required":["type"],"language":{"nodejs":{"requiredOutputs":["fallbackReviewerId","reviewerGroupId","reviewerScopeExpression","selfReviewDisabled","type"]}}},"okta:index/CampaignReviewerSettingsReviewerLevelStartReview:CampaignReviewerSettingsReviewerLevelStartReview":{"properties":{"onDay":{"type":"integer","description":"The day of the campaign when the review starts. 0 means the first day of the campaign.\n"},"when":{"type":"string","description":"The condition for which, the lower level reviews will move to that level for further review.\n"}},"type":"object","language":{"nodejs":{"requiredOutputs":["onDay","when"]}}},"okta:index/CampaignScheduleSettings:CampaignScheduleSettings":{"properties":{"durationInDays":{"type":"integer","description":"The duration (in days) that the campaign is active.\n"},"endDate":{"type":"string"},"recurrences":{"type":"array","items":{"$ref":"#/types/okta:index/CampaignScheduleSettingsRecurrence:CampaignScheduleSettingsRecurrence"}},"startDate":{"type":"string","description":"The date on which the campaign is supposed to start. Accepts date in ISO 8601 format.\n"},"timeZone":{"type":"string","description":"The time zone in which the campaign is active.\n"},"type":{"type":"string","description":"The type of campaign being scheduled.\n"}},"type":"object","required":["durationInDays","startDate","timeZone","type"]},"okta:index/CampaignScheduleSettingsRecurrence:CampaignScheduleSettingsRecurrence":{"properties":{"ends":{"type":"string","description":"Specifies when the recurring schedule can have an end.\n"},"interval":{"type":"string","description":"Recurrence interval specified according to ISO8061 notation for durations.\n"},"repeatOnType":{"type":"string","description":"Specifies when the recurring schedule can have an end.\n"}},"type":"object","required":["interval"]},"okta:index/CustomizedSigninPageContentSecurityPolicySetting:CustomizedSigninPageContentSecurityPolicySetting":{"properties":{"mode":{"type":"string","description":"enforced or report_only\n"},"reportUri":{"type":"string"},"srcLists":{"type":"array","items":{"type":"string"}}},"type":"object"},"okta:index/CustomizedSigninPageWidgetCustomizations:CustomizedSigninPageWidgetCustomizations":{"properties":{"authenticatorPageCustomLinkLabel":{"type":"string"},"authenticatorPageCustomLinkUrl":{"type":"string"},"classicRecoveryFlowEmailOrUsernameLabel":{"type":"string"},"customLink1Label":{"type":"string"},"customLink1Url":{"type":"string"},"customLink2Label":{"type":"string"},"customLink2Url":{"type":"string"},"forgotPasswordLabel":{"type":"string"},"forgotPasswordUrl":{"type":"string"},"helpLabel":{"type":"string"},"helpUrl":{"type":"string"},"passwordInfoTip":{"type":"string"},"passwordLabel":{"type":"string"},"showPasswordVisibilityToggle":{"type":"boolean"},"showUserIdentifier":{"type":"boolean"},"signInLabel":{"type":"string"},"unlockAccountLabel":{"type":"string"},"unlockAccountUrl":{"type":"string"},"usernameInfoTip":{"type":"string"},"usernameLabel":{"type":"string"},"widgetGeneration":{"type":"string"}},"type":"object","required":["widgetGeneration"],"language":{"nodejs":{"requiredOutputs":["showPasswordVisibilityToggle","showUserIdentifier","widgetGeneration"]}}},"okta:index/DomainDnsRecord:DomainDnsRecord":{"properties":{"expiration":{"type":"string","description":"TXT record expiration\n"},"fqdn":{"type":"string","description":"DNS record name\n"},"recordType":{"type":"string","description":"Record type can be TXT or CNAME\n"},"values":{"type":"array","items":{"type":"string"},"description":"DNS verification value\n"}},"type":"object","language":{"nodejs":{"requiredOutputs":["expiration","fqdn","recordType","values"]}}},"okta:index/EmailDomainDnsValidationRecord:EmailDomainDnsValidationRecord":{"properties":{"expiration":{"type":"string","description":"DNS TXT record expiration\n","deprecationMessage":"This field has been removed in the newest go sdk version and has become noop"},"fqdn":{"type":"string","description":"DNS record name\n"},"recordType":{"type":"string","description":"Record type can be TXT or cname\n"},"value":{"type":"string","description":"DNS record value\n"}},"type":"object","language":{"nodejs":{"requiredOutputs":["expiration","fqdn","recordType","value"]}}},"okta:index/EmailSenderDnsRecord:EmailSenderDnsRecord":{"properties":{"fqdn":{"type":"string","description":"DNS record name\n"},"recordType":{"type":"string","description":"Record type can be TXT or CNAME\n"},"value":{"type":"string","description":"DNS verification value\n"}},"type":"object","language":{"nodejs":{"requiredOutputs":["fqdn","recordType","value"]}}},"okta:index/EndUserMyRequestsRequesterFieldValue:EndUserMyRequestsRequesterFieldValue":{"properties":{"id":{"type":"string","description":"The ID of a requesterField. This identifies the specific field in the approval system.\n"},"label":{"type":"string","description":"A human-readable description of requesterField. It's used for display purposes and is optional.\n"},"type":{"type":"string","description":"Type of value for the requester field. Valid values: `DURATION`, `ISO_DATE`, `MULTISELECT`, `OKTA_USER_ID`, `SELECT`, `TEXT`.\n"},"value":{"type":"string","description":"The value of requesterField, which depends on the type of the field. Used for single-value fields.\n"},"values":{"type":"array","items":{"type":"string"},"description":"The values of requesterField with the type MULTISELECT. If the field type is MULTISELECT, this property is required instead of \u003cspan pulumi-lang-nodejs=\"`value`\" pulumi-lang-dotnet=\"`Value`\" pulumi-lang-go=\"`value`\" pulumi-lang-python=\"`value`\" pulumi-lang-yaml=\"`value`\" pulumi-lang-java=\"`value`\"\u003e`value`\u003c/span\u003e.\n"}},"type":"object","required":["id"]},"okta:index/EntitlementBundleEntitlement:EntitlementBundleEntitlement":{"properties":{"id":{"type":"string","description":"The ID of the entitlement.\n"},"values":{"type":"array","items":{"$ref":"#/types/okta:index/EntitlementBundleEntitlementValue:EntitlementBundleEntitlementValue"}}},"type":"object","required":["id"]},"okta:index/EntitlementBundleEntitlementValue:EntitlementBundleEntitlementValue":{"properties":{"id":{"type":"string","description":"The ID of the entitlement value.\n"}},"type":"object","required":["id"]},"okta:index/EntitlementBundleTarget:EntitlementBundleTarget":{"properties":{"externalId":{"type":"string","description":"The Okta app ID of the resource.\n"},"type":{"type":"string","description":"The type of resource.\n"}},"type":"object","required":["externalId","type"]},"okta:index/EntitlementParent:EntitlementParent":{"properties":{"externalId":{"type":"string","description":"The Okta app ID of the resource.\n"},"type":{"type":"string","description":"The type of resource.\n"}},"type":"object","required":["externalId","type"]},"okta:index/EntitlementValue:EntitlementValue":{"properties":{"description":{"type":"string","description":"The description of an entitlement value.\n"},"externalValue":{"type":"string","description":"The value of an entitlement property value.\n"},"id":{"type":"string","description":"Collection of entitlement values.\n"},"name":{"type":"string","description":"The display name for an entitlement value.\n"}},"type":"object","language":{"nodejs":{"requiredOutputs":["id"]}}},"okta:index/EventHookHeader:EventHookHeader":{"properties":{"key":{"type":"string"},"value":{"type":"string"}},"type":"object"},"okta:index/FeatureStage:FeatureStage":{"properties":{"state":{"type":"string"},"value":{"type":"string"}},"type":"object","required":["state","value"]},"okta:index/GroupSchemaPropertyArrayOneOf:GroupSchemaPropertyArrayOneOf":{"properties":{"const":{"type":"string","description":"Value mapping to member of \u003cspan pulumi-lang-nodejs=\"`arrayEnum`\" pulumi-lang-dotnet=\"`ArrayEnum`\" pulumi-lang-go=\"`arrayEnum`\" pulumi-lang-python=\"`array_enum`\" pulumi-lang-yaml=\"`arrayEnum`\" pulumi-lang-java=\"`arrayEnum`\"\u003e`array_enum`\u003c/span\u003e\n"},"title":{"type":"string","description":"Display name for the enum value.\n"}},"type":"object","required":["const","title"]},"okta:index/GroupSchemaPropertyMasterOverridePriority:GroupSchemaPropertyMasterOverridePriority":{"properties":{"type":{"type":"string"},"value":{"type":"string"}},"type":"object","required":["value"]},"okta:index/GroupSchemaPropertyOneOf:GroupSchemaPropertyOneOf":{"properties":{"const":{"type":"string","description":"Enum value\n"},"title":{"type":"string","description":"Enum title\n"}},"type":"object","required":["const","title"]},"okta:index/LogStreamSettings:LogStreamSettings":{"properties":{"accountId":{"type":"string","description":"AWS account ID. Required only for 'aws_eventbridge' type\n"},"edition":{"type":"string","description":"Edition of the Splunk Cloud instance. Could be one of: 'aws', 'aws*govcloud', 'gcp'. Required only for 'splunk*cloud_logstreaming' type\n"},"eventSourceName":{"type":"string","description":"An alphanumeric name (no spaces) to identify this event source in AWS EventBridge. Required only for 'aws_eventbridge' type\n"},"host":{"type":"string","description":"The domain name for Splunk Cloud instance. Don't include http or https in the string. For example: 'acme.splunkcloud.com'. Required only for 'splunk*cloud*logstreaming' type\n"},"region":{"type":"string","description":"The destination AWS region where event source is located. Required only for 'aws_eventbridge' type\n"},"token":{"type":"string","description":"The HEC token for your Splunk Cloud HTTP Event Collector. Required only for 'splunk*cloud*logstreaming' type\n","secret":true}},"type":"object"},"okta:index/PolicyRuleProfileEnrollmentProfileAttribute:PolicyRuleProfileEnrollmentProfileAttribute":{"properties":{"label":{"type":"string","description":"A display-friendly label for this property\n"},"name":{"type":"string","description":"The name of a User Profile property\n"},"required":{"type":"boolean","description":"Indicates if this property is required for enrollment\n"}},"type":"object","required":["label","name"]},"okta:index/PreviewSigninPageContentSecurityPolicySetting:PreviewSigninPageContentSecurityPolicySetting":{"properties":{"mode":{"type":"string","description":"enforced or report_only\n"},"reportUri":{"type":"string"},"srcLists":{"type":"array","items":{"type":"string"}}},"type":"object"},"okta:index/PreviewSigninPageWidgetCustomizations:PreviewSigninPageWidgetCustomizations":{"properties":{"authenticatorPageCustomLinkLabel":{"type":"string"},"authenticatorPageCustomLinkUrl":{"type":"string"},"classicRecoveryFlowEmailOrUsernameLabel":{"type":"string"},"customLink1Label":{"type":"string"},"customLink1Url":{"type":"string"},"customLink2Label":{"type":"string"},"customLink2Url":{"type":"string"},"forgotPasswordLabel":{"type":"string"},"forgotPasswordUrl":{"type":"string"},"helpLabel":{"type":"string"},"helpUrl":{"type":"string"},"passwordInfoTip":{"type":"string"},"passwordLabel":{"type":"string"},"showPasswordVisibilityToggle":{"type":"boolean"},"showUserIdentifier":{"type":"boolean"},"signInLabel":{"type":"string"},"unlockAccountLabel":{"type":"string"},"unlockAccountUrl":{"type":"string"},"usernameInfoTip":{"type":"string"},"usernameLabel":{"type":"string"},"widgetGeneration":{"type":"string"}},"type":"object","required":["widgetGeneration"],"language":{"nodejs":{"requiredOutputs":["showPasswordVisibilityToggle","showUserIdentifier","widgetGeneration"]}}},"okta:index/PushProviderConfiguration:PushProviderConfiguration":{"properties":{"apnsConfiguration":{"$ref":"#/types/okta:index/PushProviderConfigurationApnsConfiguration:PushProviderConfigurationApnsConfiguration"},"fcmConfiguration":{"$ref":"#/types/okta:index/PushProviderConfigurationFcmConfiguration:PushProviderConfigurationFcmConfiguration"}},"type":"object"},"okta:index/PushProviderConfigurationApnsConfiguration:PushProviderConfigurationApnsConfiguration":{"properties":{"fileName":{"type":"string","description":"File name for Admin Console display.\n"},"keyId":{"type":"string","description":"10-character Key ID obtained from the Apple developer account. Required for APNS provider type.\n"},"teamId":{"type":"string","description":"10-character Team ID used to develop the iOS app. Required for APNS provider type.\n"},"tokenSigningKey":{"type":"string","description":"APNs private authentication token signing key. Required for APNS provider type.\n","secret":true}},"type":"object"},"okta:index/PushProviderConfigurationFcmConfiguration:PushProviderConfigurationFcmConfiguration":{"properties":{"serviceAccountJson":{"$ref":"#/types/okta:index/PushProviderConfigurationFcmConfigurationServiceAccountJson:PushProviderConfigurationFcmConfigurationServiceAccountJson","description":"JSON containing the private service account key and service account details. Required for FCM provider type.\n"}},"type":"object"},"okta:index/PushProviderConfigurationFcmConfigurationServiceAccountJson:PushProviderConfigurationFcmConfigurationServiceAccountJson":{"properties":{"authProviderX509CertUrl":{"type":"string","description":"The auth provider x509 cert URL.\n"},"authUri":{"type":"string","description":"The auth URI.\n"},"clientEmail":{"type":"string","description":"The client email.\n"},"clientId":{"type":"string","description":"The client ID.\n"},"clientX509CertUrl":{"type":"string","description":"The client x509 cert URL.\n"},"fileName":{"type":"string","description":"File name for Admin Console display.\n"},"privateKey":{"type":"string","description":"The private key.\n","secret":true},"privateKeyId":{"type":"string","description":"The private key ID.\n"},"projectId":{"type":"string","description":"The project ID.\n"},"tokenUri":{"type":"string","description":"The token URI.\n"},"type":{"type":"string","description":"The type of the service account.\n"}},"type":"object"},"okta:index/RateLimitingUseCaseModeOverrides:RateLimitingUseCaseModeOverrides":{"properties":{"loginPage":{"type":"string"},"oauth2Authorize":{"type":"string"},"oieAppIntent":{"type":"string"}},"type":"object"},"okta:index/RequestConditionAccessDurationSettings:RequestConditionAccessDurationSettings":{"properties":{"duration":{"type":"string","description":"The duration set by the admin for access durations. Use ISO8061 notation for duration values.\n"},"type":{"type":"string"}},"type":"object"},"okta:index/RequestConditionAccessScopeSettings:RequestConditionAccessScopeSettings":{"properties":{"ids":{"type":"array","items":{"$ref":"#/types/okta:index/RequestConditionAccessScopeSettingsId:RequestConditionAccessScopeSettingsId"},"description":"Block list of groups/entitlement bundles ids.\n"},"type":{"type":"string"}},"type":"object","required":["type"]},"okta:index/RequestConditionAccessScopeSettingsId:RequestConditionAccessScopeSettingsId":{"properties":{"id":{"type":"string","description":"Request condition id.\n"}},"type":"object"},"okta:index/RequestConditionRequesterSettings:RequestConditionRequesterSettings":{"properties":{"ids":{"type":"array","items":{"$ref":"#/types/okta:index/RequestConditionRequesterSettingsId:RequestConditionRequesterSettingsId"},"description":"Block list of teams/groups ids.\n"},"type":{"type":"string"}},"type":"object","required":["type"]},"okta:index/RequestConditionRequesterSettingsId:RequestConditionRequesterSettingsId":{"properties":{"id":{"type":"string","description":"Request condition id.\n"}},"type":"object"},"okta:index/RequestSettingResourceRequestOnBehalfOfSettings:RequestSettingResourceRequestOnBehalfOfSettings":{"properties":{"allowed":{"type":"boolean","description":"Indicates that users who can request this resource could also request for another requester of the same resource. This property can only be true.\n"},"onlyFors":{"type":"array","items":{"$ref":"#/types/okta:index/RequestSettingResourceRequestOnBehalfOfSettingsOnlyFor:RequestSettingResourceRequestOnBehalfOfSettingsOnlyFor"},"description":"Which requesters the resource requester can request on behalf of. Enum: `DIRECT_REPORT`.\n"}},"type":"object","language":{"nodejs":{"requiredOutputs":["allowed"]}}},"okta:index/RequestSettingResourceRequestOnBehalfOfSettingsOnlyFor:RequestSettingResourceRequestOnBehalfOfSettingsOnlyFor":{"properties":{"type":{"type":"string","description":"Which requesters the resource requester can request on behalf of. If onlyFor is not specified then any requester may request a resource on the behalf of any other user\n"}},"type":"object","language":{"nodejs":{"requiredOutputs":["type"]}}},"okta:index/RequestSettingResourceRiskSettings:RequestSettingResourceRiskSettings":{"properties":{"defaultSetting":{"$ref":"#/types/okta:index/RequestSettingResourceRiskSettingsDefaultSetting:RequestSettingResourceRiskSettingsDefaultSetting","description":"Default risk settings that are valid for an access request when a risk has been detected for the resource and requesting user.\n"}},"type":"object"},"okta:index/RequestSettingResourceRiskSettingsDefaultSetting:RequestSettingResourceRiskSettingsDefaultSetting":{"properties":{"accessDurationSettings":{"$ref":"#/types/okta:index/RequestSettingResourceRiskSettingsDefaultSettingAccessDurationSettings:RequestSettingResourceRiskSettingsDefaultSettingAccessDurationSettings","description":"Settings that control who may specify the access duration allowed by this request condition or risk settings, as well as what duration may be requested.\n"},"approvalSequenceId":{"type":"string","description":"The ID of the approval sequence.\n"},"errors":{"type":"array","items":{"type":"string"}},"requestSubmissionType":{"type":"string"}},"type":"object","language":{"nodejs":{"requiredOutputs":["errors","requestSubmissionType"]}}},"okta:index/RequestSettingResourceRiskSettingsDefaultSettingAccessDurationSettings:RequestSettingResourceRiskSettingsDefaultSettingAccessDurationSettings":{"properties":{"duration":{"type":"string","description":"The duration set by the admin for access durations. Use ISO8061 notation for duration values.\n"},"type":{"type":"string","description":"Enum: `ADMIN_FIXED_DURATION`, `REQUESTER_SPECIFIED_DURATION`.\n"}},"type":"object"},"okta:index/RequestV2Requested:RequestV2Requested":{"properties":{"accessScopeId":{"type":"string","description":"The ID of the access scope associated with the resource.\n"},"accessScopeType":{"type":"string","description":"The access scope type.\n"},"entryId":{"type":"string","description":"The ID of the resource catalog entry.\n"},"resourceId":{"type":"string","description":"The ID of the requested resource.\n"},"resourceType":{"type":"string","description":"The requested resource type.\n"},"type":{"type":"string","description":"The type of the resource.\n"}},"type":"object","required":["entryId","type"],"language":{"nodejs":{"requiredOutputs":["accessScopeId","accessScopeType","entryId","resourceId","resourceType","type"]}}},"okta:index/RequestV2RequestedFor:RequestV2RequestedFor":{"properties":{"externalId":{"type":"string","description":"The ID of the Okta user.\n"},"type":{"type":"string","description":"The type of principal.\n"}},"type":"object","required":["externalId","type"]},"okta:index/RequestV2RequesterFieldValue:RequestV2RequesterFieldValue":{"properties":{"id":{"type":"string","description":"Request condition id.\n"},"label":{"type":"string","description":"A human-readable description of requester field.\n"},"type":{"type":"string","description":"Type of value for the requester field.\n"},"value":{"type":"string","description":"The value of requester field, which depends on the type of the field.\n"},"values":{"type":"array","items":{"$ref":"#/types/okta:index/RequestV2RequesterFieldValueValue:RequestV2RequesterFieldValueValue"},"description":"The values of requester field with the type MULTISELECT. If the field type is MULTISELECT, this property is required.\n"}},"type":"object"},"okta:index/RequestV2RequesterFieldValueValue:RequestV2RequesterFieldValueValue":{"properties":{"value":{"type":"string"}},"type":"object"},"okta:index/SecurityEventsProviderSettings:SecurityEventsProviderSettings":{"properties":{"issuer":{"type":"string","description":"Issuer URL. Maximum length: 700 characters. To be used along with \u003cspan pulumi-lang-nodejs=\"`jwksUrl`\" pulumi-lang-dotnet=\"`JwksUrl`\" pulumi-lang-go=\"`jwksUrl`\" pulumi-lang-python=\"`jwks_url`\" pulumi-lang-yaml=\"`jwksUrl`\" pulumi-lang-java=\"`jwksUrl`\"\u003e`jwks_url`\u003c/span\u003e.\n"},"jwksUrl":{"type":"string","description":"The public URL where the JWKS public key is uploaded. Maximum length: 1000 characters. To be used along with \u003cspan pulumi-lang-nodejs=\"`issuer`\" pulumi-lang-dotnet=\"`Issuer`\" pulumi-lang-go=\"`issuer`\" pulumi-lang-python=\"`issuer`\" pulumi-lang-yaml=\"`issuer`\" pulumi-lang-java=\"`issuer`\"\u003e`issuer`\u003c/span\u003e.\n"},"wellKnownUrl":{"type":"string","description":"The published well-known URL of the Security Events Provider (the SSF transmitter). Maximum length: 1000 characters.\n"}},"type":"object"},"okta:index/TemplateSmsTranslation:TemplateSmsTranslation":{"properties":{"language":{"type":"string","description":"The language to map the template to.\n"},"template":{"type":"string","description":"The SMS message.\n"}},"type":"object","required":["language","template"]},"okta:index/UiSchemaUiSchema:UiSchemaUiSchema":{"properties":{"buttonLabel":{"type":"string","description":"Specifies the button label for the Submit button at the bottom of the enrollment form.\n"},"elements":{"type":"array","items":{"$ref":"#/types/okta:index/UiSchemaUiSchemaElement:UiSchemaUiSchemaElement"}},"label":{"type":"string","description":"Specifies the label at the top of the enrollment form under the logo.\n"},"type":{"type":"string","description":"Specifies the type of layout.\n"}},"type":"object"},"okta:index/UiSchemaUiSchemaElement:UiSchemaUiSchemaElement":{"properties":{"label":{"type":"string","description":"Label name for the UI element.\n"},"options":{"$ref":"#/types/okta:index/UiSchemaUiSchemaElementOptions:UiSchemaUiSchemaElementOptions","description":"UI Schema element options object.\n"},"scope":{"type":"string","description":"Specifies the property bound to the input field. It must follow the format #/properties/PROPERTY_NAME where PROPERTY_NAME is a variable name for an attribute in profile editor.\n"},"type":{"type":"string","description":"Specifies the relationship between this input element and scope. The Control value specifies that this input controls the value represented by scope.\n"}},"type":"object","required":["scope"]},"okta:index/UiSchemaUiSchemaElementOptions:UiSchemaUiSchemaElementOptions":{"properties":{"format":{"type":"string","description":"Specifies how the input appears.\n"}},"type":"object"},"okta:index/UserSchemaPropertyArrayOneOf:UserSchemaPropertyArrayOneOf":{"properties":{"const":{"type":"string","description":"Value mapping to member of \u003cspan pulumi-lang-nodejs=\"`arrayEnum`\" pulumi-lang-dotnet=\"`ArrayEnum`\" pulumi-lang-go=\"`arrayEnum`\" pulumi-lang-python=\"`array_enum`\" pulumi-lang-yaml=\"`arrayEnum`\" pulumi-lang-java=\"`arrayEnum`\"\u003e`array_enum`\u003c/span\u003e\n"},"title":{"type":"string","description":"Display name for the enum value.\n"}},"type":"object","required":["const","title"]},"okta:index/UserSchemaPropertyMasterOverridePriority:UserSchemaPropertyMasterOverridePriority":{"properties":{"type":{"type":"string"},"value":{"type":"string"}},"type":"object","required":["value"]},"okta:index/UserSchemaPropertyOneOf:UserSchemaPropertyOneOf":{"properties":{"const":{"type":"string","description":"Enum value\n"},"title":{"type":"string","description":"Enum title\n"}},"type":"object","required":["const","title"]},"okta:index/getAgentPoolUpdateAgent:getAgentPoolUpdateAgent":{"properties":{"id":{"type":"string","description":"The unique identifier of the agent.\n"},"isHidden":{"type":"boolean","description":"Determines if an agent is hidden from the Admin Console.\n"},"isLatestGaedVersion":{"type":"boolean","description":"Determines if the agent is on the latest generally available version.\n"},"lastConnection":{"type":"integer","description":"Timestamp when the agent last connected to Okta.\n"},"name":{"type":"string","description":"The name of the agent.\n"},"operationalStatus":{"type":"string","description":"Operational status of a given agent (e.g., DEGRADED, DISRUPTED, INACTIVE, OPERATIONAL).\n"},"poolId":{"type":"string","description":"Pool ID.\n"},"type":{"type":"string","description":"Agent types that are being monitored.\n"},"updateMessage":{"type":"string","description":"Status message of the agent.\n"},"updateStatus":{"type":"string","description":"Status for one agent regarding the status to auto-update that agent.\n"},"version":{"type":"string","description":"Agent version number.\n"}},"type":"object","required":["id","isHidden","isLatestGaedVersion","lastConnection","name","operationalStatus","poolId","type","updateMessage","updateStatus","version"],"language":{"nodejs":{"requiredInputs":[]}}},"okta:index/getAgentPoolUpdateSchedule:getAgentPoolUpdateSchedule":{"properties":{"cron":{"type":"string","description":"The schedule of the update in cron format.\n"},"delay":{"type":"integer","description":"Delay in days.\n"},"duration":{"type":"integer","description":"Duration in minutes.\n"},"lastUpdated":{"type":"string","description":"Timestamp when the update finished.\n"},"timezone":{"type":"string","description":"Timezone of where the scheduled job takes place.\n"}},"type":"object","required":["cron","delay","duration","lastUpdated","timezone"],"language":{"nodejs":{"requiredInputs":[]}}},"okta:index/getApiServiceIntegrationGrantedScope:getApiServiceIntegrationGrantedScope":{"properties":{"scope":{"type":"string","description":"The scope of the API service integration granted.\n"}},"type":"object","required":["scope"],"language":{"nodejs":{"requiredInputs":[]}}},"okta:index/getApiTokenNetwork:getApiTokenNetwork":{"properties":{"connection":{"type":"string","description":"The connection type of the Network Condition.\n"},"excludes":{"type":"array","items":{"type":"string"},"description":"The IP address the excluded zone.\n"},"includes":{"type":"array","items":{"type":"string"},"description":"The IP address the included zone.\n"}},"type":"object","required":["connection","excludes","includes"],"language":{"nodejs":{"requiredInputs":[]}}},"okta:index/getAppsApp:getAppsApp":{"properties":{"adminNote":{"type":"string"},"created":{"type":"string"},"enduserNote":{"type":"string"},"features":{"type":"array","items":{"type":"string"}},"id":{"type":"string"},"label":{"type":"string"},"lastUpdated":{"type":"string"},"name":{"type":"string"},"signOnMode":{"type":"string"},"status":{"type":"string"},"visibility":{"$ref":"#/types/okta:index/getAppsAppVisibility:getAppsAppVisibility"}},"type":"object","required":["adminNote","created","enduserNote","features","id","label","lastUpdated","name","signOnMode","status","visibility"],"language":{"nodejs":{"requiredInputs":[]}}},"okta:index/getAppsAppVisibility:getAppsAppVisibility":{"properties":{"autoLaunch":{"type":"boolean"},"autoSubmitToolbar":{"type":"boolean"},"hide":{"$ref":"#/types/okta:index/getAppsAppVisibilityHide:getAppsAppVisibilityHide"}},"type":"object","required":["autoLaunch","autoSubmitToolbar","hide"],"language":{"nodejs":{"requiredInputs":[]}}},"okta:index/getAppsAppVisibilityHide:getAppsAppVisibilityHide":{"properties":{"ios":{"type":"boolean"},"web":{"type":"boolean"}},"type":"object","required":["ios","web"],"language":{"nodejs":{"requiredInputs":[]}}},"okta:index/getAuthServerClaimsClaim:getAuthServerClaimsClaim":{"properties":{"alwaysIncludeInToken":{"type":"boolean","description":"Specifies whether to include Claims in the token.\n"},"claimType":{"type":"string","description":"Specifies whether the Claim is for an access token (`RESOURCE`) or ID token (`IDENTITY`).\n"},"id":{"type":"string","description":"ID of the claim.\n"},"name":{"type":"string","description":"Name of the claim.\n"},"scopes":{"type":"array","items":{"type":"string"},"description":"Specifies the scopes for this Claim.\n"},"status":{"type":"string","description":"Status of the claim.\n"},"value":{"type":"string","description":"Value of the claim.\n"},"valueType":{"type":"string","description":"Specifies whether the Claim is an Okta EL expression (`EXPRESSION`), a set of groups (`GROUPS`), or a system claim (`SYSTEM`)\n"}},"type":"object","required":["alwaysIncludeInToken","claimType","id","name","scopes","status","value","valueType"],"language":{"nodejs":{"requiredInputs":[]}}},"okta:index/getBehavioursBehavior:getBehavioursBehavior":{"properties":{"id":{"type":"string","description":"Behavior ID.\n"},"name":{"type":"string","description":"Behavior name.\n"},"settings":{"type":"object","additionalProperties":{"type":"string"},"description":"Map of behavior settings.\n"},"status":{"type":"string","description":"Behavior status.\n"},"type":{"type":"string","description":"Behavior type.\n"}},"type":"object","required":["id","name","settings","status","type"],"language":{"nodejs":{"requiredInputs":[]}}},"okta:index/getBrandsBrand:getBrandsBrand":{"properties":{"customPrivacyPolicyUrl":{"type":"string","description":"Custom privacy policy URL\n"},"id":{"type":"string","description":"The ID of the Brand\n"},"links":{"type":"string","description":"Link relations for this object - JSON HAL - Discoverable resources related to the brand\n"},"name":{"type":"string","description":"Brand name\n"},"removePoweredByOkta":{"type":"boolean","description":"Removes \"Powered by Okta\" from the Okta-hosted sign-in page and \"© 2021 Okta, Inc.\" from the Okta End-User Dashboard\n"}},"type":"object","required":["customPrivacyPolicyUrl","id","links","name","removePoweredByOkta"],"language":{"nodejs":{"requiredInputs":[]}}},"okta:index/getCampaignNotificationSettings:getCampaignNotificationSettings":{"properties":{"notifyReviewPeriodEnd":{"type":"boolean"},"notifyReviewerAtCampaignEnd":{"type":"boolean"},"notifyReviewerDuringMidpointOfReview":{"type":"boolean"},"notifyReviewerWhenOverdue":{"type":"boolean"},"notifyReviewerWhenReviewAssigned":{"type":"boolean"},"remindersReviewerBeforeCampaignCloseInSecs":{"type":"array","items":{"type":"integer"}}},"type":"object","required":["notifyReviewPeriodEnd","notifyReviewerAtCampaignEnd","notifyReviewerDuringMidpointOfReview","notifyReviewerWhenOverdue","notifyReviewerWhenReviewAssigned","remindersReviewerBeforeCampaignCloseInSecs"],"language":{"nodejs":{"requiredInputs":[]}}},"okta:index/getCampaignPrincipalScopeSettings:getCampaignPrincipalScopeSettings":{"properties":{"excludedUserIds":{"type":"array","items":{"type":"string"}},"groupIds":{"type":"array","items":{"type":"string"}},"includeOnlyActiveUsers":{"type":"boolean"},"onlyIncludeUsersWithSodConflicts":{"type":"boolean"},"predefinedInactiveUsersScopes":{"type":"array","items":{"$ref":"#/types/okta:index/getCampaignPrincipalScopeSettingsPredefinedInactiveUsersScope:getCampaignPrincipalScopeSettingsPredefinedInactiveUsersScope"}},"type":{"type":"string"},"userIds":{"type":"array","items":{"type":"string"}},"userScopeExpression":{"type":"string"}},"type":"object","required":["excludedUserIds","groupIds","includeOnlyActiveUsers","onlyIncludeUsersWithSodConflicts","type","userIds","userScopeExpression"],"language":{"nodejs":{"requiredInputs":[]}}},"okta:index/getCampaignPrincipalScopeSettingsPredefinedInactiveUsersScope:getCampaignPrincipalScopeSettingsPredefinedInactiveUsersScope":{"properties":{"inactiveDays":{"type":"integer"}},"type":"object","required":["inactiveDays"],"language":{"nodejs":{"requiredInputs":[]}}},"okta:index/getCampaignRemediationSettings:getCampaignRemediationSettings":{"properties":{"accessApproved":{"type":"string","description":"Specifies the action by default if the reviewer approves access. NO_ACTION indicates there is no remediation action and the user retains access.\n"},"accessRevoked":{"type":"string","description":"Specifies the action if the reviewer revokes access. NO_ACTION indicates the user retains the same access. DENY indicates the user will have their access revoked as long as they are not assigned to a group through Group Rules.\n"},"autoRemediationSettings":{"$ref":"#/types/okta:index/getCampaignRemediationSettingsAutoRemediationSettings:getCampaignRemediationSettingsAutoRemediationSettings"},"noResponse":{"type":"string","description":"Specifies the action if the reviewer doesn't respond to the request.\n"}},"type":"object","required":["accessApproved","accessRevoked","noResponse"],"language":{"nodejs":{"requiredInputs":[]}}},"okta:index/getCampaignRemediationSettingsAutoRemediationSettings:getCampaignRemediationSettingsAutoRemediationSettings":{"properties":{"includeAllIndirectAssignments":{"type":"boolean","description":"When a group is selected to be automatically remediated.\n"},"includeOnlies":{"type":"array","items":{"$ref":"#/types/okta:index/getCampaignRemediationSettingsAutoRemediationSettingsIncludeOnly:getCampaignRemediationSettingsAutoRemediationSettingsIncludeOnly"},"description":"An array of resources to be automatically remediated.\n"}},"type":"object","required":["includeAllIndirectAssignments"],"language":{"nodejs":{"requiredInputs":[]}}},"okta:index/getCampaignRemediationSettingsAutoRemediationSettingsIncludeOnly:getCampaignRemediationSettingsAutoRemediationSettingsIncludeOnly":{"properties":{"resourceId":{"type":"string","description":"The resource ID of the target resource When type = GROUP, it will point to the group ID.\n"},"resourceType":{"type":"string","description":"The type of the resource to be automatically remediated. Only GROUP is supported.\n"}},"type":"object","required":["resourceId","resourceType"]},"okta:index/getCampaignResourceSettings:getCampaignResourceSettings":{"properties":{"excludedResources":{"type":"array","items":{"$ref":"#/types/okta:index/getCampaignResourceSettingsExcludedResource:getCampaignResourceSettingsExcludedResource"},"description":"An array of resources that are excluded from the review.\n"},"includeAdminRoles":{"type":"boolean","description":"Include admin roles.\n"},"includeEntitlements":{"type":"boolean","description":"Include entitlements for this application.\n"},"individuallyAssignedAppsOnly":{"type":"boolean","description":"Only include individually assigned groups.\n"},"individuallyAssignedGroupsOnly":{"type":"boolean","description":"Only include individually assigned groups.\n"},"onlyIncludeOutOfPolicyEntitlements":{"type":"boolean","description":"Only include out-of-policy entitlements.\n"},"targetResources":{"type":"array","items":{"$ref":"#/types/okta:index/getCampaignResourceSettingsTargetResource:getCampaignResourceSettingsTargetResource"},"description":"Represents a resource that will be part of Access certifications.\n"},"type":{"type":"string","description":"The type of Okta resource.\n"}},"type":"object","required":["includeAdminRoles","includeEntitlements","individuallyAssignedAppsOnly","individuallyAssignedGroupsOnly","onlyIncludeOutOfPolicyEntitlements","type"],"language":{"nodejs":{"requiredInputs":[]}}},"okta:index/getCampaignResourceSettingsExcludedResource:getCampaignResourceSettingsExcludedResource":{"properties":{"resourceId":{"type":"string","description":"Okta specific resource ID.\n"},"resourceType":{"type":"string","description":"The type of Okta resource.\n"}},"type":"object","required":["resourceId","resourceType"],"language":{"nodejs":{"requiredInputs":[]}}},"okta:index/getCampaignResourceSettingsTargetResource:getCampaignResourceSettingsTargetResource":{"properties":{"entitlementBundles":{"type":"array","items":{"$ref":"#/types/okta:index/getCampaignResourceSettingsTargetResourceEntitlementBundle:getCampaignResourceSettingsTargetResourceEntitlementBundle"},"description":"An array of entitlement bundles associated with resourceId that should be chosen as target when creating reviews.\n"},"entitlements":{"type":"array","items":{"$ref":"#/types/okta:index/getCampaignResourceSettingsTargetResourceEntitlement:getCampaignResourceSettingsTargetResourceEntitlement"}},"includeAllEntitlementsAndBundles":{"type":"boolean","description":"Include all entitlements and entitlement bundles for this application.\n"},"resourceId":{"type":"string","description":"The resource ID that is being reviewed.\n"},"resourceType":{"type":"string","description":"The type of Okta resource.\n"}},"type":"object","required":["includeAllEntitlementsAndBundles","resourceId","resourceType"],"language":{"nodejs":{"requiredInputs":["resourceId"]}}},"okta:index/getCampaignResourceSettingsTargetResourceEntitlement:getCampaignResourceSettingsTargetResourceEntitlement":{"properties":{"id":{"type":"string","description":"The ID of this resource.\n"},"includeAllValues":{"type":"boolean","description":"Whether to include all values for this entitlement.\n"},"values":{"type":"array","items":{"$ref":"#/types/okta:index/getCampaignResourceSettingsTargetResourceEntitlementValue:getCampaignResourceSettingsTargetResourceEntitlementValue"},"description":"Entitlement value ids\n"}},"type":"object","required":["id","includeAllValues"],"language":{"nodejs":{"requiredInputs":["id"]}}},"okta:index/getCampaignResourceSettingsTargetResourceEntitlementBundle:getCampaignResourceSettingsTargetResourceEntitlementBundle":{"properties":{"id":{"type":"string","description":"The ID of this resource.\n"}},"type":"object","required":["id"]},"okta:index/getCampaignResourceSettingsTargetResourceEntitlementValue:getCampaignResourceSettingsTargetResourceEntitlementValue":{"properties":{"id":{"type":"string","description":"The ID of this resource.\n"}},"type":"object","required":["id"]},"okta:index/getCampaignReviewerSettings:getCampaignReviewerSettings":{"properties":{"bulkDecisionDisabled":{"type":"boolean"},"fallbackReviewerId":{"type":"string"},"justificationRequired":{"type":"boolean"},"reassignmentDisabled":{"type":"boolean"},"reviewerGroupId":{"type":"string"},"reviewerId":{"type":"string"},"reviewerLevels":{"type":"array","items":{"$ref":"#/types/okta:index/getCampaignReviewerSettingsReviewerLevel:getCampaignReviewerSettingsReviewerLevel"}},"reviewerScopeExpression":{"type":"string"},"selfReviewDisabled":{"type":"boolean"},"type":{"type":"string"}},"type":"object","required":["bulkDecisionDisabled","fallbackReviewerId","justificationRequired","reassignmentDisabled","reviewerGroupId","reviewerId","reviewerScopeExpression","selfReviewDisabled","type"],"language":{"nodejs":{"requiredInputs":[]}}},"okta:index/getCampaignReviewerSettingsReviewerLevel:getCampaignReviewerSettingsReviewerLevel":{"properties":{"fallbackReviewerId":{"type":"string"},"reviewerGroupId":{"type":"string"},"reviewerId":{"type":"string"},"reviewerScopeExpression":{"type":"string"},"selfReviewDisabled":{"type":"boolean"},"startReviews":{"type":"array","items":{"$ref":"#/types/okta:index/getCampaignReviewerSettingsReviewerLevelStartReview:getCampaignReviewerSettingsReviewerLevelStartReview"}},"type":{"type":"string"}},"type":"object","required":["fallbackReviewerId","reviewerGroupId","reviewerId","reviewerScopeExpression","selfReviewDisabled","type"],"language":{"nodejs":{"requiredInputs":[]}}},"okta:index/getCampaignReviewerSettingsReviewerLevelStartReview:getCampaignReviewerSettingsReviewerLevelStartReview":{"properties":{"onDay":{"type":"integer"},"when":{"type":"string"}},"type":"object","required":["onDay","when"],"language":{"nodejs":{"requiredInputs":[]}}},"okta:index/getCampaignScheduleSettings:getCampaignScheduleSettings":{"properties":{"durationInDays":{"type":"integer"},"endDate":{"type":"string"},"recurrences":{"type":"array","items":{"$ref":"#/types/okta:index/getCampaignScheduleSettingsRecurrence:getCampaignScheduleSettingsRecurrence"}},"startDate":{"type":"string"},"timeZone":{"type":"string"},"type":{"type":"string"}},"type":"object","required":["durationInDays","endDate","startDate","timeZone","type"],"language":{"nodejs":{"requiredInputs":[]}}},"okta:index/getCampaignScheduleSettingsRecurrence:getCampaignScheduleSettingsRecurrence":{"properties":{"ends":{"type":"string"},"interval":{"type":"string"},"repeatOnType":{"type":"string"}},"type":"object","required":["ends","interval","repeatOnType"],"language":{"nodejs":{"requiredInputs":[]}}},"okta:index/getCatalogEntryDefaultCounts:getCatalogEntryDefaultCounts":{"properties":{"resourceCounts":{"$ref":"#/types/okta:index/getCatalogEntryDefaultCountsResourceCounts:getCatalogEntryDefaultCountsResourceCounts","description":"Collection resource counts.\n"}},"type":"object"},"okta:index/getCatalogEntryDefaultCountsResourceCounts:getCatalogEntryDefaultCountsResourceCounts":{"properties":{"applications":{"type":"integer","description":"Number of app resources in a collection.\n"}},"type":"object","required":["applications"],"language":{"nodejs":{"requiredInputs":[]}}},"okta:index/getCatalogEntryDefaultLinks:getCatalogEntryDefaultLinks":{"properties":{"self":{"$ref":"#/types/okta:index/getCatalogEntryDefaultLinksSelf:getCatalogEntryDefaultLinksSelf","description":"A link to the catalog entry itself.\n"}},"type":"object"},"okta:index/getCatalogEntryDefaultLinksSelf:getCatalogEntryDefaultLinksSelf":{"properties":{"href":{"type":"string","description":"Contains the absolute API URL for retrieving this catalog entry resource.\n"}},"type":"object","required":["href"],"language":{"nodejs":{"requiredInputs":[]}}},"okta:index/getCatalogEntryUserAccessRequestFieldsData:getCatalogEntryUserAccessRequestFieldsData":{"properties":{"choices":{"type":"array","items":{"$ref":"#/types/okta:index/getCatalogEntryUserAccessRequestFieldsDataChoice:getCatalogEntryUserAccessRequestFieldsDataChoice"},"description":"Valid choices when type is SELECT or MULTISELECT.\n"},"id":{"type":"string"},"label":{"type":"string","description":"Label of the requester field.\n"},"maximumValue":{"type":"string","description":"The maximum value allowed for this field. Only applies to DURATION fields.\n"},"readOnly":{"type":"boolean","description":"Indicates this field is immutable.\n"},"required":{"type":"boolean","description":"Indicates whether a value to this field is required to advance the request.\n"},"type":{"type":"string","description":"Type of value for the requester field.\n"},"value":{"type":"string","description":"An admin configured value for this field. Only applies to DURATION fields.\n"}},"type":"object","required":["id","label","maximumValue","readOnly","required","type","value"],"language":{"nodejs":{"requiredInputs":[]}}},"okta:index/getCatalogEntryUserAccessRequestFieldsDataChoice:getCatalogEntryUserAccessRequestFieldsDataChoice":{"properties":{"choice":{"type":"string","description":"Valid choice.\n"}},"type":"object","required":["choice"],"language":{"nodejs":{"requiredInputs":[]}}},"okta:index/getDefaultSigninPageContentSecurityPolicySetting:getDefaultSigninPageContentSecurityPolicySetting":{"properties":{"mode":{"type":"string","description":"enforced or report_only\n"},"reportUri":{"type":"string"},"srcLists":{"type":"array","items":{"type":"string"}}},"type":"object","required":["mode","reportUri","srcLists"],"language":{"nodejs":{"requiredInputs":[]}}},"okta:index/getDefaultSigninPageWidgetCustomizations:getDefaultSigninPageWidgetCustomizations":{"properties":{"authenticatorPageCustomLinkLabel":{"type":"string"},"authenticatorPageCustomLinkUrl":{"type":"string"},"classicRecoveryFlowEmailOrUsernameLabel":{"type":"string"},"customLink1Label":{"type":"string"},"customLink1Url":{"type":"string"},"customLink2Label":{"type":"string"},"customLink2Url":{"type":"string"},"forgotPasswordLabel":{"type":"string"},"forgotPasswordUrl":{"type":"string"},"helpLabel":{"type":"string"},"helpUrl":{"type":"string"},"passwordInfoTip":{"type":"string"},"passwordLabel":{"type":"string"},"showPasswordVisibilityToggle":{"type":"boolean"},"showUserIdentifier":{"type":"boolean"},"signInLabel":{"type":"string"},"unlockAccountLabel":{"type":"string"},"unlockAccountUrl":{"type":"string"},"usernameInfoTip":{"type":"string"},"usernameLabel":{"type":"string"},"widgetGeneration":{"type":"string"}},"type":"object","required":["authenticatorPageCustomLinkLabel","authenticatorPageCustomLinkUrl","classicRecoveryFlowEmailOrUsernameLabel","customLink1Label","customLink1Url","customLink2Label","customLink2Url","forgotPasswordLabel","forgotPasswordUrl","helpLabel","helpUrl","passwordInfoTip","passwordLabel","showPasswordVisibilityToggle","showUserIdentifier","signInLabel","unlockAccountLabel","unlockAccountUrl","usernameInfoTip","usernameLabel","widgetGeneration"],"language":{"nodejs":{"requiredInputs":[]}}},"okta:index/getDeviceAssurancePolicyDiskEncryptionType:getDeviceAssurancePolicyDiskEncryptionType":{"properties":{"includes":{"type":"array","items":{"type":"string"}}},"type":"object","required":["includes"],"language":{"nodejs":{"requiredInputs":[]}}},"okta:index/getDeviceAssurancePolicyOsVersion:getDeviceAssurancePolicyOsVersion":{"properties":{"dynamicVersionRequirement":{"$ref":"#/types/okta:index/getDeviceAssurancePolicyOsVersionDynamicVersionRequirement:getDeviceAssurancePolicyOsVersionDynamicVersionRequirement"},"minimum":{"type":"string"}},"type":"object","required":["dynamicVersionRequirement","minimum"],"language":{"nodejs":{"requiredInputs":[]}}},"okta:index/getDeviceAssurancePolicyOsVersionConstraint:getDeviceAssurancePolicyOsVersionConstraint":{"properties":{"dynamicVersionRequirement":{"$ref":"#/types/okta:index/getDeviceAssurancePolicyOsVersionConstraintDynamicVersionRequirement:getDeviceAssurancePolicyOsVersionConstraintDynamicVersionRequirement"},"majorVersionConstraint":{"type":"string"}},"type":"object","required":["dynamicVersionRequirement","majorVersionConstraint"],"language":{"nodejs":{"requiredInputs":[]}}},"okta:index/getDeviceAssurancePolicyOsVersionConstraintDynamicVersionRequirement:getDeviceAssurancePolicyOsVersionConstraintDynamicVersionRequirement":{"properties":{"distanceFromLatestMajor":{"type":"integer"},"latestSecurityPatch":{"type":"boolean"},"type":{"type":"string"}},"type":"object","required":["distanceFromLatestMajor","latestSecurityPatch","type"],"language":{"nodejs":{"requiredInputs":[]}}},"okta:index/getDeviceAssurancePolicyOsVersionDynamicVersionRequirement:getDeviceAssurancePolicyOsVersionDynamicVersionRequirement":{"properties":{"distanceFromLatestMajor":{"type":"integer"},"latestSecurityPatch":{"type":"boolean"},"type":{"type":"string"}},"type":"object","required":["distanceFromLatestMajor","latestSecurityPatch","type"],"language":{"nodejs":{"requiredInputs":[]}}},"okta:index/getDeviceAssurancePolicyScreenlockType:getDeviceAssurancePolicyScreenlockType":{"properties":{"includes":{"type":"array","items":{"type":"string"}}},"type":"object","required":["includes"],"language":{"nodejs":{"requiredInputs":[]}}},"okta:index/getDeviceAssurancePolicyThirdPartySignalProvider:getDeviceAssurancePolicyThirdPartySignalProvider":{"properties":{"dtc":{"$ref":"#/types/okta:index/getDeviceAssurancePolicyThirdPartySignalProviderDtc:getDeviceAssurancePolicyThirdPartySignalProviderDtc"}},"type":"object","required":["dtc"]},"okta:index/getDeviceAssurancePolicyThirdPartySignalProviderDtc:getDeviceAssurancePolicyThirdPartySignalProviderDtc":{"properties":{"allowScreenLock":{"type":"boolean"},"browserVersion":{"$ref":"#/types/okta:index/getDeviceAssurancePolicyThirdPartySignalProviderDtcBrowserVersion:getDeviceAssurancePolicyThirdPartySignalProviderDtcBrowserVersion"},"builtInDnsClientEnabled":{"type":"boolean"},"chromeRemoteDesktopAppBlocked":{"type":"boolean"},"crowdStrikeAgentId":{"type":"string"},"crowdStrikeCustomerId":{"type":"string"},"deviceEnrollmentDomain":{"type":"string"},"diskEncrypted":{"type":"boolean"},"keyTrustLevel":{"type":"string"},"managedDevice":{"type":"boolean"},"osFirewall":{"type":"boolean"},"osVersion":{"$ref":"#/types/okta:index/getDeviceAssurancePolicyThirdPartySignalProviderDtcOsVersion:getDeviceAssurancePolicyThirdPartySignalProviderDtcOsVersion"},"passwordProtectionWarningTrigger":{"type":"string"},"realtimeUrlCheckMode":{"type":"boolean"},"safeBrowsingProtectionLevel":{"type":"string"},"screenLockSecured":{"type":"boolean"},"siteIsolationEnabled":{"type":"boolean"},"thirdPartyBlockingEnabled":{"type":"boolean"},"windowsMachineDomain":{"type":"string"},"windowsUserDomain":{"type":"string"}},"type":"object","required":["allowScreenLock","browserVersion","builtInDnsClientEnabled","chromeRemoteDesktopAppBlocked","crowdStrikeAgentId","crowdStrikeCustomerId","deviceEnrollmentDomain","diskEncrypted","keyTrustLevel","managedDevice","osFirewall","osVersion","passwordProtectionWarningTrigger","realtimeUrlCheckMode","safeBrowsingProtectionLevel","screenLockSecured","siteIsolationEnabled","thirdPartyBlockingEnabled","windowsMachineDomain","windowsUserDomain"]},"okta:index/getDeviceAssurancePolicyThirdPartySignalProviderDtcBrowserVersion:getDeviceAssurancePolicyThirdPartySignalProviderDtcBrowserVersion":{"properties":{"minimum":{"type":"string"}},"type":"object","required":["minimum"]},"okta:index/getDeviceAssurancePolicyThirdPartySignalProviderDtcOsVersion:getDeviceAssurancePolicyThirdPartySignalProviderDtcOsVersion":{"properties":{"minimum":{"type":"string"}},"type":"object","required":["minimum"]},"okta:index/getDeviceProfile:getDeviceProfile":{"properties":{"diskEncryptionType":{"type":"string","description":"The disk encryption type of the device.\n"},"displayName":{"type":"string","description":"The display name of the device.\n"},"imei":{"type":"string","description":"The International Mobile Equipment Identity (IMEI) of the device.\n"},"integrityJailBreak":{"type":"boolean","description":"Indicates if the device is jailbroken or rooted. Only applicable to IOS and ANDROID platforms.\n"},"manufacturer":{"type":"string","description":"The manufacturer of the device.\n"},"meid":{"type":"string","description":"The Mobile Equipment Identifier (MEID) of the device.\n"},"model":{"type":"string","description":"The model of the device.\n"},"osVersion":{"type":"string","description":"The OS version of the device.\n"},"platform":{"type":"string","description":"The platform of the device.\n"},"registered":{"type":"boolean","description":"Indicates if the device is registered at Okta.\n"},"secureHardwarePresent":{"type":"boolean","description":"Indicates if secure hardware is present on the device.\n"},"serialNumber":{"type":"string","description":"The serial number of the device.\n"},"sid":{"type":"string","description":"The Security Identifier (SID) of the device.\n"},"tpmPublicKeyHash":{"type":"string","description":"Windows Trusted Platform Module hash value.\n"},"udid":{"type":"string","description":"MacOS Unique device identifier of the device.\n"}},"type":"object","required":["diskEncryptionType","displayName","imei","integrityJailBreak","manufacturer","meid","model","osVersion","platform","registered","secureHardwarePresent","serialNumber","sid","tpmPublicKeyHash","udid"],"language":{"nodejs":{"requiredInputs":[]}}},"okta:index/getDeviceResourceDisplayName:getDeviceResourceDisplayName":{"properties":{"sensitive":{"type":"boolean","description":"Indicates if the resource display name is sensitive.\n"},"value":{"type":"string","description":"The value of the resource display name.\n"}},"type":"object","required":["sensitive","value"],"language":{"nodejs":{"requiredInputs":[]}}},"okta:index/getDomainDnsRecord:getDomainDnsRecord":{"properties":{"expiration":{"type":"string","description":"TXT record expiration\n"},"fqdn":{"type":"string","description":"DNS record name\n"},"recordType":{"type":"string","description":"Record type can be TXT or CNAME\n"},"values":{"type":"array","items":{"type":"string"},"description":"DNS verification value\n"}},"type":"object","required":["expiration","fqdn","recordType","values"],"language":{"nodejs":{"requiredInputs":[]}}},"okta:index/getEmailCustomizationsEmailCustomization:getEmailCustomizationsEmailCustomization":{"properties":{"body":{"type":"string","description":"The body of the customization\n"},"id":{"type":"string","description":"The ID of the customization\n"},"isDefault":{"type":"boolean","description":"Whether the customization is the default\n"},"language":{"type":"string","description":"The language supported by the customization\n"},"links":{"type":"string","description":"Link relations for this object - JSON HAL - Discoverable resources related to the email template\n"},"subject":{"type":"string","description":"The subject of the customization\n"}},"type":"object","required":["body","id","isDefault","language","links","subject"],"language":{"nodejs":{"requiredInputs":[]}}},"okta:index/getEndUserMyRequestsRequested:getEndUserMyRequestsRequested":{"properties":{"accessScopeId":{"type":"string","description":"ID of the access scope\n"},"accessScopeType":{"type":"string","description":"The access scope type\n"},"entryId":{"type":"string","description":"The ID of the catalog entry for which the request was made.\n"},"resourceId":{"type":"string","description":"The requested resource ID\n"},"resourceType":{"type":"string","description":"The requested resource type.\n"}},"type":"object","required":["accessScopeId","accessScopeType","entryId","resourceId","resourceType"],"language":{"nodejs":{"requiredInputs":[]}}},"okta:index/getEndUserMyRequestsRequestedBy:getEndUserMyRequestsRequestedBy":{"properties":{"externalId":{"type":"string","description":"The Okta user id\n"},"type":{"type":"string","description":"The type of principal\n"}},"type":"object","required":["externalId","type"],"language":{"nodejs":{"requiredInputs":[]}}},"okta:index/getEndUserMyRequestsRequestedFor:getEndUserMyRequestsRequestedFor":{"properties":{"externalId":{"type":"string","description":"The Okta user id\n"},"type":{"type":"string","description":"The type of principal\n"}},"type":"object","required":["externalId","type"],"language":{"nodejs":{"requiredInputs":[]}}},"okta:index/getEndUserMyRequestsRequesterFieldValue:getEndUserMyRequestsRequesterFieldValue":{"properties":{"id":{"type":"string","description":"The ID of the requester field.\n"},"label":{"type":"string","description":"A human-readable description of the requester field.\n"},"type":{"type":"string","description":"Type of value for the requester field. Valid values: `DURATION`, `ISO_DATE`, `MULTISELECT`, `OKTA_USER_ID`, `SELECT`, `TEXT`.\n"},"value":{"type":"string","description":"The value of the requester field (for single-value fields).\n"},"values":{"type":"array","items":{"type":"string"},"description":"The values of the requester field (for MULTISELECT type fields).\n"}},"type":"object","required":["id"]},"okta:index/getEndUserMyRequestsRiskAssessment:getEndUserMyRequestsRiskAssessment":{"properties":{"requestSubmissionType":{"type":"string","description":"Whether request submission is allowed or restricted in the risk settings.\n"},"riskRules":{"type":"array","items":{"$ref":"#/types/okta:index/getEndUserMyRequestsRiskAssessmentRiskRule:getEndUserMyRequestsRiskAssessmentRiskRule"},"description":"An array of resources that are excluded from the review.\n"}},"type":"object"},"okta:index/getEndUserMyRequestsRiskAssessmentRiskRule:getEndUserMyRequestsRiskAssessmentRiskRule":{"properties":{"description":{"type":"string","description":"The human readable description.\n"},"name":{"type":"string","description":"The name of a resource rule causing a conflict.\n"},"resourceName":{"type":"string","description":"Human readable name of the resource.\n"}},"type":"object"},"okta:index/getEntitlementBundleEntitlement:getEntitlementBundleEntitlement":{"properties":{"dataType":{"type":"string","description":"The data type of the entitlement property.\n"},"description":{"type":"string","description":"The description of an entitlement property.\n"},"externalValue":{"type":"string","description":"The value of an entitlement property.\n"},"id":{"type":"string","description":"The ID of this resource.\n"},"multiValue":{"type":"boolean","description":"The property that determines if the entitlement property can hold multiple values.\n"},"name":{"type":"string","description":"The display name for an entitlement bundle.\n"},"required":{"type":"boolean","description":"The property that determines if the entitlement property is a required attribute.\n"},"values":{"type":"array","items":{"$ref":"#/types/okta:index/getEntitlementBundleEntitlementValue:getEntitlementBundleEntitlementValue"}}},"type":"object","required":["dataType","description","externalValue","id","multiValue","name","required"],"language":{"nodejs":{"requiredInputs":[]}}},"okta:index/getEntitlementBundleEntitlementValue:getEntitlementBundleEntitlementValue":{"properties":{"description":{"type":"string","description":"The description of an entitlement property.\n"},"externalId":{"type":"string","description":"The read-only id of an entitlement property value in the downstream application.\n"},"externalValue":{"type":"string","description":"The value of an entitlement property value.\n"},"id":{"type":"string","description":"The ID of this resource.\n"},"name":{"type":"string","description":"The display name for an entitlement bundle.\n"}},"type":"object","required":["description","externalId","externalValue","id","name"],"language":{"nodejs":{"requiredInputs":[]}}},"okta:index/getEntitlementBundleTarget:getEntitlementBundleTarget":{"properties":{"externalId":{"type":"string","description":"The Okta app.id of the resource.\n"},"type":{"type":"string","description":"The type of the resource.\n"}},"type":"object","required":["externalId","type"],"language":{"nodejs":{"requiredInputs":[]}}},"okta:index/getEntitlementParent:getEntitlementParent":{"properties":{"externalId":{"type":"string","description":"The Okta app.id of the resource.\n"},"type":{"type":"string","description":"The type of resource.\n"}},"type":"object","required":["externalId","type"],"language":{"nodejs":{"requiredInputs":[]}}},"okta:index/getEntitlementValue:getEntitlementValue":{"properties":{"description":{"type":"string","description":"The description of an entitlement value.\n"},"externalId":{"type":"string","description":"The id of the entitlement value.\n"},"externalValue":{"type":"string","description":"The value of an entitlement property value.\n"},"id":{"type":"string","description":"The ID of this resource.\n"},"name":{"type":"string","description":"The name of the entitlement value.\n"}},"type":"object","required":["description","externalId","externalValue","id","name"],"language":{"nodejs":{"requiredInputs":[]}}},"okta:index/getFeaturesFeature:getFeaturesFeature":{"properties":{"description":{"type":"string"},"id":{"type":"string"},"name":{"type":"string"},"stage":{"$ref":"#/types/okta:index/getFeaturesFeatureStage:getFeaturesFeatureStage"},"status":{"type":"string"},"type":{"type":"string"}},"type":"object","required":["description","id","name","stage","status","type"],"language":{"nodejs":{"requiredInputs":[]}}},"okta:index/getFeaturesFeatureStage:getFeaturesFeatureStage":{"properties":{"state":{"type":"string"},"value":{"type":"string"}},"type":"object","required":["state","value"],"language":{"nodejs":{"requiredInputs":[]}}},"okta:index/getGroupsGroup:getGroupsGroup":{"properties":{"customProfileAttributes":{"type":"string","description":"Raw JSON containing all custom profile attributes. Likely only useful on groups of type\n"},"description":{"type":"string","description":"Group description.\n"},"id":{"type":"string","description":"Group ID.\n"},"name":{"type":"string","description":"Group name.\n"},"source":{"type":"string","description":"The ID of the application the Group is sourced/imported from (only present for groups of type APP_GROUP).\n"},"type":{"type":"string","description":"Group type, either 'APP_GROUP' or 'OKTA_GROUP'.\n"}},"type":"object","required":["customProfileAttributes","description","id","name","source","type"],"language":{"nodejs":{"requiredInputs":[]}}},"okta:index/getLogStreamSettings:getLogStreamSettings":{"properties":{"accountId":{"type":"string","description":"AWS account ID. Required only for 'aws_eventbridge' type\n"},"edition":{"type":"string","description":"Edition of the Splunk Cloud instance. Could be one of: 'aws', 'aws*govcloud', 'gcp'. Required only for 'splunk*cloud_logstreaming' type\n"},"eventSourceName":{"type":"string","description":"An alphanumeric name (no spaces) to identify this event source in AWS EventBridge. Required only for 'aws_eventbridge' type\n"},"host":{"type":"string","description":"The domain name for Splunk Cloud instance. Don't include http or https in the string. For example: 'acme.splunkcloud.com'. Required only for 'splunk*cloud*logstreaming' type\n"},"region":{"type":"string","description":"The destination AWS region where event source is located. Required only for 'aws_eventbridge' type\n"},"token":{"type":"string","description":"The HEC token for your Splunk Cloud HTTP Event Collector. Required only for 'splunk*cloud*logstreaming' type\n"}},"type":"object","required":["accountId","edition","eventSourceName","host","region","token"],"language":{"nodejs":{"requiredInputs":[]}}},"okta:index/getOrgMetadataDomains:getOrgMetadataDomains":{"properties":{"alternate":{"type":"string","description":"Custom Domain Org URI\n"},"organization":{"type":"string","description":"Standard Org URI\n"}},"type":"object","required":["alternate","organization"],"language":{"nodejs":{"requiredInputs":[]}}},"okta:index/getOrgMetadataSettings:getOrgMetadataSettings":{"properties":{"analyticsCollectionEnabled":{"type":"boolean"},"bugReportingEnabled":{"type":"boolean"},"omEnabled":{"type":"boolean","description":"Whether the legacy Okta Mobile application is enabled for the org\n"}},"type":"object","required":["analyticsCollectionEnabled","bugReportingEnabled","omEnabled"],"language":{"nodejs":{"requiredInputs":[]}}},"okta:index/getPrincipalEntitlementsData:getPrincipalEntitlementsData":{"properties":{"dataType":{"type":"string","description":"The data type of the entitlement property.\n"},"description":{"type":"string","description":"The description of an entitlement property.\n"},"externalValue":{"type":"string","description":"The value of an entitlement property.\n"},"id":{"type":"string","description":"The id property of an entitlement.\n"},"multiValue":{"type":"boolean","description":"The property that determines if the entitlement property can hold multiple values.\n"},"name":{"type":"string","description":"The display name for an entitlement property.\n"},"parent":{"$ref":"#/types/okta:index/getPrincipalEntitlementsDataParent:getPrincipalEntitlementsDataParent","description":"Representation of a resource.\n"},"parentResourceOrn":{"type":"string","description":"The Okta app instance, in ORN format.\n"},"required":{"type":"boolean","description":"The property that determines if the entitlement property is a required attribute\n"},"targetPrincipal":{"$ref":"#/types/okta:index/getPrincipalEntitlementsDataTargetPrincipal:getPrincipalEntitlementsDataTargetPrincipal","description":"Representation of a principal.\n"},"targetPrincipalOrn":{"type":"string","description":"The Okta user id in ORN format.\n"},"values":{"type":"array","items":{"$ref":"#/types/okta:index/getPrincipalEntitlementsDataValue:getPrincipalEntitlementsDataValue"},"description":"Collection of entitlement values.\n"}},"type":"object","required":["dataType","description","externalValue","id","multiValue","name","parentResourceOrn","required","targetPrincipalOrn"],"language":{"nodejs":{"requiredInputs":[]}}},"okta:index/getPrincipalEntitlementsDataParent:getPrincipalEntitlementsDataParent":{"properties":{"externalId":{"type":"string","description":"The Okta id of the resource.\n"},"type":{"type":"string","description":"The type of the resource.\n"}},"type":"object","required":["externalId","type"],"language":{"nodejs":{"requiredInputs":[]}}},"okta:index/getPrincipalEntitlementsDataTargetPrincipal:getPrincipalEntitlementsDataTargetPrincipal":{"properties":{"externalId":{"type":"string","description":"The Okta user id.\n"},"type":{"type":"string","description":"The type of principal.\n"}},"type":"object","required":["externalId","type"],"language":{"nodejs":{"requiredInputs":[]}}},"okta:index/getPrincipalEntitlementsDataValue:getPrincipalEntitlementsDataValue":{"properties":{"description":{"type":"string","description":"The description of an entitlement property.\n"},"externalValue":{"type":"string","description":"The value of an entitlement property value.\n"},"id":{"type":"string","description":"The id of an entitlement value.\n"},"name":{"type":"string","description":"The name of an entitlement value.\n"}},"type":"object","required":["description","externalValue","id","name"],"language":{"nodejs":{"requiredInputs":[]}}},"okta:index/getPrincipalEntitlementsParent:getPrincipalEntitlementsParent":{"properties":{"externalId":{"type":"string"},"type":{"type":"string"}},"type":"object","required":["externalId","type"]},"okta:index/getPrincipalEntitlementsTargetPrincipal:getPrincipalEntitlementsTargetPrincipal":{"properties":{"externalId":{"type":"string"},"type":{"type":"string"}},"type":"object","required":["externalId","type"]},"okta:index/getPushProviderConfiguration:getPushProviderConfiguration":{"properties":{"apnsConfiguration":{"$ref":"#/types/okta:index/getPushProviderConfigurationApnsConfiguration:getPushProviderConfigurationApnsConfiguration"},"fcmConfiguration":{"$ref":"#/types/okta:index/getPushProviderConfigurationFcmConfiguration:getPushProviderConfigurationFcmConfiguration"}},"type":"object"},"okta:index/getPushProviderConfigurationApnsConfiguration:getPushProviderConfigurationApnsConfiguration":{"properties":{"fileName":{"type":"string","description":"File name for Admin Console display.\n"},"keyId":{"type":"string","description":"10-character Key ID obtained from the Apple developer account. Required for APNS provider type.\n"},"teamId":{"type":"string","description":"10-character Team ID used to develop the iOS app. Required for APNS provider type.\n"}},"type":"object","required":["fileName","keyId","teamId"],"language":{"nodejs":{"requiredInputs":[]}}},"okta:index/getPushProviderConfigurationFcmConfiguration:getPushProviderConfigurationFcmConfiguration":{"properties":{"serviceAccountJson":{"$ref":"#/types/okta:index/getPushProviderConfigurationFcmConfigurationServiceAccountJson:getPushProviderConfigurationFcmConfigurationServiceAccountJson","description":"JSON containing the private service account key and service account details. Required for FCM provider type.\n"}},"type":"object"},"okta:index/getPushProviderConfigurationFcmConfigurationServiceAccountJson:getPushProviderConfigurationFcmConfigurationServiceAccountJson":{"properties":{"fileName":{"type":"string","description":"File name for Admin Console display.\n"},"projectId":{"type":"string","description":"The project ID.\n"}},"type":"object","required":["fileName","projectId"],"language":{"nodejs":{"requiredInputs":[]}}},"okta:index/getRequestConditionAccessScopeSettings:getRequestConditionAccessScopeSettings":{"properties":{"ids":{"type":"array","items":{"$ref":"#/types/okta:index/getRequestConditionAccessScopeSettingsId:getRequestConditionAccessScopeSettingsId"},"description":"Block list of groups/entitlement bundles ids.\n"},"type":{"type":"string"}},"type":"object","required":["type"],"language":{"nodejs":{"requiredInputs":[]}}},"okta:index/getRequestConditionAccessScopeSettingsId:getRequestConditionAccessScopeSettingsId":{"properties":{"id":{"type":"string","description":"Request condition id.\n"}},"type":"object","required":["id"],"language":{"nodejs":{"requiredInputs":[]}}},"okta:index/getRequestConditionRequesterSettings:getRequestConditionRequesterSettings":{"properties":{"ids":{"type":"array","items":{"$ref":"#/types/okta:index/getRequestConditionRequesterSettingsId:getRequestConditionRequesterSettingsId"},"description":"Block list of teams/groups ids.\n"},"type":{"type":"string"}},"type":"object","required":["type"],"language":{"nodejs":{"requiredInputs":[]}}},"okta:index/getRequestConditionRequesterSettingsId:getRequestConditionRequesterSettingsId":{"properties":{"id":{"type":"string","description":"Request condition id.\n"}},"type":"object","required":["id"],"language":{"nodejs":{"requiredInputs":[]}}},"okta:index/getRequestSettingOrganizationRequestExperience:getRequestSettingOrganizationRequestExperience":{"properties":{"experienceType":{"type":"string"}},"type":"object","required":["experienceType"],"language":{"nodejs":{"requiredInputs":[]}}},"okta:index/getRequestSettingResourceRequestOnBehalfOfSettings:getRequestSettingResourceRequestOnBehalfOfSettings":{"properties":{"allowed":{"type":"boolean"},"onlyFors":{"type":"array","items":{"$ref":"#/types/okta:index/getRequestSettingResourceRequestOnBehalfOfSettingsOnlyFor:getRequestSettingResourceRequestOnBehalfOfSettingsOnlyFor"}}},"type":"object","required":["allowed"],"language":{"nodejs":{"requiredInputs":[]}}},"okta:index/getRequestSettingResourceRequestOnBehalfOfSettingsOnlyFor:getRequestSettingResourceRequestOnBehalfOfSettingsOnlyFor":{"properties":{"type":{"type":"string"}},"type":"object","required":["type"],"language":{"nodejs":{"requiredInputs":[]}}},"okta:index/getRequestSettingResourceRiskSettings:getRequestSettingResourceRiskSettings":{"properties":{"defaultSetting":{"$ref":"#/types/okta:index/getRequestSettingResourceRiskSettingsDefaultSetting:getRequestSettingResourceRiskSettingsDefaultSetting","description":"Default risk settings that are valid for an access request when a risk has been detected for the resource and requesting user.\n"}},"type":"object"},"okta:index/getRequestSettingResourceRiskSettingsDefaultSetting:getRequestSettingResourceRiskSettingsDefaultSetting":{"properties":{"accessDurationSettings":{"$ref":"#/types/okta:index/getRequestSettingResourceRiskSettingsDefaultSettingAccessDurationSettings:getRequestSettingResourceRiskSettingsDefaultSettingAccessDurationSettings"},"approvalSequenceId":{"type":"string"},"errors":{"type":"array","items":{"type":"string"}},"requestSubmissionType":{"type":"string"}},"type":"object","required":["approvalSequenceId","errors","requestSubmissionType"],"language":{"nodejs":{"requiredInputs":[]}}},"okta:index/getRequestSettingResourceRiskSettingsDefaultSettingAccessDurationSettings:getRequestSettingResourceRiskSettingsDefaultSettingAccessDurationSettings":{"properties":{"duration":{"type":"string"},"type":{"type":"string"}},"type":"object","required":["duration","type"],"language":{"nodejs":{"requiredInputs":[]}}},"okta:index/getRequestSettingResourceValidAccessDurationSettings:getRequestSettingResourceValidAccessDurationSettings":{"properties":{"maximumDays":{"type":"number","description":"The maximum value allowed for a request condition or risk setting.\n"},"maximumHours":{"type":"number","description":"The maximum value allowed for a request condition or risk setting.\n"},"maximumWeeks":{"type":"number","description":"The maximum value allowed for a request condition or risk setting.\n"},"required":{"type":"boolean","description":"Whether accessDurationSetting must be included in the request conditions or risk settings for the specified resource.\n"},"supportedTypes":{"type":"array","items":{"$ref":"#/types/okta:index/getRequestSettingResourceValidAccessDurationSettingsSupportedType:getRequestSettingResourceValidAccessDurationSettingsSupportedType"},"description":"Access duration settings that are eligible to be added to a request condition or risk settings for the specified resource.\n"}},"type":"object","required":["maximumDays","maximumHours","maximumWeeks","required"],"language":{"nodejs":{"requiredInputs":[]}}},"okta:index/getRequestSettingResourceValidAccessDurationSettingsSupportedType:getRequestSettingResourceValidAccessDurationSettingsSupportedType":{"properties":{"type":{"type":"string"}},"type":"object","required":["type"],"language":{"nodejs":{"requiredInputs":[]}}},"okta:index/getRequestSettingResourceValidAccessScopeSetting:getRequestSettingResourceValidAccessScopeSetting":{"properties":{"type":{"type":"string"}},"type":"object","required":["type"],"language":{"nodejs":{"requiredInputs":[]}}},"okta:index/getRequestSettingResourceValidRequesterSetting:getRequestSettingResourceValidRequesterSetting":{"properties":{"type":{"type":"string"}},"type":"object","required":["type"],"language":{"nodejs":{"requiredInputs":[]}}},"okta:index/getRequestV2Requested:getRequestV2Requested":{"properties":{"accessScopeId":{"type":"string","description":"The ID of the access scope associated with the resource.\n"},"accessScopeType":{"type":"string","description":"The access scope type.\n"},"entryId":{"type":"string","description":"The ID of the resource catalog entry.\n"},"resourceId":{"type":"string","description":"The ID of the requested resource.\n"},"resourceType":{"type":"string","description":"The requested resource type.\n"},"type":{"type":"string","description":"The type of the resource.\n"}},"type":"object","required":["accessScopeId","accessScopeType","entryId","resourceId","resourceType","type"],"language":{"nodejs":{"requiredInputs":[]}}},"okta:index/getRequestV2RequestedBy:getRequestV2RequestedBy":{"properties":{"externalId":{"type":"string","description":"The Okta user id.\n"},"type":{"type":"string","description":"The type of principal.\n"}},"type":"object","required":["externalId","type"],"language":{"nodejs":{"requiredInputs":[]}}},"okta:index/getRequestV2RequestedFor:getRequestV2RequestedFor":{"properties":{"externalId":{"type":"string","description":"The ID of the Okta user.\n"},"type":{"type":"string","description":"The type of principal.\n"}},"type":"object","required":["externalId","type"],"language":{"nodejs":{"requiredInputs":[]}}},"okta:index/getReviewAllReviewerLevel:getReviewAllReviewerLevel":{"properties":{"created":{"type":"string","description":"The ISO 8601 formatted date and time when the resource was created.\n"},"createdBy":{"type":"string","description":"The id of user who created the resource.\n"},"decision":{"type":"string","description":"The decision taken by the reviewer. Will be `UNASSIGNED` if no decision is made.\n"},"id":{"type":"string","description":"The ID of  review.\n"},"lastUpdated":{"type":"string","description":"The ISO 8601 formatted date and time when the object was last updated.\n"},"lastUpdatedBy":{"type":"string","description":"The id of user who last updated the object.\n"},"reviewerGroupProfile":{"$ref":"#/types/okta:index/getReviewAllReviewerLevelReviewerGroupProfile:getReviewAllReviewerLevelReviewerGroupProfile"},"reviewerLevel":{"type":"string"},"reviewerProfile":{"$ref":"#/types/okta:index/getReviewAllReviewerLevelReviewerProfile:getReviewAllReviewerLevelReviewerProfile"},"reviewerType":{"type":"string","description":"The type of reviewer to which the review is assigned.\n"}},"type":"object","required":["created","createdBy","decision","id","lastUpdated","lastUpdatedBy","reviewerLevel","reviewerType"],"language":{"nodejs":{"requiredInputs":[]}}},"okta:index/getReviewAllReviewerLevelReviewerGroupProfile:getReviewAllReviewerLevelReviewerGroupProfile":{"properties":{"globalName":{"type":"string"},"groupId":{"type":"string"},"groupType":{"type":"string"},"name":{"type":"string"}},"type":"object","required":["globalName","groupId","groupType","name"],"language":{"nodejs":{"requiredInputs":[]}}},"okta:index/getReviewAllReviewerLevelReviewerProfile:getReviewAllReviewerLevelReviewerProfile":{"properties":{"email":{"type":"string"},"firstName":{"type":"string"},"id":{"type":"string","description":"The ID of  review.\n"},"lastName":{"type":"string"},"status":{"type":"string"}},"type":"object","required":["email","firstName","id","lastName","status"],"language":{"nodejs":{"requiredInputs":[]}}},"okta:index/getReviewEntitlementBundle:getReviewEntitlementBundle":{"properties":{"id":{"type":"string","description":"The ID of  review.\n"},"name":{"type":"string"}},"type":"object","required":["id","name"],"language":{"nodejs":{"requiredInputs":[]}}},"okta:index/getReviewEntitlementValue:getReviewEntitlementValue":{"properties":{"id":{"type":"string","description":"The ID of  review.\n"},"name":{"type":"string"}},"type":"object","required":["id","name"],"language":{"nodejs":{"requiredInputs":[]}}},"okta:index/getReviewLinks:getReviewLinks":{"properties":{"reassignReviewHref":{"type":"string"},"selfHref":{"type":"string"}},"type":"object","required":["reassignReviewHref","selfHref"],"language":{"nodejs":{"requiredInputs":[]}}},"okta:index/getReviewNote:getReviewNote":{"properties":{"id":{"type":"string","description":"The ID of  review.\n"},"note":{"type":"string"}},"type":"object","required":["id","note"],"language":{"nodejs":{"requiredInputs":[]}}},"okta:index/getReviewPrincipalProfile:getReviewPrincipalProfile":{"properties":{"email":{"type":"string"},"firstName":{"type":"string"},"id":{"type":"string","description":"The ID of  review.\n"},"lastName":{"type":"string"},"login":{"type":"string"},"status":{"type":"string"}},"type":"object","required":["email","firstName","id","lastName","login","status"],"language":{"nodejs":{"requiredInputs":[]}}},"okta:index/getReviewReviewerProfile:getReviewReviewerProfile":{"properties":{"email":{"type":"string"},"firstName":{"type":"string"},"id":{"type":"string","description":"The ID of  review.\n"},"lastName":{"type":"string"},"login":{"type":"string"},"status":{"type":"string"}},"type":"object","required":["email","firstName","id","lastName","login","status"],"language":{"nodejs":{"requiredInputs":[]}}},"okta:index/getSecurityEventsProviderSettings:getSecurityEventsProviderSettings":{"properties":{"issuer":{"type":"string","description":"Issuer URL.\n"},"jwksUrl":{"type":"string","description":"The public URL where the JWKS public key is uploaded.\n"},"wellKnownUrl":{"type":"string","description":"The published well-known URL of the Security Events Provider (the SSF transmitter).\n"}},"type":"object","required":["issuer","jwksUrl","wellKnownUrl"],"language":{"nodejs":{"requiredInputs":[]}}},"okta:index/getTemplatesEmailTemplate:getTemplatesEmailTemplate":{"properties":{"links":{"type":"string","description":"Link relations for this object - JSON HAL - Discoverable resources related to the email template\n"},"name":{"type":"string","description":"The name of the email template\n"}},"type":"object","required":["links","name"],"language":{"nodejs":{"requiredInputs":[]}}},"okta:index/getThemesTheme:getThemesTheme":{"properties":{"backgroundImageUrl":{"type":"string","description":"Background image URL\n"},"emailTemplateTouchPointVariant":{"type":"string","description":"Variant for email templates (`OKTA_DEFAULT`, `FULL_THEME`)\n"},"endUserDashboardTouchPointVariant":{"type":"string","description":"Variant for the Okta End-User Dashboard (`OKTA_DEFAULT`, `WHITE_LOGO_BACKGROUND`, `FULL_THEME`, `LOGO_ON_FULL_WHITE_BACKGROUND`)\n"},"errorPageTouchPointVariant":{"type":"string","description":"Variant for the error page (`OKTA_DEFAULT`, `BACKGROUND_SECONDARY_COLOR`, `BACKGROUND_IMAGE`)\n"},"faviconUrl":{"type":"string","description":"Favicon URL\n"},"id":{"type":"string","description":"The ID of the theme\n"},"links":{"type":"string","description":"Link relations for this object - JSON HAL - Discoverable resources related to the email template\n"},"logoUrl":{"type":"string","description":"Logo URL\n"},"primaryColorContrastHex":{"type":"string","description":"Primary color contrast hex code\n"},"primaryColorHex":{"type":"string","description":"Primary color hex code\n"},"secondaryColorContrastHex":{"type":"string","description":"Secondary color contrast hex code\n"},"secondaryColorHex":{"type":"string","description":"Secondary color hex code\n"},"signInPageTouchPointVariant":{"type":"string","description":"Variant for the Okta Sign-In Page (`OKTA_DEFAULT`, `BACKGROUND_SECONDARY_COLOR`, `BACKGROUND_IMAGE`)\n"}},"type":"object","required":["backgroundImageUrl","emailTemplateTouchPointVariant","endUserDashboardTouchPointVariant","errorPageTouchPointVariant","faviconUrl","id","links","logoUrl","primaryColorContrastHex","primaryColorHex","secondaryColorContrastHex","secondaryColorHex","signInPageTouchPointVariant"],"language":{"nodejs":{"requiredInputs":[]}}},"okta:index/getTrustedOriginsTrustedOrigin:getTrustedOriginsTrustedOrigin":{"properties":{"active":{"type":"boolean","description":"Whether the Trusted Origin is active or not - can only be issued post-creation\n"},"id":{"type":"string","description":"Unique identifier\n"},"name":{"type":"string","description":"Unique name for this trusted origin\n"},"origin":{"type":"string","description":"Unique origin URL for this trusted origin\n"},"scopes":{"type":"array","items":{"type":"string"},"description":"Scopes of the Trusted Origin - can either be CORS or REDIRECT only\n"}},"type":"object","required":["active","id","name","origin","scopes"],"language":{"nodejs":{"requiredInputs":[]}}},"okta:index/getUiSchemaUiSchema:getUiSchemaUiSchema":{"properties":{"buttonLabel":{"type":"string","description":"Specifies the button label for the Submit button at the bottom of the enrollment form.\n"},"elements":{"type":"array","items":{"$ref":"#/types/okta:index/getUiSchemaUiSchemaElement:getUiSchemaUiSchemaElement"}},"label":{"type":"string","description":"Specifies the label at the top of the enrollment form under the logo.\n"},"type":{"type":"string","description":"Specifies the type of layout.\n"}},"type":"object","required":["buttonLabel","label","type"],"language":{"nodejs":{"requiredInputs":[]}}},"okta:index/getUiSchemaUiSchemaElement:getUiSchemaUiSchemaElement":{"properties":{"label":{"type":"string","description":"Label name for the UI element.\n"},"options":{"$ref":"#/types/okta:index/getUiSchemaUiSchemaElementOptions:getUiSchemaUiSchemaElementOptions","description":"UI Schema element options object.\n"},"scope":{"type":"string","description":"Specifies the property bound to the input field. It must follow the format #/properties/PROPERTY_NAME where PROPERTY_NAME is a variable name for an attribute in profile editor.\n"},"type":{"type":"string","description":"Specifies the relationship between this input element and scope. The Control value specifies that this input controls the value represented by scope.\n"}},"type":"object","required":["label","scope","type"],"language":{"nodejs":{"requiredInputs":[]}}},"okta:index/getUiSchemaUiSchemaElementOptions:getUiSchemaUiSchemaElementOptions":{"properties":{"format":{"type":"string","description":"Specifies how the input appears.\n"}},"type":"object","required":["format"],"language":{"nodejs":{"requiredInputs":[]}}},"okta:index/getUserSecurityQuestionsQuestion:getUserSecurityQuestionsQuestion":{"properties":{"key":{"type":"string"},"text":{"type":"string"}},"type":"object","required":["key","text"],"language":{"nodejs":{"requiredInputs":[]}}},"okta:inline/HookHeader:HookHeader":{"properties":{"key":{"type":"string"},"value":{"type":"string"}},"type":"object"},"okta:policy/RuleIdpDiscoveryAppExclude:RuleIdpDiscoveryAppExclude":{"properties":{"id":{"type":"string"},"name":{"type":"string"},"type":{"type":"string"}},"type":"object","required":["type"]},"okta:policy/RuleIdpDiscoveryAppInclude:RuleIdpDiscoveryAppInclude":{"properties":{"id":{"type":"string"},"name":{"type":"string"},"type":{"type":"string"}},"type":"object","required":["type"]},"okta:policy/RuleIdpDiscoveryIdpProvider:RuleIdpDiscoveryIdpProvider":{"properties":{"id":{"type":"string","description":"The identifier for the Idp the rule should route to if all conditions are met.\n"},"type":{"type":"string","description":"Type of IdP. One of: `AMAZON`, `APPLE`, `DISCORD`, `FACEBOOK`, `GITHUB`, `GITLAB`, `GOOGLE`, `IDV_CLEAR`, `IDV_INCODE`, `IDV_PERSONA`, `LINKEDIN`, `LOGINGOV`, `LOGINGOV_SANDBOX`, `MICROSOFT`, `OIDC`, `PAYPAL`, `PAYPAL_SANDBOX`, `SALESFORCE`, `SAML2`, `SPOTIFY`, `X509`, `XERO`, `YAHOO`, `YAHOOJP`, Default: `OKTA`\n"}},"type":"object"},"okta:policy/RuleIdpDiscoveryPlatformInclude:RuleIdpDiscoveryPlatformInclude":{"properties":{"osExpression":{"type":"string","description":"Only available with OTHER OS type\n"},"osType":{"type":"string"},"type":{"type":"string"}},"type":"object"},"okta:policy/RuleIdpDiscoveryUserIdentifierPattern:RuleIdpDiscoveryUserIdentifierPattern":{"properties":{"matchType":{"type":"string"},"value":{"type":"string"}},"type":"object"},"okta:policy/RuleMfaAppExclude:RuleMfaAppExclude":{"properties":{"id":{"type":"string"},"name":{"type":"string"},"type":{"type":"string"}},"type":"object","required":["type"]},"okta:policy/RuleMfaAppInclude:RuleMfaAppInclude":{"properties":{"id":{"type":"string"},"name":{"type":"string"},"type":{"type":"string"}},"type":"object","required":["type"]},"okta:policy/RuleSignonFactorSequence:RuleSignonFactorSequence":{"properties":{"primaryCriteriaFactorType":{"type":"string","description":"Type of a Factor\n"},"primaryCriteriaProvider":{"type":"string","description":"Factor provider\n"},"secondaryCriterias":{"type":"array","items":{"$ref":"#/types/okta:policy/RuleSignonFactorSequenceSecondaryCriteria:RuleSignonFactorSequenceSecondaryCriteria"}}},"type":"object","required":["primaryCriteriaFactorType","primaryCriteriaProvider"]},"okta:policy/RuleSignonFactorSequenceSecondaryCriteria:RuleSignonFactorSequenceSecondaryCriteria":{"properties":{"factorType":{"type":"string","description":"Type of a Factor\n"},"provider":{"type":"string","description":"Factor provider\n"}},"type":"object","required":["factorType","provider"]},"okta:profile/MappingMapping:MappingMapping":{"properties":{"expression":{"type":"string"},"id":{"type":"string","description":"The mapping property key.\n"},"pushStatus":{"type":"string"}},"type":"object","required":["expression","id"]},"okta:user/UserPasswordHash:UserPasswordHash":{"properties":{"algorithm":{"type":"string","description":"The algorithm used to generate the hash using the password\n"},"salt":{"type":"string","description":"Only required for salted hashes\n"},"saltOrder":{"type":"string","description":"Specifies whether salt was pre- or postfixed to the password before hashing\n"},"value":{"type":"string","description":"For SHA-512, SHA-256, SHA-1, MD5, This is the actual base64-encoded hash of the password (and salt, if used). This is the Base64 encoded value of the SHA-512/SHA-256/SHA-1/MD5 digest that was computed by either pre-fixing or post-fixing the salt to the password, depending on the saltOrder. If a salt was not used in the source system, then this should just be the the Base64 encoded value of the password's SHA-512/SHA-256/SHA-1/MD5 digest. For BCRYPT, This is the actual radix64-encoded hashed password.\n"},"workFactor":{"type":"integer","description":"Governs the strength of the hash and the time required to compute it. Only required for BCRYPT algorithm\n"}},"type":"object","required":["algorithm","value"]},"okta:user/getUserSearch:getUserSearch":{"properties":{"comparison":{"type":"string"},"expression":{"type":"string","description":"A raw search expression string. This requires the search feature be on. Please see Okta documentation on their filter API for users. https://developer.okta.com/docs/api/resources/users#list-users-with-search\n"},"name":{"type":"string","description":"Property name to search for. This requires the search feature be on. Please see Okta documentation on their filter API for users. https://developer.okta.com/docs/api/resources/users#list-users-with-search\n"},"value":{"type":"string"}},"type":"object"},"okta:user/getUsersSearch:getUsersSearch":{"properties":{"comparison":{"type":"string"},"expression":{"type":"string","description":"A raw search expression string. This requires the search feature be on. Please see Okta documentation on their filter API for users. https://developer.okta.com/docs/api/resources/users#list-users-with-search\n"},"name":{"type":"string","description":"Property name to search for. This requires the search feature be on. Please see Okta documentation on their filter API for users. https://developer.okta.com/docs/api/resources/users#list-users-with-search\n"},"value":{"type":"string"}},"type":"object"},"okta:user/getUsersUser:getUsersUser":{"properties":{"adminRoles":{"type":"array","items":{"type":"string"}},"city":{"type":"string"},"costCenter":{"type":"string"},"countryCode":{"type":"string"},"customProfileAttributes":{"type":"string"},"department":{"type":"string"},"displayName":{"type":"string"},"division":{"type":"string"},"email":{"type":"string"},"employeeNumber":{"type":"string"},"firstName":{"type":"string"},"groupMemberships":{"type":"array","items":{"type":"string"}},"honorificPrefix":{"type":"string"},"honorificSuffix":{"type":"string"},"id":{"type":"string"},"lastName":{"type":"string"},"locale":{"type":"string"},"login":{"type":"string"},"manager":{"type":"string"},"managerId":{"type":"string"},"middleName":{"type":"string"},"mobilePhone":{"type":"string"},"nickName":{"type":"string"},"organization":{"type":"string"},"postalAddress":{"type":"string"},"preferredLanguage":{"type":"string"},"primaryPhone":{"type":"string"},"profileUrl":{"type":"string"},"realmId":{"type":"string","description":"The Realm ID associated with the user.\n"},"roles":{"type":"array","items":{"type":"string"}},"secondEmail":{"type":"string"},"state":{"type":"string"},"status":{"type":"string"},"streetAddress":{"type":"string"},"timezone":{"type":"string"},"title":{"type":"string"},"userType":{"type":"string"},"zipCode":{"type":"string"}},"type":"object","required":["adminRoles","city","costCenter","countryCode","customProfileAttributes","department","displayName","division","email","employeeNumber","firstName","groupMemberships","honorificPrefix","honorificSuffix","id","lastName","locale","login","manager","managerId","middleName","mobilePhone","nickName","organization","postalAddress","preferredLanguage","primaryPhone","profileUrl","realmId","roles","secondEmail","state","status","streetAddress","timezone","title","userType","zipCode"],"language":{"nodejs":{"requiredInputs":[]}}}},"provider":{"description":"The provider type for the okta package. By default, resources use package-wide configuration\nsettings, however an explicit `Provider` instance may be created and passed during resource\nconstruction to achieve fine-grained programmatic control over provider settings. See the\n[documentation](https://www.pulumi.com/docs/reference/programming-model/#providers) for more information.\n","properties":{"accessToken":{"type":"string","description":"Bearer token granting privileges to Okta API.","secret":true},"apiToken":{"type":"string","description":"API Token granting privileges to Okta API.","secret":true},"backoff":{"type":"boolean","description":"Use exponential back off strategy for rate limits."},"baseUrl":{"type":"string","description":"The Okta url. (Use 'oktapreview.com' for Okta testing)"},"clientId":{"type":"string","description":"API Token granting privileges to Okta API."},"httpProxy":{"type":"string","description":"Alternate HTTP proxy of scheme://hostname or scheme://hostname:port format"},"logLevel":{"type":"integer","description":"providers log level. Minimum is 1 (TRACE), and maximum is 5 (ERROR)"},"maxApiCapacity":{"type":"integer","description":"Sets what percentage of capacity the provider can use of the total rate limit capacity while making calls to the Okta management API endpoints. Okta API operates in one minute buckets. See Okta Management API Rate Limits: https://developer.okta.com/docs/reference/rl-global-mgmt/"},"maxRetries":{"type":"integer","description":"maximum number of retries to attempt before erroring out."},"maxWaitSeconds":{"type":"integer","description":"maximum seconds to wait when rate limit is hit. We use exponential backoffs when backoff is enabled."},"minWaitSeconds":{"type":"integer","description":"minimum seconds to wait when rate limit is hit. We use exponential backoffs when backoff is enabled."},"orgName":{"type":"string","description":"The organization to manage in Okta."},"parallelism":{"type":"integer","description":"Number of concurrent requests to make within a resource where bulk operations are not possible. Take note of https://developer.okta.com/docs/api/getting_started/rate-limits."},"privateKey":{"type":"string","description":"API Token granting privileges to Okta API.","secret":true},"privateKeyId":{"type":"string","description":"API Token Id granting privileges to Okta API."},"requestTimeout":{"type":"integer","description":"Timeout for single request (in seconds) which is made to Okta, the default is \u003cspan pulumi-lang-nodejs=\"`0`\" pulumi-lang-dotnet=\"`0`\" pulumi-lang-go=\"`0`\" pulumi-lang-python=\"`0`\" pulumi-lang-yaml=\"`0`\" pulumi-lang-java=\"`0`\"\u003e`0`\u003c/span\u003e (means no limit is set). The maximum value can be \u003cspan pulumi-lang-nodejs=\"`300`\" pulumi-lang-dotnet=\"`300`\" pulumi-lang-go=\"`300`\" pulumi-lang-python=\"`300`\" pulumi-lang-yaml=\"`300`\" pulumi-lang-java=\"`300`\"\u003e`300`\u003c/span\u003e."},"scopes":{"type":"array","items":{"type":"string"},"description":"API Token granting privileges to Okta API."}},"inputProperties":{"accessToken":{"type":"string","description":"Bearer token granting privileges to Okta API.","secret":true},"apiToken":{"type":"string","description":"API Token granting privileges to Okta API.","secret":true},"backoff":{"type":"boolean","description":"Use exponential back off strategy for rate limits."},"baseUrl":{"type":"string","description":"The Okta url. (Use 'oktapreview.com' for Okta testing)"},"clientId":{"type":"string","description":"API Token granting privileges to Okta API."},"httpProxy":{"type":"string","description":"Alternate HTTP proxy of scheme://hostname or scheme://hostname:port format"},"logLevel":{"type":"integer","description":"providers log level. Minimum is 1 (TRACE), and maximum is 5 (ERROR)"},"maxApiCapacity":{"type":"integer","description":"Sets what percentage of capacity the provider can use of the total rate limit capacity while making calls to the Okta management API endpoints. Okta API operates in one minute buckets. See Okta Management API Rate Limits: https://developer.okta.com/docs/reference/rl-global-mgmt/"},"maxRetries":{"type":"integer","description":"maximum number of retries to attempt before erroring out."},"maxWaitSeconds":{"type":"integer","description":"maximum seconds to wait when rate limit is hit. We use exponential backoffs when backoff is enabled."},"minWaitSeconds":{"type":"integer","description":"minimum seconds to wait when rate limit is hit. We use exponential backoffs when backoff is enabled."},"orgName":{"type":"string","description":"The organization to manage in Okta."},"parallelism":{"type":"integer","description":"Number of concurrent requests to make within a resource where bulk operations are not possible. Take note of https://developer.okta.com/docs/api/getting_started/rate-limits."},"privateKey":{"type":"string","description":"API Token granting privileges to Okta API.","secret":true},"privateKeyId":{"type":"string","description":"API Token Id granting privileges to Okta API."},"requestTimeout":{"type":"integer","description":"Timeout for single request (in seconds) which is made to Okta, the default is \u003cspan pulumi-lang-nodejs=\"`0`\" pulumi-lang-dotnet=\"`0`\" pulumi-lang-go=\"`0`\" pulumi-lang-python=\"`0`\" pulumi-lang-yaml=\"`0`\" pulumi-lang-java=\"`0`\"\u003e`0`\u003c/span\u003e (means no limit is set). The maximum value can be \u003cspan pulumi-lang-nodejs=\"`300`\" pulumi-lang-dotnet=\"`300`\" pulumi-lang-go=\"`300`\" pulumi-lang-python=\"`300`\" pulumi-lang-yaml=\"`300`\" pulumi-lang-java=\"`300`\"\u003e`300`\u003c/span\u003e."},"scopes":{"type":"array","items":{"type":"string"},"description":"API Token granting privileges to Okta API."}},"methods":{"terraformConfig":"pulumi:providers:okta/terraformConfig"}},"resources":{"okta:app/accessPolicyAssignment:AccessPolicyAssignment":{"description":"Manages assignment of Access Policy to an Application. \n\t\t\n**Warning**: do not use as this will update okta_app_*.authentication_policy and vice versa\n\nAssigns an access policy (colloquially known as a sign-on policy and/or an\nauthentication policy) to an application. This resource does not perform true\ndelete as it will not delete an application and the app's access policy can't be\nremoved; it can only be changed to a different access policy. This resource is\nonly logical within the context of an application therefore \u003cspan pulumi-lang-nodejs=\"`appId`\" pulumi-lang-dotnet=\"`AppId`\" pulumi-lang-go=\"`appId`\" pulumi-lang-python=\"`app_id`\" pulumi-lang-yaml=\"`appId`\" pulumi-lang-java=\"`appId`\"\u003e`app_id`\u003c/span\u003e is\nimmutable once set. Use this resource to manage assigning an access policy to an\napplication. It will assign the given \u003cspan pulumi-lang-nodejs=\"`policyId`\" pulumi-lang-dotnet=\"`PolicyId`\" pulumi-lang-go=\"`policyId`\" pulumi-lang-python=\"`policy_id`\" pulumi-lang-yaml=\"`policyId`\" pulumi-lang-java=\"`policyId`\"\u003e`policy_id`\u003c/span\u003e to the application at creation\nand during update.\n\n\u003e Inside the product a sign-on policy is referenced as an _authentication\npolicy_, in the public API the policy is of type\n[`ACCESS_POLICY`](https://developer.okta.com/docs/reference/api/policy/#policy-object).\n\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst access = okta.policy.getPolicy({\n    name: \"Any two factors\",\n    type: \"ACCESS_POLICY\",\n});\nconst example = okta.app.getApp({\n    label: \"Example App\",\n});\nconst assignment = new okta.app.AccessPolicyAssignment(\"assignment\", {\n    appId: example.then(example =\u003e example.id),\n    policyId: access.then(access =\u003e access.id),\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\naccess = okta.policy.get_policy(name=\"Any two factors\",\n    type=\"ACCESS_POLICY\")\nexample = okta.app.get_app(label=\"Example App\")\nassignment = okta.app.AccessPolicyAssignment(\"assignment\",\n    app_id=example.id,\n    policy_id=access.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var access = Okta.Policy.GetPolicy.Invoke(new()\n    {\n        Name = \"Any two factors\",\n        Type = \"ACCESS_POLICY\",\n    });\n\n    var example = Okta.App.GetApp.Invoke(new()\n    {\n        Label = \"Example App\",\n    });\n\n    var assignment = new Okta.App.AccessPolicyAssignment(\"assignment\", new()\n    {\n        AppId = example.Apply(getAppResult =\u003e getAppResult.Id),\n        PolicyId = access.Apply(getPolicyResult =\u003e getPolicyResult.Id),\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta/app\"\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta/policy\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\taccess, err := policy.GetPolicy(ctx, \u0026policy.GetPolicyArgs{\n\t\t\tName: \"Any two factors\",\n\t\t\tType: \"ACCESS_POLICY\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := app.GetApp(ctx, \u0026app.GetAppArgs{\n\t\t\tLabel: pulumi.StringRef(\"Example App\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = app.NewAccessPolicyAssignment(ctx, \"assignment\", \u0026app.AccessPolicyAssignmentArgs{\n\t\t\tAppId:    pulumi.String(example.Id),\n\t\t\tPolicyId: pulumi.String(access.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.policy.PolicyFunctions;\nimport com.pulumi.okta.policy.inputs.GetPolicyArgs;\nimport com.pulumi.okta.app.AppFunctions;\nimport com.pulumi.okta.app.inputs.GetAppArgs;\nimport com.pulumi.okta.app.AccessPolicyAssignment;\nimport com.pulumi.okta.app.AccessPolicyAssignmentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        final var access = PolicyFunctions.getPolicy(GetPolicyArgs.builder()\n            .name(\"Any two factors\")\n            .type(\"ACCESS_POLICY\")\n            .build());\n\n        final var example = AppFunctions.getApp(GetAppArgs.builder()\n            .label(\"Example App\")\n            .build());\n\n        var assignment = new AccessPolicyAssignment(\"assignment\", AccessPolicyAssignmentArgs.builder()\n            .appId(example.id())\n            .policyId(access.id())\n            .build());\n\n    }\n}\n```\n```yaml\nresources:\n  assignment:\n    type: okta:app:AccessPolicyAssignment\n    properties:\n      appId: ${example.id}\n      policyId: ${access.id}\nvariables:\n  access:\n    fn::invoke:\n      function: okta:policy:getPolicy\n      arguments:\n        name: Any two factors\n        type: ACCESS_POLICY\n  example:\n    fn::invoke:\n      function: okta:app:getApp\n      arguments:\n        label: Example App\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\n```sh\n$ pulumi import okta:app/accessPolicyAssignment:AccessPolicyAssignment example \u003capp_id\u003e\n```\n\n","properties":{"appId":{"type":"string","description":"The application ID; this value is immutable and can not be updated.\n"},"policyId":{"type":"string","description":"The access policy ID.\n"}},"required":["appId","policyId"],"inputProperties":{"appId":{"type":"string","description":"The application ID; this value is immutable and can not be updated.\n"},"policyId":{"type":"string","description":"The access policy ID.\n"}},"requiredInputs":["appId","policyId"],"stateInputs":{"description":"Input properties used for looking up and filtering AccessPolicyAssignment resources.\n","properties":{"appId":{"type":"string","description":"The application ID; this value is immutable and can not be updated.\n"},"policyId":{"type":"string","description":"The access policy ID.\n"}},"type":"object"}},"okta:app/autoLogin:AutoLogin":{"description":"This resource allows you to create and configure an Auto Login Okta Application.\n\t\t\n\u003e During an apply if there is change in status the app will first be\nactivated or deactivated in accordance with the status change. Then, all\nother arguments that changed will be applied.\n\n## Import\n\n```sh\n$ pulumi import okta:app/autoLogin:AutoLogin example \u003capp_id\u003e\n```\n\n","properties":{"accessibilityErrorRedirectUrl":{"type":"string","description":"Custom error page URL\n"},"accessibilityLoginRedirectUrl":{"type":"string","description":"Custom login page URL\n"},"accessibilitySelfService":{"type":"boolean","description":"Enable self service. Default is \u003cspan pulumi-lang-nodejs=\"`false`\" pulumi-lang-dotnet=\"`False`\" pulumi-lang-go=\"`false`\" pulumi-lang-python=\"`false`\" pulumi-lang-yaml=\"`false`\" pulumi-lang-java=\"`false`\"\u003e`false`\u003c/span\u003e\n"},"adminNote":{"type":"string","description":"Application notes for admins.\n"},"appLinksJson":{"type":"string","description":"Displays specific appLinks for the app. The value for each application link should be boolean.\n"},"appSettingsJson":{"type":"string","description":"Application settings in JSON format\n"},"autoSubmitToolbar":{"type":"boolean","description":"Display auto submit toolbar\n"},"credentialsScheme":{"type":"string","description":"Application credentials scheme. One of: `EDIT_USERNAME_AND_PASSWORD`, `ADMIN_SETS_CREDENTIALS`, `EDIT_PASSWORD_ONLY`, `EXTERNAL_PASSWORD_SYNC`, or `SHARED_USERNAME_AND_PASSWORD`\n"},"enduserNote":{"type":"string","description":"Application notes for end users.\n"},"hideIos":{"type":"boolean","description":"Do not display application icon on mobile app\n"},"hideWeb":{"type":"boolean","description":"Do not display application icon to users\n"},"label":{"type":"string","description":"The Application's display name.\n"},"logo":{"type":"string","description":"Local file path to the logo. The file must be in PNG, JPG, or GIF format, and less than 1 MB in size.\n"},"logoUrl":{"type":"string","description":"URL of the application's logo\n"},"name":{"type":"string","description":"Name of the app.\n"},"preconfiguredApp":{"type":"string","description":"Tells Okta to use an existing application in their application catalog, as opposed to a custom application.\n"},"revealPassword":{"type":"boolean","description":"Allow user to reveal password. Default is false. It can not be set to true if credentials*scheme is \"ADMIN*SETS*CREDENTIALS\", \"SHARED*USERNAME*AND*PASSWORD\" or \"EXTERNAL*PASSWORD*SYNC\".\n"},"sharedPassword":{"type":"string","description":"Shared password, required for certain schemes.\n"},"sharedUsername":{"type":"string","description":"Shared username, required for certain schemes.\n"},"signOnMode":{"type":"string","description":"Sign on mode of application.\n"},"signOnRedirectUrl":{"type":"string","description":"Post login redirect URL\n"},"signOnUrl":{"type":"string","description":"Login URL\n"},"status":{"type":"string","description":"Status of application. By default, it is `ACTIVE`\n"},"userNameTemplate":{"type":"string","description":"Username template. Default: `${source.login}`\n"},"userNameTemplatePushStatus":{"type":"string","description":"Push username on update. Valid values: `PUSH` and `DONT_PUSH`\n"},"userNameTemplateSuffix":{"type":"string","description":"Username template suffix\n"},"userNameTemplateType":{"type":"string","description":"Username template type. Default: `BUILT_IN`\n"}},"required":["label","logoUrl","name","signOnMode"],"inputProperties":{"accessibilityErrorRedirectUrl":{"type":"string","description":"Custom error page URL\n"},"accessibilityLoginRedirectUrl":{"type":"string","description":"Custom login page URL\n"},"accessibilitySelfService":{"type":"boolean","description":"Enable self service. Default is \u003cspan pulumi-lang-nodejs=\"`false`\" pulumi-lang-dotnet=\"`False`\" pulumi-lang-go=\"`false`\" pulumi-lang-python=\"`false`\" pulumi-lang-yaml=\"`false`\" pulumi-lang-java=\"`false`\"\u003e`false`\u003c/span\u003e\n"},"adminNote":{"type":"string","description":"Application notes for admins.\n"},"appLinksJson":{"type":"string","description":"Displays specific appLinks for the app. The value for each application link should be boolean.\n"},"appSettingsJson":{"type":"string","description":"Application settings in JSON format\n"},"autoSubmitToolbar":{"type":"boolean","description":"Display auto submit toolbar\n"},"credentialsScheme":{"type":"string","description":"Application credentials scheme. One of: `EDIT_USERNAME_AND_PASSWORD`, `ADMIN_SETS_CREDENTIALS`, `EDIT_PASSWORD_ONLY`, `EXTERNAL_PASSWORD_SYNC`, or `SHARED_USERNAME_AND_PASSWORD`\n"},"enduserNote":{"type":"string","description":"Application notes for end users.\n"},"hideIos":{"type":"boolean","description":"Do not display application icon on mobile app\n"},"hideWeb":{"type":"boolean","description":"Do not display application icon to users\n"},"label":{"type":"string","description":"The Application's display name.\n"},"logo":{"type":"string","description":"Local file path to the logo. The file must be in PNG, JPG, or GIF format, and less than 1 MB in size.\n"},"preconfiguredApp":{"type":"string","description":"Tells Okta to use an existing application in their application catalog, as opposed to a custom application.\n"},"revealPassword":{"type":"boolean","description":"Allow user to reveal password. Default is false. It can not be set to true if credentials*scheme is \"ADMIN*SETS*CREDENTIALS\", \"SHARED*USERNAME*AND*PASSWORD\" or \"EXTERNAL*PASSWORD*SYNC\".\n"},"sharedPassword":{"type":"string","description":"Shared password, required for certain schemes.\n"},"sharedUsername":{"type":"string","description":"Shared username, required for certain schemes.\n"},"signOnRedirectUrl":{"type":"string","description":"Post login redirect URL\n"},"signOnUrl":{"type":"string","description":"Login URL\n"},"status":{"type":"string","description":"Status of application. By default, it is `ACTIVE`\n"},"userNameTemplate":{"type":"string","description":"Username template. Default: `${source.login}`\n"},"userNameTemplatePushStatus":{"type":"string","description":"Push username on update. Valid values: `PUSH` and `DONT_PUSH`\n"},"userNameTemplateSuffix":{"type":"string","description":"Username template suffix\n"},"userNameTemplateType":{"type":"string","description":"Username template type. Default: `BUILT_IN`\n"}},"requiredInputs":["label"],"stateInputs":{"description":"Input properties used for looking up and filtering AutoLogin resources.\n","properties":{"accessibilityErrorRedirectUrl":{"type":"string","description":"Custom error page URL\n"},"accessibilityLoginRedirectUrl":{"type":"string","description":"Custom login page URL\n"},"accessibilitySelfService":{"type":"boolean","description":"Enable self service. Default is \u003cspan pulumi-lang-nodejs=\"`false`\" pulumi-lang-dotnet=\"`False`\" pulumi-lang-go=\"`false`\" pulumi-lang-python=\"`false`\" pulumi-lang-yaml=\"`false`\" pulumi-lang-java=\"`false`\"\u003e`false`\u003c/span\u003e\n"},"adminNote":{"type":"string","description":"Application notes for admins.\n"},"appLinksJson":{"type":"string","description":"Displays specific appLinks for the app. The value for each application link should be boolean.\n"},"appSettingsJson":{"type":"string","description":"Application settings in JSON format\n"},"autoSubmitToolbar":{"type":"boolean","description":"Display auto submit toolbar\n"},"credentialsScheme":{"type":"string","description":"Application credentials scheme. One of: `EDIT_USERNAME_AND_PASSWORD`, `ADMIN_SETS_CREDENTIALS`, `EDIT_PASSWORD_ONLY`, `EXTERNAL_PASSWORD_SYNC`, or `SHARED_USERNAME_AND_PASSWORD`\n"},"enduserNote":{"type":"string","description":"Application notes for end users.\n"},"hideIos":{"type":"boolean","description":"Do not display application icon on mobile app\n"},"hideWeb":{"type":"boolean","description":"Do not display application icon to users\n"},"label":{"type":"string","description":"The Application's display name.\n"},"logo":{"type":"string","description":"Local file path to the logo. The file must be in PNG, JPG, or GIF format, and less than 1 MB in size.\n"},"logoUrl":{"type":"string","description":"URL of the application's logo\n"},"name":{"type":"string","description":"Name of the app.\n"},"preconfiguredApp":{"type":"string","description":"Tells Okta to use an existing application in their application catalog, as opposed to a custom application.\n"},"revealPassword":{"type":"boolean","description":"Allow user to reveal password. Default is false. It can not be set to true if credentials*scheme is \"ADMIN*SETS*CREDENTIALS\", \"SHARED*USERNAME*AND*PASSWORD\" or \"EXTERNAL*PASSWORD*SYNC\".\n"},"sharedPassword":{"type":"string","description":"Shared password, required for certain schemes.\n"},"sharedUsername":{"type":"string","description":"Shared username, required for certain schemes.\n"},"signOnMode":{"type":"string","description":"Sign on mode of application.\n"},"signOnRedirectUrl":{"type":"string","description":"Post login redirect URL\n"},"signOnUrl":{"type":"string","description":"Login URL\n"},"status":{"type":"string","description":"Status of application. By default, it is `ACTIVE`\n"},"userNameTemplate":{"type":"string","description":"Username template. Default: `${source.login}`\n"},"userNameTemplatePushStatus":{"type":"string","description":"Push username on update. Valid values: `PUSH` and `DONT_PUSH`\n"},"userNameTemplateSuffix":{"type":"string","description":"Username template suffix\n"},"userNameTemplateType":{"type":"string","description":"Username template type. Default: `BUILT_IN`\n"}},"type":"object"}},"okta:app/basicAuth:BasicAuth":{"description":"This resource allows you to create and configure an Auto Login Okta Application.\n\u003e During an apply if there is change in status the app will first be\nactivated or deactivated in accordance with the status change. Then, all\nother arguments that changed will be applied.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst example = new okta.app.BasicAuth(\"example\", {\n    label: \"Example\",\n    url: \"https://example.com/login.html\",\n    authUrl: \"https://example.com/auth.html\",\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\nexample = okta.app.BasicAuth(\"example\",\n    label=\"Example\",\n    url=\"https://example.com/login.html\",\n    auth_url=\"https://example.com/auth.html\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var example = new Okta.App.BasicAuth(\"example\", new()\n    {\n        Label = \"Example\",\n        Url = \"https://example.com/login.html\",\n        AuthUrl = \"https://example.com/auth.html\",\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta/app\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := app.NewBasicAuth(ctx, \"example\", \u0026app.BasicAuthArgs{\n\t\t\tLabel:   pulumi.String(\"Example\"),\n\t\t\tUrl:     pulumi.String(\"https://example.com/login.html\"),\n\t\t\tAuthUrl: pulumi.String(\"https://example.com/auth.html\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.app.BasicAuth;\nimport com.pulumi.okta.app.BasicAuthArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        var example = new BasicAuth(\"example\", BasicAuthArgs.builder()\n            .label(\"Example\")\n            .url(\"https://example.com/login.html\")\n            .authUrl(\"https://example.com/auth.html\")\n            .build());\n\n    }\n}\n```\n```yaml\nresources:\n  example:\n    type: okta:app:BasicAuth\n    properties:\n      label: Example\n      url: https://example.com/login.html\n      authUrl: https://example.com/auth.html\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\n```sh\n$ pulumi import okta:app/basicAuth:BasicAuth example \u003capp_id\u003e\n```\n\n","properties":{"accessibilityErrorRedirectUrl":{"type":"string","description":"Custom error page URL\n"},"accessibilityLoginRedirectUrl":{"type":"string","description":"Custom login page URL\n"},"accessibilitySelfService":{"type":"boolean","description":"Enable self service. Default is \u003cspan pulumi-lang-nodejs=\"`false`\" pulumi-lang-dotnet=\"`False`\" pulumi-lang-go=\"`false`\" pulumi-lang-python=\"`false`\" pulumi-lang-yaml=\"`false`\" pulumi-lang-java=\"`false`\"\u003e`false`\u003c/span\u003e\n"},"adminNote":{"type":"string","description":"Application notes for admins.\n"},"appLinksJson":{"type":"string","description":"Displays specific appLinks for the app. The value for each application link should be boolean.\n"},"authUrl":{"type":"string","description":"The URL of the authenticating site for this app.\n"},"autoSubmitToolbar":{"type":"boolean","description":"Display auto submit toolbar\n"},"credentialsScheme":{"type":"string","description":"Application credentials scheme. One of: `EDIT_USERNAME_AND_PASSWORD`, `ADMIN_SETS_CREDENTIALS`, `EDIT_PASSWORD_ONLY`, `EXTERNAL_PASSWORD_SYNC`, or `SHARED_USERNAME_AND_PASSWORD`"},"enduserNote":{"type":"string","description":"Application notes for end users.\n"},"hideIos":{"type":"boolean","description":"Do not display application icon on mobile app\n"},"hideWeb":{"type":"boolean","description":"Do not display application icon to users\n"},"label":{"type":"string","description":"The Application's display name.\n"},"logo":{"type":"string","description":"Local file path to the logo. The file must be in PNG, JPG, or GIF format, and less than 1 MB in size.\n"},"logoUrl":{"type":"string","description":"URL of the application's logo\n"},"name":{"type":"string","description":"Name of the app.\n"},"revealPassword":{"type":"boolean","description":"Allow user to reveal password. Default is false. It can not be set to true if\u003cspan pulumi-lang-nodejs=\" credentialsScheme \" pulumi-lang-dotnet=\" CredentialsScheme \" pulumi-lang-go=\" credentialsScheme \" pulumi-lang-python=\" credentials_scheme \" pulumi-lang-yaml=\" credentialsScheme \" pulumi-lang-java=\" credentialsScheme \"\u003e credentials_scheme \u003c/span\u003eis \"ADMIN_SETS_CREDENTIALS\", \"SHARED_USERNAME_AND_PASSWORD\" or \"EXTERNAL_PASSWORD_SYNC\"."},"sharedPassword":{"type":"string","description":"Shared password, required for certain schemes."},"sharedUsername":{"type":"string","description":"Shared username, required for certain schemes."},"signOnMode":{"type":"string","description":"Sign on mode of application.\n"},"status":{"type":"string","description":"Status of application. By default, it is `ACTIVE`\n"},"url":{"type":"string","description":"The URL of the sign-in page for this app.\n"},"userNameTemplate":{"type":"string","description":"Username template. Default: `${source.login}`"},"userNameTemplatePushStatus":{"type":"string","description":"Push username on update. Valid values: `PUSH`, `DONT_PUSH` and `NOT_CONFIGURED`"},"userNameTemplateSuffix":{"type":"string","description":"Username template suffix"},"userNameTemplateType":{"type":"string","description":"Username template type. Default: `BUILT_IN`. Valid values: `NONE`, `CUSTOM`, `BUILT_IN`"}},"required":["authUrl","label","logoUrl","name","signOnMode","url"],"inputProperties":{"accessibilityErrorRedirectUrl":{"type":"string","description":"Custom error page URL\n"},"accessibilityLoginRedirectUrl":{"type":"string","description":"Custom login page URL\n"},"accessibilitySelfService":{"type":"boolean","description":"Enable self service. Default is \u003cspan pulumi-lang-nodejs=\"`false`\" pulumi-lang-dotnet=\"`False`\" pulumi-lang-go=\"`false`\" pulumi-lang-python=\"`false`\" pulumi-lang-yaml=\"`false`\" pulumi-lang-java=\"`false`\"\u003e`false`\u003c/span\u003e\n"},"adminNote":{"type":"string","description":"Application notes for admins.\n"},"appLinksJson":{"type":"string","description":"Displays specific appLinks for the app. The value for each application link should be boolean.\n"},"authUrl":{"type":"string","description":"The URL of the authenticating site for this app.\n"},"autoSubmitToolbar":{"type":"boolean","description":"Display auto submit toolbar\n"},"credentialsScheme":{"type":"string","description":"Application credentials scheme. One of: `EDIT_USERNAME_AND_PASSWORD`, `ADMIN_SETS_CREDENTIALS`, `EDIT_PASSWORD_ONLY`, `EXTERNAL_PASSWORD_SYNC`, or `SHARED_USERNAME_AND_PASSWORD`"},"enduserNote":{"type":"string","description":"Application notes for end users.\n"},"hideIos":{"type":"boolean","description":"Do not display application icon on mobile app\n"},"hideWeb":{"type":"boolean","description":"Do not display application icon to users\n"},"label":{"type":"string","description":"The Application's display name.\n"},"logo":{"type":"string","description":"Local file path to the logo. The file must be in PNG, JPG, or GIF format, and less than 1 MB in size.\n"},"revealPassword":{"type":"boolean","description":"Allow user to reveal password. Default is false. It can not be set to true if\u003cspan pulumi-lang-nodejs=\" credentialsScheme \" pulumi-lang-dotnet=\" CredentialsScheme \" pulumi-lang-go=\" credentialsScheme \" pulumi-lang-python=\" credentials_scheme \" pulumi-lang-yaml=\" credentialsScheme \" pulumi-lang-java=\" credentialsScheme \"\u003e credentials_scheme \u003c/span\u003eis \"ADMIN_SETS_CREDENTIALS\", \"SHARED_USERNAME_AND_PASSWORD\" or \"EXTERNAL_PASSWORD_SYNC\"."},"sharedPassword":{"type":"string","description":"Shared password, required for certain schemes."},"sharedUsername":{"type":"string","description":"Shared username, required for certain schemes."},"status":{"type":"string","description":"Status of application. By default, it is `ACTIVE`\n"},"url":{"type":"string","description":"The URL of the sign-in page for this app.\n"},"userNameTemplate":{"type":"string","description":"Username template. Default: `${source.login}`"},"userNameTemplatePushStatus":{"type":"string","description":"Push username on update. Valid values: `PUSH`, `DONT_PUSH` and `NOT_CONFIGURED`"},"userNameTemplateSuffix":{"type":"string","description":"Username template suffix"},"userNameTemplateType":{"type":"string","description":"Username template type. Default: `BUILT_IN`. Valid values: `NONE`, `CUSTOM`, `BUILT_IN`"}},"requiredInputs":["authUrl","label","url"],"stateInputs":{"description":"Input properties used for looking up and filtering BasicAuth resources.\n","properties":{"accessibilityErrorRedirectUrl":{"type":"string","description":"Custom error page URL\n"},"accessibilityLoginRedirectUrl":{"type":"string","description":"Custom login page URL\n"},"accessibilitySelfService":{"type":"boolean","description":"Enable self service. Default is \u003cspan pulumi-lang-nodejs=\"`false`\" pulumi-lang-dotnet=\"`False`\" pulumi-lang-go=\"`false`\" pulumi-lang-python=\"`false`\" pulumi-lang-yaml=\"`false`\" pulumi-lang-java=\"`false`\"\u003e`false`\u003c/span\u003e\n"},"adminNote":{"type":"string","description":"Application notes for admins.\n"},"appLinksJson":{"type":"string","description":"Displays specific appLinks for the app. The value for each application link should be boolean.\n"},"authUrl":{"type":"string","description":"The URL of the authenticating site for this app.\n"},"autoSubmitToolbar":{"type":"boolean","description":"Display auto submit toolbar\n"},"credentialsScheme":{"type":"string","description":"Application credentials scheme. One of: `EDIT_USERNAME_AND_PASSWORD`, `ADMIN_SETS_CREDENTIALS`, `EDIT_PASSWORD_ONLY`, `EXTERNAL_PASSWORD_SYNC`, or `SHARED_USERNAME_AND_PASSWORD`"},"enduserNote":{"type":"string","description":"Application notes for end users.\n"},"hideIos":{"type":"boolean","description":"Do not display application icon on mobile app\n"},"hideWeb":{"type":"boolean","description":"Do not display application icon to users\n"},"label":{"type":"string","description":"The Application's display name.\n"},"logo":{"type":"string","description":"Local file path to the logo. The file must be in PNG, JPG, or GIF format, and less than 1 MB in size.\n"},"logoUrl":{"type":"string","description":"URL of the application's logo\n"},"name":{"type":"string","description":"Name of the app.\n"},"revealPassword":{"type":"boolean","description":"Allow user to reveal password. Default is false. It can not be set to true if\u003cspan pulumi-lang-nodejs=\" credentialsScheme \" pulumi-lang-dotnet=\" CredentialsScheme \" pulumi-lang-go=\" credentialsScheme \" pulumi-lang-python=\" credentials_scheme \" pulumi-lang-yaml=\" credentialsScheme \" pulumi-lang-java=\" credentialsScheme \"\u003e credentials_scheme \u003c/span\u003eis \"ADMIN_SETS_CREDENTIALS\", \"SHARED_USERNAME_AND_PASSWORD\" or \"EXTERNAL_PASSWORD_SYNC\"."},"sharedPassword":{"type":"string","description":"Shared password, required for certain schemes."},"sharedUsername":{"type":"string","description":"Shared username, required for certain schemes."},"signOnMode":{"type":"string","description":"Sign on mode of application.\n"},"status":{"type":"string","description":"Status of application. By default, it is `ACTIVE`\n"},"url":{"type":"string","description":"The URL of the sign-in page for this app.\n"},"userNameTemplate":{"type":"string","description":"Username template. Default: `${source.login}`"},"userNameTemplatePushStatus":{"type":"string","description":"Push username on update. Valid values: `PUSH`, `DONT_PUSH` and `NOT_CONFIGURED`"},"userNameTemplateSuffix":{"type":"string","description":"Username template suffix"},"userNameTemplateType":{"type":"string","description":"Username template type. Default: `BUILT_IN`. Valid values: `NONE`, `CUSTOM`, `BUILT_IN`"}},"type":"object"}},"okta:app/bookmark:Bookmark":{"description":"This resource allows you to create and configure a Bookmark Application.\n\u003e During an apply if there is change in status the app will first be\nactivated or deactivated in accordance with the status change. Then, all\nother arguments that changed will be applied.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst example = new okta.app.Bookmark(\"example\", {\n    label: \"Example\",\n    url: \"https://example.com\",\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\nexample = okta.app.Bookmark(\"example\",\n    label=\"Example\",\n    url=\"https://example.com\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var example = new Okta.App.Bookmark(\"example\", new()\n    {\n        Label = \"Example\",\n        Url = \"https://example.com\",\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta/app\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := app.NewBookmark(ctx, \"example\", \u0026app.BookmarkArgs{\n\t\t\tLabel: pulumi.String(\"Example\"),\n\t\t\tUrl:   pulumi.String(\"https://example.com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.app.Bookmark;\nimport com.pulumi.okta.app.BookmarkArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        var example = new Bookmark(\"example\", BookmarkArgs.builder()\n            .label(\"Example\")\n            .url(\"https://example.com\")\n            .build());\n\n    }\n}\n```\n```yaml\nresources:\n  example:\n    type: okta:app:Bookmark\n    properties:\n      label: Example\n      url: https://example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\n```sh\n$ pulumi import okta:app/bookmark:Bookmark example \u003capp_id\u003e\n```\n\n","properties":{"accessibilityErrorRedirectUrl":{"type":"string","description":"Custom error page URL\n"},"accessibilityLoginRedirectUrl":{"type":"string","description":"Custom login page URL\n"},"accessibilitySelfService":{"type":"boolean","description":"Enable self service. Default is \u003cspan pulumi-lang-nodejs=\"`false`\" pulumi-lang-dotnet=\"`False`\" pulumi-lang-go=\"`false`\" pulumi-lang-python=\"`false`\" pulumi-lang-yaml=\"`false`\" pulumi-lang-java=\"`false`\"\u003e`false`\u003c/span\u003e\n"},"adminNote":{"type":"string","description":"Application notes for admins.\n"},"appLinksJson":{"type":"string","description":"Displays specific appLinks for the app. The value for each application link should be boolean.\n"},"authenticationPolicy":{"type":"string","description":"The ID of the associated app*signon*policy. If this property is removed from the application the default sign-on-policy will be associated with this application.\n"},"autoSubmitToolbar":{"type":"boolean","description":"Display auto submit toolbar\n"},"enduserNote":{"type":"string","description":"Application notes for end users.\n"},"hideIos":{"type":"boolean","description":"Do not display application icon on mobile app\n"},"hideWeb":{"type":"boolean","description":"Do not display application icon to users\n"},"label":{"type":"string","description":"The Application's display name.\n"},"logo":{"type":"string","description":"Local file path to the logo. The file must be in PNG, JPG, or GIF format, and less than 1 MB in size.\n"},"logoUrl":{"type":"string","description":"URL of the application's logo\n"},"name":{"type":"string","description":"Name of the app.\n"},"requestIntegration":{"type":"boolean","description":"Would you like Okta to add an integration for this app?\n"},"signOnMode":{"type":"string","description":"Sign on mode of application.\n"},"status":{"type":"string","description":"Status of application. By default, it is `ACTIVE`\n"},"url":{"type":"string","description":"The URL of the bookmark.\n"}},"required":["authenticationPolicy","label","logoUrl","name","signOnMode","url"],"inputProperties":{"accessibilityErrorRedirectUrl":{"type":"string","description":"Custom error page URL\n"},"accessibilityLoginRedirectUrl":{"type":"string","description":"Custom login page URL\n"},"accessibilitySelfService":{"type":"boolean","description":"Enable self service. Default is \u003cspan pulumi-lang-nodejs=\"`false`\" pulumi-lang-dotnet=\"`False`\" pulumi-lang-go=\"`false`\" pulumi-lang-python=\"`false`\" pulumi-lang-yaml=\"`false`\" pulumi-lang-java=\"`false`\"\u003e`false`\u003c/span\u003e\n"},"adminNote":{"type":"string","description":"Application notes for admins.\n"},"appLinksJson":{"type":"string","description":"Displays specific appLinks for the app. The value for each application link should be boolean.\n"},"authenticationPolicy":{"type":"string","description":"The ID of the associated app*signon*policy. If this property is removed from the application the default sign-on-policy will be associated with this application.\n"},"autoSubmitToolbar":{"type":"boolean","description":"Display auto submit toolbar\n"},"enduserNote":{"type":"string","description":"Application notes for end users.\n"},"hideIos":{"type":"boolean","description":"Do not display application icon on mobile app\n"},"hideWeb":{"type":"boolean","description":"Do not display application icon to users\n"},"label":{"type":"string","description":"The Application's display name.\n"},"logo":{"type":"string","description":"Local file path to the logo. The file must be in PNG, JPG, or GIF format, and less than 1 MB in size.\n"},"requestIntegration":{"type":"boolean","description":"Would you like Okta to add an integration for this app?\n"},"status":{"type":"string","description":"Status of application. By default, it is `ACTIVE`\n"},"url":{"type":"string","description":"The URL of the bookmark.\n"}},"requiredInputs":["label","url"],"stateInputs":{"description":"Input properties used for looking up and filtering Bookmark resources.\n","properties":{"accessibilityErrorRedirectUrl":{"type":"string","description":"Custom error page URL\n"},"accessibilityLoginRedirectUrl":{"type":"string","description":"Custom login page URL\n"},"accessibilitySelfService":{"type":"boolean","description":"Enable self service. Default is \u003cspan pulumi-lang-nodejs=\"`false`\" pulumi-lang-dotnet=\"`False`\" pulumi-lang-go=\"`false`\" pulumi-lang-python=\"`false`\" pulumi-lang-yaml=\"`false`\" pulumi-lang-java=\"`false`\"\u003e`false`\u003c/span\u003e\n"},"adminNote":{"type":"string","description":"Application notes for admins.\n"},"appLinksJson":{"type":"string","description":"Displays specific appLinks for the app. The value for each application link should be boolean.\n"},"authenticationPolicy":{"type":"string","description":"The ID of the associated app*signon*policy. If this property is removed from the application the default sign-on-policy will be associated with this application.\n"},"autoSubmitToolbar":{"type":"boolean","description":"Display auto submit toolbar\n"},"enduserNote":{"type":"string","description":"Application notes for end users.\n"},"hideIos":{"type":"boolean","description":"Do not display application icon on mobile app\n"},"hideWeb":{"type":"boolean","description":"Do not display application icon to users\n"},"label":{"type":"string","description":"The Application's display name.\n"},"logo":{"type":"string","description":"Local file path to the logo. The file must be in PNG, JPG, or GIF format, and less than 1 MB in size.\n"},"logoUrl":{"type":"string","description":"URL of the application's logo\n"},"name":{"type":"string","description":"Name of the app.\n"},"requestIntegration":{"type":"boolean","description":"Would you like Okta to add an integration for this app?\n"},"signOnMode":{"type":"string","description":"Sign on mode of application.\n"},"status":{"type":"string","description":"Status of application. By default, it is `ACTIVE`\n"},"url":{"type":"string","description":"The URL of the bookmark.\n"}},"type":"object"}},"okta:app/connection:Connection":{"description":"Manages Okta App Connection configurations for provisioning. This resource allows you to configure and manage provisioning connections for applications, including authentication schemes and connection activation/deactivation.\n\n## Example Usage\n\n### TOKEN Authentication\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst tokenExample = new okta.app.Connection(\"token_example\", {\n    idProperty: \"0oa1234567890abcdef\",\n    baseUrl: \"https://api.example.com/scim/v2\",\n    action: \"activate\",\n    profile: {\n        authScheme: \"TOKEN\",\n        token: \"your-bearer-token-here\",\n    },\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\ntoken_example = okta.app.Connection(\"token_example\",\n    id_property=\"0oa1234567890abcdef\",\n    base_url=\"https://api.example.com/scim/v2\",\n    action=\"activate\",\n    profile={\n        \"auth_scheme\": \"TOKEN\",\n        \"token\": \"your-bearer-token-here\",\n    })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var tokenExample = new Okta.App.Connection(\"token_example\", new()\n    {\n        IdProperty = \"0oa1234567890abcdef\",\n        BaseUrl = \"https://api.example.com/scim/v2\",\n        Action = \"activate\",\n        Profile = new Okta.App.Inputs.ConnectionProfileArgs\n        {\n            AuthScheme = \"TOKEN\",\n            Token = \"your-bearer-token-here\",\n        },\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta/app\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := app.NewConnection(ctx, \"token_example\", \u0026app.ConnectionArgs{\n\t\t\tIdProperty: pulumi.String(\"0oa1234567890abcdef\"),\n\t\t\tBaseUrl:    pulumi.String(\"https://api.example.com/scim/v2\"),\n\t\t\tAction:     pulumi.String(\"activate\"),\n\t\t\tProfile: \u0026app.ConnectionProfileArgs{\n\t\t\t\tAuthScheme: pulumi.String(\"TOKEN\"),\n\t\t\t\tToken:      pulumi.String(\"your-bearer-token-here\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.app.Connection;\nimport com.pulumi.okta.app.ConnectionArgs;\nimport com.pulumi.okta.app.inputs.ConnectionProfileArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        var tokenExample = new Connection(\"tokenExample\", ConnectionArgs.builder()\n            .idProperty(\"0oa1234567890abcdef\")\n            .baseUrl(\"https://api.example.com/scim/v2\")\n            .action(\"activate\")\n            .profile(ConnectionProfileArgs.builder()\n                .authScheme(\"TOKEN\")\n                .token(\"your-bearer-token-here\")\n                .build())\n            .build());\n\n    }\n}\n```\n```yaml\nresources:\n  tokenExample:\n    type: okta:app:Connection\n    name: token_example\n    properties:\n      idProperty: 0oa1234567890abcdef\n      baseUrl: https://api.example.com/scim/v2\n      action: activate\n      profile:\n        authScheme: TOKEN\n        token: your-bearer-token-here\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### OAUTH2 Authentication\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst oauth2Example = new okta.app.Connection(\"oauth2_example\", {\n    idProperty: \"0oa1234567890abcdef\",\n    action: \"activate\",\n    profile: {\n        authScheme: \"OAUTH2\",\n        clientId: \"oauth2-client-id\",\n        settings: {\n            adminUsername: \"admin@example.com\",\n            adminPassword: \"secure-password\",\n        },\n        signing: {\n            rotationMode: \"MANUAL\",\n        },\n    },\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\noauth2_example = okta.app.Connection(\"oauth2_example\",\n    id_property=\"0oa1234567890abcdef\",\n    action=\"activate\",\n    profile={\n        \"auth_scheme\": \"OAUTH2\",\n        \"client_id\": \"oauth2-client-id\",\n        \"settings\": {\n            \"admin_username\": \"admin@example.com\",\n            \"admin_password\": \"secure-password\",\n        },\n        \"signing\": {\n            \"rotation_mode\": \"MANUAL\",\n        },\n    })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var oauth2Example = new Okta.App.Connection(\"oauth2_example\", new()\n    {\n        IdProperty = \"0oa1234567890abcdef\",\n        Action = \"activate\",\n        Profile = new Okta.App.Inputs.ConnectionProfileArgs\n        {\n            AuthScheme = \"OAUTH2\",\n            ClientId = \"oauth2-client-id\",\n            Settings = new Okta.App.Inputs.ConnectionProfileSettingsArgs\n            {\n                AdminUsername = \"admin@example.com\",\n                AdminPassword = \"secure-password\",\n            },\n            Signing = new Okta.App.Inputs.ConnectionProfileSigningArgs\n            {\n                RotationMode = \"MANUAL\",\n            },\n        },\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta/app\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := app.NewConnection(ctx, \"oauth2_example\", \u0026app.ConnectionArgs{\n\t\t\tIdProperty: pulumi.String(\"0oa1234567890abcdef\"),\n\t\t\tAction:     pulumi.String(\"activate\"),\n\t\t\tProfile: \u0026app.ConnectionProfileArgs{\n\t\t\t\tAuthScheme: pulumi.String(\"OAUTH2\"),\n\t\t\t\tClientId:   pulumi.String(\"oauth2-client-id\"),\n\t\t\t\tSettings: \u0026app.ConnectionProfileSettingsArgs{\n\t\t\t\t\tAdminUsername: pulumi.String(\"admin@example.com\"),\n\t\t\t\t\tAdminPassword: pulumi.String(\"secure-password\"),\n\t\t\t\t},\n\t\t\t\tSigning: \u0026app.ConnectionProfileSigningArgs{\n\t\t\t\t\tRotationMode: pulumi.String(\"MANUAL\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.app.Connection;\nimport com.pulumi.okta.app.ConnectionArgs;\nimport com.pulumi.okta.app.inputs.ConnectionProfileArgs;\nimport com.pulumi.okta.app.inputs.ConnectionProfileSettingsArgs;\nimport com.pulumi.okta.app.inputs.ConnectionProfileSigningArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        var oauth2Example = new Connection(\"oauth2Example\", ConnectionArgs.builder()\n            .idProperty(\"0oa1234567890abcdef\")\n            .action(\"activate\")\n            .profile(ConnectionProfileArgs.builder()\n                .authScheme(\"OAUTH2\")\n                .clientId(\"oauth2-client-id\")\n                .settings(ConnectionProfileSettingsArgs.builder()\n                    .adminUsername(\"admin@example.com\")\n                    .adminPassword(\"secure-password\")\n                    .build())\n                .signing(ConnectionProfileSigningArgs.builder()\n                    .rotationMode(\"MANUAL\")\n                    .build())\n                .build())\n            .build());\n\n    }\n}\n```\n```yaml\nresources:\n  oauth2Example:\n    type: okta:app:Connection\n    name: oauth2_example\n    properties:\n      idProperty: 0oa1234567890abcdef\n      action: activate\n      profile:\n        authScheme: OAUTH2\n        clientId: oauth2-client-id\n        settings:\n          adminUsername: admin@example.com\n          adminPassword: secure-password\n        signing:\n          rotationMode: MANUAL\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Deactivated Connection\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst deactivatedExample = new okta.app.Connection(\"deactivated_example\", {\n    idProperty: \"0oa1234567890abcdef\",\n    baseUrl: \"https://api.example.com/scim/v2\",\n    action: \"deactivate\",\n    profile: {\n        authScheme: \"TOKEN\",\n        token: \"your-bearer-token-here\",\n    },\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\ndeactivated_example = okta.app.Connection(\"deactivated_example\",\n    id_property=\"0oa1234567890abcdef\",\n    base_url=\"https://api.example.com/scim/v2\",\n    action=\"deactivate\",\n    profile={\n        \"auth_scheme\": \"TOKEN\",\n        \"token\": \"your-bearer-token-here\",\n    })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var deactivatedExample = new Okta.App.Connection(\"deactivated_example\", new()\n    {\n        IdProperty = \"0oa1234567890abcdef\",\n        BaseUrl = \"https://api.example.com/scim/v2\",\n        Action = \"deactivate\",\n        Profile = new Okta.App.Inputs.ConnectionProfileArgs\n        {\n            AuthScheme = \"TOKEN\",\n            Token = \"your-bearer-token-here\",\n        },\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta/app\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := app.NewConnection(ctx, \"deactivated_example\", \u0026app.ConnectionArgs{\n\t\t\tIdProperty: pulumi.String(\"0oa1234567890abcdef\"),\n\t\t\tBaseUrl:    pulumi.String(\"https://api.example.com/scim/v2\"),\n\t\t\tAction:     pulumi.String(\"deactivate\"),\n\t\t\tProfile: \u0026app.ConnectionProfileArgs{\n\t\t\t\tAuthScheme: pulumi.String(\"TOKEN\"),\n\t\t\t\tToken:      pulumi.String(\"your-bearer-token-here\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.app.Connection;\nimport com.pulumi.okta.app.ConnectionArgs;\nimport com.pulumi.okta.app.inputs.ConnectionProfileArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        var deactivatedExample = new Connection(\"deactivatedExample\", ConnectionArgs.builder()\n            .idProperty(\"0oa1234567890abcdef\")\n            .baseUrl(\"https://api.example.com/scim/v2\")\n            .action(\"deactivate\")\n            .profile(ConnectionProfileArgs.builder()\n                .authScheme(\"TOKEN\")\n                .token(\"your-bearer-token-here\")\n                .build())\n            .build());\n\n    }\n}\n```\n```yaml\nresources:\n  deactivatedExample:\n    type: okta:app:Connection\n    name: deactivated_example\n    properties:\n      idProperty: 0oa1234567890abcdef\n      baseUrl: https://api.example.com/scim/v2\n      action: deactivate\n      profile:\n        authScheme: TOKEN\n        token: your-bearer-token-here\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nApp connections can be imported using the application ID:\n\n```sh\n$ pulumi import okta:app/connection:Connection example \u003capplication_id\u003e\n```\n\n","properties":{"action":{"type":"string","description":"The action to perform on the connection. Valid values are \u003cspan pulumi-lang-nodejs=\"`activate`\" pulumi-lang-dotnet=\"`Activate`\" pulumi-lang-go=\"`activate`\" pulumi-lang-python=\"`activate`\" pulumi-lang-yaml=\"`activate`\" pulumi-lang-java=\"`activate`\"\u003e`activate`\u003c/span\u003e or \u003cspan pulumi-lang-nodejs=\"`deactivate`\" pulumi-lang-dotnet=\"`Deactivate`\" pulumi-lang-go=\"`deactivate`\" pulumi-lang-python=\"`deactivate`\" pulumi-lang-yaml=\"`deactivate`\" pulumi-lang-java=\"`deactivate`\"\u003e`deactivate`\u003c/span\u003e."},"baseUrl":{"type":"string","description":"The base URL for the provisioning connection."},"idProperty":{"type":"string","description":"The application ID."},"profile":{"$ref":"#/types/okta:app/ConnectionProfile:ConnectionProfile","description":"Profile configuration for the app connection."},"status":{"type":"string","description":"Provisioning connection status."}},"required":["action","baseUrl","idProperty","status"],"inputProperties":{"action":{"type":"string","description":"The action to perform on the connection. Valid values are \u003cspan pulumi-lang-nodejs=\"`activate`\" pulumi-lang-dotnet=\"`Activate`\" pulumi-lang-go=\"`activate`\" pulumi-lang-python=\"`activate`\" pulumi-lang-yaml=\"`activate`\" pulumi-lang-java=\"`activate`\"\u003e`activate`\u003c/span\u003e or \u003cspan pulumi-lang-nodejs=\"`deactivate`\" pulumi-lang-dotnet=\"`Deactivate`\" pulumi-lang-go=\"`deactivate`\" pulumi-lang-python=\"`deactivate`\" pulumi-lang-yaml=\"`deactivate`\" pulumi-lang-java=\"`deactivate`\"\u003e`deactivate`\u003c/span\u003e."},"baseUrl":{"type":"string","description":"The base URL for the provisioning connection."},"idProperty":{"type":"string","description":"The application ID."},"profile":{"$ref":"#/types/okta:app/ConnectionProfile:ConnectionProfile","description":"Profile configuration for the app connection."}},"requiredInputs":["action","baseUrl","idProperty"],"stateInputs":{"description":"Input properties used for looking up and filtering Connection resources.\n","properties":{"action":{"type":"string","description":"The action to perform on the connection. Valid values are \u003cspan pulumi-lang-nodejs=\"`activate`\" pulumi-lang-dotnet=\"`Activate`\" pulumi-lang-go=\"`activate`\" pulumi-lang-python=\"`activate`\" pulumi-lang-yaml=\"`activate`\" pulumi-lang-java=\"`activate`\"\u003e`activate`\u003c/span\u003e or \u003cspan pulumi-lang-nodejs=\"`deactivate`\" pulumi-lang-dotnet=\"`Deactivate`\" pulumi-lang-go=\"`deactivate`\" pulumi-lang-python=\"`deactivate`\" pulumi-lang-yaml=\"`deactivate`\" pulumi-lang-java=\"`deactivate`\"\u003e`deactivate`\u003c/span\u003e."},"baseUrl":{"type":"string","description":"The base URL for the provisioning connection."},"idProperty":{"type":"string","description":"The application ID."},"profile":{"$ref":"#/types/okta:app/ConnectionProfile:ConnectionProfile","description":"Profile configuration for the app connection."},"status":{"type":"string","description":"Provisioning connection status."}},"type":"object"}},"okta:app/features:Features":{"description":"\n\n## Import\n\nApp features can be imported using the format `{app_id}/{feature_name}`:\n\nbash\n\n```sh\n$ pulumi import okta:app/features:Features example 0oarblaf7hWdLawNg1d7/USER_PROVISIONING\n```\n\nbash\n\n```sh\n$ pulumi import okta:app/features:Features inbound 0oarblaf7hWdLawNg1d7/INBOUND_PROVISIONING\n```\n\n","properties":{"appId":{"type":"string","description":"The ID of the application to configure features for.\n"},"capabilities":{"$ref":"#/types/okta:app/FeaturesCapabilities:FeaturesCapabilities","description":"Configuration block for feature capabilities. See Capabilities below.\n"},"description":{"type":"string","description":"Description of the feature.\n"},"name":{"type":"string","description":"The name of the feature to configure. Valid values:\n* `USER_PROVISIONING` - User profiles are pushed from Okta to the third-party app.\n* `INBOUND_PROVISIONING` - User profiles are imported from the third-party app into Okta.\n"},"status":{"type":"string","description":"The status of the feature. Valid values are `ENABLED` or `DISABLED`.\n"}},"required":["appId","name"],"inputProperties":{"appId":{"type":"string","description":"The ID of the application to configure features for.\n"},"capabilities":{"$ref":"#/types/okta:app/FeaturesCapabilities:FeaturesCapabilities","description":"Configuration block for feature capabilities. See Capabilities below.\n"},"description":{"type":"string","description":"Description of the feature.\n"},"name":{"type":"string","description":"The name of the feature to configure. Valid values:\n* `USER_PROVISIONING` - User profiles are pushed from Okta to the third-party app.\n* `INBOUND_PROVISIONING` - User profiles are imported from the third-party app into Okta.\n"},"status":{"type":"string","description":"The status of the feature. Valid values are `ENABLED` or `DISABLED`.\n"}},"requiredInputs":["appId"],"stateInputs":{"description":"Input properties used for looking up and filtering Features resources.\n","properties":{"appId":{"type":"string","description":"The ID of the application to configure features for.\n"},"capabilities":{"$ref":"#/types/okta:app/FeaturesCapabilities:FeaturesCapabilities","description":"Configuration block for feature capabilities. See Capabilities below.\n"},"description":{"type":"string","description":"Description of the feature.\n"},"name":{"type":"string","description":"The name of the feature to configure. Valid values:\n* `USER_PROVISIONING` - User profiles are pushed from Okta to the third-party app.\n* `INBOUND_PROVISIONING` - User profiles are imported from the third-party app into Okta.\n"},"status":{"type":"string","description":"The status of the feature. Valid values are `ENABLED` or `DISABLED`.\n"}},"type":"object"}},"okta:app/federatedClaim:FederatedClaim":{"description":"Manages a federated claim for an Okta application.\n\nFederated claims allow you to pass user information from Okta to your app integrations.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst testApp = new okta.app.Saml(\"test_app\", {\n    label: \"example\",\n    ssoUrl: \"https://example.com\",\n    recipient: \"https://example.com\",\n    destination: \"https://example.com\",\n    audience: \"https://example.com/audience\",\n    subjectNameIdTemplate: \"${user.userName}\",\n    subjectNameIdFormat: \"urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress\",\n    responseSigned: true,\n    signatureAlgorithm: \"RSA_SHA256\",\n    digestAlgorithm: \"SHA256\",\n});\nconst example = new okta.app.FederatedClaim(\"example\", {\n    appId: testApp.id,\n    name: \"role_last_name\",\n    expression: \"user.profile.lastName\",\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\ntest_app = okta.app.Saml(\"test_app\",\n    label=\"example\",\n    sso_url=\"https://example.com\",\n    recipient=\"https://example.com\",\n    destination=\"https://example.com\",\n    audience=\"https://example.com/audience\",\n    subject_name_id_template=\"${user.userName}\",\n    subject_name_id_format=\"urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress\",\n    response_signed=True,\n    signature_algorithm=\"RSA_SHA256\",\n    digest_algorithm=\"SHA256\")\nexample = okta.app.FederatedClaim(\"example\",\n    app_id=test_app.id,\n    name=\"role_last_name\",\n    expression=\"user.profile.lastName\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var testApp = new Okta.App.Saml(\"test_app\", new()\n    {\n        Label = \"example\",\n        SsoUrl = \"https://example.com\",\n        Recipient = \"https://example.com\",\n        Destination = \"https://example.com\",\n        Audience = \"https://example.com/audience\",\n        SubjectNameIdTemplate = \"${user.userName}\",\n        SubjectNameIdFormat = \"urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress\",\n        ResponseSigned = true,\n        SignatureAlgorithm = \"RSA_SHA256\",\n        DigestAlgorithm = \"SHA256\",\n    });\n\n    var example = new Okta.App.FederatedClaim(\"example\", new()\n    {\n        AppId = testApp.Id,\n        Name = \"role_last_name\",\n        Expression = \"user.profile.lastName\",\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta/app\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttestApp, err := app.NewSaml(ctx, \"test_app\", \u0026app.SamlArgs{\n\t\t\tLabel:                 pulumi.String(\"example\"),\n\t\t\tSsoUrl:                pulumi.String(\"https://example.com\"),\n\t\t\tRecipient:             pulumi.String(\"https://example.com\"),\n\t\t\tDestination:           pulumi.String(\"https://example.com\"),\n\t\t\tAudience:              pulumi.String(\"https://example.com/audience\"),\n\t\t\tSubjectNameIdTemplate: pulumi.String(\"${user.userName}\"),\n\t\t\tSubjectNameIdFormat:   pulumi.String(\"urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress\"),\n\t\t\tResponseSigned:        pulumi.Bool(true),\n\t\t\tSignatureAlgorithm:    pulumi.String(\"RSA_SHA256\"),\n\t\t\tDigestAlgorithm:       pulumi.String(\"SHA256\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = app.NewFederatedClaim(ctx, \"example\", \u0026app.FederatedClaimArgs{\n\t\t\tAppId:      testApp.ID(),\n\t\t\tName:       pulumi.String(\"role_last_name\"),\n\t\t\tExpression: pulumi.String(\"user.profile.lastName\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.app.Saml;\nimport com.pulumi.okta.app.SamlArgs;\nimport com.pulumi.okta.app.FederatedClaim;\nimport com.pulumi.okta.app.FederatedClaimArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        var testApp = new Saml(\"testApp\", SamlArgs.builder()\n            .label(\"example\")\n            .ssoUrl(\"https://example.com\")\n            .recipient(\"https://example.com\")\n            .destination(\"https://example.com\")\n            .audience(\"https://example.com/audience\")\n            .subjectNameIdTemplate(\"${user.userName}\")\n            .subjectNameIdFormat(\"urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress\")\n            .responseSigned(true)\n            .signatureAlgorithm(\"RSA_SHA256\")\n            .digestAlgorithm(\"SHA256\")\n            .build());\n\n        var example = new FederatedClaim(\"example\", FederatedClaimArgs.builder()\n            .appId(testApp.id())\n            .name(\"role_last_name\")\n            .expression(\"user.profile.lastName\")\n            .build());\n\n    }\n}\n```\n```yaml\nresources:\n  testApp:\n    type: okta:app:Saml\n    name: test_app\n    properties:\n      label: example\n      ssoUrl: https://example.com\n      recipient: https://example.com\n      destination: https://example.com\n      audience: https://example.com/audience\n      subjectNameIdTemplate: $${user.userName}\n      subjectNameIdFormat: urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress\n      responseSigned: true\n      signatureAlgorithm: RSA_SHA256\n      digestAlgorithm: SHA256\n  example:\n    type: okta:app:FederatedClaim\n    properties:\n      appId: ${testApp.id}\n      name: role_last_name\n      expression: user.profile.lastName\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Multiple Claims Example\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst testApp = new okta.app.Saml(\"test_app\", {\n    label: \"example\",\n    ssoUrl: \"https://example.com\",\n    recipient: \"https://example.com\",\n    destination: \"https://example.com\",\n    audience: \"https://example.com/audience\",\n    subjectNameIdTemplate: \"${user.userName}\",\n    subjectNameIdFormat: \"urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress\",\n    responseSigned: true,\n    signatureAlgorithm: \"RSA_SHA256\",\n    digestAlgorithm: \"SHA256\",\n});\nconst lastName = new okta.app.FederatedClaim(\"last_name\", {\n    appId: testApp.id,\n    name: \"lastName\",\n    expression: \"user.profile.lastName\",\n});\nconst firstName = new okta.app.FederatedClaim(\"first_name\", {\n    appId: testApp.id,\n    name: \"firstName\",\n    expression: \"user.profile.firstName\",\n});\nconst department = new okta.app.FederatedClaim(\"department\", {\n    appId: testApp.id,\n    name: \"department\",\n    expression: \"user.profile.department\",\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\ntest_app = okta.app.Saml(\"test_app\",\n    label=\"example\",\n    sso_url=\"https://example.com\",\n    recipient=\"https://example.com\",\n    destination=\"https://example.com\",\n    audience=\"https://example.com/audience\",\n    subject_name_id_template=\"${user.userName}\",\n    subject_name_id_format=\"urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress\",\n    response_signed=True,\n    signature_algorithm=\"RSA_SHA256\",\n    digest_algorithm=\"SHA256\")\nlast_name = okta.app.FederatedClaim(\"last_name\",\n    app_id=test_app.id,\n    name=\"lastName\",\n    expression=\"user.profile.lastName\")\nfirst_name = okta.app.FederatedClaim(\"first_name\",\n    app_id=test_app.id,\n    name=\"firstName\",\n    expression=\"user.profile.firstName\")\ndepartment = okta.app.FederatedClaim(\"department\",\n    app_id=test_app.id,\n    name=\"department\",\n    expression=\"user.profile.department\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var testApp = new Okta.App.Saml(\"test_app\", new()\n    {\n        Label = \"example\",\n        SsoUrl = \"https://example.com\",\n        Recipient = \"https://example.com\",\n        Destination = \"https://example.com\",\n        Audience = \"https://example.com/audience\",\n        SubjectNameIdTemplate = \"${user.userName}\",\n        SubjectNameIdFormat = \"urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress\",\n        ResponseSigned = true,\n        SignatureAlgorithm = \"RSA_SHA256\",\n        DigestAlgorithm = \"SHA256\",\n    });\n\n    var lastName = new Okta.App.FederatedClaim(\"last_name\", new()\n    {\n        AppId = testApp.Id,\n        Name = \"lastName\",\n        Expression = \"user.profile.lastName\",\n    });\n\n    var firstName = new Okta.App.FederatedClaim(\"first_name\", new()\n    {\n        AppId = testApp.Id,\n        Name = \"firstName\",\n        Expression = \"user.profile.firstName\",\n    });\n\n    var department = new Okta.App.FederatedClaim(\"department\", new()\n    {\n        AppId = testApp.Id,\n        Name = \"department\",\n        Expression = \"user.profile.department\",\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta/app\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttestApp, err := app.NewSaml(ctx, \"test_app\", \u0026app.SamlArgs{\n\t\t\tLabel:                 pulumi.String(\"example\"),\n\t\t\tSsoUrl:                pulumi.String(\"https://example.com\"),\n\t\t\tRecipient:             pulumi.String(\"https://example.com\"),\n\t\t\tDestination:           pulumi.String(\"https://example.com\"),\n\t\t\tAudience:              pulumi.String(\"https://example.com/audience\"),\n\t\t\tSubjectNameIdTemplate: pulumi.String(\"${user.userName}\"),\n\t\t\tSubjectNameIdFormat:   pulumi.String(\"urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress\"),\n\t\t\tResponseSigned:        pulumi.Bool(true),\n\t\t\tSignatureAlgorithm:    pulumi.String(\"RSA_SHA256\"),\n\t\t\tDigestAlgorithm:       pulumi.String(\"SHA256\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = app.NewFederatedClaim(ctx, \"last_name\", \u0026app.FederatedClaimArgs{\n\t\t\tAppId:      testApp.ID(),\n\t\t\tName:       pulumi.String(\"lastName\"),\n\t\t\tExpression: pulumi.String(\"user.profile.lastName\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = app.NewFederatedClaim(ctx, \"first_name\", \u0026app.FederatedClaimArgs{\n\t\t\tAppId:      testApp.ID(),\n\t\t\tName:       pulumi.String(\"firstName\"),\n\t\t\tExpression: pulumi.String(\"user.profile.firstName\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = app.NewFederatedClaim(ctx, \"department\", \u0026app.FederatedClaimArgs{\n\t\t\tAppId:      testApp.ID(),\n\t\t\tName:       pulumi.String(\"department\"),\n\t\t\tExpression: pulumi.String(\"user.profile.department\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.app.Saml;\nimport com.pulumi.okta.app.SamlArgs;\nimport com.pulumi.okta.app.FederatedClaim;\nimport com.pulumi.okta.app.FederatedClaimArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        var testApp = new Saml(\"testApp\", SamlArgs.builder()\n            .label(\"example\")\n            .ssoUrl(\"https://example.com\")\n            .recipient(\"https://example.com\")\n            .destination(\"https://example.com\")\n            .audience(\"https://example.com/audience\")\n            .subjectNameIdTemplate(\"${user.userName}\")\n            .subjectNameIdFormat(\"urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress\")\n            .responseSigned(true)\n            .signatureAlgorithm(\"RSA_SHA256\")\n            .digestAlgorithm(\"SHA256\")\n            .build());\n\n        var lastName = new FederatedClaim(\"lastName\", FederatedClaimArgs.builder()\n            .appId(testApp.id())\n            .name(\"lastName\")\n            .expression(\"user.profile.lastName\")\n            .build());\n\n        var firstName = new FederatedClaim(\"firstName\", FederatedClaimArgs.builder()\n            .appId(testApp.id())\n            .name(\"firstName\")\n            .expression(\"user.profile.firstName\")\n            .build());\n\n        var department = new FederatedClaim(\"department\", FederatedClaimArgs.builder()\n            .appId(testApp.id())\n            .name(\"department\")\n            .expression(\"user.profile.department\")\n            .build());\n\n    }\n}\n```\n```yaml\nresources:\n  testApp:\n    type: okta:app:Saml\n    name: test_app\n    properties:\n      label: example\n      ssoUrl: https://example.com\n      recipient: https://example.com\n      destination: https://example.com\n      audience: https://example.com/audience\n      subjectNameIdTemplate: $${user.userName}\n      subjectNameIdFormat: urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress\n      responseSigned: true\n      signatureAlgorithm: RSA_SHA256\n      digestAlgorithm: SHA256\n  lastName:\n    type: okta:app:FederatedClaim\n    name: last_name\n    properties:\n      appId: ${testApp.id}\n      name: lastName\n      expression: user.profile.lastName\n  firstName:\n    type: okta:app:FederatedClaim\n    name: first_name\n    properties:\n      appId: ${testApp.id}\n      name: firstName\n      expression: user.profile.firstName\n  department:\n    type: okta:app:FederatedClaim\n    properties:\n      appId: ${testApp.id}\n      name: department\n      expression: user.profile.department\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nAn app federated claim can be imported using the format `app_id/id`:\n\n```sh\n$ pulumi import okta:app/federatedClaim:FederatedClaim example \u003capp_id\u003e/\u003cid\u003e\n```\n\nExample:\n\n```sh\n$ pulumi import okta:app/federatedClaim:FederatedClaim example 0oa1234567890abcdef/clm1234567890abcdef\n```\n\n","properties":{"appId":{"type":"string","description":"The ID of the application to add the federated claim to.\n"},"expression":{"type":"string","description":"The Okta Expression Language expression to be evaluated at runtime. See [Okta Expression Language](https://developer.okta.com/docs/reference/okta-expression-language/) for more information.\n"},"name":{"type":"string","description":"The name of the claim to be used in the produced token.\n"}},"required":["appId","expression","name"],"inputProperties":{"appId":{"type":"string","description":"The ID of the application to add the federated claim to.\n"},"expression":{"type":"string","description":"The Okta Expression Language expression to be evaluated at runtime. See [Okta Expression Language](https://developer.okta.com/docs/reference/okta-expression-language/) for more information.\n"},"name":{"type":"string","description":"The name of the claim to be used in the produced token.\n"}},"requiredInputs":["appId","expression"],"stateInputs":{"description":"Input properties used for looking up and filtering FederatedClaim resources.\n","properties":{"appId":{"type":"string","description":"The ID of the application to add the federated claim to.\n"},"expression":{"type":"string","description":"The Okta Expression Language expression to be evaluated at runtime. See [Okta Expression Language](https://developer.okta.com/docs/reference/okta-expression-language/) for more information.\n"},"name":{"type":"string","description":"The name of the claim to be used in the produced token.\n"}},"type":"object"}},"okta:app/groupAssignment:GroupAssignment":{"description":"## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst example = new okta.app.GroupAssignment(\"example\", {\n    appId: \"\u003capp id\u003e\",\n    groupId: \"\u003cgroup id\u003e\",\n    profile: `{\n  \\\\\"\u003capp_profile_field\u003e\\\\\": \\\\\"\u003cvalue\u003e\\\\\"\n}\n`,\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\nexample = okta.app.GroupAssignment(\"example\",\n    app_id=\"\u003capp id\u003e\",\n    group_id=\"\u003cgroup id\u003e\",\n    profile=\"\"\"{\n  \\\"\u003capp_profile_field\u003e\\\": \\\"\u003cvalue\u003e\\\"\n}\n\"\"\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var example = new Okta.App.GroupAssignment(\"example\", new()\n    {\n        AppId = \"\u003capp id\u003e\",\n        GroupId = \"\u003cgroup id\u003e\",\n        Profile = @\"{\n  \\\"\"\u003capp_profile_field\u003e\\\"\": \\\"\"\u003cvalue\u003e\\\"\"\n}\n\",\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta/app\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := app.NewGroupAssignment(ctx, \"example\", \u0026app.GroupAssignmentArgs{\n\t\t\tAppId:   pulumi.String(\"\u003capp id\u003e\"),\n\t\t\tGroupId: pulumi.String(\"\u003cgroup id\u003e\"),\n\t\t\tProfile: pulumi.String(\"{\\n  \\\\\\\"\u003capp_profile_field\u003e\\\\\\\": \\\\\\\"\u003cvalue\u003e\\\\\\\"\\n}\\n\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.app.GroupAssignment;\nimport com.pulumi.okta.app.GroupAssignmentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        var example = new GroupAssignment(\"example\", GroupAssignmentArgs.builder()\n            .appId(\"\u003capp id\u003e\")\n            .groupId(\"\u003cgroup id\u003e\")\n            .profile(\"\"\"\n{\n  \\\"\u003capp_profile_field\u003e\\\": \\\"\u003cvalue\u003e\\\"\n}\n            \"\"\")\n            .build());\n\n    }\n}\n```\n```yaml\nresources:\n  example:\n    type: okta:app:GroupAssignment\n    properties:\n      appId: \u003capp id\u003e\n      groupId: \u003cgroup id\u003e\n      profile: |\n        {\n          \\\"\u003capp_profile_field\u003e\\\": \\\"\u003cvalue\u003e\\\"\n        }\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\n```sh\n$ pulumi import okta:app/groupAssignment:GroupAssignment example \u003capp_id\u003e/\u003cgroup_id\u003e\n```\n\n","properties":{"appId":{"type":"string","description":"App to associate group with\n"},"groupId":{"type":"string","description":"Group associated with the application\n"},"priority":{"type":"integer","description":"Priority of group assignment.\n"},"profile":{"type":"string","description":"JSON document containing [application profile](https://developer.okta.com/docs/reference/api/apps/#profile-object)\n"},"retainAssignment":{"type":"boolean","description":"Retain the group assignment on destroy. If set to true, the resource will be removed from state but not from the Okta app.\n"}},"required":["appId","groupId"],"inputProperties":{"appId":{"type":"string","description":"App to associate group with\n","willReplaceOnChanges":true},"groupId":{"type":"string","description":"Group associated with the application\n","willReplaceOnChanges":true},"priority":{"type":"integer","description":"Priority of group assignment.\n"},"profile":{"type":"string","description":"JSON document containing [application profile](https://developer.okta.com/docs/reference/api/apps/#profile-object)\n"},"retainAssignment":{"type":"boolean","description":"Retain the group assignment on destroy. If set to true, the resource will be removed from state but not from the Okta app.\n"}},"requiredInputs":["appId","groupId"],"stateInputs":{"description":"Input properties used for looking up and filtering GroupAssignment resources.\n","properties":{"appId":{"type":"string","description":"App to associate group with\n","willReplaceOnChanges":true},"groupId":{"type":"string","description":"Group associated with the application\n","willReplaceOnChanges":true},"priority":{"type":"integer","description":"Priority of group assignment.\n"},"profile":{"type":"string","description":"JSON document containing [application profile](https://developer.okta.com/docs/reference/api/apps/#profile-object)\n"},"retainAssignment":{"type":"boolean","description":"Retain the group assignment on destroy. If set to true, the resource will be removed from state but not from the Okta app.\n"}},"type":"object"}},"okta:app/oAuth:OAuth":{"description":"This resource allows you to create and configure an OIDC Application.\n\u003e During an apply if there is change in status the app will first be\nactivated or deactivated in accordance with the status change. Then, all\nother arguments that changed will be applied.\n\n\u003e \u003cspan pulumi-lang-nodejs=\"`okta.app.OAuthRedirectUri`\" pulumi-lang-dotnet=\"`okta.app.OAuthRedirectUri`\" pulumi-lang-go=\"`app.OAuthRedirectUri`\" pulumi-lang-python=\"`app.OAuthRedirectUri`\" pulumi-lang-yaml=\"`okta.app.OAuthRedirectUri`\" pulumi-lang-java=\"`okta.app.OAuthRedirectUri`\"\u003e`okta.app.OAuthRedirectUri`\u003c/span\u003e has been marked deprecated and will be removed\nin the v5 release of the provider. Operators should manage the redirect URIs for\nan oauth app directly on that resource.\n\n### Private Keys\n\nThe private key format that an Okta OAuth app expects is PKCS#8 (unencrypted).\nThe operator either uploads their own private key or Okta can generate one in\nthe Admin UI Panel under the apps Client Credentials. PKCS#8 format can be\nidentified by a header that starts with `-----BEGIN PRIVATE KEY-----`. If the\noperator has a PKCS#1 (unencrypted) format private key (the header starts with\n`-----BEGIN RSA PRIVATE KEY-----`) they can generate a PKCS#8 format\nkey with \u003cspan pulumi-lang-nodejs=\"`openssl`\" pulumi-lang-dotnet=\"`Openssl`\" pulumi-lang-go=\"`openssl`\" pulumi-lang-python=\"`openssl`\" pulumi-lang-yaml=\"`openssl`\" pulumi-lang-java=\"`openssl`\"\u003e`openssl`\u003c/span\u003e:\n\n```\n openssl rsa -in pkcs1.pem -out pkcs8-example.pem\n```\n\n### Advanced PEM and JWKS example\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as jwks from \"@pulumi/jwks\";\nimport * as okta from \"@pulumi/okta\";\nimport * as std from \"@pulumi/std\";\nimport * as tls from \"@pulumi/tls\";\n\n// NOTE: Example to generate a PEM easily as a tool. These secrets will be saved\n// to the state file and shouldn't be persisted. Instead, save the secrets into\n// a secrets manager to be reused.\n// https://registry.terraform.io/providers/hashicorp/tls/latest/docs/resources/private_key\n//\n// NOTE: Even though tls is a Hashicorp provider you should still audit its code\n// to be satisfied with its security.\n// https://github.com/hashicorp/terraform-provider-tls\n//\nconst rsa = new tls.index.PrivateKey(\"rsa\", {\n    algorithm: \"RSA\",\n    rsaBits: 4096,\n});\n//\n// Pretty print a PEM with TF show and jq\n// terraform show -json | jq -r '.values.root_module.resources[] | select(.address == \"tls_private_key.rsa\").values.private_key_pem'\n//\n// Delete the secrets explicitly or just remove them from the config and run\n// apply again.\n// pulumi up -destroy -auto-approve -target=tls_private_key.rsa\n// NOTE: Even though the iwarapter/jwks is listed in the registry you should\n// still audit its code to be satisfied with its security.\n// https://registry.terraform.io/providers/iwarapter/jwks/latest/docs/data-sources/from_key\n// https://github.com/iwarapter/terraform-provider-jwks\n//\nconst jwksFromKey = jwks.index.FromKey({\n    key: rsa.privateKeyPem,\n    kid: \"my-kid\",\n});\nconst jwks = std.index.jsondecode({\n    input: jwksFromKey.jwks,\n}).result;\n// https://registry.terraform.io/providers/okta/okta/latest/docs/resources/app_oauth\nconst app = new okta.app.OAuth(\"app\", {\n    label: \"My OAuth App\",\n    type: \"service\",\n    responseTypes: [\"token\"],\n    grantTypes: [\"client_credentials\"],\n    tokenEndpointAuthMethod: \"private_key_jwt\",\n    jwks: [{\n        kty: jwks.kty,\n        kid: jwks.kid,\n        e: jwks.e,\n        n: jwks.n,\n    }],\n});\n```\n```python\nimport pulumi\nimport pulumi_jwks as jwks\nimport pulumi_okta as okta\nimport pulumi_std as std\nimport pulumi_tls as tls\n\n# NOTE: Example to generate a PEM easily as a tool. These secrets will be saved\n# to the state file and shouldn't be persisted. Instead, save the secrets into\n# a secrets manager to be reused.\n# https://registry.terraform.io/providers/hashicorp/tls/latest/docs/resources/private_key\n#\n# NOTE: Even though tls is a Hashicorp provider you should still audit its code\n# to be satisfied with its security.\n# https://github.com/hashicorp/terraform-provider-tls\n#\nrsa = tls.index.PrivateKey(\"rsa\",\n    algorithm=RSA,\n    rsa_bits=4096)\n#\n# Pretty print a PEM with TF show and jq\n# terraform show -json | jq -r '.values.root_module.resources[] | select(.address == \"tls_private_key.rsa\").values.private_key_pem'\n#\n# Delete the secrets explicitly or just remove them from the config and run\n# apply again.\n# pulumi up -destroy -auto-approve -target=tls_private_key.rsa\n# NOTE: Even though the iwarapter/jwks is listed in the registry you should\n# still audit its code to be satisfied with its security.\n# https://registry.terraform.io/providers/iwarapter/jwks/latest/docs/data-sources/from_key\n# https://github.com/iwarapter/terraform-provider-jwks\n#\njwks_from_key = jwks.index.from_key(key=rsa[\"privateKeyPem\"],\n    kid=\"my-kid\")\njwks = std.index.jsondecode(input=jwks_from_key[\"jwks\"])[\"result\"]\n# https://registry.terraform.io/providers/okta/okta/latest/docs/resources/app_oauth\napp = okta.app.OAuth(\"app\",\n    label=\"My OAuth App\",\n    type=\"service\",\n    response_types=[\"token\"],\n    grant_types=[\"client_credentials\"],\n    token_endpoint_auth_method=\"private_key_jwt\",\n    jwks=[{\n        \"kty\": jwks[\"kty\"],\n        \"kid\": jwks[\"kid\"],\n        \"e\": jwks[\"e\"],\n        \"n\": jwks[\"n\"],\n    }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Jwks = Pulumi.Jwks;\nusing Okta = Pulumi.Okta;\nusing Std = Pulumi.Std;\nusing Tls = Pulumi.Tls;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    // NOTE: Example to generate a PEM easily as a tool. These secrets will be saved\n    // to the state file and shouldn't be persisted. Instead, save the secrets into\n    // a secrets manager to be reused.\n    // https://registry.terraform.io/providers/hashicorp/tls/latest/docs/resources/private_key\n    //\n    // NOTE: Even though tls is a Hashicorp provider you should still audit its code\n    // to be satisfied with its security.\n    // https://github.com/hashicorp/terraform-provider-tls\n    //\n    var rsa = new Tls.Index.PrivateKey(\"rsa\", new()\n    {\n        Algorithm = \"RSA\",\n        RsaBits = 4096,\n    });\n\n    //\n    // Pretty print a PEM with TF show and jq\n    // terraform show -json | jq -r '.values.root_module.resources[] | select(.address == \"tls_private_key.rsa\").values.private_key_pem'\n    //\n    // Delete the secrets explicitly or just remove them from the config and run\n    // apply again.\n    // pulumi up -destroy -auto-approve -target=tls_private_key.rsa\n    // NOTE: Even though the iwarapter/jwks is listed in the registry you should\n    // still audit its code to be satisfied with its security.\n    // https://registry.terraform.io/providers/iwarapter/jwks/latest/docs/data-sources/from_key\n    // https://github.com/iwarapter/terraform-provider-jwks\n    //\n    var jwksFromKey = Jwks.Index.FromKey.Invoke(new()\n    {\n        Key = rsa.PrivateKeyPem,\n        Kid = \"my-kid\",\n    });\n\n    var jwks = Std.Index.Jsondecode.Invoke(new()\n    {\n        Input = jwksFromKey.Jwks,\n    }).Result;\n\n    // https://registry.terraform.io/providers/okta/okta/latest/docs/resources/app_oauth\n    var app = new Okta.App.OAuth(\"app\", new()\n    {\n        Label = \"My OAuth App\",\n        Type = \"service\",\n        ResponseTypes = new[]\n        {\n            \"token\",\n        },\n        GrantTypes = new[]\n        {\n            \"client_credentials\",\n        },\n        TokenEndpointAuthMethod = \"private_key_jwt\",\n        Jwks = new[]\n        {\n            new Okta.App.Inputs.OAuthJwkArgs\n            {\n                Kty = jwks.Kty,\n                Kid = jwks.Kid,\n                E = jwks.E,\n                N = jwks.N,\n            },\n        },\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-jwks/sdk/go/jwks\"\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta/app\"\n\t\"github.com/pulumi/pulumi-std/sdk/go/std\"\n\t\"github.com/pulumi/pulumi-tls/sdk/go/tls\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t// NOTE: Example to generate a PEM easily as a tool. These secrets will be saved\n\t\t// to the state file and shouldn't be persisted. Instead, save the secrets into\n\t\t// a secrets manager to be reused.\n\t\t// https://registry.terraform.io/providers/hashicorp/tls/latest/docs/resources/private_key\n\t\t//\n\t\t// NOTE: Even though tls is a Hashicorp provider you should still audit its code\n\t\t// to be satisfied with its security.\n\t\t// https://github.com/hashicorp/terraform-provider-tls\n\t\trsa, err := tls.NewPrivateKey(ctx, \"rsa\", \u0026tls.PrivateKeyArgs{\n\t\t\tAlgorithm: \"RSA\",\n\t\t\tRsaBits:   4096,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// NOTE: Even though the iwarapter/jwks is listed in the registry you should\n\t\t// still audit its code to be satisfied with its security.\n\t\t// https://registry.terraform.io/providers/iwarapter/jwks/latest/docs/data-sources/from_key\n\t\t// https://github.com/iwarapter/terraform-provider-jwks\n\t\tjwksFromKey, err := jwks.FromKey(ctx, map[string]interface{}{\n\t\t\t\"key\": rsa.PrivateKeyPem,\n\t\t\t\"kid\": \"my-kid\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjwks := std.Jsondecode(ctx, map[string]interface{}{\n\t\t\t\"input\": jwksFromKey.Jwks,\n\t\t}, nil).Result\n\t\t// https://registry.terraform.io/providers/okta/okta/latest/docs/resources/app_oauth\n\t\t_, err = app.NewOAuth(ctx, \"app\", \u0026app.OAuthArgs{\n\t\t\tLabel: pulumi.String(\"My OAuth App\"),\n\t\t\tType:  pulumi.String(\"service\"),\n\t\t\tResponseTypes: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"token\"),\n\t\t\t},\n\t\t\tGrantTypes: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"client_credentials\"),\n\t\t\t},\n\t\t\tTokenEndpointAuthMethod: pulumi.String(\"private_key_jwt\"),\n\t\t\tJwks: app.OAuthJwkArray{\n\t\t\t\t\u0026app.OAuthJwkArgs{\n\t\t\t\t\tKty: pulumi.Any(jwks.Kty),\n\t\t\t\t\tKid: pulumi.Any(jwks.Kid),\n\t\t\t\t\tE:   pulumi.Any(jwks.E),\n\t\t\t\t\tN:   pulumi.Any(jwks.N),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.tls.PrivateKey;\nimport com.pulumi.tls.PrivateKeyArgs;\nimport com.pulumi.jwks.JwksFunctions;\nimport com.pulumi.std.StdFunctions;\nimport com.pulumi.okta.app.OAuth;\nimport com.pulumi.okta.app.OAuthArgs;\nimport com.pulumi.okta.app.inputs.OAuthJwkArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        // NOTE: Example to generate a PEM easily as a tool. These secrets will be saved\n        // to the state file and shouldn't be persisted. Instead, save the secrets into\n        // a secrets manager to be reused.\n        // https://registry.terraform.io/providers/hashicorp/tls/latest/docs/resources/private_key\n        //\n        // NOTE: Even though tls is a Hashicorp provider you should still audit its code\n        // to be satisfied with its security.\n        // https://github.com/hashicorp/terraform-provider-tls\n        //\n        var rsa = new PrivateKey(\"rsa\", PrivateKeyArgs.builder()\n            .algorithm(\"RSA\")\n            .rsaBits(4096)\n            .build());\n\n        //\n        // Pretty print a PEM with TF show and jq\n        // terraform show -json | jq -r '.values.root_module.resources[] | select(.address == \"tls_private_key.rsa\").values.private_key_pem'\n        //\n        // Delete the secrets explicitly or just remove them from the config and run\n        // apply again.\n        // pulumi up -destroy -auto-approve -target=tls_private_key.rsa\n        // NOTE: Even though the iwarapter/jwks is listed in the registry you should\n        // still audit its code to be satisfied with its security.\n        // https://registry.terraform.io/providers/iwarapter/jwks/latest/docs/data-sources/from_key\n        // https://github.com/iwarapter/terraform-provider-jwks\n        //\n        final var jwksFromKey = JwksFunctions.FromKey(Map.ofEntries(\n            Map.entry(\"key\", rsa.privateKeyPem()),\n            Map.entry(\"kid\", \"my-kid\")\n        ));\n\n        final var jwks = StdFunctions.jsondecode(Map.of(\"input\", jwksFromKey.jwks())).result();\n\n        // https://registry.terraform.io/providers/okta/okta/latest/docs/resources/app_oauth\n        var app = new OAuth(\"app\", OAuthArgs.builder()\n            .label(\"My OAuth App\")\n            .type(\"service\")\n            .responseTypes(\"token\")\n            .grantTypes(\"client_credentials\")\n            .tokenEndpointAuthMethod(\"private_key_jwt\")\n            .jwks(OAuthJwkArgs.builder()\n                .kty(jwks.kty())\n                .kid(jwks.kid())\n                .e(jwks.e())\n                .n(jwks.n())\n                .build())\n            .build());\n\n    }\n}\n```\n```yaml\nresources:\n  # NOTE: Example to generate a PEM easily as a tool. These secrets will be saved\n  # to the state file and shouldn't be persisted. Instead, save the secrets into\n  # a secrets manager to be reused.\n  # https://registry.terraform.io/providers/hashicorp/tls/latest/docs/resources/private_key\n  #\n  # NOTE: Even though tls is a Hashicorp provider you should still audit its code\n  # to be satisfied with its security.\n  # https://github.com/hashicorp/terraform-provider-tls\n  #\n  rsa: #\n  # Pretty print a PEM with TF show and jq\n  # terraform show -json | jq -r '.values.root_module.resources[] | select(.address == \"tls_private_key.rsa\").values.private_key_pem'\n  #\n  # Delete the secrets explicitly or just remove them from the config and run\n  # apply again.\n  # pulumi up -destroy -auto-approve -target=tls_private_key.rsa\n    type: tls:PrivateKey\n    properties:\n      algorithm: RSA\n      rsaBits: 4096\n  # https://registry.terraform.io/providers/okta/okta/latest/docs/resources/app_oauth\n  app:\n    type: okta:app:OAuth\n    properties:\n      label: My OAuth App\n      type: service\n      responseTypes:\n        - token\n      grantTypes:\n        - client_credentials\n      tokenEndpointAuthMethod: private_key_jwt\n      jwks:\n        - kty: ${jwks.kty}\n          kid: ${jwks.kid}\n          e: ${jwks.e}\n          n: ${jwks.n}\nvariables:\n  # NOTE: Even though the iwarapter/jwks is listed in the registry you should\n  # still audit its code to be satisfied with its security.\n  # https://registry.terraform.io/providers/iwarapter/jwks/latest/docs/data-sources/from_key\n  # https://github.com/iwarapter/terraform-provider-jwks\n  #\n  jwksFromKey:\n    fn::invoke:\n      function: jwks:FromKey\n      arguments:\n        key: ${rsa.privateKeyPem}\n        kid: my-kid\n  jwks:\n    fn::invoke:\n      function: std:jsondecode\n      arguments:\n        input: ${jwksFromKey.jwks}\n      return: result\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\n```sh\n$ pulumi import okta:app/oAuth:OAuth example \u003capp_id\u003e\n```\n\n","properties":{"accessibilityErrorRedirectUrl":{"type":"string","description":"Custom error page URL\n"},"accessibilityLoginRedirectUrl":{"type":"string","description":"Custom login page URL\n"},"accessibilitySelfService":{"type":"boolean","description":"Enable self service. Default is \u003cspan pulumi-lang-nodejs=\"`false`\" pulumi-lang-dotnet=\"`False`\" pulumi-lang-go=\"`false`\" pulumi-lang-python=\"`false`\" pulumi-lang-yaml=\"`false`\" pulumi-lang-java=\"`false`\"\u003e`false`\u003c/span\u003e\n"},"adminNote":{"type":"string","description":"Application notes for admins.\n"},"appLinksJson":{"type":"string","description":"Displays specific appLinks for the app. The value for each application link should be boolean.\n"},"appSettingsJson":{"type":"string","description":"Application settings in JSON format\n"},"authenticationPolicy":{"type":"string","description":"The ID of the associated app*signon*policy. If this property is removed from the application the default sign-on-policy will be associated with this application. From now on, there is no need to attach\u003cspan pulumi-lang-nodejs=\" authenticationPolicy \" pulumi-lang-dotnet=\" AuthenticationPolicy \" pulumi-lang-go=\" authenticationPolicy \" pulumi-lang-python=\" authentication_policy \" pulumi-lang-yaml=\" authenticationPolicy \" pulumi-lang-java=\" authenticationPolicy \"\u003e authentication_policy \u003c/span\u003efor applications of type `SERVICE` in the upcoming release.\n"},"autoKeyRotation":{"type":"boolean","description":"Requested key rotation mode. If\n\t\t\tauto*key*rotation isn't specified, the client automatically opts in for Okta's\n\t\t\tkey rotation. You can update this property via the API or via the administrator\n\t\t\tUI.\n\t\t\tSee: https://developer.okta.com/docs/reference/api/apps/#oauth-credential-object\"\n"},"autoSubmitToolbar":{"type":"boolean","description":"Display auto submit toolbar\n"},"clientBasicSecret":{"type":"string","description":"The user provided OAuth client secret key value, this can be set when token*endpoint*auth*method is client*secret*basic. This does nothing when `omit*secret is set to true.\n","secret":true},"clientId":{"type":"string","description":"OAuth client ID. If set during creation, app is created with this id.\n"},"clientSecret":{"type":"string","description":"OAuth client secret value, this is output only. This will be in plain text in your statefile unless you set\u003cspan pulumi-lang-nodejs=\" omitSecret \" pulumi-lang-dotnet=\" OmitSecret \" pulumi-lang-go=\" omitSecret \" pulumi-lang-python=\" omit_secret \" pulumi-lang-yaml=\" omitSecret \" pulumi-lang-java=\" omitSecret \"\u003e omit_secret \u003c/span\u003eabove.\n","secret":true},"clientUri":{"type":"string","description":"URI to a web page providing information about the client.\n"},"consentMethod":{"type":"string","description":"*Early Access Property*. Indicates whether user consent is required or implicit. Valid values: REQUIRED, TRUSTED. Default value is TRUSTED. Note: Enable `API_ACCESS_MANAGEMENT`, `API_ACCESS_MANAGEMENT_CONSENT` feature flags in your org to use this property.\n"},"enduserNote":{"type":"string","description":"Application notes for end users.\n"},"frontchannelLogoutSessionRequired":{"type":"boolean","description":"*Early Access Property*. Determines whether Okta sends sid and iss in the logout request.\n"},"frontchannelLogoutUri":{"type":"string","description":"*Early Access Property*. URL where Okta sends the logout request. Required when\u003cspan pulumi-lang-nodejs=\" participateSlo \" pulumi-lang-dotnet=\" ParticipateSlo \" pulumi-lang-go=\" participateSlo \" pulumi-lang-python=\" participate_slo \" pulumi-lang-yaml=\" participateSlo \" pulumi-lang-java=\" participateSlo \"\u003e participate_slo \u003c/span\u003eis true.\n"},"grantTypes":{"type":"array","items":{"type":"string"},"description":"List of OAuth 2.0 grant types. Conditional validation params found here https://developer.okta.com/docs/api/resources/apps#credentials-settings-details. Defaults to minimum requirements per app type.\n"},"groupsClaim":{"$ref":"#/types/okta:app/OAuthGroupsClaim:OAuthGroupsClaim","description":"Groups claim for an OpenID Connect client application (argument is ignored when API auth is done with OAuth 2.0 credentials)\n","deprecationMessage":"The\u003cspan pulumi-lang-nodejs=\" groupsClaim \" pulumi-lang-dotnet=\" GroupsClaim \" pulumi-lang-go=\" groupsClaim \" pulumi-lang-python=\" groups_claim \" pulumi-lang-yaml=\" groupsClaim \" pulumi-lang-java=\" groupsClaim \"\u003e groups_claim \u003c/span\u003efield is deprecated and will be removed in a future version. Use Authorization Server Claims (okta_auth_server_claim) or app profile configuration instead."},"hideIos":{"type":"boolean","description":"Do not display application icon on mobile app\n"},"hideWeb":{"type":"boolean","description":"Do not display application icon to users\n"},"implicitAssignment":{"type":"boolean","description":"*Early Access Property*. Enable Federation Broker Mode.\n"},"issuerMode":{"type":"string","description":"*Early Access Property*. Indicates whether the Okta Authorization Server uses the original Okta org domain URL or a custom domain URL as the issuer of ID token for this client.\n"},"jwks":{"type":"array","items":{"$ref":"#/types/okta:app/OAuthJwk:OAuthJwk"},"description":"JSON Web Key Set (JWKS) for application. Note: Inline JWKS may have compatibility issues with v6 SDK. Consider using\u003cspan pulumi-lang-nodejs=\" jwksUri \" pulumi-lang-dotnet=\" JwksUri \" pulumi-lang-go=\" jwksUri \" pulumi-lang-python=\" jwks_uri \" pulumi-lang-yaml=\" jwksUri \" pulumi-lang-java=\" jwksUri \"\u003e jwks_uri \u003c/span\u003einstead."},"jwksUri":{"type":"string","description":"URL reference to JWKS\n"},"label":{"type":"string","description":"The Application's display name.\n"},"loginMode":{"type":"string","description":"The type of Idp-Initiated login that the client supports, if any\n"},"loginScopes":{"type":"array","items":{"type":"string"},"description":"List of scopes to use for the request\n"},"loginUri":{"type":"string","description":"URI that initiates login.\n"},"logo":{"type":"string","description":"Local file path to the logo. The file must be in PNG, JPG, or GIF format, and less than 1 MB in size.\n"},"logoUri":{"type":"string","description":"URI that references a logo for the client.\n"},"logoUrl":{"type":"string","description":"URL of the application's logo\n"},"name":{"type":"string","description":"Name of the app.\n"},"omitSecret":{"type":"boolean","description":"This tells the provider not manage the client*secret value in state. When this is false (the default), it will cause the auto-generated client*secret to be persisted in the\u003cspan pulumi-lang-nodejs=\" clientSecret \" pulumi-lang-dotnet=\" ClientSecret \" pulumi-lang-go=\" clientSecret \" pulumi-lang-python=\" client_secret \" pulumi-lang-yaml=\" clientSecret \" pulumi-lang-java=\" clientSecret \"\u003e client_secret \u003c/span\u003eattribute in state. This also means that every time an update to this app is run, this value is also set on the API. If this changes from false =\u003e true, the \u003cspan pulumi-lang-nodejs=\"`clientSecret`\" pulumi-lang-dotnet=\"`ClientSecret`\" pulumi-lang-go=\"`clientSecret`\" pulumi-lang-python=\"`client_secret`\" pulumi-lang-yaml=\"`clientSecret`\" pulumi-lang-java=\"`clientSecret`\"\u003e`client_secret`\u003c/span\u003e is dropped from state and the secret at the time of the apply is what remains. If this is ever changes from true =\u003e false your app will be recreated, due to the need to regenerate a secret we can store in state.\n"},"participateSlo":{"type":"boolean","description":"*Early Access Property*. Allows the app to participate in front-channel Single Logout. Note: You can only enable participate*slo for web and browser application types. When set to true, frontchannel*logout_uri must also be provided. Enable `SINGLE_LOGOUT_SUPPORT` feature flag in your org to use this property.\n"},"pkceRequired":{"type":"boolean","description":"Require Proof Key for Code Exchange (PKCE) for additional verification key rotation mode. See: https://developer.okta.com/docs/reference/api/apps/#oauth-credential-object\n"},"policyUri":{"type":"string","description":"URI to web page providing client policy document.\n"},"postLogoutRedirectUris":{"type":"array","items":{"type":"string"},"description":"List of URIs for redirection after logout. Note: see okta*app*oauth*post*logout*redirect*uri for appending to this list in a decentralized way.\n"},"profile":{"type":"string","description":"Custom JSON that represents an OAuth application's profile\n"},"redirectUris":{"type":"array","items":{"type":"string"},"description":"List of URIs for use in the redirect-based flow. This is required for all application types except service. Note: see okta*app*oauth*redirect*uri for appending to this list in a decentralized way.\n"},"refreshTokenLeeway":{"type":"integer","description":"*Early Access Property* Grace period for token rotation, required with grant types refresh_token\n"},"refreshTokenRotation":{"type":"string","description":"*Early Access Property* Refresh token rotation behavior, required with grant types refresh_token\n"},"responseTypes":{"type":"array","items":{"type":"string"},"description":"List of OAuth 2.0 response type strings. Valid values are any combination of: \u003cspan pulumi-lang-nodejs=\"`code`\" pulumi-lang-dotnet=\"`Code`\" pulumi-lang-go=\"`code`\" pulumi-lang-python=\"`code`\" pulumi-lang-yaml=\"`code`\" pulumi-lang-java=\"`code`\"\u003e`code`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`token`\" pulumi-lang-dotnet=\"`Token`\" pulumi-lang-go=\"`token`\" pulumi-lang-python=\"`token`\" pulumi-lang-yaml=\"`token`\" pulumi-lang-java=\"`token`\"\u003e`token`\u003c/span\u003e, and \u003cspan pulumi-lang-nodejs=\"`idToken`\" pulumi-lang-dotnet=\"`IdToken`\" pulumi-lang-go=\"`idToken`\" pulumi-lang-python=\"`id_token`\" pulumi-lang-yaml=\"`idToken`\" pulumi-lang-java=\"`idToken`\"\u003e`id_token`\u003c/span\u003e.\n"},"signOnMode":{"type":"string","description":"Sign on mode of application.\n"},"status":{"type":"string","description":"Status of application. By default, it is `ACTIVE`\n"},"tokenEndpointAuthMethod":{"type":"string","description":"Requested authentication method for the token endpoint, valid values include:  'client*secret*basic', 'client*secret*post', 'client*secret*jwt', 'private*key*jwt', 'none', etc.\n"},"tosUri":{"type":"string","description":"URI to web page providing client tos (terms of service).\n"},"type":{"type":"string","description":"The type of client application.\n"},"userNameTemplate":{"type":"string","description":"Username template. Default: `${source.login}`\n"},"userNameTemplatePushStatus":{"type":"string","description":"Push username on update. Valid values: `PUSH` and `DONT_PUSH`\n"},"userNameTemplateSuffix":{"type":"string","description":"Username template suffix\n"},"userNameTemplateType":{"type":"string","description":"Username template type. Default: `BUILT_IN`\n"},"wildcardRedirect":{"type":"string","description":"*Early Access Property*. Indicates if the client is allowed to use wildcard matching of redirect_uris.\n"}},"required":["authenticationPolicy","clientId","clientSecret","grantTypes","label","logoUrl","name","pkceRequired","responseTypes","signOnMode","type"],"inputProperties":{"accessibilityErrorRedirectUrl":{"type":"string","description":"Custom error page URL\n"},"accessibilityLoginRedirectUrl":{"type":"string","description":"Custom login page URL\n"},"accessibilitySelfService":{"type":"boolean","description":"Enable self service. Default is \u003cspan pulumi-lang-nodejs=\"`false`\" pulumi-lang-dotnet=\"`False`\" pulumi-lang-go=\"`false`\" pulumi-lang-python=\"`false`\" pulumi-lang-yaml=\"`false`\" pulumi-lang-java=\"`false`\"\u003e`false`\u003c/span\u003e\n"},"adminNote":{"type":"string","description":"Application notes for admins.\n"},"appLinksJson":{"type":"string","description":"Displays specific appLinks for the app. The value for each application link should be boolean.\n"},"appSettingsJson":{"type":"string","description":"Application settings in JSON format\n"},"authenticationPolicy":{"type":"string","description":"The ID of the associated app*signon*policy. If this property is removed from the application the default sign-on-policy will be associated with this application. From now on, there is no need to attach\u003cspan pulumi-lang-nodejs=\" authenticationPolicy \" pulumi-lang-dotnet=\" AuthenticationPolicy \" pulumi-lang-go=\" authenticationPolicy \" pulumi-lang-python=\" authentication_policy \" pulumi-lang-yaml=\" authenticationPolicy \" pulumi-lang-java=\" authenticationPolicy \"\u003e authentication_policy \u003c/span\u003efor applications of type `SERVICE` in the upcoming release.\n"},"autoKeyRotation":{"type":"boolean","description":"Requested key rotation mode. If\n\t\t\tauto*key*rotation isn't specified, the client automatically opts in for Okta's\n\t\t\tkey rotation. You can update this property via the API or via the administrator\n\t\t\tUI.\n\t\t\tSee: https://developer.okta.com/docs/reference/api/apps/#oauth-credential-object\"\n"},"autoSubmitToolbar":{"type":"boolean","description":"Display auto submit toolbar\n"},"clientBasicSecret":{"type":"string","description":"The user provided OAuth client secret key value, this can be set when token*endpoint*auth*method is client*secret*basic. This does nothing when `omit*secret is set to true.\n","secret":true},"clientId":{"type":"string","description":"OAuth client ID. If set during creation, app is created with this id.\n","willReplaceOnChanges":true},"clientUri":{"type":"string","description":"URI to a web page providing information about the client.\n"},"consentMethod":{"type":"string","description":"*Early Access Property*. Indicates whether user consent is required or implicit. Valid values: REQUIRED, TRUSTED. Default value is TRUSTED. Note: Enable `API_ACCESS_MANAGEMENT`, `API_ACCESS_MANAGEMENT_CONSENT` feature flags in your org to use this property.\n"},"enduserNote":{"type":"string","description":"Application notes for end users.\n"},"frontchannelLogoutSessionRequired":{"type":"boolean","description":"*Early Access Property*. Determines whether Okta sends sid and iss in the logout request.\n"},"frontchannelLogoutUri":{"type":"string","description":"*Early Access Property*. URL where Okta sends the logout request. Required when\u003cspan pulumi-lang-nodejs=\" participateSlo \" pulumi-lang-dotnet=\" ParticipateSlo \" pulumi-lang-go=\" participateSlo \" pulumi-lang-python=\" participate_slo \" pulumi-lang-yaml=\" participateSlo \" pulumi-lang-java=\" participateSlo \"\u003e participate_slo \u003c/span\u003eis true.\n"},"grantTypes":{"type":"array","items":{"type":"string"},"description":"List of OAuth 2.0 grant types. Conditional validation params found here https://developer.okta.com/docs/api/resources/apps#credentials-settings-details. Defaults to minimum requirements per app type.\n"},"groupsClaim":{"$ref":"#/types/okta:app/OAuthGroupsClaim:OAuthGroupsClaim","description":"Groups claim for an OpenID Connect client application (argument is ignored when API auth is done with OAuth 2.0 credentials)\n","deprecationMessage":"The\u003cspan pulumi-lang-nodejs=\" groupsClaim \" pulumi-lang-dotnet=\" GroupsClaim \" pulumi-lang-go=\" groupsClaim \" pulumi-lang-python=\" groups_claim \" pulumi-lang-yaml=\" groupsClaim \" pulumi-lang-java=\" groupsClaim \"\u003e groups_claim \u003c/span\u003efield is deprecated and will be removed in a future version. Use Authorization Server Claims (okta_auth_server_claim) or app profile configuration instead."},"hideIos":{"type":"boolean","description":"Do not display application icon on mobile app\n"},"hideWeb":{"type":"boolean","description":"Do not display application icon to users\n"},"implicitAssignment":{"type":"boolean","description":"*Early Access Property*. Enable Federation Broker Mode.\n"},"issuerMode":{"type":"string","description":"*Early Access Property*. Indicates whether the Okta Authorization Server uses the original Okta org domain URL or a custom domain URL as the issuer of ID token for this client.\n"},"jwks":{"type":"array","items":{"$ref":"#/types/okta:app/OAuthJwk:OAuthJwk"},"description":"JSON Web Key Set (JWKS) for application. Note: Inline JWKS may have compatibility issues with v6 SDK. Consider using\u003cspan pulumi-lang-nodejs=\" jwksUri \" pulumi-lang-dotnet=\" JwksUri \" pulumi-lang-go=\" jwksUri \" pulumi-lang-python=\" jwks_uri \" pulumi-lang-yaml=\" jwksUri \" pulumi-lang-java=\" jwksUri \"\u003e jwks_uri \u003c/span\u003einstead."},"jwksUri":{"type":"string","description":"URL reference to JWKS\n"},"label":{"type":"string","description":"The Application's display name.\n"},"loginMode":{"type":"string","description":"The type of Idp-Initiated login that the client supports, if any\n"},"loginScopes":{"type":"array","items":{"type":"string"},"description":"List of scopes to use for the request\n"},"loginUri":{"type":"string","description":"URI that initiates login.\n"},"logo":{"type":"string","description":"Local file path to the logo. The file must be in PNG, JPG, or GIF format, and less than 1 MB in size.\n"},"logoUri":{"type":"string","description":"URI that references a logo for the client.\n"},"omitSecret":{"type":"boolean","description":"This tells the provider not manage the client*secret value in state. When this is false (the default), it will cause the auto-generated client*secret to be persisted in the\u003cspan pulumi-lang-nodejs=\" clientSecret \" pulumi-lang-dotnet=\" ClientSecret \" pulumi-lang-go=\" clientSecret \" pulumi-lang-python=\" client_secret \" pulumi-lang-yaml=\" clientSecret \" pulumi-lang-java=\" clientSecret \"\u003e client_secret \u003c/span\u003eattribute in state. This also means that every time an update to this app is run, this value is also set on the API. If this changes from false =\u003e true, the \u003cspan pulumi-lang-nodejs=\"`clientSecret`\" pulumi-lang-dotnet=\"`ClientSecret`\" pulumi-lang-go=\"`clientSecret`\" pulumi-lang-python=\"`client_secret`\" pulumi-lang-yaml=\"`clientSecret`\" pulumi-lang-java=\"`clientSecret`\"\u003e`client_secret`\u003c/span\u003e is dropped from state and the secret at the time of the apply is what remains. If this is ever changes from true =\u003e false your app will be recreated, due to the need to regenerate a secret we can store in state.\n"},"participateSlo":{"type":"boolean","description":"*Early Access Property*. Allows the app to participate in front-channel Single Logout. Note: You can only enable participate*slo for web and browser application types. When set to true, frontchannel*logout_uri must also be provided. Enable `SINGLE_LOGOUT_SUPPORT` feature flag in your org to use this property.\n"},"pkceRequired":{"type":"boolean","description":"Require Proof Key for Code Exchange (PKCE) for additional verification key rotation mode. See: https://developer.okta.com/docs/reference/api/apps/#oauth-credential-object\n"},"policyUri":{"type":"string","description":"URI to web page providing client policy document.\n"},"postLogoutRedirectUris":{"type":"array","items":{"type":"string"},"description":"List of URIs for redirection after logout. Note: see okta*app*oauth*post*logout*redirect*uri for appending to this list in a decentralized way.\n"},"profile":{"type":"string","description":"Custom JSON that represents an OAuth application's profile\n"},"redirectUris":{"type":"array","items":{"type":"string"},"description":"List of URIs for use in the redirect-based flow. This is required for all application types except service. Note: see okta*app*oauth*redirect*uri for appending to this list in a decentralized way.\n"},"refreshTokenLeeway":{"type":"integer","description":"*Early Access Property* Grace period for token rotation, required with grant types refresh_token\n"},"refreshTokenRotation":{"type":"string","description":"*Early Access Property* Refresh token rotation behavior, required with grant types refresh_token\n"},"responseTypes":{"type":"array","items":{"type":"string"},"description":"List of OAuth 2.0 response type strings. Valid values are any combination of: \u003cspan pulumi-lang-nodejs=\"`code`\" pulumi-lang-dotnet=\"`Code`\" pulumi-lang-go=\"`code`\" pulumi-lang-python=\"`code`\" pulumi-lang-yaml=\"`code`\" pulumi-lang-java=\"`code`\"\u003e`code`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`token`\" pulumi-lang-dotnet=\"`Token`\" pulumi-lang-go=\"`token`\" pulumi-lang-python=\"`token`\" pulumi-lang-yaml=\"`token`\" pulumi-lang-java=\"`token`\"\u003e`token`\u003c/span\u003e, and \u003cspan pulumi-lang-nodejs=\"`idToken`\" pulumi-lang-dotnet=\"`IdToken`\" pulumi-lang-go=\"`idToken`\" pulumi-lang-python=\"`id_token`\" pulumi-lang-yaml=\"`idToken`\" pulumi-lang-java=\"`idToken`\"\u003e`id_token`\u003c/span\u003e.\n"},"status":{"type":"string","description":"Status of application. By default, it is `ACTIVE`\n"},"tokenEndpointAuthMethod":{"type":"string","description":"Requested authentication method for the token endpoint, valid values include:  'client*secret*basic', 'client*secret*post', 'client*secret*jwt', 'private*key*jwt', 'none', etc.\n"},"tosUri":{"type":"string","description":"URI to web page providing client tos (terms of service).\n"},"type":{"type":"string","description":"The type of client application.\n","willReplaceOnChanges":true},"userNameTemplate":{"type":"string","description":"Username template. Default: `${source.login}`\n"},"userNameTemplatePushStatus":{"type":"string","description":"Push username on update. Valid values: `PUSH` and `DONT_PUSH`\n"},"userNameTemplateSuffix":{"type":"string","description":"Username template suffix\n"},"userNameTemplateType":{"type":"string","description":"Username template type. Default: `BUILT_IN`\n"},"wildcardRedirect":{"type":"string","description":"*Early Access Property*. Indicates if the client is allowed to use wildcard matching of redirect_uris.\n"}},"requiredInputs":["label","type"],"stateInputs":{"description":"Input properties used for looking up and filtering OAuth resources.\n","properties":{"accessibilityErrorRedirectUrl":{"type":"string","description":"Custom error page URL\n"},"accessibilityLoginRedirectUrl":{"type":"string","description":"Custom login page URL\n"},"accessibilitySelfService":{"type":"boolean","description":"Enable self service. Default is \u003cspan pulumi-lang-nodejs=\"`false`\" pulumi-lang-dotnet=\"`False`\" pulumi-lang-go=\"`false`\" pulumi-lang-python=\"`false`\" pulumi-lang-yaml=\"`false`\" pulumi-lang-java=\"`false`\"\u003e`false`\u003c/span\u003e\n"},"adminNote":{"type":"string","description":"Application notes for admins.\n"},"appLinksJson":{"type":"string","description":"Displays specific appLinks for the app. The value for each application link should be boolean.\n"},"appSettingsJson":{"type":"string","description":"Application settings in JSON format\n"},"authenticationPolicy":{"type":"string","description":"The ID of the associated app*signon*policy. If this property is removed from the application the default sign-on-policy will be associated with this application. From now on, there is no need to attach\u003cspan pulumi-lang-nodejs=\" authenticationPolicy \" pulumi-lang-dotnet=\" AuthenticationPolicy \" pulumi-lang-go=\" authenticationPolicy \" pulumi-lang-python=\" authentication_policy \" pulumi-lang-yaml=\" authenticationPolicy \" pulumi-lang-java=\" authenticationPolicy \"\u003e authentication_policy \u003c/span\u003efor applications of type `SERVICE` in the upcoming release.\n"},"autoKeyRotation":{"type":"boolean","description":"Requested key rotation mode. If\n\t\t\tauto*key*rotation isn't specified, the client automatically opts in for Okta's\n\t\t\tkey rotation. You can update this property via the API or via the administrator\n\t\t\tUI.\n\t\t\tSee: https://developer.okta.com/docs/reference/api/apps/#oauth-credential-object\"\n"},"autoSubmitToolbar":{"type":"boolean","description":"Display auto submit toolbar\n"},"clientBasicSecret":{"type":"string","description":"The user provided OAuth client secret key value, this can be set when token*endpoint*auth*method is client*secret*basic. This does nothing when `omit*secret is set to true.\n","secret":true},"clientId":{"type":"string","description":"OAuth client ID. If set during creation, app is created with this id.\n","willReplaceOnChanges":true},"clientSecret":{"type":"string","description":"OAuth client secret value, this is output only. This will be in plain text in your statefile unless you set\u003cspan pulumi-lang-nodejs=\" omitSecret \" pulumi-lang-dotnet=\" OmitSecret \" pulumi-lang-go=\" omitSecret \" pulumi-lang-python=\" omit_secret \" pulumi-lang-yaml=\" omitSecret \" pulumi-lang-java=\" omitSecret \"\u003e omit_secret \u003c/span\u003eabove.\n","secret":true},"clientUri":{"type":"string","description":"URI to a web page providing information about the client.\n"},"consentMethod":{"type":"string","description":"*Early Access Property*. Indicates whether user consent is required or implicit. Valid values: REQUIRED, TRUSTED. Default value is TRUSTED. Note: Enable `API_ACCESS_MANAGEMENT`, `API_ACCESS_MANAGEMENT_CONSENT` feature flags in your org to use this property.\n"},"enduserNote":{"type":"string","description":"Application notes for end users.\n"},"frontchannelLogoutSessionRequired":{"type":"boolean","description":"*Early Access Property*. Determines whether Okta sends sid and iss in the logout request.\n"},"frontchannelLogoutUri":{"type":"string","description":"*Early Access Property*. URL where Okta sends the logout request. Required when\u003cspan pulumi-lang-nodejs=\" participateSlo \" pulumi-lang-dotnet=\" ParticipateSlo \" pulumi-lang-go=\" participateSlo \" pulumi-lang-python=\" participate_slo \" pulumi-lang-yaml=\" participateSlo \" pulumi-lang-java=\" participateSlo \"\u003e participate_slo \u003c/span\u003eis true.\n"},"grantTypes":{"type":"array","items":{"type":"string"},"description":"List of OAuth 2.0 grant types. Conditional validation params found here https://developer.okta.com/docs/api/resources/apps#credentials-settings-details. Defaults to minimum requirements per app type.\n"},"groupsClaim":{"$ref":"#/types/okta:app/OAuthGroupsClaim:OAuthGroupsClaim","description":"Groups claim for an OpenID Connect client application (argument is ignored when API auth is done with OAuth 2.0 credentials)\n","deprecationMessage":"The\u003cspan pulumi-lang-nodejs=\" groupsClaim \" pulumi-lang-dotnet=\" GroupsClaim \" pulumi-lang-go=\" groupsClaim \" pulumi-lang-python=\" groups_claim \" pulumi-lang-yaml=\" groupsClaim \" pulumi-lang-java=\" groupsClaim \"\u003e groups_claim \u003c/span\u003efield is deprecated and will be removed in a future version. Use Authorization Server Claims (okta_auth_server_claim) or app profile configuration instead."},"hideIos":{"type":"boolean","description":"Do not display application icon on mobile app\n"},"hideWeb":{"type":"boolean","description":"Do not display application icon to users\n"},"implicitAssignment":{"type":"boolean","description":"*Early Access Property*. Enable Federation Broker Mode.\n"},"issuerMode":{"type":"string","description":"*Early Access Property*. Indicates whether the Okta Authorization Server uses the original Okta org domain URL or a custom domain URL as the issuer of ID token for this client.\n"},"jwks":{"type":"array","items":{"$ref":"#/types/okta:app/OAuthJwk:OAuthJwk"},"description":"JSON Web Key Set (JWKS) for application. Note: Inline JWKS may have compatibility issues with v6 SDK. Consider using\u003cspan pulumi-lang-nodejs=\" jwksUri \" pulumi-lang-dotnet=\" JwksUri \" pulumi-lang-go=\" jwksUri \" pulumi-lang-python=\" jwks_uri \" pulumi-lang-yaml=\" jwksUri \" pulumi-lang-java=\" jwksUri \"\u003e jwks_uri \u003c/span\u003einstead."},"jwksUri":{"type":"string","description":"URL reference to JWKS\n"},"label":{"type":"string","description":"The Application's display name.\n"},"loginMode":{"type":"string","description":"The type of Idp-Initiated login that the client supports, if any\n"},"loginScopes":{"type":"array","items":{"type":"string"},"description":"List of scopes to use for the request\n"},"loginUri":{"type":"string","description":"URI that initiates login.\n"},"logo":{"type":"string","description":"Local file path to the logo. The file must be in PNG, JPG, or GIF format, and less than 1 MB in size.\n"},"logoUri":{"type":"string","description":"URI that references a logo for the client.\n"},"logoUrl":{"type":"string","description":"URL of the application's logo\n"},"name":{"type":"string","description":"Name of the app.\n"},"omitSecret":{"type":"boolean","description":"This tells the provider not manage the client*secret value in state. When this is false (the default), it will cause the auto-generated client*secret to be persisted in the\u003cspan pulumi-lang-nodejs=\" clientSecret \" pulumi-lang-dotnet=\" ClientSecret \" pulumi-lang-go=\" clientSecret \" pulumi-lang-python=\" client_secret \" pulumi-lang-yaml=\" clientSecret \" pulumi-lang-java=\" clientSecret \"\u003e client_secret \u003c/span\u003eattribute in state. This also means that every time an update to this app is run, this value is also set on the API. If this changes from false =\u003e true, the \u003cspan pulumi-lang-nodejs=\"`clientSecret`\" pulumi-lang-dotnet=\"`ClientSecret`\" pulumi-lang-go=\"`clientSecret`\" pulumi-lang-python=\"`client_secret`\" pulumi-lang-yaml=\"`clientSecret`\" pulumi-lang-java=\"`clientSecret`\"\u003e`client_secret`\u003c/span\u003e is dropped from state and the secret at the time of the apply is what remains. If this is ever changes from true =\u003e false your app will be recreated, due to the need to regenerate a secret we can store in state.\n"},"participateSlo":{"type":"boolean","description":"*Early Access Property*. Allows the app to participate in front-channel Single Logout. Note: You can only enable participate*slo for web and browser application types. When set to true, frontchannel*logout_uri must also be provided. Enable `SINGLE_LOGOUT_SUPPORT` feature flag in your org to use this property.\n"},"pkceRequired":{"type":"boolean","description":"Require Proof Key for Code Exchange (PKCE) for additional verification key rotation mode. See: https://developer.okta.com/docs/reference/api/apps/#oauth-credential-object\n"},"policyUri":{"type":"string","description":"URI to web page providing client policy document.\n"},"postLogoutRedirectUris":{"type":"array","items":{"type":"string"},"description":"List of URIs for redirection after logout. Note: see okta*app*oauth*post*logout*redirect*uri for appending to this list in a decentralized way.\n"},"profile":{"type":"string","description":"Custom JSON that represents an OAuth application's profile\n"},"redirectUris":{"type":"array","items":{"type":"string"},"description":"List of URIs for use in the redirect-based flow. This is required for all application types except service. Note: see okta*app*oauth*redirect*uri for appending to this list in a decentralized way.\n"},"refreshTokenLeeway":{"type":"integer","description":"*Early Access Property* Grace period for token rotation, required with grant types refresh_token\n"},"refreshTokenRotation":{"type":"string","description":"*Early Access Property* Refresh token rotation behavior, required with grant types refresh_token\n"},"responseTypes":{"type":"array","items":{"type":"string"},"description":"List of OAuth 2.0 response type strings. Valid values are any combination of: \u003cspan pulumi-lang-nodejs=\"`code`\" pulumi-lang-dotnet=\"`Code`\" pulumi-lang-go=\"`code`\" pulumi-lang-python=\"`code`\" pulumi-lang-yaml=\"`code`\" pulumi-lang-java=\"`code`\"\u003e`code`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`token`\" pulumi-lang-dotnet=\"`Token`\" pulumi-lang-go=\"`token`\" pulumi-lang-python=\"`token`\" pulumi-lang-yaml=\"`token`\" pulumi-lang-java=\"`token`\"\u003e`token`\u003c/span\u003e, and \u003cspan pulumi-lang-nodejs=\"`idToken`\" pulumi-lang-dotnet=\"`IdToken`\" pulumi-lang-go=\"`idToken`\" pulumi-lang-python=\"`id_token`\" pulumi-lang-yaml=\"`idToken`\" pulumi-lang-java=\"`idToken`\"\u003e`id_token`\u003c/span\u003e.\n"},"signOnMode":{"type":"string","description":"Sign on mode of application.\n"},"status":{"type":"string","description":"Status of application. By default, it is `ACTIVE`\n"},"tokenEndpointAuthMethod":{"type":"string","description":"Requested authentication method for the token endpoint, valid values include:  'client*secret*basic', 'client*secret*post', 'client*secret*jwt', 'private*key*jwt', 'none', etc.\n"},"tosUri":{"type":"string","description":"URI to web page providing client tos (terms of service).\n"},"type":{"type":"string","description":"The type of client application.\n","willReplaceOnChanges":true},"userNameTemplate":{"type":"string","description":"Username template. Default: `${source.login}`\n"},"userNameTemplatePushStatus":{"type":"string","description":"Push username on update. Valid values: `PUSH` and `DONT_PUSH`\n"},"userNameTemplateSuffix":{"type":"string","description":"Username template suffix\n"},"userNameTemplateType":{"type":"string","description":"Username template type. Default: `BUILT_IN`\n"},"wildcardRedirect":{"type":"string","description":"*Early Access Property*. Indicates if the client is allowed to use wildcard matching of redirect_uris.\n"}},"type":"object"}},"okta:app/oAuthPostLogoutRedirectUri:OAuthPostLogoutRedirectUri":{"description":"This resource allows you to manage post logout redirection URI for use in redirect-based flows.\n\n\u003e \u003cspan pulumi-lang-nodejs=\"`okta.app.OAuthPostLogoutRedirectUri`\" pulumi-lang-dotnet=\"`okta.app.OAuthPostLogoutRedirectUri`\" pulumi-lang-go=\"`app.OAuthPostLogoutRedirectUri`\" pulumi-lang-python=\"`app.OAuthPostLogoutRedirectUri`\" pulumi-lang-yaml=\"`okta.app.OAuthPostLogoutRedirectUri`\" pulumi-lang-java=\"`okta.app.OAuthPostLogoutRedirectUri`\"\u003e`okta.app.OAuthPostLogoutRedirectUri`\u003c/span\u003e has been marked deprecated and will\nbe removed in the v5 release of the provider. Operators should manage the post\nlogout redirect URIs for an oauth app directly on that resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst test = new okta.app.OAuth(\"test\", {\n    label: \"testAcc_replace_with_uuid\",\n    type: \"web\",\n    grantTypes: [\"authorization_code\"],\n    responseTypes: [\"code\"],\n    redirectUris: [\"myapp://callback\"],\n    postLogoutRedirectUris: [\"https://www.example.com\"],\n});\nconst testOAuthPostLogoutRedirectUri = new okta.app.OAuthPostLogoutRedirectUri(\"test\", {\n    appId: test.id,\n    uri: \"https://www.example.com\",\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\ntest = okta.app.OAuth(\"test\",\n    label=\"testAcc_replace_with_uuid\",\n    type=\"web\",\n    grant_types=[\"authorization_code\"],\n    response_types=[\"code\"],\n    redirect_uris=[\"myapp://callback\"],\n    post_logout_redirect_uris=[\"https://www.example.com\"])\ntest_o_auth_post_logout_redirect_uri = okta.app.OAuthPostLogoutRedirectUri(\"test\",\n    app_id=test.id,\n    uri=\"https://www.example.com\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var test = new Okta.App.OAuth(\"test\", new()\n    {\n        Label = \"testAcc_replace_with_uuid\",\n        Type = \"web\",\n        GrantTypes = new[]\n        {\n            \"authorization_code\",\n        },\n        ResponseTypes = new[]\n        {\n            \"code\",\n        },\n        RedirectUris = new[]\n        {\n            \"myapp://callback\",\n        },\n        PostLogoutRedirectUris = new[]\n        {\n            \"https://www.example.com\",\n        },\n    });\n\n    var testOAuthPostLogoutRedirectUri = new Okta.App.OAuthPostLogoutRedirectUri(\"test\", new()\n    {\n        AppId = test.Id,\n        Uri = \"https://www.example.com\",\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta/app\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttest, err := app.NewOAuth(ctx, \"test\", \u0026app.OAuthArgs{\n\t\t\tLabel: pulumi.String(\"testAcc_replace_with_uuid\"),\n\t\t\tType:  pulumi.String(\"web\"),\n\t\t\tGrantTypes: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"authorization_code\"),\n\t\t\t},\n\t\t\tResponseTypes: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"code\"),\n\t\t\t},\n\t\t\tRedirectUris: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"myapp://callback\"),\n\t\t\t},\n\t\t\tPostLogoutRedirectUris: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"https://www.example.com\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = app.NewOAuthPostLogoutRedirectUri(ctx, \"test\", \u0026app.OAuthPostLogoutRedirectUriArgs{\n\t\t\tAppId: test.ID(),\n\t\t\tUri:   pulumi.String(\"https://www.example.com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.app.OAuth;\nimport com.pulumi.okta.app.OAuthArgs;\nimport com.pulumi.okta.app.OAuthPostLogoutRedirectUri;\nimport com.pulumi.okta.app.OAuthPostLogoutRedirectUriArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        var test = new OAuth(\"test\", OAuthArgs.builder()\n            .label(\"testAcc_replace_with_uuid\")\n            .type(\"web\")\n            .grantTypes(\"authorization_code\")\n            .responseTypes(\"code\")\n            .redirectUris(\"myapp://callback\")\n            .postLogoutRedirectUris(\"https://www.example.com\")\n            .build());\n\n        var testOAuthPostLogoutRedirectUri = new OAuthPostLogoutRedirectUri(\"testOAuthPostLogoutRedirectUri\", OAuthPostLogoutRedirectUriArgs.builder()\n            .appId(test.id())\n            .uri(\"https://www.example.com\")\n            .build());\n\n    }\n}\n```\n```yaml\nresources:\n  test:\n    type: okta:app:OAuth\n    properties:\n      label: testAcc_replace_with_uuid\n      type: web\n      grantTypes:\n        - authorization_code\n      responseTypes:\n        - code\n      redirectUris:\n        - myapp://callback\n      postLogoutRedirectUris:\n        - https://www.example.com\n  testOAuthPostLogoutRedirectUri:\n    type: okta:app:OAuthPostLogoutRedirectUri\n    name: test\n    properties:\n      appId: ${test.id}\n      uri: https://www.example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\n```sh\n$ pulumi import okta:app/oAuthPostLogoutRedirectUri:OAuthPostLogoutRedirectUri example \u003capp_id\u003e/\u003curi\u003e\n```\n\n","properties":{"appId":{"type":"string","description":"OAuth application ID.\n"},"uri":{"type":"string","description":"Post Logout Redirect URI to append to Okta OIDC application.\n"}},"required":["appId","uri"],"inputProperties":{"appId":{"type":"string","description":"OAuth application ID.\n","willReplaceOnChanges":true},"uri":{"type":"string","description":"Post Logout Redirect URI to append to Okta OIDC application.\n"}},"requiredInputs":["appId","uri"],"stateInputs":{"description":"Input properties used for looking up and filtering OAuthPostLogoutRedirectUri resources.\n","properties":{"appId":{"type":"string","description":"OAuth application ID.\n","willReplaceOnChanges":true},"uri":{"type":"string","description":"Post Logout Redirect URI to append to Okta OIDC application.\n"}},"type":"object"}},"okta:app/oAuthRedirectUri:OAuthRedirectUri":{"description":"This resource allows you to manage redirection URI for use in redirect-based flows.\n\n\u003e \u003cspan pulumi-lang-nodejs=\"`okta.app.OAuthRedirectUri`\" pulumi-lang-dotnet=\"`okta.app.OAuthRedirectUri`\" pulumi-lang-go=\"`app.OAuthRedirectUri`\" pulumi-lang-python=\"`app.OAuthRedirectUri`\" pulumi-lang-yaml=\"`okta.app.OAuthRedirectUri`\" pulumi-lang-java=\"`okta.app.OAuthRedirectUri`\"\u003e`okta.app.OAuthRedirectUri`\u003c/span\u003e has been marked deprecated and will be removed\nin the v5 release of the provider. Operators should manage the redirect URIs for\nan oauth app directly on that resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst test = new okta.app.OAuth(\"test\", {\n    label: \"testAcc_replace_with_uuid\",\n    type: \"web\",\n    grantTypes: [\"authorization_code\"],\n    responseTypes: [\"code\"],\n    redirectUris: [\"myapp://callback\"],\n});\nconst testOAuthRedirectUri = new okta.app.OAuthRedirectUri(\"test\", {\n    appId: test.id,\n    uri: \"http://google.com\",\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\ntest = okta.app.OAuth(\"test\",\n    label=\"testAcc_replace_with_uuid\",\n    type=\"web\",\n    grant_types=[\"authorization_code\"],\n    response_types=[\"code\"],\n    redirect_uris=[\"myapp://callback\"])\ntest_o_auth_redirect_uri = okta.app.OAuthRedirectUri(\"test\",\n    app_id=test.id,\n    uri=\"http://google.com\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var test = new Okta.App.OAuth(\"test\", new()\n    {\n        Label = \"testAcc_replace_with_uuid\",\n        Type = \"web\",\n        GrantTypes = new[]\n        {\n            \"authorization_code\",\n        },\n        ResponseTypes = new[]\n        {\n            \"code\",\n        },\n        RedirectUris = new[]\n        {\n            \"myapp://callback\",\n        },\n    });\n\n    var testOAuthRedirectUri = new Okta.App.OAuthRedirectUri(\"test\", new()\n    {\n        AppId = test.Id,\n        Uri = \"http://google.com\",\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta/app\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttest, err := app.NewOAuth(ctx, \"test\", \u0026app.OAuthArgs{\n\t\t\tLabel: pulumi.String(\"testAcc_replace_with_uuid\"),\n\t\t\tType:  pulumi.String(\"web\"),\n\t\t\tGrantTypes: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"authorization_code\"),\n\t\t\t},\n\t\t\tResponseTypes: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"code\"),\n\t\t\t},\n\t\t\tRedirectUris: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"myapp://callback\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = app.NewOAuthRedirectUri(ctx, \"test\", \u0026app.OAuthRedirectUriArgs{\n\t\t\tAppId: test.ID(),\n\t\t\tUri:   pulumi.String(\"http://google.com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.app.OAuth;\nimport com.pulumi.okta.app.OAuthArgs;\nimport com.pulumi.okta.app.OAuthRedirectUri;\nimport com.pulumi.okta.app.OAuthRedirectUriArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        var test = new OAuth(\"test\", OAuthArgs.builder()\n            .label(\"testAcc_replace_with_uuid\")\n            .type(\"web\")\n            .grantTypes(\"authorization_code\")\n            .responseTypes(\"code\")\n            .redirectUris(\"myapp://callback\")\n            .build());\n\n        var testOAuthRedirectUri = new OAuthRedirectUri(\"testOAuthRedirectUri\", OAuthRedirectUriArgs.builder()\n            .appId(test.id())\n            .uri(\"http://google.com\")\n            .build());\n\n    }\n}\n```\n```yaml\nresources:\n  test:\n    type: okta:app:OAuth\n    properties:\n      label: testAcc_replace_with_uuid\n      type: web\n      grantTypes:\n        - authorization_code\n      responseTypes:\n        - code\n      redirectUris:\n        - myapp://callback\n  testOAuthRedirectUri:\n    type: okta:app:OAuthRedirectUri\n    name: test\n    properties:\n      appId: ${test.id}\n      uri: http://google.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\n```sh\n$ pulumi import okta:app/oAuthRedirectUri:OAuthRedirectUri example \u003capp_id\u003e/\u003curi\u003e\n```\n\n","properties":{"appId":{"type":"string","description":"OAuth application ID.\n"},"uri":{"type":"string","description":"Redirect URI to append to Okta OIDC application.\n"}},"required":["appId","uri"],"inputProperties":{"appId":{"type":"string","description":"OAuth application ID.\n","willReplaceOnChanges":true},"uri":{"type":"string","description":"Redirect URI to append to Okta OIDC application.\n"}},"requiredInputs":["appId","uri"],"stateInputs":{"description":"Input properties used for looking up and filtering OAuthRedirectUri resources.\n","properties":{"appId":{"type":"string","description":"OAuth application ID.\n","willReplaceOnChanges":true},"uri":{"type":"string","description":"Redirect URI to append to Okta OIDC application.\n"}},"type":"object"}},"okta:app/oauthRoleAssignment:OauthRoleAssignment":{"description":"Manages assignment of an admin role to an OAuth application\n\t\tThis resource allows you to assign an Okta admin role to a OAuth \n\t\tservice application. This requires the Okta tenant feature flag for this function to be enabled.\n\n## Import\n\n```sh\n$ pulumi import okta:app/oauthRoleAssignment:OauthRoleAssignment test \u003cclientID\u003e/\u003croleAssignmentID\u003e\n```\n\n","properties":{"clientId":{"type":"string","description":"Client ID for the role to be assigned to\n"},"label":{"type":"string","description":"Label of the role assignment\n"},"resourceSet":{"type":"string","description":"Resource set for the custom role to assign, must be the ID of the created resource set.\n"},"role":{"type":"string","description":"Custom Role ID\n"},"status":{"type":"string","description":"Status of the role assignment\n"},"type":{"type":"string","description":"Role type to assign. This can be one of the standard Okta roles, such as `HELP_DESK_ADMIN`, or `CUSTOM`. Using custom requires the \u003cspan pulumi-lang-nodejs=\"`resourceSet`\" pulumi-lang-dotnet=\"`ResourceSet`\" pulumi-lang-go=\"`resourceSet`\" pulumi-lang-python=\"`resource_set`\" pulumi-lang-yaml=\"`resourceSet`\" pulumi-lang-java=\"`resourceSet`\"\u003e`resource_set`\u003c/span\u003e and \u003cspan pulumi-lang-nodejs=\"`role`\" pulumi-lang-dotnet=\"`Role`\" pulumi-lang-go=\"`role`\" pulumi-lang-python=\"`role`\" pulumi-lang-yaml=\"`role`\" pulumi-lang-java=\"`role`\"\u003e`role`\u003c/span\u003e attributes to be set.\n"}},"required":["clientId","label","status","type"],"inputProperties":{"clientId":{"type":"string","description":"Client ID for the role to be assigned to\n"},"resourceSet":{"type":"string","description":"Resource set for the custom role to assign, must be the ID of the created resource set.\n"},"role":{"type":"string","description":"Custom Role ID\n"},"type":{"type":"string","description":"Role type to assign. This can be one of the standard Okta roles, such as `HELP_DESK_ADMIN`, or `CUSTOM`. Using custom requires the \u003cspan pulumi-lang-nodejs=\"`resourceSet`\" pulumi-lang-dotnet=\"`ResourceSet`\" pulumi-lang-go=\"`resourceSet`\" pulumi-lang-python=\"`resource_set`\" pulumi-lang-yaml=\"`resourceSet`\" pulumi-lang-java=\"`resourceSet`\"\u003e`resource_set`\u003c/span\u003e and \u003cspan pulumi-lang-nodejs=\"`role`\" pulumi-lang-dotnet=\"`Role`\" pulumi-lang-go=\"`role`\" pulumi-lang-python=\"`role`\" pulumi-lang-yaml=\"`role`\" pulumi-lang-java=\"`role`\"\u003e`role`\u003c/span\u003e attributes to be set.\n"}},"requiredInputs":["clientId","type"],"stateInputs":{"description":"Input properties used for looking up and filtering OauthRoleAssignment resources.\n","properties":{"clientId":{"type":"string","description":"Client ID for the role to be assigned to\n"},"label":{"type":"string","description":"Label of the role assignment\n"},"resourceSet":{"type":"string","description":"Resource set for the custom role to assign, must be the ID of the created resource set.\n"},"role":{"type":"string","description":"Custom Role ID\n"},"status":{"type":"string","description":"Status of the role assignment\n"},"type":{"type":"string","description":"Role type to assign. This can be one of the standard Okta roles, such as `HELP_DESK_ADMIN`, or `CUSTOM`. Using custom requires the \u003cspan pulumi-lang-nodejs=\"`resourceSet`\" pulumi-lang-dotnet=\"`ResourceSet`\" pulumi-lang-go=\"`resourceSet`\" pulumi-lang-python=\"`resource_set`\" pulumi-lang-yaml=\"`resourceSet`\" pulumi-lang-java=\"`resourceSet`\"\u003e`resource_set`\u003c/span\u003e and \u003cspan pulumi-lang-nodejs=\"`role`\" pulumi-lang-dotnet=\"`Role`\" pulumi-lang-go=\"`role`\" pulumi-lang-python=\"`role`\" pulumi-lang-yaml=\"`role`\" pulumi-lang-java=\"`role`\"\u003e`role`\u003c/span\u003e attributes to be set.\n"}},"type":"object"}},"okta:app/saml:Saml":{"description":"This resource allows you to create and configure a SAML Application.\n\u003e During an apply if there is change in 'status' the app will first be\nactivated or deactivated in accordance with the 'status' change. Then, all\nother arguments that changed will be applied.\n\t\t\n\u003e If you receive the error 'You do not have permission to access the feature\nyou are requesting' contact support and\nrequest feature flag 'ADVANCED_SSO' be applied to your org.\n\n## Import\n\n```sh\n$ pulumi import okta:app/saml:Saml example \u003capp_id\u003e\n```\n\n","properties":{"accessibilityErrorRedirectUrl":{"type":"string","description":"Custom error page URL\n"},"accessibilityLoginRedirectUrl":{"type":"string","description":"Custom login page URL\n"},"accessibilitySelfService":{"type":"boolean","description":"Enable self service. Default is \u003cspan pulumi-lang-nodejs=\"`false`\" pulumi-lang-dotnet=\"`False`\" pulumi-lang-go=\"`false`\" pulumi-lang-python=\"`false`\" pulumi-lang-yaml=\"`false`\" pulumi-lang-java=\"`false`\"\u003e`false`\u003c/span\u003e\n"},"acsEndpoints":{"type":"array","items":{"type":"string"},"description":"An array of ACS endpoints. You can configure a maximum of 100 endpoints.\n"},"acsEndpointsIndices":{"type":"array","items":{"$ref":"#/types/okta:app/SamlAcsEndpointsIndex:SamlAcsEndpointsIndex"},"description":"ACS endpoints along with custom index as a set of maps called \u003cspan pulumi-lang-nodejs=\"`acsEndpointsIndices`\" pulumi-lang-dotnet=\"`AcsEndpointsIndices`\" pulumi-lang-go=\"`acsEndpointsIndices`\" pulumi-lang-python=\"`acs_endpoints_indices`\" pulumi-lang-yaml=\"`acsEndpointsIndices`\" pulumi-lang-java=\"`acsEndpointsIndices`\"\u003e`acs_endpoints_indices`\u003c/span\u003e in JSON format.\n"},"adminNote":{"type":"string","description":"Application notes for admins.\n"},"appLinksJson":{"type":"string","description":"Displays specific appLinks for the app. The value for each application link should be boolean.\n"},"appSettingsJson":{"type":"string","description":"Application settings in JSON format\n"},"assertionSigned":{"type":"boolean","description":"Determines whether the SAML assertion is digitally signed\n"},"attributeStatements":{"type":"array","items":{"$ref":"#/types/okta:app/SamlAttributeStatement:SamlAttributeStatement"}},"audience":{"type":"string","description":"Audience Restriction\n"},"authenticationPolicy":{"type":"string","description":"The ID of the associated \u003cspan pulumi-lang-nodejs=\"`appSignonPolicy`\" pulumi-lang-dotnet=\"`AppSignonPolicy`\" pulumi-lang-go=\"`appSignonPolicy`\" pulumi-lang-python=\"`app_signon_policy`\" pulumi-lang-yaml=\"`appSignonPolicy`\" pulumi-lang-java=\"`appSignonPolicy`\"\u003e`app_signon_policy`\u003c/span\u003e. If this property is removed from the application the \u003cspan pulumi-lang-nodejs=\"`default`\" pulumi-lang-dotnet=\"`Default`\" pulumi-lang-go=\"`default`\" pulumi-lang-python=\"`default`\" pulumi-lang-yaml=\"`default`\" pulumi-lang-java=\"`default`\"\u003e`default`\u003c/span\u003e sign-on-policy will be associated with this application.y\n"},"authnContextClassRef":{"type":"string","description":"Identifies the SAML authentication context class for the assertion’s authentication statement\n"},"autoSubmitToolbar":{"type":"boolean","description":"Display auto submit toolbar. Default is: \u003cspan pulumi-lang-nodejs=\"`false`\" pulumi-lang-dotnet=\"`False`\" pulumi-lang-go=\"`false`\" pulumi-lang-python=\"`false`\" pulumi-lang-yaml=\"`false`\" pulumi-lang-java=\"`false`\"\u003e`false`\u003c/span\u003e\n"},"certificate":{"type":"string","description":"cert from SAML XML metadata payload\n"},"defaultRelayState":{"type":"string","description":"Identifies a specific application resource in an IDP initiated SSO scenario.\n"},"destination":{"type":"string","description":"Identifies the location where the SAML response is intended to be sent inside of the SAML assertion\n"},"digestAlgorithm":{"type":"string","description":"Determines the digest algorithm used to digitally sign the SAML assertion and response\n"},"embedUrl":{"type":"string","description":"The url that can be used to embed this application in other portals.\n"},"enduserNote":{"type":"string","description":"Application notes for end users.\n"},"entityKey":{"type":"string","description":"Entity ID, the ID portion of the entity_url\n"},"entityUrl":{"type":"string","description":"Entity URL for instance http://www.okta.com/exk1fcia6d6EMsf331d8\n"},"features":{"type":"array","items":{"type":"string"},"description":"features to enable\n"},"hideIos":{"type":"boolean","description":"Do not display application icon on mobile app\n"},"hideWeb":{"type":"boolean","description":"Do not display application icon to users\n"},"honorForceAuthn":{"type":"boolean","description":"Prompt user to re-authenticate if SP asks for it. Default is: \u003cspan pulumi-lang-nodejs=\"`false`\" pulumi-lang-dotnet=\"`False`\" pulumi-lang-go=\"`false`\" pulumi-lang-python=\"`false`\" pulumi-lang-yaml=\"`false`\" pulumi-lang-java=\"`false`\"\u003e`false`\u003c/span\u003e\n"},"httpPostBinding":{"type":"string","description":"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Post location from the SAML metadata.\n"},"httpRedirectBinding":{"type":"string","description":"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect location from the SAML metadata.\n"},"idpIssuer":{"type":"string","description":"SAML issuer ID\n"},"implicitAssignment":{"type":"boolean","description":"*Early Access Property*. Enable Federation Broker Mode.\n"},"inlineHookId":{"type":"string","description":"Saml Inline Hook setting\n"},"keyId":{"type":"string","description":"Certificate ID\n"},"keyName":{"type":"string","description":"Certificate name. This modulates the rotation of keys. New name == new key. Required to be set with \u003cspan pulumi-lang-nodejs=\"`keyYearsValid`\" pulumi-lang-dotnet=\"`KeyYearsValid`\" pulumi-lang-go=\"`keyYearsValid`\" pulumi-lang-python=\"`key_years_valid`\" pulumi-lang-yaml=\"`keyYearsValid`\" pulumi-lang-java=\"`keyYearsValid`\"\u003e`key_years_valid`\u003c/span\u003e\n"},"keyYearsValid":{"type":"integer","description":"Number of years the certificate is valid (2 - 10 years).\n"},"keys":{"type":"array","items":{"$ref":"#/types/okta:app/SamlKey:SamlKey"},"description":"Application keys\n"},"label":{"type":"string","description":"The Application's display name.\n"},"logo":{"type":"string","description":"Local file path to the logo. The file must be in PNG, JPG, or GIF format, and less than 1 MB in size.\n"},"logoUrl":{"type":"string","description":"URL of the application's logo\n"},"metadata":{"type":"string","description":"SAML xml metadata payload\n"},"metadataUrl":{"type":"string","description":"SAML xml metadata URL\n"},"name":{"type":"string","description":"Name of the app.\n"},"preconfiguredApp":{"type":"string","description":"Name of application from the Okta Integration Network. For instance 'slack'. If not included a custom app will be created.  If not provided the following arguments are required:\n'sso*url'\n'recipient'\n'destination'\n'audience'\n'subject*name*id*template'\n'subject*name*id*format'\n'signature*algorithm'\n'digest*algorithm'\n'authn*context*class*ref'\n"},"recipient":{"type":"string","description":"The location where the app may present the SAML assertion\n"},"requestCompressed":{"type":"boolean","description":"Denotes whether the request is compressed or not.\n"},"responseSigned":{"type":"boolean","description":"Determines whether the SAML auth response message is digitally signed\n"},"samlSignedRequestEnabled":{"type":"boolean","description":"SAML Signed Request enabled\n"},"samlVersion":{"type":"string","description":"SAML version for the app's sign-on mode. Valid values are: `2.0` or `1.1`. Default is `2.0`\n"},"signOnMode":{"type":"string","description":"Sign on mode of application.\n"},"signatureAlgorithm":{"type":"string","description":"Signature algorithm used to digitally sign the assertion and response\n"},"singleLogoutCertificate":{"type":"string","description":"x509 encoded certificate that the Service Provider uses to sign Single Logout requests. Note: should be provided without `-----BEGIN CERTIFICATE-----` and `-----END CERTIFICATE-----`, see [official documentation](https://developer.okta.com/docs/reference/api/apps/#service-provider-certificate).\n"},"singleLogoutIssuer":{"type":"string","description":"The issuer of the Service Provider that generates the Single Logout request\n"},"singleLogoutUrl":{"type":"string","description":"The location where the logout response is sent\n"},"spIssuer":{"type":"string","description":"SAML SP issuer ID\n"},"ssoUrl":{"type":"string","description":"Single Sign On URL\n"},"status":{"type":"string","description":"Status of application. By default, it is `ACTIVE`\n"},"subjectNameIdFormat":{"type":"string","description":"Identifies the SAML processing rules.\n"},"subjectNameIdTemplate":{"type":"string","description":"Template for app user's username when a user is assigned to the app\n"},"userNameTemplate":{"type":"string","description":"Username template. Default: `${source.login}`\n"},"userNameTemplatePushStatus":{"type":"string","description":"Push username on update. Valid values: `PUSH` and `DONT_PUSH`\n"},"userNameTemplateSuffix":{"type":"string","description":"Username template suffix\n"},"userNameTemplateType":{"type":"string","description":"Username template type. Default: `BUILT_IN`\n"}},"required":["authenticationPolicy","certificate","embedUrl","entityKey","entityUrl","features","httpPostBinding","httpRedirectBinding","keyId","keys","label","logoUrl","metadata","metadataUrl","name","signOnMode"],"inputProperties":{"accessibilityErrorRedirectUrl":{"type":"string","description":"Custom error page URL\n"},"accessibilityLoginRedirectUrl":{"type":"string","description":"Custom login page URL\n"},"accessibilitySelfService":{"type":"boolean","description":"Enable self service. Default is \u003cspan pulumi-lang-nodejs=\"`false`\" pulumi-lang-dotnet=\"`False`\" pulumi-lang-go=\"`false`\" pulumi-lang-python=\"`false`\" pulumi-lang-yaml=\"`false`\" pulumi-lang-java=\"`false`\"\u003e`false`\u003c/span\u003e\n"},"acsEndpoints":{"type":"array","items":{"type":"string"},"description":"An array of ACS endpoints. You can configure a maximum of 100 endpoints.\n"},"acsEndpointsIndices":{"type":"array","items":{"$ref":"#/types/okta:app/SamlAcsEndpointsIndex:SamlAcsEndpointsIndex"},"description":"ACS endpoints along with custom index as a set of maps called \u003cspan pulumi-lang-nodejs=\"`acsEndpointsIndices`\" pulumi-lang-dotnet=\"`AcsEndpointsIndices`\" pulumi-lang-go=\"`acsEndpointsIndices`\" pulumi-lang-python=\"`acs_endpoints_indices`\" pulumi-lang-yaml=\"`acsEndpointsIndices`\" pulumi-lang-java=\"`acsEndpointsIndices`\"\u003e`acs_endpoints_indices`\u003c/span\u003e in JSON format.\n"},"adminNote":{"type":"string","description":"Application notes for admins.\n"},"appLinksJson":{"type":"string","description":"Displays specific appLinks for the app. The value for each application link should be boolean.\n"},"appSettingsJson":{"type":"string","description":"Application settings in JSON format\n"},"assertionSigned":{"type":"boolean","description":"Determines whether the SAML assertion is digitally signed\n"},"attributeStatements":{"type":"array","items":{"$ref":"#/types/okta:app/SamlAttributeStatement:SamlAttributeStatement"}},"audience":{"type":"string","description":"Audience Restriction\n"},"authenticationPolicy":{"type":"string","description":"The ID of the associated \u003cspan pulumi-lang-nodejs=\"`appSignonPolicy`\" pulumi-lang-dotnet=\"`AppSignonPolicy`\" pulumi-lang-go=\"`appSignonPolicy`\" pulumi-lang-python=\"`app_signon_policy`\" pulumi-lang-yaml=\"`appSignonPolicy`\" pulumi-lang-java=\"`appSignonPolicy`\"\u003e`app_signon_policy`\u003c/span\u003e. If this property is removed from the application the \u003cspan pulumi-lang-nodejs=\"`default`\" pulumi-lang-dotnet=\"`Default`\" pulumi-lang-go=\"`default`\" pulumi-lang-python=\"`default`\" pulumi-lang-yaml=\"`default`\" pulumi-lang-java=\"`default`\"\u003e`default`\u003c/span\u003e sign-on-policy will be associated with this application.y\n"},"authnContextClassRef":{"type":"string","description":"Identifies the SAML authentication context class for the assertion’s authentication statement\n"},"autoSubmitToolbar":{"type":"boolean","description":"Display auto submit toolbar. Default is: \u003cspan pulumi-lang-nodejs=\"`false`\" pulumi-lang-dotnet=\"`False`\" pulumi-lang-go=\"`false`\" pulumi-lang-python=\"`false`\" pulumi-lang-yaml=\"`false`\" pulumi-lang-java=\"`false`\"\u003e`false`\u003c/span\u003e\n"},"defaultRelayState":{"type":"string","description":"Identifies a specific application resource in an IDP initiated SSO scenario.\n"},"destination":{"type":"string","description":"Identifies the location where the SAML response is intended to be sent inside of the SAML assertion\n"},"digestAlgorithm":{"type":"string","description":"Determines the digest algorithm used to digitally sign the SAML assertion and response\n"},"enduserNote":{"type":"string","description":"Application notes for end users.\n"},"hideIos":{"type":"boolean","description":"Do not display application icon on mobile app\n"},"hideWeb":{"type":"boolean","description":"Do not display application icon to users\n"},"honorForceAuthn":{"type":"boolean","description":"Prompt user to re-authenticate if SP asks for it. Default is: \u003cspan pulumi-lang-nodejs=\"`false`\" pulumi-lang-dotnet=\"`False`\" pulumi-lang-go=\"`false`\" pulumi-lang-python=\"`false`\" pulumi-lang-yaml=\"`false`\" pulumi-lang-java=\"`false`\"\u003e`false`\u003c/span\u003e\n"},"idpIssuer":{"type":"string","description":"SAML issuer ID\n"},"implicitAssignment":{"type":"boolean","description":"*Early Access Property*. Enable Federation Broker Mode.\n"},"inlineHookId":{"type":"string","description":"Saml Inline Hook setting\n"},"keyName":{"type":"string","description":"Certificate name. This modulates the rotation of keys. New name == new key. Required to be set with \u003cspan pulumi-lang-nodejs=\"`keyYearsValid`\" pulumi-lang-dotnet=\"`KeyYearsValid`\" pulumi-lang-go=\"`keyYearsValid`\" pulumi-lang-python=\"`key_years_valid`\" pulumi-lang-yaml=\"`keyYearsValid`\" pulumi-lang-java=\"`keyYearsValid`\"\u003e`key_years_valid`\u003c/span\u003e\n"},"keyYearsValid":{"type":"integer","description":"Number of years the certificate is valid (2 - 10 years).\n"},"label":{"type":"string","description":"The Application's display name.\n"},"logo":{"type":"string","description":"Local file path to the logo. The file must be in PNG, JPG, or GIF format, and less than 1 MB in size.\n"},"preconfiguredApp":{"type":"string","description":"Name of application from the Okta Integration Network. For instance 'slack'. If not included a custom app will be created.  If not provided the following arguments are required:\n'sso*url'\n'recipient'\n'destination'\n'audience'\n'subject*name*id*template'\n'subject*name*id*format'\n'signature*algorithm'\n'digest*algorithm'\n'authn*context*class*ref'\n","willReplaceOnChanges":true},"recipient":{"type":"string","description":"The location where the app may present the SAML assertion\n"},"requestCompressed":{"type":"boolean","description":"Denotes whether the request is compressed or not.\n"},"responseSigned":{"type":"boolean","description":"Determines whether the SAML auth response message is digitally signed\n"},"samlSignedRequestEnabled":{"type":"boolean","description":"SAML Signed Request enabled\n"},"samlVersion":{"type":"string","description":"SAML version for the app's sign-on mode. Valid values are: `2.0` or `1.1`. Default is `2.0`\n"},"signatureAlgorithm":{"type":"string","description":"Signature algorithm used to digitally sign the assertion and response\n"},"singleLogoutCertificate":{"type":"string","description":"x509 encoded certificate that the Service Provider uses to sign Single Logout requests. Note: should be provided without `-----BEGIN CERTIFICATE-----` and `-----END CERTIFICATE-----`, see [official documentation](https://developer.okta.com/docs/reference/api/apps/#service-provider-certificate).\n"},"singleLogoutIssuer":{"type":"string","description":"The issuer of the Service Provider that generates the Single Logout request\n"},"singleLogoutUrl":{"type":"string","description":"The location where the logout response is sent\n"},"spIssuer":{"type":"string","description":"SAML SP issuer ID\n"},"ssoUrl":{"type":"string","description":"Single Sign On URL\n"},"status":{"type":"string","description":"Status of application. By default, it is `ACTIVE`\n"},"subjectNameIdFormat":{"type":"string","description":"Identifies the SAML processing rules.\n"},"subjectNameIdTemplate":{"type":"string","description":"Template for app user's username when a user is assigned to the app\n"},"userNameTemplate":{"type":"string","description":"Username template. Default: `${source.login}`\n"},"userNameTemplatePushStatus":{"type":"string","description":"Push username on update. Valid values: `PUSH` and `DONT_PUSH`\n"},"userNameTemplateSuffix":{"type":"string","description":"Username template suffix\n"},"userNameTemplateType":{"type":"string","description":"Username template type. Default: `BUILT_IN`\n"}},"requiredInputs":["label"],"stateInputs":{"description":"Input properties used for looking up and filtering Saml resources.\n","properties":{"accessibilityErrorRedirectUrl":{"type":"string","description":"Custom error page URL\n"},"accessibilityLoginRedirectUrl":{"type":"string","description":"Custom login page URL\n"},"accessibilitySelfService":{"type":"boolean","description":"Enable self service. Default is \u003cspan pulumi-lang-nodejs=\"`false`\" pulumi-lang-dotnet=\"`False`\" pulumi-lang-go=\"`false`\" pulumi-lang-python=\"`false`\" pulumi-lang-yaml=\"`false`\" pulumi-lang-java=\"`false`\"\u003e`false`\u003c/span\u003e\n"},"acsEndpoints":{"type":"array","items":{"type":"string"},"description":"An array of ACS endpoints. You can configure a maximum of 100 endpoints.\n"},"acsEndpointsIndices":{"type":"array","items":{"$ref":"#/types/okta:app/SamlAcsEndpointsIndex:SamlAcsEndpointsIndex"},"description":"ACS endpoints along with custom index as a set of maps called \u003cspan pulumi-lang-nodejs=\"`acsEndpointsIndices`\" pulumi-lang-dotnet=\"`AcsEndpointsIndices`\" pulumi-lang-go=\"`acsEndpointsIndices`\" pulumi-lang-python=\"`acs_endpoints_indices`\" pulumi-lang-yaml=\"`acsEndpointsIndices`\" pulumi-lang-java=\"`acsEndpointsIndices`\"\u003e`acs_endpoints_indices`\u003c/span\u003e in JSON format.\n"},"adminNote":{"type":"string","description":"Application notes for admins.\n"},"appLinksJson":{"type":"string","description":"Displays specific appLinks for the app. The value for each application link should be boolean.\n"},"appSettingsJson":{"type":"string","description":"Application settings in JSON format\n"},"assertionSigned":{"type":"boolean","description":"Determines whether the SAML assertion is digitally signed\n"},"attributeStatements":{"type":"array","items":{"$ref":"#/types/okta:app/SamlAttributeStatement:SamlAttributeStatement"}},"audience":{"type":"string","description":"Audience Restriction\n"},"authenticationPolicy":{"type":"string","description":"The ID of the associated \u003cspan pulumi-lang-nodejs=\"`appSignonPolicy`\" pulumi-lang-dotnet=\"`AppSignonPolicy`\" pulumi-lang-go=\"`appSignonPolicy`\" pulumi-lang-python=\"`app_signon_policy`\" pulumi-lang-yaml=\"`appSignonPolicy`\" pulumi-lang-java=\"`appSignonPolicy`\"\u003e`app_signon_policy`\u003c/span\u003e. If this property is removed from the application the \u003cspan pulumi-lang-nodejs=\"`default`\" pulumi-lang-dotnet=\"`Default`\" pulumi-lang-go=\"`default`\" pulumi-lang-python=\"`default`\" pulumi-lang-yaml=\"`default`\" pulumi-lang-java=\"`default`\"\u003e`default`\u003c/span\u003e sign-on-policy will be associated with this application.y\n"},"authnContextClassRef":{"type":"string","description":"Identifies the SAML authentication context class for the assertion’s authentication statement\n"},"autoSubmitToolbar":{"type":"boolean","description":"Display auto submit toolbar. Default is: \u003cspan pulumi-lang-nodejs=\"`false`\" pulumi-lang-dotnet=\"`False`\" pulumi-lang-go=\"`false`\" pulumi-lang-python=\"`false`\" pulumi-lang-yaml=\"`false`\" pulumi-lang-java=\"`false`\"\u003e`false`\u003c/span\u003e\n"},"certificate":{"type":"string","description":"cert from SAML XML metadata payload\n"},"defaultRelayState":{"type":"string","description":"Identifies a specific application resource in an IDP initiated SSO scenario.\n"},"destination":{"type":"string","description":"Identifies the location where the SAML response is intended to be sent inside of the SAML assertion\n"},"digestAlgorithm":{"type":"string","description":"Determines the digest algorithm used to digitally sign the SAML assertion and response\n"},"embedUrl":{"type":"string","description":"The url that can be used to embed this application in other portals.\n"},"enduserNote":{"type":"string","description":"Application notes for end users.\n"},"entityKey":{"type":"string","description":"Entity ID, the ID portion of the entity_url\n"},"entityUrl":{"type":"string","description":"Entity URL for instance http://www.okta.com/exk1fcia6d6EMsf331d8\n"},"features":{"type":"array","items":{"type":"string"},"description":"features to enable\n"},"hideIos":{"type":"boolean","description":"Do not display application icon on mobile app\n"},"hideWeb":{"type":"boolean","description":"Do not display application icon to users\n"},"honorForceAuthn":{"type":"boolean","description":"Prompt user to re-authenticate if SP asks for it. Default is: \u003cspan pulumi-lang-nodejs=\"`false`\" pulumi-lang-dotnet=\"`False`\" pulumi-lang-go=\"`false`\" pulumi-lang-python=\"`false`\" pulumi-lang-yaml=\"`false`\" pulumi-lang-java=\"`false`\"\u003e`false`\u003c/span\u003e\n"},"httpPostBinding":{"type":"string","description":"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Post location from the SAML metadata.\n"},"httpRedirectBinding":{"type":"string","description":"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect location from the SAML metadata.\n"},"idpIssuer":{"type":"string","description":"SAML issuer ID\n"},"implicitAssignment":{"type":"boolean","description":"*Early Access Property*. Enable Federation Broker Mode.\n"},"inlineHookId":{"type":"string","description":"Saml Inline Hook setting\n"},"keyId":{"type":"string","description":"Certificate ID\n"},"keyName":{"type":"string","description":"Certificate name. This modulates the rotation of keys. New name == new key. Required to be set with \u003cspan pulumi-lang-nodejs=\"`keyYearsValid`\" pulumi-lang-dotnet=\"`KeyYearsValid`\" pulumi-lang-go=\"`keyYearsValid`\" pulumi-lang-python=\"`key_years_valid`\" pulumi-lang-yaml=\"`keyYearsValid`\" pulumi-lang-java=\"`keyYearsValid`\"\u003e`key_years_valid`\u003c/span\u003e\n"},"keyYearsValid":{"type":"integer","description":"Number of years the certificate is valid (2 - 10 years).\n"},"keys":{"type":"array","items":{"$ref":"#/types/okta:app/SamlKey:SamlKey"},"description":"Application keys\n"},"label":{"type":"string","description":"The Application's display name.\n"},"logo":{"type":"string","description":"Local file path to the logo. The file must be in PNG, JPG, or GIF format, and less than 1 MB in size.\n"},"logoUrl":{"type":"string","description":"URL of the application's logo\n"},"metadata":{"type":"string","description":"SAML xml metadata payload\n"},"metadataUrl":{"type":"string","description":"SAML xml metadata URL\n"},"name":{"type":"string","description":"Name of the app.\n"},"preconfiguredApp":{"type":"string","description":"Name of application from the Okta Integration Network. For instance 'slack'. If not included a custom app will be created.  If not provided the following arguments are required:\n'sso*url'\n'recipient'\n'destination'\n'audience'\n'subject*name*id*template'\n'subject*name*id*format'\n'signature*algorithm'\n'digest*algorithm'\n'authn*context*class*ref'\n","willReplaceOnChanges":true},"recipient":{"type":"string","description":"The location where the app may present the SAML assertion\n"},"requestCompressed":{"type":"boolean","description":"Denotes whether the request is compressed or not.\n"},"responseSigned":{"type":"boolean","description":"Determines whether the SAML auth response message is digitally signed\n"},"samlSignedRequestEnabled":{"type":"boolean","description":"SAML Signed Request enabled\n"},"samlVersion":{"type":"string","description":"SAML version for the app's sign-on mode. Valid values are: `2.0` or `1.1`. Default is `2.0`\n"},"signOnMode":{"type":"string","description":"Sign on mode of application.\n"},"signatureAlgorithm":{"type":"string","description":"Signature algorithm used to digitally sign the assertion and response\n"},"singleLogoutCertificate":{"type":"string","description":"x509 encoded certificate that the Service Provider uses to sign Single Logout requests. Note: should be provided without `-----BEGIN CERTIFICATE-----` and `-----END CERTIFICATE-----`, see [official documentation](https://developer.okta.com/docs/reference/api/apps/#service-provider-certificate).\n"},"singleLogoutIssuer":{"type":"string","description":"The issuer of the Service Provider that generates the Single Logout request\n"},"singleLogoutUrl":{"type":"string","description":"The location where the logout response is sent\n"},"spIssuer":{"type":"string","description":"SAML SP issuer ID\n"},"ssoUrl":{"type":"string","description":"Single Sign On URL\n"},"status":{"type":"string","description":"Status of application. By default, it is `ACTIVE`\n"},"subjectNameIdFormat":{"type":"string","description":"Identifies the SAML processing rules.\n"},"subjectNameIdTemplate":{"type":"string","description":"Template for app user's username when a user is assigned to the app\n"},"userNameTemplate":{"type":"string","description":"Username template. Default: `${source.login}`\n"},"userNameTemplatePushStatus":{"type":"string","description":"Push username on update. Valid values: `PUSH` and `DONT_PUSH`\n"},"userNameTemplateSuffix":{"type":"string","description":"Username template suffix\n"},"userNameTemplateType":{"type":"string","description":"Username template type. Default: `BUILT_IN`\n"}},"type":"object"}},"okta:app/securePasswordStore:SecurePasswordStore":{"description":"Creates a Secure Password Store Application.\n\t\n\t\tThis resource allows you to create and configure a Secure Password Store Application.\n\t\t\u003e During an apply if there is change in 'status' the app will first be\n\t\tactivated or deactivated in accordance with the 'status' change. Then, all\n\t\tother arguments that changed will be applied.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst example = new okta.app.SecurePasswordStore(\"example\", {\n    label: \"example\",\n    usernameField: \"user\",\n    passwordField: \"pass\",\n    url: \"https://test.com\",\n    credentialsScheme: \"ADMIN_SETS_CREDENTIALS\",\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\nexample = okta.app.SecurePasswordStore(\"example\",\n    label=\"example\",\n    username_field=\"user\",\n    password_field=\"pass\",\n    url=\"https://test.com\",\n    credentials_scheme=\"ADMIN_SETS_CREDENTIALS\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var example = new Okta.App.SecurePasswordStore(\"example\", new()\n    {\n        Label = \"example\",\n        UsernameField = \"user\",\n        PasswordField = \"pass\",\n        Url = \"https://test.com\",\n        CredentialsScheme = \"ADMIN_SETS_CREDENTIALS\",\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta/app\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := app.NewSecurePasswordStore(ctx, \"example\", \u0026app.SecurePasswordStoreArgs{\n\t\t\tLabel:             pulumi.String(\"example\"),\n\t\t\tUsernameField:     pulumi.String(\"user\"),\n\t\t\tPasswordField:     pulumi.String(\"pass\"),\n\t\t\tUrl:               pulumi.String(\"https://test.com\"),\n\t\t\tCredentialsScheme: pulumi.String(\"ADMIN_SETS_CREDENTIALS\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.app.SecurePasswordStore;\nimport com.pulumi.okta.app.SecurePasswordStoreArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        var example = new SecurePasswordStore(\"example\", SecurePasswordStoreArgs.builder()\n            .label(\"example\")\n            .usernameField(\"user\")\n            .passwordField(\"pass\")\n            .url(\"https://test.com\")\n            .credentialsScheme(\"ADMIN_SETS_CREDENTIALS\")\n            .build());\n\n    }\n}\n```\n```yaml\nresources:\n  example:\n    type: okta:app:SecurePasswordStore\n    properties:\n      label: example\n      usernameField: user\n      passwordField: pass\n      url: https://test.com\n      credentialsScheme: ADMIN_SETS_CREDENTIALS\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\n```sh\n$ pulumi import okta:app/securePasswordStore:SecurePasswordStore example \u003capp_id\u003e\n```\n\n","properties":{"accessibilityErrorRedirectUrl":{"type":"string","description":"Custom error page URL\n"},"accessibilityLoginRedirectUrl":{"type":"string","description":"Custom login page URL\n"},"accessibilitySelfService":{"type":"boolean","description":"Enable self service. Default is \u003cspan pulumi-lang-nodejs=\"`false`\" pulumi-lang-dotnet=\"`False`\" pulumi-lang-go=\"`false`\" pulumi-lang-python=\"`false`\" pulumi-lang-yaml=\"`false`\" pulumi-lang-java=\"`false`\"\u003e`false`\u003c/span\u003e\n"},"adminNote":{"type":"string","description":"Application notes for admins.\n"},"appLinksJson":{"type":"string","description":"Displays specific appLinks for the app. The value for each application link should be boolean.\n"},"autoSubmitToolbar":{"type":"boolean","description":"Display auto submit toolbar\n"},"credentialsScheme":{"type":"string","description":"Application credentials scheme. One of: `EDIT_USERNAME_AND_PASSWORD`, `ADMIN_SETS_CREDENTIALS`, `EDIT_PASSWORD_ONLY`, `EXTERNAL_PASSWORD_SYNC`, or `SHARED_USERNAME_AND_PASSWORD`\n"},"enduserNote":{"type":"string","description":"Application notes for end users.\n"},"hideIos":{"type":"boolean","description":"Do not display application icon on mobile app\n"},"hideWeb":{"type":"boolean","description":"Do not display application icon to users\n"},"label":{"type":"string","description":"The Application's display name.\n"},"logo":{"type":"string","description":"Local file path to the logo. The file must be in PNG, JPG, or GIF format, and less than 1 MB in size.\n"},"logoUrl":{"type":"string","description":"URL of the application's logo\n"},"name":{"type":"string","description":"Name of the app.\n"},"optionalField1":{"type":"string","description":"Name of optional param in the login form\n"},"optionalField1Value":{"type":"string","description":"Name of optional value in login form\n"},"optionalField2":{"type":"string","description":"Name of optional param in the login form\n"},"optionalField2Value":{"type":"string","description":"Name of optional value in login form\n"},"optionalField3":{"type":"string","description":"Name of optional param in the login form\n"},"optionalField3Value":{"type":"string","description":"Name of optional value in login form\n"},"passwordField":{"type":"string","description":"Login password field\n"},"revealPassword":{"type":"boolean","description":"Allow user to reveal password. It can not be set to \u003cspan pulumi-lang-nodejs=\"`true`\" pulumi-lang-dotnet=\"`True`\" pulumi-lang-go=\"`true`\" pulumi-lang-python=\"`true`\" pulumi-lang-yaml=\"`true`\" pulumi-lang-java=\"`true`\"\u003e`true`\u003c/span\u003e if \u003cspan pulumi-lang-nodejs=\"`credentialsScheme`\" pulumi-lang-dotnet=\"`CredentialsScheme`\" pulumi-lang-go=\"`credentialsScheme`\" pulumi-lang-python=\"`credentials_scheme`\" pulumi-lang-yaml=\"`credentialsScheme`\" pulumi-lang-java=\"`credentialsScheme`\"\u003e`credentials_scheme`\u003c/span\u003e is `ADMIN_SETS_CREDENTIALS`, `SHARED_USERNAME_AND_PASSWORD` or `EXTERNAL_PASSWORD_SYNC`.\n"},"sharedPassword":{"type":"string","description":"Shared password, required for certain schemes.\n"},"sharedUsername":{"type":"string","description":"Shared username, required for certain schemes.\n"},"signOnMode":{"type":"string","description":"Sign on mode of application.\n"},"status":{"type":"string","description":"Status of application. By default, it is `ACTIVE`\n"},"url":{"type":"string","description":"Login URL\n"},"userNameTemplate":{"type":"string","description":"Username template. Default: `${source.login}`\n"},"userNameTemplatePushStatus":{"type":"string","description":"Push username on update. Valid values: `PUSH` and `DONT_PUSH`\n"},"userNameTemplateSuffix":{"type":"string","description":"Username template suffix\n"},"userNameTemplateType":{"type":"string","description":"Username template type. Default: `BUILT_IN`\n"},"usernameField":{"type":"string","description":"Login username field\n"}},"required":["label","logoUrl","name","passwordField","signOnMode","url","usernameField"],"inputProperties":{"accessibilityErrorRedirectUrl":{"type":"string","description":"Custom error page URL\n"},"accessibilityLoginRedirectUrl":{"type":"string","description":"Custom login page URL\n"},"accessibilitySelfService":{"type":"boolean","description":"Enable self service. Default is \u003cspan pulumi-lang-nodejs=\"`false`\" pulumi-lang-dotnet=\"`False`\" pulumi-lang-go=\"`false`\" pulumi-lang-python=\"`false`\" pulumi-lang-yaml=\"`false`\" pulumi-lang-java=\"`false`\"\u003e`false`\u003c/span\u003e\n"},"adminNote":{"type":"string","description":"Application notes for admins.\n"},"appLinksJson":{"type":"string","description":"Displays specific appLinks for the app. The value for each application link should be boolean.\n"},"autoSubmitToolbar":{"type":"boolean","description":"Display auto submit toolbar\n"},"credentialsScheme":{"type":"string","description":"Application credentials scheme. One of: `EDIT_USERNAME_AND_PASSWORD`, `ADMIN_SETS_CREDENTIALS`, `EDIT_PASSWORD_ONLY`, `EXTERNAL_PASSWORD_SYNC`, or `SHARED_USERNAME_AND_PASSWORD`\n"},"enduserNote":{"type":"string","description":"Application notes for end users.\n"},"hideIos":{"type":"boolean","description":"Do not display application icon on mobile app\n"},"hideWeb":{"type":"boolean","description":"Do not display application icon to users\n"},"label":{"type":"string","description":"The Application's display name.\n"},"logo":{"type":"string","description":"Local file path to the logo. The file must be in PNG, JPG, or GIF format, and less than 1 MB in size.\n"},"optionalField1":{"type":"string","description":"Name of optional param in the login form\n"},"optionalField1Value":{"type":"string","description":"Name of optional value in login form\n"},"optionalField2":{"type":"string","description":"Name of optional param in the login form\n"},"optionalField2Value":{"type":"string","description":"Name of optional value in login form\n"},"optionalField3":{"type":"string","description":"Name of optional param in the login form\n"},"optionalField3Value":{"type":"string","description":"Name of optional value in login form\n"},"passwordField":{"type":"string","description":"Login password field\n"},"revealPassword":{"type":"boolean","description":"Allow user to reveal password. It can not be set to \u003cspan pulumi-lang-nodejs=\"`true`\" pulumi-lang-dotnet=\"`True`\" pulumi-lang-go=\"`true`\" pulumi-lang-python=\"`true`\" pulumi-lang-yaml=\"`true`\" pulumi-lang-java=\"`true`\"\u003e`true`\u003c/span\u003e if \u003cspan pulumi-lang-nodejs=\"`credentialsScheme`\" pulumi-lang-dotnet=\"`CredentialsScheme`\" pulumi-lang-go=\"`credentialsScheme`\" pulumi-lang-python=\"`credentials_scheme`\" pulumi-lang-yaml=\"`credentialsScheme`\" pulumi-lang-java=\"`credentialsScheme`\"\u003e`credentials_scheme`\u003c/span\u003e is `ADMIN_SETS_CREDENTIALS`, `SHARED_USERNAME_AND_PASSWORD` or `EXTERNAL_PASSWORD_SYNC`.\n"},"sharedPassword":{"type":"string","description":"Shared password, required for certain schemes.\n"},"sharedUsername":{"type":"string","description":"Shared username, required for certain schemes.\n"},"status":{"type":"string","description":"Status of application. By default, it is `ACTIVE`\n"},"url":{"type":"string","description":"Login URL\n"},"userNameTemplate":{"type":"string","description":"Username template. Default: `${source.login}`\n"},"userNameTemplatePushStatus":{"type":"string","description":"Push username on update. Valid values: `PUSH` and `DONT_PUSH`\n"},"userNameTemplateSuffix":{"type":"string","description":"Username template suffix\n"},"userNameTemplateType":{"type":"string","description":"Username template type. Default: `BUILT_IN`\n"},"usernameField":{"type":"string","description":"Login username field\n"}},"requiredInputs":["label","passwordField","url","usernameField"],"stateInputs":{"description":"Input properties used for looking up and filtering SecurePasswordStore resources.\n","properties":{"accessibilityErrorRedirectUrl":{"type":"string","description":"Custom error page URL\n"},"accessibilityLoginRedirectUrl":{"type":"string","description":"Custom login page URL\n"},"accessibilitySelfService":{"type":"boolean","description":"Enable self service. Default is \u003cspan pulumi-lang-nodejs=\"`false`\" pulumi-lang-dotnet=\"`False`\" pulumi-lang-go=\"`false`\" pulumi-lang-python=\"`false`\" pulumi-lang-yaml=\"`false`\" pulumi-lang-java=\"`false`\"\u003e`false`\u003c/span\u003e\n"},"adminNote":{"type":"string","description":"Application notes for admins.\n"},"appLinksJson":{"type":"string","description":"Displays specific appLinks for the app. The value for each application link should be boolean.\n"},"autoSubmitToolbar":{"type":"boolean","description":"Display auto submit toolbar\n"},"credentialsScheme":{"type":"string","description":"Application credentials scheme. One of: `EDIT_USERNAME_AND_PASSWORD`, `ADMIN_SETS_CREDENTIALS`, `EDIT_PASSWORD_ONLY`, `EXTERNAL_PASSWORD_SYNC`, or `SHARED_USERNAME_AND_PASSWORD`\n"},"enduserNote":{"type":"string","description":"Application notes for end users.\n"},"hideIos":{"type":"boolean","description":"Do not display application icon on mobile app\n"},"hideWeb":{"type":"boolean","description":"Do not display application icon to users\n"},"label":{"type":"string","description":"The Application's display name.\n"},"logo":{"type":"string","description":"Local file path to the logo. The file must be in PNG, JPG, or GIF format, and less than 1 MB in size.\n"},"logoUrl":{"type":"string","description":"URL of the application's logo\n"},"name":{"type":"string","description":"Name of the app.\n"},"optionalField1":{"type":"string","description":"Name of optional param in the login form\n"},"optionalField1Value":{"type":"string","description":"Name of optional value in login form\n"},"optionalField2":{"type":"string","description":"Name of optional param in the login form\n"},"optionalField2Value":{"type":"string","description":"Name of optional value in login form\n"},"optionalField3":{"type":"string","description":"Name of optional param in the login form\n"},"optionalField3Value":{"type":"string","description":"Name of optional value in login form\n"},"passwordField":{"type":"string","description":"Login password field\n"},"revealPassword":{"type":"boolean","description":"Allow user to reveal password. It can not be set to \u003cspan pulumi-lang-nodejs=\"`true`\" pulumi-lang-dotnet=\"`True`\" pulumi-lang-go=\"`true`\" pulumi-lang-python=\"`true`\" pulumi-lang-yaml=\"`true`\" pulumi-lang-java=\"`true`\"\u003e`true`\u003c/span\u003e if \u003cspan pulumi-lang-nodejs=\"`credentialsScheme`\" pulumi-lang-dotnet=\"`CredentialsScheme`\" pulumi-lang-go=\"`credentialsScheme`\" pulumi-lang-python=\"`credentials_scheme`\" pulumi-lang-yaml=\"`credentialsScheme`\" pulumi-lang-java=\"`credentialsScheme`\"\u003e`credentials_scheme`\u003c/span\u003e is `ADMIN_SETS_CREDENTIALS`, `SHARED_USERNAME_AND_PASSWORD` or `EXTERNAL_PASSWORD_SYNC`.\n"},"sharedPassword":{"type":"string","description":"Shared password, required for certain schemes.\n"},"sharedUsername":{"type":"string","description":"Shared username, required for certain schemes.\n"},"signOnMode":{"type":"string","description":"Sign on mode of application.\n"},"status":{"type":"string","description":"Status of application. By default, it is `ACTIVE`\n"},"url":{"type":"string","description":"Login URL\n"},"userNameTemplate":{"type":"string","description":"Username template. Default: `${source.login}`\n"},"userNameTemplatePushStatus":{"type":"string","description":"Push username on update. Valid values: `PUSH` and `DONT_PUSH`\n"},"userNameTemplateSuffix":{"type":"string","description":"Username template suffix\n"},"userNameTemplateType":{"type":"string","description":"Username template type. Default: `BUILT_IN`\n"},"usernameField":{"type":"string","description":"Login username field\n"}},"type":"object"}},"okta:app/swa:Swa":{"description":"Creates a SWA Application.\n\t\t\nThis resource allows you to create and configure a SWA Application.\n\u003e During an apply if there is change in 'status' the app will first be\nactivated or deactivated in accordance with the 'status' change. Then, all\nother arguments that changed will be applied.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst example = new okta.app.Swa(\"example\", {\n    label: \"example\",\n    buttonField: \"btn-login\",\n    passwordField: \"txtbox-password\",\n    usernameField: \"txtbox-username\",\n    url: \"https://example.com/login.html\",\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\nexample = okta.app.Swa(\"example\",\n    label=\"example\",\n    button_field=\"btn-login\",\n    password_field=\"txtbox-password\",\n    username_field=\"txtbox-username\",\n    url=\"https://example.com/login.html\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var example = new Okta.App.Swa(\"example\", new()\n    {\n        Label = \"example\",\n        ButtonField = \"btn-login\",\n        PasswordField = \"txtbox-password\",\n        UsernameField = \"txtbox-username\",\n        Url = \"https://example.com/login.html\",\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta/app\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := app.NewSwa(ctx, \"example\", \u0026app.SwaArgs{\n\t\t\tLabel:         pulumi.String(\"example\"),\n\t\t\tButtonField:   pulumi.String(\"btn-login\"),\n\t\t\tPasswordField: pulumi.String(\"txtbox-password\"),\n\t\t\tUsernameField: pulumi.String(\"txtbox-username\"),\n\t\t\tUrl:           pulumi.String(\"https://example.com/login.html\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.app.Swa;\nimport com.pulumi.okta.app.SwaArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        var example = new Swa(\"example\", SwaArgs.builder()\n            .label(\"example\")\n            .buttonField(\"btn-login\")\n            .passwordField(\"txtbox-password\")\n            .usernameField(\"txtbox-username\")\n            .url(\"https://example.com/login.html\")\n            .build());\n\n    }\n}\n```\n```yaml\nresources:\n  example:\n    type: okta:app:Swa\n    properties:\n      label: example\n      buttonField: btn-login\n      passwordField: txtbox-password\n      usernameField: txtbox-username\n      url: https://example.com/login.html\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\n```sh\n$ pulumi import okta:app/swa:Swa example \u003capp_id\u003e\n```\n\n","properties":{"accessibilityErrorRedirectUrl":{"type":"string","description":"Custom error page URL\n"},"accessibilityLoginRedirectUrl":{"type":"string","description":"Custom login page URL\n"},"accessibilitySelfService":{"type":"boolean","description":"Enable self service. Default is \u003cspan pulumi-lang-nodejs=\"`false`\" pulumi-lang-dotnet=\"`False`\" pulumi-lang-go=\"`false`\" pulumi-lang-python=\"`false`\" pulumi-lang-yaml=\"`false`\" pulumi-lang-java=\"`false`\"\u003e`false`\u003c/span\u003e\n"},"adminNote":{"type":"string","description":"Application notes for admins.\n"},"appLinksJson":{"type":"string","description":"Displays specific appLinks for the app. The value for each application link should be boolean.\n"},"autoSubmitToolbar":{"type":"boolean","description":"Display auto submit toolbar\n"},"buttonField":{"type":"string","description":"Login button field\n"},"checkbox":{"type":"string","description":"CSS selector for the checkbox\n"},"enduserNote":{"type":"string","description":"Application notes for end users.\n"},"hideIos":{"type":"boolean","description":"Do not display application icon on mobile app\n"},"hideWeb":{"type":"boolean","description":"Do not display application icon to users\n"},"label":{"type":"string","description":"The Application's display name.\n"},"logo":{"type":"string","description":"Local file path to the logo. The file must be in PNG, JPG, or GIF format, and less than 1 MB in size.\n"},"logoUrl":{"type":"string","description":"URL of the application's logo\n"},"name":{"type":"string","description":"Name of the app.\n"},"passwordField":{"type":"string","description":"Login password field\n"},"preconfiguredApp":{"type":"string","description":"Preconfigured app name\n"},"redirectUrl":{"type":"string","description":"If going to the login page URL redirects to another page, then enter that URL here\n"},"signOnMode":{"type":"string","description":"Sign on mode of application.\n"},"status":{"type":"string","description":"Status of application. By default, it is `ACTIVE`\n"},"url":{"type":"string","description":"Login URL\n"},"urlRegex":{"type":"string","description":"A regex that further restricts URL to the specified regex\n"},"userNameTemplate":{"type":"string","description":"Username template. Default: `${source.login}`\n"},"userNameTemplatePushStatus":{"type":"string","description":"Push username on update. Valid values: `PUSH` and `DONT_PUSH`\n"},"userNameTemplateSuffix":{"type":"string","description":"Username template suffix\n"},"userNameTemplateType":{"type":"string","description":"Username template type. Default: `BUILT_IN`\n"},"usernameField":{"type":"string","description":"Login username field\n"}},"required":["label","logoUrl","name","signOnMode"],"inputProperties":{"accessibilityErrorRedirectUrl":{"type":"string","description":"Custom error page URL\n"},"accessibilityLoginRedirectUrl":{"type":"string","description":"Custom login page URL\n"},"accessibilitySelfService":{"type":"boolean","description":"Enable self service. Default is \u003cspan pulumi-lang-nodejs=\"`false`\" pulumi-lang-dotnet=\"`False`\" pulumi-lang-go=\"`false`\" pulumi-lang-python=\"`false`\" pulumi-lang-yaml=\"`false`\" pulumi-lang-java=\"`false`\"\u003e`false`\u003c/span\u003e\n"},"adminNote":{"type":"string","description":"Application notes for admins.\n"},"appLinksJson":{"type":"string","description":"Displays specific appLinks for the app. The value for each application link should be boolean.\n"},"autoSubmitToolbar":{"type":"boolean","description":"Display auto submit toolbar\n"},"buttonField":{"type":"string","description":"Login button field\n"},"checkbox":{"type":"string","description":"CSS selector for the checkbox\n"},"enduserNote":{"type":"string","description":"Application notes for end users.\n"},"hideIos":{"type":"boolean","description":"Do not display application icon on mobile app\n"},"hideWeb":{"type":"boolean","description":"Do not display application icon to users\n"},"label":{"type":"string","description":"The Application's display name.\n"},"logo":{"type":"string","description":"Local file path to the logo. The file must be in PNG, JPG, or GIF format, and less than 1 MB in size.\n"},"passwordField":{"type":"string","description":"Login password field\n"},"preconfiguredApp":{"type":"string","description":"Preconfigured app name\n"},"redirectUrl":{"type":"string","description":"If going to the login page URL redirects to another page, then enter that URL here\n"},"status":{"type":"string","description":"Status of application. By default, it is `ACTIVE`\n"},"url":{"type":"string","description":"Login URL\n"},"urlRegex":{"type":"string","description":"A regex that further restricts URL to the specified regex\n"},"userNameTemplate":{"type":"string","description":"Username template. Default: `${source.login}`\n"},"userNameTemplatePushStatus":{"type":"string","description":"Push username on update. Valid values: `PUSH` and `DONT_PUSH`\n"},"userNameTemplateSuffix":{"type":"string","description":"Username template suffix\n"},"userNameTemplateType":{"type":"string","description":"Username template type. Default: `BUILT_IN`\n"},"usernameField":{"type":"string","description":"Login username field\n"}},"requiredInputs":["label"],"stateInputs":{"description":"Input properties used for looking up and filtering Swa resources.\n","properties":{"accessibilityErrorRedirectUrl":{"type":"string","description":"Custom error page URL\n"},"accessibilityLoginRedirectUrl":{"type":"string","description":"Custom login page URL\n"},"accessibilitySelfService":{"type":"boolean","description":"Enable self service. Default is \u003cspan pulumi-lang-nodejs=\"`false`\" pulumi-lang-dotnet=\"`False`\" pulumi-lang-go=\"`false`\" pulumi-lang-python=\"`false`\" pulumi-lang-yaml=\"`false`\" pulumi-lang-java=\"`false`\"\u003e`false`\u003c/span\u003e\n"},"adminNote":{"type":"string","description":"Application notes for admins.\n"},"appLinksJson":{"type":"string","description":"Displays specific appLinks for the app. The value for each application link should be boolean.\n"},"autoSubmitToolbar":{"type":"boolean","description":"Display auto submit toolbar\n"},"buttonField":{"type":"string","description":"Login button field\n"},"checkbox":{"type":"string","description":"CSS selector for the checkbox\n"},"enduserNote":{"type":"string","description":"Application notes for end users.\n"},"hideIos":{"type":"boolean","description":"Do not display application icon on mobile app\n"},"hideWeb":{"type":"boolean","description":"Do not display application icon to users\n"},"label":{"type":"string","description":"The Application's display name.\n"},"logo":{"type":"string","description":"Local file path to the logo. The file must be in PNG, JPG, or GIF format, and less than 1 MB in size.\n"},"logoUrl":{"type":"string","description":"URL of the application's logo\n"},"name":{"type":"string","description":"Name of the app.\n"},"passwordField":{"type":"string","description":"Login password field\n"},"preconfiguredApp":{"type":"string","description":"Preconfigured app name\n"},"redirectUrl":{"type":"string","description":"If going to the login page URL redirects to another page, then enter that URL here\n"},"signOnMode":{"type":"string","description":"Sign on mode of application.\n"},"status":{"type":"string","description":"Status of application. By default, it is `ACTIVE`\n"},"url":{"type":"string","description":"Login URL\n"},"urlRegex":{"type":"string","description":"A regex that further restricts URL to the specified regex\n"},"userNameTemplate":{"type":"string","description":"Username template. Default: `${source.login}`\n"},"userNameTemplatePushStatus":{"type":"string","description":"Push username on update. Valid values: `PUSH` and `DONT_PUSH`\n"},"userNameTemplateSuffix":{"type":"string","description":"Username template suffix\n"},"userNameTemplateType":{"type":"string","description":"Username template type. Default: `BUILT_IN`\n"},"usernameField":{"type":"string","description":"Login username field\n"}},"type":"object"}},"okta:app/threeField:ThreeField":{"description":"Creates a Three Field Application.\n\t\tThis resource allows you to create and configure a Three Field Application.\n\t\t\u003e During an apply if there is change in 'status' the app will first be\n\t\tactivated or deactivated in accordance with the 'status' change. Then, all\n\t\tother arguments that changed will be applied.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst example = new okta.app.ThreeField(\"example\", {\n    label: \"Example App\",\n    signOnUrl: \"https://example.com/login.html\",\n    signOnRedirectUrl: \"https://example.com\",\n    revealPassword: true,\n    credentialsScheme: \"EDIT_USERNAME_AND_PASSWORD\",\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\nexample = okta.app.ThreeField(\"example\",\n    label=\"Example App\",\n    sign_on_url=\"https://example.com/login.html\",\n    sign_on_redirect_url=\"https://example.com\",\n    reveal_password=True,\n    credentials_scheme=\"EDIT_USERNAME_AND_PASSWORD\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var example = new Okta.App.ThreeField(\"example\", new()\n    {\n        Label = \"Example App\",\n        SignOnUrl = \"https://example.com/login.html\",\n        SignOnRedirectUrl = \"https://example.com\",\n        RevealPassword = true,\n        CredentialsScheme = \"EDIT_USERNAME_AND_PASSWORD\",\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta/app\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := app.NewThreeField(ctx, \"example\", \u0026app.ThreeFieldArgs{\n\t\t\tLabel:             pulumi.String(\"Example App\"),\n\t\t\tSignOnUrl:         \"https://example.com/login.html\",\n\t\t\tSignOnRedirectUrl: \"https://example.com\",\n\t\t\tRevealPassword:    pulumi.Bool(true),\n\t\t\tCredentialsScheme: pulumi.String(\"EDIT_USERNAME_AND_PASSWORD\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.app.ThreeField;\nimport com.pulumi.okta.app.ThreeFieldArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        var example = new ThreeField(\"example\", ThreeFieldArgs.builder()\n            .label(\"Example App\")\n            .signOnUrl(\"https://example.com/login.html\")\n            .signOnRedirectUrl(\"https://example.com\")\n            .revealPassword(true)\n            .credentialsScheme(\"EDIT_USERNAME_AND_PASSWORD\")\n            .build());\n\n    }\n}\n```\n```yaml\nresources:\n  example:\n    type: okta:app:ThreeField\n    properties:\n      label: Example App\n      signOnUrl: https://example.com/login.html\n      signOnRedirectUrl: https://example.com\n      revealPassword: true\n      credentialsScheme: EDIT_USERNAME_AND_PASSWORD\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\n```sh\n$ pulumi import okta:app/threeField:ThreeField example \u003capp_id\u003e\n```\n\n","properties":{"accessibilityErrorRedirectUrl":{"type":"string","description":"Custom error page URL\n"},"accessibilityLoginRedirectUrl":{"type":"string","description":"Custom login page URL\n"},"accessibilitySelfService":{"type":"boolean","description":"Enable self service. Default is \u003cspan pulumi-lang-nodejs=\"`false`\" pulumi-lang-dotnet=\"`False`\" pulumi-lang-go=\"`false`\" pulumi-lang-python=\"`false`\" pulumi-lang-yaml=\"`false`\" pulumi-lang-java=\"`false`\"\u003e`false`\u003c/span\u003e\n"},"adminNote":{"type":"string","description":"Application notes for admins.\n"},"appLinksJson":{"type":"string","description":"Displays specific appLinks for the app. The value for each application link should be boolean.\n"},"autoSubmitToolbar":{"type":"boolean","description":"Display auto submit toolbar\n"},"buttonSelector":{"type":"string","description":"Login button field CSS selector\n"},"credentialsScheme":{"type":"string","description":"Application credentials scheme. One of: `EDIT_USERNAME_AND_PASSWORD`, `ADMIN_SETS_CREDENTIALS`, `EDIT_PASSWORD_ONLY`, `EXTERNAL_PASSWORD_SYNC`, or `SHARED_USERNAME_AND_PASSWORD`\n"},"enduserNote":{"type":"string","description":"Application notes for end users.\n"},"extraFieldSelector":{"type":"string","description":"Extra field CSS selector\n"},"extraFieldValue":{"type":"string","description":"Value for extra form field\n"},"hideIos":{"type":"boolean","description":"Do not display application icon on mobile app\n"},"hideWeb":{"type":"boolean","description":"Do not display application icon to users\n"},"label":{"type":"string","description":"The Application's display name.\n"},"logo":{"type":"string","description":"Local file path to the logo. The file must be in PNG, JPG, or GIF format, and less than 1 MB in size.\n"},"logoUrl":{"type":"string","description":"URL of the application's logo\n"},"name":{"type":"string","description":"Name of the app.\n"},"passwordSelector":{"type":"string","description":"Login password field CSS selector\n"},"revealPassword":{"type":"boolean","description":"Allow user to reveal password. It can not be set to \u003cspan pulumi-lang-nodejs=\"`true`\" pulumi-lang-dotnet=\"`True`\" pulumi-lang-go=\"`true`\" pulumi-lang-python=\"`true`\" pulumi-lang-yaml=\"`true`\" pulumi-lang-java=\"`true`\"\u003e`true`\u003c/span\u003e if \u003cspan pulumi-lang-nodejs=\"`credentialsScheme`\" pulumi-lang-dotnet=\"`CredentialsScheme`\" pulumi-lang-go=\"`credentialsScheme`\" pulumi-lang-python=\"`credentials_scheme`\" pulumi-lang-yaml=\"`credentialsScheme`\" pulumi-lang-java=\"`credentialsScheme`\"\u003e`credentials_scheme`\u003c/span\u003e is `ADMIN_SETS_CREDENTIALS`, `SHARED_USERNAME_AND_PASSWORD` or `EXTERNAL_PASSWORD_SYNC`.\n"},"sharedPassword":{"type":"string","description":"Shared password, required for certain schemes.\n"},"sharedUsername":{"type":"string","description":"Shared username, required for certain schemes.\n"},"signOnMode":{"type":"string","description":"Sign on mode of application.\n"},"status":{"type":"string","description":"Status of application. By default, it is `ACTIVE`\n"},"url":{"type":"string","description":"Login URL\n"},"urlRegex":{"type":"string","description":"A regex that further restricts URL to the specified regex\n"},"userNameTemplate":{"type":"string","description":"Username template. Default: `${source.login}`\n"},"userNameTemplatePushStatus":{"type":"string","description":"Push username on update. Valid values: `PUSH` and `DONT_PUSH`\n"},"userNameTemplateSuffix":{"type":"string","description":"Username template suffix\n"},"userNameTemplateType":{"type":"string","description":"Username template type. Default: `BUILT_IN`\n"},"usernameSelector":{"type":"string","description":"Login username field CSS selector\n"}},"required":["buttonSelector","extraFieldSelector","extraFieldValue","label","logoUrl","name","passwordSelector","signOnMode","url","usernameSelector"],"inputProperties":{"accessibilityErrorRedirectUrl":{"type":"string","description":"Custom error page URL\n"},"accessibilityLoginRedirectUrl":{"type":"string","description":"Custom login page URL\n"},"accessibilitySelfService":{"type":"boolean","description":"Enable self service. Default is \u003cspan pulumi-lang-nodejs=\"`false`\" pulumi-lang-dotnet=\"`False`\" pulumi-lang-go=\"`false`\" pulumi-lang-python=\"`false`\" pulumi-lang-yaml=\"`false`\" pulumi-lang-java=\"`false`\"\u003e`false`\u003c/span\u003e\n"},"adminNote":{"type":"string","description":"Application notes for admins.\n"},"appLinksJson":{"type":"string","description":"Displays specific appLinks for the app. The value for each application link should be boolean.\n"},"autoSubmitToolbar":{"type":"boolean","description":"Display auto submit toolbar\n"},"buttonSelector":{"type":"string","description":"Login button field CSS selector\n"},"credentialsScheme":{"type":"string","description":"Application credentials scheme. One of: `EDIT_USERNAME_AND_PASSWORD`, `ADMIN_SETS_CREDENTIALS`, `EDIT_PASSWORD_ONLY`, `EXTERNAL_PASSWORD_SYNC`, or `SHARED_USERNAME_AND_PASSWORD`\n"},"enduserNote":{"type":"string","description":"Application notes for end users.\n"},"extraFieldSelector":{"type":"string","description":"Extra field CSS selector\n"},"extraFieldValue":{"type":"string","description":"Value for extra form field\n"},"hideIos":{"type":"boolean","description":"Do not display application icon on mobile app\n"},"hideWeb":{"type":"boolean","description":"Do not display application icon to users\n"},"label":{"type":"string","description":"The Application's display name.\n"},"logo":{"type":"string","description":"Local file path to the logo. The file must be in PNG, JPG, or GIF format, and less than 1 MB in size.\n"},"passwordSelector":{"type":"string","description":"Login password field CSS selector\n"},"revealPassword":{"type":"boolean","description":"Allow user to reveal password. It can not be set to \u003cspan pulumi-lang-nodejs=\"`true`\" pulumi-lang-dotnet=\"`True`\" pulumi-lang-go=\"`true`\" pulumi-lang-python=\"`true`\" pulumi-lang-yaml=\"`true`\" pulumi-lang-java=\"`true`\"\u003e`true`\u003c/span\u003e if \u003cspan pulumi-lang-nodejs=\"`credentialsScheme`\" pulumi-lang-dotnet=\"`CredentialsScheme`\" pulumi-lang-go=\"`credentialsScheme`\" pulumi-lang-python=\"`credentials_scheme`\" pulumi-lang-yaml=\"`credentialsScheme`\" pulumi-lang-java=\"`credentialsScheme`\"\u003e`credentials_scheme`\u003c/span\u003e is `ADMIN_SETS_CREDENTIALS`, `SHARED_USERNAME_AND_PASSWORD` or `EXTERNAL_PASSWORD_SYNC`.\n"},"sharedPassword":{"type":"string","description":"Shared password, required for certain schemes.\n"},"sharedUsername":{"type":"string","description":"Shared username, required for certain schemes.\n"},"status":{"type":"string","description":"Status of application. By default, it is `ACTIVE`\n"},"url":{"type":"string","description":"Login URL\n"},"urlRegex":{"type":"string","description":"A regex that further restricts URL to the specified regex\n"},"userNameTemplate":{"type":"string","description":"Username template. Default: `${source.login}`\n"},"userNameTemplatePushStatus":{"type":"string","description":"Push username on update. Valid values: `PUSH` and `DONT_PUSH`\n"},"userNameTemplateSuffix":{"type":"string","description":"Username template suffix\n"},"userNameTemplateType":{"type":"string","description":"Username template type. Default: `BUILT_IN`\n"},"usernameSelector":{"type":"string","description":"Login username field CSS selector\n"}},"requiredInputs":["buttonSelector","extraFieldSelector","extraFieldValue","label","passwordSelector","url","usernameSelector"],"stateInputs":{"description":"Input properties used for looking up and filtering ThreeField resources.\n","properties":{"accessibilityErrorRedirectUrl":{"type":"string","description":"Custom error page URL\n"},"accessibilityLoginRedirectUrl":{"type":"string","description":"Custom login page URL\n"},"accessibilitySelfService":{"type":"boolean","description":"Enable self service. Default is \u003cspan pulumi-lang-nodejs=\"`false`\" pulumi-lang-dotnet=\"`False`\" pulumi-lang-go=\"`false`\" pulumi-lang-python=\"`false`\" pulumi-lang-yaml=\"`false`\" pulumi-lang-java=\"`false`\"\u003e`false`\u003c/span\u003e\n"},"adminNote":{"type":"string","description":"Application notes for admins.\n"},"appLinksJson":{"type":"string","description":"Displays specific appLinks for the app. The value for each application link should be boolean.\n"},"autoSubmitToolbar":{"type":"boolean","description":"Display auto submit toolbar\n"},"buttonSelector":{"type":"string","description":"Login button field CSS selector\n"},"credentialsScheme":{"type":"string","description":"Application credentials scheme. One of: `EDIT_USERNAME_AND_PASSWORD`, `ADMIN_SETS_CREDENTIALS`, `EDIT_PASSWORD_ONLY`, `EXTERNAL_PASSWORD_SYNC`, or `SHARED_USERNAME_AND_PASSWORD`\n"},"enduserNote":{"type":"string","description":"Application notes for end users.\n"},"extraFieldSelector":{"type":"string","description":"Extra field CSS selector\n"},"extraFieldValue":{"type":"string","description":"Value for extra form field\n"},"hideIos":{"type":"boolean","description":"Do not display application icon on mobile app\n"},"hideWeb":{"type":"boolean","description":"Do not display application icon to users\n"},"label":{"type":"string","description":"The Application's display name.\n"},"logo":{"type":"string","description":"Local file path to the logo. The file must be in PNG, JPG, or GIF format, and less than 1 MB in size.\n"},"logoUrl":{"type":"string","description":"URL of the application's logo\n"},"name":{"type":"string","description":"Name of the app.\n"},"passwordSelector":{"type":"string","description":"Login password field CSS selector\n"},"revealPassword":{"type":"boolean","description":"Allow user to reveal password. It can not be set to \u003cspan pulumi-lang-nodejs=\"`true`\" pulumi-lang-dotnet=\"`True`\" pulumi-lang-go=\"`true`\" pulumi-lang-python=\"`true`\" pulumi-lang-yaml=\"`true`\" pulumi-lang-java=\"`true`\"\u003e`true`\u003c/span\u003e if \u003cspan pulumi-lang-nodejs=\"`credentialsScheme`\" pulumi-lang-dotnet=\"`CredentialsScheme`\" pulumi-lang-go=\"`credentialsScheme`\" pulumi-lang-python=\"`credentials_scheme`\" pulumi-lang-yaml=\"`credentialsScheme`\" pulumi-lang-java=\"`credentialsScheme`\"\u003e`credentials_scheme`\u003c/span\u003e is `ADMIN_SETS_CREDENTIALS`, `SHARED_USERNAME_AND_PASSWORD` or `EXTERNAL_PASSWORD_SYNC`.\n"},"sharedPassword":{"type":"string","description":"Shared password, required for certain schemes.\n"},"sharedUsername":{"type":"string","description":"Shared username, required for certain schemes.\n"},"signOnMode":{"type":"string","description":"Sign on mode of application.\n"},"status":{"type":"string","description":"Status of application. By default, it is `ACTIVE`\n"},"url":{"type":"string","description":"Login URL\n"},"urlRegex":{"type":"string","description":"A regex that further restricts URL to the specified regex\n"},"userNameTemplate":{"type":"string","description":"Username template. Default: `${source.login}`\n"},"userNameTemplatePushStatus":{"type":"string","description":"Push username on update. Valid values: `PUSH` and `DONT_PUSH`\n"},"userNameTemplateSuffix":{"type":"string","description":"Username template suffix\n"},"userNameTemplateType":{"type":"string","description":"Username template type. Default: `BUILT_IN`\n"},"usernameSelector":{"type":"string","description":"Login username field CSS selector\n"}},"type":"object"}},"okta:app/token:Token":{"description":"## Example Usage\n\n### Import and Manage Existing Token\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\n// Import an existing refresh token\nconst example = new okta.app.Token(\"example\", {\n    clientId: \"0oardd5r32PWsF4421d7\",\n    idProperty: \"oar1godmqw4QUiX4C1d7\",\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\n# Import an existing refresh token\nexample = okta.app.Token(\"example\",\n    client_id=\"0oardd5r32PWsF4421d7\",\n    id_property=\"oar1godmqw4QUiX4C1d7\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    // Import an existing refresh token\n    var example = new Okta.App.Token(\"example\", new()\n    {\n        ClientId = \"0oardd5r32PWsF4421d7\",\n        IdProperty = \"oar1godmqw4QUiX4C1d7\",\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta/app\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t// Import an existing refresh token\n\t\t_, err := app.NewToken(ctx, \"example\", \u0026app.TokenArgs{\n\t\t\tClientId:   pulumi.String(\"0oardd5r32PWsF4421d7\"),\n\t\t\tIdProperty: pulumi.String(\"oar1godmqw4QUiX4C1d7\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.app.Token;\nimport com.pulumi.okta.app.TokenArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        // Import an existing refresh token\n        var example = new Token(\"example\", TokenArgs.builder()\n            .clientId(\"0oardd5r32PWsF4421d7\")\n            .idProperty(\"oar1godmqw4QUiX4C1d7\")\n            .build());\n\n    }\n}\n```\n```yaml\nresources:\n  # Import an existing refresh token\n  example:\n    type: okta:app:Token\n    properties:\n      clientId: 0oardd5r32PWsF4421d7\n      idProperty: oar1godmqw4QUiX4C1d7\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nRefresh tokens can be imported using the format `{client_id}/{token_id}`:\n\nbash\n\n```sh\n$ pulumi import okta:app/token:Token example 0oardd5r32PWsF4421d7/oar1godmqw4QUiX4C1d7\n```\n\nWhere:\n\n- `0oardd5r32PWsF4421d7` is the application's client_id\n\n- `oar1godmqw4QUiX4C1d7` is the Refresh token ID\n\n","properties":{"clientId":{"type":"string","description":"The unique Okta ID of the application associated with this token. This is typically the \u003cspan pulumi-lang-nodejs=\"`clientId`\" pulumi-lang-dotnet=\"`ClientId`\" pulumi-lang-go=\"`clientId`\" pulumi-lang-python=\"`client_id`\" pulumi-lang-yaml=\"`clientId`\" pulumi-lang-java=\"`clientId`\"\u003e`client_id`\u003c/span\u003e of an refresh application.\n"},"idProperty":{"type":"string","description":"The unique Okta ID of the refresh token.\n"},"status":{"type":"string","description":"The current status of the token (e.g., `ACTIVE`, `REVOKED`).\n"},"userId":{"type":"string","description":"The unique Okta ID of the user associated with this token.\n"}},"required":["clientId","idProperty","status","userId"],"inputProperties":{"clientId":{"type":"string","description":"The unique Okta ID of the application associated with this token. This is typically the \u003cspan pulumi-lang-nodejs=\"`clientId`\" pulumi-lang-dotnet=\"`ClientId`\" pulumi-lang-go=\"`clientId`\" pulumi-lang-python=\"`client_id`\" pulumi-lang-yaml=\"`clientId`\" pulumi-lang-java=\"`clientId`\"\u003e`client_id`\u003c/span\u003e of an refresh application.\n"},"idProperty":{"type":"string","description":"The unique Okta ID of the refresh token.\n"}},"requiredInputs":["clientId","idProperty"],"stateInputs":{"description":"Input properties used for looking up and filtering Token resources.\n","properties":{"clientId":{"type":"string","description":"The unique Okta ID of the application associated with this token. This is typically the \u003cspan pulumi-lang-nodejs=\"`clientId`\" pulumi-lang-dotnet=\"`ClientId`\" pulumi-lang-go=\"`clientId`\" pulumi-lang-python=\"`client_id`\" pulumi-lang-yaml=\"`clientId`\" pulumi-lang-java=\"`clientId`\"\u003e`client_id`\u003c/span\u003e of an refresh application.\n"},"idProperty":{"type":"string","description":"The unique Okta ID of the refresh token.\n"},"status":{"type":"string","description":"The current status of the token (e.g., `ACTIVE`, `REVOKED`).\n"},"userId":{"type":"string","description":"The unique Okta ID of the user associated with this token.\n"}},"type":"object"}},"okta:app/user:User":{"description":"## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst example = new okta.app.User(\"example\", {\n    appId: \"\u003capp_id\u003e\",\n    userId: \"\u003cuser id\u003e\",\n    username: \"example\",\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\nexample = okta.app.User(\"example\",\n    app_id=\"\u003capp_id\u003e\",\n    user_id=\"\u003cuser id\u003e\",\n    username=\"example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var example = new Okta.App.User(\"example\", new()\n    {\n        AppId = \"\u003capp_id\u003e\",\n        UserId = \"\u003cuser id\u003e\",\n        Username = \"example\",\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta/app\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := app.NewUser(ctx, \"example\", \u0026app.UserArgs{\n\t\t\tAppId:    pulumi.String(\"\u003capp_id\u003e\"),\n\t\t\tUserId:   pulumi.String(\"\u003cuser id\u003e\"),\n\t\t\tUsername: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.app.User;\nimport com.pulumi.okta.app.UserArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        var example = new User(\"example\", UserArgs.builder()\n            .appId(\"\u003capp_id\u003e\")\n            .userId(\"\u003cuser id\u003e\")\n            .username(\"example\")\n            .build());\n\n    }\n}\n```\n```yaml\nresources:\n  example:\n    type: okta:app:User\n    properties:\n      appId: \u003capp_id\u003e\n      userId: \u003cuser id\u003e\n      username: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\n```sh\n$ pulumi import okta:app/user:User example \u003capp_id\u003e/\u003cuser_id\u003e\n```\n\n","properties":{"appId":{"type":"string","description":"App to associate user with\n"},"hasSharedUsername":{"type":"boolean"},"password":{"type":"string","description":"The password to use.\n","secret":true},"profile":{"type":"string","description":"The JSON profile of the App User.\n"},"retainAssignment":{"type":"boolean","description":"Retain the user assignment on destroy. If set to true, the resource will be removed from state but not from the Okta app.\n"},"userId":{"type":"string","description":"User associated with the application\n"},"username":{"type":"string","description":"The username to use for the app user. In case the user is assigned to the app with `SHARED_USERNAME_AND_PASSWORD` credentials scheme, this field will be computed and should not be set.\n"}},"required":["appId","hasSharedUsername","userId"],"inputProperties":{"appId":{"type":"string","description":"App to associate user with\n"},"password":{"type":"string","description":"The password to use.\n","secret":true},"profile":{"type":"string","description":"The JSON profile of the App User.\n"},"retainAssignment":{"type":"boolean","description":"Retain the user assignment on destroy. If set to true, the resource will be removed from state but not from the Okta app.\n"},"userId":{"type":"string","description":"User associated with the application\n"},"username":{"type":"string","description":"The username to use for the app user. In case the user is assigned to the app with `SHARED_USERNAME_AND_PASSWORD` credentials scheme, this field will be computed and should not be set.\n"}},"requiredInputs":["appId","userId"],"stateInputs":{"description":"Input properties used for looking up and filtering User resources.\n","properties":{"appId":{"type":"string","description":"App to associate user with\n"},"hasSharedUsername":{"type":"boolean"},"password":{"type":"string","description":"The password to use.\n","secret":true},"profile":{"type":"string","description":"The JSON profile of the App User.\n"},"retainAssignment":{"type":"boolean","description":"Retain the user assignment on destroy. If set to true, the resource will be removed from state but not from the Okta app.\n"},"userId":{"type":"string","description":"User associated with the application\n"},"username":{"type":"string","description":"The username to use for the app user. In case the user is assigned to the app with `SHARED_USERNAME_AND_PASSWORD` credentials scheme, this field will be computed and should not be set.\n"}},"type":"object"}},"okta:auth/server:Server":{"description":"Creates an Authorization Server. This resource allows you to create and configure an Authorization Server.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst example = new okta.auth.Server(\"example\", {\n    audiences: [\"api://example\"],\n    description: \"My Example Auth Server\",\n    name: \"example\",\n    issuerMode: \"CUSTOM_URL\",\n    status: \"ACTIVE\",\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\nexample = okta.auth.Server(\"example\",\n    audiences=[\"api://example\"],\n    description=\"My Example Auth Server\",\n    name=\"example\",\n    issuer_mode=\"CUSTOM_URL\",\n    status=\"ACTIVE\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var example = new Okta.Auth.Server(\"example\", new()\n    {\n        Audiences = new[]\n        {\n            \"api://example\",\n        },\n        Description = \"My Example Auth Server\",\n        Name = \"example\",\n        IssuerMode = \"CUSTOM_URL\",\n        Status = \"ACTIVE\",\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta/auth\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := auth.NewServer(ctx, \"example\", \u0026auth.ServerArgs{\n\t\t\tAudiences: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"api://example\"),\n\t\t\t},\n\t\t\tDescription: pulumi.String(\"My Example Auth Server\"),\n\t\t\tName:        pulumi.String(\"example\"),\n\t\t\tIssuerMode:  pulumi.String(\"CUSTOM_URL\"),\n\t\t\tStatus:      pulumi.String(\"ACTIVE\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.auth.Server;\nimport com.pulumi.okta.auth.ServerArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        var example = new Server(\"example\", ServerArgs.builder()\n            .audiences(\"api://example\")\n            .description(\"My Example Auth Server\")\n            .name(\"example\")\n            .issuerMode(\"CUSTOM_URL\")\n            .status(\"ACTIVE\")\n            .build());\n\n    }\n}\n```\n```yaml\nresources:\n  example:\n    type: okta:auth:Server\n    properties:\n      audiences:\n        - api://example\n      description: My Example Auth Server\n      name: example\n      issuerMode: CUSTOM_URL\n      status: ACTIVE\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\n```sh\n$ pulumi import okta:auth/server:Server example \u003cauth_server_id\u003e\n```\n\n","properties":{"audiences":{"type":"array","items":{"type":"string"},"description":"The recipients that the tokens are intended for. This becomes the \u003cspan pulumi-lang-nodejs=\"`aud`\" pulumi-lang-dotnet=\"`Aud`\" pulumi-lang-go=\"`aud`\" pulumi-lang-python=\"`aud`\" pulumi-lang-yaml=\"`aud`\" pulumi-lang-java=\"`aud`\"\u003e`aud`\u003c/span\u003e claim in an access token. Currently Okta only supports a single value here.\n"},"credentialsLastRotated":{"type":"string","description":"The timestamp when the authorization server started to use the \u003cspan pulumi-lang-nodejs=\"`kid`\" pulumi-lang-dotnet=\"`Kid`\" pulumi-lang-go=\"`kid`\" pulumi-lang-python=\"`kid`\" pulumi-lang-yaml=\"`kid`\" pulumi-lang-java=\"`kid`\"\u003e`kid`\u003c/span\u003e for signing tokens.\n"},"credentialsNextRotation":{"type":"string","description":"The timestamp when the authorization server changes the key for signing tokens. Only returned when \u003cspan pulumi-lang-nodejs=\"`credentialsRotationMode`\" pulumi-lang-dotnet=\"`CredentialsRotationMode`\" pulumi-lang-go=\"`credentialsRotationMode`\" pulumi-lang-python=\"`credentials_rotation_mode`\" pulumi-lang-yaml=\"`credentialsRotationMode`\" pulumi-lang-java=\"`credentialsRotationMode`\"\u003e`credentials_rotation_mode`\u003c/span\u003e is `AUTO`.\n"},"credentialsRotationMode":{"type":"string","description":"The key rotation mode for the authorization server. Can be `AUTO` or `MANUAL`. Default: `AUTO`\n"},"description":{"type":"string","description":"The description of the authorization server.\n"},"issuer":{"type":"string","description":"The complete URL for a Custom Authorization Server. This becomes the \u003cspan pulumi-lang-nodejs=\"`iss`\" pulumi-lang-dotnet=\"`Iss`\" pulumi-lang-go=\"`iss`\" pulumi-lang-python=\"`iss`\" pulumi-lang-yaml=\"`iss`\" pulumi-lang-java=\"`iss`\"\u003e`iss`\u003c/span\u003e claim in an access token.\n"},"issuerMode":{"type":"string","description":"*Early Access Property*. Allows you to use a custom issuer URL. It can be set to `CUSTOM_URL`, `ORG_URL`, or `DYNAMIC`. Default: `ORG_URL`\n"},"kid":{"type":"string","description":"The ID of the JSON Web Key used for signing tokens issued by the authorization server.\n"},"name":{"type":"string","description":"The name of the authorization server.\n"},"status":{"type":"string","description":"Default to `ACTIVE`\n"}},"required":["audiences","credentialsLastRotated","credentialsNextRotation","issuer","kid","name"],"inputProperties":{"audiences":{"type":"array","items":{"type":"string"},"description":"The recipients that the tokens are intended for. This becomes the \u003cspan pulumi-lang-nodejs=\"`aud`\" pulumi-lang-dotnet=\"`Aud`\" pulumi-lang-go=\"`aud`\" pulumi-lang-python=\"`aud`\" pulumi-lang-yaml=\"`aud`\" pulumi-lang-java=\"`aud`\"\u003e`aud`\u003c/span\u003e claim in an access token. Currently Okta only supports a single value here.\n"},"credentialsRotationMode":{"type":"string","description":"The key rotation mode for the authorization server. Can be `AUTO` or `MANUAL`. Default: `AUTO`\n"},"description":{"type":"string","description":"The description of the authorization server.\n"},"issuerMode":{"type":"string","description":"*Early Access Property*. Allows you to use a custom issuer URL. It can be set to `CUSTOM_URL`, `ORG_URL`, or `DYNAMIC`. Default: `ORG_URL`\n"},"name":{"type":"string","description":"The name of the authorization server.\n"},"status":{"type":"string","description":"Default to `ACTIVE`\n"}},"requiredInputs":["audiences"],"stateInputs":{"description":"Input properties used for looking up and filtering Server resources.\n","properties":{"audiences":{"type":"array","items":{"type":"string"},"description":"The recipients that the tokens are intended for. This becomes the \u003cspan pulumi-lang-nodejs=\"`aud`\" pulumi-lang-dotnet=\"`Aud`\" pulumi-lang-go=\"`aud`\" pulumi-lang-python=\"`aud`\" pulumi-lang-yaml=\"`aud`\" pulumi-lang-java=\"`aud`\"\u003e`aud`\u003c/span\u003e claim in an access token. Currently Okta only supports a single value here.\n"},"credentialsLastRotated":{"type":"string","description":"The timestamp when the authorization server started to use the \u003cspan pulumi-lang-nodejs=\"`kid`\" pulumi-lang-dotnet=\"`Kid`\" pulumi-lang-go=\"`kid`\" pulumi-lang-python=\"`kid`\" pulumi-lang-yaml=\"`kid`\" pulumi-lang-java=\"`kid`\"\u003e`kid`\u003c/span\u003e for signing tokens.\n"},"credentialsNextRotation":{"type":"string","description":"The timestamp when the authorization server changes the key for signing tokens. Only returned when \u003cspan pulumi-lang-nodejs=\"`credentialsRotationMode`\" pulumi-lang-dotnet=\"`CredentialsRotationMode`\" pulumi-lang-go=\"`credentialsRotationMode`\" pulumi-lang-python=\"`credentials_rotation_mode`\" pulumi-lang-yaml=\"`credentialsRotationMode`\" pulumi-lang-java=\"`credentialsRotationMode`\"\u003e`credentials_rotation_mode`\u003c/span\u003e is `AUTO`.\n"},"credentialsRotationMode":{"type":"string","description":"The key rotation mode for the authorization server. Can be `AUTO` or `MANUAL`. Default: `AUTO`\n"},"description":{"type":"string","description":"The description of the authorization server.\n"},"issuer":{"type":"string","description":"The complete URL for a Custom Authorization Server. This becomes the \u003cspan pulumi-lang-nodejs=\"`iss`\" pulumi-lang-dotnet=\"`Iss`\" pulumi-lang-go=\"`iss`\" pulumi-lang-python=\"`iss`\" pulumi-lang-yaml=\"`iss`\" pulumi-lang-java=\"`iss`\"\u003e`iss`\u003c/span\u003e claim in an access token.\n"},"issuerMode":{"type":"string","description":"*Early Access Property*. Allows you to use a custom issuer URL. It can be set to `CUSTOM_URL`, `ORG_URL`, or `DYNAMIC`. Default: `ORG_URL`\n"},"kid":{"type":"string","description":"The ID of the JSON Web Key used for signing tokens issued by the authorization server.\n"},"name":{"type":"string","description":"The name of the authorization server.\n"},"status":{"type":"string","description":"Default to `ACTIVE`\n"}},"type":"object"}},"okta:auth/serverClaim:ServerClaim":{"description":"Creates an Authorization Server Claim. This resource allows you to create and configure an Authorization Server Claim.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst example = new okta.auth.ServerClaim(\"example\", {\n    authServerId: \"\u003cauth server id\u003e\",\n    name: \"staff\",\n    value: \"String.substringAfter(user.email, \\\"@\\\") == \\\"example.com\\\"\",\n    scopes: [exampleOktaAuthServerScope.name],\n    claimType: \"IDENTITY\",\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\nexample = okta.auth.ServerClaim(\"example\",\n    auth_server_id=\"\u003cauth server id\u003e\",\n    name=\"staff\",\n    value=\"String.substringAfter(user.email, \\\"@\\\") == \\\"example.com\\\"\",\n    scopes=[example_okta_auth_server_scope[\"name\"]],\n    claim_type=\"IDENTITY\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var example = new Okta.Auth.ServerClaim(\"example\", new()\n    {\n        AuthServerId = \"\u003cauth server id\u003e\",\n        Name = \"staff\",\n        Value = \"String.substringAfter(user.email, \\\"@\\\") == \\\"example.com\\\"\",\n        Scopes = new[]\n        {\n            exampleOktaAuthServerScope.Name,\n        },\n        ClaimType = \"IDENTITY\",\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta/auth\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := auth.NewServerClaim(ctx, \"example\", \u0026auth.ServerClaimArgs{\n\t\t\tAuthServerId: pulumi.String(\"\u003cauth server id\u003e\"),\n\t\t\tName:         pulumi.String(\"staff\"),\n\t\t\tValue:        pulumi.String(\"String.substringAfter(user.email, \\\"@\\\") == \\\"example.com\\\"\"),\n\t\t\tScopes: pulumi.StringArray{\n\t\t\t\texampleOktaAuthServerScope.Name,\n\t\t\t},\n\t\t\tClaimType: pulumi.String(\"IDENTITY\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.auth.ServerClaim;\nimport com.pulumi.okta.auth.ServerClaimArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        var example = new ServerClaim(\"example\", ServerClaimArgs.builder()\n            .authServerId(\"\u003cauth server id\u003e\")\n            .name(\"staff\")\n            .value(\"String.substringAfter(user.email, \\\"@\\\") == \\\"example.com\\\"\")\n            .scopes(exampleOktaAuthServerScope.name())\n            .claimType(\"IDENTITY\")\n            .build());\n\n    }\n}\n```\n```yaml\nresources:\n  example:\n    type: okta:auth:ServerClaim\n    properties:\n      authServerId: \u003cauth server id\u003e\n      name: staff\n      value: String.substringAfter(user.email, \"@\") == \"example.com\"\n      scopes:\n        - ${exampleOktaAuthServerScope.name}\n      claimType: IDENTITY\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\n```sh\n$ pulumi import okta:auth/serverClaim:ServerClaim example \u003cauth_server_id\u003e/\u003cclaim_id\u003e\n```\n\n","properties":{"alwaysIncludeInToken":{"type":"boolean","description":"Specifies whether to include claims in token, by default it is set to \u003cspan pulumi-lang-nodejs=\"`true`\" pulumi-lang-dotnet=\"`True`\" pulumi-lang-go=\"`true`\" pulumi-lang-python=\"`true`\" pulumi-lang-yaml=\"`true`\" pulumi-lang-java=\"`true`\"\u003e`true`\u003c/span\u003e.\n"},"authServerId":{"type":"string","description":"ID of the authorization server.\n"},"claimType":{"type":"string","description":"Specifies whether the claim is for an access token `RESOURCE` or ID token `IDENTITY`.\n"},"groupFilterType":{"type":"string","description":"Specifies the type of group filter if \u003cspan pulumi-lang-nodejs=\"`valueType`\" pulumi-lang-dotnet=\"`ValueType`\" pulumi-lang-go=\"`valueType`\" pulumi-lang-python=\"`value_type`\" pulumi-lang-yaml=\"`valueType`\" pulumi-lang-java=\"`valueType`\"\u003e`value_type`\u003c/span\u003e is `GROUPS`. Can be set to one of the following `STARTS_WITH`, `EQUALS`, `CONTAINS`, `REGEX`.\n"},"name":{"type":"string","description":"The name of the claim.\n"},"scopes":{"type":"array","items":{"type":"string"},"description":"The list of scopes the auth server claim is tied to.\n"},"status":{"type":"string","description":"Default to `ACTIVE`\n"},"value":{"type":"string","description":"The value of the claim.\n"},"valueType":{"type":"string","description":"The type of value of the claim. It can be set to `EXPRESSION` or `GROUPS`. It defaults to `EXPRESSION`.\n"}},"required":["authServerId","claimType","name","value"],"inputProperties":{"alwaysIncludeInToken":{"type":"boolean","description":"Specifies whether to include claims in token, by default it is set to \u003cspan pulumi-lang-nodejs=\"`true`\" pulumi-lang-dotnet=\"`True`\" pulumi-lang-go=\"`true`\" pulumi-lang-python=\"`true`\" pulumi-lang-yaml=\"`true`\" pulumi-lang-java=\"`true`\"\u003e`true`\u003c/span\u003e.\n"},"authServerId":{"type":"string","description":"ID of the authorization server.\n"},"claimType":{"type":"string","description":"Specifies whether the claim is for an access token `RESOURCE` or ID token `IDENTITY`.\n"},"groupFilterType":{"type":"string","description":"Specifies the type of group filter if \u003cspan pulumi-lang-nodejs=\"`valueType`\" pulumi-lang-dotnet=\"`ValueType`\" pulumi-lang-go=\"`valueType`\" pulumi-lang-python=\"`value_type`\" pulumi-lang-yaml=\"`valueType`\" pulumi-lang-java=\"`valueType`\"\u003e`value_type`\u003c/span\u003e is `GROUPS`. Can be set to one of the following `STARTS_WITH`, `EQUALS`, `CONTAINS`, `REGEX`.\n"},"name":{"type":"string","description":"The name of the claim.\n"},"scopes":{"type":"array","items":{"type":"string"},"description":"The list of scopes the auth server claim is tied to.\n"},"status":{"type":"string","description":"Default to `ACTIVE`\n"},"value":{"type":"string","description":"The value of the claim.\n"},"valueType":{"type":"string","description":"The type of value of the claim. It can be set to `EXPRESSION` or `GROUPS`. It defaults to `EXPRESSION`.\n"}},"requiredInputs":["authServerId","claimType","value"],"stateInputs":{"description":"Input properties used for looking up and filtering ServerClaim resources.\n","properties":{"alwaysIncludeInToken":{"type":"boolean","description":"Specifies whether to include claims in token, by default it is set to \u003cspan pulumi-lang-nodejs=\"`true`\" pulumi-lang-dotnet=\"`True`\" pulumi-lang-go=\"`true`\" pulumi-lang-python=\"`true`\" pulumi-lang-yaml=\"`true`\" pulumi-lang-java=\"`true`\"\u003e`true`\u003c/span\u003e.\n"},"authServerId":{"type":"string","description":"ID of the authorization server.\n"},"claimType":{"type":"string","description":"Specifies whether the claim is for an access token `RESOURCE` or ID token `IDENTITY`.\n"},"groupFilterType":{"type":"string","description":"Specifies the type of group filter if \u003cspan pulumi-lang-nodejs=\"`valueType`\" pulumi-lang-dotnet=\"`ValueType`\" pulumi-lang-go=\"`valueType`\" pulumi-lang-python=\"`value_type`\" pulumi-lang-yaml=\"`valueType`\" pulumi-lang-java=\"`valueType`\"\u003e`value_type`\u003c/span\u003e is `GROUPS`. Can be set to one of the following `STARTS_WITH`, `EQUALS`, `CONTAINS`, `REGEX`.\n"},"name":{"type":"string","description":"The name of the claim.\n"},"scopes":{"type":"array","items":{"type":"string"},"description":"The list of scopes the auth server claim is tied to.\n"},"status":{"type":"string","description":"Default to `ACTIVE`\n"},"value":{"type":"string","description":"The value of the claim.\n"},"valueType":{"type":"string","description":"The type of value of the claim. It can be set to `EXPRESSION` or `GROUPS`. It defaults to `EXPRESSION`.\n"}},"type":"object"}},"okta:auth/serverPolicy:ServerPolicy":{"description":"Creates an Authorization Server Policy. This resource allows you to create and configure an Authorization Server Policy.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst example = new okta.auth.ServerPolicy(\"example\", {\n    authServerId: \"\u003cauth server id\u003e\",\n    status: \"ACTIVE\",\n    name: \"example\",\n    description: \"example\",\n    priority: 1,\n    clientWhitelists: [\"ALL_CLIENTS\"],\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\nexample = okta.auth.ServerPolicy(\"example\",\n    auth_server_id=\"\u003cauth server id\u003e\",\n    status=\"ACTIVE\",\n    name=\"example\",\n    description=\"example\",\n    priority=1,\n    client_whitelists=[\"ALL_CLIENTS\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var example = new Okta.Auth.ServerPolicy(\"example\", new()\n    {\n        AuthServerId = \"\u003cauth server id\u003e\",\n        Status = \"ACTIVE\",\n        Name = \"example\",\n        Description = \"example\",\n        Priority = 1,\n        ClientWhitelists = new[]\n        {\n            \"ALL_CLIENTS\",\n        },\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta/auth\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := auth.NewServerPolicy(ctx, \"example\", \u0026auth.ServerPolicyArgs{\n\t\t\tAuthServerId: pulumi.String(\"\u003cauth server id\u003e\"),\n\t\t\tStatus:       pulumi.String(\"ACTIVE\"),\n\t\t\tName:         pulumi.String(\"example\"),\n\t\t\tDescription:  pulumi.String(\"example\"),\n\t\t\tPriority:     pulumi.Int(1),\n\t\t\tClientWhitelists: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"ALL_CLIENTS\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.auth.ServerPolicy;\nimport com.pulumi.okta.auth.ServerPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        var example = new ServerPolicy(\"example\", ServerPolicyArgs.builder()\n            .authServerId(\"\u003cauth server id\u003e\")\n            .status(\"ACTIVE\")\n            .name(\"example\")\n            .description(\"example\")\n            .priority(1)\n            .clientWhitelists(\"ALL_CLIENTS\")\n            .build());\n\n    }\n}\n```\n```yaml\nresources:\n  example:\n    type: okta:auth:ServerPolicy\n    properties:\n      authServerId: \u003cauth server id\u003e\n      status: ACTIVE\n      name: example\n      description: example\n      priority: 1\n      clientWhitelists:\n        - ALL_CLIENTS\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\n```sh\n$ pulumi import okta:auth/serverPolicy:ServerPolicy example \u003cauth_server_id\u003e/\u003cpolicy_id\u003e\n```\n\n","properties":{"authServerId":{"type":"string","description":"The ID of the Auth Server.\n"},"clientWhitelists":{"type":"array","items":{"type":"string"},"description":"The clients to whitelist the policy for. `[ALL_CLIENTS]` is a special value that can be used to whitelist all clients, otherwise it is a list of client ids.\n"},"description":{"type":"string","description":"The description of the Auth Server Policy.\n"},"name":{"type":"string","description":"The name of the Auth Server Policy.\n"},"priority":{"type":"integer","description":"Priority of the auth server policy\n"},"status":{"type":"string","description":"Default to `ACTIVE`\n"}},"required":["authServerId","clientWhitelists","description","name","priority"],"inputProperties":{"authServerId":{"type":"string","description":"The ID of the Auth Server.\n"},"clientWhitelists":{"type":"array","items":{"type":"string"},"description":"The clients to whitelist the policy for. `[ALL_CLIENTS]` is a special value that can be used to whitelist all clients, otherwise it is a list of client ids.\n"},"description":{"type":"string","description":"The description of the Auth Server Policy.\n"},"name":{"type":"string","description":"The name of the Auth Server Policy.\n"},"priority":{"type":"integer","description":"Priority of the auth server policy\n"},"status":{"type":"string","description":"Default to `ACTIVE`\n"}},"requiredInputs":["authServerId","clientWhitelists","description","priority"],"stateInputs":{"description":"Input properties used for looking up and filtering ServerPolicy resources.\n","properties":{"authServerId":{"type":"string","description":"The ID of the Auth Server.\n"},"clientWhitelists":{"type":"array","items":{"type":"string"},"description":"The clients to whitelist the policy for. `[ALL_CLIENTS]` is a special value that can be used to whitelist all clients, otherwise it is a list of client ids.\n"},"description":{"type":"string","description":"The description of the Auth Server Policy.\n"},"name":{"type":"string","description":"The name of the Auth Server Policy.\n"},"priority":{"type":"integer","description":"Priority of the auth server policy\n"},"status":{"type":"string","description":"Default to `ACTIVE`\n"}},"type":"object"}},"okta:auth/serverPolicyRule:ServerPolicyRule":{"description":"## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst example = new okta.auth.ServerPolicyRule(\"example\", {\n    authServerId: \"\u003cauth server id\u003e\",\n    policyId: \"\u003cauth server policy id\u003e\",\n    status: \"ACTIVE\",\n    name: \"example\",\n    priority: 1,\n    groupWhitelists: [\"\u003cgroup ids\u003e\"],\n    grantTypeWhitelists: [\"implicit\"],\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\nexample = okta.auth.ServerPolicyRule(\"example\",\n    auth_server_id=\"\u003cauth server id\u003e\",\n    policy_id=\"\u003cauth server policy id\u003e\",\n    status=\"ACTIVE\",\n    name=\"example\",\n    priority=1,\n    group_whitelists=[\"\u003cgroup ids\u003e\"],\n    grant_type_whitelists=[\"implicit\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var example = new Okta.Auth.ServerPolicyRule(\"example\", new()\n    {\n        AuthServerId = \"\u003cauth server id\u003e\",\n        PolicyId = \"\u003cauth server policy id\u003e\",\n        Status = \"ACTIVE\",\n        Name = \"example\",\n        Priority = 1,\n        GroupWhitelists = new[]\n        {\n            \"\u003cgroup ids\u003e\",\n        },\n        GrantTypeWhitelists = new[]\n        {\n            \"implicit\",\n        },\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta/auth\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := auth.NewServerPolicyRule(ctx, \"example\", \u0026auth.ServerPolicyRuleArgs{\n\t\t\tAuthServerId: pulumi.String(\"\u003cauth server id\u003e\"),\n\t\t\tPolicyId:     pulumi.String(\"\u003cauth server policy id\u003e\"),\n\t\t\tStatus:       pulumi.String(\"ACTIVE\"),\n\t\t\tName:         pulumi.String(\"example\"),\n\t\t\tPriority:     pulumi.Int(1),\n\t\t\tGroupWhitelists: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"\u003cgroup ids\u003e\"),\n\t\t\t},\n\t\t\tGrantTypeWhitelists: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"implicit\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.auth.ServerPolicyRule;\nimport com.pulumi.okta.auth.ServerPolicyRuleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        var example = new ServerPolicyRule(\"example\", ServerPolicyRuleArgs.builder()\n            .authServerId(\"\u003cauth server id\u003e\")\n            .policyId(\"\u003cauth server policy id\u003e\")\n            .status(\"ACTIVE\")\n            .name(\"example\")\n            .priority(1)\n            .groupWhitelists(\"\u003cgroup ids\u003e\")\n            .grantTypeWhitelists(\"implicit\")\n            .build());\n\n    }\n}\n```\n```yaml\nresources:\n  example:\n    type: okta:auth:ServerPolicyRule\n    properties:\n      authServerId: \u003cauth server id\u003e\n      policyId: \u003cauth server policy id\u003e\n      status: ACTIVE\n      name: example\n      priority: 1\n      groupWhitelists:\n        - \u003cgroup ids\u003e\n      grantTypeWhitelists:\n        - implicit\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\n```sh\n$ pulumi import okta:auth/serverPolicyRule:ServerPolicyRule example \u003cauth_server_id\u003e/\u003cpolicy_id\u003e/\u003cpolicy_rule_id\u003e\n```\n\n","properties":{"accessTokenLifetimeMinutes":{"type":"integer","description":"Lifetime of access token. Can be set to a value between 5 and 1440 minutes. Default is \u003cspan pulumi-lang-nodejs=\"`60`\" pulumi-lang-dotnet=\"`60`\" pulumi-lang-go=\"`60`\" pulumi-lang-python=\"`60`\" pulumi-lang-yaml=\"`60`\" pulumi-lang-java=\"`60`\"\u003e`60`\u003c/span\u003e.\n"},"authServerId":{"type":"string","description":"Auth server ID\n"},"grantTypeWhitelists":{"type":"array","items":{"type":"string"},"description":"Accepted grant type values, \u003cspan pulumi-lang-nodejs=\"`authorizationCode`\" pulumi-lang-dotnet=\"`AuthorizationCode`\" pulumi-lang-go=\"`authorizationCode`\" pulumi-lang-python=\"`authorization_code`\" pulumi-lang-yaml=\"`authorizationCode`\" pulumi-lang-java=\"`authorizationCode`\"\u003e`authorization_code`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`implicit`\" pulumi-lang-dotnet=\"`Implicit`\" pulumi-lang-go=\"`implicit`\" pulumi-lang-python=\"`implicit`\" pulumi-lang-yaml=\"`implicit`\" pulumi-lang-java=\"`implicit`\"\u003e`implicit`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`password`\" pulumi-lang-dotnet=\"`Password`\" pulumi-lang-go=\"`password`\" pulumi-lang-python=\"`password`\" pulumi-lang-yaml=\"`password`\" pulumi-lang-java=\"`password`\"\u003e`password`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`clientCredentials`\" pulumi-lang-dotnet=\"`ClientCredentials`\" pulumi-lang-go=\"`clientCredentials`\" pulumi-lang-python=\"`client_credentials`\" pulumi-lang-yaml=\"`clientCredentials`\" pulumi-lang-java=\"`clientCredentials`\"\u003e`client_credentials`\u003c/span\u003e, `urn:ietf:params:oauth:grant-type:saml2-bearer` (*Early Access Property*), `urn:ietf:params:oauth:grant-type:token-exchange` (*Early Access Property*),`urn:ietf:params:oauth:grant-type:device_code` (*Early Access Property*), \u003cspan pulumi-lang-nodejs=\"`interactionCode`\" pulumi-lang-dotnet=\"`InteractionCode`\" pulumi-lang-go=\"`interactionCode`\" pulumi-lang-python=\"`interaction_code`\" pulumi-lang-yaml=\"`interactionCode`\" pulumi-lang-java=\"`interactionCode`\"\u003e`interaction_code`\u003c/span\u003e (*OIE only*). For \u003cspan pulumi-lang-nodejs=\"`implicit`\" pulumi-lang-dotnet=\"`Implicit`\" pulumi-lang-go=\"`implicit`\" pulumi-lang-python=\"`implicit`\" pulumi-lang-yaml=\"`implicit`\" pulumi-lang-java=\"`implicit`\"\u003e`implicit`\u003c/span\u003e value either \u003cspan pulumi-lang-nodejs=\"`userWhitelist`\" pulumi-lang-dotnet=\"`UserWhitelist`\" pulumi-lang-go=\"`userWhitelist`\" pulumi-lang-python=\"`user_whitelist`\" pulumi-lang-yaml=\"`userWhitelist`\" pulumi-lang-java=\"`userWhitelist`\"\u003e`user_whitelist`\u003c/span\u003e or \u003cspan pulumi-lang-nodejs=\"`groupWhitelist`\" pulumi-lang-dotnet=\"`GroupWhitelist`\" pulumi-lang-go=\"`groupWhitelist`\" pulumi-lang-python=\"`group_whitelist`\" pulumi-lang-yaml=\"`groupWhitelist`\" pulumi-lang-java=\"`groupWhitelist`\"\u003e`group_whitelist`\u003c/span\u003e should be set.\n"},"groupBlacklists":{"type":"array","items":{"type":"string"},"description":"Specifies a set of Groups whose Users are to be excluded.\n"},"groupWhitelists":{"type":"array","items":{"type":"string"},"description":"Specifies a set of Groups whose Users are to be included. Can be set to Group ID or to the following: `EVERYONE`.\n"},"inlineHookId":{"type":"string","description":"The ID of the inline token to trigger.\n"},"name":{"type":"string","description":"Auth server policy rule name\n"},"policyId":{"type":"string","description":"Auth server policy ID\n"},"priority":{"type":"integer","description":"Priority of the auth server policy rule\n"},"refreshTokenLifetimeMinutes":{"type":"integer","description":"Lifetime of refresh token.\n"},"refreshTokenWindowMinutes":{"type":"integer","description":"Window in which a refresh token can be used. It can be a value between 5 and 2628000 (5 years) minutes. Default is \u003cspan pulumi-lang-nodejs=\"`10080`\" pulumi-lang-dotnet=\"`10080`\" pulumi-lang-go=\"`10080`\" pulumi-lang-python=\"`10080`\" pulumi-lang-yaml=\"`10080`\" pulumi-lang-java=\"`10080`\"\u003e`10080`\u003c/span\u003e (7 days).\u003cspan pulumi-lang-nodejs=\"`refreshTokenWindowMinutes`\" pulumi-lang-dotnet=\"`RefreshTokenWindowMinutes`\" pulumi-lang-go=\"`refreshTokenWindowMinutes`\" pulumi-lang-python=\"`refresh_token_window_minutes`\" pulumi-lang-yaml=\"`refreshTokenWindowMinutes`\" pulumi-lang-java=\"`refreshTokenWindowMinutes`\"\u003e`refresh_token_window_minutes`\u003c/span\u003e must be between \u003cspan pulumi-lang-nodejs=\"`accessTokenLifetimeMinutes`\" pulumi-lang-dotnet=\"`AccessTokenLifetimeMinutes`\" pulumi-lang-go=\"`accessTokenLifetimeMinutes`\" pulumi-lang-python=\"`access_token_lifetime_minutes`\" pulumi-lang-yaml=\"`accessTokenLifetimeMinutes`\" pulumi-lang-java=\"`accessTokenLifetimeMinutes`\"\u003e`access_token_lifetime_minutes`\u003c/span\u003e and \u003cspan pulumi-lang-nodejs=\"`refreshTokenLifetimeMinutes`\" pulumi-lang-dotnet=\"`RefreshTokenLifetimeMinutes`\" pulumi-lang-go=\"`refreshTokenLifetimeMinutes`\" pulumi-lang-python=\"`refresh_token_lifetime_minutes`\" pulumi-lang-yaml=\"`refreshTokenLifetimeMinutes`\" pulumi-lang-java=\"`refreshTokenLifetimeMinutes`\"\u003e`refresh_token_lifetime_minutes`\u003c/span\u003e.\n"},"scopeWhitelists":{"type":"array","items":{"type":"string"},"description":"Scopes allowed for this policy rule. They can be whitelisted by name or all can be whitelisted with `*`\n"},"status":{"type":"string","description":"Default to `ACTIVE`\n"},"system":{"type":"boolean","description":"The rule is the system (default) rule for its associated policy\n"},"type":{"type":"string","description":"Auth server policy rule type, unlikely this will be anything other then the default\n"},"userBlacklists":{"type":"array","items":{"type":"string"},"description":"Specifies a set of Users to be excluded.\n"},"userWhitelists":{"type":"array","items":{"type":"string"},"description":"Specifies a set of Users to be included.\n"}},"required":["authServerId","grantTypeWhitelists","name","policyId","priority","system"],"inputProperties":{"accessTokenLifetimeMinutes":{"type":"integer","description":"Lifetime of access token. Can be set to a value between 5 and 1440 minutes. Default is \u003cspan pulumi-lang-nodejs=\"`60`\" pulumi-lang-dotnet=\"`60`\" pulumi-lang-go=\"`60`\" pulumi-lang-python=\"`60`\" pulumi-lang-yaml=\"`60`\" pulumi-lang-java=\"`60`\"\u003e`60`\u003c/span\u003e.\n"},"authServerId":{"type":"string","description":"Auth server ID\n"},"grantTypeWhitelists":{"type":"array","items":{"type":"string"},"description":"Accepted grant type values, \u003cspan pulumi-lang-nodejs=\"`authorizationCode`\" pulumi-lang-dotnet=\"`AuthorizationCode`\" pulumi-lang-go=\"`authorizationCode`\" pulumi-lang-python=\"`authorization_code`\" pulumi-lang-yaml=\"`authorizationCode`\" pulumi-lang-java=\"`authorizationCode`\"\u003e`authorization_code`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`implicit`\" pulumi-lang-dotnet=\"`Implicit`\" pulumi-lang-go=\"`implicit`\" pulumi-lang-python=\"`implicit`\" pulumi-lang-yaml=\"`implicit`\" pulumi-lang-java=\"`implicit`\"\u003e`implicit`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`password`\" pulumi-lang-dotnet=\"`Password`\" pulumi-lang-go=\"`password`\" pulumi-lang-python=\"`password`\" pulumi-lang-yaml=\"`password`\" pulumi-lang-java=\"`password`\"\u003e`password`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`clientCredentials`\" pulumi-lang-dotnet=\"`ClientCredentials`\" pulumi-lang-go=\"`clientCredentials`\" pulumi-lang-python=\"`client_credentials`\" pulumi-lang-yaml=\"`clientCredentials`\" pulumi-lang-java=\"`clientCredentials`\"\u003e`client_credentials`\u003c/span\u003e, `urn:ietf:params:oauth:grant-type:saml2-bearer` (*Early Access Property*), `urn:ietf:params:oauth:grant-type:token-exchange` (*Early Access Property*),`urn:ietf:params:oauth:grant-type:device_code` (*Early Access Property*), \u003cspan pulumi-lang-nodejs=\"`interactionCode`\" pulumi-lang-dotnet=\"`InteractionCode`\" pulumi-lang-go=\"`interactionCode`\" pulumi-lang-python=\"`interaction_code`\" pulumi-lang-yaml=\"`interactionCode`\" pulumi-lang-java=\"`interactionCode`\"\u003e`interaction_code`\u003c/span\u003e (*OIE only*). For \u003cspan pulumi-lang-nodejs=\"`implicit`\" pulumi-lang-dotnet=\"`Implicit`\" pulumi-lang-go=\"`implicit`\" pulumi-lang-python=\"`implicit`\" pulumi-lang-yaml=\"`implicit`\" pulumi-lang-java=\"`implicit`\"\u003e`implicit`\u003c/span\u003e value either \u003cspan pulumi-lang-nodejs=\"`userWhitelist`\" pulumi-lang-dotnet=\"`UserWhitelist`\" pulumi-lang-go=\"`userWhitelist`\" pulumi-lang-python=\"`user_whitelist`\" pulumi-lang-yaml=\"`userWhitelist`\" pulumi-lang-java=\"`userWhitelist`\"\u003e`user_whitelist`\u003c/span\u003e or \u003cspan pulumi-lang-nodejs=\"`groupWhitelist`\" pulumi-lang-dotnet=\"`GroupWhitelist`\" pulumi-lang-go=\"`groupWhitelist`\" pulumi-lang-python=\"`group_whitelist`\" pulumi-lang-yaml=\"`groupWhitelist`\" pulumi-lang-java=\"`groupWhitelist`\"\u003e`group_whitelist`\u003c/span\u003e should be set.\n"},"groupBlacklists":{"type":"array","items":{"type":"string"},"description":"Specifies a set of Groups whose Users are to be excluded.\n"},"groupWhitelists":{"type":"array","items":{"type":"string"},"description":"Specifies a set of Groups whose Users are to be included. Can be set to Group ID or to the following: `EVERYONE`.\n"},"inlineHookId":{"type":"string","description":"The ID of the inline token to trigger.\n"},"name":{"type":"string","description":"Auth server policy rule name\n"},"policyId":{"type":"string","description":"Auth server policy ID\n"},"priority":{"type":"integer","description":"Priority of the auth server policy rule\n"},"refreshTokenLifetimeMinutes":{"type":"integer","description":"Lifetime of refresh token.\n"},"refreshTokenWindowMinutes":{"type":"integer","description":"Window in which a refresh token can be used. It can be a value between 5 and 2628000 (5 years) minutes. Default is \u003cspan pulumi-lang-nodejs=\"`10080`\" pulumi-lang-dotnet=\"`10080`\" pulumi-lang-go=\"`10080`\" pulumi-lang-python=\"`10080`\" pulumi-lang-yaml=\"`10080`\" pulumi-lang-java=\"`10080`\"\u003e`10080`\u003c/span\u003e (7 days).\u003cspan pulumi-lang-nodejs=\"`refreshTokenWindowMinutes`\" pulumi-lang-dotnet=\"`RefreshTokenWindowMinutes`\" pulumi-lang-go=\"`refreshTokenWindowMinutes`\" pulumi-lang-python=\"`refresh_token_window_minutes`\" pulumi-lang-yaml=\"`refreshTokenWindowMinutes`\" pulumi-lang-java=\"`refreshTokenWindowMinutes`\"\u003e`refresh_token_window_minutes`\u003c/span\u003e must be between \u003cspan pulumi-lang-nodejs=\"`accessTokenLifetimeMinutes`\" pulumi-lang-dotnet=\"`AccessTokenLifetimeMinutes`\" pulumi-lang-go=\"`accessTokenLifetimeMinutes`\" pulumi-lang-python=\"`access_token_lifetime_minutes`\" pulumi-lang-yaml=\"`accessTokenLifetimeMinutes`\" pulumi-lang-java=\"`accessTokenLifetimeMinutes`\"\u003e`access_token_lifetime_minutes`\u003c/span\u003e and \u003cspan pulumi-lang-nodejs=\"`refreshTokenLifetimeMinutes`\" pulumi-lang-dotnet=\"`RefreshTokenLifetimeMinutes`\" pulumi-lang-go=\"`refreshTokenLifetimeMinutes`\" pulumi-lang-python=\"`refresh_token_lifetime_minutes`\" pulumi-lang-yaml=\"`refreshTokenLifetimeMinutes`\" pulumi-lang-java=\"`refreshTokenLifetimeMinutes`\"\u003e`refresh_token_lifetime_minutes`\u003c/span\u003e.\n"},"scopeWhitelists":{"type":"array","items":{"type":"string"},"description":"Scopes allowed for this policy rule. They can be whitelisted by name or all can be whitelisted with `*`\n"},"status":{"type":"string","description":"Default to `ACTIVE`\n"},"type":{"type":"string","description":"Auth server policy rule type, unlikely this will be anything other then the default\n"},"userBlacklists":{"type":"array","items":{"type":"string"},"description":"Specifies a set of Users to be excluded.\n"},"userWhitelists":{"type":"array","items":{"type":"string"},"description":"Specifies a set of Users to be included.\n"}},"requiredInputs":["authServerId","grantTypeWhitelists","policyId","priority"],"stateInputs":{"description":"Input properties used for looking up and filtering ServerPolicyRule resources.\n","properties":{"accessTokenLifetimeMinutes":{"type":"integer","description":"Lifetime of access token. Can be set to a value between 5 and 1440 minutes. Default is \u003cspan pulumi-lang-nodejs=\"`60`\" pulumi-lang-dotnet=\"`60`\" pulumi-lang-go=\"`60`\" pulumi-lang-python=\"`60`\" pulumi-lang-yaml=\"`60`\" pulumi-lang-java=\"`60`\"\u003e`60`\u003c/span\u003e.\n"},"authServerId":{"type":"string","description":"Auth server ID\n"},"grantTypeWhitelists":{"type":"array","items":{"type":"string"},"description":"Accepted grant type values, \u003cspan pulumi-lang-nodejs=\"`authorizationCode`\" pulumi-lang-dotnet=\"`AuthorizationCode`\" pulumi-lang-go=\"`authorizationCode`\" pulumi-lang-python=\"`authorization_code`\" pulumi-lang-yaml=\"`authorizationCode`\" pulumi-lang-java=\"`authorizationCode`\"\u003e`authorization_code`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`implicit`\" pulumi-lang-dotnet=\"`Implicit`\" pulumi-lang-go=\"`implicit`\" pulumi-lang-python=\"`implicit`\" pulumi-lang-yaml=\"`implicit`\" pulumi-lang-java=\"`implicit`\"\u003e`implicit`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`password`\" pulumi-lang-dotnet=\"`Password`\" pulumi-lang-go=\"`password`\" pulumi-lang-python=\"`password`\" pulumi-lang-yaml=\"`password`\" pulumi-lang-java=\"`password`\"\u003e`password`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`clientCredentials`\" pulumi-lang-dotnet=\"`ClientCredentials`\" pulumi-lang-go=\"`clientCredentials`\" pulumi-lang-python=\"`client_credentials`\" pulumi-lang-yaml=\"`clientCredentials`\" pulumi-lang-java=\"`clientCredentials`\"\u003e`client_credentials`\u003c/span\u003e, `urn:ietf:params:oauth:grant-type:saml2-bearer` (*Early Access Property*), `urn:ietf:params:oauth:grant-type:token-exchange` (*Early Access Property*),`urn:ietf:params:oauth:grant-type:device_code` (*Early Access Property*), \u003cspan pulumi-lang-nodejs=\"`interactionCode`\" pulumi-lang-dotnet=\"`InteractionCode`\" pulumi-lang-go=\"`interactionCode`\" pulumi-lang-python=\"`interaction_code`\" pulumi-lang-yaml=\"`interactionCode`\" pulumi-lang-java=\"`interactionCode`\"\u003e`interaction_code`\u003c/span\u003e (*OIE only*). For \u003cspan pulumi-lang-nodejs=\"`implicit`\" pulumi-lang-dotnet=\"`Implicit`\" pulumi-lang-go=\"`implicit`\" pulumi-lang-python=\"`implicit`\" pulumi-lang-yaml=\"`implicit`\" pulumi-lang-java=\"`implicit`\"\u003e`implicit`\u003c/span\u003e value either \u003cspan pulumi-lang-nodejs=\"`userWhitelist`\" pulumi-lang-dotnet=\"`UserWhitelist`\" pulumi-lang-go=\"`userWhitelist`\" pulumi-lang-python=\"`user_whitelist`\" pulumi-lang-yaml=\"`userWhitelist`\" pulumi-lang-java=\"`userWhitelist`\"\u003e`user_whitelist`\u003c/span\u003e or \u003cspan pulumi-lang-nodejs=\"`groupWhitelist`\" pulumi-lang-dotnet=\"`GroupWhitelist`\" pulumi-lang-go=\"`groupWhitelist`\" pulumi-lang-python=\"`group_whitelist`\" pulumi-lang-yaml=\"`groupWhitelist`\" pulumi-lang-java=\"`groupWhitelist`\"\u003e`group_whitelist`\u003c/span\u003e should be set.\n"},"groupBlacklists":{"type":"array","items":{"type":"string"},"description":"Specifies a set of Groups whose Users are to be excluded.\n"},"groupWhitelists":{"type":"array","items":{"type":"string"},"description":"Specifies a set of Groups whose Users are to be included. Can be set to Group ID or to the following: `EVERYONE`.\n"},"inlineHookId":{"type":"string","description":"The ID of the inline token to trigger.\n"},"name":{"type":"string","description":"Auth server policy rule name\n"},"policyId":{"type":"string","description":"Auth server policy ID\n"},"priority":{"type":"integer","description":"Priority of the auth server policy rule\n"},"refreshTokenLifetimeMinutes":{"type":"integer","description":"Lifetime of refresh token.\n"},"refreshTokenWindowMinutes":{"type":"integer","description":"Window in which a refresh token can be used. It can be a value between 5 and 2628000 (5 years) minutes. Default is \u003cspan pulumi-lang-nodejs=\"`10080`\" pulumi-lang-dotnet=\"`10080`\" pulumi-lang-go=\"`10080`\" pulumi-lang-python=\"`10080`\" pulumi-lang-yaml=\"`10080`\" pulumi-lang-java=\"`10080`\"\u003e`10080`\u003c/span\u003e (7 days).\u003cspan pulumi-lang-nodejs=\"`refreshTokenWindowMinutes`\" pulumi-lang-dotnet=\"`RefreshTokenWindowMinutes`\" pulumi-lang-go=\"`refreshTokenWindowMinutes`\" pulumi-lang-python=\"`refresh_token_window_minutes`\" pulumi-lang-yaml=\"`refreshTokenWindowMinutes`\" pulumi-lang-java=\"`refreshTokenWindowMinutes`\"\u003e`refresh_token_window_minutes`\u003c/span\u003e must be between \u003cspan pulumi-lang-nodejs=\"`accessTokenLifetimeMinutes`\" pulumi-lang-dotnet=\"`AccessTokenLifetimeMinutes`\" pulumi-lang-go=\"`accessTokenLifetimeMinutes`\" pulumi-lang-python=\"`access_token_lifetime_minutes`\" pulumi-lang-yaml=\"`accessTokenLifetimeMinutes`\" pulumi-lang-java=\"`accessTokenLifetimeMinutes`\"\u003e`access_token_lifetime_minutes`\u003c/span\u003e and \u003cspan pulumi-lang-nodejs=\"`refreshTokenLifetimeMinutes`\" pulumi-lang-dotnet=\"`RefreshTokenLifetimeMinutes`\" pulumi-lang-go=\"`refreshTokenLifetimeMinutes`\" pulumi-lang-python=\"`refresh_token_lifetime_minutes`\" pulumi-lang-yaml=\"`refreshTokenLifetimeMinutes`\" pulumi-lang-java=\"`refreshTokenLifetimeMinutes`\"\u003e`refresh_token_lifetime_minutes`\u003c/span\u003e.\n"},"scopeWhitelists":{"type":"array","items":{"type":"string"},"description":"Scopes allowed for this policy rule. They can be whitelisted by name or all can be whitelisted with `*`\n"},"status":{"type":"string","description":"Default to `ACTIVE`\n"},"system":{"type":"boolean","description":"The rule is the system (default) rule for its associated policy\n"},"type":{"type":"string","description":"Auth server policy rule type, unlikely this will be anything other then the default\n"},"userBlacklists":{"type":"array","items":{"type":"string"},"description":"Specifies a set of Users to be excluded.\n"},"userWhitelists":{"type":"array","items":{"type":"string"},"description":"Specifies a set of Users to be included.\n"}},"type":"object"},"aliases":[{"type":"okta:auth/serverPolicyClaim:ServerPolicyClaim"}]},"okta:auth/serverScope:ServerScope":{"description":"Creates an Authorization Server Scope. This resource allows you to create and configure an Authorization Server Scope.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst example = new okta.auth.ServerScope(\"example\", {\n    authServerId: \"\u003cauth server id\u003e\",\n    metadataPublish: \"NO_CLIENTS\",\n    name: \"example\",\n    consent: \"IMPLICIT\",\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\nexample = okta.auth.ServerScope(\"example\",\n    auth_server_id=\"\u003cauth server id\u003e\",\n    metadata_publish=\"NO_CLIENTS\",\n    name=\"example\",\n    consent=\"IMPLICIT\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var example = new Okta.Auth.ServerScope(\"example\", new()\n    {\n        AuthServerId = \"\u003cauth server id\u003e\",\n        MetadataPublish = \"NO_CLIENTS\",\n        Name = \"example\",\n        Consent = \"IMPLICIT\",\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta/auth\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := auth.NewServerScope(ctx, \"example\", \u0026auth.ServerScopeArgs{\n\t\t\tAuthServerId:    pulumi.String(\"\u003cauth server id\u003e\"),\n\t\t\tMetadataPublish: pulumi.String(\"NO_CLIENTS\"),\n\t\t\tName:            pulumi.String(\"example\"),\n\t\t\tConsent:         pulumi.String(\"IMPLICIT\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.auth.ServerScope;\nimport com.pulumi.okta.auth.ServerScopeArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        var example = new ServerScope(\"example\", ServerScopeArgs.builder()\n            .authServerId(\"\u003cauth server id\u003e\")\n            .metadataPublish(\"NO_CLIENTS\")\n            .name(\"example\")\n            .consent(\"IMPLICIT\")\n            .build());\n\n    }\n}\n```\n```yaml\nresources:\n  example:\n    type: okta:auth:ServerScope\n    properties:\n      authServerId: \u003cauth server id\u003e\n      metadataPublish: NO_CLIENTS\n      name: example\n      consent: IMPLICIT\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\n```sh\n$ pulumi import okta:auth/serverScope:ServerScope example \u003cauth_server_id\u003e/\u003cscope_id\u003e\n```\n\n","properties":{"authServerId":{"type":"string","description":"Auth server ID\n"},"consent":{"type":"string","description":"Indicates whether a consent dialog is needed for the scope. It can be set to `REQUIRED` or `IMPLICIT`. Default: `IMPLICIT`\n"},"default":{"type":"boolean","description":"A default scope will be returned in an access token when the client omits the scope parameter in a token request, provided this scope is allowed as part of the access policy rule.\n"},"description":{"type":"string","description":"Description of the Auth Server Scope.\n"},"displayName":{"type":"string","description":"Name of the end user displayed in a consent dialog box\n"},"metadataPublish":{"type":"string","description":"Whether to publish metadata or not. It can be set to `ALL_CLIENTS` or `NO_CLIENTS`. Default: `ALL_CLIENTS`\n"},"name":{"type":"string","description":"Auth server scope name\n"},"optional":{"type":"boolean","description":"Whether the scope optional\n"},"system":{"type":"boolean","description":"Whether Okta created the Scope\n"}},"required":["authServerId","name","system"],"inputProperties":{"authServerId":{"type":"string","description":"Auth server ID\n"},"consent":{"type":"string","description":"Indicates whether a consent dialog is needed for the scope. It can be set to `REQUIRED` or `IMPLICIT`. Default: `IMPLICIT`\n"},"default":{"type":"boolean","description":"A default scope will be returned in an access token when the client omits the scope parameter in a token request, provided this scope is allowed as part of the access policy rule.\n"},"description":{"type":"string","description":"Description of the Auth Server Scope.\n"},"displayName":{"type":"string","description":"Name of the end user displayed in a consent dialog box\n"},"metadataPublish":{"type":"string","description":"Whether to publish metadata or not. It can be set to `ALL_CLIENTS` or `NO_CLIENTS`. Default: `ALL_CLIENTS`\n"},"name":{"type":"string","description":"Auth server scope name\n"},"optional":{"type":"boolean","description":"Whether the scope optional\n"}},"requiredInputs":["authServerId"],"stateInputs":{"description":"Input properties used for looking up and filtering ServerScope resources.\n","properties":{"authServerId":{"type":"string","description":"Auth server ID\n"},"consent":{"type":"string","description":"Indicates whether a consent dialog is needed for the scope. It can be set to `REQUIRED` or `IMPLICIT`. Default: `IMPLICIT`\n"},"default":{"type":"boolean","description":"A default scope will be returned in an access token when the client omits the scope parameter in a token request, provided this scope is allowed as part of the access policy rule.\n"},"description":{"type":"string","description":"Description of the Auth Server Scope.\n"},"displayName":{"type":"string","description":"Name of the end user displayed in a consent dialog box\n"},"metadataPublish":{"type":"string","description":"Whether to publish metadata or not. It can be set to `ALL_CLIENTS` or `NO_CLIENTS`. Default: `ALL_CLIENTS`\n"},"name":{"type":"string","description":"Auth server scope name\n"},"optional":{"type":"boolean","description":"Whether the scope optional\n"},"system":{"type":"boolean","description":"Whether Okta created the Scope\n"}},"type":"object"}},"okta:factor/factor:Factor":{"description":"Allows you to manage the activation of Okta MFA methods. This resource allows you to manage Okta MFA methods.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst example = new okta.factor.Factor(\"example\", {providerId: \"google_otp\"});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\nexample = okta.factor.Factor(\"example\", provider_id=\"google_otp\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var example = new Okta.Factor.Factor(\"example\", new()\n    {\n        ProviderId = \"google_otp\",\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta/factor\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := factor.NewFactor(ctx, \"example\", \u0026factor.FactorArgs{\n\t\t\tProviderId: pulumi.String(\"google_otp\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.factor.Factor;\nimport com.pulumi.okta.factor.FactorArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        var example = new Factor(\"example\", FactorArgs.builder()\n            .providerId(\"google_otp\")\n            .build());\n\n    }\n}\n```\n```yaml\nresources:\n  example:\n    type: okta:factor:Factor\n    properties:\n      providerId: google_otp\n```\n\u003c!--End PulumiCodeChooser --\u003e\n","properties":{"active":{"type":"boolean","description":"Whether to activate the provider, by default, it is set to \u003cspan pulumi-lang-nodejs=\"`true`\" pulumi-lang-dotnet=\"`True`\" pulumi-lang-go=\"`true`\" pulumi-lang-python=\"`true`\" pulumi-lang-yaml=\"`true`\" pulumi-lang-java=\"`true`\"\u003e`true`\u003c/span\u003e.\n"},"providerId":{"type":"string","description":"The MFA provider name. Allowed values are \u003cspan pulumi-lang-nodejs=\"`duo`\" pulumi-lang-dotnet=\"`Duo`\" pulumi-lang-go=\"`duo`\" pulumi-lang-python=\"`duo`\" pulumi-lang-yaml=\"`duo`\" pulumi-lang-java=\"`duo`\"\u003e`duo`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`fidoU2f`\" pulumi-lang-dotnet=\"`FidoU2f`\" pulumi-lang-go=\"`fidoU2f`\" pulumi-lang-python=\"`fido_u2f`\" pulumi-lang-yaml=\"`fidoU2f`\" pulumi-lang-java=\"`fidoU2f`\"\u003e`fido_u2f`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`fidoWebauthn`\" pulumi-lang-dotnet=\"`FidoWebauthn`\" pulumi-lang-go=\"`fidoWebauthn`\" pulumi-lang-python=\"`fido_webauthn`\" pulumi-lang-yaml=\"`fidoWebauthn`\" pulumi-lang-java=\"`fidoWebauthn`\"\u003e`fido_webauthn`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`googleOtp`\" pulumi-lang-dotnet=\"`GoogleOtp`\" pulumi-lang-go=\"`googleOtp`\" pulumi-lang-python=\"`google_otp`\" pulumi-lang-yaml=\"`googleOtp`\" pulumi-lang-java=\"`googleOtp`\"\u003e`google_otp`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`oktaCall`\" pulumi-lang-dotnet=\"`OktaCall`\" pulumi-lang-go=\"`oktaCall`\" pulumi-lang-python=\"`okta_call`\" pulumi-lang-yaml=\"`oktaCall`\" pulumi-lang-java=\"`oktaCall`\"\u003e`okta_call`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`oktaOtp`\" pulumi-lang-dotnet=\"`OktaOtp`\" pulumi-lang-go=\"`oktaOtp`\" pulumi-lang-python=\"`okta_otp`\" pulumi-lang-yaml=\"`oktaOtp`\" pulumi-lang-java=\"`oktaOtp`\"\u003e`okta_otp`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`oktaPassword`\" pulumi-lang-dotnet=\"`OktaPassword`\" pulumi-lang-go=\"`oktaPassword`\" pulumi-lang-python=\"`okta_password`\" pulumi-lang-yaml=\"`oktaPassword`\" pulumi-lang-java=\"`oktaPassword`\"\u003e`okta_password`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`oktaPush`\" pulumi-lang-dotnet=\"`OktaPush`\" pulumi-lang-go=\"`oktaPush`\" pulumi-lang-python=\"`okta_push`\" pulumi-lang-yaml=\"`oktaPush`\" pulumi-lang-java=\"`oktaPush`\"\u003e`okta_push`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`oktaQuestion`\" pulumi-lang-dotnet=\"`OktaQuestion`\" pulumi-lang-go=\"`oktaQuestion`\" pulumi-lang-python=\"`okta_question`\" pulumi-lang-yaml=\"`oktaQuestion`\" pulumi-lang-java=\"`oktaQuestion`\"\u003e`okta_question`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`oktaSms`\" pulumi-lang-dotnet=\"`OktaSms`\" pulumi-lang-go=\"`oktaSms`\" pulumi-lang-python=\"`okta_sms`\" pulumi-lang-yaml=\"`oktaSms`\" pulumi-lang-java=\"`oktaSms`\"\u003e`okta_sms`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`oktaEmail`\" pulumi-lang-dotnet=\"`OktaEmail`\" pulumi-lang-go=\"`oktaEmail`\" pulumi-lang-python=\"`okta_email`\" pulumi-lang-yaml=\"`oktaEmail`\" pulumi-lang-java=\"`oktaEmail`\"\u003e`okta_email`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`rsaToken`\" pulumi-lang-dotnet=\"`RsaToken`\" pulumi-lang-go=\"`rsaToken`\" pulumi-lang-python=\"`rsa_token`\" pulumi-lang-yaml=\"`rsaToken`\" pulumi-lang-java=\"`rsaToken`\"\u003e`rsa_token`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`symantecVip`\" pulumi-lang-dotnet=\"`SymantecVip`\" pulumi-lang-go=\"`symantecVip`\" pulumi-lang-python=\"`symantec_vip`\" pulumi-lang-yaml=\"`symantecVip`\" pulumi-lang-java=\"`symantecVip`\"\u003e`symantec_vip`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`yubikeyToken`\" pulumi-lang-dotnet=\"`YubikeyToken`\" pulumi-lang-go=\"`yubikeyToken`\" pulumi-lang-python=\"`yubikey_token`\" pulumi-lang-yaml=\"`yubikeyToken`\" pulumi-lang-java=\"`yubikeyToken`\"\u003e`yubikey_token`\u003c/span\u003e, or \u003cspan pulumi-lang-nodejs=\"`hotp`\" pulumi-lang-dotnet=\"`Hotp`\" pulumi-lang-go=\"`hotp`\" pulumi-lang-python=\"`hotp`\" pulumi-lang-yaml=\"`hotp`\" pulumi-lang-java=\"`hotp`\"\u003e`hotp`\u003c/span\u003e.\n"}},"required":["providerId"],"inputProperties":{"active":{"type":"boolean","description":"Whether to activate the provider, by default, it is set to \u003cspan pulumi-lang-nodejs=\"`true`\" pulumi-lang-dotnet=\"`True`\" pulumi-lang-go=\"`true`\" pulumi-lang-python=\"`true`\" pulumi-lang-yaml=\"`true`\" pulumi-lang-java=\"`true`\"\u003e`true`\u003c/span\u003e.\n"},"providerId":{"type":"string","description":"The MFA provider name. Allowed values are \u003cspan pulumi-lang-nodejs=\"`duo`\" pulumi-lang-dotnet=\"`Duo`\" pulumi-lang-go=\"`duo`\" pulumi-lang-python=\"`duo`\" pulumi-lang-yaml=\"`duo`\" pulumi-lang-java=\"`duo`\"\u003e`duo`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`fidoU2f`\" pulumi-lang-dotnet=\"`FidoU2f`\" pulumi-lang-go=\"`fidoU2f`\" pulumi-lang-python=\"`fido_u2f`\" pulumi-lang-yaml=\"`fidoU2f`\" pulumi-lang-java=\"`fidoU2f`\"\u003e`fido_u2f`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`fidoWebauthn`\" pulumi-lang-dotnet=\"`FidoWebauthn`\" pulumi-lang-go=\"`fidoWebauthn`\" pulumi-lang-python=\"`fido_webauthn`\" pulumi-lang-yaml=\"`fidoWebauthn`\" pulumi-lang-java=\"`fidoWebauthn`\"\u003e`fido_webauthn`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`googleOtp`\" pulumi-lang-dotnet=\"`GoogleOtp`\" pulumi-lang-go=\"`googleOtp`\" pulumi-lang-python=\"`google_otp`\" pulumi-lang-yaml=\"`googleOtp`\" pulumi-lang-java=\"`googleOtp`\"\u003e`google_otp`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`oktaCall`\" pulumi-lang-dotnet=\"`OktaCall`\" pulumi-lang-go=\"`oktaCall`\" pulumi-lang-python=\"`okta_call`\" pulumi-lang-yaml=\"`oktaCall`\" pulumi-lang-java=\"`oktaCall`\"\u003e`okta_call`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`oktaOtp`\" pulumi-lang-dotnet=\"`OktaOtp`\" pulumi-lang-go=\"`oktaOtp`\" pulumi-lang-python=\"`okta_otp`\" pulumi-lang-yaml=\"`oktaOtp`\" pulumi-lang-java=\"`oktaOtp`\"\u003e`okta_otp`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`oktaPassword`\" pulumi-lang-dotnet=\"`OktaPassword`\" pulumi-lang-go=\"`oktaPassword`\" pulumi-lang-python=\"`okta_password`\" pulumi-lang-yaml=\"`oktaPassword`\" pulumi-lang-java=\"`oktaPassword`\"\u003e`okta_password`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`oktaPush`\" pulumi-lang-dotnet=\"`OktaPush`\" pulumi-lang-go=\"`oktaPush`\" pulumi-lang-python=\"`okta_push`\" pulumi-lang-yaml=\"`oktaPush`\" pulumi-lang-java=\"`oktaPush`\"\u003e`okta_push`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`oktaQuestion`\" pulumi-lang-dotnet=\"`OktaQuestion`\" pulumi-lang-go=\"`oktaQuestion`\" pulumi-lang-python=\"`okta_question`\" pulumi-lang-yaml=\"`oktaQuestion`\" pulumi-lang-java=\"`oktaQuestion`\"\u003e`okta_question`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`oktaSms`\" pulumi-lang-dotnet=\"`OktaSms`\" pulumi-lang-go=\"`oktaSms`\" pulumi-lang-python=\"`okta_sms`\" pulumi-lang-yaml=\"`oktaSms`\" pulumi-lang-java=\"`oktaSms`\"\u003e`okta_sms`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`oktaEmail`\" pulumi-lang-dotnet=\"`OktaEmail`\" pulumi-lang-go=\"`oktaEmail`\" pulumi-lang-python=\"`okta_email`\" pulumi-lang-yaml=\"`oktaEmail`\" pulumi-lang-java=\"`oktaEmail`\"\u003e`okta_email`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`rsaToken`\" pulumi-lang-dotnet=\"`RsaToken`\" pulumi-lang-go=\"`rsaToken`\" pulumi-lang-python=\"`rsa_token`\" pulumi-lang-yaml=\"`rsaToken`\" pulumi-lang-java=\"`rsaToken`\"\u003e`rsa_token`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`symantecVip`\" pulumi-lang-dotnet=\"`SymantecVip`\" pulumi-lang-go=\"`symantecVip`\" pulumi-lang-python=\"`symantec_vip`\" pulumi-lang-yaml=\"`symantecVip`\" pulumi-lang-java=\"`symantecVip`\"\u003e`symantec_vip`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`yubikeyToken`\" pulumi-lang-dotnet=\"`YubikeyToken`\" pulumi-lang-go=\"`yubikeyToken`\" pulumi-lang-python=\"`yubikey_token`\" pulumi-lang-yaml=\"`yubikeyToken`\" pulumi-lang-java=\"`yubikeyToken`\"\u003e`yubikey_token`\u003c/span\u003e, or \u003cspan pulumi-lang-nodejs=\"`hotp`\" pulumi-lang-dotnet=\"`Hotp`\" pulumi-lang-go=\"`hotp`\" pulumi-lang-python=\"`hotp`\" pulumi-lang-yaml=\"`hotp`\" pulumi-lang-java=\"`hotp`\"\u003e`hotp`\u003c/span\u003e.\n","willReplaceOnChanges":true}},"requiredInputs":["providerId"],"stateInputs":{"description":"Input properties used for looking up and filtering Factor resources.\n","properties":{"active":{"type":"boolean","description":"Whether to activate the provider, by default, it is set to \u003cspan pulumi-lang-nodejs=\"`true`\" pulumi-lang-dotnet=\"`True`\" pulumi-lang-go=\"`true`\" pulumi-lang-python=\"`true`\" pulumi-lang-yaml=\"`true`\" pulumi-lang-java=\"`true`\"\u003e`true`\u003c/span\u003e.\n"},"providerId":{"type":"string","description":"The MFA provider name. Allowed values are \u003cspan pulumi-lang-nodejs=\"`duo`\" pulumi-lang-dotnet=\"`Duo`\" pulumi-lang-go=\"`duo`\" pulumi-lang-python=\"`duo`\" pulumi-lang-yaml=\"`duo`\" pulumi-lang-java=\"`duo`\"\u003e`duo`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`fidoU2f`\" pulumi-lang-dotnet=\"`FidoU2f`\" pulumi-lang-go=\"`fidoU2f`\" pulumi-lang-python=\"`fido_u2f`\" pulumi-lang-yaml=\"`fidoU2f`\" pulumi-lang-java=\"`fidoU2f`\"\u003e`fido_u2f`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`fidoWebauthn`\" pulumi-lang-dotnet=\"`FidoWebauthn`\" pulumi-lang-go=\"`fidoWebauthn`\" pulumi-lang-python=\"`fido_webauthn`\" pulumi-lang-yaml=\"`fidoWebauthn`\" pulumi-lang-java=\"`fidoWebauthn`\"\u003e`fido_webauthn`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`googleOtp`\" pulumi-lang-dotnet=\"`GoogleOtp`\" pulumi-lang-go=\"`googleOtp`\" pulumi-lang-python=\"`google_otp`\" pulumi-lang-yaml=\"`googleOtp`\" pulumi-lang-java=\"`googleOtp`\"\u003e`google_otp`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`oktaCall`\" pulumi-lang-dotnet=\"`OktaCall`\" pulumi-lang-go=\"`oktaCall`\" pulumi-lang-python=\"`okta_call`\" pulumi-lang-yaml=\"`oktaCall`\" pulumi-lang-java=\"`oktaCall`\"\u003e`okta_call`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`oktaOtp`\" pulumi-lang-dotnet=\"`OktaOtp`\" pulumi-lang-go=\"`oktaOtp`\" pulumi-lang-python=\"`okta_otp`\" pulumi-lang-yaml=\"`oktaOtp`\" pulumi-lang-java=\"`oktaOtp`\"\u003e`okta_otp`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`oktaPassword`\" pulumi-lang-dotnet=\"`OktaPassword`\" pulumi-lang-go=\"`oktaPassword`\" pulumi-lang-python=\"`okta_password`\" pulumi-lang-yaml=\"`oktaPassword`\" pulumi-lang-java=\"`oktaPassword`\"\u003e`okta_password`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`oktaPush`\" pulumi-lang-dotnet=\"`OktaPush`\" pulumi-lang-go=\"`oktaPush`\" pulumi-lang-python=\"`okta_push`\" pulumi-lang-yaml=\"`oktaPush`\" pulumi-lang-java=\"`oktaPush`\"\u003e`okta_push`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`oktaQuestion`\" pulumi-lang-dotnet=\"`OktaQuestion`\" pulumi-lang-go=\"`oktaQuestion`\" pulumi-lang-python=\"`okta_question`\" pulumi-lang-yaml=\"`oktaQuestion`\" pulumi-lang-java=\"`oktaQuestion`\"\u003e`okta_question`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`oktaSms`\" pulumi-lang-dotnet=\"`OktaSms`\" pulumi-lang-go=\"`oktaSms`\" pulumi-lang-python=\"`okta_sms`\" pulumi-lang-yaml=\"`oktaSms`\" pulumi-lang-java=\"`oktaSms`\"\u003e`okta_sms`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`oktaEmail`\" pulumi-lang-dotnet=\"`OktaEmail`\" pulumi-lang-go=\"`oktaEmail`\" pulumi-lang-python=\"`okta_email`\" pulumi-lang-yaml=\"`oktaEmail`\" pulumi-lang-java=\"`oktaEmail`\"\u003e`okta_email`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`rsaToken`\" pulumi-lang-dotnet=\"`RsaToken`\" pulumi-lang-go=\"`rsaToken`\" pulumi-lang-python=\"`rsa_token`\" pulumi-lang-yaml=\"`rsaToken`\" pulumi-lang-java=\"`rsaToken`\"\u003e`rsa_token`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`symantecVip`\" pulumi-lang-dotnet=\"`SymantecVip`\" pulumi-lang-go=\"`symantecVip`\" pulumi-lang-python=\"`symantec_vip`\" pulumi-lang-yaml=\"`symantecVip`\" pulumi-lang-java=\"`symantecVip`\"\u003e`symantec_vip`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`yubikeyToken`\" pulumi-lang-dotnet=\"`YubikeyToken`\" pulumi-lang-go=\"`yubikeyToken`\" pulumi-lang-python=\"`yubikey_token`\" pulumi-lang-yaml=\"`yubikeyToken`\" pulumi-lang-java=\"`yubikeyToken`\"\u003e`yubikey_token`\u003c/span\u003e, or \u003cspan pulumi-lang-nodejs=\"`hotp`\" pulumi-lang-dotnet=\"`Hotp`\" pulumi-lang-go=\"`hotp`\" pulumi-lang-python=\"`hotp`\" pulumi-lang-yaml=\"`hotp`\" pulumi-lang-java=\"`hotp`\"\u003e`hotp`\u003c/span\u003e.\n","willReplaceOnChanges":true}},"type":"object"}},"okta:group/group:Group":{"description":"Creates an Okta Group. This resource allows you to create and configure an Okta Group.\n\n## Import\n\n```sh\n$ pulumi import okta:group/group:Group example \u003cgroup_id\u003e\n```\n\n","properties":{"customProfileAttributes":{"type":"string","description":"JSON formatted custom attributes for a group. It must be JSON due to various types Okta allows.\n"},"description":{"type":"string","description":"The description of the Okta Group.\n"},"name":{"type":"string","description":"The name of the Okta Group.\n"},"skipUsers":{"type":"boolean","description":"Ignore users sync. This is a temporary solution until 'users' field is supported in all the app-like resources\n","deprecationMessage":"Because users has been removed, this attribute is a no op and will be removed"}},"required":["name"],"inputProperties":{"customProfileAttributes":{"type":"string","description":"JSON formatted custom attributes for a group. It must be JSON due to various types Okta allows.\n"},"description":{"type":"string","description":"The description of the Okta Group.\n"},"name":{"type":"string","description":"The name of the Okta Group.\n"},"skipUsers":{"type":"boolean","description":"Ignore users sync. This is a temporary solution until 'users' field is supported in all the app-like resources\n","deprecationMessage":"Because users has been removed, this attribute is a no op and will be removed"}},"stateInputs":{"description":"Input properties used for looking up and filtering Group resources.\n","properties":{"customProfileAttributes":{"type":"string","description":"JSON formatted custom attributes for a group. It must be JSON due to various types Okta allows.\n"},"description":{"type":"string","description":"The description of the Okta Group.\n"},"name":{"type":"string","description":"The name of the Okta Group.\n"},"skipUsers":{"type":"boolean","description":"Ignore users sync. This is a temporary solution until 'users' field is supported in all the app-like resources\n","deprecationMessage":"Because users has been removed, this attribute is a no op and will be removed"}},"type":"object"}},"okta:group/owner:Owner":{"description":"Manages group owner resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst test = new okta.user.User(\"test\", {\n    firstName: \"TestAcc\",\n    lastName: \"Smith\",\n    login: \"testAcc-replace_with_uuid@example.com\",\n    email: \"testAcc-replace_with_uuid@example.com\",\n});\nconst testGroup = new okta.group.Group(\"test\", {name: \"testAcc_replace_with_uuid\"});\nconst testOwner = new okta.group.Owner(\"test\", {\n    groupId: testGroup.id,\n    idOfGroupOwner: test.id,\n    type: \"USER\",\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\ntest = okta.user.User(\"test\",\n    first_name=\"TestAcc\",\n    last_name=\"Smith\",\n    login=\"testAcc-replace_with_uuid@example.com\",\n    email=\"testAcc-replace_with_uuid@example.com\")\ntest_group = okta.group.Group(\"test\", name=\"testAcc_replace_with_uuid\")\ntest_owner = okta.group.Owner(\"test\",\n    group_id=test_group.id,\n    id_of_group_owner=test.id,\n    type=\"USER\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var test = new Okta.User.User(\"test\", new()\n    {\n        FirstName = \"TestAcc\",\n        LastName = \"Smith\",\n        Login = \"testAcc-replace_with_uuid@example.com\",\n        Email = \"testAcc-replace_with_uuid@example.com\",\n    });\n\n    var testGroup = new Okta.Group.Group(\"test\", new()\n    {\n        Name = \"testAcc_replace_with_uuid\",\n    });\n\n    var testOwner = new Okta.Group.Owner(\"test\", new()\n    {\n        GroupId = testGroup.Id,\n        IdOfGroupOwner = test.Id,\n        Type = \"USER\",\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta/group\"\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta/user\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttest, err := user.NewUser(ctx, \"test\", \u0026user.UserArgs{\n\t\t\tFirstName: pulumi.String(\"TestAcc\"),\n\t\t\tLastName:  pulumi.String(\"Smith\"),\n\t\t\tLogin:     pulumi.String(\"testAcc-replace_with_uuid@example.com\"),\n\t\t\tEmail:     pulumi.String(\"testAcc-replace_with_uuid@example.com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestGroup, err := group.NewGroup(ctx, \"test\", \u0026group.GroupArgs{\n\t\t\tName: pulumi.String(\"testAcc_replace_with_uuid\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = group.NewOwner(ctx, \"test\", \u0026group.OwnerArgs{\n\t\t\tGroupId:        testGroup.ID(),\n\t\t\tIdOfGroupOwner: test.ID(),\n\t\t\tType:           pulumi.String(\"USER\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.user.User;\nimport com.pulumi.okta.user.UserArgs;\nimport com.pulumi.okta.group.Group;\nimport com.pulumi.okta.group.GroupArgs;\nimport com.pulumi.okta.group.Owner;\nimport com.pulumi.okta.group.OwnerArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        var test = new User(\"test\", UserArgs.builder()\n            .firstName(\"TestAcc\")\n            .lastName(\"Smith\")\n            .login(\"testAcc-replace_with_uuid@example.com\")\n            .email(\"testAcc-replace_with_uuid@example.com\")\n            .build());\n\n        var testGroup = new Group(\"testGroup\", GroupArgs.builder()\n            .name(\"testAcc_replace_with_uuid\")\n            .build());\n\n        var testOwner = new Owner(\"testOwner\", OwnerArgs.builder()\n            .groupId(testGroup.id())\n            .idOfGroupOwner(test.id())\n            .type(\"USER\")\n            .build());\n\n    }\n}\n```\n```yaml\nresources:\n  test:\n    type: okta:user:User\n    properties:\n      firstName: TestAcc\n      lastName: Smith\n      login: testAcc-replace_with_uuid@example.com\n      email: testAcc-replace_with_uuid@example.com\n  testGroup:\n    type: okta:group:Group\n    name: test\n    properties:\n      name: testAcc_replace_with_uuid\n  testOwner:\n    type: okta:group:Owner\n    name: test\n    properties:\n      groupId: ${testGroup.id}\n      idOfGroupOwner: ${test.id}\n      type: USER\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nAn okta_group_owner resource can be imported using the following format:\n\nbash\n\n```sh\n$ pulumi import okta:group/owner:Owner example group_id/group_owner_id\n```\n\nWhere:\n\n- `group_id` is the ID of the group\n\n- `group_owner_id` is the ID of the group owner resource\n\n**Example:**\n\nbash\n\n```sh\n$ pulumi import okta:group/owner:Owner example group_123/group_owner_456\n```\n\n","properties":{"displayName":{"type":"string","description":"The display name of the group owner\n"},"groupId":{"type":"string","description":"The id of the group\n"},"idOfGroupOwner":{"type":"string","description":"The user id of the group owner\n"},"originId":{"type":"string","description":"The ID of the app instance if the originType is APPLICATION. This value is NULL if originType is OKTA_DIRECTORY.\n"},"originType":{"type":"string","description":"The source where group ownership is managed. Enum: \"APPLICATION\" \"OKTA_DIRECTORY\"\n"},"resolved":{"type":"boolean","description":"If originType is APPLICATION, this parameter is set to FALSE until the owner's originId is reconciled with an associated Okta ID.\n"},"type":{"type":"string","description":"The entity type of the owner. Enum: \"GROUP\" \"USER\"\n"}},"required":["displayName","groupId","idOfGroupOwner","originId","originType","resolved","type"],"inputProperties":{"groupId":{"type":"string","description":"The id of the group\n"},"idOfGroupOwner":{"type":"string","description":"The user id of the group owner\n"},"type":{"type":"string","description":"The entity type of the owner. Enum: \"GROUP\" \"USER\"\n"}},"requiredInputs":["groupId","idOfGroupOwner","type"],"stateInputs":{"description":"Input properties used for looking up and filtering Owner resources.\n","properties":{"displayName":{"type":"string","description":"The display name of the group owner\n"},"groupId":{"type":"string","description":"The id of the group\n"},"idOfGroupOwner":{"type":"string","description":"The user id of the group owner\n"},"originId":{"type":"string","description":"The ID of the app instance if the originType is APPLICATION. This value is NULL if originType is OKTA_DIRECTORY.\n"},"originType":{"type":"string","description":"The source where group ownership is managed. Enum: \"APPLICATION\" \"OKTA_DIRECTORY\"\n"},"resolved":{"type":"boolean","description":"If originType is APPLICATION, this parameter is set to FALSE until the owner's originId is reconciled with an associated Okta ID.\n"},"type":{"type":"string","description":"The entity type of the owner. Enum: \"GROUP\" \"USER\"\n"}},"type":"object"}},"okta:group/role:Role":{"description":"Assigns Admin roles to Okta Groups. This resource allows you to assign Okta administrator roles to Okta Groups. This resource provides a one-to-one interface between the Okta group and the admin role.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\nimport * as std from \"@pulumi/std\";\n\nconst example = new okta.group.Role(\"example\", {\n    groupId: \"\u003cgroup id\u003e\",\n    roleType: \"READ_ONLY_ADMIN\",\n});\n// Example for CUSTOM role\nconst test = new okta.group.Group(\"test\", {\n    name: \"testAcc_replace_with_uuid\",\n    description: \"testing\",\n});\nconst testResourceSet = new okta.ResourceSet(\"test\", {\n    label: \"test\",\n    description: \"testing, testing\",\n    resources: [std.index.format({\n        input: \"%s/api/v1/users\",\n        args: [\"https://tien-oie-2023-26-26.oktapreview.com\"],\n    }).result],\n});\nconst testAdminRoleCustom = new okta.AdminRoleCustom(\"test\", {\n    label: \"testt\",\n    description: \"testing, testing\",\n    permissions: [\n        \"okta.apps.assignment.manage\",\n        \"okta.users.manage\",\n        \"okta.apps.manage\",\n    ],\n});\nconst testRole = new okta.group.Role(\"test\", {\n    groupId: test.id,\n    roleId: testAdminRoleCustom.id,\n    resourceSetId: testResourceSet.id,\n    roleType: \"CUSTOM\",\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\nimport pulumi_std as std\n\nexample = okta.group.Role(\"example\",\n    group_id=\"\u003cgroup id\u003e\",\n    role_type=\"READ_ONLY_ADMIN\")\n# Example for CUSTOM role\ntest = okta.group.Group(\"test\",\n    name=\"testAcc_replace_with_uuid\",\n    description=\"testing\")\ntest_resource_set = okta.ResourceSet(\"test\",\n    label=\"test\",\n    description=\"testing, testing\",\n    resources=[std.index.format(input=\"%s/api/v1/users\",\n        args=[\"https://tien-oie-2023-26-26.oktapreview.com\"])[\"result\"]])\ntest_admin_role_custom = okta.AdminRoleCustom(\"test\",\n    label=\"testt\",\n    description=\"testing, testing\",\n    permissions=[\n        \"okta.apps.assignment.manage\",\n        \"okta.users.manage\",\n        \"okta.apps.manage\",\n    ])\ntest_role = okta.group.Role(\"test\",\n    group_id=test.id,\n    role_id=test_admin_role_custom.id,\n    resource_set_id=test_resource_set.id,\n    role_type=\"CUSTOM\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\nusing Std = Pulumi.Std;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var example = new Okta.Group.Role(\"example\", new()\n    {\n        GroupId = \"\u003cgroup id\u003e\",\n        RoleType = \"READ_ONLY_ADMIN\",\n    });\n\n    // Example for CUSTOM role\n    var test = new Okta.Group.Group(\"test\", new()\n    {\n        Name = \"testAcc_replace_with_uuid\",\n        Description = \"testing\",\n    });\n\n    var testResourceSet = new Okta.ResourceSet(\"test\", new()\n    {\n        Label = \"test\",\n        Description = \"testing, testing\",\n        Resources = new[]\n        {\n            Std.Index.Format.Invoke(new()\n            {\n                Input = \"%s/api/v1/users\",\n                Args = new[]\n                {\n                    \"https://tien-oie-2023-26-26.oktapreview.com\",\n                },\n            }).Result,\n        },\n    });\n\n    var testAdminRoleCustom = new Okta.AdminRoleCustom(\"test\", new()\n    {\n        Label = \"testt\",\n        Description = \"testing, testing\",\n        Permissions = new[]\n        {\n            \"okta.apps.assignment.manage\",\n            \"okta.users.manage\",\n            \"okta.apps.manage\",\n        },\n    });\n\n    var testRole = new Okta.Group.Role(\"test\", new()\n    {\n        GroupId = test.Id,\n        RoleId = testAdminRoleCustom.Id,\n        ResourceSetId = testResourceSet.Id,\n        RoleType = \"CUSTOM\",\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta\"\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta/group\"\n\t\"github.com/pulumi/pulumi-std/sdk/go/std\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := group.NewRole(ctx, \"example\", \u0026group.RoleArgs{\n\t\t\tGroupId:  pulumi.String(\"\u003cgroup id\u003e\"),\n\t\t\tRoleType: pulumi.String(\"READ_ONLY_ADMIN\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// Example for CUSTOM role\n\t\ttest, err := group.NewGroup(ctx, \"test\", \u0026group.GroupArgs{\n\t\t\tName:        pulumi.String(\"testAcc_replace_with_uuid\"),\n\t\t\tDescription: pulumi.String(\"testing\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tinvokeFormat, err := std.Format(ctx, map[string]interface{}{\n\t\t\t\"input\": \"%s/api/v1/users\",\n\t\t\t\"args\": []string{\n\t\t\t\t\"https://tien-oie-2023-26-26.oktapreview.com\",\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestResourceSet, err := okta.NewResourceSet(ctx, \"test\", \u0026okta.ResourceSetArgs{\n\t\t\tLabel:       pulumi.String(\"test\"),\n\t\t\tDescription: pulumi.String(\"testing, testing\"),\n\t\t\tResources: pulumi.StringArray{\n\t\t\t\tinvokeFormat.Result,\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestAdminRoleCustom, err := okta.NewAdminRoleCustom(ctx, \"test\", \u0026okta.AdminRoleCustomArgs{\n\t\t\tLabel:       pulumi.String(\"testt\"),\n\t\t\tDescription: pulumi.String(\"testing, testing\"),\n\t\t\tPermissions: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"okta.apps.assignment.manage\"),\n\t\t\t\tpulumi.String(\"okta.users.manage\"),\n\t\t\t\tpulumi.String(\"okta.apps.manage\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = group.NewRole(ctx, \"test\", \u0026group.RoleArgs{\n\t\t\tGroupId:       test.ID(),\n\t\t\tRoleId:        testAdminRoleCustom.ID(),\n\t\t\tResourceSetId: testResourceSet.ID(),\n\t\t\tRoleType:      pulumi.String(\"CUSTOM\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.group.Role;\nimport com.pulumi.okta.group.RoleArgs;\nimport com.pulumi.okta.group.Group;\nimport com.pulumi.okta.group.GroupArgs;\nimport com.pulumi.okta.ResourceSet;\nimport com.pulumi.okta.ResourceSetArgs;\nimport com.pulumi.std.StdFunctions;\nimport com.pulumi.okta.AdminRoleCustom;\nimport com.pulumi.okta.AdminRoleCustomArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        var example = new Role(\"example\", RoleArgs.builder()\n            .groupId(\"\u003cgroup id\u003e\")\n            .roleType(\"READ_ONLY_ADMIN\")\n            .build());\n\n        // Example for CUSTOM role\n        var test = new Group(\"test\", GroupArgs.builder()\n            .name(\"testAcc_replace_with_uuid\")\n            .description(\"testing\")\n            .build());\n\n        var testResourceSet = new ResourceSet(\"testResourceSet\", ResourceSetArgs.builder()\n            .label(\"test\")\n            .description(\"testing, testing\")\n            .resources(StdFunctions.format(Map.ofEntries(\n                Map.entry(\"input\", \"%s/api/v1/users\"),\n                Map.entry(\"args\", \"https://tien-oie-2023-26-26.oktapreview.com\")\n            )).result())\n            .build());\n\n        var testAdminRoleCustom = new AdminRoleCustom(\"testAdminRoleCustom\", AdminRoleCustomArgs.builder()\n            .label(\"testt\")\n            .description(\"testing, testing\")\n            .permissions(            \n                \"okta.apps.assignment.manage\",\n                \"okta.users.manage\",\n                \"okta.apps.manage\")\n            .build());\n\n        var testRole = new Role(\"testRole\", RoleArgs.builder()\n            .groupId(test.id())\n            .roleId(testAdminRoleCustom.id())\n            .resourceSetId(testResourceSet.id())\n            .roleType(\"CUSTOM\")\n            .build());\n\n    }\n}\n```\n```yaml\nresources:\n  example:\n    type: okta:group:Role\n    properties:\n      groupId: \u003cgroup id\u003e\n      roleType: READ_ONLY_ADMIN\n  # Example for CUSTOM role\n  test:\n    type: okta:group:Group\n    properties:\n      name: testAcc_replace_with_uuid\n      description: testing\n  testResourceSet:\n    type: okta:ResourceSet\n    name: test\n    properties:\n      label: test\n      description: testing, testing\n      resources:\n        - fn::invoke:\n            function: std:format\n            arguments:\n              input: '%s/api/v1/users'\n              args:\n                - https://tien-oie-2023-26-26.oktapreview.com\n            return: result\n  testAdminRoleCustom:\n    type: okta:AdminRoleCustom\n    name: test\n    properties:\n      label: testt\n      description: testing, testing\n      permissions:\n        - okta.apps.assignment.manage\n        - okta.users.manage\n        - okta.apps.manage\n  testRole:\n    type: okta:group:Role\n    name: test\n    properties:\n      groupId: ${test.id}\n      roleId: ${testAdminRoleCustom.id}\n      resourceSetId: ${testResourceSet.id}\n      roleType: CUSTOM\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\n```sh\n$ pulumi import okta:group/role:Role example \u003cgroup_id\u003e/\u003crole_id\u003e\n```\n\n","properties":{"disableNotifications":{"type":"boolean","description":"When this setting is enabled, the admins won't receive any of the default Okta administrator emails. These admins also won't have access to contact Okta Support and open support cases on behalf of your org."},"groupId":{"type":"string","description":"ID of group to attach admin roles to"},"resourceSetId":{"type":"string","description":"Resource Set ID. Required for\u003cspan pulumi-lang-nodejs=\" roleType \" pulumi-lang-dotnet=\" RoleType \" pulumi-lang-go=\" roleType \" pulumi-lang-python=\" role_type \" pulumi-lang-yaml=\" roleType \" pulumi-lang-java=\" roleType \"\u003e role_type \u003c/span\u003e= `CUSTOM`"},"roleId":{"type":"string","description":"Role ID. Required for\u003cspan pulumi-lang-nodejs=\" roleType \" pulumi-lang-dotnet=\" RoleType \" pulumi-lang-go=\" roleType \" pulumi-lang-python=\" role_type \" pulumi-lang-yaml=\" roleType \" pulumi-lang-java=\" roleType \"\u003e role_type \u003c/span\u003e= `CUSTOM`"},"roleType":{"type":"string","description":"Admin role assigned to the group. It can be any one of the following values:\n\t\"API_ADMIN\",\n\t\"APP_ADMIN\",\n\t\"CUSTOM\",\n\t\"GROUP_MEMBERSHIP_ADMIN\",\n\t\"HELP_DESK_ADMIN\",\n\t\"MOBILE_ADMIN\",\n\t\"ORG_ADMIN\",\n\t\"READ_ONLY_ADMIN\",\n\t\"REPORT_ADMIN\",\n\t\"SUPER_ADMIN\",\n\t\"USER_ADMIN\"\n\t. See [API Docs](https://developer.okta.com/docs/api/openapi/okta-management/guides/roles/#standard-roles).\n\t- \"USER_ADMIN\" is the Group Administrator."},"targetAppLists":{"type":"array","items":{"type":"string"},"description":"A list of app names (name represents set of app instances, like 'salesforce' or 'facebook'), or a combination of app name and app instance ID (like 'facebook.0oapsqQ6dv19pqyEo0g3') you would like as the targets of the admin role. - Only supported when used with the role type `APP_ADMIN`."},"targetGroupLists":{"type":"array","items":{"type":"string"},"description":"A list of group IDs you would like as the targets of the admin role. - Only supported when used with the role types: `GROUP_MEMBERSHIP_ADMIN`, `HELP_DESK_ADMIN`, or `USER_ADMIN`."}},"required":["groupId","roleType"],"inputProperties":{"disableNotifications":{"type":"boolean","description":"When this setting is enabled, the admins won't receive any of the default Okta administrator emails. These admins also won't have access to contact Okta Support and open support cases on behalf of your org."},"groupId":{"type":"string","description":"ID of group to attach admin roles to","willReplaceOnChanges":true},"resourceSetId":{"type":"string","description":"Resource Set ID. Required for\u003cspan pulumi-lang-nodejs=\" roleType \" pulumi-lang-dotnet=\" RoleType \" pulumi-lang-go=\" roleType \" pulumi-lang-python=\" role_type \" pulumi-lang-yaml=\" roleType \" pulumi-lang-java=\" roleType \"\u003e role_type \u003c/span\u003e= `CUSTOM`"},"roleId":{"type":"string","description":"Role ID. Required for\u003cspan pulumi-lang-nodejs=\" roleType \" pulumi-lang-dotnet=\" RoleType \" pulumi-lang-go=\" roleType \" pulumi-lang-python=\" role_type \" pulumi-lang-yaml=\" roleType \" pulumi-lang-java=\" roleType \"\u003e role_type \u003c/span\u003e= `CUSTOM`"},"roleType":{"type":"string","description":"Admin role assigned to the group. It can be any one of the following values:\n\t\"API_ADMIN\",\n\t\"APP_ADMIN\",\n\t\"CUSTOM\",\n\t\"GROUP_MEMBERSHIP_ADMIN\",\n\t\"HELP_DESK_ADMIN\",\n\t\"MOBILE_ADMIN\",\n\t\"ORG_ADMIN\",\n\t\"READ_ONLY_ADMIN\",\n\t\"REPORT_ADMIN\",\n\t\"SUPER_ADMIN\",\n\t\"USER_ADMIN\"\n\t. See [API Docs](https://developer.okta.com/docs/api/openapi/okta-management/guides/roles/#standard-roles).\n\t- \"USER_ADMIN\" is the Group Administrator.","willReplaceOnChanges":true},"targetAppLists":{"type":"array","items":{"type":"string"},"description":"A list of app names (name represents set of app instances, like 'salesforce' or 'facebook'), or a combination of app name and app instance ID (like 'facebook.0oapsqQ6dv19pqyEo0g3') you would like as the targets of the admin role. - Only supported when used with the role type `APP_ADMIN`."},"targetGroupLists":{"type":"array","items":{"type":"string"},"description":"A list of group IDs you would like as the targets of the admin role. - Only supported when used with the role types: `GROUP_MEMBERSHIP_ADMIN`, `HELP_DESK_ADMIN`, or `USER_ADMIN`."}},"requiredInputs":["groupId","roleType"],"stateInputs":{"description":"Input properties used for looking up and filtering Role resources.\n","properties":{"disableNotifications":{"type":"boolean","description":"When this setting is enabled, the admins won't receive any of the default Okta administrator emails. These admins also won't have access to contact Okta Support and open support cases on behalf of your org."},"groupId":{"type":"string","description":"ID of group to attach admin roles to","willReplaceOnChanges":true},"resourceSetId":{"type":"string","description":"Resource Set ID. Required for\u003cspan pulumi-lang-nodejs=\" roleType \" pulumi-lang-dotnet=\" RoleType \" pulumi-lang-go=\" roleType \" pulumi-lang-python=\" role_type \" pulumi-lang-yaml=\" roleType \" pulumi-lang-java=\" roleType \"\u003e role_type \u003c/span\u003e= `CUSTOM`"},"roleId":{"type":"string","description":"Role ID. Required for\u003cspan pulumi-lang-nodejs=\" roleType \" pulumi-lang-dotnet=\" RoleType \" pulumi-lang-go=\" roleType \" pulumi-lang-python=\" role_type \" pulumi-lang-yaml=\" roleType \" pulumi-lang-java=\" roleType \"\u003e role_type \u003c/span\u003e= `CUSTOM`"},"roleType":{"type":"string","description":"Admin role assigned to the group. It can be any one of the following values:\n\t\"API_ADMIN\",\n\t\"APP_ADMIN\",\n\t\"CUSTOM\",\n\t\"GROUP_MEMBERSHIP_ADMIN\",\n\t\"HELP_DESK_ADMIN\",\n\t\"MOBILE_ADMIN\",\n\t\"ORG_ADMIN\",\n\t\"READ_ONLY_ADMIN\",\n\t\"REPORT_ADMIN\",\n\t\"SUPER_ADMIN\",\n\t\"USER_ADMIN\"\n\t. See [API Docs](https://developer.okta.com/docs/api/openapi/okta-management/guides/roles/#standard-roles).\n\t- \"USER_ADMIN\" is the Group Administrator.","willReplaceOnChanges":true},"targetAppLists":{"type":"array","items":{"type":"string"},"description":"A list of app names (name represents set of app instances, like 'salesforce' or 'facebook'), or a combination of app name and app instance ID (like 'facebook.0oapsqQ6dv19pqyEo0g3') you would like as the targets of the admin role. - Only supported when used with the role type `APP_ADMIN`."},"targetGroupLists":{"type":"array","items":{"type":"string"},"description":"A list of group IDs you would like as the targets of the admin role. - Only supported when used with the role types: `GROUP_MEMBERSHIP_ADMIN`, `HELP_DESK_ADMIN`, or `USER_ADMIN`."}},"type":"object"}},"okta:group/rule:Rule":{"description":"## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst example = new okta.group.Rule(\"example\", {\n    name: \"example\",\n    status: \"ACTIVE\",\n    groupAssignments: [\"\u003cgroup id\u003e\"],\n    expressionType: \"urn:okta:expression:1.0\",\n    expressionValue: \"String.startsWith(user.firstName,\\\"andy\\\")\",\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\nexample = okta.group.Rule(\"example\",\n    name=\"example\",\n    status=\"ACTIVE\",\n    group_assignments=[\"\u003cgroup id\u003e\"],\n    expression_type=\"urn:okta:expression:1.0\",\n    expression_value=\"String.startsWith(user.firstName,\\\"andy\\\")\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var example = new Okta.Group.Rule(\"example\", new()\n    {\n        Name = \"example\",\n        Status = \"ACTIVE\",\n        GroupAssignments = new[]\n        {\n            \"\u003cgroup id\u003e\",\n        },\n        ExpressionType = \"urn:okta:expression:1.0\",\n        ExpressionValue = \"String.startsWith(user.firstName,\\\"andy\\\")\",\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta/group\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := group.NewRule(ctx, \"example\", \u0026group.RuleArgs{\n\t\t\tName:   pulumi.String(\"example\"),\n\t\t\tStatus: pulumi.String(\"ACTIVE\"),\n\t\t\tGroupAssignments: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"\u003cgroup id\u003e\"),\n\t\t\t},\n\t\t\tExpressionType:  pulumi.String(\"urn:okta:expression:1.0\"),\n\t\t\tExpressionValue: pulumi.String(\"String.startsWith(user.firstName,\\\"andy\\\")\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.group.Rule;\nimport com.pulumi.okta.group.RuleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        var example = new Rule(\"example\", RuleArgs.builder()\n            .name(\"example\")\n            .status(\"ACTIVE\")\n            .groupAssignments(\"\u003cgroup id\u003e\")\n            .expressionType(\"urn:okta:expression:1.0\")\n            .expressionValue(\"String.startsWith(user.firstName,\\\"andy\\\")\")\n            .build());\n\n    }\n}\n```\n```yaml\nresources:\n  example:\n    type: okta:group:Rule\n    properties:\n      name: example\n      status: ACTIVE\n      groupAssignments:\n        - \u003cgroup id\u003e\n      expressionType: urn:okta:expression:1.0\n      expressionValue: String.startsWith(user.firstName,\"andy\")\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\n```sh\n$ pulumi import okta:group/rule:Rule example \u003cgroup_rule_id\u003e\n```\n\n","properties":{"expressionType":{"type":"string","description":"The expression type to use to invoke the rule. The default is `urn:okta:expression:1.0`.\n"},"expressionValue":{"type":"string","description":"The expression value.\n"},"groupAssignments":{"type":"array","items":{"type":"string"},"description":"The list of group ids to assign the users to.\n"},"name":{"type":"string","description":"The name of the Group Rule (min character 1; max characters 50).\n"},"removeAssignedUsers":{"type":"boolean","description":"Remove users added by this rule from the assigned group after deleting this resource. Default is \u003cspan pulumi-lang-nodejs=\"`false`\" pulumi-lang-dotnet=\"`False`\" pulumi-lang-go=\"`false`\" pulumi-lang-python=\"`false`\" pulumi-lang-yaml=\"`false`\" pulumi-lang-java=\"`false`\"\u003e`false`\u003c/span\u003e\n"},"status":{"type":"string","description":"Default to `ACTIVE`\n"},"usersExcludeds":{"type":"array","items":{"type":"string"},"description":"The list of user IDs that would be excluded when rules are processed\n"}},"required":["expressionValue","groupAssignments","name"],"inputProperties":{"expressionType":{"type":"string","description":"The expression type to use to invoke the rule. The default is `urn:okta:expression:1.0`.\n"},"expressionValue":{"type":"string","description":"The expression value.\n"},"groupAssignments":{"type":"array","items":{"type":"string"},"description":"The list of group ids to assign the users to.\n","willReplaceOnChanges":true},"name":{"type":"string","description":"The name of the Group Rule (min character 1; max characters 50).\n"},"removeAssignedUsers":{"type":"boolean","description":"Remove users added by this rule from the assigned group after deleting this resource. Default is \u003cspan pulumi-lang-nodejs=\"`false`\" pulumi-lang-dotnet=\"`False`\" pulumi-lang-go=\"`false`\" pulumi-lang-python=\"`false`\" pulumi-lang-yaml=\"`false`\" pulumi-lang-java=\"`false`\"\u003e`false`\u003c/span\u003e\n"},"status":{"type":"string","description":"Default to `ACTIVE`\n"},"usersExcludeds":{"type":"array","items":{"type":"string"},"description":"The list of user IDs that would be excluded when rules are processed\n"}},"requiredInputs":["expressionValue","groupAssignments"],"stateInputs":{"description":"Input properties used for looking up and filtering Rule resources.\n","properties":{"expressionType":{"type":"string","description":"The expression type to use to invoke the rule. The default is `urn:okta:expression:1.0`.\n"},"expressionValue":{"type":"string","description":"The expression value.\n"},"groupAssignments":{"type":"array","items":{"type":"string"},"description":"The list of group ids to assign the users to.\n","willReplaceOnChanges":true},"name":{"type":"string","description":"The name of the Group Rule (min character 1; max characters 50).\n"},"removeAssignedUsers":{"type":"boolean","description":"Remove users added by this rule from the assigned group after deleting this resource. Default is \u003cspan pulumi-lang-nodejs=\"`false`\" pulumi-lang-dotnet=\"`False`\" pulumi-lang-go=\"`false`\" pulumi-lang-python=\"`false`\" pulumi-lang-yaml=\"`false`\" pulumi-lang-java=\"`false`\"\u003e`false`\u003c/span\u003e\n"},"status":{"type":"string","description":"Default to `ACTIVE`\n"},"usersExcludeds":{"type":"array","items":{"type":"string"},"description":"The list of user IDs that would be excluded when rules are processed\n"}},"type":"object"}},"okta:idp/oidc:Oidc":{"description":"Creates an OIDC Identity Provider. This resource allows you to create and configure an OIDC Identity Provider.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst example = new okta.idp.Oidc(\"example\", {\n    name: \"example\",\n    authorizationUrl: \"https://idp.example.com/authorize\",\n    authorizationBinding: \"HTTP-REDIRECT\",\n    tokenUrl: \"https://idp.example.com/token\",\n    tokenBinding: \"HTTP-POST\",\n    userInfoUrl: \"https://idp.example.com/userinfo\",\n    userInfoBinding: \"HTTP-REDIRECT\",\n    jwksUrl: \"https://idp.example.com/keys\",\n    jwksBinding: \"HTTP-REDIRECT\",\n    scopes: [\"openid\"],\n    clientId: \"efg456\",\n    clientSecret: \"efg456\",\n    issuerUrl: \"https://id.example.com\",\n    usernameTemplate: \"idpuser.email\",\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\nexample = okta.idp.Oidc(\"example\",\n    name=\"example\",\n    authorization_url=\"https://idp.example.com/authorize\",\n    authorization_binding=\"HTTP-REDIRECT\",\n    token_url=\"https://idp.example.com/token\",\n    token_binding=\"HTTP-POST\",\n    user_info_url=\"https://idp.example.com/userinfo\",\n    user_info_binding=\"HTTP-REDIRECT\",\n    jwks_url=\"https://idp.example.com/keys\",\n    jwks_binding=\"HTTP-REDIRECT\",\n    scopes=[\"openid\"],\n    client_id=\"efg456\",\n    client_secret=\"efg456\",\n    issuer_url=\"https://id.example.com\",\n    username_template=\"idpuser.email\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var example = new Okta.Idp.Oidc(\"example\", new()\n    {\n        Name = \"example\",\n        AuthorizationUrl = \"https://idp.example.com/authorize\",\n        AuthorizationBinding = \"HTTP-REDIRECT\",\n        TokenUrl = \"https://idp.example.com/token\",\n        TokenBinding = \"HTTP-POST\",\n        UserInfoUrl = \"https://idp.example.com/userinfo\",\n        UserInfoBinding = \"HTTP-REDIRECT\",\n        JwksUrl = \"https://idp.example.com/keys\",\n        JwksBinding = \"HTTP-REDIRECT\",\n        Scopes = new[]\n        {\n            \"openid\",\n        },\n        ClientId = \"efg456\",\n        ClientSecret = \"efg456\",\n        IssuerUrl = \"https://id.example.com\",\n        UsernameTemplate = \"idpuser.email\",\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta/idp\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := idp.NewOidc(ctx, \"example\", \u0026idp.OidcArgs{\n\t\t\tName:                 pulumi.String(\"example\"),\n\t\t\tAuthorizationUrl:     pulumi.String(\"https://idp.example.com/authorize\"),\n\t\t\tAuthorizationBinding: pulumi.String(\"HTTP-REDIRECT\"),\n\t\t\tTokenUrl:             pulumi.String(\"https://idp.example.com/token\"),\n\t\t\tTokenBinding:         pulumi.String(\"HTTP-POST\"),\n\t\t\tUserInfoUrl:          pulumi.String(\"https://idp.example.com/userinfo\"),\n\t\t\tUserInfoBinding:      pulumi.String(\"HTTP-REDIRECT\"),\n\t\t\tJwksUrl:              pulumi.String(\"https://idp.example.com/keys\"),\n\t\t\tJwksBinding:          pulumi.String(\"HTTP-REDIRECT\"),\n\t\t\tScopes: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"openid\"),\n\t\t\t},\n\t\t\tClientId:         pulumi.String(\"efg456\"),\n\t\t\tClientSecret:     pulumi.String(\"efg456\"),\n\t\t\tIssuerUrl:        pulumi.String(\"https://id.example.com\"),\n\t\t\tUsernameTemplate: pulumi.String(\"idpuser.email\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.idp.Oidc;\nimport com.pulumi.okta.idp.OidcArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        var example = new Oidc(\"example\", OidcArgs.builder()\n            .name(\"example\")\n            .authorizationUrl(\"https://idp.example.com/authorize\")\n            .authorizationBinding(\"HTTP-REDIRECT\")\n            .tokenUrl(\"https://idp.example.com/token\")\n            .tokenBinding(\"HTTP-POST\")\n            .userInfoUrl(\"https://idp.example.com/userinfo\")\n            .userInfoBinding(\"HTTP-REDIRECT\")\n            .jwksUrl(\"https://idp.example.com/keys\")\n            .jwksBinding(\"HTTP-REDIRECT\")\n            .scopes(\"openid\")\n            .clientId(\"efg456\")\n            .clientSecret(\"efg456\")\n            .issuerUrl(\"https://id.example.com\")\n            .usernameTemplate(\"idpuser.email\")\n            .build());\n\n    }\n}\n```\n```yaml\nresources:\n  example:\n    type: okta:idp:Oidc\n    properties:\n      name: example\n      authorizationUrl: https://idp.example.com/authorize\n      authorizationBinding: HTTP-REDIRECT\n      tokenUrl: https://idp.example.com/token\n      tokenBinding: HTTP-POST\n      userInfoUrl: https://idp.example.com/userinfo\n      userInfoBinding: HTTP-REDIRECT\n      jwksUrl: https://idp.example.com/keys\n      jwksBinding: HTTP-REDIRECT\n      scopes:\n        - openid\n      clientId: efg456\n      clientSecret: efg456\n      issuerUrl: https://id.example.com\n      usernameTemplate: idpuser.email\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\n```sh\n$ pulumi import okta:idp/oidc:Oidc example \u003cidp_id\u003e\n```\n\n","properties":{"accountLinkAction":{"type":"string","description":"Specifies the account linking action for an IdP user. Default: `AUTO`\n"},"accountLinkGroupIncludes":{"type":"array","items":{"type":"string"},"description":"Group memberships to determine link candidates.\n"},"authorizationBinding":{"type":"string","description":"The method of making an authorization request. It can be set to `HTTP-POST` or `HTTP-REDIRECT`.\n"},"authorizationUrl":{"type":"string","description":"IdP Authorization Server (AS) endpoint to request consent from the user and obtain an authorization code grant.\n"},"clientId":{"type":"string","description":"Unique identifier issued by AS for the Okta IdP instance.\n"},"clientSecret":{"type":"string","description":"Client secret issued by AS for the Okta IdP instance.\n","secret":true},"deprovisionedAction":{"type":"string","description":"Action for a previously deprovisioned IdP user during authentication. Can be `NONE` or `REACTIVATE`. Default: `NONE`\n"},"filter":{"type":"string","description":"Optional regular expression pattern used to filter untrusted IdP usernames."},"groupsAction":{"type":"string","description":"Provisioning action for IdP user's group memberships. It can be `NONE`, `SYNC`, `APPEND`, or `ASSIGN`. Default: `NONE`\n"},"groupsAssignments":{"type":"array","items":{"type":"string"},"description":"List of Okta Group IDs to add an IdP user as a member with the `ASSIGN` \u003cspan pulumi-lang-nodejs=\"`groupsAction`\" pulumi-lang-dotnet=\"`GroupsAction`\" pulumi-lang-go=\"`groupsAction`\" pulumi-lang-python=\"`groups_action`\" pulumi-lang-yaml=\"`groupsAction`\" pulumi-lang-java=\"`groupsAction`\"\u003e`groups_action`\u003c/span\u003e.\n"},"groupsAttribute":{"type":"string","description":"IdP user profile attribute name (case-insensitive) for an array value that contains group memberships.\n"},"groupsFilters":{"type":"array","items":{"type":"string"},"description":"Whitelist of Okta Group identifiers that are allowed for the `APPEND` or `SYNC` \u003cspan pulumi-lang-nodejs=\"`groupsAction`\" pulumi-lang-dotnet=\"`GroupsAction`\" pulumi-lang-go=\"`groupsAction`\" pulumi-lang-python=\"`groups_action`\" pulumi-lang-yaml=\"`groupsAction`\" pulumi-lang-java=\"`groupsAction`\"\u003e`groups_action`\u003c/span\u003e.\n"},"issuerMode":{"type":"string","description":"Indicates whether Okta uses the original Okta org domain URL, a custom domain URL, or dynamic. It can be `ORG_URL`, `CUSTOM_URL`, or `DYNAMIC`. Default: `ORG_URL`\n"},"issuerUrl":{"type":"string","description":"URI that identifies the issuer.\n"},"jwksBinding":{"type":"string","description":"The method of making a request for the OIDC JWKS. It can be set to `HTTP-POST` or `HTTP-REDIRECT`\n"},"jwksUrl":{"type":"string","description":"Endpoint where the keys signer publishes its keys in a JWK Set.\n"},"maxClockSkew":{"type":"integer","description":"Maximum allowable clock-skew when processing messages from the IdP.\n"},"name":{"type":"string","description":"Name of the IdP\n"},"pkceRequired":{"type":"boolean","description":"Require Proof Key for Code Exchange (PKCE) for additional verification key rotation mode. See: https://developer.okta.com/docs/reference/api/idps/#oauth-2-0-and-openid-connect-client-object\n"},"profileMaster":{"type":"boolean","description":"Determines if the IdP should act as a source of truth for user profile attributes.\n"},"protocolType":{"type":"string","description":"The type of protocol to use. It can be `OIDC` or `OAUTH2`. Default: `OIDC`\n"},"provisioningAction":{"type":"string","description":"Provisioning action for an IdP user during authentication. Default: `AUTO`\n"},"requestSignatureAlgorithm":{"type":"string","description":"The HMAC Signature Algorithm used when signing an authorization request. Defaults to `HS256`. It can be `HS256`, `HS384`, `HS512`, `SHA-256`. `RS256`, `RS384`, or `RS512`. NOTE: `SHA-256` an undocumented legacy value and not continue to be valid. See API docs https://developer.okta.com/docs/reference/api/idps/#oidc-request-signature-algorithm-object\n"},"requestSignatureScope":{"type":"string","description":"Specifies whether to digitally sign an AuthnRequest messages to the IdP. Defaults to `REQUEST`. It can be `REQUEST` or `NONE`.\n"},"scopes":{"type":"array","items":{"type":"string"},"description":"The scopes of the IdP.\n"},"status":{"type":"string","description":"Default to `ACTIVE`\n"},"subjectMatchAttribute":{"type":"string","description":"Okta user profile attribute for matching transformed IdP username. Only for matchType `CUSTOM_ATTRIBUTE`.\n"},"subjectMatchType":{"type":"string","description":"Determines the Okta user profile attribute match conditions for account linking and authentication of the transformed IdP username. By default, it is set to `USERNAME`. It can be set to `USERNAME`, `EMAIL`, `USERNAME_OR_EMAIL` or `CUSTOM_ATTRIBUTE`.\n"},"suspendedAction":{"type":"string","description":"Action for a previously suspended IdP user during authentication. Can be `NONE` or `REACTIVATE`. Default: `NONE`\n"},"tokenBinding":{"type":"string","description":"The method of making a token request. It can be set to `HTTP-POST` or `HTTP-REDIRECT`.\n"},"tokenUrl":{"type":"string","description":"IdP Authorization Server (AS) endpoint to exchange the authorization code grant for an access token.\n"},"type":{"type":"string","description":"Type of OIDC IdP.\n"},"userInfoBinding":{"type":"string"},"userInfoUrl":{"type":"string","description":"Protected resource endpoint that returns claims about the authenticated user.\n"},"userTypeId":{"type":"string","description":"User type ID. Can be used as \u003cspan pulumi-lang-nodejs=\"`targetId`\" pulumi-lang-dotnet=\"`TargetId`\" pulumi-lang-go=\"`targetId`\" pulumi-lang-python=\"`target_id`\" pulumi-lang-yaml=\"`targetId`\" pulumi-lang-java=\"`targetId`\"\u003e`target_id`\u003c/span\u003e in the \u003cspan pulumi-lang-nodejs=\"`okta.profile.Mapping`\" pulumi-lang-dotnet=\"`okta.profile.Mapping`\" pulumi-lang-go=\"`profile.Mapping`\" pulumi-lang-python=\"`profile.Mapping`\" pulumi-lang-yaml=\"`okta.profile.Mapping`\" pulumi-lang-java=\"`okta.profile.Mapping`\"\u003e`okta.profile.Mapping`\u003c/span\u003e resource.\n"},"usernameTemplate":{"type":"string","description":"Okta EL Expression to generate or transform a unique username for the IdP user. Default: `idpuser.email`\n"}},"required":["authorizationBinding","authorizationUrl","clientId","clientSecret","issuerUrl","jwksBinding","jwksUrl","name","scopes","tokenBinding","tokenUrl","type","userTypeId"],"inputProperties":{"accountLinkAction":{"type":"string","description":"Specifies the account linking action for an IdP user. Default: `AUTO`\n"},"accountLinkGroupIncludes":{"type":"array","items":{"type":"string"},"description":"Group memberships to determine link candidates.\n"},"authorizationBinding":{"type":"string","description":"The method of making an authorization request. It can be set to `HTTP-POST` or `HTTP-REDIRECT`.\n"},"authorizationUrl":{"type":"string","description":"IdP Authorization Server (AS) endpoint to request consent from the user and obtain an authorization code grant.\n"},"clientId":{"type":"string","description":"Unique identifier issued by AS for the Okta IdP instance.\n"},"clientSecret":{"type":"string","description":"Client secret issued by AS for the Okta IdP instance.\n","secret":true},"deprovisionedAction":{"type":"string","description":"Action for a previously deprovisioned IdP user during authentication. Can be `NONE` or `REACTIVATE`. Default: `NONE`\n"},"filter":{"type":"string","description":"Optional regular expression pattern used to filter untrusted IdP usernames."},"groupsAction":{"type":"string","description":"Provisioning action for IdP user's group memberships. It can be `NONE`, `SYNC`, `APPEND`, or `ASSIGN`. Default: `NONE`\n"},"groupsAssignments":{"type":"array","items":{"type":"string"},"description":"List of Okta Group IDs to add an IdP user as a member with the `ASSIGN` \u003cspan pulumi-lang-nodejs=\"`groupsAction`\" pulumi-lang-dotnet=\"`GroupsAction`\" pulumi-lang-go=\"`groupsAction`\" pulumi-lang-python=\"`groups_action`\" pulumi-lang-yaml=\"`groupsAction`\" pulumi-lang-java=\"`groupsAction`\"\u003e`groups_action`\u003c/span\u003e.\n"},"groupsAttribute":{"type":"string","description":"IdP user profile attribute name (case-insensitive) for an array value that contains group memberships.\n"},"groupsFilters":{"type":"array","items":{"type":"string"},"description":"Whitelist of Okta Group identifiers that are allowed for the `APPEND` or `SYNC` \u003cspan pulumi-lang-nodejs=\"`groupsAction`\" pulumi-lang-dotnet=\"`GroupsAction`\" pulumi-lang-go=\"`groupsAction`\" pulumi-lang-python=\"`groups_action`\" pulumi-lang-yaml=\"`groupsAction`\" pulumi-lang-java=\"`groupsAction`\"\u003e`groups_action`\u003c/span\u003e.\n"},"issuerMode":{"type":"string","description":"Indicates whether Okta uses the original Okta org domain URL, a custom domain URL, or dynamic. It can be `ORG_URL`, `CUSTOM_URL`, or `DYNAMIC`. Default: `ORG_URL`\n"},"issuerUrl":{"type":"string","description":"URI that identifies the issuer.\n"},"jwksBinding":{"type":"string","description":"The method of making a request for the OIDC JWKS. It can be set to `HTTP-POST` or `HTTP-REDIRECT`\n"},"jwksUrl":{"type":"string","description":"Endpoint where the keys signer publishes its keys in a JWK Set.\n"},"maxClockSkew":{"type":"integer","description":"Maximum allowable clock-skew when processing messages from the IdP.\n"},"name":{"type":"string","description":"Name of the IdP\n"},"pkceRequired":{"type":"boolean","description":"Require Proof Key for Code Exchange (PKCE) for additional verification key rotation mode. See: https://developer.okta.com/docs/reference/api/idps/#oauth-2-0-and-openid-connect-client-object\n"},"profileMaster":{"type":"boolean","description":"Determines if the IdP should act as a source of truth for user profile attributes.\n"},"protocolType":{"type":"string","description":"The type of protocol to use. It can be `OIDC` or `OAUTH2`. Default: `OIDC`\n"},"provisioningAction":{"type":"string","description":"Provisioning action for an IdP user during authentication. Default: `AUTO`\n"},"requestSignatureAlgorithm":{"type":"string","description":"The HMAC Signature Algorithm used when signing an authorization request. Defaults to `HS256`. It can be `HS256`, `HS384`, `HS512`, `SHA-256`. `RS256`, `RS384`, or `RS512`. NOTE: `SHA-256` an undocumented legacy value and not continue to be valid. See API docs https://developer.okta.com/docs/reference/api/idps/#oidc-request-signature-algorithm-object\n"},"requestSignatureScope":{"type":"string","description":"Specifies whether to digitally sign an AuthnRequest messages to the IdP. Defaults to `REQUEST`. It can be `REQUEST` or `NONE`.\n"},"scopes":{"type":"array","items":{"type":"string"},"description":"The scopes of the IdP.\n"},"status":{"type":"string","description":"Default to `ACTIVE`\n"},"subjectMatchAttribute":{"type":"string","description":"Okta user profile attribute for matching transformed IdP username. Only for matchType `CUSTOM_ATTRIBUTE`.\n"},"subjectMatchType":{"type":"string","description":"Determines the Okta user profile attribute match conditions for account linking and authentication of the transformed IdP username. By default, it is set to `USERNAME`. It can be set to `USERNAME`, `EMAIL`, `USERNAME_OR_EMAIL` or `CUSTOM_ATTRIBUTE`.\n"},"suspendedAction":{"type":"string","description":"Action for a previously suspended IdP user during authentication. Can be `NONE` or `REACTIVATE`. Default: `NONE`\n"},"tokenBinding":{"type":"string","description":"The method of making a token request. It can be set to `HTTP-POST` or `HTTP-REDIRECT`.\n"},"tokenUrl":{"type":"string","description":"IdP Authorization Server (AS) endpoint to exchange the authorization code grant for an access token.\n"},"userInfoBinding":{"type":"string"},"userInfoUrl":{"type":"string","description":"Protected resource endpoint that returns claims about the authenticated user.\n"},"usernameTemplate":{"type":"string","description":"Okta EL Expression to generate or transform a unique username for the IdP user. Default: `idpuser.email`\n"}},"requiredInputs":["authorizationBinding","authorizationUrl","clientId","clientSecret","issuerUrl","jwksBinding","jwksUrl","scopes","tokenBinding","tokenUrl"],"stateInputs":{"description":"Input properties used for looking up and filtering Oidc resources.\n","properties":{"accountLinkAction":{"type":"string","description":"Specifies the account linking action for an IdP user. Default: `AUTO`\n"},"accountLinkGroupIncludes":{"type":"array","items":{"type":"string"},"description":"Group memberships to determine link candidates.\n"},"authorizationBinding":{"type":"string","description":"The method of making an authorization request. It can be set to `HTTP-POST` or `HTTP-REDIRECT`.\n"},"authorizationUrl":{"type":"string","description":"IdP Authorization Server (AS) endpoint to request consent from the user and obtain an authorization code grant.\n"},"clientId":{"type":"string","description":"Unique identifier issued by AS for the Okta IdP instance.\n"},"clientSecret":{"type":"string","description":"Client secret issued by AS for the Okta IdP instance.\n","secret":true},"deprovisionedAction":{"type":"string","description":"Action for a previously deprovisioned IdP user during authentication. Can be `NONE` or `REACTIVATE`. Default: `NONE`\n"},"filter":{"type":"string","description":"Optional regular expression pattern used to filter untrusted IdP usernames."},"groupsAction":{"type":"string","description":"Provisioning action for IdP user's group memberships. It can be `NONE`, `SYNC`, `APPEND`, or `ASSIGN`. Default: `NONE`\n"},"groupsAssignments":{"type":"array","items":{"type":"string"},"description":"List of Okta Group IDs to add an IdP user as a member with the `ASSIGN` \u003cspan pulumi-lang-nodejs=\"`groupsAction`\" pulumi-lang-dotnet=\"`GroupsAction`\" pulumi-lang-go=\"`groupsAction`\" pulumi-lang-python=\"`groups_action`\" pulumi-lang-yaml=\"`groupsAction`\" pulumi-lang-java=\"`groupsAction`\"\u003e`groups_action`\u003c/span\u003e.\n"},"groupsAttribute":{"type":"string","description":"IdP user profile attribute name (case-insensitive) for an array value that contains group memberships.\n"},"groupsFilters":{"type":"array","items":{"type":"string"},"description":"Whitelist of Okta Group identifiers that are allowed for the `APPEND` or `SYNC` \u003cspan pulumi-lang-nodejs=\"`groupsAction`\" pulumi-lang-dotnet=\"`GroupsAction`\" pulumi-lang-go=\"`groupsAction`\" pulumi-lang-python=\"`groups_action`\" pulumi-lang-yaml=\"`groupsAction`\" pulumi-lang-java=\"`groupsAction`\"\u003e`groups_action`\u003c/span\u003e.\n"},"issuerMode":{"type":"string","description":"Indicates whether Okta uses the original Okta org domain URL, a custom domain URL, or dynamic. It can be `ORG_URL`, `CUSTOM_URL`, or `DYNAMIC`. Default: `ORG_URL`\n"},"issuerUrl":{"type":"string","description":"URI that identifies the issuer.\n"},"jwksBinding":{"type":"string","description":"The method of making a request for the OIDC JWKS. It can be set to `HTTP-POST` or `HTTP-REDIRECT`\n"},"jwksUrl":{"type":"string","description":"Endpoint where the keys signer publishes its keys in a JWK Set.\n"},"maxClockSkew":{"type":"integer","description":"Maximum allowable clock-skew when processing messages from the IdP.\n"},"name":{"type":"string","description":"Name of the IdP\n"},"pkceRequired":{"type":"boolean","description":"Require Proof Key for Code Exchange (PKCE) for additional verification key rotation mode. See: https://developer.okta.com/docs/reference/api/idps/#oauth-2-0-and-openid-connect-client-object\n"},"profileMaster":{"type":"boolean","description":"Determines if the IdP should act as a source of truth for user profile attributes.\n"},"protocolType":{"type":"string","description":"The type of protocol to use. It can be `OIDC` or `OAUTH2`. Default: `OIDC`\n"},"provisioningAction":{"type":"string","description":"Provisioning action for an IdP user during authentication. Default: `AUTO`\n"},"requestSignatureAlgorithm":{"type":"string","description":"The HMAC Signature Algorithm used when signing an authorization request. Defaults to `HS256`. It can be `HS256`, `HS384`, `HS512`, `SHA-256`. `RS256`, `RS384`, or `RS512`. NOTE: `SHA-256` an undocumented legacy value and not continue to be valid. See API docs https://developer.okta.com/docs/reference/api/idps/#oidc-request-signature-algorithm-object\n"},"requestSignatureScope":{"type":"string","description":"Specifies whether to digitally sign an AuthnRequest messages to the IdP. Defaults to `REQUEST`. It can be `REQUEST` or `NONE`.\n"},"scopes":{"type":"array","items":{"type":"string"},"description":"The scopes of the IdP.\n"},"status":{"type":"string","description":"Default to `ACTIVE`\n"},"subjectMatchAttribute":{"type":"string","description":"Okta user profile attribute for matching transformed IdP username. Only for matchType `CUSTOM_ATTRIBUTE`.\n"},"subjectMatchType":{"type":"string","description":"Determines the Okta user profile attribute match conditions for account linking and authentication of the transformed IdP username. By default, it is set to `USERNAME`. It can be set to `USERNAME`, `EMAIL`, `USERNAME_OR_EMAIL` or `CUSTOM_ATTRIBUTE`.\n"},"suspendedAction":{"type":"string","description":"Action for a previously suspended IdP user during authentication. Can be `NONE` or `REACTIVATE`. Default: `NONE`\n"},"tokenBinding":{"type":"string","description":"The method of making a token request. It can be set to `HTTP-POST` or `HTTP-REDIRECT`.\n"},"tokenUrl":{"type":"string","description":"IdP Authorization Server (AS) endpoint to exchange the authorization code grant for an access token.\n"},"type":{"type":"string","description":"Type of OIDC IdP.\n"},"userInfoBinding":{"type":"string"},"userInfoUrl":{"type":"string","description":"Protected resource endpoint that returns claims about the authenticated user.\n"},"userTypeId":{"type":"string","description":"User type ID. Can be used as \u003cspan pulumi-lang-nodejs=\"`targetId`\" pulumi-lang-dotnet=\"`TargetId`\" pulumi-lang-go=\"`targetId`\" pulumi-lang-python=\"`target_id`\" pulumi-lang-yaml=\"`targetId`\" pulumi-lang-java=\"`targetId`\"\u003e`target_id`\u003c/span\u003e in the \u003cspan pulumi-lang-nodejs=\"`okta.profile.Mapping`\" pulumi-lang-dotnet=\"`okta.profile.Mapping`\" pulumi-lang-go=\"`profile.Mapping`\" pulumi-lang-python=\"`profile.Mapping`\" pulumi-lang-yaml=\"`okta.profile.Mapping`\" pulumi-lang-java=\"`okta.profile.Mapping`\"\u003e`okta.profile.Mapping`\u003c/span\u003e resource.\n"},"usernameTemplate":{"type":"string","description":"Okta EL Expression to generate or transform a unique username for the IdP user. Default: `idpuser.email`\n"}},"type":"object"}},"okta:idp/saml:Saml":{"description":"Creates a SAML Identity Provider. This resource allows you to create and configure a SAML Identity Provider.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst example = new okta.idp.Saml(\"example\", {\n    name: \"testAcc_replace_with_uuid\",\n    acsType: \"INSTANCE\",\n    ssoUrl: \"https://idp.example.com\",\n    ssoDestination: \"https://idp.example.com\",\n    ssoBinding: \"HTTP-POST\",\n    usernameTemplate: \"idpuser.email\",\n    kid: test.id,\n    issuer: \"https://idp.example.com\",\n    requestSignatureScope: \"REQUEST\",\n    responseSignatureScope: \"ANY\",\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\nexample = okta.idp.Saml(\"example\",\n    name=\"testAcc_replace_with_uuid\",\n    acs_type=\"INSTANCE\",\n    sso_url=\"https://idp.example.com\",\n    sso_destination=\"https://idp.example.com\",\n    sso_binding=\"HTTP-POST\",\n    username_template=\"idpuser.email\",\n    kid=test[\"id\"],\n    issuer=\"https://idp.example.com\",\n    request_signature_scope=\"REQUEST\",\n    response_signature_scope=\"ANY\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var example = new Okta.Idp.Saml(\"example\", new()\n    {\n        Name = \"testAcc_replace_with_uuid\",\n        AcsType = \"INSTANCE\",\n        SsoUrl = \"https://idp.example.com\",\n        SsoDestination = \"https://idp.example.com\",\n        SsoBinding = \"HTTP-POST\",\n        UsernameTemplate = \"idpuser.email\",\n        Kid = test.Id,\n        Issuer = \"https://idp.example.com\",\n        RequestSignatureScope = \"REQUEST\",\n        ResponseSignatureScope = \"ANY\",\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta/idp\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := idp.NewSaml(ctx, \"example\", \u0026idp.SamlArgs{\n\t\t\tName:                   pulumi.String(\"testAcc_replace_with_uuid\"),\n\t\t\tAcsType:                pulumi.String(\"INSTANCE\"),\n\t\t\tSsoUrl:                 pulumi.String(\"https://idp.example.com\"),\n\t\t\tSsoDestination:         pulumi.String(\"https://idp.example.com\"),\n\t\t\tSsoBinding:             pulumi.String(\"HTTP-POST\"),\n\t\t\tUsernameTemplate:       pulumi.String(\"idpuser.email\"),\n\t\t\tKid:                    pulumi.Any(test.Id),\n\t\t\tIssuer:                 pulumi.String(\"https://idp.example.com\"),\n\t\t\tRequestSignatureScope:  pulumi.String(\"REQUEST\"),\n\t\t\tResponseSignatureScope: pulumi.String(\"ANY\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.idp.Saml;\nimport com.pulumi.okta.idp.SamlArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        var example = new Saml(\"example\", SamlArgs.builder()\n            .name(\"testAcc_replace_with_uuid\")\n            .acsType(\"INSTANCE\")\n            .ssoUrl(\"https://idp.example.com\")\n            .ssoDestination(\"https://idp.example.com\")\n            .ssoBinding(\"HTTP-POST\")\n            .usernameTemplate(\"idpuser.email\")\n            .kid(test.id())\n            .issuer(\"https://idp.example.com\")\n            .requestSignatureScope(\"REQUEST\")\n            .responseSignatureScope(\"ANY\")\n            .build());\n\n    }\n}\n```\n```yaml\nresources:\n  example:\n    type: okta:idp:Saml\n    properties:\n      name: testAcc_replace_with_uuid\n      acsType: INSTANCE\n      ssoUrl: https://idp.example.com\n      ssoDestination: https://idp.example.com\n      ssoBinding: HTTP-POST\n      usernameTemplate: idpuser.email\n      kid: ${test.id}\n      issuer: https://idp.example.com\n      requestSignatureScope: REQUEST\n      responseSignatureScope: ANY\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\n```sh\n$ pulumi import okta:idp/saml:Saml example \u003cidp_id\u003e\n```\n\n","properties":{"accountLinkAction":{"type":"string","description":"Specifies the account linking action for an IdP user. Default: `AUTO`\n"},"accountLinkGroupIncludes":{"type":"array","items":{"type":"string"},"description":"Group memberships to determine link candidates.\n"},"acsBinding":{"type":"string"},"acsType":{"type":"string","description":"The type of ACS. It can be `INSTANCE` or `ORG`. Default: `INSTANCE`\n"},"audience":{"type":"string"},"deprovisionedAction":{"type":"string","description":"Action for a previously deprovisioned IdP user during authentication. Can be `NONE` or `REACTIVATE`. Default: `NONE`\n"},"groupsAction":{"type":"string","description":"Provisioning action for IdP user's group memberships. It can be `NONE`, `SYNC`, `APPEND`, or `ASSIGN`. Default: `NONE`\n"},"groupsAssignments":{"type":"array","items":{"type":"string"},"description":"List of Okta Group IDs to add an IdP user as a member with the `ASSIGN` \u003cspan pulumi-lang-nodejs=\"`groupsAction`\" pulumi-lang-dotnet=\"`GroupsAction`\" pulumi-lang-go=\"`groupsAction`\" pulumi-lang-python=\"`groups_action`\" pulumi-lang-yaml=\"`groupsAction`\" pulumi-lang-java=\"`groupsAction`\"\u003e`groups_action`\u003c/span\u003e.\n"},"groupsAttribute":{"type":"string","description":"IdP user profile attribute name (case-insensitive) for an array value that contains group memberships.\n"},"groupsFilters":{"type":"array","items":{"type":"string"},"description":"Whitelist of Okta Group identifiers that are allowed for the `APPEND` or `SYNC` \u003cspan pulumi-lang-nodejs=\"`groupsAction`\" pulumi-lang-dotnet=\"`GroupsAction`\" pulumi-lang-go=\"`groupsAction`\" pulumi-lang-python=\"`groups_action`\" pulumi-lang-yaml=\"`groupsAction`\" pulumi-lang-java=\"`groupsAction`\"\u003e`groups_action`\u003c/span\u003e.\n"},"honorPersistentNameId":{"type":"boolean","description":"Determines if the IdP should persist account linking when the incoming assertion NameID format is urn:oasis:names:tc:SAML:2.0:nameid-format:persistent"},"issuer":{"type":"string","description":"URI that identifies the issuer.\n"},"issuerMode":{"type":"string","description":"Indicates whether Okta uses the original Okta org domain URL, or a custom domain URL\n"},"kid":{"type":"string","description":"The ID of the signing key.\n"},"maxClockSkew":{"type":"integer","description":"Maximum allowable clock-skew when processing messages from the IdP.\n"},"name":{"type":"string","description":"Name of the IdP\n"},"nameFormat":{"type":"string","description":"The name identifier format to use. By default `urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified`.\n"},"profileMaster":{"type":"boolean","description":"Determines if the IdP should act as a source of truth for user profile attributes.\n"},"provisioningAction":{"type":"string","description":"Provisioning action for an IdP user during authentication. Default: `AUTO`\n"},"requestSignatureAlgorithm":{"type":"string","description":"The XML digital Signature Algorithm used when signing an `AuthnRequest` message. It can be `SHA-256` or `SHA-1`. Default: `SHA-256`\n"},"requestSignatureScope":{"type":"string","description":"Specifies whether to digitally sign an AuthnRequest messages to the IdP. It can be `REQUEST` or `NONE`. Default: `REQUEST`\n"},"responseSignatureAlgorithm":{"type":"string","description":"The minimum XML digital signature algorithm allowed when verifying a `SAMLResponse` message or Assertion element. It can be `SHA-256` or `SHA-1`. Default: `SHA-256`\n"},"responseSignatureScope":{"type":"string","description":"Specifies whether to verify a `SAMLResponse` message or Assertion element XML digital signature. It can be `RESPONSE`, `ASSERTION`, or `ANY`. Default: `ANY`\n"},"ssoBinding":{"type":"string","description":"The method of making an SSO request. It can be set to `HTTP-POST` or `HTTP-REDIRECT`. Default: `HTTP-POST`\n"},"ssoDestination":{"type":"string","description":"URI reference indicating the address to which the AuthnRequest message is sent.\n"},"ssoUrl":{"type":"string","description":"URL of binding-specific endpoint to send an AuthnRequest message to IdP.\n"},"status":{"type":"string","description":"Default to `ACTIVE`\n"},"subjectFilter":{"type":"string","description":"Optional regular expression pattern used to filter untrusted IdP usernames.\n"},"subjectFormats":{"type":"array","items":{"type":"string"},"description":"The name format.\n"},"subjectMatchAttribute":{"type":"string","description":"Okta user profile attribute for matching transformed IdP username. Only for matchType `CUSTOM_ATTRIBUTE`.\n"},"subjectMatchType":{"type":"string","description":"Determines the Okta user profile attribute match conditions for account linking and authentication of the transformed IdP username. By default, it is set to `USERNAME`. It can be set to `USERNAME`, `EMAIL`, `USERNAME_OR_EMAIL` or `CUSTOM_ATTRIBUTE`.\n"},"suspendedAction":{"type":"string","description":"Action for a previously suspended IdP user during authentication. Can be `NONE` or `REACTIVATE`. Default: `NONE`\n"},"type":{"type":"string"},"userTypeId":{"type":"string"},"usernameTemplate":{"type":"string","description":"Okta EL Expression to generate or transform a unique username for the IdP user. Default: `idpuser.email`\n"}},"required":["acsBinding","audience","issuer","kid","name","ssoUrl","type","userTypeId"],"inputProperties":{"accountLinkAction":{"type":"string","description":"Specifies the account linking action for an IdP user. Default: `AUTO`\n"},"accountLinkGroupIncludes":{"type":"array","items":{"type":"string"},"description":"Group memberships to determine link candidates.\n"},"acsType":{"type":"string","description":"The type of ACS. It can be `INSTANCE` or `ORG`. Default: `INSTANCE`\n"},"deprovisionedAction":{"type":"string","description":"Action for a previously deprovisioned IdP user during authentication. Can be `NONE` or `REACTIVATE`. Default: `NONE`\n"},"groupsAction":{"type":"string","description":"Provisioning action for IdP user's group memberships. It can be `NONE`, `SYNC`, `APPEND`, or `ASSIGN`. Default: `NONE`\n"},"groupsAssignments":{"type":"array","items":{"type":"string"},"description":"List of Okta Group IDs to add an IdP user as a member with the `ASSIGN` \u003cspan pulumi-lang-nodejs=\"`groupsAction`\" pulumi-lang-dotnet=\"`GroupsAction`\" pulumi-lang-go=\"`groupsAction`\" pulumi-lang-python=\"`groups_action`\" pulumi-lang-yaml=\"`groupsAction`\" pulumi-lang-java=\"`groupsAction`\"\u003e`groups_action`\u003c/span\u003e.\n"},"groupsAttribute":{"type":"string","description":"IdP user profile attribute name (case-insensitive) for an array value that contains group memberships.\n"},"groupsFilters":{"type":"array","items":{"type":"string"},"description":"Whitelist of Okta Group identifiers that are allowed for the `APPEND` or `SYNC` \u003cspan pulumi-lang-nodejs=\"`groupsAction`\" pulumi-lang-dotnet=\"`GroupsAction`\" pulumi-lang-go=\"`groupsAction`\" pulumi-lang-python=\"`groups_action`\" pulumi-lang-yaml=\"`groupsAction`\" pulumi-lang-java=\"`groupsAction`\"\u003e`groups_action`\u003c/span\u003e.\n"},"honorPersistentNameId":{"type":"boolean","description":"Determines if the IdP should persist account linking when the incoming assertion NameID format is urn:oasis:names:tc:SAML:2.0:nameid-format:persistent"},"issuer":{"type":"string","description":"URI that identifies the issuer.\n"},"issuerMode":{"type":"string","description":"Indicates whether Okta uses the original Okta org domain URL, or a custom domain URL\n"},"kid":{"type":"string","description":"The ID of the signing key.\n"},"maxClockSkew":{"type":"integer","description":"Maximum allowable clock-skew when processing messages from the IdP.\n"},"name":{"type":"string","description":"Name of the IdP\n"},"nameFormat":{"type":"string","description":"The name identifier format to use. By default `urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified`.\n"},"profileMaster":{"type":"boolean","description":"Determines if the IdP should act as a source of truth for user profile attributes.\n"},"provisioningAction":{"type":"string","description":"Provisioning action for an IdP user during authentication. Default: `AUTO`\n"},"requestSignatureAlgorithm":{"type":"string","description":"The XML digital Signature Algorithm used when signing an `AuthnRequest` message. It can be `SHA-256` or `SHA-1`. Default: `SHA-256`\n"},"requestSignatureScope":{"type":"string","description":"Specifies whether to digitally sign an AuthnRequest messages to the IdP. It can be `REQUEST` or `NONE`. Default: `REQUEST`\n"},"responseSignatureAlgorithm":{"type":"string","description":"The minimum XML digital signature algorithm allowed when verifying a `SAMLResponse` message or Assertion element. It can be `SHA-256` or `SHA-1`. Default: `SHA-256`\n"},"responseSignatureScope":{"type":"string","description":"Specifies whether to verify a `SAMLResponse` message or Assertion element XML digital signature. It can be `RESPONSE`, `ASSERTION`, or `ANY`. Default: `ANY`\n"},"ssoBinding":{"type":"string","description":"The method of making an SSO request. It can be set to `HTTP-POST` or `HTTP-REDIRECT`. Default: `HTTP-POST`\n"},"ssoDestination":{"type":"string","description":"URI reference indicating the address to which the AuthnRequest message is sent.\n"},"ssoUrl":{"type":"string","description":"URL of binding-specific endpoint to send an AuthnRequest message to IdP.\n"},"status":{"type":"string","description":"Default to `ACTIVE`\n"},"subjectFilter":{"type":"string","description":"Optional regular expression pattern used to filter untrusted IdP usernames.\n"},"subjectFormats":{"type":"array","items":{"type":"string"},"description":"The name format.\n"},"subjectMatchAttribute":{"type":"string","description":"Okta user profile attribute for matching transformed IdP username. Only for matchType `CUSTOM_ATTRIBUTE`.\n"},"subjectMatchType":{"type":"string","description":"Determines the Okta user profile attribute match conditions for account linking and authentication of the transformed IdP username. By default, it is set to `USERNAME`. It can be set to `USERNAME`, `EMAIL`, `USERNAME_OR_EMAIL` or `CUSTOM_ATTRIBUTE`.\n"},"suspendedAction":{"type":"string","description":"Action for a previously suspended IdP user during authentication. Can be `NONE` or `REACTIVATE`. Default: `NONE`\n"},"usernameTemplate":{"type":"string","description":"Okta EL Expression to generate or transform a unique username for the IdP user. Default: `idpuser.email`\n"}},"requiredInputs":["issuer","kid","ssoUrl"],"stateInputs":{"description":"Input properties used for looking up and filtering Saml resources.\n","properties":{"accountLinkAction":{"type":"string","description":"Specifies the account linking action for an IdP user. Default: `AUTO`\n"},"accountLinkGroupIncludes":{"type":"array","items":{"type":"string"},"description":"Group memberships to determine link candidates.\n"},"acsBinding":{"type":"string"},"acsType":{"type":"string","description":"The type of ACS. It can be `INSTANCE` or `ORG`. Default: `INSTANCE`\n"},"audience":{"type":"string"},"deprovisionedAction":{"type":"string","description":"Action for a previously deprovisioned IdP user during authentication. Can be `NONE` or `REACTIVATE`. Default: `NONE`\n"},"groupsAction":{"type":"string","description":"Provisioning action for IdP user's group memberships. It can be `NONE`, `SYNC`, `APPEND`, or `ASSIGN`. Default: `NONE`\n"},"groupsAssignments":{"type":"array","items":{"type":"string"},"description":"List of Okta Group IDs to add an IdP user as a member with the `ASSIGN` \u003cspan pulumi-lang-nodejs=\"`groupsAction`\" pulumi-lang-dotnet=\"`GroupsAction`\" pulumi-lang-go=\"`groupsAction`\" pulumi-lang-python=\"`groups_action`\" pulumi-lang-yaml=\"`groupsAction`\" pulumi-lang-java=\"`groupsAction`\"\u003e`groups_action`\u003c/span\u003e.\n"},"groupsAttribute":{"type":"string","description":"IdP user profile attribute name (case-insensitive) for an array value that contains group memberships.\n"},"groupsFilters":{"type":"array","items":{"type":"string"},"description":"Whitelist of Okta Group identifiers that are allowed for the `APPEND` or `SYNC` \u003cspan pulumi-lang-nodejs=\"`groupsAction`\" pulumi-lang-dotnet=\"`GroupsAction`\" pulumi-lang-go=\"`groupsAction`\" pulumi-lang-python=\"`groups_action`\" pulumi-lang-yaml=\"`groupsAction`\" pulumi-lang-java=\"`groupsAction`\"\u003e`groups_action`\u003c/span\u003e.\n"},"honorPersistentNameId":{"type":"boolean","description":"Determines if the IdP should persist account linking when the incoming assertion NameID format is urn:oasis:names:tc:SAML:2.0:nameid-format:persistent"},"issuer":{"type":"string","description":"URI that identifies the issuer.\n"},"issuerMode":{"type":"string","description":"Indicates whether Okta uses the original Okta org domain URL, or a custom domain URL\n"},"kid":{"type":"string","description":"The ID of the signing key.\n"},"maxClockSkew":{"type":"integer","description":"Maximum allowable clock-skew when processing messages from the IdP.\n"},"name":{"type":"string","description":"Name of the IdP\n"},"nameFormat":{"type":"string","description":"The name identifier format to use. By default `urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified`.\n"},"profileMaster":{"type":"boolean","description":"Determines if the IdP should act as a source of truth for user profile attributes.\n"},"provisioningAction":{"type":"string","description":"Provisioning action for an IdP user during authentication. Default: `AUTO`\n"},"requestSignatureAlgorithm":{"type":"string","description":"The XML digital Signature Algorithm used when signing an `AuthnRequest` message. It can be `SHA-256` or `SHA-1`. Default: `SHA-256`\n"},"requestSignatureScope":{"type":"string","description":"Specifies whether to digitally sign an AuthnRequest messages to the IdP. It can be `REQUEST` or `NONE`. Default: `REQUEST`\n"},"responseSignatureAlgorithm":{"type":"string","description":"The minimum XML digital signature algorithm allowed when verifying a `SAMLResponse` message or Assertion element. It can be `SHA-256` or `SHA-1`. Default: `SHA-256`\n"},"responseSignatureScope":{"type":"string","description":"Specifies whether to verify a `SAMLResponse` message or Assertion element XML digital signature. It can be `RESPONSE`, `ASSERTION`, or `ANY`. Default: `ANY`\n"},"ssoBinding":{"type":"string","description":"The method of making an SSO request. It can be set to `HTTP-POST` or `HTTP-REDIRECT`. Default: `HTTP-POST`\n"},"ssoDestination":{"type":"string","description":"URI reference indicating the address to which the AuthnRequest message is sent.\n"},"ssoUrl":{"type":"string","description":"URL of binding-specific endpoint to send an AuthnRequest message to IdP.\n"},"status":{"type":"string","description":"Default to `ACTIVE`\n"},"subjectFilter":{"type":"string","description":"Optional regular expression pattern used to filter untrusted IdP usernames.\n"},"subjectFormats":{"type":"array","items":{"type":"string"},"description":"The name format.\n"},"subjectMatchAttribute":{"type":"string","description":"Okta user profile attribute for matching transformed IdP username. Only for matchType `CUSTOM_ATTRIBUTE`.\n"},"subjectMatchType":{"type":"string","description":"Determines the Okta user profile attribute match conditions for account linking and authentication of the transformed IdP username. By default, it is set to `USERNAME`. It can be set to `USERNAME`, `EMAIL`, `USERNAME_OR_EMAIL` or `CUSTOM_ATTRIBUTE`.\n"},"suspendedAction":{"type":"string","description":"Action for a previously suspended IdP user during authentication. Can be `NONE` or `REACTIVATE`. Default: `NONE`\n"},"type":{"type":"string"},"userTypeId":{"type":"string"},"usernameTemplate":{"type":"string","description":"Okta EL Expression to generate or transform a unique username for the IdP user. Default: `idpuser.email`\n"}},"type":"object"}},"okta:idp/samlKey:SamlKey":{"description":"## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst example1 = new okta.idp.SamlKey(\"example_1\", {x5cs: [example.certificate]});\nconst example2 = new okta.idp.SamlKey(\"example_2\", {x5cs: [`MIIDnjCCAoagAwIBAgIGAVG3MN+PMA0GCSqGSIb3DQEBBQUAMIGPMQswCQYDVQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5p\nYTEWMBQGA1UEBwwNU2FuIEZyYW5jaXNjbzENMAsGA1UECgwET2t0YTEUMBIGA1UECwwLU1NPUHJvdmlkZXIxEDAOBgNVBAMM\nB2V4YW1wbGUxHDAaBgkqhkiG9w0BCQEWDWluZm9Ab2t0YS5jb20wHhcNMTUxMjE4MjIyMjMyWhcNMjUxMjE4MjIyMzMyWjCB\njzELMAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlmb3JuaWExFjAUBgNVBAcMDVNhbiBGcmFuY2lzY28xDTALBgNVBAoMBE9r\ndGExFDASBgNVBAsMC1NTT1Byb3ZpZGVyMRAwDgYDVQQDDAdleGFtcGxlMRwwGgYJKoZIhvcNAQkBFg1pbmZvQG9rdGEuY29t\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtcnyvuVCrsFEKCwHDenS3Ocjed8eWDv3zLtD2K/iZfE8BMj2wpTf\nn6Ry8zCYey3mWlKdxIybnV9amrujGRnE0ab6Q16v9D6RlFQLOG6dwqoRKuZy33Uyg8PGdEudZjGbWuKCqqXEp+UKALJHV+k4\nwWeVH8g5d1n3KyR2TVajVJpCrPhLFmq1Il4G/IUnPe4MvjXqB6CpKkog1+ThWsItPRJPAM+RweFHXq7KfChXsYE7Mmfuly8s\nDQlvBmQyxZnFHVuiPfCvGHJjpvHy11YlHdOjfgqHRvZbmo30+y0X/oY/yV4YEJ00LL6eJWU4wi7ViY3HP6/VCdRjHoRdr5L/\nDwIDAQABMA0GCSqGSIb3DQEBBQUAA4IBAQCzzhOFkvyYLNFj2WDcq1YqD4sBy1iCia9QpRH3rjQvMKDwQDYWbi6EdOX0TQ/I\nYR7UWGj+2pXd6v0t33lYtoKocp/4lUvT3tfBnWZ5KnObi+J2uY2teUqoYkASN7F+GRPVOuMVoVgm05ss8tuMb2dLc9vsx93s\nDt+XlMTv/2qi5VPwaDtqduKkzwW9lUfn4xIMkTiVvCpe0X2HneD2Bpuao3/U8Rk0uiPfq6TooWaoW3kjsmErhEAs9bA7xuqo\n1KKY9CdHcFhkSsMhoeaZylZHtzbnoipUlQKSLMdJQiiYZQ0bYL83/Ta9fulr1EERICMFt3GUmtYaZZKHpWSfdJp9`]});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\nexample1 = okta.idp.SamlKey(\"example_1\", x5cs=[example[\"certificate\"]])\nexample2 = okta.idp.SamlKey(\"example_2\", x5cs=[\"\"\"MIIDnjCCAoagAwIBAgIGAVG3MN+PMA0GCSqGSIb3DQEBBQUAMIGPMQswCQYDVQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5p\nYTEWMBQGA1UEBwwNU2FuIEZyYW5jaXNjbzENMAsGA1UECgwET2t0YTEUMBIGA1UECwwLU1NPUHJvdmlkZXIxEDAOBgNVBAMM\nB2V4YW1wbGUxHDAaBgkqhkiG9w0BCQEWDWluZm9Ab2t0YS5jb20wHhcNMTUxMjE4MjIyMjMyWhcNMjUxMjE4MjIyMzMyWjCB\njzELMAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlmb3JuaWExFjAUBgNVBAcMDVNhbiBGcmFuY2lzY28xDTALBgNVBAoMBE9r\ndGExFDASBgNVBAsMC1NTT1Byb3ZpZGVyMRAwDgYDVQQDDAdleGFtcGxlMRwwGgYJKoZIhvcNAQkBFg1pbmZvQG9rdGEuY29t\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtcnyvuVCrsFEKCwHDenS3Ocjed8eWDv3zLtD2K/iZfE8BMj2wpTf\nn6Ry8zCYey3mWlKdxIybnV9amrujGRnE0ab6Q16v9D6RlFQLOG6dwqoRKuZy33Uyg8PGdEudZjGbWuKCqqXEp+UKALJHV+k4\nwWeVH8g5d1n3KyR2TVajVJpCrPhLFmq1Il4G/IUnPe4MvjXqB6CpKkog1+ThWsItPRJPAM+RweFHXq7KfChXsYE7Mmfuly8s\nDQlvBmQyxZnFHVuiPfCvGHJjpvHy11YlHdOjfgqHRvZbmo30+y0X/oY/yV4YEJ00LL6eJWU4wi7ViY3HP6/VCdRjHoRdr5L/\nDwIDAQABMA0GCSqGSIb3DQEBBQUAA4IBAQCzzhOFkvyYLNFj2WDcq1YqD4sBy1iCia9QpRH3rjQvMKDwQDYWbi6EdOX0TQ/I\nYR7UWGj+2pXd6v0t33lYtoKocp/4lUvT3tfBnWZ5KnObi+J2uY2teUqoYkASN7F+GRPVOuMVoVgm05ss8tuMb2dLc9vsx93s\nDt+XlMTv/2qi5VPwaDtqduKkzwW9lUfn4xIMkTiVvCpe0X2HneD2Bpuao3/U8Rk0uiPfq6TooWaoW3kjsmErhEAs9bA7xuqo\n1KKY9CdHcFhkSsMhoeaZylZHtzbnoipUlQKSLMdJQiiYZQ0bYL83/Ta9fulr1EERICMFt3GUmtYaZZKHpWSfdJp9\"\"\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var example1 = new Okta.Idp.SamlKey(\"example_1\", new()\n    {\n        X5cs = new[]\n        {\n            example.Certificate,\n        },\n    });\n\n    var example2 = new Okta.Idp.SamlKey(\"example_2\", new()\n    {\n        X5cs = new[]\n        {\n            @\"MIIDnjCCAoagAwIBAgIGAVG3MN+PMA0GCSqGSIb3DQEBBQUAMIGPMQswCQYDVQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5p\nYTEWMBQGA1UEBwwNU2FuIEZyYW5jaXNjbzENMAsGA1UECgwET2t0YTEUMBIGA1UECwwLU1NPUHJvdmlkZXIxEDAOBgNVBAMM\nB2V4YW1wbGUxHDAaBgkqhkiG9w0BCQEWDWluZm9Ab2t0YS5jb20wHhcNMTUxMjE4MjIyMjMyWhcNMjUxMjE4MjIyMzMyWjCB\njzELMAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlmb3JuaWExFjAUBgNVBAcMDVNhbiBGcmFuY2lzY28xDTALBgNVBAoMBE9r\ndGExFDASBgNVBAsMC1NTT1Byb3ZpZGVyMRAwDgYDVQQDDAdleGFtcGxlMRwwGgYJKoZIhvcNAQkBFg1pbmZvQG9rdGEuY29t\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtcnyvuVCrsFEKCwHDenS3Ocjed8eWDv3zLtD2K/iZfE8BMj2wpTf\nn6Ry8zCYey3mWlKdxIybnV9amrujGRnE0ab6Q16v9D6RlFQLOG6dwqoRKuZy33Uyg8PGdEudZjGbWuKCqqXEp+UKALJHV+k4\nwWeVH8g5d1n3KyR2TVajVJpCrPhLFmq1Il4G/IUnPe4MvjXqB6CpKkog1+ThWsItPRJPAM+RweFHXq7KfChXsYE7Mmfuly8s\nDQlvBmQyxZnFHVuiPfCvGHJjpvHy11YlHdOjfgqHRvZbmo30+y0X/oY/yV4YEJ00LL6eJWU4wi7ViY3HP6/VCdRjHoRdr5L/\nDwIDAQABMA0GCSqGSIb3DQEBBQUAA4IBAQCzzhOFkvyYLNFj2WDcq1YqD4sBy1iCia9QpRH3rjQvMKDwQDYWbi6EdOX0TQ/I\nYR7UWGj+2pXd6v0t33lYtoKocp/4lUvT3tfBnWZ5KnObi+J2uY2teUqoYkASN7F+GRPVOuMVoVgm05ss8tuMb2dLc9vsx93s\nDt+XlMTv/2qi5VPwaDtqduKkzwW9lUfn4xIMkTiVvCpe0X2HneD2Bpuao3/U8Rk0uiPfq6TooWaoW3kjsmErhEAs9bA7xuqo\n1KKY9CdHcFhkSsMhoeaZylZHtzbnoipUlQKSLMdJQiiYZQ0bYL83/Ta9fulr1EERICMFt3GUmtYaZZKHpWSfdJp9\",\n        },\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta/idp\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := idp.NewSamlKey(ctx, \"example_1\", \u0026idp.SamlKeyArgs{\n\t\t\tX5cs: pulumi.StringArray{\n\t\t\t\texample.Certificate,\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = idp.NewSamlKey(ctx, \"example_2\", \u0026idp.SamlKeyArgs{\n\t\t\tX5cs: pulumi.StringArray{\n\t\t\t\tpulumi.String(`MIIDnjCCAoagAwIBAgIGAVG3MN+PMA0GCSqGSIb3DQEBBQUAMIGPMQswCQYDVQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5p\nYTEWMBQGA1UEBwwNU2FuIEZyYW5jaXNjbzENMAsGA1UECgwET2t0YTEUMBIGA1UECwwLU1NPUHJvdmlkZXIxEDAOBgNVBAMM\nB2V4YW1wbGUxHDAaBgkqhkiG9w0BCQEWDWluZm9Ab2t0YS5jb20wHhcNMTUxMjE4MjIyMjMyWhcNMjUxMjE4MjIyMzMyWjCB\njzELMAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlmb3JuaWExFjAUBgNVBAcMDVNhbiBGcmFuY2lzY28xDTALBgNVBAoMBE9r\ndGExFDASBgNVBAsMC1NTT1Byb3ZpZGVyMRAwDgYDVQQDDAdleGFtcGxlMRwwGgYJKoZIhvcNAQkBFg1pbmZvQG9rdGEuY29t\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtcnyvuVCrsFEKCwHDenS3Ocjed8eWDv3zLtD2K/iZfE8BMj2wpTf\nn6Ry8zCYey3mWlKdxIybnV9amrujGRnE0ab6Q16v9D6RlFQLOG6dwqoRKuZy33Uyg8PGdEudZjGbWuKCqqXEp+UKALJHV+k4\nwWeVH8g5d1n3KyR2TVajVJpCrPhLFmq1Il4G/IUnPe4MvjXqB6CpKkog1+ThWsItPRJPAM+RweFHXq7KfChXsYE7Mmfuly8s\nDQlvBmQyxZnFHVuiPfCvGHJjpvHy11YlHdOjfgqHRvZbmo30+y0X/oY/yV4YEJ00LL6eJWU4wi7ViY3HP6/VCdRjHoRdr5L/\nDwIDAQABMA0GCSqGSIb3DQEBBQUAA4IBAQCzzhOFkvyYLNFj2WDcq1YqD4sBy1iCia9QpRH3rjQvMKDwQDYWbi6EdOX0TQ/I\nYR7UWGj+2pXd6v0t33lYtoKocp/4lUvT3tfBnWZ5KnObi+J2uY2teUqoYkASN7F+GRPVOuMVoVgm05ss8tuMb2dLc9vsx93s\nDt+XlMTv/2qi5VPwaDtqduKkzwW9lUfn4xIMkTiVvCpe0X2HneD2Bpuao3/U8Rk0uiPfq6TooWaoW3kjsmErhEAs9bA7xuqo\n1KKY9CdHcFhkSsMhoeaZylZHtzbnoipUlQKSLMdJQiiYZQ0bYL83/Ta9fulr1EERICMFt3GUmtYaZZKHpWSfdJp9`),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.idp.SamlKey;\nimport com.pulumi.okta.idp.SamlKeyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        var example1 = new SamlKey(\"example1\", SamlKeyArgs.builder()\n            .x5cs(example.certificate())\n            .build());\n\n        var example2 = new SamlKey(\"example2\", SamlKeyArgs.builder()\n            .x5cs(\"\"\"\nMIIDnjCCAoagAwIBAgIGAVG3MN+PMA0GCSqGSIb3DQEBBQUAMIGPMQswCQYDVQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5p\nYTEWMBQGA1UEBwwNU2FuIEZyYW5jaXNjbzENMAsGA1UECgwET2t0YTEUMBIGA1UECwwLU1NPUHJvdmlkZXIxEDAOBgNVBAMM\nB2V4YW1wbGUxHDAaBgkqhkiG9w0BCQEWDWluZm9Ab2t0YS5jb20wHhcNMTUxMjE4MjIyMjMyWhcNMjUxMjE4MjIyMzMyWjCB\njzELMAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlmb3JuaWExFjAUBgNVBAcMDVNhbiBGcmFuY2lzY28xDTALBgNVBAoMBE9r\ndGExFDASBgNVBAsMC1NTT1Byb3ZpZGVyMRAwDgYDVQQDDAdleGFtcGxlMRwwGgYJKoZIhvcNAQkBFg1pbmZvQG9rdGEuY29t\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtcnyvuVCrsFEKCwHDenS3Ocjed8eWDv3zLtD2K/iZfE8BMj2wpTf\nn6Ry8zCYey3mWlKdxIybnV9amrujGRnE0ab6Q16v9D6RlFQLOG6dwqoRKuZy33Uyg8PGdEudZjGbWuKCqqXEp+UKALJHV+k4\nwWeVH8g5d1n3KyR2TVajVJpCrPhLFmq1Il4G/IUnPe4MvjXqB6CpKkog1+ThWsItPRJPAM+RweFHXq7KfChXsYE7Mmfuly8s\nDQlvBmQyxZnFHVuiPfCvGHJjpvHy11YlHdOjfgqHRvZbmo30+y0X/oY/yV4YEJ00LL6eJWU4wi7ViY3HP6/VCdRjHoRdr5L/\nDwIDAQABMA0GCSqGSIb3DQEBBQUAA4IBAQCzzhOFkvyYLNFj2WDcq1YqD4sBy1iCia9QpRH3rjQvMKDwQDYWbi6EdOX0TQ/I\nYR7UWGj+2pXd6v0t33lYtoKocp/4lUvT3tfBnWZ5KnObi+J2uY2teUqoYkASN7F+GRPVOuMVoVgm05ss8tuMb2dLc9vsx93s\nDt+XlMTv/2qi5VPwaDtqduKkzwW9lUfn4xIMkTiVvCpe0X2HneD2Bpuao3/U8Rk0uiPfq6TooWaoW3kjsmErhEAs9bA7xuqo\n1KKY9CdHcFhkSsMhoeaZylZHtzbnoipUlQKSLMdJQiiYZQ0bYL83/Ta9fulr1EERICMFt3GUmtYaZZKHpWSfdJp9            \"\"\")\n            .build());\n\n    }\n}\n```\n```yaml\nresources:\n  example1:\n    type: okta:idp:SamlKey\n    name: example_1\n    properties:\n      x5cs:\n        - ${example.certificate}\n  example2:\n    type: okta:idp:SamlKey\n    name: example_2\n    properties:\n      x5cs:\n        - |-\n          MIIDnjCCAoagAwIBAgIGAVG3MN+PMA0GCSqGSIb3DQEBBQUAMIGPMQswCQYDVQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5p\n          YTEWMBQGA1UEBwwNU2FuIEZyYW5jaXNjbzENMAsGA1UECgwET2t0YTEUMBIGA1UECwwLU1NPUHJvdmlkZXIxEDAOBgNVBAMM\n          B2V4YW1wbGUxHDAaBgkqhkiG9w0BCQEWDWluZm9Ab2t0YS5jb20wHhcNMTUxMjE4MjIyMjMyWhcNMjUxMjE4MjIyMzMyWjCB\n          jzELMAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlmb3JuaWExFjAUBgNVBAcMDVNhbiBGcmFuY2lzY28xDTALBgNVBAoMBE9r\n          dGExFDASBgNVBAsMC1NTT1Byb3ZpZGVyMRAwDgYDVQQDDAdleGFtcGxlMRwwGgYJKoZIhvcNAQkBFg1pbmZvQG9rdGEuY29t\n          MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtcnyvuVCrsFEKCwHDenS3Ocjed8eWDv3zLtD2K/iZfE8BMj2wpTf\n          n6Ry8zCYey3mWlKdxIybnV9amrujGRnE0ab6Q16v9D6RlFQLOG6dwqoRKuZy33Uyg8PGdEudZjGbWuKCqqXEp+UKALJHV+k4\n          wWeVH8g5d1n3KyR2TVajVJpCrPhLFmq1Il4G/IUnPe4MvjXqB6CpKkog1+ThWsItPRJPAM+RweFHXq7KfChXsYE7Mmfuly8s\n          DQlvBmQyxZnFHVuiPfCvGHJjpvHy11YlHdOjfgqHRvZbmo30+y0X/oY/yV4YEJ00LL6eJWU4wi7ViY3HP6/VCdRjHoRdr5L/\n          DwIDAQABMA0GCSqGSIb3DQEBBQUAA4IBAQCzzhOFkvyYLNFj2WDcq1YqD4sBy1iCia9QpRH3rjQvMKDwQDYWbi6EdOX0TQ/I\n          YR7UWGj+2pXd6v0t33lYtoKocp/4lUvT3tfBnWZ5KnObi+J2uY2teUqoYkASN7F+GRPVOuMVoVgm05ss8tuMb2dLc9vsx93s\n          Dt+XlMTv/2qi5VPwaDtqduKkzwW9lUfn4xIMkTiVvCpe0X2HneD2Bpuao3/U8Rk0uiPfq6TooWaoW3kjsmErhEAs9bA7xuqo\n          1KKY9CdHcFhkSsMhoeaZylZHtzbnoipUlQKSLMdJQiiYZQ0bYL83/Ta9fulr1EERICMFt3GUmtYaZZKHpWSfdJp9\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\n```sh\n$ pulumi import okta:idp/samlKey:SamlKey example \u003ckey_id\u003e\n```\n\n","properties":{"created":{"type":"string","description":"Date created.\n"},"expiresAt":{"type":"string","description":"Date the cert expires.\n"},"kid":{"type":"string","description":"Key ID.\n"},"kty":{"type":"string","description":"Identifies the cryptographic algorithm family used with the key.\n"},"use":{"type":"string","description":"Intended use of the public key.\n"},"x5cs":{"type":"array","items":{"type":"string"},"description":"base64-encoded X.509 certificate chain with DER encoding\n"},"x5tS256":{"type":"string","description":"base64url-encoded SHA-256 thumbprint of the DER encoding of an X.509 certificate.\n"}},"required":["created","expiresAt","kid","kty","use","x5cs","x5tS256"],"inputProperties":{"x5cs":{"type":"array","items":{"type":"string"},"description":"base64-encoded X.509 certificate chain with DER encoding\n"}},"requiredInputs":["x5cs"],"stateInputs":{"description":"Input properties used for looking up and filtering SamlKey resources.\n","properties":{"created":{"type":"string","description":"Date created.\n"},"expiresAt":{"type":"string","description":"Date the cert expires.\n"},"kid":{"type":"string","description":"Key ID.\n"},"kty":{"type":"string","description":"Identifies the cryptographic algorithm family used with the key.\n"},"use":{"type":"string","description":"Intended use of the public key.\n"},"x5cs":{"type":"array","items":{"type":"string"},"description":"base64-encoded X.509 certificate chain with DER encoding\n"},"x5tS256":{"type":"string","description":"base64url-encoded SHA-256 thumbprint of the DER encoding of an X.509 certificate.\n"}},"type":"object"}},"okta:idp/social:Social":{"description":"Creates a Social Identity Provider. This resource allows you to create and configure a Social Identity Provider.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst example = new okta.idp.Social(\"example\", {\n    type: \"FACEBOOK\",\n    protocolType: \"OAUTH2\",\n    name: \"testAcc_facebook_replace_with_uuid\",\n    scopes: [\n        \"public_profile\",\n        \"email\",\n    ],\n    clientId: \"abcd123\",\n    clientSecret: \"abcd123\",\n    usernameTemplate: \"idpuser.email\",\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\nexample = okta.idp.Social(\"example\",\n    type=\"FACEBOOK\",\n    protocol_type=\"OAUTH2\",\n    name=\"testAcc_facebook_replace_with_uuid\",\n    scopes=[\n        \"public_profile\",\n        \"email\",\n    ],\n    client_id=\"abcd123\",\n    client_secret=\"abcd123\",\n    username_template=\"idpuser.email\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var example = new Okta.Idp.Social(\"example\", new()\n    {\n        Type = \"FACEBOOK\",\n        ProtocolType = \"OAUTH2\",\n        Name = \"testAcc_facebook_replace_with_uuid\",\n        Scopes = new[]\n        {\n            \"public_profile\",\n            \"email\",\n        },\n        ClientId = \"abcd123\",\n        ClientSecret = \"abcd123\",\n        UsernameTemplate = \"idpuser.email\",\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta/idp\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := idp.NewSocial(ctx, \"example\", \u0026idp.SocialArgs{\n\t\t\tType:         pulumi.String(\"FACEBOOK\"),\n\t\t\tProtocolType: pulumi.String(\"OAUTH2\"),\n\t\t\tName:         pulumi.String(\"testAcc_facebook_replace_with_uuid\"),\n\t\t\tScopes: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"public_profile\"),\n\t\t\t\tpulumi.String(\"email\"),\n\t\t\t},\n\t\t\tClientId:         pulumi.String(\"abcd123\"),\n\t\t\tClientSecret:     pulumi.String(\"abcd123\"),\n\t\t\tUsernameTemplate: pulumi.String(\"idpuser.email\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.idp.Social;\nimport com.pulumi.okta.idp.SocialArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        var example = new Social(\"example\", SocialArgs.builder()\n            .type(\"FACEBOOK\")\n            .protocolType(\"OAUTH2\")\n            .name(\"testAcc_facebook_replace_with_uuid\")\n            .scopes(            \n                \"public_profile\",\n                \"email\")\n            .clientId(\"abcd123\")\n            .clientSecret(\"abcd123\")\n            .usernameTemplate(\"idpuser.email\")\n            .build());\n\n    }\n}\n```\n```yaml\nresources:\n  example:\n    type: okta:idp:Social\n    properties:\n      type: FACEBOOK\n      protocolType: OAUTH2\n      name: testAcc_facebook_replace_with_uuid\n      scopes:\n        - public_profile\n        - email\n      clientId: abcd123\n      clientSecret: abcd123\n      usernameTemplate: idpuser.email\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\n```sh\n$ pulumi import okta:idp/social:Social example \u003cidp_id\u003e\n```\n\n","properties":{"accountLinkAction":{"type":"string","description":"Specifies the account linking action for an IdP user. Default: `AUTO`\n"},"accountLinkGroupIncludes":{"type":"array","items":{"type":"string"},"description":"Group memberships to determine link candidates.\n"},"appleKid":{"type":"string","description":"The Key ID that you obtained from Apple when you created the private key for the client\n"},"applePrivateKey":{"type":"string","description":"The Key ID that you obtained from Apple when you created the private key for the client. PrivateKey is required when resource is first created. For all consecutive updates, it can be empty/omitted and keeps the existing value if it is empty/omitted. PrivateKey isn't returned when importing this resource.\n","secret":true},"appleTeamId":{"type":"string","description":"The Team ID associated with your Apple developer account\n"},"authorizationBinding":{"type":"string","description":"The method of making an authorization request. It can be set to `HTTP-POST` or `HTTP-REDIRECT`.\n"},"authorizationUrl":{"type":"string","description":"IdP Authorization Server (AS) endpoint to request consent from the user and obtain an authorization code grant.\n"},"clientId":{"type":"string","description":"Unique identifier issued by AS for the Okta IdP instance.\n"},"clientSecret":{"type":"string","description":"Client secret issued by AS for the Okta IdP instance.\n","secret":true},"deprovisionedAction":{"type":"string","description":"Action for a previously deprovisioned IdP user during authentication. Can be `NONE` or `REACTIVATE`. Default: `NONE`\n"},"groupsAction":{"type":"string","description":"Provisioning action for IdP user's group memberships. It can be `NONE`, `SYNC`, `APPEND`, or `ASSIGN`. Default: `NONE`\n"},"groupsAssignments":{"type":"array","items":{"type":"string"},"description":"List of Okta Group IDs to add an IdP user as a member with the `ASSIGN` \u003cspan pulumi-lang-nodejs=\"`groupsAction`\" pulumi-lang-dotnet=\"`GroupsAction`\" pulumi-lang-go=\"`groupsAction`\" pulumi-lang-python=\"`groups_action`\" pulumi-lang-yaml=\"`groupsAction`\" pulumi-lang-java=\"`groupsAction`\"\u003e`groups_action`\u003c/span\u003e.\n"},"groupsAttribute":{"type":"string","description":"IdP user profile attribute name (case-insensitive) for an array value that contains group memberships.\n"},"groupsFilters":{"type":"array","items":{"type":"string"},"description":"Whitelist of Okta Group identifiers that are allowed for the `APPEND` or `SYNC` \u003cspan pulumi-lang-nodejs=\"`groupsAction`\" pulumi-lang-dotnet=\"`GroupsAction`\" pulumi-lang-go=\"`groupsAction`\" pulumi-lang-python=\"`groups_action`\" pulumi-lang-yaml=\"`groupsAction`\" pulumi-lang-java=\"`groupsAction`\"\u003e`groups_action`\u003c/span\u003e.\n"},"issuerMode":{"type":"string","description":"Indicates whether Okta uses the original Okta org domain URL, or a custom domain URL. It can be `ORG_URL` or `CUSTOM_URL`. Default: `ORG_URL`\n"},"maxClockSkew":{"type":"integer","description":"Maximum allowable clock-skew when processing messages from the IdP.\n"},"name":{"type":"string","description":"Name of the IdP\n"},"profileMaster":{"type":"boolean","description":"Determines if the IdP should act as a source of truth for user profile attributes.\n"},"protocolType":{"type":"string","description":"The type of protocol to use. It can be `OIDC` or `OAUTH2`. Default: `OAUTH2`\n"},"provisioningAction":{"type":"string","description":"Provisioning action for an IdP user during authentication. Default: `AUTO`\n"},"scopes":{"type":"array","items":{"type":"string"},"description":"The scopes of the IdP.\n"},"status":{"type":"string","description":"Default to `ACTIVE`\n"},"subjectMatchAttribute":{"type":"string","description":"Okta user profile attribute for matching transformed IdP username. Only for matchType `CUSTOM_ATTRIBUTE`.\n"},"subjectMatchType":{"type":"string","description":"Determines the Okta user profile attribute match conditions for account linking and authentication of the transformed IdP username. By default, it is set to `USERNAME`. It can be set to `USERNAME`, `EMAIL`, `USERNAME_OR_EMAIL` or `CUSTOM_ATTRIBUTE`.\n"},"suspendedAction":{"type":"string","description":"Action for a previously suspended IdP user during authentication. Can be `NONE` or `REACTIVATE`. Default: `NONE`\n"},"tokenBinding":{"type":"string","description":"The method of making a token request. It can be set to `HTTP-POST` or `HTTP-REDIRECT`.\n"},"tokenUrl":{"type":"string","description":"IdP Authorization Server (AS) endpoint to exchange the authorization code grant for an access token.\n"},"trustAudience":{"type":"string","description":"Trust audience for the Okta IdP instance.\n"},"trustIssuer":{"type":"string","description":"Trust issuer for the Okta IdP instance.\n"},"trustKid":{"type":"string","description":"Trust kid for the Okta IdP instance.\n"},"trustRevocation":{"type":"string","description":"Trust revocation for the Okta IdP instance.\n"},"trustRevocationCacheLifetime":{"type":"integer","description":"Trust revocation cache lifetime for the Okta IdP instance.\n"},"type":{"type":"string","description":"Identity Provider Types: https://developer.okta.com/docs/reference/api/idps/#identity-provider-type\n"},"usernameTemplate":{"type":"string","description":"Okta EL Expression to generate or transform a unique username for the IdP user. Default: `idpuser.email`\n"}},"required":["authorizationBinding","authorizationUrl","name","scopes","tokenBinding","tokenUrl","trustAudience","trustIssuer","trustKid","trustRevocation","trustRevocationCacheLifetime","type"],"inputProperties":{"accountLinkAction":{"type":"string","description":"Specifies the account linking action for an IdP user. Default: `AUTO`\n"},"accountLinkGroupIncludes":{"type":"array","items":{"type":"string"},"description":"Group memberships to determine link candidates.\n"},"appleKid":{"type":"string","description":"The Key ID that you obtained from Apple when you created the private key for the client\n"},"applePrivateKey":{"type":"string","description":"The Key ID that you obtained from Apple when you created the private key for the client. PrivateKey is required when resource is first created. For all consecutive updates, it can be empty/omitted and keeps the existing value if it is empty/omitted. PrivateKey isn't returned when importing this resource.\n","secret":true},"appleTeamId":{"type":"string","description":"The Team ID associated with your Apple developer account\n"},"clientId":{"type":"string","description":"Unique identifier issued by AS for the Okta IdP instance.\n"},"clientSecret":{"type":"string","description":"Client secret issued by AS for the Okta IdP instance.\n","secret":true},"deprovisionedAction":{"type":"string","description":"Action for a previously deprovisioned IdP user during authentication. Can be `NONE` or `REACTIVATE`. Default: `NONE`\n"},"groupsAction":{"type":"string","description":"Provisioning action for IdP user's group memberships. It can be `NONE`, `SYNC`, `APPEND`, or `ASSIGN`. Default: `NONE`\n"},"groupsAssignments":{"type":"array","items":{"type":"string"},"description":"List of Okta Group IDs to add an IdP user as a member with the `ASSIGN` \u003cspan pulumi-lang-nodejs=\"`groupsAction`\" pulumi-lang-dotnet=\"`GroupsAction`\" pulumi-lang-go=\"`groupsAction`\" pulumi-lang-python=\"`groups_action`\" pulumi-lang-yaml=\"`groupsAction`\" pulumi-lang-java=\"`groupsAction`\"\u003e`groups_action`\u003c/span\u003e.\n"},"groupsAttribute":{"type":"string","description":"IdP user profile attribute name (case-insensitive) for an array value that contains group memberships.\n"},"groupsFilters":{"type":"array","items":{"type":"string"},"description":"Whitelist of Okta Group identifiers that are allowed for the `APPEND` or `SYNC` \u003cspan pulumi-lang-nodejs=\"`groupsAction`\" pulumi-lang-dotnet=\"`GroupsAction`\" pulumi-lang-go=\"`groupsAction`\" pulumi-lang-python=\"`groups_action`\" pulumi-lang-yaml=\"`groupsAction`\" pulumi-lang-java=\"`groupsAction`\"\u003e`groups_action`\u003c/span\u003e.\n"},"issuerMode":{"type":"string","description":"Indicates whether Okta uses the original Okta org domain URL, or a custom domain URL. It can be `ORG_URL` or `CUSTOM_URL`. Default: `ORG_URL`\n"},"maxClockSkew":{"type":"integer","description":"Maximum allowable clock-skew when processing messages from the IdP.\n"},"name":{"type":"string","description":"Name of the IdP\n"},"profileMaster":{"type":"boolean","description":"Determines if the IdP should act as a source of truth for user profile attributes.\n"},"protocolType":{"type":"string","description":"The type of protocol to use. It can be `OIDC` or `OAUTH2`. Default: `OAUTH2`\n"},"provisioningAction":{"type":"string","description":"Provisioning action for an IdP user during authentication. Default: `AUTO`\n"},"scopes":{"type":"array","items":{"type":"string"},"description":"The scopes of the IdP.\n"},"status":{"type":"string","description":"Default to `ACTIVE`\n"},"subjectMatchAttribute":{"type":"string","description":"Okta user profile attribute for matching transformed IdP username. Only for matchType `CUSTOM_ATTRIBUTE`.\n"},"subjectMatchType":{"type":"string","description":"Determines the Okta user profile attribute match conditions for account linking and authentication of the transformed IdP username. By default, it is set to `USERNAME`. It can be set to `USERNAME`, `EMAIL`, `USERNAME_OR_EMAIL` or `CUSTOM_ATTRIBUTE`.\n"},"suspendedAction":{"type":"string","description":"Action for a previously suspended IdP user during authentication. Can be `NONE` or `REACTIVATE`. Default: `NONE`\n"},"type":{"type":"string","description":"Identity Provider Types: https://developer.okta.com/docs/reference/api/idps/#identity-provider-type\n"},"usernameTemplate":{"type":"string","description":"Okta EL Expression to generate or transform a unique username for the IdP user. Default: `idpuser.email`\n"}},"requiredInputs":["scopes","type"],"stateInputs":{"description":"Input properties used for looking up and filtering Social resources.\n","properties":{"accountLinkAction":{"type":"string","description":"Specifies the account linking action for an IdP user. Default: `AUTO`\n"},"accountLinkGroupIncludes":{"type":"array","items":{"type":"string"},"description":"Group memberships to determine link candidates.\n"},"appleKid":{"type":"string","description":"The Key ID that you obtained from Apple when you created the private key for the client\n"},"applePrivateKey":{"type":"string","description":"The Key ID that you obtained from Apple when you created the private key for the client. PrivateKey is required when resource is first created. For all consecutive updates, it can be empty/omitted and keeps the existing value if it is empty/omitted. PrivateKey isn't returned when importing this resource.\n","secret":true},"appleTeamId":{"type":"string","description":"The Team ID associated with your Apple developer account\n"},"authorizationBinding":{"type":"string","description":"The method of making an authorization request. It can be set to `HTTP-POST` or `HTTP-REDIRECT`.\n"},"authorizationUrl":{"type":"string","description":"IdP Authorization Server (AS) endpoint to request consent from the user and obtain an authorization code grant.\n"},"clientId":{"type":"string","description":"Unique identifier issued by AS for the Okta IdP instance.\n"},"clientSecret":{"type":"string","description":"Client secret issued by AS for the Okta IdP instance.\n","secret":true},"deprovisionedAction":{"type":"string","description":"Action for a previously deprovisioned IdP user during authentication. Can be `NONE` or `REACTIVATE`. Default: `NONE`\n"},"groupsAction":{"type":"string","description":"Provisioning action for IdP user's group memberships. It can be `NONE`, `SYNC`, `APPEND`, or `ASSIGN`. Default: `NONE`\n"},"groupsAssignments":{"type":"array","items":{"type":"string"},"description":"List of Okta Group IDs to add an IdP user as a member with the `ASSIGN` \u003cspan pulumi-lang-nodejs=\"`groupsAction`\" pulumi-lang-dotnet=\"`GroupsAction`\" pulumi-lang-go=\"`groupsAction`\" pulumi-lang-python=\"`groups_action`\" pulumi-lang-yaml=\"`groupsAction`\" pulumi-lang-java=\"`groupsAction`\"\u003e`groups_action`\u003c/span\u003e.\n"},"groupsAttribute":{"type":"string","description":"IdP user profile attribute name (case-insensitive) for an array value that contains group memberships.\n"},"groupsFilters":{"type":"array","items":{"type":"string"},"description":"Whitelist of Okta Group identifiers that are allowed for the `APPEND` or `SYNC` \u003cspan pulumi-lang-nodejs=\"`groupsAction`\" pulumi-lang-dotnet=\"`GroupsAction`\" pulumi-lang-go=\"`groupsAction`\" pulumi-lang-python=\"`groups_action`\" pulumi-lang-yaml=\"`groupsAction`\" pulumi-lang-java=\"`groupsAction`\"\u003e`groups_action`\u003c/span\u003e.\n"},"issuerMode":{"type":"string","description":"Indicates whether Okta uses the original Okta org domain URL, or a custom domain URL. It can be `ORG_URL` or `CUSTOM_URL`. Default: `ORG_URL`\n"},"maxClockSkew":{"type":"integer","description":"Maximum allowable clock-skew when processing messages from the IdP.\n"},"name":{"type":"string","description":"Name of the IdP\n"},"profileMaster":{"type":"boolean","description":"Determines if the IdP should act as a source of truth for user profile attributes.\n"},"protocolType":{"type":"string","description":"The type of protocol to use. It can be `OIDC` or `OAUTH2`. Default: `OAUTH2`\n"},"provisioningAction":{"type":"string","description":"Provisioning action for an IdP user during authentication. Default: `AUTO`\n"},"scopes":{"type":"array","items":{"type":"string"},"description":"The scopes of the IdP.\n"},"status":{"type":"string","description":"Default to `ACTIVE`\n"},"subjectMatchAttribute":{"type":"string","description":"Okta user profile attribute for matching transformed IdP username. Only for matchType `CUSTOM_ATTRIBUTE`.\n"},"subjectMatchType":{"type":"string","description":"Determines the Okta user profile attribute match conditions for account linking and authentication of the transformed IdP username. By default, it is set to `USERNAME`. It can be set to `USERNAME`, `EMAIL`, `USERNAME_OR_EMAIL` or `CUSTOM_ATTRIBUTE`.\n"},"suspendedAction":{"type":"string","description":"Action for a previously suspended IdP user during authentication. Can be `NONE` or `REACTIVATE`. Default: `NONE`\n"},"tokenBinding":{"type":"string","description":"The method of making a token request. It can be set to `HTTP-POST` or `HTTP-REDIRECT`.\n"},"tokenUrl":{"type":"string","description":"IdP Authorization Server (AS) endpoint to exchange the authorization code grant for an access token.\n"},"trustAudience":{"type":"string","description":"Trust audience for the Okta IdP instance.\n"},"trustIssuer":{"type":"string","description":"Trust issuer for the Okta IdP instance.\n"},"trustKid":{"type":"string","description":"Trust kid for the Okta IdP instance.\n"},"trustRevocation":{"type":"string","description":"Trust revocation for the Okta IdP instance.\n"},"trustRevocationCacheLifetime":{"type":"integer","description":"Trust revocation cache lifetime for the Okta IdP instance.\n"},"type":{"type":"string","description":"Identity Provider Types: https://developer.okta.com/docs/reference/api/idps/#identity-provider-type\n"},"usernameTemplate":{"type":"string","description":"Okta EL Expression to generate or transform a unique username for the IdP user. Default: `idpuser.email`\n"}},"type":"object"}},"okta:index/adminRoleCustom:AdminRoleCustom":{"description":"Resource to manage administrative Role assignments for a User\n\nThese operations allow the creation and manipulation of custom roles as custom collections of permissions.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst example = new okta.AdminRoleCustom(\"example\", {\n    label: \"AppAssignmentManager\",\n    description: \"This role allows app assignment management\",\n    permissions: [\"okta.apps.assignment.manage\"],\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\nexample = okta.AdminRoleCustom(\"example\",\n    label=\"AppAssignmentManager\",\n    description=\"This role allows app assignment management\",\n    permissions=[\"okta.apps.assignment.manage\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var example = new Okta.AdminRoleCustom(\"example\", new()\n    {\n        Label = \"AppAssignmentManager\",\n        Description = \"This role allows app assignment management\",\n        Permissions = new[]\n        {\n            \"okta.apps.assignment.manage\",\n        },\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := okta.NewAdminRoleCustom(ctx, \"example\", \u0026okta.AdminRoleCustomArgs{\n\t\t\tLabel:       pulumi.String(\"AppAssignmentManager\"),\n\t\t\tDescription: pulumi.String(\"This role allows app assignment management\"),\n\t\t\tPermissions: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"okta.apps.assignment.manage\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.AdminRoleCustom;\nimport com.pulumi.okta.AdminRoleCustomArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        var example = new AdminRoleCustom(\"example\", AdminRoleCustomArgs.builder()\n            .label(\"AppAssignmentManager\")\n            .description(\"This role allows app assignment management\")\n            .permissions(\"okta.apps.assignment.manage\")\n            .build());\n\n    }\n}\n```\n```yaml\nresources:\n  example:\n    type: okta:AdminRoleCustom\n    properties:\n      label: AppAssignmentManager\n      description: This role allows app assignment management\n      permissions:\n        - okta.apps.assignment.manage\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\n```sh\n$ pulumi import okta:index/adminRoleCustom:AdminRoleCustom example \u003ccustom_role_id\u003e\n```\n\n","properties":{"description":{"type":"string","description":"A human-readable description of the new Role\n"},"label":{"type":"string","description":"The name given to the new Role\n"},"permissions":{"type":"array","items":{"type":"string"},"description":"The permissions that the new Role grants. At least one\n\t\t\tpermission must be specified when creating custom role. Valid values: \"okta.users.manage\",\n\t\t\t\"okta.users.create\",\n\t\t\t\"okta.users.read\",\n\t\t\t\"okta.users.credentials.manage\",\n\t\t\t\"okta.users.credentials.resetFactors\",\n\t\t\t\"okta.users.credentials.resetPassword\",\n\t\t\t\"okta.users.credentials.expirePassword\",\n\t\t\t\"okta.users.userprofile.manage\",\n\t\t\t\"okta.users.lifecycle.manage\",\n\t\t\t\"okta.users.lifecycle.activate\",\n\t\t\t\"okta.users.lifecycle.deactivate\",\n\t\t\t\"okta.users.lifecycle.suspend\",\n\t\t\t\"okta.users.lifecycle.unsuspend\",\n\t\t\t\"okta.users.lifecycle.delete\",\n\t\t\t\"okta.users.lifecycle.unlock\",\n\t\t\t\"okta.users.lifecycle.clearSessions\",\n\t\t\t\"okta.users.groupMembership.manage\",\n\t\t\t\"okta.users.appAssignment.manage\",\n\t\t\t\"okta.users.apitokens.manage\",\n\t\t\t\"okta.users.apitokens.read\",\n\t\t\t\"okta.groups.manage\",\n\t\t\t\"okta.groups.create\",\n\t\t\t\"okta.groups.members.manage\",\n\t\t\t\"okta.groups.read\",\n\t\t\t\"okta.groups.appAssignment.manage\",\n\t\t\t\"okta.apps.read\",\n\t\t\t\"okta.apps.manage\",\n\t\t\t\"okta.apps.assignment.manage\",\n\t\t\t\"okta.profilesources.import.run\",\n\t\t\t\"okta.authzServers.read\",\n\t\t\t\"okta.users.userprofile.manage\",\n\t\t\t\"okta.authzServers.manage\",\n\t\t\t\"okta.customizations.read\",\n\t\t\t\"okta.customizations.manage\",\n\t\t\t\"okta.identityProviders.read\",\n\t\t\t\"okta.identityProviders.manage\",\n\t\t\t\"okta.workflows.read\",\n\t\t\t\"okta.workflows.invoke\".\n\t\t\t\"okta.governance.accessCertifications.manage\",\n\t\t\t\"okta.governance.accessRequests.manage\",\n\t\t\t\"okta.apps.manageFirstPartyApps\",\n\t\t\t\"okta.agents.manage\",\n\t\t\t\"okta.agents.register\",\n\t\t\t\"okta.agents.view\",\n\t\t\t\"okta.directories.manage\",\n\t\t\t\"okta.directories.read\",\n\t\t\t\"okta.devices.manage\",\n\t\t\t\"okta.devices.lifecycle.manage\",\n\t\t\t\"okta.devices.lifecycle.activate\",\n\t\t\t\"okta.devices.lifecycle.deactivate\",\n\t\t\t\"okta.devices.lifecycle.suspend\",\n\t\t\t\"okta.devices.lifecycle.unsuspend\",\n\t\t\t\"okta.devices.lifecycle.delete\",\n\t\t\t\"okta.devices.read\",\n\t\t\t\"okta.iam.read\",\n\t\t\t\"okta.support.cases.manage\".,\n"}},"required":["description","label"],"inputProperties":{"description":{"type":"string","description":"A human-readable description of the new Role\n"},"label":{"type":"string","description":"The name given to the new Role\n","willReplaceOnChanges":true},"permissions":{"type":"array","items":{"type":"string"},"description":"The permissions that the new Role grants. At least one\n\t\t\tpermission must be specified when creating custom role. Valid values: \"okta.users.manage\",\n\t\t\t\"okta.users.create\",\n\t\t\t\"okta.users.read\",\n\t\t\t\"okta.users.credentials.manage\",\n\t\t\t\"okta.users.credentials.resetFactors\",\n\t\t\t\"okta.users.credentials.resetPassword\",\n\t\t\t\"okta.users.credentials.expirePassword\",\n\t\t\t\"okta.users.userprofile.manage\",\n\t\t\t\"okta.users.lifecycle.manage\",\n\t\t\t\"okta.users.lifecycle.activate\",\n\t\t\t\"okta.users.lifecycle.deactivate\",\n\t\t\t\"okta.users.lifecycle.suspend\",\n\t\t\t\"okta.users.lifecycle.unsuspend\",\n\t\t\t\"okta.users.lifecycle.delete\",\n\t\t\t\"okta.users.lifecycle.unlock\",\n\t\t\t\"okta.users.lifecycle.clearSessions\",\n\t\t\t\"okta.users.groupMembership.manage\",\n\t\t\t\"okta.users.appAssignment.manage\",\n\t\t\t\"okta.users.apitokens.manage\",\n\t\t\t\"okta.users.apitokens.read\",\n\t\t\t\"okta.groups.manage\",\n\t\t\t\"okta.groups.create\",\n\t\t\t\"okta.groups.members.manage\",\n\t\t\t\"okta.groups.read\",\n\t\t\t\"okta.groups.appAssignment.manage\",\n\t\t\t\"okta.apps.read\",\n\t\t\t\"okta.apps.manage\",\n\t\t\t\"okta.apps.assignment.manage\",\n\t\t\t\"okta.profilesources.import.run\",\n\t\t\t\"okta.authzServers.read\",\n\t\t\t\"okta.users.userprofile.manage\",\n\t\t\t\"okta.authzServers.manage\",\n\t\t\t\"okta.customizations.read\",\n\t\t\t\"okta.customizations.manage\",\n\t\t\t\"okta.identityProviders.read\",\n\t\t\t\"okta.identityProviders.manage\",\n\t\t\t\"okta.workflows.read\",\n\t\t\t\"okta.workflows.invoke\".\n\t\t\t\"okta.governance.accessCertifications.manage\",\n\t\t\t\"okta.governance.accessRequests.manage\",\n\t\t\t\"okta.apps.manageFirstPartyApps\",\n\t\t\t\"okta.agents.manage\",\n\t\t\t\"okta.agents.register\",\n\t\t\t\"okta.agents.view\",\n\t\t\t\"okta.directories.manage\",\n\t\t\t\"okta.directories.read\",\n\t\t\t\"okta.devices.manage\",\n\t\t\t\"okta.devices.lifecycle.manage\",\n\t\t\t\"okta.devices.lifecycle.activate\",\n\t\t\t\"okta.devices.lifecycle.deactivate\",\n\t\t\t\"okta.devices.lifecycle.suspend\",\n\t\t\t\"okta.devices.lifecycle.unsuspend\",\n\t\t\t\"okta.devices.lifecycle.delete\",\n\t\t\t\"okta.devices.read\",\n\t\t\t\"okta.iam.read\",\n\t\t\t\"okta.support.cases.manage\".,\n"}},"requiredInputs":["description","label"],"stateInputs":{"description":"Input properties used for looking up and filtering AdminRoleCustom resources.\n","properties":{"description":{"type":"string","description":"A human-readable description of the new Role\n"},"label":{"type":"string","description":"The name given to the new Role\n","willReplaceOnChanges":true},"permissions":{"type":"array","items":{"type":"string"},"description":"The permissions that the new Role grants. At least one\n\t\t\tpermission must be specified when creating custom role. Valid values: \"okta.users.manage\",\n\t\t\t\"okta.users.create\",\n\t\t\t\"okta.users.read\",\n\t\t\t\"okta.users.credentials.manage\",\n\t\t\t\"okta.users.credentials.resetFactors\",\n\t\t\t\"okta.users.credentials.resetPassword\",\n\t\t\t\"okta.users.credentials.expirePassword\",\n\t\t\t\"okta.users.userprofile.manage\",\n\t\t\t\"okta.users.lifecycle.manage\",\n\t\t\t\"okta.users.lifecycle.activate\",\n\t\t\t\"okta.users.lifecycle.deactivate\",\n\t\t\t\"okta.users.lifecycle.suspend\",\n\t\t\t\"okta.users.lifecycle.unsuspend\",\n\t\t\t\"okta.users.lifecycle.delete\",\n\t\t\t\"okta.users.lifecycle.unlock\",\n\t\t\t\"okta.users.lifecycle.clearSessions\",\n\t\t\t\"okta.users.groupMembership.manage\",\n\t\t\t\"okta.users.appAssignment.manage\",\n\t\t\t\"okta.users.apitokens.manage\",\n\t\t\t\"okta.users.apitokens.read\",\n\t\t\t\"okta.groups.manage\",\n\t\t\t\"okta.groups.create\",\n\t\t\t\"okta.groups.members.manage\",\n\t\t\t\"okta.groups.read\",\n\t\t\t\"okta.groups.appAssignment.manage\",\n\t\t\t\"okta.apps.read\",\n\t\t\t\"okta.apps.manage\",\n\t\t\t\"okta.apps.assignment.manage\",\n\t\t\t\"okta.profilesources.import.run\",\n\t\t\t\"okta.authzServers.read\",\n\t\t\t\"okta.users.userprofile.manage\",\n\t\t\t\"okta.authzServers.manage\",\n\t\t\t\"okta.customizations.read\",\n\t\t\t\"okta.customizations.manage\",\n\t\t\t\"okta.identityProviders.read\",\n\t\t\t\"okta.identityProviders.manage\",\n\t\t\t\"okta.workflows.read\",\n\t\t\t\"okta.workflows.invoke\".\n\t\t\t\"okta.governance.accessCertifications.manage\",\n\t\t\t\"okta.governance.accessRequests.manage\",\n\t\t\t\"okta.apps.manageFirstPartyApps\",\n\t\t\t\"okta.agents.manage\",\n\t\t\t\"okta.agents.register\",\n\t\t\t\"okta.agents.view\",\n\t\t\t\"okta.directories.manage\",\n\t\t\t\"okta.directories.read\",\n\t\t\t\"okta.devices.manage\",\n\t\t\t\"okta.devices.lifecycle.manage\",\n\t\t\t\"okta.devices.lifecycle.activate\",\n\t\t\t\"okta.devices.lifecycle.deactivate\",\n\t\t\t\"okta.devices.lifecycle.suspend\",\n\t\t\t\"okta.devices.lifecycle.unsuspend\",\n\t\t\t\"okta.devices.lifecycle.delete\",\n\t\t\t\"okta.devices.read\",\n\t\t\t\"okta.iam.read\",\n\t\t\t\"okta.support.cases.manage\".,\n"}},"type":"object"}},"okta:index/adminRoleCustomAssignments:AdminRoleCustomAssignments":{"description":"Resource to manage the assignment and unassignment of Custom Roles\nThese operations allow the creation and manipulation of custom roles as custom collections of permissions.\n\t\t\n\u003e **NOTE:** This an Early Access feature.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\nimport * as std from \"@pulumi/std\";\n\nconst orgUrl = \"https://mycompany.okta.com\";\nconst test = new okta.AdminRoleCustom(\"test\", {\n    label: \"SomeUsersAndApps\",\n    description: \"Manage apps assignments and users\",\n    permissions: [\n        \"okta.apps.assignment.manage\",\n        \"okta.users.manage\",\n        \"okta.apps.manage\",\n    ],\n});\nconst testSwa = new okta.app.Swa(\"test\", {\n    label: \"My SWA App\",\n    buttonField: \"btn-login\",\n    passwordField: \"txtbox-password\",\n    usernameField: \"txtbox-username\",\n    url: \"https://example.com/login.html\",\n});\nconst testResourceSet = new okta.ResourceSet(\"test\", {\n    label: \"UsersWithApp\",\n    description: \"All the users and SWA app\",\n    resources: [\n        std.index.format({\n            input: \"%s/api/v1/users\",\n            args: [orgUrl],\n        }).result,\n        std.index.format({\n            input: \"%s/api/v1/apps/%s\",\n            args: [\n                orgUrl,\n                testSwa.id,\n            ],\n        }).result,\n    ],\n});\n// this user will have `CUSTOM` role assigned, but it won't appear in the `admin_roles` for that user,\n// since direct assignment of custom roles is not allowed\nconst testUser = new okta.user.User(\"test\", {\n    firstName: \"Paul\",\n    lastName: \"Atreides\",\n    login: \"no-reply@caladan.planet\",\n    email: \"no-reply@caladan.planet\",\n});\nconst testGroup = new okta.group.Group(\"test\", {\n    name: \"General\",\n    description: \"General Group\",\n});\n// this user and group will manage the set of resources based on the permissions specified in the custom role\nconst testAdminRoleCustomAssignments = new okta.AdminRoleCustomAssignments(\"test\", {\n    resourceSetId: testResourceSet.id,\n    customRoleId: test.id,\n    members: [\n        std.index.format({\n            input: \"%s/api/v1/users/%s\",\n            args: [\n                orgUrl,\n                testUser.id,\n            ],\n        }).result,\n        std.index.format({\n            input: \"%s/api/v1/groups/%s\",\n            args: [\n                orgUrl,\n                testGroup.id,\n            ],\n        }).result,\n    ],\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\nimport pulumi_std as std\n\norg_url = \"https://mycompany.okta.com\"\ntest = okta.AdminRoleCustom(\"test\",\n    label=\"SomeUsersAndApps\",\n    description=\"Manage apps assignments and users\",\n    permissions=[\n        \"okta.apps.assignment.manage\",\n        \"okta.users.manage\",\n        \"okta.apps.manage\",\n    ])\ntest_swa = okta.app.Swa(\"test\",\n    label=\"My SWA App\",\n    button_field=\"btn-login\",\n    password_field=\"txtbox-password\",\n    username_field=\"txtbox-username\",\n    url=\"https://example.com/login.html\")\ntest_resource_set = okta.ResourceSet(\"test\",\n    label=\"UsersWithApp\",\n    description=\"All the users and SWA app\",\n    resources=[\n        std.index.format(input=\"%s/api/v1/users\",\n            args=[org_url])[\"result\"],\n        std.index.format(input=\"%s/api/v1/apps/%s\",\n            args=[\n                org_url,\n                test_swa.id,\n            ])[\"result\"],\n    ])\n# this user will have `CUSTOM` role assigned, but it won't appear in the `admin_roles` for that user,\n# since direct assignment of custom roles is not allowed\ntest_user = okta.user.User(\"test\",\n    first_name=\"Paul\",\n    last_name=\"Atreides\",\n    login=\"no-reply@caladan.planet\",\n    email=\"no-reply@caladan.planet\")\ntest_group = okta.group.Group(\"test\",\n    name=\"General\",\n    description=\"General Group\")\n# this user and group will manage the set of resources based on the permissions specified in the custom role\ntest_admin_role_custom_assignments = okta.AdminRoleCustomAssignments(\"test\",\n    resource_set_id=test_resource_set.id,\n    custom_role_id=test.id,\n    members=[\n        std.index.format(input=\"%s/api/v1/users/%s\",\n            args=[\n                org_url,\n                test_user.id,\n            ])[\"result\"],\n        std.index.format(input=\"%s/api/v1/groups/%s\",\n            args=[\n                org_url,\n                test_group.id,\n            ])[\"result\"],\n    ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\nusing Std = Pulumi.Std;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var orgUrl = \"https://mycompany.okta.com\";\n\n    var test = new Okta.AdminRoleCustom(\"test\", new()\n    {\n        Label = \"SomeUsersAndApps\",\n        Description = \"Manage apps assignments and users\",\n        Permissions = new[]\n        {\n            \"okta.apps.assignment.manage\",\n            \"okta.users.manage\",\n            \"okta.apps.manage\",\n        },\n    });\n\n    var testSwa = new Okta.App.Swa(\"test\", new()\n    {\n        Label = \"My SWA App\",\n        ButtonField = \"btn-login\",\n        PasswordField = \"txtbox-password\",\n        UsernameField = \"txtbox-username\",\n        Url = \"https://example.com/login.html\",\n    });\n\n    var testResourceSet = new Okta.ResourceSet(\"test\", new()\n    {\n        Label = \"UsersWithApp\",\n        Description = \"All the users and SWA app\",\n        Resources = new[]\n        {\n            Std.Index.Format.Invoke(new()\n            {\n                Input = \"%s/api/v1/users\",\n                Args = new[]\n                {\n                    orgUrl,\n                },\n            }).Result,\n            Std.Index.Format.Invoke(new()\n            {\n                Input = \"%s/api/v1/apps/%s\",\n                Args = new[]\n                {\n                    orgUrl,\n                    testSwa.Id,\n                },\n            }).Result,\n        },\n    });\n\n    // this user will have `CUSTOM` role assigned, but it won't appear in the `admin_roles` for that user,\n    // since direct assignment of custom roles is not allowed\n    var testUser = new Okta.User.User(\"test\", new()\n    {\n        FirstName = \"Paul\",\n        LastName = \"Atreides\",\n        Login = \"no-reply@caladan.planet\",\n        Email = \"no-reply@caladan.planet\",\n    });\n\n    var testGroup = new Okta.Group.Group(\"test\", new()\n    {\n        Name = \"General\",\n        Description = \"General Group\",\n    });\n\n    // this user and group will manage the set of resources based on the permissions specified in the custom role\n    var testAdminRoleCustomAssignments = new Okta.AdminRoleCustomAssignments(\"test\", new()\n    {\n        ResourceSetId = testResourceSet.Id,\n        CustomRoleId = test.Id,\n        Members = new[]\n        {\n            Std.Index.Format.Invoke(new()\n            {\n                Input = \"%s/api/v1/users/%s\",\n                Args = new[]\n                {\n                    orgUrl,\n                    testUser.Id,\n                },\n            }).Result,\n            Std.Index.Format.Invoke(new()\n            {\n                Input = \"%s/api/v1/groups/%s\",\n                Args = new[]\n                {\n                    orgUrl,\n                    testGroup.Id,\n                },\n            }).Result,\n        },\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta\"\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta/app\"\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta/group\"\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta/user\"\n\t\"github.com/pulumi/pulumi-std/sdk/go/std\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\torgUrl := \"https://mycompany.okta.com\"\n\t\ttest, err := okta.NewAdminRoleCustom(ctx, \"test\", \u0026okta.AdminRoleCustomArgs{\n\t\t\tLabel:       pulumi.String(\"SomeUsersAndApps\"),\n\t\t\tDescription: pulumi.String(\"Manage apps assignments and users\"),\n\t\t\tPermissions: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"okta.apps.assignment.manage\"),\n\t\t\t\tpulumi.String(\"okta.users.manage\"),\n\t\t\t\tpulumi.String(\"okta.apps.manage\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestSwa, err := app.NewSwa(ctx, \"test\", \u0026app.SwaArgs{\n\t\t\tLabel:         pulumi.String(\"My SWA App\"),\n\t\t\tButtonField:   pulumi.String(\"btn-login\"),\n\t\t\tPasswordField: pulumi.String(\"txtbox-password\"),\n\t\t\tUsernameField: pulumi.String(\"txtbox-username\"),\n\t\t\tUrl:           pulumi.String(\"https://example.com/login.html\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tinvokeFormat, err := std.Format(ctx, map[string]interface{}{\n\t\t\t\"input\": \"%s/api/v1/users\",\n\t\t\t\"args\": []string{\n\t\t\t\torgUrl,\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tinvokeFormat1, err := std.Format(ctx, map[string]interface{}{\n\t\t\t\"input\": \"%s/api/v1/apps/%s\",\n\t\t\t\"args\": []interface{}{\n\t\t\t\torgUrl,\n\t\t\t\ttestSwa.ID(),\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestResourceSet, err := okta.NewResourceSet(ctx, \"test\", \u0026okta.ResourceSetArgs{\n\t\t\tLabel:       pulumi.String(\"UsersWithApp\"),\n\t\t\tDescription: pulumi.String(\"All the users and SWA app\"),\n\t\t\tResources: pulumi.StringArray{\n\t\t\t\tinvokeFormat.Result,\n\t\t\t\tinvokeFormat1.Result,\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// this user will have `CUSTOM` role assigned, but it won't appear in the `admin_roles` for that user,\n\t\t// since direct assignment of custom roles is not allowed\n\t\ttestUser, err := user.NewUser(ctx, \"test\", \u0026user.UserArgs{\n\t\t\tFirstName: pulumi.String(\"Paul\"),\n\t\t\tLastName:  pulumi.String(\"Atreides\"),\n\t\t\tLogin:     pulumi.String(\"no-reply@caladan.planet\"),\n\t\t\tEmail:     pulumi.String(\"no-reply@caladan.planet\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestGroup, err := group.NewGroup(ctx, \"test\", \u0026group.GroupArgs{\n\t\t\tName:        pulumi.String(\"General\"),\n\t\t\tDescription: pulumi.String(\"General Group\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tinvokeFormat2, err := std.Format(ctx, map[string]interface{}{\n\t\t\t\"input\": \"%s/api/v1/users/%s\",\n\t\t\t\"args\": []interface{}{\n\t\t\t\torgUrl,\n\t\t\t\ttestUser.ID(),\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tinvokeFormat3, err := std.Format(ctx, map[string]interface{}{\n\t\t\t\"input\": \"%s/api/v1/groups/%s\",\n\t\t\t\"args\": []interface{}{\n\t\t\t\torgUrl,\n\t\t\t\ttestGroup.ID(),\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// this user and group will manage the set of resources based on the permissions specified in the custom role\n\t\t_, err = okta.NewAdminRoleCustomAssignments(ctx, \"test\", \u0026okta.AdminRoleCustomAssignmentsArgs{\n\t\t\tResourceSetId: testResourceSet.ID(),\n\t\t\tCustomRoleId:  test.ID(),\n\t\t\tMembers: pulumi.StringArray{\n\t\t\t\tinvokeFormat2.Result,\n\t\t\t\tinvokeFormat3.Result,\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.AdminRoleCustom;\nimport com.pulumi.okta.AdminRoleCustomArgs;\nimport com.pulumi.okta.app.Swa;\nimport com.pulumi.okta.app.SwaArgs;\nimport com.pulumi.okta.ResourceSet;\nimport com.pulumi.okta.ResourceSetArgs;\nimport com.pulumi.std.StdFunctions;\nimport com.pulumi.okta.user.User;\nimport com.pulumi.okta.user.UserArgs;\nimport com.pulumi.okta.group.Group;\nimport com.pulumi.okta.group.GroupArgs;\nimport com.pulumi.okta.AdminRoleCustomAssignments;\nimport com.pulumi.okta.AdminRoleCustomAssignmentsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        final var orgUrl = \"https://mycompany.okta.com\";\n\n        var test = new AdminRoleCustom(\"test\", AdminRoleCustomArgs.builder()\n            .label(\"SomeUsersAndApps\")\n            .description(\"Manage apps assignments and users\")\n            .permissions(            \n                \"okta.apps.assignment.manage\",\n                \"okta.users.manage\",\n                \"okta.apps.manage\")\n            .build());\n\n        var testSwa = new Swa(\"testSwa\", SwaArgs.builder()\n            .label(\"My SWA App\")\n            .buttonField(\"btn-login\")\n            .passwordField(\"txtbox-password\")\n            .usernameField(\"txtbox-username\")\n            .url(\"https://example.com/login.html\")\n            .build());\n\n        var testResourceSet = new ResourceSet(\"testResourceSet\", ResourceSetArgs.builder()\n            .label(\"UsersWithApp\")\n            .description(\"All the users and SWA app\")\n            .resources(            \n                StdFunctions.format(Map.ofEntries(\n                    Map.entry(\"input\", \"%s/api/v1/users\"),\n                    Map.entry(\"args\", orgUrl)\n                )).result(),\n                StdFunctions.format(Map.ofEntries(\n                    Map.entry(\"input\", \"%s/api/v1/apps/%s\"),\n                    Map.entry(\"args\",                     \n                        orgUrl,\n                        testSwa.id())\n                )).result())\n            .build());\n\n        // this user will have `CUSTOM` role assigned, but it won't appear in the `admin_roles` for that user,\n        // since direct assignment of custom roles is not allowed\n        var testUser = new User(\"testUser\", UserArgs.builder()\n            .firstName(\"Paul\")\n            .lastName(\"Atreides\")\n            .login(\"no-reply@caladan.planet\")\n            .email(\"no-reply@caladan.planet\")\n            .build());\n\n        var testGroup = new Group(\"testGroup\", GroupArgs.builder()\n            .name(\"General\")\n            .description(\"General Group\")\n            .build());\n\n        // this user and group will manage the set of resources based on the permissions specified in the custom role\n        var testAdminRoleCustomAssignments = new AdminRoleCustomAssignments(\"testAdminRoleCustomAssignments\", AdminRoleCustomAssignmentsArgs.builder()\n            .resourceSetId(testResourceSet.id())\n            .customRoleId(test.id())\n            .members(            \n                StdFunctions.format(Map.ofEntries(\n                    Map.entry(\"input\", \"%s/api/v1/users/%s\"),\n                    Map.entry(\"args\",                     \n                        orgUrl,\n                        testUser.id())\n                )).result(),\n                StdFunctions.format(Map.ofEntries(\n                    Map.entry(\"input\", \"%s/api/v1/groups/%s\"),\n                    Map.entry(\"args\",                     \n                        orgUrl,\n                        testGroup.id())\n                )).result())\n            .build());\n\n    }\n}\n```\n```yaml\nresources:\n  test:\n    type: okta:AdminRoleCustom\n    properties:\n      label: SomeUsersAndApps\n      description: Manage apps assignments and users\n      permissions:\n        - okta.apps.assignment.manage\n        - okta.users.manage\n        - okta.apps.manage\n  testResourceSet:\n    type: okta:ResourceSet\n    name: test\n    properties:\n      label: UsersWithApp\n      description: All the users and SWA app\n      resources:\n        - fn::invoke:\n            function: std:format\n            arguments:\n              input: '%s/api/v1/users'\n              args:\n                - ${orgUrl}\n            return: result\n        - fn::invoke:\n            function: std:format\n            arguments:\n              input: '%s/api/v1/apps/%s'\n              args:\n                - ${orgUrl}\n                - ${testSwa.id}\n            return: result\n  # this user and group will manage the set of resources based on the permissions specified in the custom role\n  testAdminRoleCustomAssignments:\n    type: okta:AdminRoleCustomAssignments\n    name: test\n    properties:\n      resourceSetId: ${testResourceSet.id}\n      customRoleId: ${test.id}\n      members:\n        - fn::invoke:\n            function: std:format\n            arguments:\n              input: '%s/api/v1/users/%s'\n              args:\n                - ${orgUrl}\n                - ${testUser.id}\n            return: result\n        - fn::invoke:\n            function: std:format\n            arguments:\n              input: '%s/api/v1/groups/%s'\n              args:\n                - ${orgUrl}\n                - ${testGroup.id}\n            return: result\n  # this user will have `CUSTOM` role assigned, but it won't appear in the `admin_roles` for that user,\n  # // since direct assignment of custom roles is not allowed\n  testUser:\n    type: okta:user:User\n    name: test\n    properties:\n      firstName: Paul\n      lastName: Atreides\n      login: no-reply@caladan.planet\n      email: no-reply@caladan.planet\n  testSwa:\n    type: okta:app:Swa\n    name: test\n    properties:\n      label: My SWA App\n      buttonField: btn-login\n      passwordField: txtbox-password\n      usernameField: txtbox-username\n      url: https://example.com/login.html\n  testGroup:\n    type: okta:group:Group\n    name: test\n    properties:\n      name: General\n      description: General Group\nvariables:\n  orgUrl: https://mycompany.okta.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\n```sh\n$ pulumi import okta:index/adminRoleCustomAssignments:AdminRoleCustomAssignments example \u003cresource_set_id\u003e/\u003ccustom_role_id\u003e\n```\n\n","properties":{"customRoleId":{"type":"string","description":"ID of the Custom Role\n"},"members":{"type":"array","items":{"type":"string"},"description":"The hrefs that point to User(s) and/or Group(s) that receive the Role\n"},"resourceSetId":{"type":"string","description":"ID of the target Resource Set\n"}},"required":["customRoleId","resourceSetId"],"inputProperties":{"customRoleId":{"type":"string","description":"ID of the Custom Role\n","willReplaceOnChanges":true},"members":{"type":"array","items":{"type":"string"},"description":"The hrefs that point to User(s) and/or Group(s) that receive the Role\n"},"resourceSetId":{"type":"string","description":"ID of the target Resource Set\n","willReplaceOnChanges":true}},"requiredInputs":["customRoleId","resourceSetId"],"stateInputs":{"description":"Input properties used for looking up and filtering AdminRoleCustomAssignments resources.\n","properties":{"customRoleId":{"type":"string","description":"ID of the Custom Role\n","willReplaceOnChanges":true},"members":{"type":"array","items":{"type":"string"},"description":"The hrefs that point to User(s) and/or Group(s) that receive the Role\n"},"resourceSetId":{"type":"string","description":"ID of the target Resource Set\n","willReplaceOnChanges":true}},"type":"object"}},"okta:index/adminRoleTargets:AdminRoleTargets":{"description":"Manages targets for administrator roles.\n\nThis resource allows you to define permissions for admin roles into a smaller subset of Groups or Apps within your org.\nYou can define admin roles to target Groups, Applications, and Application Instances.\n\n```\nNote 1: you have to assign a role to a user before creating this resource.\n\nNote 2: You can target a mixture of both App and App Instance targets, but can't assign permissions to manage all\n        instances of an App and then a subset of that same App. For example, you can't specify that an admin has access\n        to manage all instances of a Salesforce app and then also specific configurations of the Salesforce app.\n```\n\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst example = new okta.AdminRoleTargets(\"example\", {\n    userId: \"\u003cuser_id\u003e\",\n    roleType: \"APP_ADMIN\",\n    apps: [\n        \"oidc_client.\u003capp_id\u003e\",\n        \"facebook\",\n    ],\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\nexample = okta.AdminRoleTargets(\"example\",\n    user_id=\"\u003cuser_id\u003e\",\n    role_type=\"APP_ADMIN\",\n    apps=[\n        \"oidc_client.\u003capp_id\u003e\",\n        \"facebook\",\n    ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var example = new Okta.AdminRoleTargets(\"example\", new()\n    {\n        UserId = \"\u003cuser_id\u003e\",\n        RoleType = \"APP_ADMIN\",\n        Apps = new[]\n        {\n            \"oidc_client.\u003capp_id\u003e\",\n            \"facebook\",\n        },\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := okta.NewAdminRoleTargets(ctx, \"example\", \u0026okta.AdminRoleTargetsArgs{\n\t\t\tUserId:   pulumi.String(\"\u003cuser_id\u003e\"),\n\t\t\tRoleType: pulumi.String(\"APP_ADMIN\"),\n\t\t\tApps: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"oidc_client.\u003capp_id\u003e\"),\n\t\t\t\tpulumi.String(\"facebook\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.AdminRoleTargets;\nimport com.pulumi.okta.AdminRoleTargetsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        var example = new AdminRoleTargets(\"example\", AdminRoleTargetsArgs.builder()\n            .userId(\"\u003cuser_id\u003e\")\n            .roleType(\"APP_ADMIN\")\n            .apps(            \n                \"oidc_client.\u003capp_id\u003e\",\n                \"facebook\")\n            .build());\n\n    }\n}\n```\n```yaml\nresources:\n  example:\n    type: okta:AdminRoleTargets\n    properties:\n      userId: \u003cuser_id\u003e\n      roleType: APP_ADMIN\n      apps:\n        - oidc_client.\u003capp_id\u003e\n        - facebook\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\n```sh\n$ pulumi import okta:index/adminRoleTargets:AdminRoleTargets example \u003cuser_id\u003e/\u003crole_type\u003e\n```\n\n","properties":{"apps":{"type":"array","items":{"type":"string"},"description":"List of app names (name represents set of app instances) or a combination of app name and app instance ID (like 'salesforce' or 'facebook.0oapsqQ6dv19pqyEo0g3')\n"},"groups":{"type":"array","items":{"type":"string"},"description":"List of group IDs. Conflicts with apps\n"},"roleId":{"type":"string","description":"ID of a role\n"},"roleType":{"type":"string","description":"Type of the role that is assigned to the user and supports optional targets. See [API Docs](https://developer.okta.com/docs/api/openapi/okta-management/guides/roles/#standard-roles)\n"},"userId":{"type":"string","description":"User associated with the role\n"}},"required":["roleId","roleType","userId"],"inputProperties":{"apps":{"type":"array","items":{"type":"string"},"description":"List of app names (name represents set of app instances) or a combination of app name and app instance ID (like 'salesforce' or 'facebook.0oapsqQ6dv19pqyEo0g3')\n"},"groups":{"type":"array","items":{"type":"string"},"description":"List of group IDs. Conflicts with apps\n"},"roleType":{"type":"string","description":"Type of the role that is assigned to the user and supports optional targets. See [API Docs](https://developer.okta.com/docs/api/openapi/okta-management/guides/roles/#standard-roles)\n","willReplaceOnChanges":true},"userId":{"type":"string","description":"User associated with the role\n","willReplaceOnChanges":true}},"requiredInputs":["roleType","userId"],"stateInputs":{"description":"Input properties used for looking up and filtering AdminRoleTargets resources.\n","properties":{"apps":{"type":"array","items":{"type":"string"},"description":"List of app names (name represents set of app instances) or a combination of app name and app instance ID (like 'salesforce' or 'facebook.0oapsqQ6dv19pqyEo0g3')\n"},"groups":{"type":"array","items":{"type":"string"},"description":"List of group IDs. Conflicts with apps\n"},"roleId":{"type":"string","description":"ID of a role\n"},"roleType":{"type":"string","description":"Type of the role that is assigned to the user and supports optional targets. See [API Docs](https://developer.okta.com/docs/api/openapi/okta-management/guides/roles/#standard-roles)\n","willReplaceOnChanges":true},"userId":{"type":"string","description":"User associated with the role\n","willReplaceOnChanges":true}},"type":"object"}},"okta:index/agentPoolUpdate:AgentPoolUpdate":{"description":"Manages an Okta Agent Pool Update. Agent pool updates allow you to schedule and manage updates for agent pools.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst example = new okta.AgentPoolUpdate(\"example\", {\n    name: \"scheduled_update\",\n    agentType: \"AD\",\n    notifyAdmins: true,\n    poolId: \"0oaspf3cfatE1nDO31d7\",\n    agents: [{\n        id: \"a53slzqkptH2xEJ1r1d7\",\n        poolId: \"0oaspf3cfatE1nDO31d7\",\n    }],\n    schedule: {\n        cron: \"0 3 * * MON\",\n        timezone: \"America/Los_Angeles\",\n        delay: 0,\n        duration: 1020,\n    },\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\nexample = okta.AgentPoolUpdate(\"example\",\n    name=\"scheduled_update\",\n    agent_type=\"AD\",\n    notify_admins=True,\n    pool_id=\"0oaspf3cfatE1nDO31d7\",\n    agents=[{\n        \"id\": \"a53slzqkptH2xEJ1r1d7\",\n        \"pool_id\": \"0oaspf3cfatE1nDO31d7\",\n    }],\n    schedule={\n        \"cron\": \"0 3 * * MON\",\n        \"timezone\": \"America/Los_Angeles\",\n        \"delay\": 0,\n        \"duration\": 1020,\n    })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var example = new Okta.AgentPoolUpdate(\"example\", new()\n    {\n        Name = \"scheduled_update\",\n        AgentType = \"AD\",\n        NotifyAdmins = true,\n        PoolId = \"0oaspf3cfatE1nDO31d7\",\n        Agents = new[]\n        {\n            new Okta.Inputs.AgentPoolUpdateAgentArgs\n            {\n                Id = \"a53slzqkptH2xEJ1r1d7\",\n                PoolId = \"0oaspf3cfatE1nDO31d7\",\n            },\n        },\n        Schedule = new Okta.Inputs.AgentPoolUpdateScheduleArgs\n        {\n            Cron = \"0 3 * * MON\",\n            Timezone = \"America/Los_Angeles\",\n            Delay = 0,\n            Duration = 1020,\n        },\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := okta.NewAgentPoolUpdate(ctx, \"example\", \u0026okta.AgentPoolUpdateArgs{\n\t\t\tName:         pulumi.String(\"scheduled_update\"),\n\t\t\tAgentType:    pulumi.String(\"AD\"),\n\t\t\tNotifyAdmins: pulumi.Bool(true),\n\t\t\tPoolId:       pulumi.String(\"0oaspf3cfatE1nDO31d7\"),\n\t\t\tAgents: okta.AgentPoolUpdateAgentArray{\n\t\t\t\t\u0026okta.AgentPoolUpdateAgentArgs{\n\t\t\t\t\tId:     pulumi.String(\"a53slzqkptH2xEJ1r1d7\"),\n\t\t\t\t\tPoolId: pulumi.String(\"0oaspf3cfatE1nDO31d7\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tSchedule: \u0026okta.AgentPoolUpdateScheduleArgs{\n\t\t\t\tCron:     pulumi.String(\"0 3 * * MON\"),\n\t\t\t\tTimezone: pulumi.String(\"America/Los_Angeles\"),\n\t\t\t\tDelay:    pulumi.Int(0),\n\t\t\t\tDuration: pulumi.Int(1020),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.AgentPoolUpdate;\nimport com.pulumi.okta.AgentPoolUpdateArgs;\nimport com.pulumi.okta.inputs.AgentPoolUpdateAgentArgs;\nimport com.pulumi.okta.inputs.AgentPoolUpdateScheduleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        var example = new AgentPoolUpdate(\"example\", AgentPoolUpdateArgs.builder()\n            .name(\"scheduled_update\")\n            .agentType(\"AD\")\n            .notifyAdmins(true)\n            .poolId(\"0oaspf3cfatE1nDO31d7\")\n            .agents(AgentPoolUpdateAgentArgs.builder()\n                .id(\"a53slzqkptH2xEJ1r1d7\")\n                .poolId(\"0oaspf3cfatE1nDO31d7\")\n                .build())\n            .schedule(AgentPoolUpdateScheduleArgs.builder()\n                .cron(\"0 3 * * MON\")\n                .timezone(\"America/Los_Angeles\")\n                .delay(0)\n                .duration(1020)\n                .build())\n            .build());\n\n    }\n}\n```\n```yaml\nresources:\n  example:\n    type: okta:AgentPoolUpdate\n    properties:\n      name: scheduled_update\n      agentType: AD\n      notifyAdmins: true\n      poolId: 0oaspf3cfatE1nDO31d7\n      agents:\n        - id: a53slzqkptH2xEJ1r1d7\n          poolId: 0oaspf3cfatE1nDO31d7\n      schedule:\n        cron: 0 3 * * MON\n        timezone: America/Los_Angeles\n        delay: 0\n        duration: 1020\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\n```sh\n$ pulumi import okta:index/agentPoolUpdate:AgentPoolUpdate example \u003cpool_id\u003e/\u003cupdate_id\u003e\n```\n\n","properties":{"agentType":{"type":"string","description":"Agent types that are being monitored (e.g., AD, IWA, LDAP, MFA, OPP, RUM, Radius).\n"},"agents":{"type":"array","items":{"$ref":"#/types/okta:index/AgentPoolUpdateAgent:AgentPoolUpdateAgent"},"description":"The agents associated with the agent pool update.\n"},"description":{"type":"string","description":"The description of the agent pool update.\n"},"enabled":{"type":"boolean","description":"Whether auto-update is enabled for the agent pool.\n"},"name":{"type":"string","description":"The name of the agent pool update.\n"},"notifyAdmins":{"type":"boolean","description":"Whether to notify admins about the update.\n"},"notifyOnCompletion":{"type":"boolean","description":"Whether to send notifications when the update completes.\n"},"poolId":{"type":"string","description":"The unique identifier of the agent pool to update.\n"},"reason":{"type":"string","description":"Reason for the update.\n"},"schedule":{"$ref":"#/types/okta:index/AgentPoolUpdateSchedule:AgentPoolUpdateSchedule","description":"The schedule configuration for the agent pool update.\n"},"sortOrder":{"type":"integer","description":"Specifies the sort order.\n"},"status":{"type":"string","description":"The status of the agent pool update (e.g., Scheduled, InProgress, Completed, Failed).\n"},"targetVersion":{"type":"string","description":"The agent version to update to.\n"}},"required":["enabled","name","poolId","reason","sortOrder","status","targetVersion"],"inputProperties":{"agentType":{"type":"string","description":"Agent types that are being monitored (e.g., AD, IWA, LDAP, MFA, OPP, RUM, Radius).\n"},"agents":{"type":"array","items":{"$ref":"#/types/okta:index/AgentPoolUpdateAgent:AgentPoolUpdateAgent"},"description":"The agents associated with the agent pool update.\n"},"description":{"type":"string","description":"The description of the agent pool update.\n"},"enabled":{"type":"boolean","description":"Whether auto-update is enabled for the agent pool.\n"},"name":{"type":"string","description":"The name of the agent pool update.\n"},"notifyAdmins":{"type":"boolean","description":"Whether to notify admins about the update.\n"},"notifyOnCompletion":{"type":"boolean","description":"Whether to send notifications when the update completes.\n"},"poolId":{"type":"string","description":"The unique identifier of the agent pool to update.\n"},"reason":{"type":"string","description":"Reason for the update.\n"},"schedule":{"$ref":"#/types/okta:index/AgentPoolUpdateSchedule:AgentPoolUpdateSchedule","description":"The schedule configuration for the agent pool update.\n"},"sortOrder":{"type":"integer","description":"Specifies the sort order.\n"},"targetVersion":{"type":"string","description":"The agent version to update to.\n"}},"requiredInputs":["poolId"],"stateInputs":{"description":"Input properties used for looking up and filtering AgentPoolUpdate resources.\n","properties":{"agentType":{"type":"string","description":"Agent types that are being monitored (e.g., AD, IWA, LDAP, MFA, OPP, RUM, Radius).\n"},"agents":{"type":"array","items":{"$ref":"#/types/okta:index/AgentPoolUpdateAgent:AgentPoolUpdateAgent"},"description":"The agents associated with the agent pool update.\n"},"description":{"type":"string","description":"The description of the agent pool update.\n"},"enabled":{"type":"boolean","description":"Whether auto-update is enabled for the agent pool.\n"},"name":{"type":"string","description":"The name of the agent pool update.\n"},"notifyAdmins":{"type":"boolean","description":"Whether to notify admins about the update.\n"},"notifyOnCompletion":{"type":"boolean","description":"Whether to send notifications when the update completes.\n"},"poolId":{"type":"string","description":"The unique identifier of the agent pool to update.\n"},"reason":{"type":"string","description":"Reason for the update.\n"},"schedule":{"$ref":"#/types/okta:index/AgentPoolUpdateSchedule:AgentPoolUpdateSchedule","description":"The schedule configuration for the agent pool update.\n"},"sortOrder":{"type":"integer","description":"Specifies the sort order.\n"},"status":{"type":"string","description":"The status of the agent pool update (e.g., Scheduled, InProgress, Completed, Failed).\n"},"targetVersion":{"type":"string","description":"The agent version to update to.\n"}},"type":"object"}},"okta:index/apiServiceIntegration:ApiServiceIntegration":{"description":"##                                                                                   ---\n\npage_title: \"Resource:\u003cspan pulumi-lang-nodejs=\" okta.ApiServiceIntegration\"\" pulumi-lang-dotnet=\" okta.ApiServiceIntegration\"\" pulumi-lang-go=\" ApiServiceIntegration\"\" pulumi-lang-python=\" ApiServiceIntegration\"\" pulumi-lang-yaml=\" okta.ApiServiceIntegration\"\" pulumi-lang-java=\" okta.ApiServiceIntegration\"\"\u003e okta.ApiServiceIntegration\"\u003c/span\u003e\ndescription: |-\n  \n---\n\n# Resource:\u003cspan pulumi-lang-nodejs=\" okta.ApiServiceIntegration\n\" pulumi-lang-dotnet=\" okta.ApiServiceIntegration\n\" pulumi-lang-go=\" ApiServiceIntegration\n\" pulumi-lang-python=\" ApiServiceIntegration\n\" pulumi-lang-yaml=\" okta.ApiServiceIntegration\n\" pulumi-lang-java=\" okta.ApiServiceIntegration\n\"\u003e okta.ApiServiceIntegration\n\u003c/span\u003e\n\n\nThis API provides operations to manage API service integration instances in your org.\n\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst example = new okta.ApiServiceIntegration(\"example\", {\n    type: \"anzennaapiservice\",\n    grantedScopes: [\n        {\n            scope: \"okta.users.read\",\n        },\n        {\n            scope: \"okta.groups.read\",\n        },\n        {\n            scope: \"okta.logs.read\",\n        },\n    ],\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\nexample = okta.ApiServiceIntegration(\"example\",\n    type=\"anzennaapiservice\",\n    granted_scopes=[\n        {\n            \"scope\": \"okta.users.read\",\n        },\n        {\n            \"scope\": \"okta.groups.read\",\n        },\n        {\n            \"scope\": \"okta.logs.read\",\n        },\n    ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var example = new Okta.ApiServiceIntegration(\"example\", new()\n    {\n        Type = \"anzennaapiservice\",\n        GrantedScopes = new[]\n        {\n            new Okta.Inputs.ApiServiceIntegrationGrantedScopeArgs\n            {\n                Scope = \"okta.users.read\",\n            },\n            new Okta.Inputs.ApiServiceIntegrationGrantedScopeArgs\n            {\n                Scope = \"okta.groups.read\",\n            },\n            new Okta.Inputs.ApiServiceIntegrationGrantedScopeArgs\n            {\n                Scope = \"okta.logs.read\",\n            },\n        },\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := okta.NewApiServiceIntegration(ctx, \"example\", \u0026okta.ApiServiceIntegrationArgs{\n\t\t\tType: pulumi.String(\"anzennaapiservice\"),\n\t\t\tGrantedScopes: okta.ApiServiceIntegrationGrantedScopeArray{\n\t\t\t\t\u0026okta.ApiServiceIntegrationGrantedScopeArgs{\n\t\t\t\t\tScope: pulumi.String(\"okta.users.read\"),\n\t\t\t\t},\n\t\t\t\t\u0026okta.ApiServiceIntegrationGrantedScopeArgs{\n\t\t\t\t\tScope: pulumi.String(\"okta.groups.read\"),\n\t\t\t\t},\n\t\t\t\t\u0026okta.ApiServiceIntegrationGrantedScopeArgs{\n\t\t\t\t\tScope: pulumi.String(\"okta.logs.read\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.ApiServiceIntegration;\nimport com.pulumi.okta.ApiServiceIntegrationArgs;\nimport com.pulumi.okta.inputs.ApiServiceIntegrationGrantedScopeArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        var example = new ApiServiceIntegration(\"example\", ApiServiceIntegrationArgs.builder()\n            .type(\"anzennaapiservice\")\n            .grantedScopes(            \n                ApiServiceIntegrationGrantedScopeArgs.builder()\n                    .scope(\"okta.users.read\")\n                    .build(),\n                ApiServiceIntegrationGrantedScopeArgs.builder()\n                    .scope(\"okta.groups.read\")\n                    .build(),\n                ApiServiceIntegrationGrantedScopeArgs.builder()\n                    .scope(\"okta.logs.read\")\n                    .build())\n            .build());\n\n    }\n}\n```\n```yaml\nresources:\n  example:\n    type: okta:ApiServiceIntegration\n    properties:\n      type: anzennaapiservice\n      grantedScopes:\n        - scope: okta.users.read\n        - scope: okta.groups.read\n        - scope: okta.logs.read\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\n```sh\n$ pulumi import okta:index/apiServiceIntegration:ApiServiceIntegration example \u003capi_service_integration_id\u003e\n```\n\n","properties":{"grantedScopes":{"type":"array","items":{"$ref":"#/types/okta:index/ApiServiceIntegrationGrantedScope:ApiServiceIntegrationGrantedScope"},"description":"The list of Okta management scopes granted to the API Service Integration instance."},"name":{"type":"string","description":"The name of the API service integration that corresponds with the type property.\n"},"type":{"type":"string","description":"The type of the API service integration. This string is an underscore-concatenated, lowercased API service integration name.\n"}},"required":["name","type"],"inputProperties":{"grantedScopes":{"type":"array","items":{"$ref":"#/types/okta:index/ApiServiceIntegrationGrantedScope:ApiServiceIntegrationGrantedScope"},"description":"The list of Okta management scopes granted to the API Service Integration instance."},"type":{"type":"string","description":"The type of the API service integration. This string is an underscore-concatenated, lowercased API service integration name.\n"}},"requiredInputs":["type"],"stateInputs":{"description":"Input properties used for looking up and filtering ApiServiceIntegration resources.\n","properties":{"grantedScopes":{"type":"array","items":{"$ref":"#/types/okta:index/ApiServiceIntegrationGrantedScope:ApiServiceIntegrationGrantedScope"},"description":"The list of Okta management scopes granted to the API Service Integration instance."},"name":{"type":"string","description":"The name of the API service integration that corresponds with the type property.\n"},"type":{"type":"string","description":"The type of the API service integration. This string is an underscore-concatenated, lowercased API service integration name.\n"}},"type":"object"}},"okta:index/apiToken:ApiToken":{"description":"## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst example = new okta.ApiToken(\"example\", {\n    idProperty: \"00T1fxzubpqiepH11d38\",\n    name: \"token-api-token-test\",\n    userId: \"00unkw1sfbTw08c0g1d7\",\n    network: {\n        connection: \"ZONE\",\n        excludes: [\"nzonkw1sfwwi79Hat2d7\"],\n    },\n    clientName: \"Okta API\",\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\nexample = okta.ApiToken(\"example\",\n    id_property=\"00T1fxzubpqiepH11d38\",\n    name=\"token-api-token-test\",\n    user_id=\"00unkw1sfbTw08c0g1d7\",\n    network={\n        \"connection\": \"ZONE\",\n        \"excludes\": [\"nzonkw1sfwwi79Hat2d7\"],\n    },\n    client_name=\"Okta API\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var example = new Okta.ApiToken(\"example\", new()\n    {\n        IdProperty = \"00T1fxzubpqiepH11d38\",\n        Name = \"token-api-token-test\",\n        UserId = \"00unkw1sfbTw08c0g1d7\",\n        Network = new Okta.Inputs.ApiTokenNetworkArgs\n        {\n            Connection = \"ZONE\",\n            Excludes = new[]\n            {\n                \"nzonkw1sfwwi79Hat2d7\",\n            },\n        },\n        ClientName = \"Okta API\",\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := okta.NewApiToken(ctx, \"example\", \u0026okta.ApiTokenArgs{\n\t\t\tIdProperty: pulumi.String(\"00T1fxzubpqiepH11d38\"),\n\t\t\tName:       pulumi.String(\"token-api-token-test\"),\n\t\t\tUserId:     pulumi.String(\"00unkw1sfbTw08c0g1d7\"),\n\t\t\tNetwork: \u0026okta.ApiTokenNetworkArgs{\n\t\t\t\tConnection: pulumi.String(\"ZONE\"),\n\t\t\t\tExcludes: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"nzonkw1sfwwi79Hat2d7\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tClientName: pulumi.String(\"Okta API\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.ApiToken;\nimport com.pulumi.okta.ApiTokenArgs;\nimport com.pulumi.okta.inputs.ApiTokenNetworkArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        var example = new ApiToken(\"example\", ApiTokenArgs.builder()\n            .idProperty(\"00T1fxzubpqiepH11d38\")\n            .name(\"token-api-token-test\")\n            .userId(\"00unkw1sfbTw08c0g1d7\")\n            .network(ApiTokenNetworkArgs.builder()\n                .connection(\"ZONE\")\n                .excludes(\"nzonkw1sfwwi79Hat2d7\")\n                .build())\n            .clientName(\"Okta API\")\n            .build());\n\n    }\n}\n```\n```yaml\nresources:\n  example:\n    type: okta:ApiToken\n    properties:\n      idProperty: 00T1fxzubpqiepH11d38\n      name: token-api-token-test\n      userId: 00unkw1sfbTw08c0g1d7\n      network:\n        connection: ZONE\n        excludes:\n          - nzonkw1sfwwi79Hat2d7\n      clientName: Okta API\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Nested Schema for network\n\n### Optional:\n- \u003cspan pulumi-lang-nodejs=\"`connection`\" pulumi-lang-dotnet=\"`Connection`\" pulumi-lang-go=\"`connection`\" pulumi-lang-python=\"`connection`\" pulumi-lang-yaml=\"`connection`\" pulumi-lang-java=\"`connection`\"\u003e`connection`\u003c/span\u003e (String) The connection type of the Network Condition.\n\n### Blocks:\n- \u003cspan pulumi-lang-nodejs=\"`exclude`\" pulumi-lang-dotnet=\"`Exclude`\" pulumi-lang-go=\"`exclude`\" pulumi-lang-python=\"`exclude`\" pulumi-lang-yaml=\"`exclude`\" pulumi-lang-java=\"`exclude`\"\u003e`exclude`\u003c/span\u003e (List of String) List of excluded network zones.\n- \u003cspan pulumi-lang-nodejs=\"`include`\" pulumi-lang-dotnet=\"`Include`\" pulumi-lang-go=\"`include`\" pulumi-lang-python=\"`include`\" pulumi-lang-yaml=\"`include`\" pulumi-lang-java=\"`include`\"\u003e`include`\u003c/span\u003e (List of String) List of included network zones.\n\n### Import\nAPI tokens can be imported using their ID:\n\n```shell\nterraform import okta_api_token.example \u003capi_token_id\u003e\n```\n","properties":{"clientName":{"type":"string","description":"The name of the API token client.\n"},"created":{"type":"string","description":"The date and time the API token was created.\n"},"idProperty":{"type":"string","description":"The ID of the API token.\n"},"name":{"type":"string","description":"The name of the API token.\n"},"network":{"$ref":"#/types/okta:index/ApiTokenNetwork:ApiTokenNetwork","description":"The Network Condition of the API Token.\n"},"userId":{"type":"string","description":"The userId of the user who created the API Token.\n"}},"required":["clientName","created","idProperty","name","userId"],"inputProperties":{"clientName":{"type":"string","description":"The name of the API token client.\n"},"created":{"type":"string","description":"The date and time the API token was created.\n"},"idProperty":{"type":"string","description":"The ID of the API token.\n"},"name":{"type":"string","description":"The name of the API token.\n"},"network":{"$ref":"#/types/okta:index/ApiTokenNetwork:ApiTokenNetwork","description":"The Network Condition of the API Token.\n"},"userId":{"type":"string","description":"The userId of the user who created the API Token.\n"}},"requiredInputs":["idProperty"],"stateInputs":{"description":"Input properties used for looking up and filtering ApiToken resources.\n","properties":{"clientName":{"type":"string","description":"The name of the API token client.\n"},"created":{"type":"string","description":"The date and time the API token was created.\n"},"idProperty":{"type":"string","description":"The ID of the API token.\n"},"name":{"type":"string","description":"The name of the API token.\n"},"network":{"$ref":"#/types/okta:index/ApiTokenNetwork:ApiTokenNetwork","description":"The Network Condition of the API Token.\n"},"userId":{"type":"string","description":"The userId of the user who created the API Token.\n"}},"type":"object"}},"okta:index/appGroupAssignments:AppGroupAssignments":{"description":"Assigns groups to an application. This resource allows you to create multiple App Group assignments.\n\n**Important**: Do not use in conjunction with\u003cspan pulumi-lang-nodejs=\" forEach\n\" pulumi-lang-dotnet=\" ForEach\n\" pulumi-lang-go=\" forEach\n\" pulumi-lang-python=\" for_each\n\" pulumi-lang-yaml=\" forEach\n\" pulumi-lang-java=\" forEach\n\"\u003e for_each\n\u003c/span\u003e\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst example = new okta.AppGroupAssignments(\"example\", {\n    appId: \"\u003capp id\u003e\",\n    groups: [\n        {\n            id: \"\u003cgroup id\u003e\",\n            priority: 1,\n        },\n        {\n            id: \"\u003canother group id\u003e\",\n            priority: 2,\n            profile: JSON.stringify({\n                \"application profile field\": \"application profile value\",\n            }),\n        },\n    ],\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_okta as okta\n\nexample = okta.AppGroupAssignments(\"example\",\n    app_id=\"\u003capp id\u003e\",\n    groups=[\n        {\n            \"id\": \"\u003cgroup id\u003e\",\n            \"priority\": 1,\n        },\n        {\n            \"id\": \"\u003canother group id\u003e\",\n            \"priority\": 2,\n            \"profile\": json.dumps({\n                \"application profile field\": \"application profile value\",\n            }),\n        },\n    ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var example = new Okta.AppGroupAssignments(\"example\", new()\n    {\n        AppId = \"\u003capp id\u003e\",\n        Groups = new[]\n        {\n            new Okta.Inputs.AppGroupAssignmentsGroupArgs\n            {\n                Id = \"\u003cgroup id\u003e\",\n                Priority = 1,\n            },\n            new Okta.Inputs.AppGroupAssignmentsGroupArgs\n            {\n                Id = \"\u003canother group id\u003e\",\n                Priority = 2,\n                Profile = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n                {\n                    [\"application profile field\"] = \"application profile value\",\n                }),\n            },\n        },\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"application profile field\": \"application profile value\",\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = okta.NewAppGroupAssignments(ctx, \"example\", \u0026okta.AppGroupAssignmentsArgs{\n\t\t\tAppId: pulumi.String(\"\u003capp id\u003e\"),\n\t\t\tGroups: okta.AppGroupAssignmentsGroupArray{\n\t\t\t\t\u0026okta.AppGroupAssignmentsGroupArgs{\n\t\t\t\t\tId:       pulumi.String(\"\u003cgroup id\u003e\"),\n\t\t\t\t\tPriority: pulumi.Int(1),\n\t\t\t\t},\n\t\t\t\t\u0026okta.AppGroupAssignmentsGroupArgs{\n\t\t\t\t\tId:       pulumi.String(\"\u003canother group id\u003e\"),\n\t\t\t\t\tPriority: pulumi.Int(2),\n\t\t\t\t\tProfile:  pulumi.String(json0),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.AppGroupAssignments;\nimport com.pulumi.okta.AppGroupAssignmentsArgs;\nimport com.pulumi.okta.inputs.AppGroupAssignmentsGroupArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        var example = new AppGroupAssignments(\"example\", AppGroupAssignmentsArgs.builder()\n            .appId(\"\u003capp id\u003e\")\n            .groups(            \n                AppGroupAssignmentsGroupArgs.builder()\n                    .id(\"\u003cgroup id\u003e\")\n                    .priority(1)\n                    .build(),\n                AppGroupAssignmentsGroupArgs.builder()\n                    .id(\"\u003canother group id\u003e\")\n                    .priority(2)\n                    .profile(serializeJson(\n                        jsonObject(\n                            jsonProperty(\"application profile field\", \"application profile value\")\n                        )))\n                    .build())\n            .build());\n\n    }\n}\n```\n```yaml\nresources:\n  example:\n    type: okta:AppGroupAssignments\n    properties:\n      appId: \u003capp id\u003e\n      groups:\n        - id: \u003cgroup id\u003e\n          priority: 1\n        - id: \u003canother group id\u003e\n          priority: 2\n          profile:\n            fn::toJSON:\n              application profile field: application profile value\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\n```sh\n$ pulumi import okta:index/appGroupAssignments:AppGroupAssignments example \u003capp_id\u003e\n```\n\n","properties":{"appId":{"type":"string","description":"The ID of the application to assign a group to.\n"},"groups":{"type":"array","items":{"$ref":"#/types/okta:index/AppGroupAssignmentsGroup:AppGroupAssignmentsGroup"},"description":"A group to assign to this application\n"}},"required":["appId"],"inputProperties":{"appId":{"type":"string","description":"The ID of the application to assign a group to.\n","willReplaceOnChanges":true},"groups":{"type":"array","items":{"$ref":"#/types/okta:index/AppGroupAssignmentsGroup:AppGroupAssignmentsGroup"},"description":"A group to assign to this application\n"}},"requiredInputs":["appId"],"stateInputs":{"description":"Input properties used for looking up and filtering AppGroupAssignments resources.\n","properties":{"appId":{"type":"string","description":"The ID of the application to assign a group to.\n","willReplaceOnChanges":true},"groups":{"type":"array","items":{"$ref":"#/types/okta:index/AppGroupAssignmentsGroup:AppGroupAssignmentsGroup"},"description":"A group to assign to this application\n"}},"type":"object"}},"okta:index/appOauthApiScope:AppOauthApiScope":{"description":"Manages API scopes for OAuth applications. \nThis resource allows you to grant or revoke API scopes for OAuth2 applications within your organization.\nNote: you have to create an application before using this resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst example = new okta.AppOauthApiScope(\"example\", {\n    appId: \"\u003capplication_id\u003e\",\n    issuer: \"\u003cyour org domain\u003e\",\n    scopes: [\n        \"okta.users.read\",\n        \"okta.users.manage\",\n    ],\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\nexample = okta.AppOauthApiScope(\"example\",\n    app_id=\"\u003capplication_id\u003e\",\n    issuer=\"\u003cyour org domain\u003e\",\n    scopes=[\n        \"okta.users.read\",\n        \"okta.users.manage\",\n    ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var example = new Okta.AppOauthApiScope(\"example\", new()\n    {\n        AppId = \"\u003capplication_id\u003e\",\n        Issuer = \"\u003cyour org domain\u003e\",\n        Scopes = new[]\n        {\n            \"okta.users.read\",\n            \"okta.users.manage\",\n        },\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := okta.NewAppOauthApiScope(ctx, \"example\", \u0026okta.AppOauthApiScopeArgs{\n\t\t\tAppId:  pulumi.String(\"\u003capplication_id\u003e\"),\n\t\t\tIssuer: pulumi.String(\"\u003cyour org domain\u003e\"),\n\t\t\tScopes: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"okta.users.read\"),\n\t\t\t\tpulumi.String(\"okta.users.manage\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.AppOauthApiScope;\nimport com.pulumi.okta.AppOauthApiScopeArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        var example = new AppOauthApiScope(\"example\", AppOauthApiScopeArgs.builder()\n            .appId(\"\u003capplication_id\u003e\")\n            .issuer(\"\u003cyour org domain\u003e\")\n            .scopes(            \n                \"okta.users.read\",\n                \"okta.users.manage\")\n            .build());\n\n    }\n}\n```\n```yaml\nresources:\n  example:\n    type: okta:AppOauthApiScope\n    properties:\n      appId: \u003capplication_id\u003e\n      issuer: \u003cyour org domain\u003e\n      scopes:\n        - okta.users.read\n        - okta.users.manage\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\n```sh\n$ pulumi import okta:index/appOauthApiScope:AppOauthApiScope example \u003capp_id\u003e\n```\n\n","properties":{"appId":{"type":"string","description":"ID of the application.\n"},"issuer":{"type":"string","description":"The issuer of your Org Authorization Server, your Org URL.\n"},"scopes":{"type":"array","items":{"type":"string"},"description":"Scopes of the application for which consent is granted.\n"}},"required":["appId","issuer","scopes"],"inputProperties":{"appId":{"type":"string","description":"ID of the application.\n","willReplaceOnChanges":true},"issuer":{"type":"string","description":"The issuer of your Org Authorization Server, your Org URL.\n"},"scopes":{"type":"array","items":{"type":"string"},"description":"Scopes of the application for which consent is granted.\n"}},"requiredInputs":["appId","issuer","scopes"],"stateInputs":{"description":"Input properties used for looking up and filtering AppOauthApiScope resources.\n","properties":{"appId":{"type":"string","description":"ID of the application.\n","willReplaceOnChanges":true},"issuer":{"type":"string","description":"The issuer of your Org Authorization Server, your Org URL.\n"},"scopes":{"type":"array","items":{"type":"string"},"description":"Scopes of the application for which consent is granted.\n"}},"type":"object"}},"okta:index/appSamlAppSettings:AppSamlAppSettings":{"description":"Manages app settings of the SAML application.\nThis resource allows you to manage app settings of the SAML Application . It's basically the same as\u003cspan pulumi-lang-nodejs=\"\nappSettingsJson \" pulumi-lang-dotnet=\"\nAppSettingsJson \" pulumi-lang-go=\"\nappSettingsJson \" pulumi-lang-python=\"\napp_settings_json \" pulumi-lang-yaml=\"\nappSettingsJson \" pulumi-lang-java=\"\nappSettingsJson \"\u003e\napp_settings_json \u003c/span\u003efield in\u003cspan pulumi-lang-nodejs=\" okta.app.Saml \" pulumi-lang-dotnet=\" okta.app.Saml \" pulumi-lang-go=\" app.Saml \" pulumi-lang-python=\" app.Saml \" pulumi-lang-yaml=\" okta.app.Saml \" pulumi-lang-java=\" okta.app.Saml \"\u003e okta.app.Saml \u003c/span\u003eresource and can be used in cases where settings require to be managed separately.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst test = new okta.app.Saml(\"test\", {\n    preconfiguredApp: \"amazon_aws\",\n    label: \"Amazon AWS\",\n    status: \"ACTIVE\",\n});\nconst testAppSamlAppSettings = new okta.AppSamlAppSettings(\"test\", {\n    appId: test.id,\n    settings: JSON.stringify({\n        appFilter: \"okta\",\n        awsEnvironmentType: \"aws.amazon\",\n        groupFilter: \"aws_(?{{accountid}}\\\\\\\\d+)_(?{{role}}[a-zA-Z0-9+=,.@\\\\\\\\-_]+)\",\n        joinAllRoles: false,\n        loginURL: \"https://console.aws.amazon.com/ec2/home\",\n        roleValuePattern: \"arn:aws:iam::${accountid}:saml-provider/OKTA,arn:aws:iam::${accountid}:role/${role}\",\n        sessionDuration: 3200,\n        useGroupMapping: false,\n    }),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_okta as okta\n\ntest = okta.app.Saml(\"test\",\n    preconfigured_app=\"amazon_aws\",\n    label=\"Amazon AWS\",\n    status=\"ACTIVE\")\ntest_app_saml_app_settings = okta.AppSamlAppSettings(\"test\",\n    app_id=test.id,\n    settings=json.dumps({\n        \"appFilter\": \"okta\",\n        \"awsEnvironmentType\": \"aws.amazon\",\n        \"groupFilter\": \"aws_(?{{accountid}}\\\\\\\\d+)_(?{{role}}[a-zA-Z0-9+=,.@\\\\\\\\-_]+)\",\n        \"joinAllRoles\": False,\n        \"loginURL\": \"https://console.aws.amazon.com/ec2/home\",\n        \"roleValuePattern\": \"arn:aws:iam::${accountid}:saml-provider/OKTA,arn:aws:iam::${accountid}:role/${role}\",\n        \"sessionDuration\": 3200,\n        \"useGroupMapping\": False,\n    }))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var test = new Okta.App.Saml(\"test\", new()\n    {\n        PreconfiguredApp = \"amazon_aws\",\n        Label = \"Amazon AWS\",\n        Status = \"ACTIVE\",\n    });\n\n    var testAppSamlAppSettings = new Okta.AppSamlAppSettings(\"test\", new()\n    {\n        AppId = test.Id,\n        Settings = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n        {\n            [\"appFilter\"] = \"okta\",\n            [\"awsEnvironmentType\"] = \"aws.amazon\",\n            [\"groupFilter\"] = \"aws_(?{{accountid}}\\\\\\\\d+)_(?{{role}}[a-zA-Z0-9+=,.@\\\\\\\\-_]+)\",\n            [\"joinAllRoles\"] = false,\n            [\"loginURL\"] = \"https://console.aws.amazon.com/ec2/home\",\n            [\"roleValuePattern\"] = \"arn:aws:iam::${accountid}:saml-provider/OKTA,arn:aws:iam::${accountid}:role/${role}\",\n            [\"sessionDuration\"] = 3200,\n            [\"useGroupMapping\"] = false,\n        }),\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta\"\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta/app\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttest, err := app.NewSaml(ctx, \"test\", \u0026app.SamlArgs{\n\t\t\tPreconfiguredApp: pulumi.String(\"amazon_aws\"),\n\t\t\tLabel:            pulumi.String(\"Amazon AWS\"),\n\t\t\tStatus:           pulumi.String(\"ACTIVE\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"appFilter\":          \"okta\",\n\t\t\t\"awsEnvironmentType\": \"aws.amazon\",\n\t\t\t\"groupFilter\":        \"aws_(?{{accountid}}\\\\\\\\d+)_(?{{role}}[a-zA-Z0-9+=,.@\\\\\\\\-_]+)\",\n\t\t\t\"joinAllRoles\":       false,\n\t\t\t\"loginURL\":           \"https://console.aws.amazon.com/ec2/home\",\n\t\t\t\"roleValuePattern\":   \"arn:aws:iam::${accountid}:saml-provider/OKTA,arn:aws:iam::${accountid}:role/${role}\",\n\t\t\t\"sessionDuration\":    3200,\n\t\t\t\"useGroupMapping\":    false,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = okta.NewAppSamlAppSettings(ctx, \"test\", \u0026okta.AppSamlAppSettingsArgs{\n\t\t\tAppId:    test.ID(),\n\t\t\tSettings: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.app.Saml;\nimport com.pulumi.okta.app.SamlArgs;\nimport com.pulumi.okta.AppSamlAppSettings;\nimport com.pulumi.okta.AppSamlAppSettingsArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        var test = new Saml(\"test\", SamlArgs.builder()\n            .preconfiguredApp(\"amazon_aws\")\n            .label(\"Amazon AWS\")\n            .status(\"ACTIVE\")\n            .build());\n\n        var testAppSamlAppSettings = new AppSamlAppSettings(\"testAppSamlAppSettings\", AppSamlAppSettingsArgs.builder()\n            .appId(test.id())\n            .settings(serializeJson(\n                jsonObject(\n                    jsonProperty(\"appFilter\", \"okta\"),\n                    jsonProperty(\"awsEnvironmentType\", \"aws.amazon\"),\n                    jsonProperty(\"groupFilter\", \"aws_(?{{accountid}}\\\\\\\\d+)_(?{{role}}[a-zA-Z0-9+=,.@\\\\\\\\-_]+)\"),\n                    jsonProperty(\"joinAllRoles\", false),\n                    jsonProperty(\"loginURL\", \"https://console.aws.amazon.com/ec2/home\"),\n                    jsonProperty(\"roleValuePattern\", \"arn:aws:iam::${accountid}:saml-provider/OKTA,arn:aws:iam::${accountid}:role/${role}\"),\n                    jsonProperty(\"sessionDuration\", 3200),\n                    jsonProperty(\"useGroupMapping\", false)\n                )))\n            .build());\n\n    }\n}\n```\n```yaml\nresources:\n  test:\n    type: okta:app:Saml\n    properties:\n      preconfiguredApp: amazon_aws\n      label: Amazon AWS\n      status: ACTIVE\n  testAppSamlAppSettings:\n    type: okta:AppSamlAppSettings\n    name: test\n    properties:\n      appId: ${test.id}\n      settings:\n        fn::toJSON:\n          appFilter: okta\n          awsEnvironmentType: aws.amazon\n          groupFilter: aws_(?{{accountid}}\\\\d+)_(?{{role}}[a-zA-Z0-9+=,.@\\\\-_]+)\n          joinAllRoles: false\n          loginURL: https://console.aws.amazon.com/ec2/home\n          roleValuePattern: arn:aws:iam::$${accountid}:saml-provider/OKTA,arn:aws:iam::$${accountid}:role/$${role}\n          sessionDuration: 3200\n          useGroupMapping: false\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\n```sh\n$ pulumi import okta:index/appSamlAppSettings:AppSamlAppSettings example \u003capp_id\u003e\n```\n\n","properties":{"appId":{"type":"string","description":"ID of the application.\n"},"settings":{"type":"string","description":"Application settings in JSON format\n"}},"required":["appId","settings"],"inputProperties":{"appId":{"type":"string","description":"ID of the application.\n","willReplaceOnChanges":true},"settings":{"type":"string","description":"Application settings in JSON format\n"}},"requiredInputs":["appId","settings"],"stateInputs":{"description":"Input properties used for looking up and filtering AppSamlAppSettings resources.\n","properties":{"appId":{"type":"string","description":"ID of the application.\n","willReplaceOnChanges":true},"settings":{"type":"string","description":"Application settings in JSON format\n"}},"type":"object"}},"okta:index/appSharedCredentials:AppSharedCredentials":{"description":"Creates a SWA shared credentials app.\nThis resource allows you to create and configure SWA shared credentials app.\n\u003e During an apply if there is change in 'status' the app will first be\nactivated or deactivated in accordance with the 'status' change. Then, all\nother arguments that changed will be applied.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst example = new okta.AppSharedCredentials(\"example\", {\n    label: \"Example App\",\n    status: \"ACTIVE\",\n    buttonField: \"btn-login\",\n    usernameField: \"txtbox-username\",\n    passwordField: \"txtbox-password\",\n    url: \"https://example.com/login.html\",\n    redirectUrl: \"https://example.com/redirect_url\",\n    checkbox: \"checkbox_red\",\n    userNameTemplate: \"user.firstName\",\n    userNameTemplateType: \"CUSTOM\",\n    userNameTemplateSuffix: \"hello\",\n    sharedPassword: \"sharedpass\",\n    sharedUsername: \"sharedusername\",\n    accessibilitySelfService: true,\n    accessibilityErrorRedirectUrl: \"https://example.com/redirect_url_1\",\n    accessibilityLoginRedirectUrl: \"https://example.com/redirect_url_2\",\n    autoSubmitToolbar: true,\n    hideIos: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\nexample = okta.AppSharedCredentials(\"example\",\n    label=\"Example App\",\n    status=\"ACTIVE\",\n    button_field=\"btn-login\",\n    username_field=\"txtbox-username\",\n    password_field=\"txtbox-password\",\n    url=\"https://example.com/login.html\",\n    redirect_url=\"https://example.com/redirect_url\",\n    checkbox=\"checkbox_red\",\n    user_name_template=\"user.firstName\",\n    user_name_template_type=\"CUSTOM\",\n    user_name_template_suffix=\"hello\",\n    shared_password=\"sharedpass\",\n    shared_username=\"sharedusername\",\n    accessibility_self_service=True,\n    accessibility_error_redirect_url=\"https://example.com/redirect_url_1\",\n    accessibility_login_redirect_url=\"https://example.com/redirect_url_2\",\n    auto_submit_toolbar=True,\n    hide_ios=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var example = new Okta.AppSharedCredentials(\"example\", new()\n    {\n        Label = \"Example App\",\n        Status = \"ACTIVE\",\n        ButtonField = \"btn-login\",\n        UsernameField = \"txtbox-username\",\n        PasswordField = \"txtbox-password\",\n        Url = \"https://example.com/login.html\",\n        RedirectUrl = \"https://example.com/redirect_url\",\n        Checkbox = \"checkbox_red\",\n        UserNameTemplate = \"user.firstName\",\n        UserNameTemplateType = \"CUSTOM\",\n        UserNameTemplateSuffix = \"hello\",\n        SharedPassword = \"sharedpass\",\n        SharedUsername = \"sharedusername\",\n        AccessibilitySelfService = true,\n        AccessibilityErrorRedirectUrl = \"https://example.com/redirect_url_1\",\n        AccessibilityLoginRedirectUrl = \"https://example.com/redirect_url_2\",\n        AutoSubmitToolbar = true,\n        HideIos = true,\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := okta.NewAppSharedCredentials(ctx, \"example\", \u0026okta.AppSharedCredentialsArgs{\n\t\t\tLabel:                         pulumi.String(\"Example App\"),\n\t\t\tStatus:                        pulumi.String(\"ACTIVE\"),\n\t\t\tButtonField:                   pulumi.String(\"btn-login\"),\n\t\t\tUsernameField:                 pulumi.String(\"txtbox-username\"),\n\t\t\tPasswordField:                 pulumi.String(\"txtbox-password\"),\n\t\t\tUrl:                           pulumi.String(\"https://example.com/login.html\"),\n\t\t\tRedirectUrl:                   pulumi.String(\"https://example.com/redirect_url\"),\n\t\t\tCheckbox:                      pulumi.String(\"checkbox_red\"),\n\t\t\tUserNameTemplate:              pulumi.String(\"user.firstName\"),\n\t\t\tUserNameTemplateType:          pulumi.String(\"CUSTOM\"),\n\t\t\tUserNameTemplateSuffix:        pulumi.String(\"hello\"),\n\t\t\tSharedPassword:                pulumi.String(\"sharedpass\"),\n\t\t\tSharedUsername:                pulumi.String(\"sharedusername\"),\n\t\t\tAccessibilitySelfService:      pulumi.Bool(true),\n\t\t\tAccessibilityErrorRedirectUrl: pulumi.String(\"https://example.com/redirect_url_1\"),\n\t\t\tAccessibilityLoginRedirectUrl: pulumi.String(\"https://example.com/redirect_url_2\"),\n\t\t\tAutoSubmitToolbar:             pulumi.Bool(true),\n\t\t\tHideIos:                       pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.AppSharedCredentials;\nimport com.pulumi.okta.AppSharedCredentialsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        var example = new AppSharedCredentials(\"example\", AppSharedCredentialsArgs.builder()\n            .label(\"Example App\")\n            .status(\"ACTIVE\")\n            .buttonField(\"btn-login\")\n            .usernameField(\"txtbox-username\")\n            .passwordField(\"txtbox-password\")\n            .url(\"https://example.com/login.html\")\n            .redirectUrl(\"https://example.com/redirect_url\")\n            .checkbox(\"checkbox_red\")\n            .userNameTemplate(\"user.firstName\")\n            .userNameTemplateType(\"CUSTOM\")\n            .userNameTemplateSuffix(\"hello\")\n            .sharedPassword(\"sharedpass\")\n            .sharedUsername(\"sharedusername\")\n            .accessibilitySelfService(true)\n            .accessibilityErrorRedirectUrl(\"https://example.com/redirect_url_1\")\n            .accessibilityLoginRedirectUrl(\"https://example.com/redirect_url_2\")\n            .autoSubmitToolbar(true)\n            .hideIos(true)\n            .build());\n\n    }\n}\n```\n```yaml\nresources:\n  example:\n    type: okta:AppSharedCredentials\n    properties:\n      label: Example App\n      status: ACTIVE\n      buttonField: btn-login\n      usernameField: txtbox-username\n      passwordField: txtbox-password\n      url: https://example.com/login.html\n      redirectUrl: https://example.com/redirect_url\n      checkbox: checkbox_red\n      userNameTemplate: user.firstName\n      userNameTemplateType: CUSTOM\n      userNameTemplateSuffix: hello\n      sharedPassword: sharedpass\n      sharedUsername: sharedusername\n      accessibilitySelfService: true\n      accessibilityErrorRedirectUrl: https://example.com/redirect_url_1\n      accessibilityLoginRedirectUrl: https://example.com/redirect_url_2\n      autoSubmitToolbar: true\n      hideIos: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\n```sh\n$ pulumi import okta:index/appSharedCredentials:AppSharedCredentials example \u003capp_id\u003e\n```\n\n","properties":{"accessibilityErrorRedirectUrl":{"type":"string","description":"Custom error page URL\n"},"accessibilityLoginRedirectUrl":{"type":"string","description":"Custom login page URL\n"},"accessibilitySelfService":{"type":"boolean","description":"Enable self service. Default is \u003cspan pulumi-lang-nodejs=\"`false`\" pulumi-lang-dotnet=\"`False`\" pulumi-lang-go=\"`false`\" pulumi-lang-python=\"`false`\" pulumi-lang-yaml=\"`false`\" pulumi-lang-java=\"`false`\"\u003e`false`\u003c/span\u003e\n"},"adminNote":{"type":"string","description":"Application notes for admins.\n"},"appLinksJson":{"type":"string","description":"Displays specific appLinks for the app. The value for each application link should be boolean.\n"},"autoSubmitToolbar":{"type":"boolean","description":"Display auto submit toolbar\n"},"buttonField":{"type":"string","description":"Login button field\n"},"checkbox":{"type":"string","description":"CSS selector for the checkbox\n"},"enduserNote":{"type":"string","description":"Application notes for end users.\n"},"hideIos":{"type":"boolean","description":"Do not display application icon on mobile app\n"},"hideWeb":{"type":"boolean","description":"Do not display application icon to users\n"},"label":{"type":"string","description":"The Application's display name.\n"},"logo":{"type":"string","description":"Local file path to the logo. The file must be in PNG, JPG, or GIF format, and less than 1 MB in size.\n"},"logoUrl":{"type":"string","description":"URL of the application's logo\n"},"name":{"type":"string","description":"Name of the app.\n"},"passwordField":{"type":"string","description":"Login password field\n"},"preconfiguredApp":{"type":"string","description":"Name of application from the Okta Integration Network, if not included a custom app will be created.\n"},"redirectUrl":{"type":"string","description":"Secondary URL of the sign-in page for this app\n"},"sharedPassword":{"type":"string","description":"Shared password, required for certain schemes.\n"},"sharedUsername":{"type":"string","description":"Shared username, required for certain schemes.\n"},"signOnMode":{"type":"string","description":"Sign on mode of application.\n"},"status":{"type":"string","description":"Status of application. By default, it is `ACTIVE`\n"},"url":{"type":"string","description":"The URL of the sign-in page for this app.\n"},"urlRegex":{"type":"string","description":"A regular expression that further restricts url to the specified regular expression.\n"},"userNameTemplate":{"type":"string","description":"Username template. Default: `${source.login}`\n"},"userNameTemplatePushStatus":{"type":"string","description":"Push username on update. Valid values: `PUSH` and `DONT_PUSH`\n"},"userNameTemplateSuffix":{"type":"string","description":"Username template suffix\n"},"userNameTemplateType":{"type":"string","description":"Username template type. Default: `BUILT_IN`\n"},"usernameField":{"type":"string","description":"Login username field\n"}},"required":["label","logoUrl","name","signOnMode"],"inputProperties":{"accessibilityErrorRedirectUrl":{"type":"string","description":"Custom error page URL\n"},"accessibilityLoginRedirectUrl":{"type":"string","description":"Custom login page URL\n"},"accessibilitySelfService":{"type":"boolean","description":"Enable self service. Default is \u003cspan pulumi-lang-nodejs=\"`false`\" pulumi-lang-dotnet=\"`False`\" pulumi-lang-go=\"`false`\" pulumi-lang-python=\"`false`\" pulumi-lang-yaml=\"`false`\" pulumi-lang-java=\"`false`\"\u003e`false`\u003c/span\u003e\n"},"adminNote":{"type":"string","description":"Application notes for admins.\n"},"appLinksJson":{"type":"string","description":"Displays specific appLinks for the app. The value for each application link should be boolean.\n"},"autoSubmitToolbar":{"type":"boolean","description":"Display auto submit toolbar\n"},"buttonField":{"type":"string","description":"Login button field\n"},"checkbox":{"type":"string","description":"CSS selector for the checkbox\n"},"enduserNote":{"type":"string","description":"Application notes for end users.\n"},"hideIos":{"type":"boolean","description":"Do not display application icon on mobile app\n"},"hideWeb":{"type":"boolean","description":"Do not display application icon to users\n"},"label":{"type":"string","description":"The Application's display name.\n"},"logo":{"type":"string","description":"Local file path to the logo. The file must be in PNG, JPG, or GIF format, and less than 1 MB in size.\n"},"passwordField":{"type":"string","description":"Login password field\n"},"preconfiguredApp":{"type":"string","description":"Name of application from the Okta Integration Network, if not included a custom app will be created.\n"},"redirectUrl":{"type":"string","description":"Secondary URL of the sign-in page for this app\n"},"sharedPassword":{"type":"string","description":"Shared password, required for certain schemes.\n"},"sharedUsername":{"type":"string","description":"Shared username, required for certain schemes.\n"},"status":{"type":"string","description":"Status of application. By default, it is `ACTIVE`\n"},"url":{"type":"string","description":"The URL of the sign-in page for this app.\n"},"urlRegex":{"type":"string","description":"A regular expression that further restricts url to the specified regular expression.\n"},"userNameTemplate":{"type":"string","description":"Username template. Default: `${source.login}`\n"},"userNameTemplatePushStatus":{"type":"string","description":"Push username on update. Valid values: `PUSH` and `DONT_PUSH`\n"},"userNameTemplateSuffix":{"type":"string","description":"Username template suffix\n"},"userNameTemplateType":{"type":"string","description":"Username template type. Default: `BUILT_IN`\n"},"usernameField":{"type":"string","description":"Login username field\n"}},"requiredInputs":["label"],"stateInputs":{"description":"Input properties used for looking up and filtering AppSharedCredentials resources.\n","properties":{"accessibilityErrorRedirectUrl":{"type":"string","description":"Custom error page URL\n"},"accessibilityLoginRedirectUrl":{"type":"string","description":"Custom login page URL\n"},"accessibilitySelfService":{"type":"boolean","description":"Enable self service. Default is \u003cspan pulumi-lang-nodejs=\"`false`\" pulumi-lang-dotnet=\"`False`\" pulumi-lang-go=\"`false`\" pulumi-lang-python=\"`false`\" pulumi-lang-yaml=\"`false`\" pulumi-lang-java=\"`false`\"\u003e`false`\u003c/span\u003e\n"},"adminNote":{"type":"string","description":"Application notes for admins.\n"},"appLinksJson":{"type":"string","description":"Displays specific appLinks for the app. The value for each application link should be boolean.\n"},"autoSubmitToolbar":{"type":"boolean","description":"Display auto submit toolbar\n"},"buttonField":{"type":"string","description":"Login button field\n"},"checkbox":{"type":"string","description":"CSS selector for the checkbox\n"},"enduserNote":{"type":"string","description":"Application notes for end users.\n"},"hideIos":{"type":"boolean","description":"Do not display application icon on mobile app\n"},"hideWeb":{"type":"boolean","description":"Do not display application icon to users\n"},"label":{"type":"string","description":"The Application's display name.\n"},"logo":{"type":"string","description":"Local file path to the logo. The file must be in PNG, JPG, or GIF format, and less than 1 MB in size.\n"},"logoUrl":{"type":"string","description":"URL of the application's logo\n"},"name":{"type":"string","description":"Name of the app.\n"},"passwordField":{"type":"string","description":"Login password field\n"},"preconfiguredApp":{"type":"string","description":"Name of application from the Okta Integration Network, if not included a custom app will be created.\n"},"redirectUrl":{"type":"string","description":"Secondary URL of the sign-in page for this app\n"},"sharedPassword":{"type":"string","description":"Shared password, required for certain schemes.\n"},"sharedUsername":{"type":"string","description":"Shared username, required for certain schemes.\n"},"signOnMode":{"type":"string","description":"Sign on mode of application.\n"},"status":{"type":"string","description":"Status of application. By default, it is `ACTIVE`\n"},"url":{"type":"string","description":"The URL of the sign-in page for this app.\n"},"urlRegex":{"type":"string","description":"A regular expression that further restricts url to the specified regular expression.\n"},"userNameTemplate":{"type":"string","description":"Username template. Default: `${source.login}`\n"},"userNameTemplatePushStatus":{"type":"string","description":"Push username on update. Valid values: `PUSH` and `DONT_PUSH`\n"},"userNameTemplateSuffix":{"type":"string","description":"Username template suffix\n"},"userNameTemplateType":{"type":"string","description":"Username template type. Default: `BUILT_IN`\n"},"usernameField":{"type":"string","description":"Login username field\n"}},"type":"object"}},"okta:index/appSignonPolicy:AppSignonPolicy":{"description":"## Example Usage\n\n## Import\n\n```sh\n$ pulumi import okta:index/appSignonPolicy:AppSignonPolicy example \u003cpolicy_id\u003e\n```\n\n","properties":{"catchAll":{"type":"boolean","description":"If false, the default rule of the policy is set access to `DENY`. Otherwise default behavior of the default rule is to leave access at `ALLOW`.  **WARNING** setting this attribute to false changes policy rule's default behavior. Use at your own risk. This is only applied during creation and does not affect import or update.\n"},"defaultRuleId":{"type":"string","description":"Default rule (system=true) id of the policy\n"},"description":{"type":"string","description":"Description of the policy.\n"},"name":{"type":"string","description":"Name of the policy.\n"},"priority":{"type":"integer","description":"Specifies the order in which this policy is evaluated in relation to the other policies.\n"}},"required":["catchAll","defaultRuleId","description","name","priority"],"inputProperties":{"catchAll":{"type":"boolean","description":"If false, the default rule of the policy is set access to `DENY`. Otherwise default behavior of the default rule is to leave access at `ALLOW`.  **WARNING** setting this attribute to false changes policy rule's default behavior. Use at your own risk. This is only applied during creation and does not affect import or update.\n"},"description":{"type":"string","description":"Description of the policy.\n"},"name":{"type":"string","description":"Name of the policy.\n"},"priority":{"type":"integer","description":"Specifies the order in which this policy is evaluated in relation to the other policies.\n"}},"requiredInputs":["description"],"stateInputs":{"description":"Input properties used for looking up and filtering AppSignonPolicy resources.\n","properties":{"catchAll":{"type":"boolean","description":"If false, the default rule of the policy is set access to `DENY`. Otherwise default behavior of the default rule is to leave access at `ALLOW`.  **WARNING** setting this attribute to false changes policy rule's default behavior. Use at your own risk. This is only applied during creation and does not affect import or update.\n"},"defaultRuleId":{"type":"string","description":"Default rule (system=true) id of the policy\n"},"description":{"type":"string","description":"Description of the policy.\n"},"name":{"type":"string","description":"Name of the policy.\n"},"priority":{"type":"integer","description":"Specifies the order in which this policy is evaluated in relation to the other policies.\n"}},"type":"object"}},"okta:index/appSignonPolicyRule:AppSignonPolicyRule":{"description":"## Example Usage\n\n## Import\n\n```sh\n$ pulumi import okta:index/appSignonPolicyRule:AppSignonPolicyRule example \u003cpolicy_id\u003e/\u003crule_id\u003e\n```\n\n","properties":{"access":{"type":"string","description":"Allow or deny access based on the rule conditions: ALLOW or DENY\n"},"chains":{"type":"array","items":{"type":"string"},"description":"Authentication method chains. Only supports 5 items in the array. Each chain can support maximum 3 steps. To be used only with verification method type `AUTH_METHOD_CHAIN`.\n"},"constraints":{"type":"array","items":{"type":"string"},"description":"An array that contains nested Authenticator Constraint objects that are organized by the Authenticator class\n"},"customExpression":{"type":"string","description":"This is an optional advanced setting. If the expression is formatted incorrectly or conflicts with conditions set above, the rule may not match any users.\n"},"deviceAssurancesIncludeds":{"type":"array","items":{"type":"string"},"description":"List of device assurance IDs to include\n"},"deviceIsManaged":{"type":"boolean","description":"If the device is managed. A device is managed if it's managed by a device management system. When managed is passed, registered must also be included and must be set to true.\n"},"deviceIsRegistered":{"type":"boolean","description":"If the device is registered. A device is registered if the User enrolls with Okta Verify that is installed on the device.\n"},"factorMode":{"type":"string","description":"The number of factors required to satisfy this assurance level\n"},"groupsExcludeds":{"type":"array","items":{"type":"string"},"description":"List of group IDs to exclude\n"},"groupsIncludeds":{"type":"array","items":{"type":"string"},"description":"List of group IDs to include\n"},"inactivityPeriod":{"type":"string","description":"The inactivity duration after which the end user must re-authenticate. Use the ISO 8601 Period format for recurring time intervals.\n"},"name":{"type":"string","description":"Policy Rule Name\n"},"networkConnection":{"type":"string","description":"Network selection mode: ANYWHERE, ZONE, ON*NETWORK, or OFF*NETWORK.\n"},"networkExcludes":{"type":"array","items":{"type":"string"},"description":"The zones to exclude\n"},"networkIncludes":{"type":"array","items":{"type":"string"},"description":"The zones to include\n"},"platformIncludes":{"type":"array","items":{"$ref":"#/types/okta:index/AppSignonPolicyRulePlatformInclude:AppSignonPolicyRulePlatformInclude"}},"policyId":{"type":"string","description":"ID of the policy\n"},"priority":{"type":"integer","description":"Priority of the rule.\n"},"reAuthenticationFrequency":{"type":"string","description":"The duration after which the end user must re-authenticate, regardless of user activity. Use the ISO 8601 Period format for recurring time intervals. PT0S - Every sign-in attempt, PT43800H - Once per session. Cannot be set if reauthenticateIn is set in one or more entries of chains.\n"},"riskScore":{"type":"string","description":"The risk score specifies a particular level of risk to match on: ANY, LOW, MEDIUM, HIGH\n"},"status":{"type":"string","description":"Status of the rule\n"},"system":{"type":"boolean","description":"Often the `Catch-all Rule` this rule is the system (default) rule for its associated policy\n"},"type":{"type":"string","description":"The Verification Method type\n"},"userTypesExcludeds":{"type":"array","items":{"type":"string"},"description":"Set of User Type IDs to exclude\n"},"userTypesIncludeds":{"type":"array","items":{"type":"string"},"description":"Set of User Type IDs to include\n"},"usersExcludeds":{"type":"array","items":{"type":"string"},"description":"Set of User IDs to exclude\n"},"usersIncludeds":{"type":"array","items":{"type":"string"},"description":"Set of User IDs to include\n"}},"required":["name","policyId","riskScore","system"],"inputProperties":{"access":{"type":"string","description":"Allow or deny access based on the rule conditions: ALLOW or DENY\n"},"chains":{"type":"array","items":{"type":"string"},"description":"Authentication method chains. Only supports 5 items in the array. Each chain can support maximum 3 steps. To be used only with verification method type `AUTH_METHOD_CHAIN`.\n"},"constraints":{"type":"array","items":{"type":"string"},"description":"An array that contains nested Authenticator Constraint objects that are organized by the Authenticator class\n"},"customExpression":{"type":"string","description":"This is an optional advanced setting. If the expression is formatted incorrectly or conflicts with conditions set above, the rule may not match any users.\n"},"deviceAssurancesIncludeds":{"type":"array","items":{"type":"string"},"description":"List of device assurance IDs to include\n"},"deviceIsManaged":{"type":"boolean","description":"If the device is managed. A device is managed if it's managed by a device management system. When managed is passed, registered must also be included and must be set to true.\n"},"deviceIsRegistered":{"type":"boolean","description":"If the device is registered. A device is registered if the User enrolls with Okta Verify that is installed on the device.\n"},"factorMode":{"type":"string","description":"The number of factors required to satisfy this assurance level\n"},"groupsExcludeds":{"type":"array","items":{"type":"string"},"description":"List of group IDs to exclude\n"},"groupsIncludeds":{"type":"array","items":{"type":"string"},"description":"List of group IDs to include\n"},"inactivityPeriod":{"type":"string","description":"The inactivity duration after which the end user must re-authenticate. Use the ISO 8601 Period format for recurring time intervals.\n"},"name":{"type":"string","description":"Policy Rule Name\n"},"networkConnection":{"type":"string","description":"Network selection mode: ANYWHERE, ZONE, ON*NETWORK, or OFF*NETWORK.\n"},"networkExcludes":{"type":"array","items":{"type":"string"},"description":"The zones to exclude\n"},"networkIncludes":{"type":"array","items":{"type":"string"},"description":"The zones to include\n"},"platformIncludes":{"type":"array","items":{"$ref":"#/types/okta:index/AppSignonPolicyRulePlatformInclude:AppSignonPolicyRulePlatformInclude"}},"policyId":{"type":"string","description":"ID of the policy\n","willReplaceOnChanges":true},"priority":{"type":"integer","description":"Priority of the rule.\n"},"reAuthenticationFrequency":{"type":"string","description":"The duration after which the end user must re-authenticate, regardless of user activity. Use the ISO 8601 Period format for recurring time intervals. PT0S - Every sign-in attempt, PT43800H - Once per session. Cannot be set if reauthenticateIn is set in one or more entries of chains.\n"},"riskScore":{"type":"string","description":"The risk score specifies a particular level of risk to match on: ANY, LOW, MEDIUM, HIGH\n"},"status":{"type":"string","description":"Status of the rule\n"},"type":{"type":"string","description":"The Verification Method type\n"},"userTypesExcludeds":{"type":"array","items":{"type":"string"},"description":"Set of User Type IDs to exclude\n"},"userTypesIncludeds":{"type":"array","items":{"type":"string"},"description":"Set of User Type IDs to include\n"},"usersExcludeds":{"type":"array","items":{"type":"string"},"description":"Set of User IDs to exclude\n"},"usersIncludeds":{"type":"array","items":{"type":"string"},"description":"Set of User IDs to include\n"}},"requiredInputs":["policyId"],"stateInputs":{"description":"Input properties used for looking up and filtering AppSignonPolicyRule resources.\n","properties":{"access":{"type":"string","description":"Allow or deny access based on the rule conditions: ALLOW or DENY\n"},"chains":{"type":"array","items":{"type":"string"},"description":"Authentication method chains. Only supports 5 items in the array. Each chain can support maximum 3 steps. To be used only with verification method type `AUTH_METHOD_CHAIN`.\n"},"constraints":{"type":"array","items":{"type":"string"},"description":"An array that contains nested Authenticator Constraint objects that are organized by the Authenticator class\n"},"customExpression":{"type":"string","description":"This is an optional advanced setting. If the expression is formatted incorrectly or conflicts with conditions set above, the rule may not match any users.\n"},"deviceAssurancesIncludeds":{"type":"array","items":{"type":"string"},"description":"List of device assurance IDs to include\n"},"deviceIsManaged":{"type":"boolean","description":"If the device is managed. A device is managed if it's managed by a device management system. When managed is passed, registered must also be included and must be set to true.\n"},"deviceIsRegistered":{"type":"boolean","description":"If the device is registered. A device is registered if the User enrolls with Okta Verify that is installed on the device.\n"},"factorMode":{"type":"string","description":"The number of factors required to satisfy this assurance level\n"},"groupsExcludeds":{"type":"array","items":{"type":"string"},"description":"List of group IDs to exclude\n"},"groupsIncludeds":{"type":"array","items":{"type":"string"},"description":"List of group IDs to include\n"},"inactivityPeriod":{"type":"string","description":"The inactivity duration after which the end user must re-authenticate. Use the ISO 8601 Period format for recurring time intervals.\n"},"name":{"type":"string","description":"Policy Rule Name\n"},"networkConnection":{"type":"string","description":"Network selection mode: ANYWHERE, ZONE, ON*NETWORK, or OFF*NETWORK.\n"},"networkExcludes":{"type":"array","items":{"type":"string"},"description":"The zones to exclude\n"},"networkIncludes":{"type":"array","items":{"type":"string"},"description":"The zones to include\n"},"platformIncludes":{"type":"array","items":{"$ref":"#/types/okta:index/AppSignonPolicyRulePlatformInclude:AppSignonPolicyRulePlatformInclude"}},"policyId":{"type":"string","description":"ID of the policy\n","willReplaceOnChanges":true},"priority":{"type":"integer","description":"Priority of the rule.\n"},"reAuthenticationFrequency":{"type":"string","description":"The duration after which the end user must re-authenticate, regardless of user activity. Use the ISO 8601 Period format for recurring time intervals. PT0S - Every sign-in attempt, PT43800H - Once per session. Cannot be set if reauthenticateIn is set in one or more entries of chains.\n"},"riskScore":{"type":"string","description":"The risk score specifies a particular level of risk to match on: ANY, LOW, MEDIUM, HIGH\n"},"status":{"type":"string","description":"Status of the rule\n"},"system":{"type":"boolean","description":"Often the `Catch-all Rule` this rule is the system (default) rule for its associated policy\n"},"type":{"type":"string","description":"The Verification Method type\n"},"userTypesExcludeds":{"type":"array","items":{"type":"string"},"description":"Set of User Type IDs to exclude\n"},"userTypesIncludeds":{"type":"array","items":{"type":"string"},"description":"Set of User Type IDs to include\n"},"usersExcludeds":{"type":"array","items":{"type":"string"},"description":"Set of User IDs to exclude\n"},"usersIncludeds":{"type":"array","items":{"type":"string"},"description":"Set of User IDs to include\n"}},"type":"object"}},"okta:index/appUserBaseSchemaProperty:AppUserBaseSchemaProperty":{"description":"Manages an Application User Base Schema property. This resource allows you to configure a base app user schema property.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst example = new okta.AppUserBaseSchemaProperty(\"example\", {\n    appId: \"\u003capp id\u003e\",\n    index: \"customPropertyName\",\n    title: \"customPropertyName\",\n    type: \"string\",\n    master: \"OKTA\",\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\nexample = okta.AppUserBaseSchemaProperty(\"example\",\n    app_id=\"\u003capp id\u003e\",\n    index=\"customPropertyName\",\n    title=\"customPropertyName\",\n    type=\"string\",\n    master=\"OKTA\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var example = new Okta.AppUserBaseSchemaProperty(\"example\", new()\n    {\n        AppId = \"\u003capp id\u003e\",\n        Index = \"customPropertyName\",\n        Title = \"customPropertyName\",\n        Type = \"string\",\n        Master = \"OKTA\",\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := okta.NewAppUserBaseSchemaProperty(ctx, \"example\", \u0026okta.AppUserBaseSchemaPropertyArgs{\n\t\t\tAppId:  pulumi.String(\"\u003capp id\u003e\"),\n\t\t\tIndex:  pulumi.String(\"customPropertyName\"),\n\t\t\tTitle:  pulumi.String(\"customPropertyName\"),\n\t\t\tType:   pulumi.String(\"string\"),\n\t\t\tMaster: pulumi.String(\"OKTA\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.AppUserBaseSchemaProperty;\nimport com.pulumi.okta.AppUserBaseSchemaPropertyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        var example = new AppUserBaseSchemaProperty(\"example\", AppUserBaseSchemaPropertyArgs.builder()\n            .appId(\"\u003capp id\u003e\")\n            .index(\"customPropertyName\")\n            .title(\"customPropertyName\")\n            .type(\"string\")\n            .master(\"OKTA\")\n            .build());\n\n    }\n}\n```\n```yaml\nresources:\n  example:\n    type: okta:AppUserBaseSchemaProperty\n    properties:\n      appId: \u003capp id\u003e\n      index: customPropertyName\n      title: customPropertyName\n      type: string\n      master: OKTA\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\n```sh\n$ pulumi import okta:index/appUserBaseSchemaProperty:AppUserBaseSchemaProperty example \u003capp_id\u003e/\u003cproperty_name\u003e\n```\n\n","properties":{"appId":{"type":"string","description":"The Application's ID the user schema property should be assigned to.\n"},"index":{"type":"string","description":"Subschema unique string identifier\n"},"master":{"type":"string","description":"Master priority for the user schema property. It can be set to `PROFILE_MASTER` or `OKTA`. Default: `PROFILE_MASTER`\n"},"pattern":{"type":"string","description":"The validation pattern to use for the subschema. Must be in form of '.+', or '[\\n\\n]+' if present.'\n"},"permissions":{"type":"string","description":"Access control permissions for the property. It can be set to `READ_WRITE`, `READ_ONLY`, `HIDE`. Default: `READ_ONLY`\n"},"required":{"type":"boolean","description":"Whether the subschema is required\n"},"title":{"type":"string","description":"Subschema title (display name)\n"},"type":{"type":"string","description":"The type of the schema property. It can be \u003cspan pulumi-lang-nodejs=\"`string`\" pulumi-lang-dotnet=\"`String`\" pulumi-lang-go=\"`string`\" pulumi-lang-python=\"`string`\" pulumi-lang-yaml=\"`string`\" pulumi-lang-java=\"`string`\"\u003e`string`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`boolean`\" pulumi-lang-dotnet=\"`Boolean`\" pulumi-lang-go=\"`boolean`\" pulumi-lang-python=\"`boolean`\" pulumi-lang-yaml=\"`boolean`\" pulumi-lang-java=\"`boolean`\"\u003e`boolean`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`number`\" pulumi-lang-dotnet=\"`Number`\" pulumi-lang-go=\"`number`\" pulumi-lang-python=\"`number`\" pulumi-lang-yaml=\"`number`\" pulumi-lang-java=\"`number`\"\u003e`number`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`integer`\" pulumi-lang-dotnet=\"`Integer`\" pulumi-lang-go=\"`integer`\" pulumi-lang-python=\"`integer`\" pulumi-lang-yaml=\"`integer`\" pulumi-lang-java=\"`integer`\"\u003e`integer`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`array`\" pulumi-lang-dotnet=\"`Array`\" pulumi-lang-go=\"`array`\" pulumi-lang-python=\"`array`\" pulumi-lang-yaml=\"`array`\" pulumi-lang-java=\"`array`\"\u003e`array`\u003c/span\u003e, or \u003cspan pulumi-lang-nodejs=\"`object`\" pulumi-lang-dotnet=\"`Object`\" pulumi-lang-go=\"`object`\" pulumi-lang-python=\"`object`\" pulumi-lang-yaml=\"`object`\" pulumi-lang-java=\"`object`\"\u003e`object`\u003c/span\u003e\n"},"userType":{"type":"string","description":"User type ID. By default, it is \u003cspan pulumi-lang-nodejs=\"`default`\" pulumi-lang-dotnet=\"`Default`\" pulumi-lang-go=\"`default`\" pulumi-lang-python=\"`default`\" pulumi-lang-yaml=\"`default`\" pulumi-lang-java=\"`default`\"\u003e`default`\u003c/span\u003e\n"}},"required":["appId","index","title","type"],"inputProperties":{"appId":{"type":"string","description":"The Application's ID the user schema property should be assigned to.\n"},"index":{"type":"string","description":"Subschema unique string identifier\n","willReplaceOnChanges":true},"master":{"type":"string","description":"Master priority for the user schema property. It can be set to `PROFILE_MASTER` or `OKTA`. Default: `PROFILE_MASTER`\n"},"pattern":{"type":"string","description":"The validation pattern to use for the subschema. Must be in form of '.+', or '[\\n\\n]+' if present.'\n"},"permissions":{"type":"string","description":"Access control permissions for the property. It can be set to `READ_WRITE`, `READ_ONLY`, `HIDE`. Default: `READ_ONLY`\n"},"required":{"type":"boolean","description":"Whether the subschema is required\n"},"title":{"type":"string","description":"Subschema title (display name)\n"},"type":{"type":"string","description":"The type of the schema property. It can be \u003cspan pulumi-lang-nodejs=\"`string`\" pulumi-lang-dotnet=\"`String`\" pulumi-lang-go=\"`string`\" pulumi-lang-python=\"`string`\" pulumi-lang-yaml=\"`string`\" pulumi-lang-java=\"`string`\"\u003e`string`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`boolean`\" pulumi-lang-dotnet=\"`Boolean`\" pulumi-lang-go=\"`boolean`\" pulumi-lang-python=\"`boolean`\" pulumi-lang-yaml=\"`boolean`\" pulumi-lang-java=\"`boolean`\"\u003e`boolean`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`number`\" pulumi-lang-dotnet=\"`Number`\" pulumi-lang-go=\"`number`\" pulumi-lang-python=\"`number`\" pulumi-lang-yaml=\"`number`\" pulumi-lang-java=\"`number`\"\u003e`number`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`integer`\" pulumi-lang-dotnet=\"`Integer`\" pulumi-lang-go=\"`integer`\" pulumi-lang-python=\"`integer`\" pulumi-lang-yaml=\"`integer`\" pulumi-lang-java=\"`integer`\"\u003e`integer`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`array`\" pulumi-lang-dotnet=\"`Array`\" pulumi-lang-go=\"`array`\" pulumi-lang-python=\"`array`\" pulumi-lang-yaml=\"`array`\" pulumi-lang-java=\"`array`\"\u003e`array`\u003c/span\u003e, or \u003cspan pulumi-lang-nodejs=\"`object`\" pulumi-lang-dotnet=\"`Object`\" pulumi-lang-go=\"`object`\" pulumi-lang-python=\"`object`\" pulumi-lang-yaml=\"`object`\" pulumi-lang-java=\"`object`\"\u003e`object`\u003c/span\u003e\n","willReplaceOnChanges":true},"userType":{"type":"string","description":"User type ID. By default, it is \u003cspan pulumi-lang-nodejs=\"`default`\" pulumi-lang-dotnet=\"`Default`\" pulumi-lang-go=\"`default`\" pulumi-lang-python=\"`default`\" pulumi-lang-yaml=\"`default`\" pulumi-lang-java=\"`default`\"\u003e`default`\u003c/span\u003e\n"}},"requiredInputs":["appId","index","title","type"],"stateInputs":{"description":"Input properties used for looking up and filtering AppUserBaseSchemaProperty resources.\n","properties":{"appId":{"type":"string","description":"The Application's ID the user schema property should be assigned to.\n"},"index":{"type":"string","description":"Subschema unique string identifier\n","willReplaceOnChanges":true},"master":{"type":"string","description":"Master priority for the user schema property. It can be set to `PROFILE_MASTER` or `OKTA`. Default: `PROFILE_MASTER`\n"},"pattern":{"type":"string","description":"The validation pattern to use for the subschema. Must be in form of '.+', or '[\\n\\n]+' if present.'\n"},"permissions":{"type":"string","description":"Access control permissions for the property. It can be set to `READ_WRITE`, `READ_ONLY`, `HIDE`. Default: `READ_ONLY`\n"},"required":{"type":"boolean","description":"Whether the subschema is required\n"},"title":{"type":"string","description":"Subschema title (display name)\n"},"type":{"type":"string","description":"The type of the schema property. It can be \u003cspan pulumi-lang-nodejs=\"`string`\" pulumi-lang-dotnet=\"`String`\" pulumi-lang-go=\"`string`\" pulumi-lang-python=\"`string`\" pulumi-lang-yaml=\"`string`\" pulumi-lang-java=\"`string`\"\u003e`string`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`boolean`\" pulumi-lang-dotnet=\"`Boolean`\" pulumi-lang-go=\"`boolean`\" pulumi-lang-python=\"`boolean`\" pulumi-lang-yaml=\"`boolean`\" pulumi-lang-java=\"`boolean`\"\u003e`boolean`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`number`\" pulumi-lang-dotnet=\"`Number`\" pulumi-lang-go=\"`number`\" pulumi-lang-python=\"`number`\" pulumi-lang-yaml=\"`number`\" pulumi-lang-java=\"`number`\"\u003e`number`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`integer`\" pulumi-lang-dotnet=\"`Integer`\" pulumi-lang-go=\"`integer`\" pulumi-lang-python=\"`integer`\" pulumi-lang-yaml=\"`integer`\" pulumi-lang-java=\"`integer`\"\u003e`integer`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`array`\" pulumi-lang-dotnet=\"`Array`\" pulumi-lang-go=\"`array`\" pulumi-lang-python=\"`array`\" pulumi-lang-yaml=\"`array`\" pulumi-lang-java=\"`array`\"\u003e`array`\u003c/span\u003e, or \u003cspan pulumi-lang-nodejs=\"`object`\" pulumi-lang-dotnet=\"`Object`\" pulumi-lang-go=\"`object`\" pulumi-lang-python=\"`object`\" pulumi-lang-yaml=\"`object`\" pulumi-lang-java=\"`object`\"\u003e`object`\u003c/span\u003e\n","willReplaceOnChanges":true},"userType":{"type":"string","description":"User type ID. By default, it is \u003cspan pulumi-lang-nodejs=\"`default`\" pulumi-lang-dotnet=\"`Default`\" pulumi-lang-go=\"`default`\" pulumi-lang-python=\"`default`\" pulumi-lang-yaml=\"`default`\" pulumi-lang-java=\"`default`\"\u003e`default`\u003c/span\u003e\n"}},"type":"object"}},"okta:index/appUserSchemaProperty:AppUserSchemaProperty":{"description":"## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst example = new okta.AppUserSchemaProperty(\"example\", {\n    appId: \"\u003capp id\u003e\",\n    index: \"customPropertyName\",\n    title: \"customPropertyName\",\n    type: \"string\",\n    description: \"My custom property name\",\n    master: \"OKTA\",\n    scope: \"SELF\",\n    arrayEnums: [\n        \"1\",\n        \"2\",\n    ],\n    arrayOneOfs: [\n        {\n            \"const\": \"1\",\n            title: \"one\",\n        },\n        {\n            \"const\": \"2\",\n            title: \"two\",\n        },\n    ],\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\nexample = okta.AppUserSchemaProperty(\"example\",\n    app_id=\"\u003capp id\u003e\",\n    index=\"customPropertyName\",\n    title=\"customPropertyName\",\n    type=\"string\",\n    description=\"My custom property name\",\n    master=\"OKTA\",\n    scope=\"SELF\",\n    array_enums=[\n        \"1\",\n        \"2\",\n    ],\n    array_one_ofs=[\n        {\n            \"const\": \"1\",\n            \"title\": \"one\",\n        },\n        {\n            \"const\": \"2\",\n            \"title\": \"two\",\n        },\n    ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var example = new Okta.AppUserSchemaProperty(\"example\", new()\n    {\n        AppId = \"\u003capp id\u003e\",\n        Index = \"customPropertyName\",\n        Title = \"customPropertyName\",\n        Type = \"string\",\n        Description = \"My custom property name\",\n        Master = \"OKTA\",\n        Scope = \"SELF\",\n        ArrayEnums = new[]\n        {\n            \"1\",\n            \"2\",\n        },\n        ArrayOneOfs = new[]\n        {\n            new Okta.Inputs.AppUserSchemaPropertyArrayOneOfArgs\n            {\n                Const = \"1\",\n                Title = \"one\",\n            },\n            new Okta.Inputs.AppUserSchemaPropertyArrayOneOfArgs\n            {\n                Const = \"2\",\n                Title = \"two\",\n            },\n        },\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := okta.NewAppUserSchemaProperty(ctx, \"example\", \u0026okta.AppUserSchemaPropertyArgs{\n\t\t\tAppId:       pulumi.String(\"\u003capp id\u003e\"),\n\t\t\tIndex:       pulumi.String(\"customPropertyName\"),\n\t\t\tTitle:       pulumi.String(\"customPropertyName\"),\n\t\t\tType:        pulumi.String(\"string\"),\n\t\t\tDescription: pulumi.String(\"My custom property name\"),\n\t\t\tMaster:      pulumi.String(\"OKTA\"),\n\t\t\tScope:       pulumi.String(\"SELF\"),\n\t\t\tArrayEnums: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"1\"),\n\t\t\t\tpulumi.String(\"2\"),\n\t\t\t},\n\t\t\tArrayOneOfs: okta.AppUserSchemaPropertyArrayOneOfArray{\n\t\t\t\t\u0026okta.AppUserSchemaPropertyArrayOneOfArgs{\n\t\t\t\t\tConst: pulumi.String(\"1\"),\n\t\t\t\t\tTitle: pulumi.String(\"one\"),\n\t\t\t\t},\n\t\t\t\t\u0026okta.AppUserSchemaPropertyArrayOneOfArgs{\n\t\t\t\t\tConst: pulumi.String(\"2\"),\n\t\t\t\t\tTitle: pulumi.String(\"two\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.AppUserSchemaProperty;\nimport com.pulumi.okta.AppUserSchemaPropertyArgs;\nimport com.pulumi.okta.inputs.AppUserSchemaPropertyArrayOneOfArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        var example = new AppUserSchemaProperty(\"example\", AppUserSchemaPropertyArgs.builder()\n            .appId(\"\u003capp id\u003e\")\n            .index(\"customPropertyName\")\n            .title(\"customPropertyName\")\n            .type(\"string\")\n            .description(\"My custom property name\")\n            .master(\"OKTA\")\n            .scope(\"SELF\")\n            .arrayEnums(            \n                \"1\",\n                \"2\")\n            .arrayOneOfs(            \n                AppUserSchemaPropertyArrayOneOfArgs.builder()\n                    .const_(\"1\")\n                    .title(\"one\")\n                    .build(),\n                AppUserSchemaPropertyArrayOneOfArgs.builder()\n                    .const_(\"2\")\n                    .title(\"two\")\n                    .build())\n            .build());\n\n    }\n}\n```\n```yaml\nresources:\n  example:\n    type: okta:AppUserSchemaProperty\n    properties:\n      appId: \u003capp id\u003e\n      index: customPropertyName\n      title: customPropertyName\n      type: string\n      description: My custom property name\n      master: OKTA\n      scope: SELF\n      arrayEnums:\n        - '1'\n        - '2'\n      arrayOneOfs:\n        - const: '1'\n          title: one\n        - const: '2'\n          title: two\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\n```sh\n$ pulumi import okta:index/appUserSchemaProperty:AppUserSchemaProperty example \u003capp_id\u003e/\u003cproperty_name\u003e\n```\n\n","properties":{"appId":{"type":"string","description":"The Application's ID the user custom schema property should be assigned to."},"arrayEnums":{"type":"array","items":{"type":"string"},"description":"Array of values that an array property's items can be set to."},"arrayOneOfs":{"type":"array","items":{"$ref":"#/types/okta:index/AppUserSchemaPropertyArrayOneOf:AppUserSchemaPropertyArrayOneOf"},"description":"Display name and value an enum array can be set to.\n\t- 'const' - (Required) value mapping to member of 'enum'.\n\t- 'title' - (Required) display name for the enum value."},"arrayType":{"type":"string","description":"The type of the array elements if \u003cspan pulumi-lang-nodejs=\"`type`\" pulumi-lang-dotnet=\"`Type`\" pulumi-lang-go=\"`type`\" pulumi-lang-python=\"`type`\" pulumi-lang-yaml=\"`type`\" pulumi-lang-java=\"`type`\"\u003e`type`\u003c/span\u003e is set to \u003cspan pulumi-lang-nodejs=\"`array`\" pulumi-lang-dotnet=\"`Array`\" pulumi-lang-go=\"`array`\" pulumi-lang-python=\"`array`\" pulumi-lang-yaml=\"`array`\" pulumi-lang-java=\"`array`\"\u003e`array`\u003c/span\u003e"},"description":{"type":"string","description":"The description of the user schema property."},"enums":{"type":"array","items":{"type":"string"},"description":"Array of values a primitive property can be set to. See \u003cspan pulumi-lang-nodejs=\"`arrayEnum`\" pulumi-lang-dotnet=\"`ArrayEnum`\" pulumi-lang-go=\"`arrayEnum`\" pulumi-lang-python=\"`array_enum`\" pulumi-lang-yaml=\"`arrayEnum`\" pulumi-lang-java=\"`arrayEnum`\"\u003e`array_enum`\u003c/span\u003e for arrays."},"externalName":{"type":"string","description":"External name of the user schema property."},"externalNamespace":{"type":"string","description":"External namespace of the user schema property."},"index":{"type":"string","description":"Subschema unique string identifier"},"master":{"type":"string","description":"Master priority for the user schema property. It can be set to `PROFILE_MASTER` or `OKTA`"},"maxLength":{"type":"integer","description":"The maximum length of the user property value. Only applies to type \u003cspan pulumi-lang-nodejs=\"`string`\" pulumi-lang-dotnet=\"`String`\" pulumi-lang-go=\"`string`\" pulumi-lang-python=\"`string`\" pulumi-lang-yaml=\"`string`\" pulumi-lang-java=\"`string`\"\u003e`string`\u003c/span\u003e"},"minLength":{"type":"integer","description":"The minimum length of the user property value. Only applies to type \u003cspan pulumi-lang-nodejs=\"`string`\" pulumi-lang-dotnet=\"`String`\" pulumi-lang-go=\"`string`\" pulumi-lang-python=\"`string`\" pulumi-lang-yaml=\"`string`\" pulumi-lang-java=\"`string`\"\u003e`string`\u003c/span\u003e"},"oneOfs":{"type":"array","items":{"$ref":"#/types/okta:index/AppUserSchemaPropertyOneOf:AppUserSchemaPropertyOneOf"},"description":"Array of maps containing a mapping for display name to enum value.\n\t- 'const' - (Required) value mapping to member of 'enum'.\n\t- 'title' - (Required) display name for the enum value."},"permissions":{"type":"string","description":"Access control permissions for the property. It can be set to `READ_WRITE`, `READ_ONLY`, `HIDE`. Default: `READ_ONLY`"},"required":{"type":"boolean","description":"Whether the subschema is required"},"scope":{"type":"string","description":"determines whether an app user attribute can be set at the Personal `SELF` or Group `NONE` level. Default value is `NONE`."},"title":{"type":"string","description":"Subschema title (display name)"},"type":{"type":"string","description":"The type of the schema property. It can be \u003cspan pulumi-lang-nodejs=\"`string`\" pulumi-lang-dotnet=\"`String`\" pulumi-lang-go=\"`string`\" pulumi-lang-python=\"`string`\" pulumi-lang-yaml=\"`string`\" pulumi-lang-java=\"`string`\"\u003e`string`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`boolean`\" pulumi-lang-dotnet=\"`Boolean`\" pulumi-lang-go=\"`boolean`\" pulumi-lang-python=\"`boolean`\" pulumi-lang-yaml=\"`boolean`\" pulumi-lang-java=\"`boolean`\"\u003e`boolean`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`number`\" pulumi-lang-dotnet=\"`Number`\" pulumi-lang-go=\"`number`\" pulumi-lang-python=\"`number`\" pulumi-lang-yaml=\"`number`\" pulumi-lang-java=\"`number`\"\u003e`number`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`integer`\" pulumi-lang-dotnet=\"`Integer`\" pulumi-lang-go=\"`integer`\" pulumi-lang-python=\"`integer`\" pulumi-lang-yaml=\"`integer`\" pulumi-lang-java=\"`integer`\"\u003e`integer`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`array`\" pulumi-lang-dotnet=\"`Array`\" pulumi-lang-go=\"`array`\" pulumi-lang-python=\"`array`\" pulumi-lang-yaml=\"`array`\" pulumi-lang-java=\"`array`\"\u003e`array`\u003c/span\u003e, or \u003cspan pulumi-lang-nodejs=\"`object`\" pulumi-lang-dotnet=\"`Object`\" pulumi-lang-go=\"`object`\" pulumi-lang-python=\"`object`\" pulumi-lang-yaml=\"`object`\" pulumi-lang-java=\"`object`\"\u003e`object`\u003c/span\u003e"},"union":{"type":"boolean","description":"If \u003cspan pulumi-lang-nodejs=\"`type`\" pulumi-lang-dotnet=\"`Type`\" pulumi-lang-go=\"`type`\" pulumi-lang-python=\"`type`\" pulumi-lang-yaml=\"`type`\" pulumi-lang-java=\"`type`\"\u003e`type`\u003c/span\u003e is set to \u003cspan pulumi-lang-nodejs=\"`array`\" pulumi-lang-dotnet=\"`Array`\" pulumi-lang-go=\"`array`\" pulumi-lang-python=\"`array`\" pulumi-lang-yaml=\"`array`\" pulumi-lang-java=\"`array`\"\u003e`array`\u003c/span\u003e, used to set whether attribute value is determined by group priority \u003cspan pulumi-lang-nodejs=\"`false`\" pulumi-lang-dotnet=\"`False`\" pulumi-lang-go=\"`false`\" pulumi-lang-python=\"`false`\" pulumi-lang-yaml=\"`false`\" pulumi-lang-java=\"`false`\"\u003e`false`\u003c/span\u003e, or combine values across groups \u003cspan pulumi-lang-nodejs=\"`true`\" pulumi-lang-dotnet=\"`True`\" pulumi-lang-go=\"`true`\" pulumi-lang-python=\"`true`\" pulumi-lang-yaml=\"`true`\" pulumi-lang-java=\"`true`\"\u003e`true`\u003c/span\u003e. Can not be set to \u003cspan pulumi-lang-nodejs=\"`true`\" pulumi-lang-dotnet=\"`True`\" pulumi-lang-go=\"`true`\" pulumi-lang-python=\"`true`\" pulumi-lang-yaml=\"`true`\" pulumi-lang-java=\"`true`\"\u003e`true`\u003c/span\u003e if \u003cspan pulumi-lang-nodejs=\"`scope`\" pulumi-lang-dotnet=\"`Scope`\" pulumi-lang-go=\"`scope`\" pulumi-lang-python=\"`scope`\" pulumi-lang-yaml=\"`scope`\" pulumi-lang-java=\"`scope`\"\u003e`scope`\u003c/span\u003e is set to `SELF`."},"unique":{"type":"string","description":"Whether the property should be unique. It can be set to `UNIQUE_VALIDATED` or `NOT_UNIQUE`."},"userType":{"type":"string","description":"User type ID. By default, it is \u003cspan pulumi-lang-nodejs=\"`default`\" pulumi-lang-dotnet=\"`Default`\" pulumi-lang-go=\"`default`\" pulumi-lang-python=\"`default`\" pulumi-lang-yaml=\"`default`\" pulumi-lang-java=\"`default`\"\u003e`default`\u003c/span\u003e"}},"required":["appId","index","title","type"],"inputProperties":{"appId":{"type":"string","description":"The Application's ID the user custom schema property should be assigned to."},"arrayEnums":{"type":"array","items":{"type":"string"},"description":"Array of values that an array property's items can be set to."},"arrayOneOfs":{"type":"array","items":{"$ref":"#/types/okta:index/AppUserSchemaPropertyArrayOneOf:AppUserSchemaPropertyArrayOneOf"},"description":"Display name and value an enum array can be set to.\n\t- 'const' - (Required) value mapping to member of 'enum'.\n\t- 'title' - (Required) display name for the enum value."},"arrayType":{"type":"string","description":"The type of the array elements if \u003cspan pulumi-lang-nodejs=\"`type`\" pulumi-lang-dotnet=\"`Type`\" pulumi-lang-go=\"`type`\" pulumi-lang-python=\"`type`\" pulumi-lang-yaml=\"`type`\" pulumi-lang-java=\"`type`\"\u003e`type`\u003c/span\u003e is set to \u003cspan pulumi-lang-nodejs=\"`array`\" pulumi-lang-dotnet=\"`Array`\" pulumi-lang-go=\"`array`\" pulumi-lang-python=\"`array`\" pulumi-lang-yaml=\"`array`\" pulumi-lang-java=\"`array`\"\u003e`array`\u003c/span\u003e","willReplaceOnChanges":true},"description":{"type":"string","description":"The description of the user schema property."},"enums":{"type":"array","items":{"type":"string"},"description":"Array of values a primitive property can be set to. See \u003cspan pulumi-lang-nodejs=\"`arrayEnum`\" pulumi-lang-dotnet=\"`ArrayEnum`\" pulumi-lang-go=\"`arrayEnum`\" pulumi-lang-python=\"`array_enum`\" pulumi-lang-yaml=\"`arrayEnum`\" pulumi-lang-java=\"`arrayEnum`\"\u003e`array_enum`\u003c/span\u003e for arrays."},"externalName":{"type":"string","description":"External name of the user schema property.","willReplaceOnChanges":true},"externalNamespace":{"type":"string","description":"External namespace of the user schema property.","willReplaceOnChanges":true},"index":{"type":"string","description":"Subschema unique string identifier","willReplaceOnChanges":true},"master":{"type":"string","description":"Master priority for the user schema property. It can be set to `PROFILE_MASTER` or `OKTA`"},"maxLength":{"type":"integer","description":"The maximum length of the user property value. Only applies to type \u003cspan pulumi-lang-nodejs=\"`string`\" pulumi-lang-dotnet=\"`String`\" pulumi-lang-go=\"`string`\" pulumi-lang-python=\"`string`\" pulumi-lang-yaml=\"`string`\" pulumi-lang-java=\"`string`\"\u003e`string`\u003c/span\u003e"},"minLength":{"type":"integer","description":"The minimum length of the user property value. Only applies to type \u003cspan pulumi-lang-nodejs=\"`string`\" pulumi-lang-dotnet=\"`String`\" pulumi-lang-go=\"`string`\" pulumi-lang-python=\"`string`\" pulumi-lang-yaml=\"`string`\" pulumi-lang-java=\"`string`\"\u003e`string`\u003c/span\u003e"},"oneOfs":{"type":"array","items":{"$ref":"#/types/okta:index/AppUserSchemaPropertyOneOf:AppUserSchemaPropertyOneOf"},"description":"Array of maps containing a mapping for display name to enum value.\n\t- 'const' - (Required) value mapping to member of 'enum'.\n\t- 'title' - (Required) display name for the enum value."},"permissions":{"type":"string","description":"Access control permissions for the property. It can be set to `READ_WRITE`, `READ_ONLY`, `HIDE`. Default: `READ_ONLY`"},"required":{"type":"boolean","description":"Whether the subschema is required"},"scope":{"type":"string","description":"determines whether an app user attribute can be set at the Personal `SELF` or Group `NONE` level. Default value is `NONE`.","willReplaceOnChanges":true},"title":{"type":"string","description":"Subschema title (display name)"},"type":{"type":"string","description":"The type of the schema property. It can be \u003cspan pulumi-lang-nodejs=\"`string`\" pulumi-lang-dotnet=\"`String`\" pulumi-lang-go=\"`string`\" pulumi-lang-python=\"`string`\" pulumi-lang-yaml=\"`string`\" pulumi-lang-java=\"`string`\"\u003e`string`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`boolean`\" pulumi-lang-dotnet=\"`Boolean`\" pulumi-lang-go=\"`boolean`\" pulumi-lang-python=\"`boolean`\" pulumi-lang-yaml=\"`boolean`\" pulumi-lang-java=\"`boolean`\"\u003e`boolean`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`number`\" pulumi-lang-dotnet=\"`Number`\" pulumi-lang-go=\"`number`\" pulumi-lang-python=\"`number`\" pulumi-lang-yaml=\"`number`\" pulumi-lang-java=\"`number`\"\u003e`number`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`integer`\" pulumi-lang-dotnet=\"`Integer`\" pulumi-lang-go=\"`integer`\" pulumi-lang-python=\"`integer`\" pulumi-lang-yaml=\"`integer`\" pulumi-lang-java=\"`integer`\"\u003e`integer`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`array`\" pulumi-lang-dotnet=\"`Array`\" pulumi-lang-go=\"`array`\" pulumi-lang-python=\"`array`\" pulumi-lang-yaml=\"`array`\" pulumi-lang-java=\"`array`\"\u003e`array`\u003c/span\u003e, or \u003cspan pulumi-lang-nodejs=\"`object`\" pulumi-lang-dotnet=\"`Object`\" pulumi-lang-go=\"`object`\" pulumi-lang-python=\"`object`\" pulumi-lang-yaml=\"`object`\" pulumi-lang-java=\"`object`\"\u003e`object`\u003c/span\u003e","willReplaceOnChanges":true},"union":{"type":"boolean","description":"If \u003cspan pulumi-lang-nodejs=\"`type`\" pulumi-lang-dotnet=\"`Type`\" pulumi-lang-go=\"`type`\" pulumi-lang-python=\"`type`\" pulumi-lang-yaml=\"`type`\" pulumi-lang-java=\"`type`\"\u003e`type`\u003c/span\u003e is set to \u003cspan pulumi-lang-nodejs=\"`array`\" pulumi-lang-dotnet=\"`Array`\" pulumi-lang-go=\"`array`\" pulumi-lang-python=\"`array`\" pulumi-lang-yaml=\"`array`\" pulumi-lang-java=\"`array`\"\u003e`array`\u003c/span\u003e, used to set whether attribute value is determined by group priority \u003cspan pulumi-lang-nodejs=\"`false`\" pulumi-lang-dotnet=\"`False`\" pulumi-lang-go=\"`false`\" pulumi-lang-python=\"`false`\" pulumi-lang-yaml=\"`false`\" pulumi-lang-java=\"`false`\"\u003e`false`\u003c/span\u003e, or combine values across groups \u003cspan pulumi-lang-nodejs=\"`true`\" pulumi-lang-dotnet=\"`True`\" pulumi-lang-go=\"`true`\" pulumi-lang-python=\"`true`\" pulumi-lang-yaml=\"`true`\" pulumi-lang-java=\"`true`\"\u003e`true`\u003c/span\u003e. Can not be set to \u003cspan pulumi-lang-nodejs=\"`true`\" pulumi-lang-dotnet=\"`True`\" pulumi-lang-go=\"`true`\" pulumi-lang-python=\"`true`\" pulumi-lang-yaml=\"`true`\" pulumi-lang-java=\"`true`\"\u003e`true`\u003c/span\u003e if \u003cspan pulumi-lang-nodejs=\"`scope`\" pulumi-lang-dotnet=\"`Scope`\" pulumi-lang-go=\"`scope`\" pulumi-lang-python=\"`scope`\" pulumi-lang-yaml=\"`scope`\" pulumi-lang-java=\"`scope`\"\u003e`scope`\u003c/span\u003e is set to `SELF`."},"unique":{"type":"string","description":"Whether the property should be unique. It can be set to `UNIQUE_VALIDATED` or `NOT_UNIQUE`.","willReplaceOnChanges":true},"userType":{"type":"string","description":"User type ID. By default, it is \u003cspan pulumi-lang-nodejs=\"`default`\" pulumi-lang-dotnet=\"`Default`\" pulumi-lang-go=\"`default`\" pulumi-lang-python=\"`default`\" pulumi-lang-yaml=\"`default`\" pulumi-lang-java=\"`default`\"\u003e`default`\u003c/span\u003e"}},"requiredInputs":["appId","index","title","type"],"stateInputs":{"description":"Input properties used for looking up and filtering AppUserSchemaProperty resources.\n","properties":{"appId":{"type":"string","description":"The Application's ID the user custom schema property should be assigned to."},"arrayEnums":{"type":"array","items":{"type":"string"},"description":"Array of values that an array property's items can be set to."},"arrayOneOfs":{"type":"array","items":{"$ref":"#/types/okta:index/AppUserSchemaPropertyArrayOneOf:AppUserSchemaPropertyArrayOneOf"},"description":"Display name and value an enum array can be set to.\n\t- 'const' - (Required) value mapping to member of 'enum'.\n\t- 'title' - (Required) display name for the enum value."},"arrayType":{"type":"string","description":"The type of the array elements if \u003cspan pulumi-lang-nodejs=\"`type`\" pulumi-lang-dotnet=\"`Type`\" pulumi-lang-go=\"`type`\" pulumi-lang-python=\"`type`\" pulumi-lang-yaml=\"`type`\" pulumi-lang-java=\"`type`\"\u003e`type`\u003c/span\u003e is set to \u003cspan pulumi-lang-nodejs=\"`array`\" pulumi-lang-dotnet=\"`Array`\" pulumi-lang-go=\"`array`\" pulumi-lang-python=\"`array`\" pulumi-lang-yaml=\"`array`\" pulumi-lang-java=\"`array`\"\u003e`array`\u003c/span\u003e","willReplaceOnChanges":true},"description":{"type":"string","description":"The description of the user schema property."},"enums":{"type":"array","items":{"type":"string"},"description":"Array of values a primitive property can be set to. See \u003cspan pulumi-lang-nodejs=\"`arrayEnum`\" pulumi-lang-dotnet=\"`ArrayEnum`\" pulumi-lang-go=\"`arrayEnum`\" pulumi-lang-python=\"`array_enum`\" pulumi-lang-yaml=\"`arrayEnum`\" pulumi-lang-java=\"`arrayEnum`\"\u003e`array_enum`\u003c/span\u003e for arrays."},"externalName":{"type":"string","description":"External name of the user schema property.","willReplaceOnChanges":true},"externalNamespace":{"type":"string","description":"External namespace of the user schema property.","willReplaceOnChanges":true},"index":{"type":"string","description":"Subschema unique string identifier","willReplaceOnChanges":true},"master":{"type":"string","description":"Master priority for the user schema property. It can be set to `PROFILE_MASTER` or `OKTA`"},"maxLength":{"type":"integer","description":"The maximum length of the user property value. Only applies to type \u003cspan pulumi-lang-nodejs=\"`string`\" pulumi-lang-dotnet=\"`String`\" pulumi-lang-go=\"`string`\" pulumi-lang-python=\"`string`\" pulumi-lang-yaml=\"`string`\" pulumi-lang-java=\"`string`\"\u003e`string`\u003c/span\u003e"},"minLength":{"type":"integer","description":"The minimum length of the user property value. Only applies to type \u003cspan pulumi-lang-nodejs=\"`string`\" pulumi-lang-dotnet=\"`String`\" pulumi-lang-go=\"`string`\" pulumi-lang-python=\"`string`\" pulumi-lang-yaml=\"`string`\" pulumi-lang-java=\"`string`\"\u003e`string`\u003c/span\u003e"},"oneOfs":{"type":"array","items":{"$ref":"#/types/okta:index/AppUserSchemaPropertyOneOf:AppUserSchemaPropertyOneOf"},"description":"Array of maps containing a mapping for display name to enum value.\n\t- 'const' - (Required) value mapping to member of 'enum'.\n\t- 'title' - (Required) display name for the enum value."},"permissions":{"type":"string","description":"Access control permissions for the property. It can be set to `READ_WRITE`, `READ_ONLY`, `HIDE`. Default: `READ_ONLY`"},"required":{"type":"boolean","description":"Whether the subschema is required"},"scope":{"type":"string","description":"determines whether an app user attribute can be set at the Personal `SELF` or Group `NONE` level. Default value is `NONE`.","willReplaceOnChanges":true},"title":{"type":"string","description":"Subschema title (display name)"},"type":{"type":"string","description":"The type of the schema property. It can be \u003cspan pulumi-lang-nodejs=\"`string`\" pulumi-lang-dotnet=\"`String`\" pulumi-lang-go=\"`string`\" pulumi-lang-python=\"`string`\" pulumi-lang-yaml=\"`string`\" pulumi-lang-java=\"`string`\"\u003e`string`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`boolean`\" pulumi-lang-dotnet=\"`Boolean`\" pulumi-lang-go=\"`boolean`\" pulumi-lang-python=\"`boolean`\" pulumi-lang-yaml=\"`boolean`\" pulumi-lang-java=\"`boolean`\"\u003e`boolean`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`number`\" pulumi-lang-dotnet=\"`Number`\" pulumi-lang-go=\"`number`\" pulumi-lang-python=\"`number`\" pulumi-lang-yaml=\"`number`\" pulumi-lang-java=\"`number`\"\u003e`number`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`integer`\" pulumi-lang-dotnet=\"`Integer`\" pulumi-lang-go=\"`integer`\" pulumi-lang-python=\"`integer`\" pulumi-lang-yaml=\"`integer`\" pulumi-lang-java=\"`integer`\"\u003e`integer`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`array`\" pulumi-lang-dotnet=\"`Array`\" pulumi-lang-go=\"`array`\" pulumi-lang-python=\"`array`\" pulumi-lang-yaml=\"`array`\" pulumi-lang-java=\"`array`\"\u003e`array`\u003c/span\u003e, or \u003cspan pulumi-lang-nodejs=\"`object`\" pulumi-lang-dotnet=\"`Object`\" pulumi-lang-go=\"`object`\" pulumi-lang-python=\"`object`\" pulumi-lang-yaml=\"`object`\" pulumi-lang-java=\"`object`\"\u003e`object`\u003c/span\u003e","willReplaceOnChanges":true},"union":{"type":"boolean","description":"If \u003cspan pulumi-lang-nodejs=\"`type`\" pulumi-lang-dotnet=\"`Type`\" pulumi-lang-go=\"`type`\" pulumi-lang-python=\"`type`\" pulumi-lang-yaml=\"`type`\" pulumi-lang-java=\"`type`\"\u003e`type`\u003c/span\u003e is set to \u003cspan pulumi-lang-nodejs=\"`array`\" pulumi-lang-dotnet=\"`Array`\" pulumi-lang-go=\"`array`\" pulumi-lang-python=\"`array`\" pulumi-lang-yaml=\"`array`\" pulumi-lang-java=\"`array`\"\u003e`array`\u003c/span\u003e, used to set whether attribute value is determined by group priority \u003cspan pulumi-lang-nodejs=\"`false`\" pulumi-lang-dotnet=\"`False`\" pulumi-lang-go=\"`false`\" pulumi-lang-python=\"`false`\" pulumi-lang-yaml=\"`false`\" pulumi-lang-java=\"`false`\"\u003e`false`\u003c/span\u003e, or combine values across groups \u003cspan pulumi-lang-nodejs=\"`true`\" pulumi-lang-dotnet=\"`True`\" pulumi-lang-go=\"`true`\" pulumi-lang-python=\"`true`\" pulumi-lang-yaml=\"`true`\" pulumi-lang-java=\"`true`\"\u003e`true`\u003c/span\u003e. Can not be set to \u003cspan pulumi-lang-nodejs=\"`true`\" pulumi-lang-dotnet=\"`True`\" pulumi-lang-go=\"`true`\" pulumi-lang-python=\"`true`\" pulumi-lang-yaml=\"`true`\" pulumi-lang-java=\"`true`\"\u003e`true`\u003c/span\u003e if \u003cspan pulumi-lang-nodejs=\"`scope`\" pulumi-lang-dotnet=\"`Scope`\" pulumi-lang-go=\"`scope`\" pulumi-lang-python=\"`scope`\" pulumi-lang-yaml=\"`scope`\" pulumi-lang-java=\"`scope`\"\u003e`scope`\u003c/span\u003e is set to `SELF`."},"unique":{"type":"string","description":"Whether the property should be unique. It can be set to `UNIQUE_VALIDATED` or `NOT_UNIQUE`.","willReplaceOnChanges":true},"userType":{"type":"string","description":"User type ID. By default, it is \u003cspan pulumi-lang-nodejs=\"`default`\" pulumi-lang-dotnet=\"`Default`\" pulumi-lang-go=\"`default`\" pulumi-lang-python=\"`default`\" pulumi-lang-yaml=\"`default`\" pulumi-lang-java=\"`default`\"\u003e`default`\u003c/span\u003e"}},"type":"object"}},"okta:index/authServerClaimDefault:AuthServerClaimDefault":{"description":"Configures Default Authorization Server Claim.\nThis resource allows you to configure Default Authorization Server Claims.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst example = new okta.AuthServerClaimDefault(\"example\", {\n    authServerId: \"\u003cauth server id\u003e\",\n    name: \"sub\",\n    value: \"(appuser != null) ? appuser.userName : app.clientId\",\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\nexample = okta.AuthServerClaimDefault(\"example\",\n    auth_server_id=\"\u003cauth server id\u003e\",\n    name=\"sub\",\n    value=\"(appuser != null) ? appuser.userName : app.clientId\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var example = new Okta.AuthServerClaimDefault(\"example\", new()\n    {\n        AuthServerId = \"\u003cauth server id\u003e\",\n        Name = \"sub\",\n        Value = \"(appuser != null) ? appuser.userName : app.clientId\",\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := okta.NewAuthServerClaimDefault(ctx, \"example\", \u0026okta.AuthServerClaimDefaultArgs{\n\t\t\tAuthServerId: pulumi.String(\"\u003cauth server id\u003e\"),\n\t\t\tName:         pulumi.String(\"sub\"),\n\t\t\tValue:        pulumi.String(\"(appuser != null) ? appuser.userName : app.clientId\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.AuthServerClaimDefault;\nimport com.pulumi.okta.AuthServerClaimDefaultArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        var example = new AuthServerClaimDefault(\"example\", AuthServerClaimDefaultArgs.builder()\n            .authServerId(\"\u003cauth server id\u003e\")\n            .name(\"sub\")\n            .value(\"(appuser != null) ? appuser.userName : app.clientId\")\n            .build());\n\n    }\n}\n```\n```yaml\nresources:\n  example:\n    type: okta:AuthServerClaimDefault\n    properties:\n      authServerId: \u003cauth server id\u003e\n      name: sub\n      value: '(appuser != null) ? appuser.userName : app.clientId'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\n```sh\n$ pulumi import okta:index/authServerClaimDefault:AuthServerClaimDefault example \u003cauth_server_id\u003e/\u003cclaim_name\u003e\n```\n\n","properties":{"alwaysIncludeInToken":{"type":"boolean","description":"Specifies whether to include claims in token.\n"},"authServerId":{"type":"string","description":"ID of the authorization server.\n"},"claimType":{"type":"string","description":"Specifies whether the claim is for an access token `RESOURCE` or ID token `IDENTITY`.\n"},"name":{"type":"string","description":"The name of the claim. Can be set to \u003cspan pulumi-lang-nodejs=\"`sub`\" pulumi-lang-dotnet=\"`Sub`\" pulumi-lang-go=\"`sub`\" pulumi-lang-python=\"`sub`\" pulumi-lang-yaml=\"`sub`\" pulumi-lang-java=\"`sub`\"\u003e`sub`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`address`\" pulumi-lang-dotnet=\"`Address`\" pulumi-lang-go=\"`address`\" pulumi-lang-python=\"`address`\" pulumi-lang-yaml=\"`address`\" pulumi-lang-java=\"`address`\"\u003e`address`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`birthdate`\" pulumi-lang-dotnet=\"`Birthdate`\" pulumi-lang-go=\"`birthdate`\" pulumi-lang-python=\"`birthdate`\" pulumi-lang-yaml=\"`birthdate`\" pulumi-lang-java=\"`birthdate`\"\u003e`birthdate`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`email`\" pulumi-lang-dotnet=\"`Email`\" pulumi-lang-go=\"`email`\" pulumi-lang-python=\"`email`\" pulumi-lang-yaml=\"`email`\" pulumi-lang-java=\"`email`\"\u003e`email`\u003c/span\u003e,\u003cspan pulumi-lang-nodejs=\"`emailVerified`\" pulumi-lang-dotnet=\"`EmailVerified`\" pulumi-lang-go=\"`emailVerified`\" pulumi-lang-python=\"`email_verified`\" pulumi-lang-yaml=\"`emailVerified`\" pulumi-lang-java=\"`emailVerified`\"\u003e`email_verified`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`familyName`\" pulumi-lang-dotnet=\"`FamilyName`\" pulumi-lang-go=\"`familyName`\" pulumi-lang-python=\"`family_name`\" pulumi-lang-yaml=\"`familyName`\" pulumi-lang-java=\"`familyName`\"\u003e`family_name`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`gender`\" pulumi-lang-dotnet=\"`Gender`\" pulumi-lang-go=\"`gender`\" pulumi-lang-python=\"`gender`\" pulumi-lang-yaml=\"`gender`\" pulumi-lang-java=\"`gender`\"\u003e`gender`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`givenName`\" pulumi-lang-dotnet=\"`GivenName`\" pulumi-lang-go=\"`givenName`\" pulumi-lang-python=\"`given_name`\" pulumi-lang-yaml=\"`givenName`\" pulumi-lang-java=\"`givenName`\"\u003e`given_name`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`locale`\" pulumi-lang-dotnet=\"`Locale`\" pulumi-lang-go=\"`locale`\" pulumi-lang-python=\"`locale`\" pulumi-lang-yaml=\"`locale`\" pulumi-lang-java=\"`locale`\"\u003e`locale`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`middleName`\" pulumi-lang-dotnet=\"`MiddleName`\" pulumi-lang-go=\"`middleName`\" pulumi-lang-python=\"`middle_name`\" pulumi-lang-yaml=\"`middleName`\" pulumi-lang-java=\"`middleName`\"\u003e`middle_name`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`name`\" pulumi-lang-dotnet=\"`Name`\" pulumi-lang-go=\"`name`\" pulumi-lang-python=\"`name`\" pulumi-lang-yaml=\"`name`\" pulumi-lang-java=\"`name`\"\u003e`name`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`nickname`\" pulumi-lang-dotnet=\"`Nickname`\" pulumi-lang-go=\"`nickname`\" pulumi-lang-python=\"`nickname`\" pulumi-lang-yaml=\"`nickname`\" pulumi-lang-java=\"`nickname`\"\u003e`nickname`\u003c/span\u003e,\u003cspan pulumi-lang-nodejs=\"`phoneNumber`\" pulumi-lang-dotnet=\"`PhoneNumber`\" pulumi-lang-go=\"`phoneNumber`\" pulumi-lang-python=\"`phone_number`\" pulumi-lang-yaml=\"`phoneNumber`\" pulumi-lang-java=\"`phoneNumber`\"\u003e`phone_number`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`picture`\" pulumi-lang-dotnet=\"`Picture`\" pulumi-lang-go=\"`picture`\" pulumi-lang-python=\"`picture`\" pulumi-lang-yaml=\"`picture`\" pulumi-lang-java=\"`picture`\"\u003e`picture`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`preferredUsername`\" pulumi-lang-dotnet=\"`PreferredUsername`\" pulumi-lang-go=\"`preferredUsername`\" pulumi-lang-python=\"`preferred_username`\" pulumi-lang-yaml=\"`preferredUsername`\" pulumi-lang-java=\"`preferredUsername`\"\u003e`preferred_username`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`profile`\" pulumi-lang-dotnet=\"`Profile`\" pulumi-lang-go=\"`profile`\" pulumi-lang-python=\"`profile`\" pulumi-lang-yaml=\"`profile`\" pulumi-lang-java=\"`profile`\"\u003e`profile`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`updatedAt`\" pulumi-lang-dotnet=\"`UpdatedAt`\" pulumi-lang-go=\"`updatedAt`\" pulumi-lang-python=\"`updated_at`\" pulumi-lang-yaml=\"`updatedAt`\" pulumi-lang-java=\"`updatedAt`\"\u003e`updated_at`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`website`\" pulumi-lang-dotnet=\"`Website`\" pulumi-lang-go=\"`website`\" pulumi-lang-python=\"`website`\" pulumi-lang-yaml=\"`website`\" pulumi-lang-java=\"`website`\"\u003e`website`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`zoneinfo`\" pulumi-lang-dotnet=\"`Zoneinfo`\" pulumi-lang-go=\"`zoneinfo`\" pulumi-lang-python=\"`zoneinfo`\" pulumi-lang-yaml=\"`zoneinfo`\" pulumi-lang-java=\"`zoneinfo`\"\u003e`zoneinfo`\u003c/span\u003e\n"},"scopes":{"type":"array","items":{"type":"string"},"description":"Auth server claim list of scopes\n"},"status":{"type":"string","description":"The status of the application.\n"},"value":{"type":"string","description":"The value of the claim. Only required for \u003cspan pulumi-lang-nodejs=\"`sub`\" pulumi-lang-dotnet=\"`Sub`\" pulumi-lang-go=\"`sub`\" pulumi-lang-python=\"`sub`\" pulumi-lang-yaml=\"`sub`\" pulumi-lang-java=\"`sub`\"\u003e`sub`\u003c/span\u003e claim.\n"},"valueType":{"type":"string","description":"The type of value of the claim.\n"}},"required":["alwaysIncludeInToken","authServerId","claimType","name","scopes","status","valueType"],"inputProperties":{"alwaysIncludeInToken":{"type":"boolean","description":"Specifies whether to include claims in token.\n"},"authServerId":{"type":"string","description":"ID of the authorization server.\n","willReplaceOnChanges":true},"name":{"type":"string","description":"The name of the claim. Can be set to \u003cspan pulumi-lang-nodejs=\"`sub`\" pulumi-lang-dotnet=\"`Sub`\" pulumi-lang-go=\"`sub`\" pulumi-lang-python=\"`sub`\" pulumi-lang-yaml=\"`sub`\" pulumi-lang-java=\"`sub`\"\u003e`sub`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`address`\" pulumi-lang-dotnet=\"`Address`\" pulumi-lang-go=\"`address`\" pulumi-lang-python=\"`address`\" pulumi-lang-yaml=\"`address`\" pulumi-lang-java=\"`address`\"\u003e`address`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`birthdate`\" pulumi-lang-dotnet=\"`Birthdate`\" pulumi-lang-go=\"`birthdate`\" pulumi-lang-python=\"`birthdate`\" pulumi-lang-yaml=\"`birthdate`\" pulumi-lang-java=\"`birthdate`\"\u003e`birthdate`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`email`\" pulumi-lang-dotnet=\"`Email`\" pulumi-lang-go=\"`email`\" pulumi-lang-python=\"`email`\" pulumi-lang-yaml=\"`email`\" pulumi-lang-java=\"`email`\"\u003e`email`\u003c/span\u003e,\u003cspan pulumi-lang-nodejs=\"`emailVerified`\" pulumi-lang-dotnet=\"`EmailVerified`\" pulumi-lang-go=\"`emailVerified`\" pulumi-lang-python=\"`email_verified`\" pulumi-lang-yaml=\"`emailVerified`\" pulumi-lang-java=\"`emailVerified`\"\u003e`email_verified`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`familyName`\" pulumi-lang-dotnet=\"`FamilyName`\" pulumi-lang-go=\"`familyName`\" pulumi-lang-python=\"`family_name`\" pulumi-lang-yaml=\"`familyName`\" pulumi-lang-java=\"`familyName`\"\u003e`family_name`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`gender`\" pulumi-lang-dotnet=\"`Gender`\" pulumi-lang-go=\"`gender`\" pulumi-lang-python=\"`gender`\" pulumi-lang-yaml=\"`gender`\" pulumi-lang-java=\"`gender`\"\u003e`gender`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`givenName`\" pulumi-lang-dotnet=\"`GivenName`\" pulumi-lang-go=\"`givenName`\" pulumi-lang-python=\"`given_name`\" pulumi-lang-yaml=\"`givenName`\" pulumi-lang-java=\"`givenName`\"\u003e`given_name`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`locale`\" pulumi-lang-dotnet=\"`Locale`\" pulumi-lang-go=\"`locale`\" pulumi-lang-python=\"`locale`\" pulumi-lang-yaml=\"`locale`\" pulumi-lang-java=\"`locale`\"\u003e`locale`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`middleName`\" pulumi-lang-dotnet=\"`MiddleName`\" pulumi-lang-go=\"`middleName`\" pulumi-lang-python=\"`middle_name`\" pulumi-lang-yaml=\"`middleName`\" pulumi-lang-java=\"`middleName`\"\u003e`middle_name`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`name`\" pulumi-lang-dotnet=\"`Name`\" pulumi-lang-go=\"`name`\" pulumi-lang-python=\"`name`\" pulumi-lang-yaml=\"`name`\" pulumi-lang-java=\"`name`\"\u003e`name`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`nickname`\" pulumi-lang-dotnet=\"`Nickname`\" pulumi-lang-go=\"`nickname`\" pulumi-lang-python=\"`nickname`\" pulumi-lang-yaml=\"`nickname`\" pulumi-lang-java=\"`nickname`\"\u003e`nickname`\u003c/span\u003e,\u003cspan pulumi-lang-nodejs=\"`phoneNumber`\" pulumi-lang-dotnet=\"`PhoneNumber`\" pulumi-lang-go=\"`phoneNumber`\" pulumi-lang-python=\"`phone_number`\" pulumi-lang-yaml=\"`phoneNumber`\" pulumi-lang-java=\"`phoneNumber`\"\u003e`phone_number`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`picture`\" pulumi-lang-dotnet=\"`Picture`\" pulumi-lang-go=\"`picture`\" pulumi-lang-python=\"`picture`\" pulumi-lang-yaml=\"`picture`\" pulumi-lang-java=\"`picture`\"\u003e`picture`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`preferredUsername`\" pulumi-lang-dotnet=\"`PreferredUsername`\" pulumi-lang-go=\"`preferredUsername`\" pulumi-lang-python=\"`preferred_username`\" pulumi-lang-yaml=\"`preferredUsername`\" pulumi-lang-java=\"`preferredUsername`\"\u003e`preferred_username`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`profile`\" pulumi-lang-dotnet=\"`Profile`\" pulumi-lang-go=\"`profile`\" pulumi-lang-python=\"`profile`\" pulumi-lang-yaml=\"`profile`\" pulumi-lang-java=\"`profile`\"\u003e`profile`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`updatedAt`\" pulumi-lang-dotnet=\"`UpdatedAt`\" pulumi-lang-go=\"`updatedAt`\" pulumi-lang-python=\"`updated_at`\" pulumi-lang-yaml=\"`updatedAt`\" pulumi-lang-java=\"`updatedAt`\"\u003e`updated_at`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`website`\" pulumi-lang-dotnet=\"`Website`\" pulumi-lang-go=\"`website`\" pulumi-lang-python=\"`website`\" pulumi-lang-yaml=\"`website`\" pulumi-lang-java=\"`website`\"\u003e`website`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`zoneinfo`\" pulumi-lang-dotnet=\"`Zoneinfo`\" pulumi-lang-go=\"`zoneinfo`\" pulumi-lang-python=\"`zoneinfo`\" pulumi-lang-yaml=\"`zoneinfo`\" pulumi-lang-java=\"`zoneinfo`\"\u003e`zoneinfo`\u003c/span\u003e\n","willReplaceOnChanges":true},"value":{"type":"string","description":"The value of the claim. Only required for \u003cspan pulumi-lang-nodejs=\"`sub`\" pulumi-lang-dotnet=\"`Sub`\" pulumi-lang-go=\"`sub`\" pulumi-lang-python=\"`sub`\" pulumi-lang-yaml=\"`sub`\" pulumi-lang-java=\"`sub`\"\u003e`sub`\u003c/span\u003e claim.\n"}},"requiredInputs":["authServerId"],"stateInputs":{"description":"Input properties used for looking up and filtering AuthServerClaimDefault resources.\n","properties":{"alwaysIncludeInToken":{"type":"boolean","description":"Specifies whether to include claims in token.\n"},"authServerId":{"type":"string","description":"ID of the authorization server.\n","willReplaceOnChanges":true},"claimType":{"type":"string","description":"Specifies whether the claim is for an access token `RESOURCE` or ID token `IDENTITY`.\n"},"name":{"type":"string","description":"The name of the claim. Can be set to \u003cspan pulumi-lang-nodejs=\"`sub`\" pulumi-lang-dotnet=\"`Sub`\" pulumi-lang-go=\"`sub`\" pulumi-lang-python=\"`sub`\" pulumi-lang-yaml=\"`sub`\" pulumi-lang-java=\"`sub`\"\u003e`sub`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`address`\" pulumi-lang-dotnet=\"`Address`\" pulumi-lang-go=\"`address`\" pulumi-lang-python=\"`address`\" pulumi-lang-yaml=\"`address`\" pulumi-lang-java=\"`address`\"\u003e`address`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`birthdate`\" pulumi-lang-dotnet=\"`Birthdate`\" pulumi-lang-go=\"`birthdate`\" pulumi-lang-python=\"`birthdate`\" pulumi-lang-yaml=\"`birthdate`\" pulumi-lang-java=\"`birthdate`\"\u003e`birthdate`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`email`\" pulumi-lang-dotnet=\"`Email`\" pulumi-lang-go=\"`email`\" pulumi-lang-python=\"`email`\" pulumi-lang-yaml=\"`email`\" pulumi-lang-java=\"`email`\"\u003e`email`\u003c/span\u003e,\u003cspan pulumi-lang-nodejs=\"`emailVerified`\" pulumi-lang-dotnet=\"`EmailVerified`\" pulumi-lang-go=\"`emailVerified`\" pulumi-lang-python=\"`email_verified`\" pulumi-lang-yaml=\"`emailVerified`\" pulumi-lang-java=\"`emailVerified`\"\u003e`email_verified`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`familyName`\" pulumi-lang-dotnet=\"`FamilyName`\" pulumi-lang-go=\"`familyName`\" pulumi-lang-python=\"`family_name`\" pulumi-lang-yaml=\"`familyName`\" pulumi-lang-java=\"`familyName`\"\u003e`family_name`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`gender`\" pulumi-lang-dotnet=\"`Gender`\" pulumi-lang-go=\"`gender`\" pulumi-lang-python=\"`gender`\" pulumi-lang-yaml=\"`gender`\" pulumi-lang-java=\"`gender`\"\u003e`gender`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`givenName`\" pulumi-lang-dotnet=\"`GivenName`\" pulumi-lang-go=\"`givenName`\" pulumi-lang-python=\"`given_name`\" pulumi-lang-yaml=\"`givenName`\" pulumi-lang-java=\"`givenName`\"\u003e`given_name`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`locale`\" pulumi-lang-dotnet=\"`Locale`\" pulumi-lang-go=\"`locale`\" pulumi-lang-python=\"`locale`\" pulumi-lang-yaml=\"`locale`\" pulumi-lang-java=\"`locale`\"\u003e`locale`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`middleName`\" pulumi-lang-dotnet=\"`MiddleName`\" pulumi-lang-go=\"`middleName`\" pulumi-lang-python=\"`middle_name`\" pulumi-lang-yaml=\"`middleName`\" pulumi-lang-java=\"`middleName`\"\u003e`middle_name`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`name`\" pulumi-lang-dotnet=\"`Name`\" pulumi-lang-go=\"`name`\" pulumi-lang-python=\"`name`\" pulumi-lang-yaml=\"`name`\" pulumi-lang-java=\"`name`\"\u003e`name`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`nickname`\" pulumi-lang-dotnet=\"`Nickname`\" pulumi-lang-go=\"`nickname`\" pulumi-lang-python=\"`nickname`\" pulumi-lang-yaml=\"`nickname`\" pulumi-lang-java=\"`nickname`\"\u003e`nickname`\u003c/span\u003e,\u003cspan pulumi-lang-nodejs=\"`phoneNumber`\" pulumi-lang-dotnet=\"`PhoneNumber`\" pulumi-lang-go=\"`phoneNumber`\" pulumi-lang-python=\"`phone_number`\" pulumi-lang-yaml=\"`phoneNumber`\" pulumi-lang-java=\"`phoneNumber`\"\u003e`phone_number`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`picture`\" pulumi-lang-dotnet=\"`Picture`\" pulumi-lang-go=\"`picture`\" pulumi-lang-python=\"`picture`\" pulumi-lang-yaml=\"`picture`\" pulumi-lang-java=\"`picture`\"\u003e`picture`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`preferredUsername`\" pulumi-lang-dotnet=\"`PreferredUsername`\" pulumi-lang-go=\"`preferredUsername`\" pulumi-lang-python=\"`preferred_username`\" pulumi-lang-yaml=\"`preferredUsername`\" pulumi-lang-java=\"`preferredUsername`\"\u003e`preferred_username`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`profile`\" pulumi-lang-dotnet=\"`Profile`\" pulumi-lang-go=\"`profile`\" pulumi-lang-python=\"`profile`\" pulumi-lang-yaml=\"`profile`\" pulumi-lang-java=\"`profile`\"\u003e`profile`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`updatedAt`\" pulumi-lang-dotnet=\"`UpdatedAt`\" pulumi-lang-go=\"`updatedAt`\" pulumi-lang-python=\"`updated_at`\" pulumi-lang-yaml=\"`updatedAt`\" pulumi-lang-java=\"`updatedAt`\"\u003e`updated_at`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`website`\" pulumi-lang-dotnet=\"`Website`\" pulumi-lang-go=\"`website`\" pulumi-lang-python=\"`website`\" pulumi-lang-yaml=\"`website`\" pulumi-lang-java=\"`website`\"\u003e`website`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`zoneinfo`\" pulumi-lang-dotnet=\"`Zoneinfo`\" pulumi-lang-go=\"`zoneinfo`\" pulumi-lang-python=\"`zoneinfo`\" pulumi-lang-yaml=\"`zoneinfo`\" pulumi-lang-java=\"`zoneinfo`\"\u003e`zoneinfo`\u003c/span\u003e\n","willReplaceOnChanges":true},"scopes":{"type":"array","items":{"type":"string"},"description":"Auth server claim list of scopes\n"},"status":{"type":"string","description":"The status of the application.\n"},"value":{"type":"string","description":"The value of the claim. Only required for \u003cspan pulumi-lang-nodejs=\"`sub`\" pulumi-lang-dotnet=\"`Sub`\" pulumi-lang-go=\"`sub`\" pulumi-lang-python=\"`sub`\" pulumi-lang-yaml=\"`sub`\" pulumi-lang-java=\"`sub`\"\u003e`sub`\u003c/span\u003e claim.\n"},"valueType":{"type":"string","description":"The type of value of the claim.\n"}},"type":"object"}},"okta:index/authServerDefault:AuthServerDefault":{"description":"Configures Default Authorization Server. This resource allows you to configure Default Authorization Server.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst example = new okta.AuthServerDefault(\"example\", {\n    audiences: [\"api://default\"],\n    description: \"Default Authorization Server for your Applications\",\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\nexample = okta.AuthServerDefault(\"example\",\n    audiences=[\"api://default\"],\n    description=\"Default Authorization Server for your Applications\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var example = new Okta.AuthServerDefault(\"example\", new()\n    {\n        Audiences = new[]\n        {\n            \"api://default\",\n        },\n        Description = \"Default Authorization Server for your Applications\",\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := okta.NewAuthServerDefault(ctx, \"example\", \u0026okta.AuthServerDefaultArgs{\n\t\t\tAudiences: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"api://default\"),\n\t\t\t},\n\t\t\tDescription: pulumi.String(\"Default Authorization Server for your Applications\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.AuthServerDefault;\nimport com.pulumi.okta.AuthServerDefaultArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        var example = new AuthServerDefault(\"example\", AuthServerDefaultArgs.builder()\n            .audiences(\"api://default\")\n            .description(\"Default Authorization Server for your Applications\")\n            .build());\n\n    }\n}\n```\n```yaml\nresources:\n  example:\n    type: okta:AuthServerDefault\n    properties:\n      audiences:\n        - api://default\n      description: Default Authorization Server for your Applications\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\n```sh\n$ pulumi import okta:index/authServerDefault:AuthServerDefault example \u003cdefault\u003e\n```\n\n","properties":{"audiences":{"type":"array","items":{"type":"string"},"description":"The recipients that the tokens are intended for. This becomes the \u003cspan pulumi-lang-nodejs=\"`aud`\" pulumi-lang-dotnet=\"`Aud`\" pulumi-lang-go=\"`aud`\" pulumi-lang-python=\"`aud`\" pulumi-lang-yaml=\"`aud`\" pulumi-lang-java=\"`aud`\"\u003e`aud`\u003c/span\u003e claim in an access token. Currently Okta only supports a single value here.\n"},"credentialsLastRotated":{"type":"string","description":"The timestamp when the authorization server started to use the \u003cspan pulumi-lang-nodejs=\"`kid`\" pulumi-lang-dotnet=\"`Kid`\" pulumi-lang-go=\"`kid`\" pulumi-lang-python=\"`kid`\" pulumi-lang-yaml=\"`kid`\" pulumi-lang-java=\"`kid`\"\u003e`kid`\u003c/span\u003e for signing tokens.\n"},"credentialsNextRotation":{"type":"string","description":"The timestamp when the authorization server changes the key for signing tokens. Only returned when \u003cspan pulumi-lang-nodejs=\"`credentialsRotationMode`\" pulumi-lang-dotnet=\"`CredentialsRotationMode`\" pulumi-lang-go=\"`credentialsRotationMode`\" pulumi-lang-python=\"`credentials_rotation_mode`\" pulumi-lang-yaml=\"`credentialsRotationMode`\" pulumi-lang-java=\"`credentialsRotationMode`\"\u003e`credentials_rotation_mode`\u003c/span\u003e is `AUTO`.\n"},"credentialsRotationMode":{"type":"string","description":"The key rotation mode for the authorization server. Can be `AUTO` or `MANUAL`. Default: `MANUAL`.Credential rotation mode, in many cases you cannot set this to MANUAL, the API will ignore the value and you will get a perpetual diff. This should rarely be used.\n"},"description":{"type":"string","description":"The description of the authorization server.\n"},"issuer":{"type":"string","description":"The complete URL for a Custom Authorization Server. This becomes the \u003cspan pulumi-lang-nodejs=\"`iss`\" pulumi-lang-dotnet=\"`Iss`\" pulumi-lang-go=\"`iss`\" pulumi-lang-python=\"`iss`\" pulumi-lang-yaml=\"`iss`\" pulumi-lang-java=\"`iss`\"\u003e`iss`\u003c/span\u003e claim in an access token.\n"},"issuerMode":{"type":"string","description":"*Early Access Property*. Allows you to use a custom issuer URL. It can be set to `CUSTOM_URL`, `ORG_URL`, or `DYNAMIC`. Default: `ORG_URL`\n"},"kid":{"type":"string","description":"The ID of the JSON Web Key used for signing tokens issued by the authorization server.\n"},"name":{"type":"string","description":"The name of the authorization server. Not necessary but left for backwards capacity with legacy implementation.\n"},"status":{"type":"string","description":"Default to `ACTIVE`\n"}},"required":["credentialsLastRotated","credentialsNextRotation","issuer","kid","name"],"inputProperties":{"audiences":{"type":"array","items":{"type":"string"},"description":"The recipients that the tokens are intended for. This becomes the \u003cspan pulumi-lang-nodejs=\"`aud`\" pulumi-lang-dotnet=\"`Aud`\" pulumi-lang-go=\"`aud`\" pulumi-lang-python=\"`aud`\" pulumi-lang-yaml=\"`aud`\" pulumi-lang-java=\"`aud`\"\u003e`aud`\u003c/span\u003e claim in an access token. Currently Okta only supports a single value here.\n"},"credentialsRotationMode":{"type":"string","description":"The key rotation mode for the authorization server. Can be `AUTO` or `MANUAL`. Default: `MANUAL`.Credential rotation mode, in many cases you cannot set this to MANUAL, the API will ignore the value and you will get a perpetual diff. This should rarely be used.\n"},"description":{"type":"string","description":"The description of the authorization server.\n"},"issuerMode":{"type":"string","description":"*Early Access Property*. Allows you to use a custom issuer URL. It can be set to `CUSTOM_URL`, `ORG_URL`, or `DYNAMIC`. Default: `ORG_URL`\n"},"name":{"type":"string","description":"The name of the authorization server. Not necessary but left for backwards capacity with legacy implementation.\n"},"status":{"type":"string","description":"Default to `ACTIVE`\n"}},"stateInputs":{"description":"Input properties used for looking up and filtering AuthServerDefault resources.\n","properties":{"audiences":{"type":"array","items":{"type":"string"},"description":"The recipients that the tokens are intended for. This becomes the \u003cspan pulumi-lang-nodejs=\"`aud`\" pulumi-lang-dotnet=\"`Aud`\" pulumi-lang-go=\"`aud`\" pulumi-lang-python=\"`aud`\" pulumi-lang-yaml=\"`aud`\" pulumi-lang-java=\"`aud`\"\u003e`aud`\u003c/span\u003e claim in an access token. Currently Okta only supports a single value here.\n"},"credentialsLastRotated":{"type":"string","description":"The timestamp when the authorization server started to use the \u003cspan pulumi-lang-nodejs=\"`kid`\" pulumi-lang-dotnet=\"`Kid`\" pulumi-lang-go=\"`kid`\" pulumi-lang-python=\"`kid`\" pulumi-lang-yaml=\"`kid`\" pulumi-lang-java=\"`kid`\"\u003e`kid`\u003c/span\u003e for signing tokens.\n"},"credentialsNextRotation":{"type":"string","description":"The timestamp when the authorization server changes the key for signing tokens. Only returned when \u003cspan pulumi-lang-nodejs=\"`credentialsRotationMode`\" pulumi-lang-dotnet=\"`CredentialsRotationMode`\" pulumi-lang-go=\"`credentialsRotationMode`\" pulumi-lang-python=\"`credentials_rotation_mode`\" pulumi-lang-yaml=\"`credentialsRotationMode`\" pulumi-lang-java=\"`credentialsRotationMode`\"\u003e`credentials_rotation_mode`\u003c/span\u003e is `AUTO`.\n"},"credentialsRotationMode":{"type":"string","description":"The key rotation mode for the authorization server. Can be `AUTO` or `MANUAL`. Default: `MANUAL`.Credential rotation mode, in many cases you cannot set this to MANUAL, the API will ignore the value and you will get a perpetual diff. This should rarely be used.\n"},"description":{"type":"string","description":"The description of the authorization server.\n"},"issuer":{"type":"string","description":"The complete URL for a Custom Authorization Server. This becomes the \u003cspan pulumi-lang-nodejs=\"`iss`\" pulumi-lang-dotnet=\"`Iss`\" pulumi-lang-go=\"`iss`\" pulumi-lang-python=\"`iss`\" pulumi-lang-yaml=\"`iss`\" pulumi-lang-java=\"`iss`\"\u003e`iss`\u003c/span\u003e claim in an access token.\n"},"issuerMode":{"type":"string","description":"*Early Access Property*. Allows you to use a custom issuer URL. It can be set to `CUSTOM_URL`, `ORG_URL`, or `DYNAMIC`. Default: `ORG_URL`\n"},"kid":{"type":"string","description":"The ID of the JSON Web Key used for signing tokens issued by the authorization server.\n"},"name":{"type":"string","description":"The name of the authorization server. Not necessary but left for backwards capacity with legacy implementation.\n"},"status":{"type":"string","description":"Default to `ACTIVE`\n"}},"type":"object"}},"okta:index/authenticator:Authenticator":{"description":"\u003e **WARNING:** This feature is only available as a part of the Identity Engine. Contact support for further information.\n\nThis resource allows you to configure different authenticators.\n\n\u003e **Create:** The Okta API has an odd notion of create for authenticators. If\nthe authenticator doesn't exist then a one time 'POST /api/v1/authenticators' to\ncreate the authenticator (hard create) will be performed. Thereafter, that\nauthenticator is never deleted, it is only deactivated (soft delete). Therefore,\nif the authenticator already exists create is just a soft import of an existing\nauthenticator. This does not apply to\u003cspan pulumi-lang-nodejs=\" customOtp \" pulumi-lang-dotnet=\" CustomOtp \" pulumi-lang-go=\" customOtp \" pulumi-lang-python=\" custom_otp \" pulumi-lang-yaml=\" customOtp \" pulumi-lang-java=\" customOtp \"\u003e custom_otp \u003c/span\u003eand\u003cspan pulumi-lang-nodejs=\" customApp \" pulumi-lang-dotnet=\" CustomApp \" pulumi-lang-go=\" customApp \" pulumi-lang-python=\" custom_app \" pulumi-lang-yaml=\" customApp \" pulumi-lang-java=\" customApp \"\u003e custom_app \u003c/span\u003eauthenticators. \nThere can be multiple\u003cspan pulumi-lang-nodejs=\" customOtp \" pulumi-lang-dotnet=\" CustomOtp \" pulumi-lang-go=\" customOtp \" pulumi-lang-python=\" custom_otp \" pulumi-lang-yaml=\" customOtp \" pulumi-lang-java=\" customOtp \"\u003e custom_otp \u003c/span\u003eauthenticators. To create new\u003cspan pulumi-lang-nodejs=\" customOtp \" pulumi-lang-dotnet=\" CustomOtp \" pulumi-lang-go=\" customOtp \" pulumi-lang-python=\" custom_otp \" pulumi-lang-yaml=\" customOtp \" pulumi-lang-java=\" customOtp \"\u003e custom_otp \u003c/span\u003e\nauthenticator, a new name and key =\u003cspan pulumi-lang-nodejs=\" customOtp \" pulumi-lang-dotnet=\" CustomOtp \" pulumi-lang-go=\" customOtp \" pulumi-lang-python=\" custom_otp \" pulumi-lang-yaml=\" customOtp \" pulumi-lang-java=\" customOtp \"\u003e custom_otp \u003c/span\u003eis required. If an old name is \nused, it will simply reactivate the old\u003cspan pulumi-lang-nodejs=\" customOtp \" pulumi-lang-dotnet=\" CustomOtp \" pulumi-lang-go=\" customOtp \" pulumi-lang-python=\" custom_otp \" pulumi-lang-yaml=\" customOtp \" pulumi-lang-java=\" customOtp \"\u003e custom_otp \u003c/span\u003eauthenticator. For\u003cspan pulumi-lang-nodejs=\" customApp \" pulumi-lang-dotnet=\" CustomApp \" pulumi-lang-go=\" customApp \" pulumi-lang-python=\" custom_app \" pulumi-lang-yaml=\" customApp \" pulumi-lang-java=\" customApp \"\u003e custom_app \u003c/span\u003e\nauthenticators,\u003cspan pulumi-lang-nodejs=\" legacyIgnoreName \" pulumi-lang-dotnet=\" LegacyIgnoreName \" pulumi-lang-go=\" legacyIgnoreName \" pulumi-lang-python=\" legacy_ignore_name \" pulumi-lang-yaml=\" legacyIgnoreName \" pulumi-lang-java=\" legacyIgnoreName \"\u003e legacy_ignore_name \u003c/span\u003emust be set to false.\n\n\u003e **Update:**\u003cspan pulumi-lang-nodejs=\" customOtp \" pulumi-lang-dotnet=\" CustomOtp \" pulumi-lang-go=\" customOtp \" pulumi-lang-python=\" custom_otp \" pulumi-lang-yaml=\" customOtp \" pulumi-lang-java=\" customOtp \"\u003e custom_otp \u003c/span\u003eauthenticator cannot be updated\n\n\u003e **Delete:** Authenticators can not be truly deleted therefore delete is soft.\nDelete will attempt to deativate the authenticator. An authenticator can only be\ndeactivated if it's not in use by any other policy.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst test = new okta.Authenticator(\"test\", {\n    name: \"Security Question\",\n    key: \"security_question\",\n    settings: JSON.stringify({\n        allowedFor: \"recovery\",\n    }),\n});\nconst otp = new okta.Authenticator(\"otp\", {\n    name: \"Custom OTP\",\n    key: \"custom_otp\",\n    status: \"ACTIVE\",\n    settings: JSON.stringify({\n        protocol: \"TOTP\",\n        acceptableAdjacentIntervals: 3,\n        timeIntervalInSeconds: 30,\n        encoding: \"base32\",\n        algorithm: \"HMacSHA256\",\n        passCodeLength: 6,\n    }),\n    legacyIgnoreName: false,\n});\nconst customApp = new okta.Authenticator(\"custom_app\", {\n    key: \"custom_app\",\n    name: \"Custom Push Auth\",\n    status: \"ACTIVE\",\n    agreeToTerms: true,\n    legacyIgnoreName: false,\n    settings: JSON.stringify({\n        userVerification: \"REQUIRED\",\n        appInstanceId: \"0oasontedmcepr0Uf1d7\",\n    }),\n    providerJson: JSON.stringify({\n        type: \"PUSH\",\n        configuration: {\n            fcm: {\n                id: \"ppcrb12345678ABCDEF\",\n            },\n        },\n    }),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_okta as okta\n\ntest = okta.Authenticator(\"test\",\n    name=\"Security Question\",\n    key=\"security_question\",\n    settings=json.dumps({\n        \"allowedFor\": \"recovery\",\n    }))\notp = okta.Authenticator(\"otp\",\n    name=\"Custom OTP\",\n    key=\"custom_otp\",\n    status=\"ACTIVE\",\n    settings=json.dumps({\n        \"protocol\": \"TOTP\",\n        \"acceptableAdjacentIntervals\": 3,\n        \"timeIntervalInSeconds\": 30,\n        \"encoding\": \"base32\",\n        \"algorithm\": \"HMacSHA256\",\n        \"passCodeLength\": 6,\n    }),\n    legacy_ignore_name=False)\ncustom_app = okta.Authenticator(\"custom_app\",\n    key=\"custom_app\",\n    name=\"Custom Push Auth\",\n    status=\"ACTIVE\",\n    agree_to_terms=True,\n    legacy_ignore_name=False,\n    settings=json.dumps({\n        \"userVerification\": \"REQUIRED\",\n        \"appInstanceId\": \"0oasontedmcepr0Uf1d7\",\n    }),\n    provider_json=json.dumps({\n        \"type\": \"PUSH\",\n        \"configuration\": {\n            \"fcm\": {\n                \"id\": \"ppcrb12345678ABCDEF\",\n            },\n        },\n    }))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var test = new Okta.Authenticator(\"test\", new()\n    {\n        Name = \"Security Question\",\n        Key = \"security_question\",\n        Settings = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n        {\n            [\"allowedFor\"] = \"recovery\",\n        }),\n    });\n\n    var otp = new Okta.Authenticator(\"otp\", new()\n    {\n        Name = \"Custom OTP\",\n        Key = \"custom_otp\",\n        Status = \"ACTIVE\",\n        Settings = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n        {\n            [\"protocol\"] = \"TOTP\",\n            [\"acceptableAdjacentIntervals\"] = 3,\n            [\"timeIntervalInSeconds\"] = 30,\n            [\"encoding\"] = \"base32\",\n            [\"algorithm\"] = \"HMacSHA256\",\n            [\"passCodeLength\"] = 6,\n        }),\n        LegacyIgnoreName = false,\n    });\n\n    var customApp = new Okta.Authenticator(\"custom_app\", new()\n    {\n        Key = \"custom_app\",\n        Name = \"Custom Push Auth\",\n        Status = \"ACTIVE\",\n        AgreeToTerms = true,\n        LegacyIgnoreName = false,\n        Settings = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n        {\n            [\"userVerification\"] = \"REQUIRED\",\n            [\"appInstanceId\"] = \"0oasontedmcepr0Uf1d7\",\n        }),\n        ProviderJson = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n        {\n            [\"type\"] = \"PUSH\",\n            [\"configuration\"] = new Dictionary\u003cstring, object?\u003e\n            {\n                [\"fcm\"] = new Dictionary\u003cstring, object?\u003e\n                {\n                    [\"id\"] = \"ppcrb12345678ABCDEF\",\n                },\n            },\n        }),\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"allowedFor\": \"recovery\",\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = okta.NewAuthenticator(ctx, \"test\", \u0026okta.AuthenticatorArgs{\n\t\t\tName:     pulumi.String(\"Security Question\"),\n\t\t\tKey:      pulumi.String(\"security_question\"),\n\t\t\tSettings: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON1, err := json.Marshal(map[string]interface{}{\n\t\t\t\"protocol\":                    \"TOTP\",\n\t\t\t\"acceptableAdjacentIntervals\": 3,\n\t\t\t\"timeIntervalInSeconds\":       30,\n\t\t\t\"encoding\":                    \"base32\",\n\t\t\t\"algorithm\":                   \"HMacSHA256\",\n\t\t\t\"passCodeLength\":              6,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson1 := string(tmpJSON1)\n\t\t_, err = okta.NewAuthenticator(ctx, \"otp\", \u0026okta.AuthenticatorArgs{\n\t\t\tName:             pulumi.String(\"Custom OTP\"),\n\t\t\tKey:              pulumi.String(\"custom_otp\"),\n\t\t\tStatus:           pulumi.String(\"ACTIVE\"),\n\t\t\tSettings:         pulumi.String(json1),\n\t\t\tLegacyIgnoreName: pulumi.Bool(false),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON2, err := json.Marshal(map[string]interface{}{\n\t\t\t\"userVerification\": \"REQUIRED\",\n\t\t\t\"appInstanceId\":    \"0oasontedmcepr0Uf1d7\",\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson2 := string(tmpJSON2)\n\t\ttmpJSON3, err := json.Marshal(map[string]interface{}{\n\t\t\t\"type\": \"PUSH\",\n\t\t\t\"configuration\": map[string]interface{}{\n\t\t\t\t\"fcm\": map[string]interface{}{\n\t\t\t\t\t\"id\": \"ppcrb12345678ABCDEF\",\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson3 := string(tmpJSON3)\n\t\t_, err = okta.NewAuthenticator(ctx, \"custom_app\", \u0026okta.AuthenticatorArgs{\n\t\t\tKey:              pulumi.String(\"custom_app\"),\n\t\t\tName:             pulumi.String(\"Custom Push Auth\"),\n\t\t\tStatus:           pulumi.String(\"ACTIVE\"),\n\t\t\tAgreeToTerms:     pulumi.Bool(true),\n\t\t\tLegacyIgnoreName: pulumi.Bool(false),\n\t\t\tSettings:         pulumi.String(json2),\n\t\t\tProviderJson:     pulumi.String(json3),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.Authenticator;\nimport com.pulumi.okta.AuthenticatorArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        var test = new Authenticator(\"test\", AuthenticatorArgs.builder()\n            .name(\"Security Question\")\n            .key(\"security_question\")\n            .settings(serializeJson(\n                jsonObject(\n                    jsonProperty(\"allowedFor\", \"recovery\")\n                )))\n            .build());\n\n        var otp = new Authenticator(\"otp\", AuthenticatorArgs.builder()\n            .name(\"Custom OTP\")\n            .key(\"custom_otp\")\n            .status(\"ACTIVE\")\n            .settings(serializeJson(\n                jsonObject(\n                    jsonProperty(\"protocol\", \"TOTP\"),\n                    jsonProperty(\"acceptableAdjacentIntervals\", 3),\n                    jsonProperty(\"timeIntervalInSeconds\", 30),\n                    jsonProperty(\"encoding\", \"base32\"),\n                    jsonProperty(\"algorithm\", \"HMacSHA256\"),\n                    jsonProperty(\"passCodeLength\", 6)\n                )))\n            .legacyIgnoreName(false)\n            .build());\n\n        var customApp = new Authenticator(\"customApp\", AuthenticatorArgs.builder()\n            .key(\"custom_app\")\n            .name(\"Custom Push Auth\")\n            .status(\"ACTIVE\")\n            .agreeToTerms(true)\n            .legacyIgnoreName(false)\n            .settings(serializeJson(\n                jsonObject(\n                    jsonProperty(\"userVerification\", \"REQUIRED\"),\n                    jsonProperty(\"appInstanceId\", \"0oasontedmcepr0Uf1d7\")\n                )))\n            .providerJson(serializeJson(\n                jsonObject(\n                    jsonProperty(\"type\", \"PUSH\"),\n                    jsonProperty(\"configuration\", jsonObject(\n                        jsonProperty(\"fcm\", jsonObject(\n                            jsonProperty(\"id\", \"ppcrb12345678ABCDEF\")\n                        ))\n                    ))\n                )))\n            .build());\n\n    }\n}\n```\n```yaml\nresources:\n  test:\n    type: okta:Authenticator\n    properties:\n      name: Security Question\n      key: security_question\n      settings:\n        fn::toJSON:\n          allowedFor: recovery\n  otp:\n    type: okta:Authenticator\n    properties:\n      name: Custom OTP\n      key: custom_otp\n      status: ACTIVE\n      settings:\n        fn::toJSON:\n          protocol: TOTP\n          acceptableAdjacentIntervals: 3\n          timeIntervalInSeconds: 30\n          encoding: base32\n          algorithm: HMacSHA256\n          passCodeLength: 6\n      legacyIgnoreName: false\n  customApp:\n    type: okta:Authenticator\n    name: custom_app\n    properties:\n      key: custom_app\n      name: Custom Push Auth\n      status: ACTIVE\n      agreeToTerms: true\n      legacyIgnoreName: false # must be false for custom_app\n      settings:\n        fn::toJSON:\n          userVerification: REQUIRED\n          appInstanceId: 0oasontedmcepr0Uf1d7\n      providerJson:\n        fn::toJSON:\n          type: PUSH\n          configuration:\n            fcm:\n              id: ppcrb12345678ABCDEF\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\n```sh\n$ pulumi import okta:index/authenticator:Authenticator example \u003cauthenticator_id\u003e\n```\n\n","properties":{"agreeToTerms":{"type":"boolean","description":"A value of true indicates that the administrator accepts the terms for creating a new authenticator. Okta requires that you accept the terms when creating a new\u003cspan pulumi-lang-nodejs=\" customApp \" pulumi-lang-dotnet=\" CustomApp \" pulumi-lang-go=\" customApp \" pulumi-lang-python=\" custom_app \" pulumi-lang-yaml=\" customApp \" pulumi-lang-java=\" customApp \"\u003e custom_app \u003c/span\u003eauthenticator. Other authenticators don't require this field.\n"},"key":{"type":"string","description":"A human-readable string that identifies the authenticator. Some authenticators are available by feature flag on the organization. Possible values inclue: \u003cspan pulumi-lang-nodejs=\"`customApp`\" pulumi-lang-dotnet=\"`CustomApp`\" pulumi-lang-go=\"`customApp`\" pulumi-lang-python=\"`custom_app`\" pulumi-lang-yaml=\"`customApp`\" pulumi-lang-java=\"`customApp`\"\u003e`custom_app`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`customOtp`\" pulumi-lang-dotnet=\"`CustomOtp`\" pulumi-lang-go=\"`customOtp`\" pulumi-lang-python=\"`custom_otp`\" pulumi-lang-yaml=\"`customOtp`\" pulumi-lang-java=\"`customOtp`\"\u003e`custom_otp`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`duo`\" pulumi-lang-dotnet=\"`Duo`\" pulumi-lang-go=\"`duo`\" pulumi-lang-python=\"`duo`\" pulumi-lang-yaml=\"`duo`\" pulumi-lang-java=\"`duo`\"\u003e`duo`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`externalIdp`\" pulumi-lang-dotnet=\"`ExternalIdp`\" pulumi-lang-go=\"`externalIdp`\" pulumi-lang-python=\"`external_idp`\" pulumi-lang-yaml=\"`externalIdp`\" pulumi-lang-java=\"`externalIdp`\"\u003e`external_idp`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`googleOtp`\" pulumi-lang-dotnet=\"`GoogleOtp`\" pulumi-lang-go=\"`googleOtp`\" pulumi-lang-python=\"`google_otp`\" pulumi-lang-yaml=\"`googleOtp`\" pulumi-lang-java=\"`googleOtp`\"\u003e`google_otp`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`oktaEmail`\" pulumi-lang-dotnet=\"`OktaEmail`\" pulumi-lang-go=\"`oktaEmail`\" pulumi-lang-python=\"`okta_email`\" pulumi-lang-yaml=\"`oktaEmail`\" pulumi-lang-java=\"`oktaEmail`\"\u003e`okta_email`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`oktaPassword`\" pulumi-lang-dotnet=\"`OktaPassword`\" pulumi-lang-go=\"`oktaPassword`\" pulumi-lang-python=\"`okta_password`\" pulumi-lang-yaml=\"`oktaPassword`\" pulumi-lang-java=\"`oktaPassword`\"\u003e`okta_password`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`oktaVerify`\" pulumi-lang-dotnet=\"`OktaVerify`\" pulumi-lang-go=\"`oktaVerify`\" pulumi-lang-python=\"`okta_verify`\" pulumi-lang-yaml=\"`oktaVerify`\" pulumi-lang-java=\"`oktaVerify`\"\u003e`okta_verify`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`onpremMfa`\" pulumi-lang-dotnet=\"`OnpremMfa`\" pulumi-lang-go=\"`onpremMfa`\" pulumi-lang-python=\"`onprem_mfa`\" pulumi-lang-yaml=\"`onpremMfa`\" pulumi-lang-java=\"`onpremMfa`\"\u003e`onprem_mfa`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`phoneNumber`\" pulumi-lang-dotnet=\"`PhoneNumber`\" pulumi-lang-go=\"`phoneNumber`\" pulumi-lang-python=\"`phone_number`\" pulumi-lang-yaml=\"`phoneNumber`\" pulumi-lang-java=\"`phoneNumber`\"\u003e`phone_number`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`rsaToken`\" pulumi-lang-dotnet=\"`RsaToken`\" pulumi-lang-go=\"`rsaToken`\" pulumi-lang-python=\"`rsa_token`\" pulumi-lang-yaml=\"`rsaToken`\" pulumi-lang-java=\"`rsaToken`\"\u003e`rsa_token`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`securityQuestion`\" pulumi-lang-dotnet=\"`SecurityQuestion`\" pulumi-lang-go=\"`securityQuestion`\" pulumi-lang-python=\"`security_question`\" pulumi-lang-yaml=\"`securityQuestion`\" pulumi-lang-java=\"`securityQuestion`\"\u003e`security_question`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`webauthn`\" pulumi-lang-dotnet=\"`Webauthn`\" pulumi-lang-go=\"`webauthn`\" pulumi-lang-python=\"`webauthn`\" pulumi-lang-yaml=\"`webauthn`\" pulumi-lang-java=\"`webauthn`\"\u003e`webauthn`\u003c/span\u003e\n"},"legacyIgnoreName":{"type":"boolean","description":"Name does not trigger change detection (legacy behavior). Must be set to false for\u003cspan pulumi-lang-nodejs=\" customApp \" pulumi-lang-dotnet=\" CustomApp \" pulumi-lang-go=\" customApp \" pulumi-lang-python=\" custom_app \" pulumi-lang-yaml=\" customApp \" pulumi-lang-java=\" customApp \"\u003e custom_app \u003c/span\u003eauthenticators.\n"},"name":{"type":"string","description":"Display name of the Authenticator\n"},"providerAuthPort":{"type":"integer","description":"The RADIUS server port (for example 1812). This is defined when the On-Prem RADIUS server is configured. Used only for authenticators with type \u003cspan pulumi-lang-nodejs=\"`securityKey`\" pulumi-lang-dotnet=\"`SecurityKey`\" pulumi-lang-go=\"`securityKey`\" pulumi-lang-python=\"`security_key`\" pulumi-lang-yaml=\"`securityKey`\" pulumi-lang-java=\"`securityKey`\"\u003e`security_key`\u003c/span\u003e.  Conflicts with \u003cspan pulumi-lang-nodejs=\"`providerJson`\" pulumi-lang-dotnet=\"`ProviderJson`\" pulumi-lang-go=\"`providerJson`\" pulumi-lang-python=\"`provider_json`\" pulumi-lang-yaml=\"`providerJson`\" pulumi-lang-java=\"`providerJson`\"\u003e`provider_json`\u003c/span\u003e argument.\n"},"providerHost":{"type":"string","description":"(DUO specific) - The Duo Security API hostname. Conflicts with \u003cspan pulumi-lang-nodejs=\"`providerJson`\" pulumi-lang-dotnet=\"`ProviderJson`\" pulumi-lang-go=\"`providerJson`\" pulumi-lang-python=\"`provider_json`\" pulumi-lang-yaml=\"`providerJson`\" pulumi-lang-java=\"`providerJson`\"\u003e`provider_json`\u003c/span\u003e argument.\n"},"providerHostname":{"type":"string","description":"Server host name or IP address. Default is \u003cspan pulumi-lang-nodejs=\"`localhost`\" pulumi-lang-dotnet=\"`Localhost`\" pulumi-lang-go=\"`localhost`\" pulumi-lang-python=\"`localhost`\" pulumi-lang-yaml=\"`localhost`\" pulumi-lang-java=\"`localhost`\"\u003e`localhost`\u003c/span\u003e. Used only for authenticators with type \u003cspan pulumi-lang-nodejs=\"`securityKey`\" pulumi-lang-dotnet=\"`SecurityKey`\" pulumi-lang-go=\"`securityKey`\" pulumi-lang-python=\"`security_key`\" pulumi-lang-yaml=\"`securityKey`\" pulumi-lang-java=\"`securityKey`\"\u003e`security_key`\u003c/span\u003e. Conflicts with \u003cspan pulumi-lang-nodejs=\"`providerJson`\" pulumi-lang-dotnet=\"`ProviderJson`\" pulumi-lang-go=\"`providerJson`\" pulumi-lang-python=\"`provider_json`\" pulumi-lang-yaml=\"`providerJson`\" pulumi-lang-java=\"`providerJson`\"\u003e`provider_json`\u003c/span\u003e argument.\n"},"providerInstanceId":{"type":"string","description":"App Instance ID.\n"},"providerIntegrationKey":{"type":"string","description":"(DUO specific) - The Duo Security integration key.  Conflicts with \u003cspan pulumi-lang-nodejs=\"`providerJson`\" pulumi-lang-dotnet=\"`ProviderJson`\" pulumi-lang-go=\"`providerJson`\" pulumi-lang-python=\"`provider_json`\" pulumi-lang-yaml=\"`providerJson`\" pulumi-lang-java=\"`providerJson`\"\u003e`provider_json`\u003c/span\u003e argument.\n"},"providerJson":{"type":"string","description":"Provider JSON allows for expressive providervalues. This argument conflicts with the other 'provider_xxx' arguments. The [CreateProvider](https://developer.okta.com/docs/reference/api/authenticators-admin/#request) illustrates detailed provider values for a Duo authenticator. [Provider values](https://developer.okta.com/docs/reference/api/authenticators-admin/#authenticators-administration-api-object)are listed in Okta API.\n"},"providerSecretKey":{"type":"string","description":"(DUO specific) - The Duo Security secret key.  Conflicts with \u003cspan pulumi-lang-nodejs=\"`providerJson`\" pulumi-lang-dotnet=\"`ProviderJson`\" pulumi-lang-go=\"`providerJson`\" pulumi-lang-python=\"`provider_json`\" pulumi-lang-yaml=\"`providerJson`\" pulumi-lang-java=\"`providerJson`\"\u003e`provider_json`\u003c/span\u003e argument.\n"},"providerSharedSecret":{"type":"string","description":"An authentication key that must be defined when the RADIUS server is configured, and must be the same on both the RADIUS client and server. Used only for authenticators with type \u003cspan pulumi-lang-nodejs=\"`securityKey`\" pulumi-lang-dotnet=\"`SecurityKey`\" pulumi-lang-go=\"`securityKey`\" pulumi-lang-python=\"`security_key`\" pulumi-lang-yaml=\"`securityKey`\" pulumi-lang-java=\"`securityKey`\"\u003e`security_key`\u003c/span\u003e. Conflicts with \u003cspan pulumi-lang-nodejs=\"`providerJson`\" pulumi-lang-dotnet=\"`ProviderJson`\" pulumi-lang-go=\"`providerJson`\" pulumi-lang-python=\"`provider_json`\" pulumi-lang-yaml=\"`providerJson`\" pulumi-lang-java=\"`providerJson`\"\u003e`provider_json`\u003c/span\u003e argument.\n","secret":true},"providerType":{"type":"string","description":"Provider type. Supported value for Duo: `DUO`. Supported value for Custom App: `PUSH`\n"},"providerUserNameTemplate":{"type":"string","description":"Username template expected by the provider. Used only for authenticators with type \u003cspan pulumi-lang-nodejs=\"`securityKey`\" pulumi-lang-dotnet=\"`SecurityKey`\" pulumi-lang-go=\"`securityKey`\" pulumi-lang-python=\"`security_key`\" pulumi-lang-yaml=\"`securityKey`\" pulumi-lang-java=\"`securityKey`\"\u003e`security_key`\u003c/span\u003e.  Conflicts with \u003cspan pulumi-lang-nodejs=\"`providerJson`\" pulumi-lang-dotnet=\"`ProviderJson`\" pulumi-lang-go=\"`providerJson`\" pulumi-lang-python=\"`provider_json`\" pulumi-lang-yaml=\"`providerJson`\" pulumi-lang-java=\"`providerJson`\"\u003e`provider_json`\u003c/span\u003e argument.\n"},"settings":{"type":"string","description":"Settings for the authenticator. The settings JSON contains values based on Authenticator key. It is not used for authenticators with type \u003cspan pulumi-lang-nodejs=\"`securityKey`\" pulumi-lang-dotnet=\"`SecurityKey`\" pulumi-lang-go=\"`securityKey`\" pulumi-lang-python=\"`security_key`\" pulumi-lang-yaml=\"`securityKey`\" pulumi-lang-java=\"`securityKey`\"\u003e`security_key`\u003c/span\u003e\n"},"status":{"type":"string","description":"Authenticator status: `ACTIVE` or `INACTIVE`. Default: `ACTIVE`\n"},"type":{"type":"string","description":"he type of Authenticator. Values include: \u003cspan pulumi-lang-nodejs=\"`password`\" pulumi-lang-dotnet=\"`Password`\" pulumi-lang-go=\"`password`\" pulumi-lang-python=\"`password`\" pulumi-lang-yaml=\"`password`\" pulumi-lang-java=\"`password`\"\u003e`password`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`securityQuestion`\" pulumi-lang-dotnet=\"`SecurityQuestion`\" pulumi-lang-go=\"`securityQuestion`\" pulumi-lang-python=\"`security_question`\" pulumi-lang-yaml=\"`securityQuestion`\" pulumi-lang-java=\"`securityQuestion`\"\u003e`security_question`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`phone`\" pulumi-lang-dotnet=\"`Phone`\" pulumi-lang-go=\"`phone`\" pulumi-lang-python=\"`phone`\" pulumi-lang-yaml=\"`phone`\" pulumi-lang-java=\"`phone`\"\u003e`phone`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`email`\" pulumi-lang-dotnet=\"`Email`\" pulumi-lang-go=\"`email`\" pulumi-lang-python=\"`email`\" pulumi-lang-yaml=\"`email`\" pulumi-lang-java=\"`email`\"\u003e`email`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`app`\" pulumi-lang-dotnet=\"`App`\" pulumi-lang-go=\"`app`\" pulumi-lang-python=\"`app`\" pulumi-lang-yaml=\"`app`\" pulumi-lang-java=\"`app`\"\u003e`app`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`federated`\" pulumi-lang-dotnet=\"`Federated`\" pulumi-lang-go=\"`federated`\" pulumi-lang-python=\"`federated`\" pulumi-lang-yaml=\"`federated`\" pulumi-lang-java=\"`federated`\"\u003e`federated`\u003c/span\u003e, and \u003cspan pulumi-lang-nodejs=\"`securityKey`\" pulumi-lang-dotnet=\"`SecurityKey`\" pulumi-lang-go=\"`securityKey`\" pulumi-lang-python=\"`security_key`\" pulumi-lang-yaml=\"`securityKey`\" pulumi-lang-java=\"`securityKey`\"\u003e`security_key`\u003c/span\u003e.\n"}},"required":["key","name","providerInstanceId","providerType","type"],"inputProperties":{"agreeToTerms":{"type":"boolean","description":"A value of true indicates that the administrator accepts the terms for creating a new authenticator. Okta requires that you accept the terms when creating a new\u003cspan pulumi-lang-nodejs=\" customApp \" pulumi-lang-dotnet=\" CustomApp \" pulumi-lang-go=\" customApp \" pulumi-lang-python=\" custom_app \" pulumi-lang-yaml=\" customApp \" pulumi-lang-java=\" customApp \"\u003e custom_app \u003c/span\u003eauthenticator. Other authenticators don't require this field.\n"},"key":{"type":"string","description":"A human-readable string that identifies the authenticator. Some authenticators are available by feature flag on the organization. Possible values inclue: \u003cspan pulumi-lang-nodejs=\"`customApp`\" pulumi-lang-dotnet=\"`CustomApp`\" pulumi-lang-go=\"`customApp`\" pulumi-lang-python=\"`custom_app`\" pulumi-lang-yaml=\"`customApp`\" pulumi-lang-java=\"`customApp`\"\u003e`custom_app`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`customOtp`\" pulumi-lang-dotnet=\"`CustomOtp`\" pulumi-lang-go=\"`customOtp`\" pulumi-lang-python=\"`custom_otp`\" pulumi-lang-yaml=\"`customOtp`\" pulumi-lang-java=\"`customOtp`\"\u003e`custom_otp`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`duo`\" pulumi-lang-dotnet=\"`Duo`\" pulumi-lang-go=\"`duo`\" pulumi-lang-python=\"`duo`\" pulumi-lang-yaml=\"`duo`\" pulumi-lang-java=\"`duo`\"\u003e`duo`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`externalIdp`\" pulumi-lang-dotnet=\"`ExternalIdp`\" pulumi-lang-go=\"`externalIdp`\" pulumi-lang-python=\"`external_idp`\" pulumi-lang-yaml=\"`externalIdp`\" pulumi-lang-java=\"`externalIdp`\"\u003e`external_idp`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`googleOtp`\" pulumi-lang-dotnet=\"`GoogleOtp`\" pulumi-lang-go=\"`googleOtp`\" pulumi-lang-python=\"`google_otp`\" pulumi-lang-yaml=\"`googleOtp`\" pulumi-lang-java=\"`googleOtp`\"\u003e`google_otp`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`oktaEmail`\" pulumi-lang-dotnet=\"`OktaEmail`\" pulumi-lang-go=\"`oktaEmail`\" pulumi-lang-python=\"`okta_email`\" pulumi-lang-yaml=\"`oktaEmail`\" pulumi-lang-java=\"`oktaEmail`\"\u003e`okta_email`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`oktaPassword`\" pulumi-lang-dotnet=\"`OktaPassword`\" pulumi-lang-go=\"`oktaPassword`\" pulumi-lang-python=\"`okta_password`\" pulumi-lang-yaml=\"`oktaPassword`\" pulumi-lang-java=\"`oktaPassword`\"\u003e`okta_password`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`oktaVerify`\" pulumi-lang-dotnet=\"`OktaVerify`\" pulumi-lang-go=\"`oktaVerify`\" pulumi-lang-python=\"`okta_verify`\" pulumi-lang-yaml=\"`oktaVerify`\" pulumi-lang-java=\"`oktaVerify`\"\u003e`okta_verify`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`onpremMfa`\" pulumi-lang-dotnet=\"`OnpremMfa`\" pulumi-lang-go=\"`onpremMfa`\" pulumi-lang-python=\"`onprem_mfa`\" pulumi-lang-yaml=\"`onpremMfa`\" pulumi-lang-java=\"`onpremMfa`\"\u003e`onprem_mfa`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`phoneNumber`\" pulumi-lang-dotnet=\"`PhoneNumber`\" pulumi-lang-go=\"`phoneNumber`\" pulumi-lang-python=\"`phone_number`\" pulumi-lang-yaml=\"`phoneNumber`\" pulumi-lang-java=\"`phoneNumber`\"\u003e`phone_number`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`rsaToken`\" pulumi-lang-dotnet=\"`RsaToken`\" pulumi-lang-go=\"`rsaToken`\" pulumi-lang-python=\"`rsa_token`\" pulumi-lang-yaml=\"`rsaToken`\" pulumi-lang-java=\"`rsaToken`\"\u003e`rsa_token`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`securityQuestion`\" pulumi-lang-dotnet=\"`SecurityQuestion`\" pulumi-lang-go=\"`securityQuestion`\" pulumi-lang-python=\"`security_question`\" pulumi-lang-yaml=\"`securityQuestion`\" pulumi-lang-java=\"`securityQuestion`\"\u003e`security_question`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`webauthn`\" pulumi-lang-dotnet=\"`Webauthn`\" pulumi-lang-go=\"`webauthn`\" pulumi-lang-python=\"`webauthn`\" pulumi-lang-yaml=\"`webauthn`\" pulumi-lang-java=\"`webauthn`\"\u003e`webauthn`\u003c/span\u003e\n","willReplaceOnChanges":true},"legacyIgnoreName":{"type":"boolean","description":"Name does not trigger change detection (legacy behavior). Must be set to false for\u003cspan pulumi-lang-nodejs=\" customApp \" pulumi-lang-dotnet=\" CustomApp \" pulumi-lang-go=\" customApp \" pulumi-lang-python=\" custom_app \" pulumi-lang-yaml=\" customApp \" pulumi-lang-java=\" customApp \"\u003e custom_app \u003c/span\u003eauthenticators.\n"},"name":{"type":"string","description":"Display name of the Authenticator\n"},"providerAuthPort":{"type":"integer","description":"The RADIUS server port (for example 1812). This is defined when the On-Prem RADIUS server is configured. Used only for authenticators with type \u003cspan pulumi-lang-nodejs=\"`securityKey`\" pulumi-lang-dotnet=\"`SecurityKey`\" pulumi-lang-go=\"`securityKey`\" pulumi-lang-python=\"`security_key`\" pulumi-lang-yaml=\"`securityKey`\" pulumi-lang-java=\"`securityKey`\"\u003e`security_key`\u003c/span\u003e.  Conflicts with \u003cspan pulumi-lang-nodejs=\"`providerJson`\" pulumi-lang-dotnet=\"`ProviderJson`\" pulumi-lang-go=\"`providerJson`\" pulumi-lang-python=\"`provider_json`\" pulumi-lang-yaml=\"`providerJson`\" pulumi-lang-java=\"`providerJson`\"\u003e`provider_json`\u003c/span\u003e argument.\n"},"providerHost":{"type":"string","description":"(DUO specific) - The Duo Security API hostname. Conflicts with \u003cspan pulumi-lang-nodejs=\"`providerJson`\" pulumi-lang-dotnet=\"`ProviderJson`\" pulumi-lang-go=\"`providerJson`\" pulumi-lang-python=\"`provider_json`\" pulumi-lang-yaml=\"`providerJson`\" pulumi-lang-java=\"`providerJson`\"\u003e`provider_json`\u003c/span\u003e argument.\n"},"providerHostname":{"type":"string","description":"Server host name or IP address. Default is \u003cspan pulumi-lang-nodejs=\"`localhost`\" pulumi-lang-dotnet=\"`Localhost`\" pulumi-lang-go=\"`localhost`\" pulumi-lang-python=\"`localhost`\" pulumi-lang-yaml=\"`localhost`\" pulumi-lang-java=\"`localhost`\"\u003e`localhost`\u003c/span\u003e. Used only for authenticators with type \u003cspan pulumi-lang-nodejs=\"`securityKey`\" pulumi-lang-dotnet=\"`SecurityKey`\" pulumi-lang-go=\"`securityKey`\" pulumi-lang-python=\"`security_key`\" pulumi-lang-yaml=\"`securityKey`\" pulumi-lang-java=\"`securityKey`\"\u003e`security_key`\u003c/span\u003e. Conflicts with \u003cspan pulumi-lang-nodejs=\"`providerJson`\" pulumi-lang-dotnet=\"`ProviderJson`\" pulumi-lang-go=\"`providerJson`\" pulumi-lang-python=\"`provider_json`\" pulumi-lang-yaml=\"`providerJson`\" pulumi-lang-java=\"`providerJson`\"\u003e`provider_json`\u003c/span\u003e argument.\n"},"providerIntegrationKey":{"type":"string","description":"(DUO specific) - The Duo Security integration key.  Conflicts with \u003cspan pulumi-lang-nodejs=\"`providerJson`\" pulumi-lang-dotnet=\"`ProviderJson`\" pulumi-lang-go=\"`providerJson`\" pulumi-lang-python=\"`provider_json`\" pulumi-lang-yaml=\"`providerJson`\" pulumi-lang-java=\"`providerJson`\"\u003e`provider_json`\u003c/span\u003e argument.\n"},"providerJson":{"type":"string","description":"Provider JSON allows for expressive providervalues. This argument conflicts with the other 'provider_xxx' arguments. The [CreateProvider](https://developer.okta.com/docs/reference/api/authenticators-admin/#request) illustrates detailed provider values for a Duo authenticator. [Provider values](https://developer.okta.com/docs/reference/api/authenticators-admin/#authenticators-administration-api-object)are listed in Okta API.\n"},"providerSecretKey":{"type":"string","description":"(DUO specific) - The Duo Security secret key.  Conflicts with \u003cspan pulumi-lang-nodejs=\"`providerJson`\" pulumi-lang-dotnet=\"`ProviderJson`\" pulumi-lang-go=\"`providerJson`\" pulumi-lang-python=\"`provider_json`\" pulumi-lang-yaml=\"`providerJson`\" pulumi-lang-java=\"`providerJson`\"\u003e`provider_json`\u003c/span\u003e argument.\n"},"providerSharedSecret":{"type":"string","description":"An authentication key that must be defined when the RADIUS server is configured, and must be the same on both the RADIUS client and server. Used only for authenticators with type \u003cspan pulumi-lang-nodejs=\"`securityKey`\" pulumi-lang-dotnet=\"`SecurityKey`\" pulumi-lang-go=\"`securityKey`\" pulumi-lang-python=\"`security_key`\" pulumi-lang-yaml=\"`securityKey`\" pulumi-lang-java=\"`securityKey`\"\u003e`security_key`\u003c/span\u003e. Conflicts with \u003cspan pulumi-lang-nodejs=\"`providerJson`\" pulumi-lang-dotnet=\"`ProviderJson`\" pulumi-lang-go=\"`providerJson`\" pulumi-lang-python=\"`provider_json`\" pulumi-lang-yaml=\"`providerJson`\" pulumi-lang-java=\"`providerJson`\"\u003e`provider_json`\u003c/span\u003e argument.\n","secret":true},"providerUserNameTemplate":{"type":"string","description":"Username template expected by the provider. Used only for authenticators with type \u003cspan pulumi-lang-nodejs=\"`securityKey`\" pulumi-lang-dotnet=\"`SecurityKey`\" pulumi-lang-go=\"`securityKey`\" pulumi-lang-python=\"`security_key`\" pulumi-lang-yaml=\"`securityKey`\" pulumi-lang-java=\"`securityKey`\"\u003e`security_key`\u003c/span\u003e.  Conflicts with \u003cspan pulumi-lang-nodejs=\"`providerJson`\" pulumi-lang-dotnet=\"`ProviderJson`\" pulumi-lang-go=\"`providerJson`\" pulumi-lang-python=\"`provider_json`\" pulumi-lang-yaml=\"`providerJson`\" pulumi-lang-java=\"`providerJson`\"\u003e`provider_json`\u003c/span\u003e argument.\n"},"settings":{"type":"string","description":"Settings for the authenticator. The settings JSON contains values based on Authenticator key. It is not used for authenticators with type \u003cspan pulumi-lang-nodejs=\"`securityKey`\" pulumi-lang-dotnet=\"`SecurityKey`\" pulumi-lang-go=\"`securityKey`\" pulumi-lang-python=\"`security_key`\" pulumi-lang-yaml=\"`securityKey`\" pulumi-lang-java=\"`securityKey`\"\u003e`security_key`\u003c/span\u003e\n"},"status":{"type":"string","description":"Authenticator status: `ACTIVE` or `INACTIVE`. Default: `ACTIVE`\n"}},"requiredInputs":["key"],"stateInputs":{"description":"Input properties used for looking up and filtering Authenticator resources.\n","properties":{"agreeToTerms":{"type":"boolean","description":"A value of true indicates that the administrator accepts the terms for creating a new authenticator. Okta requires that you accept the terms when creating a new\u003cspan pulumi-lang-nodejs=\" customApp \" pulumi-lang-dotnet=\" CustomApp \" pulumi-lang-go=\" customApp \" pulumi-lang-python=\" custom_app \" pulumi-lang-yaml=\" customApp \" pulumi-lang-java=\" customApp \"\u003e custom_app \u003c/span\u003eauthenticator. Other authenticators don't require this field.\n"},"key":{"type":"string","description":"A human-readable string that identifies the authenticator. Some authenticators are available by feature flag on the organization. Possible values inclue: \u003cspan pulumi-lang-nodejs=\"`customApp`\" pulumi-lang-dotnet=\"`CustomApp`\" pulumi-lang-go=\"`customApp`\" pulumi-lang-python=\"`custom_app`\" pulumi-lang-yaml=\"`customApp`\" pulumi-lang-java=\"`customApp`\"\u003e`custom_app`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`customOtp`\" pulumi-lang-dotnet=\"`CustomOtp`\" pulumi-lang-go=\"`customOtp`\" pulumi-lang-python=\"`custom_otp`\" pulumi-lang-yaml=\"`customOtp`\" pulumi-lang-java=\"`customOtp`\"\u003e`custom_otp`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`duo`\" pulumi-lang-dotnet=\"`Duo`\" pulumi-lang-go=\"`duo`\" pulumi-lang-python=\"`duo`\" pulumi-lang-yaml=\"`duo`\" pulumi-lang-java=\"`duo`\"\u003e`duo`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`externalIdp`\" pulumi-lang-dotnet=\"`ExternalIdp`\" pulumi-lang-go=\"`externalIdp`\" pulumi-lang-python=\"`external_idp`\" pulumi-lang-yaml=\"`externalIdp`\" pulumi-lang-java=\"`externalIdp`\"\u003e`external_idp`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`googleOtp`\" pulumi-lang-dotnet=\"`GoogleOtp`\" pulumi-lang-go=\"`googleOtp`\" pulumi-lang-python=\"`google_otp`\" pulumi-lang-yaml=\"`googleOtp`\" pulumi-lang-java=\"`googleOtp`\"\u003e`google_otp`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`oktaEmail`\" pulumi-lang-dotnet=\"`OktaEmail`\" pulumi-lang-go=\"`oktaEmail`\" pulumi-lang-python=\"`okta_email`\" pulumi-lang-yaml=\"`oktaEmail`\" pulumi-lang-java=\"`oktaEmail`\"\u003e`okta_email`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`oktaPassword`\" pulumi-lang-dotnet=\"`OktaPassword`\" pulumi-lang-go=\"`oktaPassword`\" pulumi-lang-python=\"`okta_password`\" pulumi-lang-yaml=\"`oktaPassword`\" pulumi-lang-java=\"`oktaPassword`\"\u003e`okta_password`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`oktaVerify`\" pulumi-lang-dotnet=\"`OktaVerify`\" pulumi-lang-go=\"`oktaVerify`\" pulumi-lang-python=\"`okta_verify`\" pulumi-lang-yaml=\"`oktaVerify`\" pulumi-lang-java=\"`oktaVerify`\"\u003e`okta_verify`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`onpremMfa`\" pulumi-lang-dotnet=\"`OnpremMfa`\" pulumi-lang-go=\"`onpremMfa`\" pulumi-lang-python=\"`onprem_mfa`\" pulumi-lang-yaml=\"`onpremMfa`\" pulumi-lang-java=\"`onpremMfa`\"\u003e`onprem_mfa`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`phoneNumber`\" pulumi-lang-dotnet=\"`PhoneNumber`\" pulumi-lang-go=\"`phoneNumber`\" pulumi-lang-python=\"`phone_number`\" pulumi-lang-yaml=\"`phoneNumber`\" pulumi-lang-java=\"`phoneNumber`\"\u003e`phone_number`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`rsaToken`\" pulumi-lang-dotnet=\"`RsaToken`\" pulumi-lang-go=\"`rsaToken`\" pulumi-lang-python=\"`rsa_token`\" pulumi-lang-yaml=\"`rsaToken`\" pulumi-lang-java=\"`rsaToken`\"\u003e`rsa_token`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`securityQuestion`\" pulumi-lang-dotnet=\"`SecurityQuestion`\" pulumi-lang-go=\"`securityQuestion`\" pulumi-lang-python=\"`security_question`\" pulumi-lang-yaml=\"`securityQuestion`\" pulumi-lang-java=\"`securityQuestion`\"\u003e`security_question`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`webauthn`\" pulumi-lang-dotnet=\"`Webauthn`\" pulumi-lang-go=\"`webauthn`\" pulumi-lang-python=\"`webauthn`\" pulumi-lang-yaml=\"`webauthn`\" pulumi-lang-java=\"`webauthn`\"\u003e`webauthn`\u003c/span\u003e\n","willReplaceOnChanges":true},"legacyIgnoreName":{"type":"boolean","description":"Name does not trigger change detection (legacy behavior). Must be set to false for\u003cspan pulumi-lang-nodejs=\" customApp \" pulumi-lang-dotnet=\" CustomApp \" pulumi-lang-go=\" customApp \" pulumi-lang-python=\" custom_app \" pulumi-lang-yaml=\" customApp \" pulumi-lang-java=\" customApp \"\u003e custom_app \u003c/span\u003eauthenticators.\n"},"name":{"type":"string","description":"Display name of the Authenticator\n"},"providerAuthPort":{"type":"integer","description":"The RADIUS server port (for example 1812). This is defined when the On-Prem RADIUS server is configured. Used only for authenticators with type \u003cspan pulumi-lang-nodejs=\"`securityKey`\" pulumi-lang-dotnet=\"`SecurityKey`\" pulumi-lang-go=\"`securityKey`\" pulumi-lang-python=\"`security_key`\" pulumi-lang-yaml=\"`securityKey`\" pulumi-lang-java=\"`securityKey`\"\u003e`security_key`\u003c/span\u003e.  Conflicts with \u003cspan pulumi-lang-nodejs=\"`providerJson`\" pulumi-lang-dotnet=\"`ProviderJson`\" pulumi-lang-go=\"`providerJson`\" pulumi-lang-python=\"`provider_json`\" pulumi-lang-yaml=\"`providerJson`\" pulumi-lang-java=\"`providerJson`\"\u003e`provider_json`\u003c/span\u003e argument.\n"},"providerHost":{"type":"string","description":"(DUO specific) - The Duo Security API hostname. Conflicts with \u003cspan pulumi-lang-nodejs=\"`providerJson`\" pulumi-lang-dotnet=\"`ProviderJson`\" pulumi-lang-go=\"`providerJson`\" pulumi-lang-python=\"`provider_json`\" pulumi-lang-yaml=\"`providerJson`\" pulumi-lang-java=\"`providerJson`\"\u003e`provider_json`\u003c/span\u003e argument.\n"},"providerHostname":{"type":"string","description":"Server host name or IP address. Default is \u003cspan pulumi-lang-nodejs=\"`localhost`\" pulumi-lang-dotnet=\"`Localhost`\" pulumi-lang-go=\"`localhost`\" pulumi-lang-python=\"`localhost`\" pulumi-lang-yaml=\"`localhost`\" pulumi-lang-java=\"`localhost`\"\u003e`localhost`\u003c/span\u003e. Used only for authenticators with type \u003cspan pulumi-lang-nodejs=\"`securityKey`\" pulumi-lang-dotnet=\"`SecurityKey`\" pulumi-lang-go=\"`securityKey`\" pulumi-lang-python=\"`security_key`\" pulumi-lang-yaml=\"`securityKey`\" pulumi-lang-java=\"`securityKey`\"\u003e`security_key`\u003c/span\u003e. Conflicts with \u003cspan pulumi-lang-nodejs=\"`providerJson`\" pulumi-lang-dotnet=\"`ProviderJson`\" pulumi-lang-go=\"`providerJson`\" pulumi-lang-python=\"`provider_json`\" pulumi-lang-yaml=\"`providerJson`\" pulumi-lang-java=\"`providerJson`\"\u003e`provider_json`\u003c/span\u003e argument.\n"},"providerInstanceId":{"type":"string","description":"App Instance ID.\n"},"providerIntegrationKey":{"type":"string","description":"(DUO specific) - The Duo Security integration key.  Conflicts with \u003cspan pulumi-lang-nodejs=\"`providerJson`\" pulumi-lang-dotnet=\"`ProviderJson`\" pulumi-lang-go=\"`providerJson`\" pulumi-lang-python=\"`provider_json`\" pulumi-lang-yaml=\"`providerJson`\" pulumi-lang-java=\"`providerJson`\"\u003e`provider_json`\u003c/span\u003e argument.\n"},"providerJson":{"type":"string","description":"Provider JSON allows for expressive providervalues. This argument conflicts with the other 'provider_xxx' arguments. The [CreateProvider](https://developer.okta.com/docs/reference/api/authenticators-admin/#request) illustrates detailed provider values for a Duo authenticator. [Provider values](https://developer.okta.com/docs/reference/api/authenticators-admin/#authenticators-administration-api-object)are listed in Okta API.\n"},"providerSecretKey":{"type":"string","description":"(DUO specific) - The Duo Security secret key.  Conflicts with \u003cspan pulumi-lang-nodejs=\"`providerJson`\" pulumi-lang-dotnet=\"`ProviderJson`\" pulumi-lang-go=\"`providerJson`\" pulumi-lang-python=\"`provider_json`\" pulumi-lang-yaml=\"`providerJson`\" pulumi-lang-java=\"`providerJson`\"\u003e`provider_json`\u003c/span\u003e argument.\n"},"providerSharedSecret":{"type":"string","description":"An authentication key that must be defined when the RADIUS server is configured, and must be the same on both the RADIUS client and server. Used only for authenticators with type \u003cspan pulumi-lang-nodejs=\"`securityKey`\" pulumi-lang-dotnet=\"`SecurityKey`\" pulumi-lang-go=\"`securityKey`\" pulumi-lang-python=\"`security_key`\" pulumi-lang-yaml=\"`securityKey`\" pulumi-lang-java=\"`securityKey`\"\u003e`security_key`\u003c/span\u003e. Conflicts with \u003cspan pulumi-lang-nodejs=\"`providerJson`\" pulumi-lang-dotnet=\"`ProviderJson`\" pulumi-lang-go=\"`providerJson`\" pulumi-lang-python=\"`provider_json`\" pulumi-lang-yaml=\"`providerJson`\" pulumi-lang-java=\"`providerJson`\"\u003e`provider_json`\u003c/span\u003e argument.\n","secret":true},"providerType":{"type":"string","description":"Provider type. Supported value for Duo: `DUO`. Supported value for Custom App: `PUSH`\n"},"providerUserNameTemplate":{"type":"string","description":"Username template expected by the provider. Used only for authenticators with type \u003cspan pulumi-lang-nodejs=\"`securityKey`\" pulumi-lang-dotnet=\"`SecurityKey`\" pulumi-lang-go=\"`securityKey`\" pulumi-lang-python=\"`security_key`\" pulumi-lang-yaml=\"`securityKey`\" pulumi-lang-java=\"`securityKey`\"\u003e`security_key`\u003c/span\u003e.  Conflicts with \u003cspan pulumi-lang-nodejs=\"`providerJson`\" pulumi-lang-dotnet=\"`ProviderJson`\" pulumi-lang-go=\"`providerJson`\" pulumi-lang-python=\"`provider_json`\" pulumi-lang-yaml=\"`providerJson`\" pulumi-lang-java=\"`providerJson`\"\u003e`provider_json`\u003c/span\u003e argument.\n"},"settings":{"type":"string","description":"Settings for the authenticator. The settings JSON contains values based on Authenticator key. It is not used for authenticators with type \u003cspan pulumi-lang-nodejs=\"`securityKey`\" pulumi-lang-dotnet=\"`SecurityKey`\" pulumi-lang-go=\"`securityKey`\" pulumi-lang-python=\"`security_key`\" pulumi-lang-yaml=\"`securityKey`\" pulumi-lang-java=\"`securityKey`\"\u003e`security_key`\u003c/span\u003e\n"},"status":{"type":"string","description":"Authenticator status: `ACTIVE` or `INACTIVE`. Default: `ACTIVE`\n"},"type":{"type":"string","description":"he type of Authenticator. Values include: \u003cspan pulumi-lang-nodejs=\"`password`\" pulumi-lang-dotnet=\"`Password`\" pulumi-lang-go=\"`password`\" pulumi-lang-python=\"`password`\" pulumi-lang-yaml=\"`password`\" pulumi-lang-java=\"`password`\"\u003e`password`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`securityQuestion`\" pulumi-lang-dotnet=\"`SecurityQuestion`\" pulumi-lang-go=\"`securityQuestion`\" pulumi-lang-python=\"`security_question`\" pulumi-lang-yaml=\"`securityQuestion`\" pulumi-lang-java=\"`securityQuestion`\"\u003e`security_question`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`phone`\" pulumi-lang-dotnet=\"`Phone`\" pulumi-lang-go=\"`phone`\" pulumi-lang-python=\"`phone`\" pulumi-lang-yaml=\"`phone`\" pulumi-lang-java=\"`phone`\"\u003e`phone`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`email`\" pulumi-lang-dotnet=\"`Email`\" pulumi-lang-go=\"`email`\" pulumi-lang-python=\"`email`\" pulumi-lang-yaml=\"`email`\" pulumi-lang-java=\"`email`\"\u003e`email`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`app`\" pulumi-lang-dotnet=\"`App`\" pulumi-lang-go=\"`app`\" pulumi-lang-python=\"`app`\" pulumi-lang-yaml=\"`app`\" pulumi-lang-java=\"`app`\"\u003e`app`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`federated`\" pulumi-lang-dotnet=\"`Federated`\" pulumi-lang-go=\"`federated`\" pulumi-lang-python=\"`federated`\" pulumi-lang-yaml=\"`federated`\" pulumi-lang-java=\"`federated`\"\u003e`federated`\u003c/span\u003e, and \u003cspan pulumi-lang-nodejs=\"`securityKey`\" pulumi-lang-dotnet=\"`SecurityKey`\" pulumi-lang-go=\"`securityKey`\" pulumi-lang-python=\"`security_key`\" pulumi-lang-yaml=\"`securityKey`\" pulumi-lang-java=\"`securityKey`\"\u003e`security_key`\u003c/span\u003e.\n"}},"type":"object"}},"okta:index/behaviour:Behaviour":{"description":"This resource allows you to create and configure a behavior.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst myLocation = new okta.Behaviour(\"my_location\", {\n    name: \"My Location\",\n    type: \"ANOMALOUS_LOCATION\",\n    numberOfAuthentications: 50,\n    locationGranularityType: \"LAT_LONG\",\n    radiusFromLocation: 20,\n});\nconst myCity = new okta.Behaviour(\"my_city\", {\n    name: \"My City\",\n    type: \"ANOMALOUS_LOCATION\",\n    numberOfAuthentications: 50,\n    locationGranularityType: \"CITY\",\n});\nconst myDevice = new okta.Behaviour(\"my_device\", {\n    name: \"My Device\",\n    type: \"ANOMALOUS_DEVICE\",\n    numberOfAuthentications: 50,\n});\nconst myIp = new okta.Behaviour(\"my_ip\", {\n    name: \"My IP\",\n    type: \"ANOMALOUS_IP\",\n    numberOfAuthentications: 50,\n});\nconst myVelocity = new okta.Behaviour(\"my_velocity\", {\n    name: \"My Velocity\",\n    type: \"VELOCITY\",\n    velocity: 25,\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\nmy_location = okta.Behaviour(\"my_location\",\n    name=\"My Location\",\n    type=\"ANOMALOUS_LOCATION\",\n    number_of_authentications=50,\n    location_granularity_type=\"LAT_LONG\",\n    radius_from_location=20)\nmy_city = okta.Behaviour(\"my_city\",\n    name=\"My City\",\n    type=\"ANOMALOUS_LOCATION\",\n    number_of_authentications=50,\n    location_granularity_type=\"CITY\")\nmy_device = okta.Behaviour(\"my_device\",\n    name=\"My Device\",\n    type=\"ANOMALOUS_DEVICE\",\n    number_of_authentications=50)\nmy_ip = okta.Behaviour(\"my_ip\",\n    name=\"My IP\",\n    type=\"ANOMALOUS_IP\",\n    number_of_authentications=50)\nmy_velocity = okta.Behaviour(\"my_velocity\",\n    name=\"My Velocity\",\n    type=\"VELOCITY\",\n    velocity=25)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var myLocation = new Okta.Behaviour(\"my_location\", new()\n    {\n        Name = \"My Location\",\n        Type = \"ANOMALOUS_LOCATION\",\n        NumberOfAuthentications = 50,\n        LocationGranularityType = \"LAT_LONG\",\n        RadiusFromLocation = 20,\n    });\n\n    var myCity = new Okta.Behaviour(\"my_city\", new()\n    {\n        Name = \"My City\",\n        Type = \"ANOMALOUS_LOCATION\",\n        NumberOfAuthentications = 50,\n        LocationGranularityType = \"CITY\",\n    });\n\n    var myDevice = new Okta.Behaviour(\"my_device\", new()\n    {\n        Name = \"My Device\",\n        Type = \"ANOMALOUS_DEVICE\",\n        NumberOfAuthentications = 50,\n    });\n\n    var myIp = new Okta.Behaviour(\"my_ip\", new()\n    {\n        Name = \"My IP\",\n        Type = \"ANOMALOUS_IP\",\n        NumberOfAuthentications = 50,\n    });\n\n    var myVelocity = new Okta.Behaviour(\"my_velocity\", new()\n    {\n        Name = \"My Velocity\",\n        Type = \"VELOCITY\",\n        Velocity = 25,\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := okta.NewBehaviour(ctx, \"my_location\", \u0026okta.BehaviourArgs{\n\t\t\tName:                    pulumi.String(\"My Location\"),\n\t\t\tType:                    pulumi.String(\"ANOMALOUS_LOCATION\"),\n\t\t\tNumberOfAuthentications: pulumi.Int(50),\n\t\t\tLocationGranularityType: pulumi.String(\"LAT_LONG\"),\n\t\t\tRadiusFromLocation:      pulumi.Int(20),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = okta.NewBehaviour(ctx, \"my_city\", \u0026okta.BehaviourArgs{\n\t\t\tName:                    pulumi.String(\"My City\"),\n\t\t\tType:                    pulumi.String(\"ANOMALOUS_LOCATION\"),\n\t\t\tNumberOfAuthentications: pulumi.Int(50),\n\t\t\tLocationGranularityType: pulumi.String(\"CITY\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = okta.NewBehaviour(ctx, \"my_device\", \u0026okta.BehaviourArgs{\n\t\t\tName:                    pulumi.String(\"My Device\"),\n\t\t\tType:                    pulumi.String(\"ANOMALOUS_DEVICE\"),\n\t\t\tNumberOfAuthentications: pulumi.Int(50),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = okta.NewBehaviour(ctx, \"my_ip\", \u0026okta.BehaviourArgs{\n\t\t\tName:                    pulumi.String(\"My IP\"),\n\t\t\tType:                    pulumi.String(\"ANOMALOUS_IP\"),\n\t\t\tNumberOfAuthentications: pulumi.Int(50),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = okta.NewBehaviour(ctx, \"my_velocity\", \u0026okta.BehaviourArgs{\n\t\t\tName:     pulumi.String(\"My Velocity\"),\n\t\t\tType:     pulumi.String(\"VELOCITY\"),\n\t\t\tVelocity: pulumi.Int(25),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.Behaviour;\nimport com.pulumi.okta.BehaviourArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        var myLocation = new Behaviour(\"myLocation\", BehaviourArgs.builder()\n            .name(\"My Location\")\n            .type(\"ANOMALOUS_LOCATION\")\n            .numberOfAuthentications(50)\n            .locationGranularityType(\"LAT_LONG\")\n            .radiusFromLocation(20)\n            .build());\n\n        var myCity = new Behaviour(\"myCity\", BehaviourArgs.builder()\n            .name(\"My City\")\n            .type(\"ANOMALOUS_LOCATION\")\n            .numberOfAuthentications(50)\n            .locationGranularityType(\"CITY\")\n            .build());\n\n        var myDevice = new Behaviour(\"myDevice\", BehaviourArgs.builder()\n            .name(\"My Device\")\n            .type(\"ANOMALOUS_DEVICE\")\n            .numberOfAuthentications(50)\n            .build());\n\n        var myIp = new Behaviour(\"myIp\", BehaviourArgs.builder()\n            .name(\"My IP\")\n            .type(\"ANOMALOUS_IP\")\n            .numberOfAuthentications(50)\n            .build());\n\n        var myVelocity = new Behaviour(\"myVelocity\", BehaviourArgs.builder()\n            .name(\"My Velocity\")\n            .type(\"VELOCITY\")\n            .velocity(25)\n            .build());\n\n    }\n}\n```\n```yaml\nresources:\n  myLocation:\n    type: okta:Behaviour\n    name: my_location\n    properties:\n      name: My Location\n      type: ANOMALOUS_LOCATION\n      numberOfAuthentications: 50\n      locationGranularityType: LAT_LONG\n      radiusFromLocation: 20\n  myCity:\n    type: okta:Behaviour\n    name: my_city\n    properties:\n      name: My City\n      type: ANOMALOUS_LOCATION\n      numberOfAuthentications: 50\n      locationGranularityType: CITY\n  myDevice:\n    type: okta:Behaviour\n    name: my_device\n    properties:\n      name: My Device\n      type: ANOMALOUS_DEVICE\n      numberOfAuthentications: 50\n  myIp:\n    type: okta:Behaviour\n    name: my_ip\n    properties:\n      name: My IP\n      type: ANOMALOUS_IP\n      numberOfAuthentications: 50\n  myVelocity:\n    type: okta:Behaviour\n    name: my_velocity\n    properties:\n      name: My Velocity\n      type: VELOCITY\n      velocity: 25\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\n```sh\n$ pulumi import okta:index/behaviour:Behaviour example \u003cbehavior_id\u003e\n```\n\n","properties":{"locationGranularityType":{"type":"string","description":"Determines the method and level of detail used to evaluate the behavior. Required for `ANOMALOUS_LOCATION` behavior type. Can be set to `LAT_LONG`, `CITY`, `COUNTRY` or `SUBDIVISION`.\n"},"name":{"type":"string","description":"Name of the behavior\n"},"numberOfAuthentications":{"type":"integer","description":"The number of recent authentications used to evaluate the behavior. Required for `ANOMALOUS_LOCATION`, `ANOMALOUS_DEVICE` and `ANOMALOUS_IP` behavior types.\n"},"radiusFromLocation":{"type":"integer","description":"Radius from location (in kilometers). Should be at least 5. Required when \u003cspan pulumi-lang-nodejs=\"`locationGranularityType`\" pulumi-lang-dotnet=\"`LocationGranularityType`\" pulumi-lang-go=\"`locationGranularityType`\" pulumi-lang-python=\"`location_granularity_type`\" pulumi-lang-yaml=\"`locationGranularityType`\" pulumi-lang-java=\"`locationGranularityType`\"\u003e`location_granularity_type`\u003c/span\u003e is set to `LAT_LONG`.\n"},"status":{"type":"string","description":"Behavior status: ACTIVE or INACTIVE. Default: `ACTIVE`\n"},"type":{"type":"string","description":"Type of the behavior. Can be set to `ANOMALOUS_LOCATION`, `ANOMALOUS_DEVICE`, `ANOMALOUS_IP` or `VELOCITY`. Resource will be recreated when the type changes.e\n"},"velocity":{"type":"integer","description":"Velocity (in kilometers per hour). Should be at least 1. Required for `VELOCITY` behavior\n"}},"required":["name","type"],"inputProperties":{"locationGranularityType":{"type":"string","description":"Determines the method and level of detail used to evaluate the behavior. Required for `ANOMALOUS_LOCATION` behavior type. Can be set to `LAT_LONG`, `CITY`, `COUNTRY` or `SUBDIVISION`.\n"},"name":{"type":"string","description":"Name of the behavior\n"},"numberOfAuthentications":{"type":"integer","description":"The number of recent authentications used to evaluate the behavior. Required for `ANOMALOUS_LOCATION`, `ANOMALOUS_DEVICE` and `ANOMALOUS_IP` behavior types.\n"},"radiusFromLocation":{"type":"integer","description":"Radius from location (in kilometers). Should be at least 5. Required when \u003cspan pulumi-lang-nodejs=\"`locationGranularityType`\" pulumi-lang-dotnet=\"`LocationGranularityType`\" pulumi-lang-go=\"`locationGranularityType`\" pulumi-lang-python=\"`location_granularity_type`\" pulumi-lang-yaml=\"`locationGranularityType`\" pulumi-lang-java=\"`locationGranularityType`\"\u003e`location_granularity_type`\u003c/span\u003e is set to `LAT_LONG`.\n"},"status":{"type":"string","description":"Behavior status: ACTIVE or INACTIVE. Default: `ACTIVE`\n"},"type":{"type":"string","description":"Type of the behavior. Can be set to `ANOMALOUS_LOCATION`, `ANOMALOUS_DEVICE`, `ANOMALOUS_IP` or `VELOCITY`. Resource will be recreated when the type changes.e\n","willReplaceOnChanges":true},"velocity":{"type":"integer","description":"Velocity (in kilometers per hour). Should be at least 1. Required for `VELOCITY` behavior\n"}},"requiredInputs":["type"],"stateInputs":{"description":"Input properties used for looking up and filtering Behaviour resources.\n","properties":{"locationGranularityType":{"type":"string","description":"Determines the method and level of detail used to evaluate the behavior. Required for `ANOMALOUS_LOCATION` behavior type. Can be set to `LAT_LONG`, `CITY`, `COUNTRY` or `SUBDIVISION`.\n"},"name":{"type":"string","description":"Name of the behavior\n"},"numberOfAuthentications":{"type":"integer","description":"The number of recent authentications used to evaluate the behavior. Required for `ANOMALOUS_LOCATION`, `ANOMALOUS_DEVICE` and `ANOMALOUS_IP` behavior types.\n"},"radiusFromLocation":{"type":"integer","description":"Radius from location (in kilometers). Should be at least 5. Required when \u003cspan pulumi-lang-nodejs=\"`locationGranularityType`\" pulumi-lang-dotnet=\"`LocationGranularityType`\" pulumi-lang-go=\"`locationGranularityType`\" pulumi-lang-python=\"`location_granularity_type`\" pulumi-lang-yaml=\"`locationGranularityType`\" pulumi-lang-java=\"`locationGranularityType`\"\u003e`location_granularity_type`\u003c/span\u003e is set to `LAT_LONG`.\n"},"status":{"type":"string","description":"Behavior status: ACTIVE or INACTIVE. Default: `ACTIVE`\n"},"type":{"type":"string","description":"Type of the behavior. Can be set to `ANOMALOUS_LOCATION`, `ANOMALOUS_DEVICE`, `ANOMALOUS_IP` or `VELOCITY`. Resource will be recreated when the type changes.e\n","willReplaceOnChanges":true},"velocity":{"type":"integer","description":"Velocity (in kilometers per hour). Should be at least 1. Required for `VELOCITY` behavior\n"}},"type":"object"}},"okta:index/brand:Brand":{"description":"## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst example = new okta.Brand(\"example\", {name: \"example\"});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\nexample = okta.Brand(\"example\", name=\"example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var example = new Okta.Brand(\"example\", new()\n    {\n        Name = \"example\",\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := okta.NewBrand(ctx, \"example\", \u0026okta.BrandArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.Brand;\nimport com.pulumi.okta.BrandArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        var example = new Brand(\"example\", BrandArgs.builder()\n            .name(\"example\")\n            .build());\n\n    }\n}\n```\n```yaml\nresources:\n  example:\n    type: okta:Brand\n    properties:\n      name: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\n```sh\n$ pulumi import okta:index/brand:Brand example \u003cbrand_id\u003e\n```\n\n","properties":{"agreeToCustomPrivacyPolicy":{"type":"boolean","description":"Is a required input flag with when changing custom*privacy*url, shouldn't be considered as a readable property\n"},"brandId":{"type":"string","description":"Brand ID - Note: Okta API for brands only reads and updates therefore the okta*brand resource needs to act as a quasi data source. Do this by setting brand*id. `DEPRECATED`: Okta has fully support brand creation, this attribute is a no op and will be removed\n","deprecationMessage":"Okta has fully support brand creation, this attribute is a no op and will be removed"},"customPrivacyPolicyUrl":{"type":"string","description":"Custom privacy policy URL\n"},"defaultAppAppInstanceId":{"type":"string","description":"Default app app instance id\n"},"defaultAppAppLinkName":{"type":"string","description":"Default app app link name\n"},"defaultAppClassicApplicationUri":{"type":"string","description":"Default app classic application uri\n"},"emailDomainId":{"type":"string","description":"Email Domain ID tied to this brand\n"},"isDefault":{"type":"boolean","description":"Is this the default brand\n"},"links":{"type":"string","description":"Link relations for this object - JSON HAL - Discoverable resources related to the brand\n"},"locale":{"type":"string","description":"The language specified as an IETF BCP 47 language tag\n"},"name":{"type":"string","description":"Name of the brand\n"},"removePoweredByOkta":{"type":"boolean","description":"Removes \"Powered by Okta\" from the Okta-hosted sign-in page and \"© 2021 Okta, Inc.\" from the Okta End-User Dashboard\n"}},"required":["agreeToCustomPrivacyPolicy","brandId","customPrivacyPolicyUrl","emailDomainId","isDefault","links","name","removePoweredByOkta"],"inputProperties":{"agreeToCustomPrivacyPolicy":{"type":"boolean","description":"Is a required input flag with when changing custom*privacy*url, shouldn't be considered as a readable property\n"},"brandId":{"type":"string","description":"Brand ID - Note: Okta API for brands only reads and updates therefore the okta*brand resource needs to act as a quasi data source. Do this by setting brand*id. `DEPRECATED`: Okta has fully support brand creation, this attribute is a no op and will be removed\n","deprecationMessage":"Okta has fully support brand creation, this attribute is a no op and will be removed"},"customPrivacyPolicyUrl":{"type":"string","description":"Custom privacy policy URL\n"},"defaultAppAppInstanceId":{"type":"string","description":"Default app app instance id\n"},"defaultAppAppLinkName":{"type":"string","description":"Default app app link name\n"},"defaultAppClassicApplicationUri":{"type":"string","description":"Default app classic application uri\n"},"locale":{"type":"string","description":"The language specified as an IETF BCP 47 language tag\n"},"name":{"type":"string","description":"Name of the brand\n"},"removePoweredByOkta":{"type":"boolean","description":"Removes \"Powered by Okta\" from the Okta-hosted sign-in page and \"© 2021 Okta, Inc.\" from the Okta End-User Dashboard\n"}},"stateInputs":{"description":"Input properties used for looking up and filtering Brand resources.\n","properties":{"agreeToCustomPrivacyPolicy":{"type":"boolean","description":"Is a required input flag with when changing custom*privacy*url, shouldn't be considered as a readable property\n"},"brandId":{"type":"string","description":"Brand ID - Note: Okta API for brands only reads and updates therefore the okta*brand resource needs to act as a quasi data source. Do this by setting brand*id. `DEPRECATED`: Okta has fully support brand creation, this attribute is a no op and will be removed\n","deprecationMessage":"Okta has fully support brand creation, this attribute is a no op and will be removed"},"customPrivacyPolicyUrl":{"type":"string","description":"Custom privacy policy URL\n"},"defaultAppAppInstanceId":{"type":"string","description":"Default app app instance id\n"},"defaultAppAppLinkName":{"type":"string","description":"Default app app link name\n"},"defaultAppClassicApplicationUri":{"type":"string","description":"Default app classic application uri\n"},"emailDomainId":{"type":"string","description":"Email Domain ID tied to this brand\n"},"isDefault":{"type":"boolean","description":"Is this the default brand\n"},"links":{"type":"string","description":"Link relations for this object - JSON HAL - Discoverable resources related to the brand\n"},"locale":{"type":"string","description":"The language specified as an IETF BCP 47 language tag\n"},"name":{"type":"string","description":"Name of the brand\n"},"removePoweredByOkta":{"type":"boolean","description":"Removes \"Powered by Okta\" from the Okta-hosted sign-in page and \"© 2021 Okta, Inc.\" from the Okta End-User Dashboard\n"}},"type":"object"}},"okta:index/campaign:Campaign":{"description":"Manages Campaign. This resource allows you to create and configure an Okta [Campaign](https://developer.okta.com/docs/api/iga/openapi/governance.api/tag/Campaigns/).\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst example = new okta.Campaign(\"example\", {name: \"example\"});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\nexample = okta.Campaign(\"example\", name=\"example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var example = new Okta.Campaign(\"example\", new()\n    {\n        Name = \"example\",\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := okta.NewCampaign(ctx, \"example\", \u0026okta.CampaignArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.Campaign;\nimport com.pulumi.okta.CampaignArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        var example = new Campaign(\"example\", CampaignArgs.builder()\n            .name(\"example\")\n            .build());\n\n    }\n}\n```\n```yaml\nresources:\n  example:\n    type: okta:Campaign\n    properties:\n      name: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\n```sh\n$ pulumi import okta:index/campaign:Campaign example \u003ccampaign_id\u003e\n```\n\n","properties":{"campaignTier":{"type":"string","description":"Indicates the minimum required SKU to manage the campaign. Enum: \"BASIC\", \"PREMIUM\".\n"},"campaignType":{"type":"string","description":"Identifies if it is a resource campaign or a user campaign. By default, it is \"RESOURCE\". Enum: \"RESOURCE\", \"USER\".\n"},"description":{"type":"string","description":"Human readable description.\n"},"name":{"type":"string","description":"Name of the campaign\n"},"notificationSettings":{"$ref":"#/types/okta:index/CampaignNotificationSettings:CampaignNotificationSettings"},"principalScopeSettings":{"$ref":"#/types/okta:index/CampaignPrincipalScopeSettings:CampaignPrincipalScopeSettings","description":"User scope specific settings\n"},"remediationSettings":{"$ref":"#/types/okta:index/CampaignRemediationSettings:CampaignRemediationSettings","description":"Specify the action to be taken after a reviewer makes a decision to APPROVE or REVOKE the access, or if the campaign was CLOSED and there was no response from the reviewer."},"resourceSettings":{"$ref":"#/types/okta:index/CampaignResourceSettings:CampaignResourceSettings","description":"Resource specific properties."},"reviewerSettings":{"$ref":"#/types/okta:index/CampaignReviewerSettings:CampaignReviewerSettings","description":"Identifies the kind of reviewer for Access Certification."},"scheduleSettings":{"$ref":"#/types/okta:index/CampaignScheduleSettings:CampaignScheduleSettings","description":"Scheduler specific settings."},"skipRemediation":{"type":"boolean","description":"If true, skip remediation when ending the campaign (only applicable if remediationSetting.noResponse=DENY)."}},"required":["campaignType","name"],"inputProperties":{"campaignTier":{"type":"string","description":"Indicates the minimum required SKU to manage the campaign. Enum: \"BASIC\", \"PREMIUM\".\n"},"campaignType":{"type":"string","description":"Identifies if it is a resource campaign or a user campaign. By default, it is \"RESOURCE\". Enum: \"RESOURCE\", \"USER\".\n"},"description":{"type":"string","description":"Human readable description.\n"},"name":{"type":"string","description":"Name of the campaign\n"},"notificationSettings":{"$ref":"#/types/okta:index/CampaignNotificationSettings:CampaignNotificationSettings"},"principalScopeSettings":{"$ref":"#/types/okta:index/CampaignPrincipalScopeSettings:CampaignPrincipalScopeSettings","description":"User scope specific settings\n"},"remediationSettings":{"$ref":"#/types/okta:index/CampaignRemediationSettings:CampaignRemediationSettings","description":"Specify the action to be taken after a reviewer makes a decision to APPROVE or REVOKE the access, or if the campaign was CLOSED and there was no response from the reviewer."},"resourceSettings":{"$ref":"#/types/okta:index/CampaignResourceSettings:CampaignResourceSettings","description":"Resource specific properties."},"reviewerSettings":{"$ref":"#/types/okta:index/CampaignReviewerSettings:CampaignReviewerSettings","description":"Identifies the kind of reviewer for Access Certification."},"scheduleSettings":{"$ref":"#/types/okta:index/CampaignScheduleSettings:CampaignScheduleSettings","description":"Scheduler specific settings."},"skipRemediation":{"type":"boolean","description":"If true, skip remediation when ending the campaign (only applicable if remediationSetting.noResponse=DENY)."}},"stateInputs":{"description":"Input properties used for looking up and filtering Campaign resources.\n","properties":{"campaignTier":{"type":"string","description":"Indicates the minimum required SKU to manage the campaign. Enum: \"BASIC\", \"PREMIUM\".\n"},"campaignType":{"type":"string","description":"Identifies if it is a resource campaign or a user campaign. By default, it is \"RESOURCE\". Enum: \"RESOURCE\", \"USER\".\n"},"description":{"type":"string","description":"Human readable description.\n"},"name":{"type":"string","description":"Name of the campaign\n"},"notificationSettings":{"$ref":"#/types/okta:index/CampaignNotificationSettings:CampaignNotificationSettings"},"principalScopeSettings":{"$ref":"#/types/okta:index/CampaignPrincipalScopeSettings:CampaignPrincipalScopeSettings","description":"User scope specific settings\n"},"remediationSettings":{"$ref":"#/types/okta:index/CampaignRemediationSettings:CampaignRemediationSettings","description":"Specify the action to be taken after a reviewer makes a decision to APPROVE or REVOKE the access, or if the campaign was CLOSED and there was no response from the reviewer."},"resourceSettings":{"$ref":"#/types/okta:index/CampaignResourceSettings:CampaignResourceSettings","description":"Resource specific properties."},"reviewerSettings":{"$ref":"#/types/okta:index/CampaignReviewerSettings:CampaignReviewerSettings","description":"Identifies the kind of reviewer for Access Certification."},"scheduleSettings":{"$ref":"#/types/okta:index/CampaignScheduleSettings:CampaignScheduleSettings","description":"Scheduler specific settings."},"skipRemediation":{"type":"boolean","description":"If true, skip remediation when ending the campaign (only applicable if remediationSetting.noResponse=DENY)."}},"type":"object"}},"okta:index/captcha:Captcha":{"description":"Creates different types of captcha.\n\t\t\u003e **WARNING:** This feature is only available as a part of the Identity Engine. Contact support for further information.\n\t\tThis resource allows you to create and configure a CAPTCHA.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst example = new okta.Captcha(\"example\", {\n    name: \"My CAPTCHA\",\n    type: \"HCAPTCHA\",\n    siteKey: \"some_key\",\n    secretKey: \"some_secret_key\",\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\nexample = okta.Captcha(\"example\",\n    name=\"My CAPTCHA\",\n    type=\"HCAPTCHA\",\n    site_key=\"some_key\",\n    secret_key=\"some_secret_key\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var example = new Okta.Captcha(\"example\", new()\n    {\n        Name = \"My CAPTCHA\",\n        Type = \"HCAPTCHA\",\n        SiteKey = \"some_key\",\n        SecretKey = \"some_secret_key\",\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := okta.NewCaptcha(ctx, \"example\", \u0026okta.CaptchaArgs{\n\t\t\tName:      pulumi.String(\"My CAPTCHA\"),\n\t\t\tType:      pulumi.String(\"HCAPTCHA\"),\n\t\t\tSiteKey:   pulumi.String(\"some_key\"),\n\t\t\tSecretKey: pulumi.String(\"some_secret_key\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.Captcha;\nimport com.pulumi.okta.CaptchaArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        var example = new Captcha(\"example\", CaptchaArgs.builder()\n            .name(\"My CAPTCHA\")\n            .type(\"HCAPTCHA\")\n            .siteKey(\"some_key\")\n            .secretKey(\"some_secret_key\")\n            .build());\n\n    }\n}\n```\n```yaml\nresources:\n  example:\n    type: okta:Captcha\n    properties:\n      name: My CAPTCHA\n      type: HCAPTCHA\n      siteKey: some_key\n      secretKey: some_secret_key\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\n```sh\n$ pulumi import okta:index/captcha:Captcha example \u003ccaptcha_id\u003e\n```\n\n","properties":{"name":{"type":"string","description":"Name of the CAPTCHA\n"},"secretKey":{"type":"string","description":"Secret key issued from the CAPTCHA vendor to perform server-side validation for a CAPTCHA token\n","secret":true},"siteKey":{"type":"string","description":"Site key issued from the CAPTCHA vendor to render a CAPTCHA on a page\n"},"type":{"type":"string","description":"Type of the captcha. Valid values: `HCAPTCHA`, `RECAPTCHA_V2`\n"}},"required":["name","secretKey","siteKey","type"],"inputProperties":{"name":{"type":"string","description":"Name of the CAPTCHA\n"},"secretKey":{"type":"string","description":"Secret key issued from the CAPTCHA vendor to perform server-side validation for a CAPTCHA token\n","secret":true},"siteKey":{"type":"string","description":"Site key issued from the CAPTCHA vendor to render a CAPTCHA on a page\n"},"type":{"type":"string","description":"Type of the captcha. Valid values: `HCAPTCHA`, `RECAPTCHA_V2`\n","willReplaceOnChanges":true}},"requiredInputs":["secretKey","siteKey","type"],"stateInputs":{"description":"Input properties used for looking up and filtering Captcha resources.\n","properties":{"name":{"type":"string","description":"Name of the CAPTCHA\n"},"secretKey":{"type":"string","description":"Secret key issued from the CAPTCHA vendor to perform server-side validation for a CAPTCHA token\n","secret":true},"siteKey":{"type":"string","description":"Site key issued from the CAPTCHA vendor to render a CAPTCHA on a page\n"},"type":{"type":"string","description":"Type of the captcha. Valid values: `HCAPTCHA`, `RECAPTCHA_V2`\n","willReplaceOnChanges":true}},"type":"object"}},"okta:index/captchaOrgWideSettings:CaptchaOrgWideSettings":{"description":"Manages Org-Wide CAPTCHA settings\n\u003e **WARNING:** This feature is only available as a part of the Identity Engine. Contact support for further information.\nThis resource allows you to configure which parts of the authentication flow requires users to pass the CAPTCHA logic.\nCAPTCHA org-wide settings can be disabled by unsetting 'captcha_id' and 'enabled_for'.\n\n## Import\n\n```sh\n$ pulumi import okta:index/captchaOrgWideSettings:CaptchaOrgWideSettings example _\n```\n\n","properties":{"captchaId":{"type":"string","description":"Array of pages that have CAPTCHA enabled. Valid values: `SSR`, `SSPR` and `SIGN_IN`.\n"},"enabledFors":{"type":"array","items":{"type":"string"},"description":"Set of pages that have CAPTCHA enabled\n"}},"inputProperties":{"captchaId":{"type":"string","description":"Array of pages that have CAPTCHA enabled. Valid values: `SSR`, `SSPR` and `SIGN_IN`.\n"},"enabledFors":{"type":"array","items":{"type":"string"},"description":"Set of pages that have CAPTCHA enabled\n"}},"stateInputs":{"description":"Input properties used for looking up and filtering CaptchaOrgWideSettings resources.\n","properties":{"captchaId":{"type":"string","description":"Array of pages that have CAPTCHA enabled. Valid values: `SSR`, `SSPR` and `SIGN_IN`.\n"},"enabledFors":{"type":"array","items":{"type":"string"},"description":"Set of pages that have CAPTCHA enabled\n"}},"type":"object"}},"okta:index/customizedSigninPage:CustomizedSigninPage":{"description":"Manage the customized signin page of a brand\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst test = new okta.Brand(\"test\", {\n    name: \"testBrand\",\n    locale: \"en\",\n});\nconst testCustomizedSigninPage = new okta.CustomizedSigninPage(\"test\", {\n    brandId: oktaBrand.test.id,\n    pageContent: `\u003c!DOCTYPE html PUBLIC \"-//W3C//DTD HTML 4.01//EN\" \"http://www.w3.org/TR/html4/strict.dtd\"\u003e\n\u003chtml\u003e\n\u003chead\u003e\n    \u003cmeta http-equiv=\"Content-Type\" content=\"text/html; charset=UTF-8\"\u003e\n    \u003cmeta name=\"viewport\" content=\"width=device-width, initial-scale=1.0\" /\u003e\n    \u003cmeta name=\"robots\" content=\"noindex,nofollow\" /\u003e\n    \u003c!-- Styles generated from theme --\u003e\n    \u003clink href=\"{{themedStylesUrl}}\" rel=\"stylesheet\" type=\"text/css\"\u003e\n    \u003c!-- Favicon from theme --\u003e\n    \u003clink rel=\"shortcut icon\" href=\"{{faviconUrl}}\" type=\"image/x-icon\"/\u003e\n\n    \u003ctitle\u003e{{pageTitle}}\u003c/title\u003e\n    {{{SignInWidgetResources}}}\n\n    \u003cstyle nonce=\"{{nonceValue}}\"\u003e\n        #login-bg-image-id {\n            background-image: {{bgImageUrl}}\n        }\n    \u003c/style\u003e\n\u003c/head\u003e\n\u003cbody\u003e\n    \u003cdiv id=\"login-bg-image-id\" class=\"login-bg-image tb--background\"\u003e\u003c/div\u003e\n    \u003cdiv id=\"okta-login-container\"\u003e\u003c/div\u003e\n\n    \u003c!--\n        \"OktaUtil\" defines a global OktaUtil object\n        that contains methods used to complete the Okta login flow.\n     --\u003e\n    {{{OktaUtil}}}\n\n    \u003cscript type=\"text/javascript\" nonce=\"{{nonceValue}}\"\u003e\n        // \"config\" object contains default widget configuration\n        // with any custom overrides defined in your admin settings.\n        var config = OktaUtil.getSignInWidgetConfig();\n\n        // Render the Okta Sign-In Widget\n        var oktaSignIn = new OktaSignIn(config);\n        oktaSignIn.renderEl({ el: '#okta-login-container' },\n            OktaUtil.completeLogin,\n            function(error) {\n                // Logs errors that occur when configuring the widget.\n                // Remove or replace this with your own custom error handler.\n                console.log(error.message, error);\n            }\n        );\n    \u003c/script\u003e\n\u003c/body\u003e\n\u003c/html\u003e\n`,\n    widgetVersion: \"^6\",\n    widgetCustomizations: {\n        widgetGeneration: \"G3\",\n    },\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\ntest = okta.Brand(\"test\",\n    name=\"testBrand\",\n    locale=\"en\")\ntest_customized_signin_page = okta.CustomizedSigninPage(\"test\",\n    brand_id=okta_brand[\"test\"][\"id\"],\n    page_content=\"\"\"\u003c!DOCTYPE html PUBLIC \"-//W3C//DTD HTML 4.01//EN\" \"http://www.w3.org/TR/html4/strict.dtd\"\u003e\n\u003chtml\u003e\n\u003chead\u003e\n    \u003cmeta http-equiv=\"Content-Type\" content=\"text/html; charset=UTF-8\"\u003e\n    \u003cmeta name=\"viewport\" content=\"width=device-width, initial-scale=1.0\" /\u003e\n    \u003cmeta name=\"robots\" content=\"noindex,nofollow\" /\u003e\n    \u003c!-- Styles generated from theme --\u003e\n    \u003clink href=\"{{themedStylesUrl}}\" rel=\"stylesheet\" type=\"text/css\"\u003e\n    \u003c!-- Favicon from theme --\u003e\n    \u003clink rel=\"shortcut icon\" href=\"{{faviconUrl}}\" type=\"image/x-icon\"/\u003e\n\n    \u003ctitle\u003e{{pageTitle}}\u003c/title\u003e\n    {{{SignInWidgetResources}}}\n\n    \u003cstyle nonce=\"{{nonceValue}}\"\u003e\n        #login-bg-image-id {\n            background-image: {{bgImageUrl}}\n        }\n    \u003c/style\u003e\n\u003c/head\u003e\n\u003cbody\u003e\n    \u003cdiv id=\"login-bg-image-id\" class=\"login-bg-image tb--background\"\u003e\u003c/div\u003e\n    \u003cdiv id=\"okta-login-container\"\u003e\u003c/div\u003e\n\n    \u003c!--\n        \"OktaUtil\" defines a global OktaUtil object\n        that contains methods used to complete the Okta login flow.\n     --\u003e\n    {{{OktaUtil}}}\n\n    \u003cscript type=\"text/javascript\" nonce=\"{{nonceValue}}\"\u003e\n        // \"config\" object contains default widget configuration\n        // with any custom overrides defined in your admin settings.\n        var config = OktaUtil.getSignInWidgetConfig();\n\n        // Render the Okta Sign-In Widget\n        var oktaSignIn = new OktaSignIn(config);\n        oktaSignIn.renderEl({ el: '#okta-login-container' },\n            OktaUtil.completeLogin,\n            function(error) {\n                // Logs errors that occur when configuring the widget.\n                // Remove or replace this with your own custom error handler.\n                console.log(error.message, error);\n            }\n        );\n    \u003c/script\u003e\n\u003c/body\u003e\n\u003c/html\u003e\n\"\"\",\n    widget_version=\"^6\",\n    widget_customizations={\n        \"widget_generation\": \"G3\",\n    })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var test = new Okta.Brand(\"test\", new()\n    {\n        Name = \"testBrand\",\n        Locale = \"en\",\n    });\n\n    var testCustomizedSigninPage = new Okta.CustomizedSigninPage(\"test\", new()\n    {\n        BrandId = oktaBrand.Test.Id,\n        PageContent = @\"\u003c!DOCTYPE html PUBLIC \"\"-//W3C//DTD HTML 4.01//EN\"\" \"\"http://www.w3.org/TR/html4/strict.dtd\"\"\u003e\n\u003chtml\u003e\n\u003chead\u003e\n    \u003cmeta http-equiv=\"\"Content-Type\"\" content=\"\"text/html; charset=UTF-8\"\"\u003e\n    \u003cmeta name=\"\"viewport\"\" content=\"\"width=device-width, initial-scale=1.0\"\" /\u003e\n    \u003cmeta name=\"\"robots\"\" content=\"\"noindex,nofollow\"\" /\u003e\n    \u003c!-- Styles generated from theme --\u003e\n    \u003clink href=\"\"{{themedStylesUrl}}\"\" rel=\"\"stylesheet\"\" type=\"\"text/css\"\"\u003e\n    \u003c!-- Favicon from theme --\u003e\n    \u003clink rel=\"\"shortcut icon\"\" href=\"\"{{faviconUrl}}\"\" type=\"\"image/x-icon\"\"/\u003e\n\n    \u003ctitle\u003e{{pageTitle}}\u003c/title\u003e\n    {{{SignInWidgetResources}}}\n\n    \u003cstyle nonce=\"\"{{nonceValue}}\"\"\u003e\n        #login-bg-image-id {\n            background-image: {{bgImageUrl}}\n        }\n    \u003c/style\u003e\n\u003c/head\u003e\n\u003cbody\u003e\n    \u003cdiv id=\"\"login-bg-image-id\"\" class=\"\"login-bg-image tb--background\"\"\u003e\u003c/div\u003e\n    \u003cdiv id=\"\"okta-login-container\"\"\u003e\u003c/div\u003e\n\n    \u003c!--\n        \"\"OktaUtil\"\" defines a global OktaUtil object\n        that contains methods used to complete the Okta login flow.\n     --\u003e\n    {{{OktaUtil}}}\n\n    \u003cscript type=\"\"text/javascript\"\" nonce=\"\"{{nonceValue}}\"\"\u003e\n        // \"\"config\"\" object contains default widget configuration\n        // with any custom overrides defined in your admin settings.\n        var config = OktaUtil.getSignInWidgetConfig();\n\n        // Render the Okta Sign-In Widget\n        var oktaSignIn = new OktaSignIn(config);\n        oktaSignIn.renderEl({ el: '#okta-login-container' },\n            OktaUtil.completeLogin,\n            function(error) {\n                // Logs errors that occur when configuring the widget.\n                // Remove or replace this with your own custom error handler.\n                console.log(error.message, error);\n            }\n        );\n    \u003c/script\u003e\n\u003c/body\u003e\n\u003c/html\u003e\n\",\n        WidgetVersion = \"^6\",\n        WidgetCustomizations = new Okta.Inputs.CustomizedSigninPageWidgetCustomizationsArgs\n        {\n            WidgetGeneration = \"G3\",\n        },\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := okta.NewBrand(ctx, \"test\", \u0026okta.BrandArgs{\n\t\t\tName:   pulumi.String(\"testBrand\"),\n\t\t\tLocale: pulumi.String(\"en\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = okta.NewCustomizedSigninPage(ctx, \"test\", \u0026okta.CustomizedSigninPageArgs{\n\t\t\tBrandId: pulumi.Any(oktaBrand.Test.Id),\n\t\t\tPageContent: pulumi.String(`\u003c!DOCTYPE html PUBLIC \"-//W3C//DTD HTML 4.01//EN\" \"http://www.w3.org/TR/html4/strict.dtd\"\u003e\n\u003chtml\u003e\n\u003chead\u003e\n    \u003cmeta http-equiv=\"Content-Type\" content=\"text/html; charset=UTF-8\"\u003e\n    \u003cmeta name=\"viewport\" content=\"width=device-width, initial-scale=1.0\" /\u003e\n    \u003cmeta name=\"robots\" content=\"noindex,nofollow\" /\u003e\n    \u003c!-- Styles generated from theme --\u003e\n    \u003clink href=\"{{themedStylesUrl}}\" rel=\"stylesheet\" type=\"text/css\"\u003e\n    \u003c!-- Favicon from theme --\u003e\n    \u003clink rel=\"shortcut icon\" href=\"{{faviconUrl}}\" type=\"image/x-icon\"/\u003e\n\n    \u003ctitle\u003e{{pageTitle}}\u003c/title\u003e\n    {{{SignInWidgetResources}}}\n\n    \u003cstyle nonce=\"{{nonceValue}}\"\u003e\n        #login-bg-image-id {\n            background-image: {{bgImageUrl}}\n        }\n    \u003c/style\u003e\n\u003c/head\u003e\n\u003cbody\u003e\n    \u003cdiv id=\"login-bg-image-id\" class=\"login-bg-image tb--background\"\u003e\u003c/div\u003e\n    \u003cdiv id=\"okta-login-container\"\u003e\u003c/div\u003e\n\n    \u003c!--\n        \"OktaUtil\" defines a global OktaUtil object\n        that contains methods used to complete the Okta login flow.\n     --\u003e\n    {{{OktaUtil}}}\n\n    \u003cscript type=\"text/javascript\" nonce=\"{{nonceValue}}\"\u003e\n        // \"config\" object contains default widget configuration\n        // with any custom overrides defined in your admin settings.\n        var config = OktaUtil.getSignInWidgetConfig();\n\n        // Render the Okta Sign-In Widget\n        var oktaSignIn = new OktaSignIn(config);\n        oktaSignIn.renderEl({ el: '#okta-login-container' },\n            OktaUtil.completeLogin,\n            function(error) {\n                // Logs errors that occur when configuring the widget.\n                // Remove or replace this with your own custom error handler.\n                console.log(error.message, error);\n            }\n        );\n    \u003c/script\u003e\n\u003c/body\u003e\n\u003c/html\u003e\n`),\n\t\t\tWidgetVersion: pulumi.String(\"^6\"),\n\t\t\tWidgetCustomizations: \u0026okta.CustomizedSigninPageWidgetCustomizationsArgs{\n\t\t\t\tWidgetGeneration: pulumi.String(\"G3\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.Brand;\nimport com.pulumi.okta.BrandArgs;\nimport com.pulumi.okta.CustomizedSigninPage;\nimport com.pulumi.okta.CustomizedSigninPageArgs;\nimport com.pulumi.okta.inputs.CustomizedSigninPageWidgetCustomizationsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        var test = new Brand(\"test\", BrandArgs.builder()\n            .name(\"testBrand\")\n            .locale(\"en\")\n            .build());\n\n        var testCustomizedSigninPage = new CustomizedSigninPage(\"testCustomizedSigninPage\", CustomizedSigninPageArgs.builder()\n            .brandId(oktaBrand.test().id())\n            .pageContent(\"\"\"\n\u003c!DOCTYPE html PUBLIC \"-//W3C//DTD HTML 4.01//EN\" \"http://www.w3.org/TR/html4/strict.dtd\"\u003e\n\u003chtml\u003e\n\u003chead\u003e\n    \u003cmeta http-equiv=\"Content-Type\" content=\"text/html; charset=UTF-8\"\u003e\n    \u003cmeta name=\"viewport\" content=\"width=device-width, initial-scale=1.0\" /\u003e\n    \u003cmeta name=\"robots\" content=\"noindex,nofollow\" /\u003e\n    \u003c!-- Styles generated from theme --\u003e\n    \u003clink href=\"{{themedStylesUrl}}\" rel=\"stylesheet\" type=\"text/css\"\u003e\n    \u003c!-- Favicon from theme --\u003e\n    \u003clink rel=\"shortcut icon\" href=\"{{faviconUrl}}\" type=\"image/x-icon\"/\u003e\n\n    \u003ctitle\u003e{{pageTitle}}\u003c/title\u003e\n    {{{SignInWidgetResources}}}\n\n    \u003cstyle nonce=\"{{nonceValue}}\"\u003e\n        #login-bg-image-id {\n            background-image: {{bgImageUrl}}\n        }\n    \u003c/style\u003e\n\u003c/head\u003e\n\u003cbody\u003e\n    \u003cdiv id=\"login-bg-image-id\" class=\"login-bg-image tb--background\"\u003e\u003c/div\u003e\n    \u003cdiv id=\"okta-login-container\"\u003e\u003c/div\u003e\n\n    \u003c!--\n        \"OktaUtil\" defines a global OktaUtil object\n        that contains methods used to complete the Okta login flow.\n     --\u003e\n    {{{OktaUtil}}}\n\n    \u003cscript type=\"text/javascript\" nonce=\"{{nonceValue}}\"\u003e\n        // \"config\" object contains default widget configuration\n        // with any custom overrides defined in your admin settings.\n        var config = OktaUtil.getSignInWidgetConfig();\n\n        // Render the Okta Sign-In Widget\n        var oktaSignIn = new OktaSignIn(config);\n        oktaSignIn.renderEl({ el: '#okta-login-container' },\n            OktaUtil.completeLogin,\n            function(error) {\n                // Logs errors that occur when configuring the widget.\n                // Remove or replace this with your own custom error handler.\n                console.log(error.message, error);\n            }\n        );\n    \u003c/script\u003e\n\u003c/body\u003e\n\u003c/html\u003e\n            \"\"\")\n            .widgetVersion(\"^6\")\n            .widgetCustomizations(CustomizedSigninPageWidgetCustomizationsArgs.builder()\n                .widgetGeneration(\"G3\")\n                .build())\n            .build());\n\n    }\n}\n```\n```yaml\nresources:\n  test:\n    type: okta:Brand\n    properties:\n      name: testBrand\n      locale: en\n  testCustomizedSigninPage:\n    type: okta:CustomizedSigninPage\n    name: test\n    properties:\n      brandId: ${oktaBrand.test.id}\n      pageContent: |\n        \u003c!DOCTYPE html PUBLIC \"-//W3C//DTD HTML 4.01//EN\" \"http://www.w3.org/TR/html4/strict.dtd\"\u003e\n        \u003chtml\u003e\n        \u003chead\u003e\n            \u003cmeta http-equiv=\"Content-Type\" content=\"text/html; charset=UTF-8\"\u003e\n            \u003cmeta name=\"viewport\" content=\"width=device-width, initial-scale=1.0\" /\u003e\n            \u003cmeta name=\"robots\" content=\"noindex,nofollow\" /\u003e\n            \u003c!-- Styles generated from theme --\u003e\n            \u003clink href=\"{{themedStylesUrl}}\" rel=\"stylesheet\" type=\"text/css\"\u003e\n            \u003c!-- Favicon from theme --\u003e\n            \u003clink rel=\"shortcut icon\" href=\"{{faviconUrl}}\" type=\"image/x-icon\"/\u003e\n\n            \u003ctitle\u003e{{pageTitle}}\u003c/title\u003e\n            {{{SignInWidgetResources}}}\n\n            \u003cstyle nonce=\"{{nonceValue}}\"\u003e\n                #login-bg-image-id {\n                    background-image: {{bgImageUrl}}\n                }\n            \u003c/style\u003e\n        \u003c/head\u003e\n        \u003cbody\u003e\n            \u003cdiv id=\"login-bg-image-id\" class=\"login-bg-image tb--background\"\u003e\u003c/div\u003e\n            \u003cdiv id=\"okta-login-container\"\u003e\u003c/div\u003e\n\n            \u003c!--\n                \"OktaUtil\" defines a global OktaUtil object\n                that contains methods used to complete the Okta login flow.\n             --\u003e\n            {{{OktaUtil}}}\n\n            \u003cscript type=\"text/javascript\" nonce=\"{{nonceValue}}\"\u003e\n                // \"config\" object contains default widget configuration\n                // with any custom overrides defined in your admin settings.\n                var config = OktaUtil.getSignInWidgetConfig();\n\n                // Render the Okta Sign-In Widget\n                var oktaSignIn = new OktaSignIn(config);\n                oktaSignIn.renderEl({ el: '#okta-login-container' },\n                    OktaUtil.completeLogin,\n                    function(error) {\n                        // Logs errors that occur when configuring the widget.\n                        // Remove or replace this with your own custom error handler.\n                        console.log(error.message, error);\n                    }\n                );\n            \u003c/script\u003e\n        \u003c/body\u003e\n        \u003c/html\u003e\n      widgetVersion: ^6\n      widgetCustomizations:\n        widgetGeneration: G3\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\n```sh\n$ pulumi import okta:index/customizedSigninPage:CustomizedSigninPage example \u003cbrand_id\u003e\n```\n\n","properties":{"brandId":{"type":"string","description":"brand id of the preview signin page\n"},"contentSecurityPolicySetting":{"$ref":"#/types/okta:index/CustomizedSigninPageContentSecurityPolicySetting:CustomizedSigninPageContentSecurityPolicySetting"},"pageContent":{"type":"string","description":"page content of the preview signin page\n"},"widgetCustomizations":{"$ref":"#/types/okta:index/CustomizedSigninPageWidgetCustomizations:CustomizedSigninPageWidgetCustomizations"},"widgetVersion":{"type":"string","description":"widget version specified as a Semver. The following are currently supported\n\t\t*, ^1, ^2, ^3, ^4, ^5, ^6, ^7, 1.6, 1.7, 1.8, 1.9, 1.10, 1.11, 1.12, 1.13, 2.1, 2.2, 2.3, 2.4,\n\t\t2.5, 2.6, 2.7, 2.8, 2.9, 2.10, 2.11, 2.12, 2.13, 2.14, 2.15, 2.16, 2.17, 2.18, 2.19, 2.20, 2.21,\n\t\t3.0, 3.1, 3.2, 3.3, 3.4, 3.5, 3.6, 3.7, 3.8, 3.9, 4.0, 4.1, 4.2, 4.3, 4.4, 4.5, 5.0, 5.1, 5.2, 5.3,\n\t\t5.4, 5.5, 5.6, 5.7, 5.8, 5.9, 5.10, 5.11, 5.12, 5.13, 5.14, 5.15, 5.16, 6.0, 6.1, 6.2, 6.3, 6.4, 6.5,\n\t\t6.6, 6.7, 6.8, 6.9, 7.0, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.7, 7.8, 7.9, 7.10, 7.11, 7.12, 7.13.\n"}},"required":["brandId"],"inputProperties":{"brandId":{"type":"string","description":"brand id of the preview signin page\n"},"contentSecurityPolicySetting":{"$ref":"#/types/okta:index/CustomizedSigninPageContentSecurityPolicySetting:CustomizedSigninPageContentSecurityPolicySetting"},"pageContent":{"type":"string","description":"page content of the preview signin page\n"},"widgetCustomizations":{"$ref":"#/types/okta:index/CustomizedSigninPageWidgetCustomizations:CustomizedSigninPageWidgetCustomizations"},"widgetVersion":{"type":"string","description":"widget version specified as a Semver. The following are currently supported\n\t\t*, ^1, ^2, ^3, ^4, ^5, ^6, ^7, 1.6, 1.7, 1.8, 1.9, 1.10, 1.11, 1.12, 1.13, 2.1, 2.2, 2.3, 2.4,\n\t\t2.5, 2.6, 2.7, 2.8, 2.9, 2.10, 2.11, 2.12, 2.13, 2.14, 2.15, 2.16, 2.17, 2.18, 2.19, 2.20, 2.21,\n\t\t3.0, 3.1, 3.2, 3.3, 3.4, 3.5, 3.6, 3.7, 3.8, 3.9, 4.0, 4.1, 4.2, 4.3, 4.4, 4.5, 5.0, 5.1, 5.2, 5.3,\n\t\t5.4, 5.5, 5.6, 5.7, 5.8, 5.9, 5.10, 5.11, 5.12, 5.13, 5.14, 5.15, 5.16, 6.0, 6.1, 6.2, 6.3, 6.4, 6.5,\n\t\t6.6, 6.7, 6.8, 6.9, 7.0, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.7, 7.8, 7.9, 7.10, 7.11, 7.12, 7.13.\n"}},"requiredInputs":["brandId"],"stateInputs":{"description":"Input properties used for looking up and filtering CustomizedSigninPage resources.\n","properties":{"brandId":{"type":"string","description":"brand id of the preview signin page\n"},"contentSecurityPolicySetting":{"$ref":"#/types/okta:index/CustomizedSigninPageContentSecurityPolicySetting:CustomizedSigninPageContentSecurityPolicySetting"},"pageContent":{"type":"string","description":"page content of the preview signin page\n"},"widgetCustomizations":{"$ref":"#/types/okta:index/CustomizedSigninPageWidgetCustomizations:CustomizedSigninPageWidgetCustomizations"},"widgetVersion":{"type":"string","description":"widget version specified as a Semver. The following are currently supported\n\t\t*, ^1, ^2, ^3, ^4, ^5, ^6, ^7, 1.6, 1.7, 1.8, 1.9, 1.10, 1.11, 1.12, 1.13, 2.1, 2.2, 2.3, 2.4,\n\t\t2.5, 2.6, 2.7, 2.8, 2.9, 2.10, 2.11, 2.12, 2.13, 2.14, 2.15, 2.16, 2.17, 2.18, 2.19, 2.20, 2.21,\n\t\t3.0, 3.1, 3.2, 3.3, 3.4, 3.5, 3.6, 3.7, 3.8, 3.9, 4.0, 4.1, 4.2, 4.3, 4.4, 4.5, 5.0, 5.1, 5.2, 5.3,\n\t\t5.4, 5.5, 5.6, 5.7, 5.8, 5.9, 5.10, 5.11, 5.12, 5.13, 5.14, 5.15, 5.16, 6.0, 6.1, 6.2, 6.3, 6.4, 6.5,\n\t\t6.6, 6.7, 6.8, 6.9, 7.0, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.7, 7.8, 7.9, 7.10, 7.11, 7.12, 7.13.\n"}},"type":"object"}},"okta:index/device:Device":{"description":"## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst example = new okta.Device(\"example\", {action: \"SUSPEND\"});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\nexample = okta.Device(\"example\", action=\"SUSPEND\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var example = new Okta.Device(\"example\", new()\n    {\n        Action = \"SUSPEND\",\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := okta.NewDevice(ctx, \"example\", \u0026okta.DeviceArgs{\n\t\t\tAction: pulumi.String(\"SUSPEND\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.Device;\nimport com.pulumi.okta.DeviceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        var example = new Device(\"example\", DeviceArgs.builder()\n            .action(\"SUSPEND\")\n            .build());\n\n    }\n}\n```\n```yaml\nresources:\n  example:\n    type: okta:Device\n    properties:\n      action: SUSPEND\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\n```sh\n$ pulumi import okta:index/device:Device example \u003cdevice_id\u003e\n```\n\n","properties":{"action":{"type":"string","description":"The action of the device.\n"},"resourceType":{"type":"string","description":"The resource type of the device.\n"},"status":{"type":"string","description":"The status of the device.\n"}},"required":["resourceType","status"],"inputProperties":{"action":{"type":"string","description":"The action of the device.\n"}},"stateInputs":{"description":"Input properties used for looking up and filtering Device resources.\n","properties":{"action":{"type":"string","description":"The action of the device.\n"},"resourceType":{"type":"string","description":"The resource type of the device.\n"},"status":{"type":"string","description":"The status of the device.\n"}},"type":"object"}},"okta:index/domain:Domain":{"description":"Manages custom domain for your organization.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst example = new okta.Domain(\"example\", {name: \"www.example.com\"});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\nexample = okta.Domain(\"example\", name=\"www.example.com\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var example = new Okta.Domain(\"example\", new()\n    {\n        Name = \"www.example.com\",\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := okta.NewDomain(ctx, \"example\", \u0026okta.DomainArgs{\n\t\t\tName: pulumi.String(\"www.example.com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.Domain;\nimport com.pulumi.okta.DomainArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        var example = new Domain(\"example\", DomainArgs.builder()\n            .name(\"www.example.com\")\n            .build());\n\n    }\n}\n```\n```yaml\nresources:\n  example:\n    type: okta:Domain\n    properties:\n      name: www.example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\n```sh\n$ pulumi import okta:index/domain:Domain example \u003cdomain_id\u003e\n```\n\n","properties":{"brandId":{"type":"string","description":"Brand id of the domain\n"},"certificateSourceType":{"type":"string","description":"Certificate source type that indicates whether the certificate is provided by the user or Okta. Accepted values: `MANUAL`, `OKTA_MANAGED`. Warning: Use of OKTA_MANAGED requires a feature flag to be enabled. Default value = MANUAL\n"},"dnsRecords":{"type":"array","items":{"$ref":"#/types/okta:index/DomainDnsRecord:DomainDnsRecord"},"description":"TXT and CNAME records to be registered for the Domain\n"},"name":{"type":"string","description":"Custom Domain name\n"},"validationStatus":{"type":"string","description":"Status of the domain\n"}},"required":["brandId","dnsRecords","name","validationStatus"],"inputProperties":{"brandId":{"type":"string","description":"Brand id of the domain\n"},"certificateSourceType":{"type":"string","description":"Certificate source type that indicates whether the certificate is provided by the user or Okta. Accepted values: `MANUAL`, `OKTA_MANAGED`. Warning: Use of OKTA_MANAGED requires a feature flag to be enabled. Default value = MANUAL\n"},"name":{"type":"string","description":"Custom Domain name\n","willReplaceOnChanges":true}},"stateInputs":{"description":"Input properties used for looking up and filtering Domain resources.\n","properties":{"brandId":{"type":"string","description":"Brand id of the domain\n"},"certificateSourceType":{"type":"string","description":"Certificate source type that indicates whether the certificate is provided by the user or Okta. Accepted values: `MANUAL`, `OKTA_MANAGED`. Warning: Use of OKTA_MANAGED requires a feature flag to be enabled. Default value = MANUAL\n"},"dnsRecords":{"type":"array","items":{"$ref":"#/types/okta:index/DomainDnsRecord:DomainDnsRecord"},"description":"TXT and CNAME records to be registered for the Domain\n"},"name":{"type":"string","description":"Custom Domain name\n","willReplaceOnChanges":true},"validationStatus":{"type":"string","description":"Status of the domain\n"}},"type":"object"}},"okta:index/domainCertificate:DomainCertificate":{"description":"Manages certificate for the domain.\nThis resource's 'certificate', 'private_key', and 'certificate_chain' attributes\nhold actual PEM values and can be referred to by other configs requiring\ncertificate and private key inputs. This is inline with TF's best\npractices\nof not encrypting state.\nSee Let's Encrypt Certbot notes at the end of this\ndocumentation for notes on how to generate a domain certificate with Let's Encrypt Certbot\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst example = new okta.Domain(\"example\", {name: \"www.example.com\"});\nconst test = new okta.DomainCertificate(\"test\", {\n    domainId: testOktaDomain.id,\n    type: \"PEM\",\n    certificate: `-----BEGIN CERTIFICATE-----\nMIIFNzCCBB+gAwIBAgISBAXomJWRama3ypu8TIxdA9wzMA0GCSqGSIb3DQEBCwUA\n...\nNSgRtSXq11j8O4JONi8EXe7cEtvzUiLR5PL3itsK2svtrZ9jIwQ95wOPaA==\n-----END CERTIFICATE-----\n`,\n    certificateChain: `-----BEGIN CERTIFICATE-----\nMIIFFjCCAv6gAwIBAgIRAJErCErPDBinU/bWLiWnX1owDQYJKoZIhvcNAQELBQAw\n...\nDfvp7OOGAN6dEOM4+qR9sdjoSYKEBpsr6GtPAQw4dy753ec5\n-----END CERTIFICATE-----\n`,\n    privateKey: `-----BEGIN PRIVATE KEY-----\nMIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQC5cyk6x63iBJSW\n...\nnUFLNE8pXSnsqb0eOL74f3uQ\n-----END PRIVATE KEY-----\n`,\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\nexample = okta.Domain(\"example\", name=\"www.example.com\")\ntest = okta.DomainCertificate(\"test\",\n    domain_id=test_okta_domain[\"id\"],\n    type=\"PEM\",\n    certificate=\"\"\"-----BEGIN CERTIFICATE-----\nMIIFNzCCBB+gAwIBAgISBAXomJWRama3ypu8TIxdA9wzMA0GCSqGSIb3DQEBCwUA\n...\nNSgRtSXq11j8O4JONi8EXe7cEtvzUiLR5PL3itsK2svtrZ9jIwQ95wOPaA==\n-----END CERTIFICATE-----\n\"\"\",\n    certificate_chain=\"\"\"-----BEGIN CERTIFICATE-----\nMIIFFjCCAv6gAwIBAgIRAJErCErPDBinU/bWLiWnX1owDQYJKoZIhvcNAQELBQAw\n...\nDfvp7OOGAN6dEOM4+qR9sdjoSYKEBpsr6GtPAQw4dy753ec5\n-----END CERTIFICATE-----\n\"\"\",\n    private_key=\"\"\"-----BEGIN PRIVATE KEY-----\nMIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQC5cyk6x63iBJSW\n...\nnUFLNE8pXSnsqb0eOL74f3uQ\n-----END PRIVATE KEY-----\n\"\"\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var example = new Okta.Domain(\"example\", new()\n    {\n        Name = \"www.example.com\",\n    });\n\n    var test = new Okta.DomainCertificate(\"test\", new()\n    {\n        DomainId = testOktaDomain.Id,\n        Type = \"PEM\",\n        Certificate = @\"-----BEGIN CERTIFICATE-----\nMIIFNzCCBB+gAwIBAgISBAXomJWRama3ypu8TIxdA9wzMA0GCSqGSIb3DQEBCwUA\n...\nNSgRtSXq11j8O4JONi8EXe7cEtvzUiLR5PL3itsK2svtrZ9jIwQ95wOPaA==\n-----END CERTIFICATE-----\n\",\n        CertificateChain = @\"-----BEGIN CERTIFICATE-----\nMIIFFjCCAv6gAwIBAgIRAJErCErPDBinU/bWLiWnX1owDQYJKoZIhvcNAQELBQAw\n...\nDfvp7OOGAN6dEOM4+qR9sdjoSYKEBpsr6GtPAQw4dy753ec5\n-----END CERTIFICATE-----\n\",\n        PrivateKey = @\"-----BEGIN PRIVATE KEY-----\nMIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQC5cyk6x63iBJSW\n...\nnUFLNE8pXSnsqb0eOL74f3uQ\n-----END PRIVATE KEY-----\n\",\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := okta.NewDomain(ctx, \"example\", \u0026okta.DomainArgs{\n\t\t\tName: pulumi.String(\"www.example.com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = okta.NewDomainCertificate(ctx, \"test\", \u0026okta.DomainCertificateArgs{\n\t\t\tDomainId: pulumi.Any(testOktaDomain.Id),\n\t\t\tType:     pulumi.String(\"PEM\"),\n\t\t\tCertificate: pulumi.String(`-----BEGIN CERTIFICATE-----\nMIIFNzCCBB+gAwIBAgISBAXomJWRama3ypu8TIxdA9wzMA0GCSqGSIb3DQEBCwUA\n...\nNSgRtSXq11j8O4JONi8EXe7cEtvzUiLR5PL3itsK2svtrZ9jIwQ95wOPaA==\n-----END CERTIFICATE-----\n`),\n\t\t\tCertificateChain: pulumi.String(`-----BEGIN CERTIFICATE-----\nMIIFFjCCAv6gAwIBAgIRAJErCErPDBinU/bWLiWnX1owDQYJKoZIhvcNAQELBQAw\n...\nDfvp7OOGAN6dEOM4+qR9sdjoSYKEBpsr6GtPAQw4dy753ec5\n-----END CERTIFICATE-----\n`),\n\t\t\tPrivateKey: pulumi.String(`-----BEGIN PRIVATE KEY-----\nMIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQC5cyk6x63iBJSW\n...\nnUFLNE8pXSnsqb0eOL74f3uQ\n-----END PRIVATE KEY-----\n`),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.Domain;\nimport com.pulumi.okta.DomainArgs;\nimport com.pulumi.okta.DomainCertificate;\nimport com.pulumi.okta.DomainCertificateArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        var example = new Domain(\"example\", DomainArgs.builder()\n            .name(\"www.example.com\")\n            .build());\n\n        var test = new DomainCertificate(\"test\", DomainCertificateArgs.builder()\n            .domainId(testOktaDomain.id())\n            .type(\"PEM\")\n            .certificate(\"\"\"\n-----BEGIN CERTIFICATE-----\nMIIFNzCCBB+gAwIBAgISBAXomJWRama3ypu8TIxdA9wzMA0GCSqGSIb3DQEBCwUA\n...\nNSgRtSXq11j8O4JONi8EXe7cEtvzUiLR5PL3itsK2svtrZ9jIwQ95wOPaA==\n-----END CERTIFICATE-----\n            \"\"\")\n            .certificateChain(\"\"\"\n-----BEGIN CERTIFICATE-----\nMIIFFjCCAv6gAwIBAgIRAJErCErPDBinU/bWLiWnX1owDQYJKoZIhvcNAQELBQAw\n...\nDfvp7OOGAN6dEOM4+qR9sdjoSYKEBpsr6GtPAQw4dy753ec5\n-----END CERTIFICATE-----\n            \"\"\")\n            .privateKey(\"\"\"\n-----BEGIN PRIVATE KEY-----\nMIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQC5cyk6x63iBJSW\n...\nnUFLNE8pXSnsqb0eOL74f3uQ\n-----END PRIVATE KEY-----\n            \"\"\")\n            .build());\n\n    }\n}\n```\n```yaml\nresources:\n  example:\n    type: okta:Domain\n    properties:\n      name: www.example.com\n  test:\n    type: okta:DomainCertificate\n    properties:\n      domainId: ${testOktaDomain.id}\n      type: PEM\n      certificate: |\n        -----BEGIN CERTIFICATE-----\n        MIIFNzCCBB+gAwIBAgISBAXomJWRama3ypu8TIxdA9wzMA0GCSqGSIb3DQEBCwUA\n        ...\n        NSgRtSXq11j8O4JONi8EXe7cEtvzUiLR5PL3itsK2svtrZ9jIwQ95wOPaA==\n        -----END CERTIFICATE-----\n      certificateChain: |\n        -----BEGIN CERTIFICATE-----\n        MIIFFjCCAv6gAwIBAgIRAJErCErPDBinU/bWLiWnX1owDQYJKoZIhvcNAQELBQAw\n        ...\n        Dfvp7OOGAN6dEOM4+qR9sdjoSYKEBpsr6GtPAQw4dy753ec5\n        -----END CERTIFICATE-----\n      privateKey: |\n        -----BEGIN PRIVATE KEY-----\n        MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQC5cyk6x63iBJSW\n        ...\n        nUFLNE8pXSnsqb0eOL74f3uQ\n        -----END PRIVATE KEY-----\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n\n## Let's Encrypt Certbot\n\nThis example demonstrates generatoring a domain certificate with letsencrypt\ncertbot https://letsencrypt.org/getting-started/\n\n```\n$ certbot certonly --manual --preferred-challenges dns --key-type rsa -d [DOMAIN]\n```\n\nUse letsencrypt's certbot to generate domain certificates in RSA output mode.\nThe generator's output corresponds to \u003cspan pulumi-lang-nodejs=\"`okta.DomainCertificate`\" pulumi-lang-dotnet=\"`okta.DomainCertificate`\" pulumi-lang-go=\"`DomainCertificate`\" pulumi-lang-python=\"`DomainCertificate`\" pulumi-lang-yaml=\"`okta.DomainCertificate`\" pulumi-lang-java=\"`okta.DomainCertificate`\"\u003e`okta.DomainCertificate`\u003c/span\u003e fields in the\nfollowing manner.\n\nOkta Field          | Certbot file\n--------------------|--------------\n\u003cspan pulumi-lang-nodejs=\"`certificate`\" pulumi-lang-dotnet=\"`Certificate`\" pulumi-lang-go=\"`certificate`\" pulumi-lang-python=\"`certificate`\" pulumi-lang-yaml=\"`certificate`\" pulumi-lang-java=\"`certificate`\"\u003e`certificate`\u003c/span\u003e       | `cert.pem`\n\u003cspan pulumi-lang-nodejs=\"`certificateChain`\" pulumi-lang-dotnet=\"`CertificateChain`\" pulumi-lang-go=\"`certificateChain`\" pulumi-lang-python=\"`certificate_chain`\" pulumi-lang-yaml=\"`certificateChain`\" pulumi-lang-java=\"`certificateChain`\"\u003e`certificate_chain`\u003c/span\u003e | `chain.pem`\n\u003cspan pulumi-lang-nodejs=\"`privateKey`\" pulumi-lang-dotnet=\"`PrivateKey`\" pulumi-lang-go=\"`privateKey`\" pulumi-lang-python=\"`private_key`\" pulumi-lang-yaml=\"`privateKey`\" pulumi-lang-java=\"`privateKey`\"\u003e`private_key`\u003c/span\u003e       | `privkey.pem`\n","properties":{"certificate":{"type":"string","description":"Certificate content\n"},"certificateChain":{"type":"string","description":"Certificate chain\n"},"domainId":{"type":"string","description":"Domain's ID\n"},"privateKey":{"type":"string","description":"Certificate private key\n"},"type":{"type":"string","description":"Certificate type. Valid value is `PEM`\n"}},"required":["certificate","certificateChain","domainId","privateKey","type"],"inputProperties":{"certificate":{"type":"string","description":"Certificate content\n"},"certificateChain":{"type":"string","description":"Certificate chain\n"},"domainId":{"type":"string","description":"Domain's ID\n","willReplaceOnChanges":true},"privateKey":{"type":"string","description":"Certificate private key\n"},"type":{"type":"string","description":"Certificate type. Valid value is `PEM`\n"}},"requiredInputs":["certificate","certificateChain","domainId","privateKey"],"stateInputs":{"description":"Input properties used for looking up and filtering DomainCertificate resources.\n","properties":{"certificate":{"type":"string","description":"Certificate content\n"},"certificateChain":{"type":"string","description":"Certificate chain\n"},"domainId":{"type":"string","description":"Domain's ID\n","willReplaceOnChanges":true},"privateKey":{"type":"string","description":"Certificate private key\n"},"type":{"type":"string","description":"Certificate type. Valid value is `PEM`\n"}},"type":"object"}},"okta:index/domainVerification:DomainVerification":{"description":"Verifies the Domain. This is replacement for the \u003cspan pulumi-lang-nodejs=\"`verify`\" pulumi-lang-dotnet=\"`Verify`\" pulumi-lang-go=\"`verify`\" pulumi-lang-python=\"`verify`\" pulumi-lang-yaml=\"`verify`\" pulumi-lang-java=\"`verify`\"\u003e`verify`\u003c/span\u003e field from the \u003cspan pulumi-lang-nodejs=\"`okta.Domain`\" pulumi-lang-dotnet=\"`okta.Domain`\" pulumi-lang-go=\"`Domain`\" pulumi-lang-python=\"`Domain`\" pulumi-lang-yaml=\"`okta.Domain`\" pulumi-lang-java=\"`okta.Domain`\"\u003e`okta.Domain`\u003c/span\u003e resource. The resource won't be created if the domain could not be verified. The provider will make several requests to verify the domain until the API returns `VERIFIED` verification status.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst example = new okta.Domain(\"example\", {name: \"www.example.com\"});\nconst exampleDomainVerification = new okta.DomainVerification(\"example\", {domainId: test.id});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\nexample = okta.Domain(\"example\", name=\"www.example.com\")\nexample_domain_verification = okta.DomainVerification(\"example\", domain_id=test[\"id\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var example = new Okta.Domain(\"example\", new()\n    {\n        Name = \"www.example.com\",\n    });\n\n    var exampleDomainVerification = new Okta.DomainVerification(\"example\", new()\n    {\n        DomainId = test.Id,\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := okta.NewDomain(ctx, \"example\", \u0026okta.DomainArgs{\n\t\t\tName: pulumi.String(\"www.example.com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = okta.NewDomainVerification(ctx, \"example\", \u0026okta.DomainVerificationArgs{\n\t\t\tDomainId: pulumi.Any(test.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.Domain;\nimport com.pulumi.okta.DomainArgs;\nimport com.pulumi.okta.DomainVerification;\nimport com.pulumi.okta.DomainVerificationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        var example = new Domain(\"example\", DomainArgs.builder()\n            .name(\"www.example.com\")\n            .build());\n\n        var exampleDomainVerification = new DomainVerification(\"exampleDomainVerification\", DomainVerificationArgs.builder()\n            .domainId(test.id())\n            .build());\n\n    }\n}\n```\n```yaml\nresources:\n  example:\n    type: okta:Domain\n    properties:\n      name: www.example.com\n  exampleDomainVerification:\n    type: okta:DomainVerification\n    name: example\n    properties:\n      domainId: ${test.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n","properties":{"domainId":{"type":"string","description":"Domain's ID\n"}},"required":["domainId"],"inputProperties":{"domainId":{"type":"string","description":"Domain's ID\n","willReplaceOnChanges":true}},"requiredInputs":["domainId"],"stateInputs":{"description":"Input properties used for looking up and filtering DomainVerification resources.\n","properties":{"domainId":{"type":"string","description":"Domain's ID\n","willReplaceOnChanges":true}},"type":"object"}},"okta:index/emailCustomization:EmailCustomization":{"description":"Create an email customization of an email template belonging to a brand in an Okta organization.\n\t\tUse this resource to create an [email\n\t\tcustomization](https://developer.okta.com/docs/reference/api/brands/#create-email-customization)\n\t\tof an email template belonging to a brand in an Okta organization.\n\t\t\u003e Okta's public API is strict regarding the behavior of the 'is_default'\n\t\tproperty in [an email\n\t\tcustomization](https://developer.okta.com/docs/reference/api/brands/#email-customization).\n\t\tMake use of 'depends_on' meta argument to ensure the provider navigates email customization\n\t\tlanguage versions seamlessly. Have all secondary customizations depend on the primary\n\t\tcustomization that is marked default. See Example Usage.\n\t\t\u003e Caveats for [creating an email\n\t\tcustomization](https://developer.okta.com/docs/reference/api/brands/#response-body-19).\n\t\tIf this is the first customization being created for the email template, and\n\t\t'is_default' is not set for the customization in its resource configuration, the\n\t\tAPI will respond with the created customization marked as default. The API will\n\t\t400 if the language parameter is not one of the supported languages or the body\n\t\tparameter does not contain a required variable reference. The API will error 409\n\t\tif 'is_default' is true and a default customization exists. The API will 404 for\n\t\tan invalid 'brand_id' or 'template_name'.\n\t\t\u003e Caveats for [updating an email\n\t\tcustomization](https://developer.okta.com/docs/reference/api/brands/#response-body-22).\n\t\tIf the 'is_default' parameter is true, the previous default email customization\n\t\thas its 'is_default' set to false (see previous note about mitigating this with\n\t\t'depends_on' meta argument). The API will 409 if there’s already another email\n\t\tcustomization for the specified language or the 'is_default' parameter is false\n\t\tand the email customization being updated is the default. The API will 400 if\n\t\tthe language parameter is not one of the supported locales or the body parameter\n\t\tdoes not contain a required variable reference.  The API will 404 for an invalid\n\t\t'brand_id' or 'template_name'.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst test = okta.getBrands({});\nconst forgotPassword = test.then(test =\u003e okta.getEmailCustomizations({\n    brandId: test.brands?.[0]?.id,\n    templateName: \"ForgotPassword\",\n}));\nconst forgotPasswordEn = new okta.EmailCustomization(\"forgot_password_en\", {\n    brandId: test.then(test =\u003e test.brands?.[0]?.id),\n    templateName: \"ForgotPassword\",\n    language: \"en\",\n    isDefault: true,\n    subject: \"Account password reset\",\n    body: \"Hi $$user.firstName,\u003cbr/\u003e\u003cbr/\u003eClick this link to reset your password: $$resetPasswordLink\",\n});\nconst forgotPasswordEs = new okta.EmailCustomization(\"forgot_password_es\", {\n    brandId: test.then(test =\u003e test.brands?.[0]?.id),\n    templateName: \"ForgotPassword\",\n    language: \"es\",\n    subject: \"Restablecimiento de contraseña de cuenta\",\n    body: \"Hola $$user.firstName,\u003cbr/\u003e\u003cbr/\u003eHaga clic en este enlace para restablecer tu contraseña: $$resetPasswordLink\",\n}, {\n    dependsOn: [forgotPasswordEn],\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\ntest = okta.get_brands()\nforgot_password = okta.get_email_customizations(brand_id=test.brands[0].id,\n    template_name=\"ForgotPassword\")\nforgot_password_en = okta.EmailCustomization(\"forgot_password_en\",\n    brand_id=test.brands[0].id,\n    template_name=\"ForgotPassword\",\n    language=\"en\",\n    is_default=True,\n    subject=\"Account password reset\",\n    body=\"Hi $$user.firstName,\u003cbr/\u003e\u003cbr/\u003eClick this link to reset your password: $$resetPasswordLink\")\nforgot_password_es = okta.EmailCustomization(\"forgot_password_es\",\n    brand_id=test.brands[0].id,\n    template_name=\"ForgotPassword\",\n    language=\"es\",\n    subject=\"Restablecimiento de contraseña de cuenta\",\n    body=\"Hola $$user.firstName,\u003cbr/\u003e\u003cbr/\u003eHaga clic en este enlace para restablecer tu contraseña: $$resetPasswordLink\",\n    opts = pulumi.ResourceOptions(depends_on=[forgot_password_en]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var test = Okta.GetBrands.Invoke();\n\n    var forgotPassword = Okta.GetEmailCustomizations.Invoke(new()\n    {\n        BrandId = test.Apply(getBrandsResult =\u003e getBrandsResult.Brands[0]?.Id),\n        TemplateName = \"ForgotPassword\",\n    });\n\n    var forgotPasswordEn = new Okta.EmailCustomization(\"forgot_password_en\", new()\n    {\n        BrandId = test.Apply(getBrandsResult =\u003e getBrandsResult.Brands[0]?.Id),\n        TemplateName = \"ForgotPassword\",\n        Language = \"en\",\n        IsDefault = true,\n        Subject = \"Account password reset\",\n        Body = \"Hi $$user.firstName,\u003cbr/\u003e\u003cbr/\u003eClick this link to reset your password: $$resetPasswordLink\",\n    });\n\n    var forgotPasswordEs = new Okta.EmailCustomization(\"forgot_password_es\", new()\n    {\n        BrandId = test.Apply(getBrandsResult =\u003e getBrandsResult.Brands[0]?.Id),\n        TemplateName = \"ForgotPassword\",\n        Language = \"es\",\n        Subject = \"Restablecimiento de contraseña de cuenta\",\n        Body = \"Hola $$user.firstName,\u003cbr/\u003e\u003cbr/\u003eHaga clic en este enlace para restablecer tu contraseña: $$resetPasswordLink\",\n    }, new CustomResourceOptions\n    {\n        DependsOn =\n        {\n            forgotPasswordEn,\n        },\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttest, err := okta.GetBrands(ctx, map[string]interface{}{}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = okta.GetEmailCustomizations(ctx, \u0026okta.GetEmailCustomizationsArgs{\n\t\t\tBrandId:      test.Brands[0].Id,\n\t\t\tTemplateName: \"ForgotPassword\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tforgotPasswordEn, err := okta.NewEmailCustomization(ctx, \"forgot_password_en\", \u0026okta.EmailCustomizationArgs{\n\t\t\tBrandId:      pulumi.String(test.Brands[0].Id),\n\t\t\tTemplateName: pulumi.String(\"ForgotPassword\"),\n\t\t\tLanguage:     pulumi.String(\"en\"),\n\t\t\tIsDefault:    pulumi.Bool(true),\n\t\t\tSubject:      pulumi.String(\"Account password reset\"),\n\t\t\tBody:         pulumi.String(\"Hi $$user.firstName,\u003cbr/\u003e\u003cbr/\u003eClick this link to reset your password: $$resetPasswordLink\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = okta.NewEmailCustomization(ctx, \"forgot_password_es\", \u0026okta.EmailCustomizationArgs{\n\t\t\tBrandId:      pulumi.String(test.Brands[0].Id),\n\t\t\tTemplateName: pulumi.String(\"ForgotPassword\"),\n\t\t\tLanguage:     pulumi.String(\"es\"),\n\t\t\tSubject:      pulumi.String(\"Restablecimiento de contraseña de cuenta\"),\n\t\t\tBody:         pulumi.String(\"Hola $$user.firstName,\u003cbr/\u003e\u003cbr/\u003eHaga clic en este enlace para restablecer tu contraseña: $$resetPasswordLink\"),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tforgotPasswordEn,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.OktaFunctions;\nimport com.pulumi.okta.inputs.GetEmailCustomizationsArgs;\nimport com.pulumi.okta.EmailCustomization;\nimport com.pulumi.okta.EmailCustomizationArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        final var test = OktaFunctions.getBrands(%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference);\n\n        final var forgotPassword = OktaFunctions.getEmailCustomizations(GetEmailCustomizationsArgs.builder()\n            .brandId(test.brands()[0].id())\n            .templateName(\"ForgotPassword\")\n            .build());\n\n        var forgotPasswordEn = new EmailCustomization(\"forgotPasswordEn\", EmailCustomizationArgs.builder()\n            .brandId(test.brands()[0].id())\n            .templateName(\"ForgotPassword\")\n            .language(\"en\")\n            .isDefault(true)\n            .subject(\"Account password reset\")\n            .body(\"Hi $$user.firstName,\u003cbr/\u003e\u003cbr/\u003eClick this link to reset your password: $$resetPasswordLink\")\n            .build());\n\n        var forgotPasswordEs = new EmailCustomization(\"forgotPasswordEs\", EmailCustomizationArgs.builder()\n            .brandId(test.brands()[0].id())\n            .templateName(\"ForgotPassword\")\n            .language(\"es\")\n            .subject(\"Restablecimiento de contraseña de cuenta\")\n            .body(\"Hola $$user.firstName,\u003cbr/\u003e\u003cbr/\u003eHaga clic en este enlace para restablecer tu contraseña: $$resetPasswordLink\")\n            .build(), CustomResourceOptions.builder()\n                .dependsOn(forgotPasswordEn)\n                .build());\n\n    }\n}\n```\n```yaml\nresources:\n  forgotPasswordEn:\n    type: okta:EmailCustomization\n    name: forgot_password_en\n    properties:\n      brandId: ${test.brands[0].id}\n      templateName: ForgotPassword\n      language: en\n      isDefault: true\n      subject: Account password reset\n      body: 'Hi $$user.firstName,\u003cbr/\u003e\u003cbr/\u003eClick this link to reset your password: $$resetPasswordLink'\n  forgotPasswordEs:\n    type: okta:EmailCustomization\n    name: forgot_password_es\n    properties:\n      brandId: ${test.brands[0].id}\n      templateName: ForgotPassword\n      language: es\n      subject: Restablecimiento de contraseña de cuenta\n      body: 'Hola $$user.firstName,\u003cbr/\u003e\u003cbr/\u003eHaga clic en este enlace para restablecer tu contraseña: $$resetPasswordLink'\n    options:\n      dependsOn:\n        - ${forgotPasswordEn}\nvariables:\n  test:\n    fn::invoke:\n      function: okta:getBrands\n      arguments: {}\n  forgotPassword:\n    fn::invoke:\n      function: okta:getEmailCustomizations\n      arguments:\n        brandId: ${test.brands[0].id}\n        templateName: ForgotPassword\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\n```sh\n$ pulumi import okta:index/emailCustomization:EmailCustomization example \u003ccustomization_id\u003e/\u003cbrand_id\u003e/\u003ctemplate_name\u003e\n```\n\n","properties":{"body":{"type":"string","description":"The body of the customization\n"},"brandId":{"type":"string","description":"Brand ID\n"},"forceIsDefault":{"type":"string","description":"Force\u003cspan pulumi-lang-nodejs=\" isDefault \" pulumi-lang-dotnet=\" IsDefault \" pulumi-lang-go=\" isDefault \" pulumi-lang-python=\" is_default \" pulumi-lang-yaml=\" isDefault \" pulumi-lang-java=\" isDefault \"\u003e is_default \u003c/span\u003eon the create and delete by deleting all email customizations. Comma separated string with values of 'create' or 'destroy' or both `create,destroy'.\n","deprecationMessage":"force_is_default is deprecated and now is a no-op in behavior. Rely upon the\u003cspan pulumi-lang-nodejs=\" dependsOn \" pulumi-lang-dotnet=\" DependsOn \" pulumi-lang-go=\" dependsOn \" pulumi-lang-python=\" depends_on \" pulumi-lang-yaml=\" dependsOn \" pulumi-lang-java=\" dependsOn \"\u003e depends_on \u003c/span\u003emeta argument to force dependency of secondary templates to the default template"},"isDefault":{"type":"boolean","description":"Whether the customization is the default\n"},"language":{"type":"string","description":"The language supported by the customization - Example values from [supported languages](https://developer.okta.com/docs/reference/api/brands/#supported-languages)\n"},"links":{"type":"string","description":"Link relations for this object - JSON HAL - Discoverable resources related to the email template\n"},"subject":{"type":"string","description":"The subject of the customization\n"},"templateName":{"type":"string","description":"Template Name - Example values: `AccountLockout`,`ADForgotPassword`,`ADForgotPasswordDenied`,`ADSelfServiceUnlock`,`ADUserActivation`,`AuthenticatorEnrolled`,`AuthenticatorReset`,`ChangeEmailConfirmation`,`EmailChallenge`,`EmailChangeConfirmation`,`EmailFactorVerification`,`ForgotPassword`,`ForgotPasswordDenied`,`IGAReviewerEndNotification`,`IGAReviewerNotification`,`IGAReviewerPendingNotification`,`IGAReviewerReassigned`,`LDAPForgotPassword`,`LDAPForgotPasswordDenied`,`LDAPSelfServiceUnlock`,`LDAPUserActivation`,`MyAccountChangeConfirmation`,`NewSignOnNotification`,`OktaVerifyActivation`,`PasswordChanged`,`PasswordResetByAdmin`,`PendingEmailChange`,`RegistrationActivation`,`RegistrationEmailVerification`,`SelfServiceUnlock`,`SelfServiceUnlockOnUnlockedAccount`,`UserActivation`\n"}},"required":["brandId","links","templateName"],"inputProperties":{"body":{"type":"string","description":"The body of the customization\n"},"brandId":{"type":"string","description":"Brand ID\n"},"forceIsDefault":{"type":"string","description":"Force\u003cspan pulumi-lang-nodejs=\" isDefault \" pulumi-lang-dotnet=\" IsDefault \" pulumi-lang-go=\" isDefault \" pulumi-lang-python=\" is_default \" pulumi-lang-yaml=\" isDefault \" pulumi-lang-java=\" isDefault \"\u003e is_default \u003c/span\u003eon the create and delete by deleting all email customizations. Comma separated string with values of 'create' or 'destroy' or both `create,destroy'.\n","deprecationMessage":"force_is_default is deprecated and now is a no-op in behavior. Rely upon the\u003cspan pulumi-lang-nodejs=\" dependsOn \" pulumi-lang-dotnet=\" DependsOn \" pulumi-lang-go=\" dependsOn \" pulumi-lang-python=\" depends_on \" pulumi-lang-yaml=\" dependsOn \" pulumi-lang-java=\" dependsOn \"\u003e depends_on \u003c/span\u003emeta argument to force dependency of secondary templates to the default template"},"isDefault":{"type":"boolean","description":"Whether the customization is the default\n"},"language":{"type":"string","description":"The language supported by the customization - Example values from [supported languages](https://developer.okta.com/docs/reference/api/brands/#supported-languages)\n"},"subject":{"type":"string","description":"The subject of the customization\n"},"templateName":{"type":"string","description":"Template Name - Example values: `AccountLockout`,`ADForgotPassword`,`ADForgotPasswordDenied`,`ADSelfServiceUnlock`,`ADUserActivation`,`AuthenticatorEnrolled`,`AuthenticatorReset`,`ChangeEmailConfirmation`,`EmailChallenge`,`EmailChangeConfirmation`,`EmailFactorVerification`,`ForgotPassword`,`ForgotPasswordDenied`,`IGAReviewerEndNotification`,`IGAReviewerNotification`,`IGAReviewerPendingNotification`,`IGAReviewerReassigned`,`LDAPForgotPassword`,`LDAPForgotPasswordDenied`,`LDAPSelfServiceUnlock`,`LDAPUserActivation`,`MyAccountChangeConfirmation`,`NewSignOnNotification`,`OktaVerifyActivation`,`PasswordChanged`,`PasswordResetByAdmin`,`PendingEmailChange`,`RegistrationActivation`,`RegistrationEmailVerification`,`SelfServiceUnlock`,`SelfServiceUnlockOnUnlockedAccount`,`UserActivation`\n"}},"requiredInputs":["brandId","templateName"],"stateInputs":{"description":"Input properties used for looking up and filtering EmailCustomization resources.\n","properties":{"body":{"type":"string","description":"The body of the customization\n"},"brandId":{"type":"string","description":"Brand ID\n"},"forceIsDefault":{"type":"string","description":"Force\u003cspan pulumi-lang-nodejs=\" isDefault \" pulumi-lang-dotnet=\" IsDefault \" pulumi-lang-go=\" isDefault \" pulumi-lang-python=\" is_default \" pulumi-lang-yaml=\" isDefault \" pulumi-lang-java=\" isDefault \"\u003e is_default \u003c/span\u003eon the create and delete by deleting all email customizations. Comma separated string with values of 'create' or 'destroy' or both `create,destroy'.\n","deprecationMessage":"force_is_default is deprecated and now is a no-op in behavior. Rely upon the\u003cspan pulumi-lang-nodejs=\" dependsOn \" pulumi-lang-dotnet=\" DependsOn \" pulumi-lang-go=\" dependsOn \" pulumi-lang-python=\" depends_on \" pulumi-lang-yaml=\" dependsOn \" pulumi-lang-java=\" dependsOn \"\u003e depends_on \u003c/span\u003emeta argument to force dependency of secondary templates to the default template"},"isDefault":{"type":"boolean","description":"Whether the customization is the default\n"},"language":{"type":"string","description":"The language supported by the customization - Example values from [supported languages](https://developer.okta.com/docs/reference/api/brands/#supported-languages)\n"},"links":{"type":"string","description":"Link relations for this object - JSON HAL - Discoverable resources related to the email template\n"},"subject":{"type":"string","description":"The subject of the customization\n"},"templateName":{"type":"string","description":"Template Name - Example values: `AccountLockout`,`ADForgotPassword`,`ADForgotPasswordDenied`,`ADSelfServiceUnlock`,`ADUserActivation`,`AuthenticatorEnrolled`,`AuthenticatorReset`,`ChangeEmailConfirmation`,`EmailChallenge`,`EmailChangeConfirmation`,`EmailFactorVerification`,`ForgotPassword`,`ForgotPasswordDenied`,`IGAReviewerEndNotification`,`IGAReviewerNotification`,`IGAReviewerPendingNotification`,`IGAReviewerReassigned`,`LDAPForgotPassword`,`LDAPForgotPasswordDenied`,`LDAPSelfServiceUnlock`,`LDAPUserActivation`,`MyAccountChangeConfirmation`,`NewSignOnNotification`,`OktaVerifyActivation`,`PasswordChanged`,`PasswordResetByAdmin`,`PendingEmailChange`,`RegistrationActivation`,`RegistrationEmailVerification`,`SelfServiceUnlock`,`SelfServiceUnlockOnUnlockedAccount`,`UserActivation`\n"}},"type":"object"}},"okta:index/emailDomain:EmailDomain":{"description":"## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst example = new okta.EmailDomain(\"example\", {\n    brandId: \"abc123\",\n    domain: \"example.com\",\n    displayName: \"test\",\n    userName: \"paul_atreides\",\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\nexample = okta.EmailDomain(\"example\",\n    brand_id=\"abc123\",\n    domain=\"example.com\",\n    display_name=\"test\",\n    user_name=\"paul_atreides\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var example = new Okta.EmailDomain(\"example\", new()\n    {\n        BrandId = \"abc123\",\n        Domain = \"example.com\",\n        DisplayName = \"test\",\n        UserName = \"paul_atreides\",\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := okta.NewEmailDomain(ctx, \"example\", \u0026okta.EmailDomainArgs{\n\t\t\tBrandId:     pulumi.String(\"abc123\"),\n\t\t\tDomain:      pulumi.String(\"example.com\"),\n\t\t\tDisplayName: pulumi.String(\"test\"),\n\t\t\tUserName:    pulumi.String(\"paul_atreides\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.EmailDomain;\nimport com.pulumi.okta.EmailDomainArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        var example = new EmailDomain(\"example\", EmailDomainArgs.builder()\n            .brandId(\"abc123\")\n            .domain(\"example.com\")\n            .displayName(\"test\")\n            .userName(\"paul_atreides\")\n            .build());\n\n    }\n}\n```\n```yaml\nresources:\n  example:\n    type: okta:EmailDomain\n    properties:\n      brandId: abc123\n      domain: example.com\n      displayName: test\n      userName: paul_atreides\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\n```sh\n$ pulumi import okta:index/emailDomain:EmailDomain example \u003cdomain_id\u003e\n```\n\n","properties":{"brandId":{"type":"string","description":"Brand id of the email domain.\n"},"displayName":{"type":"string","description":"Display name of the email domain.\n"},"dnsValidationRecords":{"type":"array","items":{"$ref":"#/types/okta:index/EmailDomainDnsValidationRecord:EmailDomainDnsValidationRecord"},"description":"TXT and cname records to be registered for the email Domain\n"},"domain":{"type":"string","description":"Mail domain to send from.\n"},"userName":{"type":"string","description":"User name of the email domain.\n"},"validationStatus":{"type":"string","description":"Status of the email domain. Values: NOT*STARTED, IN*PROGRESS, VERIFIED, COMPLETED\n"}},"required":["brandId","displayName","dnsValidationRecords","domain","userName","validationStatus"],"inputProperties":{"brandId":{"type":"string","description":"Brand id of the email domain.\n"},"displayName":{"type":"string","description":"Display name of the email domain.\n"},"domain":{"type":"string","description":"Mail domain to send from.\n"},"userName":{"type":"string","description":"User name of the email domain.\n"}},"requiredInputs":["brandId","displayName","domain","userName"],"stateInputs":{"description":"Input properties used for looking up and filtering EmailDomain resources.\n","properties":{"brandId":{"type":"string","description":"Brand id of the email domain.\n"},"displayName":{"type":"string","description":"Display name of the email domain.\n"},"dnsValidationRecords":{"type":"array","items":{"$ref":"#/types/okta:index/EmailDomainDnsValidationRecord:EmailDomainDnsValidationRecord"},"description":"TXT and cname records to be registered for the email Domain\n"},"domain":{"type":"string","description":"Mail domain to send from.\n"},"userName":{"type":"string","description":"User name of the email domain.\n"},"validationStatus":{"type":"string","description":"Status of the email domain. Values: NOT*STARTED, IN*PROGRESS, VERIFIED, COMPLETED\n"}},"type":"object"}},"okta:index/emailDomainVerification:EmailDomainVerification":{"description":"Verifies the email domain. The resource won't be created if the email domain could not be verified.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst example = new okta.EmailDomain(\"example\", {\n    brandId: \"abc123\",\n    domain: \"example.com\",\n    displayName: \"test\",\n    userName: \"paul_atreides\",\n});\nconst exampleEmailDomainVerification = new okta.EmailDomainVerification(\"example\", {emailDomainId: valid.id});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\nexample = okta.EmailDomain(\"example\",\n    brand_id=\"abc123\",\n    domain=\"example.com\",\n    display_name=\"test\",\n    user_name=\"paul_atreides\")\nexample_email_domain_verification = okta.EmailDomainVerification(\"example\", email_domain_id=valid[\"id\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var example = new Okta.EmailDomain(\"example\", new()\n    {\n        BrandId = \"abc123\",\n        Domain = \"example.com\",\n        DisplayName = \"test\",\n        UserName = \"paul_atreides\",\n    });\n\n    var exampleEmailDomainVerification = new Okta.EmailDomainVerification(\"example\", new()\n    {\n        EmailDomainId = valid.Id,\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := okta.NewEmailDomain(ctx, \"example\", \u0026okta.EmailDomainArgs{\n\t\t\tBrandId:     pulumi.String(\"abc123\"),\n\t\t\tDomain:      pulumi.String(\"example.com\"),\n\t\t\tDisplayName: pulumi.String(\"test\"),\n\t\t\tUserName:    pulumi.String(\"paul_atreides\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = okta.NewEmailDomainVerification(ctx, \"example\", \u0026okta.EmailDomainVerificationArgs{\n\t\t\tEmailDomainId: pulumi.Any(valid.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.EmailDomain;\nimport com.pulumi.okta.EmailDomainArgs;\nimport com.pulumi.okta.EmailDomainVerification;\nimport com.pulumi.okta.EmailDomainVerificationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        var example = new EmailDomain(\"example\", EmailDomainArgs.builder()\n            .brandId(\"abc123\")\n            .domain(\"example.com\")\n            .displayName(\"test\")\n            .userName(\"paul_atreides\")\n            .build());\n\n        var exampleEmailDomainVerification = new EmailDomainVerification(\"exampleEmailDomainVerification\", EmailDomainVerificationArgs.builder()\n            .emailDomainId(valid.id())\n            .build());\n\n    }\n}\n```\n```yaml\nresources:\n  example:\n    type: okta:EmailDomain\n    properties:\n      brandId: abc123\n      domain: example.com\n      displayName: test\n      userName: paul_atreides\n  exampleEmailDomainVerification:\n    type: okta:EmailDomainVerification\n    name: example\n    properties:\n      emailDomainId: ${valid.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n","properties":{"emailDomainId":{"type":"string","description":"Email domain ID\n"}},"required":["emailDomainId"],"inputProperties":{"emailDomainId":{"type":"string","description":"Email domain ID\n","willReplaceOnChanges":true}},"requiredInputs":["emailDomainId"],"stateInputs":{"description":"Input properties used for looking up and filtering EmailDomainVerification resources.\n","properties":{"emailDomainId":{"type":"string","description":"Email domain ID\n","willReplaceOnChanges":true}},"type":"object"}},"okta:index/emailSender:EmailSender":{"description":"Creates custom email sender. This resource allows you to create and configure a custom email sender.\n\n\u003e **DEPRECATED** The api for this resource has been deprecated. Please use \u003cspan pulumi-lang-nodejs=\"`okta.EmailDomain`\" pulumi-lang-dotnet=\"`okta.EmailDomain`\" pulumi-lang-go=\"`EmailDomain`\" pulumi-lang-python=\"`EmailDomain`\" pulumi-lang-yaml=\"`okta.EmailDomain`\" pulumi-lang-java=\"`okta.EmailDomain`\"\u003e`okta.EmailDomain`\u003c/span\u003e instead.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst example = new okta.EmailSender(\"example\", {\n    fromName: \"Paul Atreides\",\n    fromAddress: \"no-reply@caladan.planet\",\n    subdomain: \"mail\",\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\nexample = okta.EmailSender(\"example\",\n    from_name=\"Paul Atreides\",\n    from_address=\"no-reply@caladan.planet\",\n    subdomain=\"mail\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var example = new Okta.EmailSender(\"example\", new()\n    {\n        FromName = \"Paul Atreides\",\n        FromAddress = \"no-reply@caladan.planet\",\n        Subdomain = \"mail\",\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := okta.NewEmailSender(ctx, \"example\", \u0026okta.EmailSenderArgs{\n\t\t\tFromName:    pulumi.String(\"Paul Atreides\"),\n\t\t\tFromAddress: pulumi.String(\"no-reply@caladan.planet\"),\n\t\t\tSubdomain:   pulumi.String(\"mail\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.EmailSender;\nimport com.pulumi.okta.EmailSenderArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        var example = new EmailSender(\"example\", EmailSenderArgs.builder()\n            .fromName(\"Paul Atreides\")\n            .fromAddress(\"no-reply@caladan.planet\")\n            .subdomain(\"mail\")\n            .build());\n\n    }\n}\n```\n```yaml\nresources:\n  example:\n    type: okta:EmailSender\n    properties:\n      fromName: Paul Atreides\n      fromAddress: no-reply@caladan.planet\n      subdomain: mail\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\n```sh\n$ pulumi import okta:index/emailSender:EmailSender example \u003csender_id\u003e\n```\n\n","properties":{"dnsRecords":{"type":"array","items":{"$ref":"#/types/okta:index/EmailSenderDnsRecord:EmailSenderDnsRecord"},"description":"TXT and CNAME records to be registered for the Domain\n"},"fromAddress":{"type":"string","description":"Email address to send from\n"},"fromName":{"type":"string","description":"Name of sender\n"},"status":{"type":"string","description":"Verification status\n"},"subdomain":{"type":"string","description":"Mail domain to send from\n"}},"required":["dnsRecords","fromAddress","fromName","status","subdomain"],"inputProperties":{"fromAddress":{"type":"string","description":"Email address to send from\n"},"fromName":{"type":"string","description":"Name of sender\n"},"subdomain":{"type":"string","description":"Mail domain to send from\n","willReplaceOnChanges":true}},"requiredInputs":["fromAddress","fromName","subdomain"],"stateInputs":{"description":"Input properties used for looking up and filtering EmailSender resources.\n","properties":{"dnsRecords":{"type":"array","items":{"$ref":"#/types/okta:index/EmailSenderDnsRecord:EmailSenderDnsRecord"},"description":"TXT and CNAME records to be registered for the Domain\n"},"fromAddress":{"type":"string","description":"Email address to send from\n"},"fromName":{"type":"string","description":"Name of sender\n"},"status":{"type":"string","description":"Verification status\n"},"subdomain":{"type":"string","description":"Mail domain to send from\n","willReplaceOnChanges":true}},"type":"object"}},"okta:index/emailSenderVerification:EmailSenderVerification":{"description":"Verifies the email sender. The resource won't be created if the email sender could not be verified.\n\n\u003e **DEPRECATED** The api for this resource has been deprecated. Please use \u003cspan pulumi-lang-nodejs=\"`okta.EmailDomainVerification`\" pulumi-lang-dotnet=\"`okta.EmailDomainVerification`\" pulumi-lang-go=\"`EmailDomainVerification`\" pulumi-lang-python=\"`EmailDomainVerification`\" pulumi-lang-yaml=\"`okta.EmailDomainVerification`\" pulumi-lang-java=\"`okta.EmailDomainVerification`\"\u003e`okta.EmailDomainVerification`\u003c/span\u003e instead.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst example = new okta.EmailSender(\"example\", {\n    fromName: \"Paul Atreides\",\n    fromAddress: \"no-reply@caladan.planet\",\n    subdomain: \"mail\",\n});\nconst exampleEmailSenderVerification = new okta.EmailSenderVerification(\"example\", {senderId: valid.id});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\nexample = okta.EmailSender(\"example\",\n    from_name=\"Paul Atreides\",\n    from_address=\"no-reply@caladan.planet\",\n    subdomain=\"mail\")\nexample_email_sender_verification = okta.EmailSenderVerification(\"example\", sender_id=valid[\"id\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var example = new Okta.EmailSender(\"example\", new()\n    {\n        FromName = \"Paul Atreides\",\n        FromAddress = \"no-reply@caladan.planet\",\n        Subdomain = \"mail\",\n    });\n\n    var exampleEmailSenderVerification = new Okta.EmailSenderVerification(\"example\", new()\n    {\n        SenderId = valid.Id,\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := okta.NewEmailSender(ctx, \"example\", \u0026okta.EmailSenderArgs{\n\t\t\tFromName:    pulumi.String(\"Paul Atreides\"),\n\t\t\tFromAddress: pulumi.String(\"no-reply@caladan.planet\"),\n\t\t\tSubdomain:   pulumi.String(\"mail\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = okta.NewEmailSenderVerification(ctx, \"example\", \u0026okta.EmailSenderVerificationArgs{\n\t\t\tSenderId: pulumi.Any(valid.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.EmailSender;\nimport com.pulumi.okta.EmailSenderArgs;\nimport com.pulumi.okta.EmailSenderVerification;\nimport com.pulumi.okta.EmailSenderVerificationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        var example = new EmailSender(\"example\", EmailSenderArgs.builder()\n            .fromName(\"Paul Atreides\")\n            .fromAddress(\"no-reply@caladan.planet\")\n            .subdomain(\"mail\")\n            .build());\n\n        var exampleEmailSenderVerification = new EmailSenderVerification(\"exampleEmailSenderVerification\", EmailSenderVerificationArgs.builder()\n            .senderId(valid.id())\n            .build());\n\n    }\n}\n```\n```yaml\nresources:\n  example:\n    type: okta:EmailSender\n    properties:\n      fromName: Paul Atreides\n      fromAddress: no-reply@caladan.planet\n      subdomain: mail\n  exampleEmailSenderVerification:\n    type: okta:EmailSenderVerification\n    name: example\n    properties:\n      senderId: ${valid.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n","properties":{"senderId":{"type":"string","description":"Email sender ID\n"}},"required":["senderId"],"inputProperties":{"senderId":{"type":"string","description":"Email sender ID\n","willReplaceOnChanges":true}},"requiredInputs":["senderId"],"stateInputs":{"description":"Input properties used for looking up and filtering EmailSenderVerification resources.\n","properties":{"senderId":{"type":"string","description":"Email sender ID\n","willReplaceOnChanges":true}},"type":"object"}},"okta:index/emailSmtpServer:EmailSmtpServer":{"description":"Create and configure SMTP email server configuration for your org.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst example = new okta.EmailSmtpServer(\"example\", {\n    alias: \"CustomServer\",\n    host: \"192.168.160.1\",\n    port: 8086,\n    username: \"abcd\",\n    enabled: false,\n    password: \"pwd\",\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\nexample = okta.EmailSmtpServer(\"example\",\n    alias=\"CustomServer\",\n    host=\"192.168.160.1\",\n    port=8086,\n    username=\"abcd\",\n    enabled=False,\n    password=\"pwd\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var example = new Okta.EmailSmtpServer(\"example\", new()\n    {\n        Alias = \"CustomServer\",\n        Host = \"192.168.160.1\",\n        Port = 8086,\n        Username = \"abcd\",\n        Enabled = false,\n        Password = \"pwd\",\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := okta.NewEmailSmtpServer(ctx, \"example\", \u0026okta.EmailSmtpServerArgs{\n\t\t\tAlias:    pulumi.String(\"CustomServer\"),\n\t\t\tHost:     pulumi.String(\"192.168.160.1\"),\n\t\t\tPort:     pulumi.Int(8086),\n\t\t\tUsername: pulumi.String(\"abcd\"),\n\t\t\tEnabled:  pulumi.Bool(false),\n\t\t\tPassword: pulumi.String(\"pwd\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.EmailSmtpServer;\nimport com.pulumi.okta.EmailSmtpServerArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        var example = new EmailSmtpServer(\"example\", EmailSmtpServerArgs.builder()\n            .alias(\"CustomServer\")\n            .host(\"192.168.160.1\")\n            .port(8086)\n            .username(\"abcd\")\n            .enabled(false)\n            .password(\"pwd\")\n            .build());\n\n    }\n}\n```\n```yaml\nresources:\n  example:\n    type: okta:EmailSmtpServer\n    properties:\n      alias: CustomServer\n      host: 192.168.160.1\n      port: 8086\n      username: abcd\n      enabled: false\n      password: pwd\n```\n\u003c!--End PulumiCodeChooser --\u003e\n","properties":{"alias":{"type":"string","description":"Human-readable name for your SMTP server\n"},"enabled":{"type":"boolean","description":"If true, routes all email traffic through your SMTP server.Default: \u003cspan pulumi-lang-nodejs=\"`false`\" pulumi-lang-dotnet=\"`False`\" pulumi-lang-go=\"`false`\" pulumi-lang-python=\"`false`\" pulumi-lang-yaml=\"`false`\" pulumi-lang-java=\"`false`\"\u003e`false`\u003c/span\u003e\n"},"host":{"type":"string","description":"Hostname or IP address of your SMTP server\n"},"password":{"type":"string","description":"Password used to access your SMTP server\n"},"port":{"type":"integer","description":"Port number of your SMTP server\n"},"username":{"type":"string","description":"Username used to access your SMTP server\n"}},"required":["alias","host","password","port","username"],"inputProperties":{"alias":{"type":"string","description":"Human-readable name for your SMTP server\n"},"enabled":{"type":"boolean","description":"If true, routes all email traffic through your SMTP server.Default: \u003cspan pulumi-lang-nodejs=\"`false`\" pulumi-lang-dotnet=\"`False`\" pulumi-lang-go=\"`false`\" pulumi-lang-python=\"`false`\" pulumi-lang-yaml=\"`false`\" pulumi-lang-java=\"`false`\"\u003e`false`\u003c/span\u003e\n"},"host":{"type":"string","description":"Hostname or IP address of your SMTP server\n"},"password":{"type":"string","description":"Password used to access your SMTP server\n"},"port":{"type":"integer","description":"Port number of your SMTP server\n"},"username":{"type":"string","description":"Username used to access your SMTP server\n"}},"requiredInputs":["alias","host","password","port","username"],"stateInputs":{"description":"Input properties used for looking up and filtering EmailSmtpServer resources.\n","properties":{"alias":{"type":"string","description":"Human-readable name for your SMTP server\n"},"enabled":{"type":"boolean","description":"If true, routes all email traffic through your SMTP server.Default: \u003cspan pulumi-lang-nodejs=\"`false`\" pulumi-lang-dotnet=\"`False`\" pulumi-lang-go=\"`false`\" pulumi-lang-python=\"`false`\" pulumi-lang-yaml=\"`false`\" pulumi-lang-java=\"`false`\"\u003e`false`\u003c/span\u003e\n"},"host":{"type":"string","description":"Hostname or IP address of your SMTP server\n"},"password":{"type":"string","description":"Password used to access your SMTP server\n"},"port":{"type":"integer","description":"Port number of your SMTP server\n"},"username":{"type":"string","description":"Username used to access your SMTP server\n"}},"type":"object"}},"okta:index/emailTemplateSettings:EmailTemplateSettings":{"description":"Manages email template settings\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst example = new okta.EmailTemplateSettings(\"example\", {\n    brandId: \"\u003cbrand id\u003e\",\n    templateName: \"ForgotPassword\",\n    recipients: \"ADMINS_ONLY\",\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\nexample = okta.EmailTemplateSettings(\"example\",\n    brand_id=\"\u003cbrand id\u003e\",\n    template_name=\"ForgotPassword\",\n    recipients=\"ADMINS_ONLY\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var example = new Okta.EmailTemplateSettings(\"example\", new()\n    {\n        BrandId = \"\u003cbrand id\u003e\",\n        TemplateName = \"ForgotPassword\",\n        Recipients = \"ADMINS_ONLY\",\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := okta.NewEmailTemplateSettings(ctx, \"example\", \u0026okta.EmailTemplateSettingsArgs{\n\t\t\tBrandId:      pulumi.String(\"\u003cbrand id\u003e\"),\n\t\t\tTemplateName: pulumi.String(\"ForgotPassword\"),\n\t\t\tRecipients:   pulumi.String(\"ADMINS_ONLY\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.EmailTemplateSettings;\nimport com.pulumi.okta.EmailTemplateSettingsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        var example = new EmailTemplateSettings(\"example\", EmailTemplateSettingsArgs.builder()\n            .brandId(\"\u003cbrand id\u003e\")\n            .templateName(\"ForgotPassword\")\n            .recipients(\"ADMINS_ONLY\")\n            .build());\n\n    }\n}\n```\n```yaml\nresources:\n  example:\n    type: okta:EmailTemplateSettings\n    properties:\n      brandId: \u003cbrand id\u003e\n      templateName: ForgotPassword\n      recipients: ADMINS_ONLY\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\n```sh\n$ pulumi import okta:index/emailTemplateSettings:EmailTemplateSettings example \u003cbrand_id\u003e/\u003ctemplate_name\u003e\n```\n\n","properties":{"brandId":{"type":"string","description":"The ID of the brand.\n"},"recipients":{"type":"string","description":"The recipients the emails of this template will be sent to - Valid values: `ALL_USERS`, `ADMINS_ONLY`, `NO_USERS`\n"},"templateName":{"type":"string","description":"Email template name - Example values: `AccountLockout`,`ADForgotPassword`,`ADForgotPasswordDenied`,`ADSelfServiceUnlock`,`ADUserActivation`,`AuthenticatorEnrolled`,`AuthenticatorReset`,`ChangeEmailConfirmation`,`EmailChallenge`,`EmailChangeConfirmation`,`EmailFactorVerification`,`ForgotPassword`,`ForgotPasswordDenied`,`IGAReviewerEndNotification`,`IGAReviewerNotification`,`IGAReviewerPendingNotification`,`IGAReviewerReassigned`,`LDAPForgotPassword`,`LDAPForgotPasswordDenied`,`LDAPSelfServiceUnlock`,`LDAPUserActivation`,`MyAccountChangeConfirmation`,`NewSignOnNotification`,`OktaVerifyActivation`,`PasswordChanged`,`PasswordResetByAdmin`,`PendingEmailChange`,`RegistrationActivation`,`RegistrationEmailVerification`,`SelfServiceUnlock`,`SelfServiceUnlockOnUnlockedAccount`,`UserActivation`\n"}},"required":["brandId","recipients","templateName"],"inputProperties":{"brandId":{"type":"string","description":"The ID of the brand.\n"},"recipients":{"type":"string","description":"The recipients the emails of this template will be sent to - Valid values: `ALL_USERS`, `ADMINS_ONLY`, `NO_USERS`\n"},"templateName":{"type":"string","description":"Email template name - Example values: `AccountLockout`,`ADForgotPassword`,`ADForgotPasswordDenied`,`ADSelfServiceUnlock`,`ADUserActivation`,`AuthenticatorEnrolled`,`AuthenticatorReset`,`ChangeEmailConfirmation`,`EmailChallenge`,`EmailChangeConfirmation`,`EmailFactorVerification`,`ForgotPassword`,`ForgotPasswordDenied`,`IGAReviewerEndNotification`,`IGAReviewerNotification`,`IGAReviewerPendingNotification`,`IGAReviewerReassigned`,`LDAPForgotPassword`,`LDAPForgotPasswordDenied`,`LDAPSelfServiceUnlock`,`LDAPUserActivation`,`MyAccountChangeConfirmation`,`NewSignOnNotification`,`OktaVerifyActivation`,`PasswordChanged`,`PasswordResetByAdmin`,`PendingEmailChange`,`RegistrationActivation`,`RegistrationEmailVerification`,`SelfServiceUnlock`,`SelfServiceUnlockOnUnlockedAccount`,`UserActivation`\n"}},"requiredInputs":["brandId","recipients","templateName"],"stateInputs":{"description":"Input properties used for looking up and filtering EmailTemplateSettings resources.\n","properties":{"brandId":{"type":"string","description":"The ID of the brand.\n"},"recipients":{"type":"string","description":"The recipients the emails of this template will be sent to - Valid values: `ALL_USERS`, `ADMINS_ONLY`, `NO_USERS`\n"},"templateName":{"type":"string","description":"Email template name - Example values: `AccountLockout`,`ADForgotPassword`,`ADForgotPasswordDenied`,`ADSelfServiceUnlock`,`ADUserActivation`,`AuthenticatorEnrolled`,`AuthenticatorReset`,`ChangeEmailConfirmation`,`EmailChallenge`,`EmailChangeConfirmation`,`EmailFactorVerification`,`ForgotPassword`,`ForgotPasswordDenied`,`IGAReviewerEndNotification`,`IGAReviewerNotification`,`IGAReviewerPendingNotification`,`IGAReviewerReassigned`,`LDAPForgotPassword`,`LDAPForgotPasswordDenied`,`LDAPSelfServiceUnlock`,`LDAPUserActivation`,`MyAccountChangeConfirmation`,`NewSignOnNotification`,`OktaVerifyActivation`,`PasswordChanged`,`PasswordResetByAdmin`,`PendingEmailChange`,`RegistrationActivation`,`RegistrationEmailVerification`,`SelfServiceUnlock`,`SelfServiceUnlockOnUnlockedAccount`,`UserActivation`\n"}},"type":"object"}},"okta:index/endUserMyRequests:EndUserMyRequests":{"description":"\n\n## Import\n\n```sh\n$ pulumi import okta:index/endUserMyRequests:EndUserMyRequests example \u003crequest_id/entry_id\u003e\n```\n\n","properties":{"entryId":{"type":"string","description":"The ID of the catalog entry for which the request is being made.\n"},"requesterFieldValues":{"type":"array","items":{"$ref":"#/types/okta:index/EndUserMyRequestsRequesterFieldValue:EndUserMyRequestsRequesterFieldValue"},"description":"The requester input fields required by the approval system. Note: The fields required are determined by the approval system.\n"},"status":{"type":"string","description":"The status of the request. Possible values include: `APPROVED`, `CANCELED`, `DENIED`, `EXPIRED`, `PENDING`, `REJECTED`, `SUBMITTED`\n"}},"required":["entryId","status"],"inputProperties":{"entryId":{"type":"string","description":"The ID of the catalog entry for which the request is being made.\n"},"requesterFieldValues":{"type":"array","items":{"$ref":"#/types/okta:index/EndUserMyRequestsRequesterFieldValue:EndUserMyRequestsRequesterFieldValue"},"description":"The requester input fields required by the approval system. Note: The fields required are determined by the approval system.\n"}},"requiredInputs":["entryId"],"stateInputs":{"description":"Input properties used for looking up and filtering EndUserMyRequests resources.\n","properties":{"entryId":{"type":"string","description":"The ID of the catalog entry for which the request is being made.\n"},"requesterFieldValues":{"type":"array","items":{"$ref":"#/types/okta:index/EndUserMyRequestsRequesterFieldValue:EndUserMyRequestsRequesterFieldValue"},"description":"The requester input fields required by the approval system. Note: The fields required are determined by the approval system.\n"},"status":{"type":"string","description":"The status of the request. Possible values include: `APPROVED`, `CANCELED`, `DENIED`, `EXPIRED`, `PENDING`, `REJECTED`, `SUBMITTED`\n"}},"type":"object"}},"okta:index/entitlement:Entitlement":{"description":"Manages Entitlement. This resource allows you to create and configure an Okta [Entitlement](https://developer.okta.com/docs/api/iga/openapi/governance.api/tag/Entitlements/).\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst example = new okta.Entitlement(\"example\", {name: \"example\"});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\nexample = okta.Entitlement(\"example\", name=\"example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var example = new Okta.Entitlement(\"example\", new()\n    {\n        Name = \"example\",\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := okta.NewEntitlement(ctx, \"example\", \u0026okta.EntitlementArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.Entitlement;\nimport com.pulumi.okta.EntitlementArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        var example = new Entitlement(\"example\", EntitlementArgs.builder()\n            .name(\"example\")\n            .build());\n\n    }\n}\n```\n```yaml\nresources:\n  example:\n    type: okta:Entitlement\n    properties:\n      name: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\n```sh\n$ pulumi import okta:index/entitlement:Entitlement example \u003centitlement_id\u003e\n```\n\n","properties":{"dataType":{"type":"string","description":"The data type of the entitlement property. If the entitlement property is multivalued, the data type is replaced with an array. Enum: \"array\", \"string\".\n"},"description":{"type":"string","description":"The description of an entitlement property.\n"},"externalValue":{"type":"string","description":"The value of an entitlement property.\n"},"multiValue":{"type":"boolean","description":"The property that determines if the entitlement property can hold multiple values.\n"},"name":{"type":"string","description":"The display name for an entitlement property.\n"},"parent":{"$ref":"#/types/okta:index/EntitlementParent:EntitlementParent","description":"Representation of a resource\n"},"parentResourceOrn":{"type":"string","description":"The Okta app instance, in ORN format."},"value":{"type":"string","description":"The value of the entitlement property."},"values":{"type":"array","items":{"$ref":"#/types/okta:index/EntitlementValue:EntitlementValue"}}},"required":["dataType","externalValue","multiValue","name","parentResourceOrn"],"inputProperties":{"dataType":{"type":"string","description":"The data type of the entitlement property. If the entitlement property is multivalued, the data type is replaced with an array. Enum: \"array\", \"string\".\n"},"description":{"type":"string","description":"The description of an entitlement property.\n"},"externalValue":{"type":"string","description":"The value of an entitlement property.\n"},"multiValue":{"type":"boolean","description":"The property that determines if the entitlement property can hold multiple values.\n"},"name":{"type":"string","description":"The display name for an entitlement property.\n"},"parent":{"$ref":"#/types/okta:index/EntitlementParent:EntitlementParent","description":"Representation of a resource\n"},"parentResourceOrn":{"type":"string","description":"The Okta app instance, in ORN format."},"value":{"type":"string","description":"The value of the entitlement property."},"values":{"type":"array","items":{"$ref":"#/types/okta:index/EntitlementValue:EntitlementValue"}}},"requiredInputs":["dataType","externalValue","multiValue"],"stateInputs":{"description":"Input properties used for looking up and filtering Entitlement resources.\n","properties":{"dataType":{"type":"string","description":"The data type of the entitlement property. If the entitlement property is multivalued, the data type is replaced with an array. Enum: \"array\", \"string\".\n"},"description":{"type":"string","description":"The description of an entitlement property.\n"},"externalValue":{"type":"string","description":"The value of an entitlement property.\n"},"multiValue":{"type":"boolean","description":"The property that determines if the entitlement property can hold multiple values.\n"},"name":{"type":"string","description":"The display name for an entitlement property.\n"},"parent":{"$ref":"#/types/okta:index/EntitlementParent:EntitlementParent","description":"Representation of a resource\n"},"parentResourceOrn":{"type":"string","description":"The Okta app instance, in ORN format."},"value":{"type":"string","description":"The value of the entitlement property."},"values":{"type":"array","items":{"$ref":"#/types/okta:index/EntitlementValue:EntitlementValue"}}},"type":"object"}},"okta:index/entitlementBundle:EntitlementBundle":{"description":"Manages Entitlement Bundles. This resource allows you to create and configure an Okta [Entitlement Bundle](https://developer.okta.com/docs/api/iga/openapi/governance.api/tag/Entitlement-Bundles/#tag/Entitlement-Bundles).\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst example = new okta.EntitlementBundle(\"example\", {name: \"example\"});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\nexample = okta.EntitlementBundle(\"example\", name=\"example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var example = new Okta.EntitlementBundle(\"example\", new()\n    {\n        Name = \"example\",\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := okta.NewEntitlementBundle(ctx, \"example\", \u0026okta.EntitlementBundleArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.EntitlementBundle;\nimport com.pulumi.okta.EntitlementBundleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        var example = new EntitlementBundle(\"example\", EntitlementBundleArgs.builder()\n            .name(\"example\")\n            .build());\n\n    }\n}\n```\n```yaml\nresources:\n  example:\n    type: okta:EntitlementBundle\n    properties:\n      name: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\n```sh\n$ pulumi import okta:index/entitlementBundle:EntitlementBundle example \u003centitlement_bundle_id\u003e\n```\n\n","properties":{"description":{"type":"string","description":"The description of an entitlement property.\n"},"entitlements":{"type":"array","items":{"$ref":"#/types/okta:index/EntitlementBundleEntitlement:EntitlementBundleEntitlement"},"description":"List of entitlements in the bundle\n"},"name":{"type":"string","description":"The display name for an entitlement bundle.\n"},"status":{"type":"string","description":"The status of the entitlement bundle.\n"},"target":{"$ref":"#/types/okta:index/EntitlementBundleTarget:EntitlementBundleTarget","description":"Representation of a resource\n"},"targetResourceOrn":{"type":"string","description":"The ORN of the target resource. Required when updating the entitlement bundle.\n"}},"required":["name","status","targetResourceOrn"],"inputProperties":{"description":{"type":"string","description":"The description of an entitlement property.\n"},"entitlements":{"type":"array","items":{"$ref":"#/types/okta:index/EntitlementBundleEntitlement:EntitlementBundleEntitlement"},"description":"List of entitlements in the bundle\n"},"name":{"type":"string","description":"The display name for an entitlement bundle.\n"},"status":{"type":"string","description":"The status of the entitlement bundle.\n"},"target":{"$ref":"#/types/okta:index/EntitlementBundleTarget:EntitlementBundleTarget","description":"Representation of a resource\n"},"targetResourceOrn":{"type":"string","description":"The ORN of the target resource. Required when updating the entitlement bundle.\n"}},"stateInputs":{"description":"Input properties used for looking up and filtering EntitlementBundle resources.\n","properties":{"description":{"type":"string","description":"The description of an entitlement property.\n"},"entitlements":{"type":"array","items":{"$ref":"#/types/okta:index/EntitlementBundleEntitlement:EntitlementBundleEntitlement"},"description":"List of entitlements in the bundle\n"},"name":{"type":"string","description":"The display name for an entitlement bundle.\n"},"status":{"type":"string","description":"The status of the entitlement bundle.\n"},"target":{"$ref":"#/types/okta:index/EntitlementBundleTarget:EntitlementBundleTarget","description":"Representation of a resource\n"},"targetResourceOrn":{"type":"string","description":"The ORN of the target resource. Required when updating the entitlement bundle.\n"}},"type":"object"}},"okta:index/eventHook:EventHook":{"description":"Creates an event hook. This resource allows you to create and configure an event hook.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst example = new okta.EventHook(\"example\", {\n    name: \"example\",\n    events: [\n        \"user.lifecycle.create\",\n        \"user.lifecycle.delete.initiated\",\n    ],\n    channel: {\n        type: \"HTTP\",\n        version: \"1.0.0\",\n        uri: \"https://example.com/test\",\n    },\n    auth: {\n        type: \"HEADER\",\n        key: \"Authorization\",\n        value: \"123\",\n    },\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\nexample = okta.EventHook(\"example\",\n    name=\"example\",\n    events=[\n        \"user.lifecycle.create\",\n        \"user.lifecycle.delete.initiated\",\n    ],\n    channel={\n        \"type\": \"HTTP\",\n        \"version\": \"1.0.0\",\n        \"uri\": \"https://example.com/test\",\n    },\n    auth={\n        \"type\": \"HEADER\",\n        \"key\": \"Authorization\",\n        \"value\": \"123\",\n    })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var example = new Okta.EventHook(\"example\", new()\n    {\n        Name = \"example\",\n        Events = new[]\n        {\n            \"user.lifecycle.create\",\n            \"user.lifecycle.delete.initiated\",\n        },\n        Channel = \n        {\n            { \"type\", \"HTTP\" },\n            { \"version\", \"1.0.0\" },\n            { \"uri\", \"https://example.com/test\" },\n        },\n        Auth = \n        {\n            { \"type\", \"HEADER\" },\n            { \"key\", \"Authorization\" },\n            { \"value\", \"123\" },\n        },\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := okta.NewEventHook(ctx, \"example\", \u0026okta.EventHookArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tEvents: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"user.lifecycle.create\"),\n\t\t\t\tpulumi.String(\"user.lifecycle.delete.initiated\"),\n\t\t\t},\n\t\t\tChannel: pulumi.StringMap{\n\t\t\t\t\"type\":    pulumi.String(\"HTTP\"),\n\t\t\t\t\"version\": pulumi.String(\"1.0.0\"),\n\t\t\t\t\"uri\":     pulumi.String(\"https://example.com/test\"),\n\t\t\t},\n\t\t\tAuth: pulumi.StringMap{\n\t\t\t\t\"type\":  pulumi.String(\"HEADER\"),\n\t\t\t\t\"key\":   pulumi.String(\"Authorization\"),\n\t\t\t\t\"value\": pulumi.String(\"123\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.EventHook;\nimport com.pulumi.okta.EventHookArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        var example = new EventHook(\"example\", EventHookArgs.builder()\n            .name(\"example\")\n            .events(            \n                \"user.lifecycle.create\",\n                \"user.lifecycle.delete.initiated\")\n            .channel(Map.ofEntries(\n                Map.entry(\"type\", \"HTTP\"),\n                Map.entry(\"version\", \"1.0.0\"),\n                Map.entry(\"uri\", \"https://example.com/test\")\n            ))\n            .auth(Map.ofEntries(\n                Map.entry(\"type\", \"HEADER\"),\n                Map.entry(\"key\", \"Authorization\"),\n                Map.entry(\"value\", \"123\")\n            ))\n            .build());\n\n    }\n}\n```\n```yaml\nresources:\n  example:\n    type: okta:EventHook\n    properties:\n      name: example\n      events:\n        - user.lifecycle.create\n        - user.lifecycle.delete.initiated\n      channel:\n        type: HTTP\n        version: 1.0.0\n        uri: https://example.com/test\n      auth:\n        type: HEADER\n        key: Authorization\n        value: '123'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\n```sh\n$ pulumi import okta:index/eventHook:EventHook example \u003chook_id\u003e\n```\n\n","properties":{"auth":{"type":"object","additionalProperties":{"type":"string"},"description":"Details of the endpoint the event hook will hit.   \n\t- 'version' - (Required) The version of the channel. The currently-supported version is '1.0.0'.\n\t- 'uri' - (Required) The URI the hook will hit.\n\t- 'type' - (Optional) The type of hook to trigger. Currently, the only supported type is 'HTTP'."},"channel":{"type":"object","additionalProperties":{"type":"string"},"description":"Details of the endpoint the event hook will hit."},"events":{"type":"array","items":{"type":"string"},"description":"The events that will be delivered to this hook. [See here for a list of supported events](https://developer.okta.com/docs/reference/api/event-types/?q=event-hook-eligible)."},"headers":{"type":"array","items":{"$ref":"#/types/okta:index/EventHookHeader:EventHookHeader"},"description":"Map of headers to send along in event hook request."},"name":{"type":"string","description":"The event hook display name."},"status":{"type":"string","description":"Default to `ACTIVE`"}},"required":["channel","events","name"],"inputProperties":{"auth":{"type":"object","additionalProperties":{"type":"string"},"description":"Details of the endpoint the event hook will hit.   \n\t- 'version' - (Required) The version of the channel. The currently-supported version is '1.0.0'.\n\t- 'uri' - (Required) The URI the hook will hit.\n\t- 'type' - (Optional) The type of hook to trigger. Currently, the only supported type is 'HTTP'."},"channel":{"type":"object","additionalProperties":{"type":"string"},"description":"Details of the endpoint the event hook will hit."},"events":{"type":"array","items":{"type":"string"},"description":"The events that will be delivered to this hook. [See here for a list of supported events](https://developer.okta.com/docs/reference/api/event-types/?q=event-hook-eligible)."},"headers":{"type":"array","items":{"$ref":"#/types/okta:index/EventHookHeader:EventHookHeader"},"description":"Map of headers to send along in event hook request."},"name":{"type":"string","description":"The event hook display name."},"status":{"type":"string","description":"Default to `ACTIVE`"}},"requiredInputs":["channel","events"],"stateInputs":{"description":"Input properties used for looking up and filtering EventHook resources.\n","properties":{"auth":{"type":"object","additionalProperties":{"type":"string"},"description":"Details of the endpoint the event hook will hit.   \n\t- 'version' - (Required) The version of the channel. The currently-supported version is '1.0.0'.\n\t- 'uri' - (Required) The URI the hook will hit.\n\t- 'type' - (Optional) The type of hook to trigger. Currently, the only supported type is 'HTTP'."},"channel":{"type":"object","additionalProperties":{"type":"string"},"description":"Details of the endpoint the event hook will hit."},"events":{"type":"array","items":{"type":"string"},"description":"The events that will be delivered to this hook. [See here for a list of supported events](https://developer.okta.com/docs/reference/api/event-types/?q=event-hook-eligible)."},"headers":{"type":"array","items":{"$ref":"#/types/okta:index/EventHookHeader:EventHookHeader"},"description":"Map of headers to send along in event hook request."},"name":{"type":"string","description":"The event hook display name."},"status":{"type":"string","description":"Default to `ACTIVE`"}},"type":"object"}},"okta:index/eventHookVerification:EventHookVerification":{"description":"Verifies the Event Hook. The resource won't be created unless the URI provided in the event hook returns a valid JSON object with verification. See [Event Hooks](https://developer.okta.com/docs/concepts/event-hooks/#one-time-verification-request) documentation for details.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst example = new okta.EventHook(\"example\", {\n    name: \"example\",\n    events: [\n        \"user.lifecycle.create\",\n        \"user.lifecycle.delete.initiated\",\n    ],\n    channel: {\n        type: \"HTTP\",\n        version: \"1.0.0\",\n        uri: \"https://example.com/test\",\n    },\n    auth: {\n        type: \"HEADER\",\n        key: \"Authorization\",\n        value: \"123\",\n    },\n});\nconst exampleEventHookVerification = new okta.EventHookVerification(\"example\", {eventHookId: example.id});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\nexample = okta.EventHook(\"example\",\n    name=\"example\",\n    events=[\n        \"user.lifecycle.create\",\n        \"user.lifecycle.delete.initiated\",\n    ],\n    channel={\n        \"type\": \"HTTP\",\n        \"version\": \"1.0.0\",\n        \"uri\": \"https://example.com/test\",\n    },\n    auth={\n        \"type\": \"HEADER\",\n        \"key\": \"Authorization\",\n        \"value\": \"123\",\n    })\nexample_event_hook_verification = okta.EventHookVerification(\"example\", event_hook_id=example.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var example = new Okta.EventHook(\"example\", new()\n    {\n        Name = \"example\",\n        Events = new[]\n        {\n            \"user.lifecycle.create\",\n            \"user.lifecycle.delete.initiated\",\n        },\n        Channel = \n        {\n            { \"type\", \"HTTP\" },\n            { \"version\", \"1.0.0\" },\n            { \"uri\", \"https://example.com/test\" },\n        },\n        Auth = \n        {\n            { \"type\", \"HEADER\" },\n            { \"key\", \"Authorization\" },\n            { \"value\", \"123\" },\n        },\n    });\n\n    var exampleEventHookVerification = new Okta.EventHookVerification(\"example\", new()\n    {\n        EventHookId = example.Id,\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := okta.NewEventHook(ctx, \"example\", \u0026okta.EventHookArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tEvents: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"user.lifecycle.create\"),\n\t\t\t\tpulumi.String(\"user.lifecycle.delete.initiated\"),\n\t\t\t},\n\t\t\tChannel: pulumi.StringMap{\n\t\t\t\t\"type\":    pulumi.String(\"HTTP\"),\n\t\t\t\t\"version\": pulumi.String(\"1.0.0\"),\n\t\t\t\t\"uri\":     pulumi.String(\"https://example.com/test\"),\n\t\t\t},\n\t\t\tAuth: pulumi.StringMap{\n\t\t\t\t\"type\":  pulumi.String(\"HEADER\"),\n\t\t\t\t\"key\":   pulumi.String(\"Authorization\"),\n\t\t\t\t\"value\": pulumi.String(\"123\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = okta.NewEventHookVerification(ctx, \"example\", \u0026okta.EventHookVerificationArgs{\n\t\t\tEventHookId: example.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.EventHook;\nimport com.pulumi.okta.EventHookArgs;\nimport com.pulumi.okta.EventHookVerification;\nimport com.pulumi.okta.EventHookVerificationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        var example = new EventHook(\"example\", EventHookArgs.builder()\n            .name(\"example\")\n            .events(            \n                \"user.lifecycle.create\",\n                \"user.lifecycle.delete.initiated\")\n            .channel(Map.ofEntries(\n                Map.entry(\"type\", \"HTTP\"),\n                Map.entry(\"version\", \"1.0.0\"),\n                Map.entry(\"uri\", \"https://example.com/test\")\n            ))\n            .auth(Map.ofEntries(\n                Map.entry(\"type\", \"HEADER\"),\n                Map.entry(\"key\", \"Authorization\"),\n                Map.entry(\"value\", \"123\")\n            ))\n            .build());\n\n        var exampleEventHookVerification = new EventHookVerification(\"exampleEventHookVerification\", EventHookVerificationArgs.builder()\n            .eventHookId(example.id())\n            .build());\n\n    }\n}\n```\n```yaml\nresources:\n  example:\n    type: okta:EventHook\n    properties:\n      name: example\n      events:\n        - user.lifecycle.create\n        - user.lifecycle.delete.initiated\n      channel:\n        type: HTTP\n        version: 1.0.0\n        uri: https://example.com/test\n      auth:\n        type: HEADER\n        key: Authorization\n        value: '123'\n  exampleEventHookVerification:\n    type: okta:EventHookVerification\n    name: example\n    properties:\n      eventHookId: ${example.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n","properties":{"eventHookId":{"type":"string","description":"Event hook ID\n"}},"required":["eventHookId"],"inputProperties":{"eventHookId":{"type":"string","description":"Event hook ID\n","willReplaceOnChanges":true}},"requiredInputs":["eventHookId"],"stateInputs":{"description":"Input properties used for looking up and filtering EventHookVerification resources.\n","properties":{"eventHookId":{"type":"string","description":"Event hook ID\n","willReplaceOnChanges":true}},"type":"object"}},"okta:index/factorTotp:FactorTotp":{"description":"Allows you to manage the time-based one-time password (TOTP) factors. A time-based one-time password (TOTP) is a\n\t\ttemporary passcode that is generated for user authentication. Examples of TOTP include hardware authenticators and\n\t\tmobile app authenticators.\n\t\t\nOnce saved, the settings cannot be changed (except for the 'name' field). Any other change would force resource\nrecreation.\n\n\u003e IMPORTANT: Okta API does not allow deletion of the TOTP factors through the\nAPI. This provider will print a warning if it attempts to destroy the resource\nreceives a 501 not implemented error from the API instead of outright failing.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst example = new okta.FactorTotp(\"example\", {\n    name: \"example\",\n    otpLength: 10,\n    hmacAlgorithm: \"HMacSHA256\",\n    timeStep: 30,\n    clockDriftInterval: 10,\n    sharedSecretEncoding: \"hexadecimal\",\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\nexample = okta.FactorTotp(\"example\",\n    name=\"example\",\n    otp_length=10,\n    hmac_algorithm=\"HMacSHA256\",\n    time_step=30,\n    clock_drift_interval=10,\n    shared_secret_encoding=\"hexadecimal\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var example = new Okta.FactorTotp(\"example\", new()\n    {\n        Name = \"example\",\n        OtpLength = 10,\n        HmacAlgorithm = \"HMacSHA256\",\n        TimeStep = 30,\n        ClockDriftInterval = 10,\n        SharedSecretEncoding = \"hexadecimal\",\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := okta.NewFactorTotp(ctx, \"example\", \u0026okta.FactorTotpArgs{\n\t\t\tName:                 pulumi.String(\"example\"),\n\t\t\tOtpLength:            pulumi.Int(10),\n\t\t\tHmacAlgorithm:        pulumi.String(\"HMacSHA256\"),\n\t\t\tTimeStep:             pulumi.Int(30),\n\t\t\tClockDriftInterval:   pulumi.Int(10),\n\t\t\tSharedSecretEncoding: pulumi.String(\"hexadecimal\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.FactorTotp;\nimport com.pulumi.okta.FactorTotpArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        var example = new FactorTotp(\"example\", FactorTotpArgs.builder()\n            .name(\"example\")\n            .otpLength(10)\n            .hmacAlgorithm(\"HMacSHA256\")\n            .timeStep(30)\n            .clockDriftInterval(10)\n            .sharedSecretEncoding(\"hexadecimal\")\n            .build());\n\n    }\n}\n```\n```yaml\nresources:\n  example:\n    type: okta:FactorTotp\n    properties:\n      name: example\n      otpLength: 10\n      hmacAlgorithm: HMacSHA256\n      timeStep: 30\n      clockDriftInterval: 10\n      sharedSecretEncoding: hexadecimal\n```\n\u003c!--End PulumiCodeChooser --\u003e\n","properties":{"clockDriftInterval":{"type":"integer","description":"Clock drift interval. This setting allows you to build in tolerance for any drift between the token's current time and the server's current time. Valid values: \u003cspan pulumi-lang-nodejs=\"`3`\" pulumi-lang-dotnet=\"`3`\" pulumi-lang-go=\"`3`\" pulumi-lang-python=\"`3`\" pulumi-lang-yaml=\"`3`\" pulumi-lang-java=\"`3`\"\u003e`3`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`5`\" pulumi-lang-dotnet=\"`5`\" pulumi-lang-go=\"`5`\" pulumi-lang-python=\"`5`\" pulumi-lang-yaml=\"`5`\" pulumi-lang-java=\"`5`\"\u003e`5`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`10`\" pulumi-lang-dotnet=\"`10`\" pulumi-lang-go=\"`10`\" pulumi-lang-python=\"`10`\" pulumi-lang-yaml=\"`10`\" pulumi-lang-java=\"`10`\"\u003e`10`\u003c/span\u003e. Default is \u003cspan pulumi-lang-nodejs=\"`3`\" pulumi-lang-dotnet=\"`3`\" pulumi-lang-go=\"`3`\" pulumi-lang-python=\"`3`\" pulumi-lang-yaml=\"`3`\" pulumi-lang-java=\"`3`\"\u003e`3`\u003c/span\u003e.\n"},"hmacAlgorithm":{"type":"string","description":"HMAC Algorithm. Valid values: `HMacSHA1`, `HMacSHA256`, `HMacSHA512`. Default is `HMacSHA512`.\n"},"name":{"type":"string","description":"The TOTP name.\n"},"otpLength":{"type":"integer","description":"Length of the password. Default is \u003cspan pulumi-lang-nodejs=\"`6`\" pulumi-lang-dotnet=\"`6`\" pulumi-lang-go=\"`6`\" pulumi-lang-python=\"`6`\" pulumi-lang-yaml=\"`6`\" pulumi-lang-java=\"`6`\"\u003e`6`\u003c/span\u003e.\n"},"sharedSecretEncoding":{"type":"string","description":"Shared secret encoding. Valid values: \u003cspan pulumi-lang-nodejs=\"`base32`\" pulumi-lang-dotnet=\"`Base32`\" pulumi-lang-go=\"`base32`\" pulumi-lang-python=\"`base32`\" pulumi-lang-yaml=\"`base32`\" pulumi-lang-java=\"`base32`\"\u003e`base32`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`base64`\" pulumi-lang-dotnet=\"`Base64`\" pulumi-lang-go=\"`base64`\" pulumi-lang-python=\"`base64`\" pulumi-lang-yaml=\"`base64`\" pulumi-lang-java=\"`base64`\"\u003e`base64`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`hexadecimal`\" pulumi-lang-dotnet=\"`Hexadecimal`\" pulumi-lang-go=\"`hexadecimal`\" pulumi-lang-python=\"`hexadecimal`\" pulumi-lang-yaml=\"`hexadecimal`\" pulumi-lang-java=\"`hexadecimal`\"\u003e`hexadecimal`\u003c/span\u003e. Default is \u003cspan pulumi-lang-nodejs=\"`base32`\" pulumi-lang-dotnet=\"`Base32`\" pulumi-lang-go=\"`base32`\" pulumi-lang-python=\"`base32`\" pulumi-lang-yaml=\"`base32`\" pulumi-lang-java=\"`base32`\"\u003e`base32`\u003c/span\u003e.\n"},"timeStep":{"type":"integer","description":"Time step in seconds. Valid values: \u003cspan pulumi-lang-nodejs=\"`15`\" pulumi-lang-dotnet=\"`15`\" pulumi-lang-go=\"`15`\" pulumi-lang-python=\"`15`\" pulumi-lang-yaml=\"`15`\" pulumi-lang-java=\"`15`\"\u003e`15`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`30`\" pulumi-lang-dotnet=\"`30`\" pulumi-lang-go=\"`30`\" pulumi-lang-python=\"`30`\" pulumi-lang-yaml=\"`30`\" pulumi-lang-java=\"`30`\"\u003e`30`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`60`\" pulumi-lang-dotnet=\"`60`\" pulumi-lang-go=\"`60`\" pulumi-lang-python=\"`60`\" pulumi-lang-yaml=\"`60`\" pulumi-lang-java=\"`60`\"\u003e`60`\u003c/span\u003e. Default is \u003cspan pulumi-lang-nodejs=\"`15`\" pulumi-lang-dotnet=\"`15`\" pulumi-lang-go=\"`15`\" pulumi-lang-python=\"`15`\" pulumi-lang-yaml=\"`15`\" pulumi-lang-java=\"`15`\"\u003e`15`\u003c/span\u003e.\n"}},"required":["name"],"inputProperties":{"clockDriftInterval":{"type":"integer","description":"Clock drift interval. This setting allows you to build in tolerance for any drift between the token's current time and the server's current time. Valid values: \u003cspan pulumi-lang-nodejs=\"`3`\" pulumi-lang-dotnet=\"`3`\" pulumi-lang-go=\"`3`\" pulumi-lang-python=\"`3`\" pulumi-lang-yaml=\"`3`\" pulumi-lang-java=\"`3`\"\u003e`3`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`5`\" pulumi-lang-dotnet=\"`5`\" pulumi-lang-go=\"`5`\" pulumi-lang-python=\"`5`\" pulumi-lang-yaml=\"`5`\" pulumi-lang-java=\"`5`\"\u003e`5`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`10`\" pulumi-lang-dotnet=\"`10`\" pulumi-lang-go=\"`10`\" pulumi-lang-python=\"`10`\" pulumi-lang-yaml=\"`10`\" pulumi-lang-java=\"`10`\"\u003e`10`\u003c/span\u003e. Default is \u003cspan pulumi-lang-nodejs=\"`3`\" pulumi-lang-dotnet=\"`3`\" pulumi-lang-go=\"`3`\" pulumi-lang-python=\"`3`\" pulumi-lang-yaml=\"`3`\" pulumi-lang-java=\"`3`\"\u003e`3`\u003c/span\u003e.\n","willReplaceOnChanges":true},"hmacAlgorithm":{"type":"string","description":"HMAC Algorithm. Valid values: `HMacSHA1`, `HMacSHA256`, `HMacSHA512`. Default is `HMacSHA512`.\n","willReplaceOnChanges":true},"name":{"type":"string","description":"The TOTP name.\n"},"otpLength":{"type":"integer","description":"Length of the password. Default is \u003cspan pulumi-lang-nodejs=\"`6`\" pulumi-lang-dotnet=\"`6`\" pulumi-lang-go=\"`6`\" pulumi-lang-python=\"`6`\" pulumi-lang-yaml=\"`6`\" pulumi-lang-java=\"`6`\"\u003e`6`\u003c/span\u003e.\n","willReplaceOnChanges":true},"sharedSecretEncoding":{"type":"string","description":"Shared secret encoding. Valid values: \u003cspan pulumi-lang-nodejs=\"`base32`\" pulumi-lang-dotnet=\"`Base32`\" pulumi-lang-go=\"`base32`\" pulumi-lang-python=\"`base32`\" pulumi-lang-yaml=\"`base32`\" pulumi-lang-java=\"`base32`\"\u003e`base32`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`base64`\" pulumi-lang-dotnet=\"`Base64`\" pulumi-lang-go=\"`base64`\" pulumi-lang-python=\"`base64`\" pulumi-lang-yaml=\"`base64`\" pulumi-lang-java=\"`base64`\"\u003e`base64`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`hexadecimal`\" pulumi-lang-dotnet=\"`Hexadecimal`\" pulumi-lang-go=\"`hexadecimal`\" pulumi-lang-python=\"`hexadecimal`\" pulumi-lang-yaml=\"`hexadecimal`\" pulumi-lang-java=\"`hexadecimal`\"\u003e`hexadecimal`\u003c/span\u003e. Default is \u003cspan pulumi-lang-nodejs=\"`base32`\" pulumi-lang-dotnet=\"`Base32`\" pulumi-lang-go=\"`base32`\" pulumi-lang-python=\"`base32`\" pulumi-lang-yaml=\"`base32`\" pulumi-lang-java=\"`base32`\"\u003e`base32`\u003c/span\u003e.\n","willReplaceOnChanges":true},"timeStep":{"type":"integer","description":"Time step in seconds. Valid values: \u003cspan pulumi-lang-nodejs=\"`15`\" pulumi-lang-dotnet=\"`15`\" pulumi-lang-go=\"`15`\" pulumi-lang-python=\"`15`\" pulumi-lang-yaml=\"`15`\" pulumi-lang-java=\"`15`\"\u003e`15`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`30`\" pulumi-lang-dotnet=\"`30`\" pulumi-lang-go=\"`30`\" pulumi-lang-python=\"`30`\" pulumi-lang-yaml=\"`30`\" pulumi-lang-java=\"`30`\"\u003e`30`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`60`\" pulumi-lang-dotnet=\"`60`\" pulumi-lang-go=\"`60`\" pulumi-lang-python=\"`60`\" pulumi-lang-yaml=\"`60`\" pulumi-lang-java=\"`60`\"\u003e`60`\u003c/span\u003e. Default is \u003cspan pulumi-lang-nodejs=\"`15`\" pulumi-lang-dotnet=\"`15`\" pulumi-lang-go=\"`15`\" pulumi-lang-python=\"`15`\" pulumi-lang-yaml=\"`15`\" pulumi-lang-java=\"`15`\"\u003e`15`\u003c/span\u003e.\n","willReplaceOnChanges":true}},"stateInputs":{"description":"Input properties used for looking up and filtering FactorTotp resources.\n","properties":{"clockDriftInterval":{"type":"integer","description":"Clock drift interval. This setting allows you to build in tolerance for any drift between the token's current time and the server's current time. Valid values: \u003cspan pulumi-lang-nodejs=\"`3`\" pulumi-lang-dotnet=\"`3`\" pulumi-lang-go=\"`3`\" pulumi-lang-python=\"`3`\" pulumi-lang-yaml=\"`3`\" pulumi-lang-java=\"`3`\"\u003e`3`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`5`\" pulumi-lang-dotnet=\"`5`\" pulumi-lang-go=\"`5`\" pulumi-lang-python=\"`5`\" pulumi-lang-yaml=\"`5`\" pulumi-lang-java=\"`5`\"\u003e`5`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`10`\" pulumi-lang-dotnet=\"`10`\" pulumi-lang-go=\"`10`\" pulumi-lang-python=\"`10`\" pulumi-lang-yaml=\"`10`\" pulumi-lang-java=\"`10`\"\u003e`10`\u003c/span\u003e. Default is \u003cspan pulumi-lang-nodejs=\"`3`\" pulumi-lang-dotnet=\"`3`\" pulumi-lang-go=\"`3`\" pulumi-lang-python=\"`3`\" pulumi-lang-yaml=\"`3`\" pulumi-lang-java=\"`3`\"\u003e`3`\u003c/span\u003e.\n","willReplaceOnChanges":true},"hmacAlgorithm":{"type":"string","description":"HMAC Algorithm. Valid values: `HMacSHA1`, `HMacSHA256`, `HMacSHA512`. Default is `HMacSHA512`.\n","willReplaceOnChanges":true},"name":{"type":"string","description":"The TOTP name.\n"},"otpLength":{"type":"integer","description":"Length of the password. Default is \u003cspan pulumi-lang-nodejs=\"`6`\" pulumi-lang-dotnet=\"`6`\" pulumi-lang-go=\"`6`\" pulumi-lang-python=\"`6`\" pulumi-lang-yaml=\"`6`\" pulumi-lang-java=\"`6`\"\u003e`6`\u003c/span\u003e.\n","willReplaceOnChanges":true},"sharedSecretEncoding":{"type":"string","description":"Shared secret encoding. Valid values: \u003cspan pulumi-lang-nodejs=\"`base32`\" pulumi-lang-dotnet=\"`Base32`\" pulumi-lang-go=\"`base32`\" pulumi-lang-python=\"`base32`\" pulumi-lang-yaml=\"`base32`\" pulumi-lang-java=\"`base32`\"\u003e`base32`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`base64`\" pulumi-lang-dotnet=\"`Base64`\" pulumi-lang-go=\"`base64`\" pulumi-lang-python=\"`base64`\" pulumi-lang-yaml=\"`base64`\" pulumi-lang-java=\"`base64`\"\u003e`base64`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`hexadecimal`\" pulumi-lang-dotnet=\"`Hexadecimal`\" pulumi-lang-go=\"`hexadecimal`\" pulumi-lang-python=\"`hexadecimal`\" pulumi-lang-yaml=\"`hexadecimal`\" pulumi-lang-java=\"`hexadecimal`\"\u003e`hexadecimal`\u003c/span\u003e. Default is \u003cspan pulumi-lang-nodejs=\"`base32`\" pulumi-lang-dotnet=\"`Base32`\" pulumi-lang-go=\"`base32`\" pulumi-lang-python=\"`base32`\" pulumi-lang-yaml=\"`base32`\" pulumi-lang-java=\"`base32`\"\u003e`base32`\u003c/span\u003e.\n","willReplaceOnChanges":true},"timeStep":{"type":"integer","description":"Time step in seconds. Valid values: \u003cspan pulumi-lang-nodejs=\"`15`\" pulumi-lang-dotnet=\"`15`\" pulumi-lang-go=\"`15`\" pulumi-lang-python=\"`15`\" pulumi-lang-yaml=\"`15`\" pulumi-lang-java=\"`15`\"\u003e`15`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`30`\" pulumi-lang-dotnet=\"`30`\" pulumi-lang-go=\"`30`\" pulumi-lang-python=\"`30`\" pulumi-lang-yaml=\"`30`\" pulumi-lang-java=\"`30`\"\u003e`30`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`60`\" pulumi-lang-dotnet=\"`60`\" pulumi-lang-go=\"`60`\" pulumi-lang-python=\"`60`\" pulumi-lang-yaml=\"`60`\" pulumi-lang-java=\"`60`\"\u003e`60`\u003c/span\u003e. Default is \u003cspan pulumi-lang-nodejs=\"`15`\" pulumi-lang-dotnet=\"`15`\" pulumi-lang-go=\"`15`\" pulumi-lang-python=\"`15`\" pulumi-lang-yaml=\"`15`\" pulumi-lang-java=\"`15`\"\u003e`15`\u003c/span\u003e.\n","willReplaceOnChanges":true}},"type":"object"}},"okta:index/feature:Feature":{"description":"Manages brand. This resource allows you to toggle an Okta Feature.\n\t\t\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst example = okta.getFeatures({\n    label: \"Android Device Trust\",\n});\nconst test = new okta.Feature(\"test\", {featureId: example.then(example =\u003e example.features?.[0]?.id)});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\nexample = okta.get_features(label=\"Android Device Trust\")\ntest = okta.Feature(\"test\", feature_id=example.features[0].id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var example = Okta.GetFeatures.Invoke(new()\n    {\n        Label = \"Android Device Trust\",\n    });\n\n    var test = new Okta.Feature(\"test\", new()\n    {\n        FeatureId = example.Apply(getFeaturesResult =\u003e getFeaturesResult.Features[0]?.Id),\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := okta.GetFeatures(ctx, \u0026okta.GetFeaturesArgs{\n\t\t\tLabel: pulumi.StringRef(\"Android Device Trust\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = okta.NewFeature(ctx, \"test\", \u0026okta.FeatureArgs{\n\t\t\tFeatureId: pulumi.String(example.Features[0].Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.OktaFunctions;\nimport com.pulumi.okta.inputs.GetFeaturesArgs;\nimport com.pulumi.okta.Feature;\nimport com.pulumi.okta.FeatureArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        final var example = OktaFunctions.getFeatures(GetFeaturesArgs.builder()\n            .label(\"Android Device Trust\")\n            .build());\n\n        var test = new Feature(\"test\", FeatureArgs.builder()\n            .featureId(example.features()[0].id())\n            .build());\n\n    }\n}\n```\n```yaml\nresources:\n  test:\n    type: okta:Feature\n    properties:\n      featureId: ${example.features[0].id}\nvariables:\n  example:\n    fn::invoke:\n      function: okta:getFeatures\n      arguments:\n        label: Android Device Trust\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\n```sh\n$ pulumi import okta:index/feature:Feature example \u003cid\u003e\n```\n\n","properties":{"description":{"type":"string","description":"Name of the feature.\n"},"featureId":{"type":"string","description":"Okta API for feature only reads and updates therefore the okta*feature resource needs to act as a quasi data source. Do this by setting feature*id\n"},"lifeCycle":{"type":"string","description":"Whether to `ENABLE` or `DISABLE` the feature\n"},"mode":{"type":"boolean","description":"Indicates if you want to force enable or disable a feature. Value is \u003cspan pulumi-lang-nodejs=\"`true`\" pulumi-lang-dotnet=\"`True`\" pulumi-lang-go=\"`true`\" pulumi-lang-python=\"`true`\" pulumi-lang-yaml=\"`true`\" pulumi-lang-java=\"`true`\"\u003e`true`\u003c/span\u003e meaning force\n"},"name":{"type":"string","description":"Name of the feature.\n"},"stage":{"$ref":"#/types/okta:index/FeatureStage:FeatureStage","description":"Current release cycle stage of a feature.\n"},"status":{"type":"string","description":"The feature status.\n"},"type":{"type":"string","description":"Type of feature.\n"}},"required":["description","featureId","name","stage","status","type"],"inputProperties":{"featureId":{"type":"string","description":"Okta API for feature only reads and updates therefore the okta*feature resource needs to act as a quasi data source. Do this by setting feature*id\n"},"lifeCycle":{"type":"string","description":"Whether to `ENABLE` or `DISABLE` the feature\n"},"mode":{"type":"boolean","description":"Indicates if you want to force enable or disable a feature. Value is \u003cspan pulumi-lang-nodejs=\"`true`\" pulumi-lang-dotnet=\"`True`\" pulumi-lang-go=\"`true`\" pulumi-lang-python=\"`true`\" pulumi-lang-yaml=\"`true`\" pulumi-lang-java=\"`true`\"\u003e`true`\u003c/span\u003e meaning force\n"}},"requiredInputs":["featureId"],"stateInputs":{"description":"Input properties used for looking up and filtering Feature resources.\n","properties":{"description":{"type":"string","description":"Name of the feature.\n"},"featureId":{"type":"string","description":"Okta API for feature only reads and updates therefore the okta*feature resource needs to act as a quasi data source. Do this by setting feature*id\n"},"lifeCycle":{"type":"string","description":"Whether to `ENABLE` or `DISABLE` the feature\n"},"mode":{"type":"boolean","description":"Indicates if you want to force enable or disable a feature. Value is \u003cspan pulumi-lang-nodejs=\"`true`\" pulumi-lang-dotnet=\"`True`\" pulumi-lang-go=\"`true`\" pulumi-lang-python=\"`true`\" pulumi-lang-yaml=\"`true`\" pulumi-lang-java=\"`true`\"\u003e`true`\u003c/span\u003e meaning force\n"},"name":{"type":"string","description":"Name of the feature.\n"},"stage":{"$ref":"#/types/okta:index/FeatureStage:FeatureStage","description":"Current release cycle stage of a feature.\n"},"status":{"type":"string","description":"The feature status.\n"},"type":{"type":"string","description":"Type of feature.\n"}},"type":"object"}},"okta:index/groupMemberships:GroupMemberships":{"description":"Resource to manage a set of memberships for a specific group.\nThis resource will allow you to bulk manage group membership in Okta for a given\ngroup. This offers an interface to pass multiple users into a single resource\ncall, for better API resource usage. If you need a relationship of a single \nuser to many groups, please use the 'okta_user_group_memberships' resource.\n**Important**: The default behavior of the resource is to only maintain the\nstate of user ids that are assigned it. This behavior will signal drift only if\nthose users stop being part of the group. If the desired behavior is track all\nusers that are added/removed from the group make use of the 'track_all_users'\nargument with this resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst test = new okta.group.Group(\"test\", {\n    name: \"testAcc_replace_with_uuid\",\n    description: \"testing, testing\",\n});\nconst testGroupMemberships = new okta.GroupMemberships(\"test\", {\n    groupId: test.id,\n    users: [\n        test1.id,\n        test2.id,\n    ],\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\ntest = okta.group.Group(\"test\",\n    name=\"testAcc_replace_with_uuid\",\n    description=\"testing, testing\")\ntest_group_memberships = okta.GroupMemberships(\"test\",\n    group_id=test.id,\n    users=[\n        test1[\"id\"],\n        test2[\"id\"],\n    ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var test = new Okta.Group.Group(\"test\", new()\n    {\n        Name = \"testAcc_replace_with_uuid\",\n        Description = \"testing, testing\",\n    });\n\n    var testGroupMemberships = new Okta.GroupMemberships(\"test\", new()\n    {\n        GroupId = test.Id,\n        Users = new[]\n        {\n            test1.Id,\n            test2.Id,\n        },\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta\"\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta/group\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttest, err := group.NewGroup(ctx, \"test\", \u0026group.GroupArgs{\n\t\t\tName:        pulumi.String(\"testAcc_replace_with_uuid\"),\n\t\t\tDescription: pulumi.String(\"testing, testing\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = okta.NewGroupMemberships(ctx, \"test\", \u0026okta.GroupMembershipsArgs{\n\t\t\tGroupId: test.ID(),\n\t\t\tUsers: pulumi.StringArray{\n\t\t\t\ttest1.Id,\n\t\t\t\ttest2.Id,\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.group.Group;\nimport com.pulumi.okta.group.GroupArgs;\nimport com.pulumi.okta.GroupMemberships;\nimport com.pulumi.okta.GroupMembershipsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        var test = new Group(\"test\", GroupArgs.builder()\n            .name(\"testAcc_replace_with_uuid\")\n            .description(\"testing, testing\")\n            .build());\n\n        var testGroupMemberships = new GroupMemberships(\"testGroupMemberships\", GroupMembershipsArgs.builder()\n            .groupId(test.id())\n            .users(            \n                test1.id(),\n                test2.id())\n            .build());\n\n    }\n}\n```\n```yaml\nresources:\n  test:\n    type: okta:group:Group\n    properties:\n      name: testAcc_replace_with_uuid\n      description: testing, testing\n  testGroupMemberships:\n    type: okta:GroupMemberships\n    name: test\n    properties:\n      groupId: ${test.id}\n      users:\n        - ${test1.id}\n        - ${test2.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nan Okta Group's memberships can be imported via the Okta group ID.\n\n```sh\n$ pulumi import okta:index/groupMemberships:GroupMemberships test \u003cgroup_id\u003e\n```\n\noptional parameter track all users will also import all user id currently assigned to the group\n\n```sh\n$ pulumi import okta:index/groupMemberships:GroupMemberships test \u003cgroup_id\u003e/\u003ctrue\u003e\n```\n\n","properties":{"groupId":{"type":"string","description":"ID of a Okta group.\n"},"trackAllUsers":{"type":"boolean","description":"The resource concerns itself with all users added/deleted to the group; even those managed outside of the resource.\n"},"users":{"type":"array","items":{"type":"string"},"description":"The list of Okta user IDs which the group should have membership managed for.\n"}},"required":["groupId","users"],"inputProperties":{"groupId":{"type":"string","description":"ID of a Okta group.\n","willReplaceOnChanges":true},"trackAllUsers":{"type":"boolean","description":"The resource concerns itself with all users added/deleted to the group; even those managed outside of the resource.\n"},"users":{"type":"array","items":{"type":"string"},"description":"The list of Okta user IDs which the group should have membership managed for.\n"}},"requiredInputs":["groupId","users"],"stateInputs":{"description":"Input properties used for looking up and filtering GroupMemberships resources.\n","properties":{"groupId":{"type":"string","description":"ID of a Okta group.\n","willReplaceOnChanges":true},"trackAllUsers":{"type":"boolean","description":"The resource concerns itself with all users added/deleted to the group; even those managed outside of the resource.\n"},"users":{"type":"array","items":{"type":"string"},"description":"The list of Okta user IDs which the group should have membership managed for.\n"}},"type":"object"}},"okta:index/groupSchemaProperty:GroupSchemaProperty":{"description":"## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst example = new okta.GroupSchemaProperty(\"example\", {\n    index: \"customPropertyName\",\n    title: \"customPropertyName\",\n    type: \"string\",\n    description: \"My custom property name\",\n    master: \"OKTA\",\n    scope: \"SELF\",\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\nexample = okta.GroupSchemaProperty(\"example\",\n    index=\"customPropertyName\",\n    title=\"customPropertyName\",\n    type=\"string\",\n    description=\"My custom property name\",\n    master=\"OKTA\",\n    scope=\"SELF\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var example = new Okta.GroupSchemaProperty(\"example\", new()\n    {\n        Index = \"customPropertyName\",\n        Title = \"customPropertyName\",\n        Type = \"string\",\n        Description = \"My custom property name\",\n        Master = \"OKTA\",\n        Scope = \"SELF\",\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := okta.NewGroupSchemaProperty(ctx, \"example\", \u0026okta.GroupSchemaPropertyArgs{\n\t\t\tIndex:       pulumi.String(\"customPropertyName\"),\n\t\t\tTitle:       pulumi.String(\"customPropertyName\"),\n\t\t\tType:        pulumi.String(\"string\"),\n\t\t\tDescription: pulumi.String(\"My custom property name\"),\n\t\t\tMaster:      pulumi.String(\"OKTA\"),\n\t\t\tScope:       pulumi.String(\"SELF\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.GroupSchemaProperty;\nimport com.pulumi.okta.GroupSchemaPropertyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        var example = new GroupSchemaProperty(\"example\", GroupSchemaPropertyArgs.builder()\n            .index(\"customPropertyName\")\n            .title(\"customPropertyName\")\n            .type(\"string\")\n            .description(\"My custom property name\")\n            .master(\"OKTA\")\n            .scope(\"SELF\")\n            .build());\n\n    }\n}\n```\n```yaml\nresources:\n  example:\n    type: okta:GroupSchemaProperty\n    properties:\n      index: customPropertyName\n      title: customPropertyName\n      type: string\n      description: My custom property name\n      master: OKTA\n      scope: SELF\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\n```sh\n$ pulumi import okta:index/groupSchemaProperty:GroupSchemaProperty example \u003cindex\u003e\n```\n\n","properties":{"arrayEnums":{"type":"array","items":{"type":"string"},"description":"Array of values that an array property's items can be set to."},"arrayOneOfs":{"type":"array","items":{"$ref":"#/types/okta:index/GroupSchemaPropertyArrayOneOf:GroupSchemaPropertyArrayOneOf"},"description":"Display name and value an enum array can be set to.\n\t- 'const' - (Required) value mapping to member of 'enum'.\n\t- 'title' - (Required) display name for the enum value."},"arrayType":{"type":"string","description":"The type of the array elements if \u003cspan pulumi-lang-nodejs=\"`type`\" pulumi-lang-dotnet=\"`Type`\" pulumi-lang-go=\"`type`\" pulumi-lang-python=\"`type`\" pulumi-lang-yaml=\"`type`\" pulumi-lang-java=\"`type`\"\u003e`type`\u003c/span\u003e is set to \u003cspan pulumi-lang-nodejs=\"`array`\" pulumi-lang-dotnet=\"`Array`\" pulumi-lang-go=\"`array`\" pulumi-lang-python=\"`array`\" pulumi-lang-yaml=\"`array`\" pulumi-lang-java=\"`array`\"\u003e`array`\u003c/span\u003e"},"description":{"type":"string","description":"The description of the user schema property."},"enums":{"type":"array","items":{"type":"string"},"description":"Array of values a primitive property can be set to. See \u003cspan pulumi-lang-nodejs=\"`arrayEnum`\" pulumi-lang-dotnet=\"`ArrayEnum`\" pulumi-lang-go=\"`arrayEnum`\" pulumi-lang-python=\"`array_enum`\" pulumi-lang-yaml=\"`arrayEnum`\" pulumi-lang-java=\"`arrayEnum`\"\u003e`array_enum`\u003c/span\u003e for arrays."},"externalName":{"type":"string","description":"External name of the user schema property."},"externalNamespace":{"type":"string","description":"External namespace of the user schema property."},"index":{"type":"string","description":"Subschema unique string identifier"},"master":{"type":"string","description":"Master priority for the group schema property. It can be set to `PROFILE_MASTER`, `OVERRIDE` or `OKTA`. Default: `PROFILE_MASTER`"},"masterOverridePriorities":{"type":"array","items":{"$ref":"#/types/okta:index/GroupSchemaPropertyMasterOverridePriority:GroupSchemaPropertyMasterOverridePriority"},"description":"Prioritized list of profile sources (required when \u003cspan pulumi-lang-nodejs=\"`master`\" pulumi-lang-dotnet=\"`Master`\" pulumi-lang-go=\"`master`\" pulumi-lang-python=\"`master`\" pulumi-lang-yaml=\"`master`\" pulumi-lang-java=\"`master`\"\u003e`master`\u003c/span\u003e is `OVERRIDE`)."},"maxLength":{"type":"integer","description":"The maximum length of the user property value. Only applies to type \u003cspan pulumi-lang-nodejs=\"`string`\" pulumi-lang-dotnet=\"`String`\" pulumi-lang-go=\"`string`\" pulumi-lang-python=\"`string`\" pulumi-lang-yaml=\"`string`\" pulumi-lang-java=\"`string`\"\u003e`string`\u003c/span\u003e"},"minLength":{"type":"integer","description":"The minimum length of the user property value. Only applies to type \u003cspan pulumi-lang-nodejs=\"`string`\" pulumi-lang-dotnet=\"`String`\" pulumi-lang-go=\"`string`\" pulumi-lang-python=\"`string`\" pulumi-lang-yaml=\"`string`\" pulumi-lang-java=\"`string`\"\u003e`string`\u003c/span\u003e"},"oneOfs":{"type":"array","items":{"$ref":"#/types/okta:index/GroupSchemaPropertyOneOf:GroupSchemaPropertyOneOf"},"description":"Array of maps containing a mapping for display name to enum value.\n\t- 'const' - (Required) value mapping to member of 'enum'.\n\t- 'title' - (Required) display name for the enum value."},"permissions":{"type":"string","description":"Access control permissions for the property. It can be set to `READ_WRITE`, `READ_ONLY`, `HIDE`. Default: `READ_ONLY`"},"required":{"type":"boolean","description":"Whether the subschema is required"},"scope":{"type":"string"},"title":{"type":"string","description":"Subschema title (display name)"},"type":{"type":"string","description":"The type of the schema property. It can be \u003cspan pulumi-lang-nodejs=\"`string`\" pulumi-lang-dotnet=\"`String`\" pulumi-lang-go=\"`string`\" pulumi-lang-python=\"`string`\" pulumi-lang-yaml=\"`string`\" pulumi-lang-java=\"`string`\"\u003e`string`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`boolean`\" pulumi-lang-dotnet=\"`Boolean`\" pulumi-lang-go=\"`boolean`\" pulumi-lang-python=\"`boolean`\" pulumi-lang-yaml=\"`boolean`\" pulumi-lang-java=\"`boolean`\"\u003e`boolean`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`number`\" pulumi-lang-dotnet=\"`Number`\" pulumi-lang-go=\"`number`\" pulumi-lang-python=\"`number`\" pulumi-lang-yaml=\"`number`\" pulumi-lang-java=\"`number`\"\u003e`number`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`integer`\" pulumi-lang-dotnet=\"`Integer`\" pulumi-lang-go=\"`integer`\" pulumi-lang-python=\"`integer`\" pulumi-lang-yaml=\"`integer`\" pulumi-lang-java=\"`integer`\"\u003e`integer`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`array`\" pulumi-lang-dotnet=\"`Array`\" pulumi-lang-go=\"`array`\" pulumi-lang-python=\"`array`\" pulumi-lang-yaml=\"`array`\" pulumi-lang-java=\"`array`\"\u003e`array`\u003c/span\u003e, or \u003cspan pulumi-lang-nodejs=\"`object`\" pulumi-lang-dotnet=\"`Object`\" pulumi-lang-go=\"`object`\" pulumi-lang-python=\"`object`\" pulumi-lang-yaml=\"`object`\" pulumi-lang-java=\"`object`\"\u003e`object`\u003c/span\u003e"},"unique":{"type":"string","description":"Whether the property should be unique. It can be set to `UNIQUE_VALIDATED` or `NOT_UNIQUE`."}},"required":["index","title","type"],"inputProperties":{"arrayEnums":{"type":"array","items":{"type":"string"},"description":"Array of values that an array property's items can be set to."},"arrayOneOfs":{"type":"array","items":{"$ref":"#/types/okta:index/GroupSchemaPropertyArrayOneOf:GroupSchemaPropertyArrayOneOf"},"description":"Display name and value an enum array can be set to.\n\t- 'const' - (Required) value mapping to member of 'enum'.\n\t- 'title' - (Required) display name for the enum value."},"arrayType":{"type":"string","description":"The type of the array elements if \u003cspan pulumi-lang-nodejs=\"`type`\" pulumi-lang-dotnet=\"`Type`\" pulumi-lang-go=\"`type`\" pulumi-lang-python=\"`type`\" pulumi-lang-yaml=\"`type`\" pulumi-lang-java=\"`type`\"\u003e`type`\u003c/span\u003e is set to \u003cspan pulumi-lang-nodejs=\"`array`\" pulumi-lang-dotnet=\"`Array`\" pulumi-lang-go=\"`array`\" pulumi-lang-python=\"`array`\" pulumi-lang-yaml=\"`array`\" pulumi-lang-java=\"`array`\"\u003e`array`\u003c/span\u003e","willReplaceOnChanges":true},"description":{"type":"string","description":"The description of the user schema property."},"enums":{"type":"array","items":{"type":"string"},"description":"Array of values a primitive property can be set to. See \u003cspan pulumi-lang-nodejs=\"`arrayEnum`\" pulumi-lang-dotnet=\"`ArrayEnum`\" pulumi-lang-go=\"`arrayEnum`\" pulumi-lang-python=\"`array_enum`\" pulumi-lang-yaml=\"`arrayEnum`\" pulumi-lang-java=\"`arrayEnum`\"\u003e`array_enum`\u003c/span\u003e for arrays."},"externalName":{"type":"string","description":"External name of the user schema property.","willReplaceOnChanges":true},"externalNamespace":{"type":"string","description":"External namespace of the user schema property.","willReplaceOnChanges":true},"index":{"type":"string","description":"Subschema unique string identifier","willReplaceOnChanges":true},"master":{"type":"string","description":"Master priority for the group schema property. It can be set to `PROFILE_MASTER`, `OVERRIDE` or `OKTA`. Default: `PROFILE_MASTER`"},"masterOverridePriorities":{"type":"array","items":{"$ref":"#/types/okta:index/GroupSchemaPropertyMasterOverridePriority:GroupSchemaPropertyMasterOverridePriority"},"description":"Prioritized list of profile sources (required when \u003cspan pulumi-lang-nodejs=\"`master`\" pulumi-lang-dotnet=\"`Master`\" pulumi-lang-go=\"`master`\" pulumi-lang-python=\"`master`\" pulumi-lang-yaml=\"`master`\" pulumi-lang-java=\"`master`\"\u003e`master`\u003c/span\u003e is `OVERRIDE`)."},"maxLength":{"type":"integer","description":"The maximum length of the user property value. Only applies to type \u003cspan pulumi-lang-nodejs=\"`string`\" pulumi-lang-dotnet=\"`String`\" pulumi-lang-go=\"`string`\" pulumi-lang-python=\"`string`\" pulumi-lang-yaml=\"`string`\" pulumi-lang-java=\"`string`\"\u003e`string`\u003c/span\u003e"},"minLength":{"type":"integer","description":"The minimum length of the user property value. Only applies to type \u003cspan pulumi-lang-nodejs=\"`string`\" pulumi-lang-dotnet=\"`String`\" pulumi-lang-go=\"`string`\" pulumi-lang-python=\"`string`\" pulumi-lang-yaml=\"`string`\" pulumi-lang-java=\"`string`\"\u003e`string`\u003c/span\u003e"},"oneOfs":{"type":"array","items":{"$ref":"#/types/okta:index/GroupSchemaPropertyOneOf:GroupSchemaPropertyOneOf"},"description":"Array of maps containing a mapping for display name to enum value.\n\t- 'const' - (Required) value mapping to member of 'enum'.\n\t- 'title' - (Required) display name for the enum value."},"permissions":{"type":"string","description":"Access control permissions for the property. It can be set to `READ_WRITE`, `READ_ONLY`, `HIDE`. Default: `READ_ONLY`"},"required":{"type":"boolean","description":"Whether the subschema is required"},"scope":{"type":"string"},"title":{"type":"string","description":"Subschema title (display name)"},"type":{"type":"string","description":"The type of the schema property. It can be \u003cspan pulumi-lang-nodejs=\"`string`\" pulumi-lang-dotnet=\"`String`\" pulumi-lang-go=\"`string`\" pulumi-lang-python=\"`string`\" pulumi-lang-yaml=\"`string`\" pulumi-lang-java=\"`string`\"\u003e`string`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`boolean`\" pulumi-lang-dotnet=\"`Boolean`\" pulumi-lang-go=\"`boolean`\" pulumi-lang-python=\"`boolean`\" pulumi-lang-yaml=\"`boolean`\" pulumi-lang-java=\"`boolean`\"\u003e`boolean`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`number`\" pulumi-lang-dotnet=\"`Number`\" pulumi-lang-go=\"`number`\" pulumi-lang-python=\"`number`\" pulumi-lang-yaml=\"`number`\" pulumi-lang-java=\"`number`\"\u003e`number`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`integer`\" pulumi-lang-dotnet=\"`Integer`\" pulumi-lang-go=\"`integer`\" pulumi-lang-python=\"`integer`\" pulumi-lang-yaml=\"`integer`\" pulumi-lang-java=\"`integer`\"\u003e`integer`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`array`\" pulumi-lang-dotnet=\"`Array`\" pulumi-lang-go=\"`array`\" pulumi-lang-python=\"`array`\" pulumi-lang-yaml=\"`array`\" pulumi-lang-java=\"`array`\"\u003e`array`\u003c/span\u003e, or \u003cspan pulumi-lang-nodejs=\"`object`\" pulumi-lang-dotnet=\"`Object`\" pulumi-lang-go=\"`object`\" pulumi-lang-python=\"`object`\" pulumi-lang-yaml=\"`object`\" pulumi-lang-java=\"`object`\"\u003e`object`\u003c/span\u003e","willReplaceOnChanges":true},"unique":{"type":"string","description":"Whether the property should be unique. It can be set to `UNIQUE_VALIDATED` or `NOT_UNIQUE`.","willReplaceOnChanges":true}},"requiredInputs":["index","title","type"],"stateInputs":{"description":"Input properties used for looking up and filtering GroupSchemaProperty resources.\n","properties":{"arrayEnums":{"type":"array","items":{"type":"string"},"description":"Array of values that an array property's items can be set to."},"arrayOneOfs":{"type":"array","items":{"$ref":"#/types/okta:index/GroupSchemaPropertyArrayOneOf:GroupSchemaPropertyArrayOneOf"},"description":"Display name and value an enum array can be set to.\n\t- 'const' - (Required) value mapping to member of 'enum'.\n\t- 'title' - (Required) display name for the enum value."},"arrayType":{"type":"string","description":"The type of the array elements if \u003cspan pulumi-lang-nodejs=\"`type`\" pulumi-lang-dotnet=\"`Type`\" pulumi-lang-go=\"`type`\" pulumi-lang-python=\"`type`\" pulumi-lang-yaml=\"`type`\" pulumi-lang-java=\"`type`\"\u003e`type`\u003c/span\u003e is set to \u003cspan pulumi-lang-nodejs=\"`array`\" pulumi-lang-dotnet=\"`Array`\" pulumi-lang-go=\"`array`\" pulumi-lang-python=\"`array`\" pulumi-lang-yaml=\"`array`\" pulumi-lang-java=\"`array`\"\u003e`array`\u003c/span\u003e","willReplaceOnChanges":true},"description":{"type":"string","description":"The description of the user schema property."},"enums":{"type":"array","items":{"type":"string"},"description":"Array of values a primitive property can be set to. See \u003cspan pulumi-lang-nodejs=\"`arrayEnum`\" pulumi-lang-dotnet=\"`ArrayEnum`\" pulumi-lang-go=\"`arrayEnum`\" pulumi-lang-python=\"`array_enum`\" pulumi-lang-yaml=\"`arrayEnum`\" pulumi-lang-java=\"`arrayEnum`\"\u003e`array_enum`\u003c/span\u003e for arrays."},"externalName":{"type":"string","description":"External name of the user schema property.","willReplaceOnChanges":true},"externalNamespace":{"type":"string","description":"External namespace of the user schema property.","willReplaceOnChanges":true},"index":{"type":"string","description":"Subschema unique string identifier","willReplaceOnChanges":true},"master":{"type":"string","description":"Master priority for the group schema property. It can be set to `PROFILE_MASTER`, `OVERRIDE` or `OKTA`. Default: `PROFILE_MASTER`"},"masterOverridePriorities":{"type":"array","items":{"$ref":"#/types/okta:index/GroupSchemaPropertyMasterOverridePriority:GroupSchemaPropertyMasterOverridePriority"},"description":"Prioritized list of profile sources (required when \u003cspan pulumi-lang-nodejs=\"`master`\" pulumi-lang-dotnet=\"`Master`\" pulumi-lang-go=\"`master`\" pulumi-lang-python=\"`master`\" pulumi-lang-yaml=\"`master`\" pulumi-lang-java=\"`master`\"\u003e`master`\u003c/span\u003e is `OVERRIDE`)."},"maxLength":{"type":"integer","description":"The maximum length of the user property value. Only applies to type \u003cspan pulumi-lang-nodejs=\"`string`\" pulumi-lang-dotnet=\"`String`\" pulumi-lang-go=\"`string`\" pulumi-lang-python=\"`string`\" pulumi-lang-yaml=\"`string`\" pulumi-lang-java=\"`string`\"\u003e`string`\u003c/span\u003e"},"minLength":{"type":"integer","description":"The minimum length of the user property value. Only applies to type \u003cspan pulumi-lang-nodejs=\"`string`\" pulumi-lang-dotnet=\"`String`\" pulumi-lang-go=\"`string`\" pulumi-lang-python=\"`string`\" pulumi-lang-yaml=\"`string`\" pulumi-lang-java=\"`string`\"\u003e`string`\u003c/span\u003e"},"oneOfs":{"type":"array","items":{"$ref":"#/types/okta:index/GroupSchemaPropertyOneOf:GroupSchemaPropertyOneOf"},"description":"Array of maps containing a mapping for display name to enum value.\n\t- 'const' - (Required) value mapping to member of 'enum'.\n\t- 'title' - (Required) display name for the enum value."},"permissions":{"type":"string","description":"Access control permissions for the property. It can be set to `READ_WRITE`, `READ_ONLY`, `HIDE`. Default: `READ_ONLY`"},"required":{"type":"boolean","description":"Whether the subschema is required"},"scope":{"type":"string"},"title":{"type":"string","description":"Subschema title (display name)"},"type":{"type":"string","description":"The type of the schema property. It can be \u003cspan pulumi-lang-nodejs=\"`string`\" pulumi-lang-dotnet=\"`String`\" pulumi-lang-go=\"`string`\" pulumi-lang-python=\"`string`\" pulumi-lang-yaml=\"`string`\" pulumi-lang-java=\"`string`\"\u003e`string`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`boolean`\" pulumi-lang-dotnet=\"`Boolean`\" pulumi-lang-go=\"`boolean`\" pulumi-lang-python=\"`boolean`\" pulumi-lang-yaml=\"`boolean`\" pulumi-lang-java=\"`boolean`\"\u003e`boolean`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`number`\" pulumi-lang-dotnet=\"`Number`\" pulumi-lang-go=\"`number`\" pulumi-lang-python=\"`number`\" pulumi-lang-yaml=\"`number`\" pulumi-lang-java=\"`number`\"\u003e`number`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`integer`\" pulumi-lang-dotnet=\"`Integer`\" pulumi-lang-go=\"`integer`\" pulumi-lang-python=\"`integer`\" pulumi-lang-yaml=\"`integer`\" pulumi-lang-java=\"`integer`\"\u003e`integer`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`array`\" pulumi-lang-dotnet=\"`Array`\" pulumi-lang-go=\"`array`\" pulumi-lang-python=\"`array`\" pulumi-lang-yaml=\"`array`\" pulumi-lang-java=\"`array`\"\u003e`array`\u003c/span\u003e, or \u003cspan pulumi-lang-nodejs=\"`object`\" pulumi-lang-dotnet=\"`Object`\" pulumi-lang-go=\"`object`\" pulumi-lang-python=\"`object`\" pulumi-lang-yaml=\"`object`\" pulumi-lang-java=\"`object`\"\u003e`object`\u003c/span\u003e","willReplaceOnChanges":true},"unique":{"type":"string","description":"Whether the property should be unique. It can be set to `UNIQUE_VALIDATED` or `NOT_UNIQUE`.","willReplaceOnChanges":true}},"type":"object"}},"okta:index/hookKey:HookKey":{"description":"Creates and manages a Hook Key. This resource allows you to create and configure an Okta [Hook Key](https://developer.okta.com/docs/reference/api/hook-keys/).\n\nUse Key Management to create and manage JSON Web Keys (JWKS) that support OAuth 2.0 client authentication. The key is composed of a public and private key pair. The private key signs the JSON Web Token (JWT) and the public key validates it on the client side.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst example = new okta.HookKey(\"example\", {name: \"My Hook Key\"});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\nexample = okta.HookKey(\"example\", name=\"My Hook Key\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var example = new Okta.HookKey(\"example\", new()\n    {\n        Name = \"My Hook Key\",\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := okta.NewHookKey(ctx, \"example\", \u0026okta.HookKeyArgs{\n\t\t\tName: pulumi.String(\"My Hook Key\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.HookKey;\nimport com.pulumi.okta.HookKeyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        var example = new HookKey(\"example\", HookKeyArgs.builder()\n            .name(\"My Hook Key\")\n            .build());\n\n    }\n}\n```\n```yaml\nresources:\n  example:\n    type: okta:HookKey\n    properties:\n      name: My Hook Key\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nHook Keys can be imported using the `id`.\n\n```sh\n$ pulumi import okta:index/hookKey:HookKey example \u0026#60;hook_key_id\u0026#62;\n```\n\n","properties":{"created":{"type":"string","description":"Timestamp when the key was created.\n"},"isUsed":{"type":"boolean","description":"Whether this key is currently in use by other applications.\n"},"keyId":{"type":"string","description":"The alias of the public key.\n"},"lastUpdated":{"type":"string","description":"Timestamp when the key was updated.\n"},"name":{"type":"string","description":"Display name for the key. Must be between 1 and 255 characters.\n"}},"required":["created","isUsed","keyId","lastUpdated","name"],"inputProperties":{"name":{"type":"string","description":"Display name for the key. Must be between 1 and 255 characters.\n"}},"stateInputs":{"description":"Input properties used for looking up and filtering HookKey resources.\n","properties":{"created":{"type":"string","description":"Timestamp when the key was created.\n"},"isUsed":{"type":"boolean","description":"Whether this key is currently in use by other applications.\n"},"keyId":{"type":"string","description":"The alias of the public key.\n"},"lastUpdated":{"type":"string","description":"Timestamp when the key was updated.\n"},"name":{"type":"string","description":"Display name for the key. Must be between 1 and 255 characters.\n"}},"type":"object"}},"okta:index/linkDefinition:LinkDefinition":{"description":"Manages the creation and removal of the link definitions.\n\t\t\nLink definition operations allow you to manage the creation and removal of the link definitions. If you remove a link \ndefinition, links based on that definition are unavailable. Note that this resource is immutable, thus can not be modified.\n\u003e **NOTE:** Links reappear if you recreate the definition. However, Okta is likely to change this behavior so that links don't reappear. Don't rely on this behavior in production environments.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst example = new okta.LinkDefinition(\"example\", {\n    primaryName: \"emperor\",\n    primaryTitle: \"Emperor\",\n    primaryDescription: \"Hereditary ruler of the Imperium and the Known Universe\",\n    associatedName: \"sardaukar\",\n    associatedTitle: \"Sardaukar\",\n    associatedDescription: \"Elite military force member\",\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\nexample = okta.LinkDefinition(\"example\",\n    primary_name=\"emperor\",\n    primary_title=\"Emperor\",\n    primary_description=\"Hereditary ruler of the Imperium and the Known Universe\",\n    associated_name=\"sardaukar\",\n    associated_title=\"Sardaukar\",\n    associated_description=\"Elite military force member\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var example = new Okta.LinkDefinition(\"example\", new()\n    {\n        PrimaryName = \"emperor\",\n        PrimaryTitle = \"Emperor\",\n        PrimaryDescription = \"Hereditary ruler of the Imperium and the Known Universe\",\n        AssociatedName = \"sardaukar\",\n        AssociatedTitle = \"Sardaukar\",\n        AssociatedDescription = \"Elite military force member\",\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := okta.NewLinkDefinition(ctx, \"example\", \u0026okta.LinkDefinitionArgs{\n\t\t\tPrimaryName:           pulumi.String(\"emperor\"),\n\t\t\tPrimaryTitle:          pulumi.String(\"Emperor\"),\n\t\t\tPrimaryDescription:    pulumi.String(\"Hereditary ruler of the Imperium and the Known Universe\"),\n\t\t\tAssociatedName:        pulumi.String(\"sardaukar\"),\n\t\t\tAssociatedTitle:       pulumi.String(\"Sardaukar\"),\n\t\t\tAssociatedDescription: pulumi.String(\"Elite military force member\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.LinkDefinition;\nimport com.pulumi.okta.LinkDefinitionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        var example = new LinkDefinition(\"example\", LinkDefinitionArgs.builder()\n            .primaryName(\"emperor\")\n            .primaryTitle(\"Emperor\")\n            .primaryDescription(\"Hereditary ruler of the Imperium and the Known Universe\")\n            .associatedName(\"sardaukar\")\n            .associatedTitle(\"Sardaukar\")\n            .associatedDescription(\"Elite military force member\")\n            .build());\n\n    }\n}\n```\n```yaml\nresources:\n  example:\n    type: okta:LinkDefinition\n    properties:\n      primaryName: emperor\n      primaryTitle: Emperor\n      primaryDescription: Hereditary ruler of the Imperium and the Known Universe\n      associatedName: sardaukar\n      associatedTitle: Sardaukar\n      associatedDescription: Elite military force member\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\n```sh\n$ pulumi import okta:index/linkDefinition:LinkDefinition example \u003cprimary_name\u003e\n```\n\n","properties":{"associatedDescription":{"type":"string","description":"Description of the associated relationship.\n"},"associatedName":{"type":"string","description":"API name of the associated link.\n"},"associatedTitle":{"type":"string","description":"Display name of the associated link.\n"},"primaryDescription":{"type":"string","description":"Description of the primary relationship.\n"},"primaryName":{"type":"string","description":"API name of the primary link.\n"},"primaryTitle":{"type":"string","description":"Display name of the primary link.\n"}},"required":["associatedDescription","associatedName","associatedTitle","primaryDescription","primaryName","primaryTitle"],"inputProperties":{"associatedDescription":{"type":"string","description":"Description of the associated relationship.\n","willReplaceOnChanges":true},"associatedName":{"type":"string","description":"API name of the associated link.\n","willReplaceOnChanges":true},"associatedTitle":{"type":"string","description":"Display name of the associated link.\n","willReplaceOnChanges":true},"primaryDescription":{"type":"string","description":"Description of the primary relationship.\n","willReplaceOnChanges":true},"primaryName":{"type":"string","description":"API name of the primary link.\n","willReplaceOnChanges":true},"primaryTitle":{"type":"string","description":"Display name of the primary link.\n","willReplaceOnChanges":true}},"requiredInputs":["associatedDescription","associatedName","associatedTitle","primaryDescription","primaryName","primaryTitle"],"stateInputs":{"description":"Input properties used for looking up and filtering LinkDefinition resources.\n","properties":{"associatedDescription":{"type":"string","description":"Description of the associated relationship.\n","willReplaceOnChanges":true},"associatedName":{"type":"string","description":"API name of the associated link.\n","willReplaceOnChanges":true},"associatedTitle":{"type":"string","description":"Display name of the associated link.\n","willReplaceOnChanges":true},"primaryDescription":{"type":"string","description":"Description of the primary relationship.\n","willReplaceOnChanges":true},"primaryName":{"type":"string","description":"API name of the primary link.\n","willReplaceOnChanges":true},"primaryTitle":{"type":"string","description":"Display name of the primary link.\n","willReplaceOnChanges":true}},"type":"object"}},"okta:index/linkValue:LinkValue":{"description":"Manages users relationships. Link value operations allow you to create relationships between primary and associated users.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst padishah = new okta.LinkDefinition(\"padishah\", {\n    primaryName: \"emperor\",\n    primaryTitle: \"Emperor\",\n    primaryDescription: \"Hereditary ruler of the Imperium and the Known Universe\",\n    associatedName: \"sardaukar\",\n    associatedTitle: \"Sardaukar\",\n    associatedDescription: \"Elite military force member\",\n});\nconst emperor = new okta.user.User(\"emperor\", {\n    firstName: \"Shaddam\",\n    lastName: \"Corrino IV\",\n    login: \"shaddam.corrino.iv@salusa-secundus.planet\",\n    email: \"shaddam.corrino.iv@salusa-secundus.planet\",\n});\nconst sardaukars: okta.user.User[] = [];\nfor (const range = {value: 0}; range.value \u003c 5; range.value++) {\n    sardaukars.push(new okta.user.User(`sardaukars-${range.value}`, {\n        firstName: \"Amrit\",\n        lastName: `Sardaukar_${range.value}`,\n        login: `amritsardaukar_${range.value}@salusa-secundus.planet`,\n        email: `amritsardaukar_${range.value}@salusa-secundus.planet`,\n    }));\n}\nconst example = new okta.LinkValue(\"example\", {\n    primaryName: padishah.primaryName,\n    primaryUserId: emperor.id,\n    associatedUserIds: [\n        sardaukars[0].id,\n        sardaukars[1].id,\n        sardaukars[2].id,\n        sardaukars[3].id,\n        sardaukars[4].id,\n    ],\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\npadishah = okta.LinkDefinition(\"padishah\",\n    primary_name=\"emperor\",\n    primary_title=\"Emperor\",\n    primary_description=\"Hereditary ruler of the Imperium and the Known Universe\",\n    associated_name=\"sardaukar\",\n    associated_title=\"Sardaukar\",\n    associated_description=\"Elite military force member\")\nemperor = okta.user.User(\"emperor\",\n    first_name=\"Shaddam\",\n    last_name=\"Corrino IV\",\n    login=\"shaddam.corrino.iv@salusa-secundus.planet\",\n    email=\"shaddam.corrino.iv@salusa-secundus.planet\")\nsardaukars = []\nfor range in [{\"value\": i} for i in range(0, 5)]:\n    sardaukars.append(okta.user.User(f\"sardaukars-{range['value']}\",\n        first_name=\"Amrit\",\n        last_name=f\"Sardaukar_{range['value']}\",\n        login=f\"amritsardaukar_{range['value']}@salusa-secundus.planet\",\n        email=f\"amritsardaukar_{range['value']}@salusa-secundus.planet\"))\nexample = okta.LinkValue(\"example\",\n    primary_name=padishah.primary_name,\n    primary_user_id=emperor.id,\n    associated_user_ids=[\n        sardaukars[0].id,\n        sardaukars[1].id,\n        sardaukars[2].id,\n        sardaukars[3].id,\n        sardaukars[4].id,\n    ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var padishah = new Okta.LinkDefinition(\"padishah\", new()\n    {\n        PrimaryName = \"emperor\",\n        PrimaryTitle = \"Emperor\",\n        PrimaryDescription = \"Hereditary ruler of the Imperium and the Known Universe\",\n        AssociatedName = \"sardaukar\",\n        AssociatedTitle = \"Sardaukar\",\n        AssociatedDescription = \"Elite military force member\",\n    });\n\n    var emperor = new Okta.User.User(\"emperor\", new()\n    {\n        FirstName = \"Shaddam\",\n        LastName = \"Corrino IV\",\n        Login = \"shaddam.corrino.iv@salusa-secundus.planet\",\n        Email = \"shaddam.corrino.iv@salusa-secundus.planet\",\n    });\n\n    var sardaukars = new List\u003cOkta.User.User\u003e();\n    for (var rangeIndex = 0; rangeIndex \u003c 5; rangeIndex++)\n    {\n        var range = new { Value = rangeIndex };\n        sardaukars.Add(new Okta.User.User($\"sardaukars-{range.Value}\", new()\n        {\n            FirstName = \"Amrit\",\n            LastName = $\"Sardaukar_{range.Value}\",\n            Login = $\"amritsardaukar_{range.Value}@salusa-secundus.planet\",\n            Email = $\"amritsardaukar_{range.Value}@salusa-secundus.planet\",\n        }));\n    }\n    var example = new Okta.LinkValue(\"example\", new()\n    {\n        PrimaryName = padishah.PrimaryName,\n        PrimaryUserId = emperor.Id,\n        AssociatedUserIds = new[]\n        {\n            sardaukars[0].Id,\n            sardaukars[1].Id,\n            sardaukars[2].Id,\n            sardaukars[3].Id,\n            sardaukars[4].Id,\n        },\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta\"\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta/user\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tpadishah, err := okta.NewLinkDefinition(ctx, \"padishah\", \u0026okta.LinkDefinitionArgs{\n\t\t\tPrimaryName:           pulumi.String(\"emperor\"),\n\t\t\tPrimaryTitle:          pulumi.String(\"Emperor\"),\n\t\t\tPrimaryDescription:    pulumi.String(\"Hereditary ruler of the Imperium and the Known Universe\"),\n\t\t\tAssociatedName:        pulumi.String(\"sardaukar\"),\n\t\t\tAssociatedTitle:       pulumi.String(\"Sardaukar\"),\n\t\t\tAssociatedDescription: pulumi.String(\"Elite military force member\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\temperor, err := user.NewUser(ctx, \"emperor\", \u0026user.UserArgs{\n\t\t\tFirstName: pulumi.String(\"Shaddam\"),\n\t\t\tLastName:  pulumi.String(\"Corrino IV\"),\n\t\t\tLogin:     pulumi.String(\"shaddam.corrino.iv@salusa-secundus.planet\"),\n\t\t\tEmail:     pulumi.String(\"shaddam.corrino.iv@salusa-secundus.planet\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tvar sardaukars []*user.User\n\t\tfor index := 0; index \u003c 5; index++ {\n\t\t\tkey0 := index\n\t\t\tval0 := index\n\t\t\t__res, err := user.NewUser(ctx, fmt.Sprintf(\"sardaukars-%v\", key0), \u0026user.UserArgs{\n\t\t\t\tFirstName: pulumi.String(\"Amrit\"),\n\t\t\t\tLastName:  pulumi.Sprintf(\"Sardaukar_%v\", val0),\n\t\t\t\tLogin:     pulumi.Sprintf(\"amritsardaukar_%v@salusa-secundus.planet\", val0),\n\t\t\t\tEmail:     pulumi.Sprintf(\"amritsardaukar_%v@salusa-secundus.planet\", val0),\n\t\t\t})\n\t\t\tif err != nil {\n\t\t\t\treturn err\n\t\t\t}\n\t\t\tsardaukars = append(sardaukars, __res)\n\t\t}\n\t\t_, err = okta.NewLinkValue(ctx, \"example\", \u0026okta.LinkValueArgs{\n\t\t\tPrimaryName:   padishah.PrimaryName,\n\t\t\tPrimaryUserId: emperor.ID(),\n\t\t\tAssociatedUserIds: pulumi.StringArray{\n\t\t\t\tsardaukars[0].ID(),\n\t\t\t\tsardaukars[1].ID(),\n\t\t\t\tsardaukars[2].ID(),\n\t\t\t\tsardaukars[3].ID(),\n\t\t\t\tsardaukars[4].ID(),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.LinkDefinition;\nimport com.pulumi.okta.LinkDefinitionArgs;\nimport com.pulumi.okta.user.User;\nimport com.pulumi.okta.user.UserArgs;\nimport com.pulumi.okta.LinkValue;\nimport com.pulumi.okta.LinkValueArgs;\nimport com.pulumi.codegen.internal.KeyedValue;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        var padishah = new LinkDefinition(\"padishah\", LinkDefinitionArgs.builder()\n            .primaryName(\"emperor\")\n            .primaryTitle(\"Emperor\")\n            .primaryDescription(\"Hereditary ruler of the Imperium and the Known Universe\")\n            .associatedName(\"sardaukar\")\n            .associatedTitle(\"Sardaukar\")\n            .associatedDescription(\"Elite military force member\")\n            .build());\n\n        var emperor = new User(\"emperor\", UserArgs.builder()\n            .firstName(\"Shaddam\")\n            .lastName(\"Corrino IV\")\n            .login(\"shaddam.corrino.iv@salusa-secundus.planet\")\n            .email(\"shaddam.corrino.iv@salusa-secundus.planet\")\n            .build());\n\n        for (var i = 0; i \u003c 5; i++) {\n            new User(\"sardaukars-\" + i, UserArgs.builder()\n                .firstName(\"Amrit\")\n                .lastName(String.format(\"Sardaukar_%s\", range.value()))\n                .login(String.format(\"amritsardaukar_%s@salusa-secundus.planet\", range.value()))\n                .email(String.format(\"amritsardaukar_%s@salusa-secundus.planet\", range.value()))\n                .build());\n\n        \n}\n        var example = new LinkValue(\"example\", LinkValueArgs.builder()\n            .primaryName(padishah.primaryName())\n            .primaryUserId(emperor.id())\n            .associatedUserIds(            \n                sardaukars[0].id(),\n                sardaukars[1].id(),\n                sardaukars[2].id(),\n                sardaukars[3].id(),\n                sardaukars[4].id())\n            .build());\n\n    }\n}\n```\n```yaml\nresources:\n  padishah:\n    type: okta:LinkDefinition\n    properties:\n      primaryName: emperor\n      primaryTitle: Emperor\n      primaryDescription: Hereditary ruler of the Imperium and the Known Universe\n      associatedName: sardaukar\n      associatedTitle: Sardaukar\n      associatedDescription: Elite military force member\n  emperor:\n    type: okta:user:User\n    properties:\n      firstName: Shaddam\n      lastName: Corrino IV\n      login: shaddam.corrino.iv@salusa-secundus.planet\n      email: shaddam.corrino.iv@salusa-secundus.planet\n  sardaukars:\n    type: okta:user:User\n    properties:\n      firstName: Amrit\n      lastName: Sardaukar_${range.value}\n      login: amritsardaukar_${range.value}@salusa-secundus.planet\n      email: amritsardaukar_${range.value}@salusa-secundus.planet\n    options: {}\n  example:\n    type: okta:LinkValue\n    properties:\n      primaryName: ${padishah.primaryName}\n      primaryUserId: ${emperor.id}\n      associatedUserIds:\n        - ${sardaukars[0].id}\n        - ${sardaukars[1].id}\n        - ${sardaukars[2].id}\n        - ${sardaukars[3].id}\n        - ${sardaukars[4].id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\n```sh\n$ pulumi import okta:index/linkValue:LinkValue example \u003cprimary_name\u003e/\u003cprimary_user_id\u003e\n```\n\n","properties":{"associatedUserIds":{"type":"array","items":{"type":"string"},"description":"Set of User IDs or login values of the users to be assigned the \u003cspan pulumi-lang-nodejs=\"`associated`\" pulumi-lang-dotnet=\"`Associated`\" pulumi-lang-go=\"`associated`\" pulumi-lang-python=\"`associated`\" pulumi-lang-yaml=\"`associated`\" pulumi-lang-java=\"`associated`\"\u003e`associated`\u003c/span\u003e relationship.\n"},"primaryName":{"type":"string","description":"Name of the \u003cspan pulumi-lang-nodejs=\"`primary`\" pulumi-lang-dotnet=\"`Primary`\" pulumi-lang-go=\"`primary`\" pulumi-lang-python=\"`primary`\" pulumi-lang-yaml=\"`primary`\" pulumi-lang-java=\"`primary`\"\u003e`primary`\u003c/span\u003e relationship being assigned.\n"},"primaryUserId":{"type":"string","description":"User ID to be assigned to \u003cspan pulumi-lang-nodejs=\"`primary`\" pulumi-lang-dotnet=\"`Primary`\" pulumi-lang-go=\"`primary`\" pulumi-lang-python=\"`primary`\" pulumi-lang-yaml=\"`primary`\" pulumi-lang-java=\"`primary`\"\u003e`primary`\u003c/span\u003e for the 'associated' user in the specified relationship.\n"}},"required":["primaryName","primaryUserId"],"inputProperties":{"associatedUserIds":{"type":"array","items":{"type":"string"},"description":"Set of User IDs or login values of the users to be assigned the \u003cspan pulumi-lang-nodejs=\"`associated`\" pulumi-lang-dotnet=\"`Associated`\" pulumi-lang-go=\"`associated`\" pulumi-lang-python=\"`associated`\" pulumi-lang-yaml=\"`associated`\" pulumi-lang-java=\"`associated`\"\u003e`associated`\u003c/span\u003e relationship.\n"},"primaryName":{"type":"string","description":"Name of the \u003cspan pulumi-lang-nodejs=\"`primary`\" pulumi-lang-dotnet=\"`Primary`\" pulumi-lang-go=\"`primary`\" pulumi-lang-python=\"`primary`\" pulumi-lang-yaml=\"`primary`\" pulumi-lang-java=\"`primary`\"\u003e`primary`\u003c/span\u003e relationship being assigned.\n","willReplaceOnChanges":true},"primaryUserId":{"type":"string","description":"User ID to be assigned to \u003cspan pulumi-lang-nodejs=\"`primary`\" pulumi-lang-dotnet=\"`Primary`\" pulumi-lang-go=\"`primary`\" pulumi-lang-python=\"`primary`\" pulumi-lang-yaml=\"`primary`\" pulumi-lang-java=\"`primary`\"\u003e`primary`\u003c/span\u003e for the 'associated' user in the specified relationship.\n","willReplaceOnChanges":true}},"requiredInputs":["primaryName","primaryUserId"],"stateInputs":{"description":"Input properties used for looking up and filtering LinkValue resources.\n","properties":{"associatedUserIds":{"type":"array","items":{"type":"string"},"description":"Set of User IDs or login values of the users to be assigned the \u003cspan pulumi-lang-nodejs=\"`associated`\" pulumi-lang-dotnet=\"`Associated`\" pulumi-lang-go=\"`associated`\" pulumi-lang-python=\"`associated`\" pulumi-lang-yaml=\"`associated`\" pulumi-lang-java=\"`associated`\"\u003e`associated`\u003c/span\u003e relationship.\n"},"primaryName":{"type":"string","description":"Name of the \u003cspan pulumi-lang-nodejs=\"`primary`\" pulumi-lang-dotnet=\"`Primary`\" pulumi-lang-go=\"`primary`\" pulumi-lang-python=\"`primary`\" pulumi-lang-yaml=\"`primary`\" pulumi-lang-java=\"`primary`\"\u003e`primary`\u003c/span\u003e relationship being assigned.\n","willReplaceOnChanges":true},"primaryUserId":{"type":"string","description":"User ID to be assigned to \u003cspan pulumi-lang-nodejs=\"`primary`\" pulumi-lang-dotnet=\"`Primary`\" pulumi-lang-go=\"`primary`\" pulumi-lang-python=\"`primary`\" pulumi-lang-yaml=\"`primary`\" pulumi-lang-java=\"`primary`\"\u003e`primary`\u003c/span\u003e for the 'associated' user in the specified relationship.\n","willReplaceOnChanges":true}},"type":"object"}},"okta:index/logStream:LogStream":{"description":"Manages log streams\n\n## Import\n\n```sh\n$ pulumi import okta:index/logStream:LogStream example \u003cstream_id\u003e\n```\n\n","properties":{"name":{"type":"string","description":"Unique name for the Log Stream object\n"},"settings":{"$ref":"#/types/okta:index/LogStreamSettings:LogStreamSettings"},"status":{"type":"string","description":"Stream status\n"},"type":{"type":"string","description":"Streaming provider used - 'aws*eventbridge' or 'splunk*cloud_logstreaming'\n"}},"required":["name","type"],"inputProperties":{"name":{"type":"string","description":"Unique name for the Log Stream object\n"},"settings":{"$ref":"#/types/okta:index/LogStreamSettings:LogStreamSettings"},"status":{"type":"string","description":"Stream status\n"},"type":{"type":"string","description":"Streaming provider used - 'aws*eventbridge' or 'splunk*cloud_logstreaming'\n"}},"requiredInputs":["type"],"stateInputs":{"description":"Input properties used for looking up and filtering LogStream resources.\n","properties":{"name":{"type":"string","description":"Unique name for the Log Stream object\n"},"settings":{"$ref":"#/types/okta:index/LogStreamSettings:LogStreamSettings"},"status":{"type":"string","description":"Stream status\n"},"type":{"type":"string","description":"Streaming provider used - 'aws*eventbridge' or 'splunk*cloud_logstreaming'\n"}},"type":"object"}},"okta:index/orgConfiguration:OrgConfiguration":{"description":"Manages org settings, logo, support and communication.\n\t\t\n\u003e **IMPORTANT:** You must specify all Org Setting properties when you update an org's profile. Any property not specified in the script will be deleted.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst example = new okta.OrgConfiguration(\"example\", {\n    companyName: \"Umbrella Corporation\",\n    website: \"https://terraform.io\",\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\nexample = okta.OrgConfiguration(\"example\",\n    company_name=\"Umbrella Corporation\",\n    website=\"https://terraform.io\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var example = new Okta.OrgConfiguration(\"example\", new()\n    {\n        CompanyName = \"Umbrella Corporation\",\n        Website = \"https://terraform.io\",\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := okta.NewOrgConfiguration(ctx, \"example\", \u0026okta.OrgConfigurationArgs{\n\t\t\tCompanyName: pulumi.String(\"Umbrella Corporation\"),\n\t\t\tWebsite:     pulumi.String(\"https://terraform.io\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.OrgConfiguration;\nimport com.pulumi.okta.OrgConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        var example = new OrgConfiguration(\"example\", OrgConfigurationArgs.builder()\n            .companyName(\"Umbrella Corporation\")\n            .website(\"https://terraform.io\")\n            .build());\n\n    }\n}\n```\n```yaml\nresources:\n  example:\n    type: okta:OrgConfiguration\n    properties:\n      companyName: Umbrella Corporation\n      website: https://terraform.io\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\n```sh\n$ pulumi import okta:index/orgConfiguration:OrgConfiguration example _\n```\n\n","properties":{"address1":{"type":"string","description":"Primary address of org\n"},"address2":{"type":"string","description":"Secondary address of org\n"},"billingContactUser":{"type":"string","description":"User ID representing the billing contact\n"},"city":{"type":"string","description":"City of org\n"},"companyName":{"type":"string","description":"Name of org\n"},"country":{"type":"string","description":"Country of org\n"},"endUserSupportHelpUrl":{"type":"string","description":"Support link of org\n"},"expiresAt":{"type":"string","description":"Expiration of org\n"},"logo":{"type":"string","description":"Logo of org. The file must be in PNG, JPG, or GIF format and less than 1 MB in size. For best results use landscape orientation, a transparent background, and a minimum size of 420px by 120px to prevent upscaling.\n"},"optOutCommunicationEmails":{"type":"boolean","description":"Indicates whether the org's users receive Okta Communication emails\n"},"phoneNumber":{"type":"string","description":"Support help phone of org\n"},"postalCode":{"type":"string","description":"Postal code of org\n"},"state":{"type":"string","description":"State of org\n"},"subdomain":{"type":"string","description":"Subdomain of org\n"},"supportPhoneNumber":{"type":"string","description":"Support help phone of org\n"},"technicalContactUser":{"type":"string","description":"User ID representing the technical contact\n"},"website":{"type":"string","description":"The org's website\n"}},"required":["companyName","expiresAt","subdomain"],"inputProperties":{"address1":{"type":"string","description":"Primary address of org\n"},"address2":{"type":"string","description":"Secondary address of org\n"},"billingContactUser":{"type":"string","description":"User ID representing the billing contact\n"},"city":{"type":"string","description":"City of org\n"},"companyName":{"type":"string","description":"Name of org\n"},"country":{"type":"string","description":"Country of org\n"},"endUserSupportHelpUrl":{"type":"string","description":"Support link of org\n"},"logo":{"type":"string","description":"Logo of org. The file must be in PNG, JPG, or GIF format and less than 1 MB in size. For best results use landscape orientation, a transparent background, and a minimum size of 420px by 120px to prevent upscaling.\n"},"optOutCommunicationEmails":{"type":"boolean","description":"Indicates whether the org's users receive Okta Communication emails\n"},"phoneNumber":{"type":"string","description":"Support help phone of org\n"},"postalCode":{"type":"string","description":"Postal code of org\n"},"state":{"type":"string","description":"State of org\n"},"supportPhoneNumber":{"type":"string","description":"Support help phone of org\n"},"technicalContactUser":{"type":"string","description":"User ID representing the technical contact\n"},"website":{"type":"string","description":"The org's website\n"}},"requiredInputs":["companyName"],"stateInputs":{"description":"Input properties used for looking up and filtering OrgConfiguration resources.\n","properties":{"address1":{"type":"string","description":"Primary address of org\n"},"address2":{"type":"string","description":"Secondary address of org\n"},"billingContactUser":{"type":"string","description":"User ID representing the billing contact\n"},"city":{"type":"string","description":"City of org\n"},"companyName":{"type":"string","description":"Name of org\n"},"country":{"type":"string","description":"Country of org\n"},"endUserSupportHelpUrl":{"type":"string","description":"Support link of org\n"},"expiresAt":{"type":"string","description":"Expiration of org\n"},"logo":{"type":"string","description":"Logo of org. The file must be in PNG, JPG, or GIF format and less than 1 MB in size. For best results use landscape orientation, a transparent background, and a minimum size of 420px by 120px to prevent upscaling.\n"},"optOutCommunicationEmails":{"type":"boolean","description":"Indicates whether the org's users receive Okta Communication emails\n"},"phoneNumber":{"type":"string","description":"Support help phone of org\n"},"postalCode":{"type":"string","description":"Postal code of org\n"},"state":{"type":"string","description":"State of org\n"},"subdomain":{"type":"string","description":"Subdomain of org\n"},"supportPhoneNumber":{"type":"string","description":"Support help phone of org\n"},"technicalContactUser":{"type":"string","description":"User ID representing the technical contact\n"},"website":{"type":"string","description":"The org's website\n"}},"type":"object"}},"okta:index/orgSupport:OrgSupport":{"description":"Manages Okta Support access your org\nThis resource allows you to temporarily allow Okta Support to access your org as an administrator. By default,\naccess will be granted for eight hours. Removing this resource will revoke Okta Support access to your org.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst example = new okta.OrgSupport(\"example\", {extendBy: 1});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\nexample = okta.OrgSupport(\"example\", extend_by=1)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var example = new Okta.OrgSupport(\"example\", new()\n    {\n        ExtendBy = 1,\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := okta.NewOrgSupport(ctx, \"example\", \u0026okta.OrgSupportArgs{\n\t\t\tExtendBy: pulumi.Int(1),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.OrgSupport;\nimport com.pulumi.okta.OrgSupportArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        var example = new OrgSupport(\"example\", OrgSupportArgs.builder()\n            .extendBy(1)\n            .build());\n\n    }\n}\n```\n```yaml\nresources:\n  example:\n    type: okta:OrgSupport\n    properties:\n      extendBy: 1\n```\n\u003c!--End PulumiCodeChooser --\u003e\n","properties":{"expiration":{"type":"string","description":"Expiration of Okta Support\n"},"extendBy":{"type":"integer","description":"Number of days the support should be extended by\n"},"status":{"type":"string","description":"Status of Okta Support\n"}},"required":["expiration","status"],"inputProperties":{"extendBy":{"type":"integer","description":"Number of days the support should be extended by\n","willReplaceOnChanges":true}},"stateInputs":{"description":"Input properties used for looking up and filtering OrgSupport resources.\n","properties":{"expiration":{"type":"string","description":"Expiration of Okta Support\n"},"extendBy":{"type":"integer","description":"Number of days the support should be extended by\n","willReplaceOnChanges":true},"status":{"type":"string","description":"Status of Okta Support\n"}},"type":"object"}},"okta:index/policyMfaDefault:PolicyMfaDefault":{"description":"Configures default MFA Policy.\nThis resource allows you to configure default MFA Policy.\n\u003e Requires Org Feature Flag 'OKTA_MFA_POLICY'. Contact support to have this feature flag ***enabled***.\n\u003e Unless Org Feature Flag 'ENG_ENABLE_OPTIONAL_PASSWORD_ENROLLMENT' is ***disabled*** 'okta_password' or 'okta_email' must be present and its 'enroll' value set to 'REQUIRED'. Contact support to have this feature flag ***disabled***.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst classicExample = new okta.PolicyMfaDefault(\"classic_example\", {\n    isOie: false,\n    oktaPassword: {\n        enroll: \"REQUIRED\",\n    },\n    oktaOtp: {\n        enroll: \"REQUIRED\",\n    },\n});\nconst oieExample = new okta.PolicyMfaDefault(\"oie_example\", {\n    isOie: true,\n    oktaPassword: {\n        enroll: \"REQUIRED\",\n    },\n    oktaVerify: {\n        enroll: \"REQUIRED\",\n    },\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\nclassic_example = okta.PolicyMfaDefault(\"classic_example\",\n    is_oie=False,\n    okta_password={\n        \"enroll\": \"REQUIRED\",\n    },\n    okta_otp={\n        \"enroll\": \"REQUIRED\",\n    })\noie_example = okta.PolicyMfaDefault(\"oie_example\",\n    is_oie=True,\n    okta_password={\n        \"enroll\": \"REQUIRED\",\n    },\n    okta_verify={\n        \"enroll\": \"REQUIRED\",\n    })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var classicExample = new Okta.PolicyMfaDefault(\"classic_example\", new()\n    {\n        IsOie = false,\n        OktaPassword = \n        {\n            { \"enroll\", \"REQUIRED\" },\n        },\n        OktaOtp = \n        {\n            { \"enroll\", \"REQUIRED\" },\n        },\n    });\n\n    var oieExample = new Okta.PolicyMfaDefault(\"oie_example\", new()\n    {\n        IsOie = true,\n        OktaPassword = \n        {\n            { \"enroll\", \"REQUIRED\" },\n        },\n        OktaVerify = \n        {\n            { \"enroll\", \"REQUIRED\" },\n        },\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := okta.NewPolicyMfaDefault(ctx, \"classic_example\", \u0026okta.PolicyMfaDefaultArgs{\n\t\t\tIsOie: pulumi.Bool(false),\n\t\t\tOktaPassword: pulumi.StringMap{\n\t\t\t\t\"enroll\": pulumi.String(\"REQUIRED\"),\n\t\t\t},\n\t\t\tOktaOtp: pulumi.StringMap{\n\t\t\t\t\"enroll\": pulumi.String(\"REQUIRED\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = okta.NewPolicyMfaDefault(ctx, \"oie_example\", \u0026okta.PolicyMfaDefaultArgs{\n\t\t\tIsOie: pulumi.Bool(true),\n\t\t\tOktaPassword: pulumi.StringMap{\n\t\t\t\t\"enroll\": pulumi.String(\"REQUIRED\"),\n\t\t\t},\n\t\t\tOktaVerify: pulumi.StringMap{\n\t\t\t\t\"enroll\": pulumi.String(\"REQUIRED\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.PolicyMfaDefault;\nimport com.pulumi.okta.PolicyMfaDefaultArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        var classicExample = new PolicyMfaDefault(\"classicExample\", PolicyMfaDefaultArgs.builder()\n            .isOie(false)\n            .oktaPassword(Map.of(\"enroll\", \"REQUIRED\"))\n            .oktaOtp(Map.of(\"enroll\", \"REQUIRED\"))\n            .build());\n\n        var oieExample = new PolicyMfaDefault(\"oieExample\", PolicyMfaDefaultArgs.builder()\n            .isOie(true)\n            .oktaPassword(Map.of(\"enroll\", \"REQUIRED\"))\n            .oktaVerify(Map.of(\"enroll\", \"REQUIRED\"))\n            .build());\n\n    }\n}\n```\n```yaml\nresources:\n  classicExample:\n    type: okta:PolicyMfaDefault\n    name: classic_example\n    properties:\n      isOie: false\n      oktaPassword:\n        enroll: REQUIRED\n      oktaOtp:\n        enroll: REQUIRED\n  oieExample:\n    type: okta:PolicyMfaDefault\n    name: oie_example\n    properties:\n      isOie: true\n      oktaPassword:\n        enroll: REQUIRED\n      oktaVerify:\n        enroll: REQUIRED\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\n```sh\n$ pulumi import okta:index/policyMfaDefault:PolicyMfaDefault example .\n```\n\n","properties":{"customApps":{"type":"array","items":{"type":"object","additionalProperties":{"type":"string"}},"description":"List of custom authenticators, specify entry like {\"enroll\": \"OPTIONAL\", \"id\": \"\u003cid_of_custom_app\u003e\"} to mark specific custom app optional, list must contain at least 1 entry."},"defaultIncludedGroupId":{"type":"string","description":"Default group ID (always included)\n"},"description":{"type":"string","description":"Default policy description\n"},"duo":{"type":"object","additionalProperties":{"type":"string"}},"externalIdp":{"type":"object","additionalProperties":{"type":"string"},"deprecationMessage":"Since okta now support multiple external_idps, this will be deprecated. Please use \u003cspan pulumi-lang-nodejs=\"`externalIdps`\" pulumi-lang-dotnet=\"`ExternalIdps`\" pulumi-lang-go=\"`externalIdps`\" pulumi-lang-python=\"`external_idps`\" pulumi-lang-yaml=\"`externalIdps`\" pulumi-lang-java=\"`externalIdps`\"\u003e`external_idps`\u003c/span\u003e instead"},"externalIdps":{"type":"array","items":{"type":"object","additionalProperties":{"type":"string"}}},"fidoU2f":{"type":"object","additionalProperties":{"type":"string"}},"fidoWebauthn":{"type":"object","additionalProperties":{"type":"string"}},"googleOtp":{"type":"object","additionalProperties":{"type":"string"}},"hotp":{"type":"object","additionalProperties":{"type":"string"}},"isOie":{"type":"boolean","description":"Is the policy using Okta Identity Engine (OIE) with authenticators instead of factors?\n"},"name":{"type":"string","description":"Default policy name\n"},"oktaCall":{"type":"object","additionalProperties":{"type":"string"}},"oktaEmail":{"type":"object","additionalProperties":{"type":"string"}},"oktaOtp":{"type":"object","additionalProperties":{"type":"string"}},"oktaPassword":{"type":"object","additionalProperties":{"type":"string"}},"oktaPush":{"type":"object","additionalProperties":{"type":"string"}},"oktaQuestion":{"type":"object","additionalProperties":{"type":"string"}},"oktaSms":{"type":"object","additionalProperties":{"type":"string"}},"oktaVerify":{"type":"object","additionalProperties":{"type":"string"}},"onpremMfa":{"type":"object","additionalProperties":{"type":"string"}},"phoneNumber":{"type":"object","additionalProperties":{"type":"string"}},"priority":{"type":"integer","description":"Default policy priority\n"},"rsaToken":{"type":"object","additionalProperties":{"type":"string"}},"securityQuestion":{"type":"object","additionalProperties":{"type":"string"}},"smartCardIdp":{"type":"object","additionalProperties":{"type":"string"}},"status":{"type":"string","description":"Default policy status\n"},"symantecVip":{"type":"object","additionalProperties":{"type":"string"}},"webauthn":{"type":"object","additionalProperties":{"type":"string"}},"yubikeyToken":{"type":"object","additionalProperties":{"type":"string"}}},"required":["defaultIncludedGroupId","description","name","priority","status"],"inputProperties":{"customApps":{"type":"array","items":{"type":"object","additionalProperties":{"type":"string"}},"description":"List of custom authenticators, specify entry like {\"enroll\": \"OPTIONAL\", \"id\": \"\u003cid_of_custom_app\u003e\"} to mark specific custom app optional, list must contain at least 1 entry."},"duo":{"type":"object","additionalProperties":{"type":"string"}},"externalIdp":{"type":"object","additionalProperties":{"type":"string"},"deprecationMessage":"Since okta now support multiple external_idps, this will be deprecated. Please use \u003cspan pulumi-lang-nodejs=\"`externalIdps`\" pulumi-lang-dotnet=\"`ExternalIdps`\" pulumi-lang-go=\"`externalIdps`\" pulumi-lang-python=\"`external_idps`\" pulumi-lang-yaml=\"`externalIdps`\" pulumi-lang-java=\"`externalIdps`\"\u003e`external_idps`\u003c/span\u003e instead"},"externalIdps":{"type":"array","items":{"type":"object","additionalProperties":{"type":"string"}}},"fidoU2f":{"type":"object","additionalProperties":{"type":"string"}},"fidoWebauthn":{"type":"object","additionalProperties":{"type":"string"}},"googleOtp":{"type":"object","additionalProperties":{"type":"string"}},"hotp":{"type":"object","additionalProperties":{"type":"string"}},"isOie":{"type":"boolean","description":"Is the policy using Okta Identity Engine (OIE) with authenticators instead of factors?\n"},"oktaCall":{"type":"object","additionalProperties":{"type":"string"}},"oktaEmail":{"type":"object","additionalProperties":{"type":"string"}},"oktaOtp":{"type":"object","additionalProperties":{"type":"string"}},"oktaPassword":{"type":"object","additionalProperties":{"type":"string"}},"oktaPush":{"type":"object","additionalProperties":{"type":"string"}},"oktaQuestion":{"type":"object","additionalProperties":{"type":"string"}},"oktaSms":{"type":"object","additionalProperties":{"type":"string"}},"oktaVerify":{"type":"object","additionalProperties":{"type":"string"}},"onpremMfa":{"type":"object","additionalProperties":{"type":"string"}},"phoneNumber":{"type":"object","additionalProperties":{"type":"string"}},"rsaToken":{"type":"object","additionalProperties":{"type":"string"}},"securityQuestion":{"type":"object","additionalProperties":{"type":"string"}},"smartCardIdp":{"type":"object","additionalProperties":{"type":"string"}},"symantecVip":{"type":"object","additionalProperties":{"type":"string"}},"webauthn":{"type":"object","additionalProperties":{"type":"string"}},"yubikeyToken":{"type":"object","additionalProperties":{"type":"string"}}},"stateInputs":{"description":"Input properties used for looking up and filtering PolicyMfaDefault resources.\n","properties":{"customApps":{"type":"array","items":{"type":"object","additionalProperties":{"type":"string"}},"description":"List of custom authenticators, specify entry like {\"enroll\": \"OPTIONAL\", \"id\": \"\u003cid_of_custom_app\u003e\"} to mark specific custom app optional, list must contain at least 1 entry."},"defaultIncludedGroupId":{"type":"string","description":"Default group ID (always included)\n"},"description":{"type":"string","description":"Default policy description\n"},"duo":{"type":"object","additionalProperties":{"type":"string"}},"externalIdp":{"type":"object","additionalProperties":{"type":"string"},"deprecationMessage":"Since okta now support multiple external_idps, this will be deprecated. Please use \u003cspan pulumi-lang-nodejs=\"`externalIdps`\" pulumi-lang-dotnet=\"`ExternalIdps`\" pulumi-lang-go=\"`externalIdps`\" pulumi-lang-python=\"`external_idps`\" pulumi-lang-yaml=\"`externalIdps`\" pulumi-lang-java=\"`externalIdps`\"\u003e`external_idps`\u003c/span\u003e instead"},"externalIdps":{"type":"array","items":{"type":"object","additionalProperties":{"type":"string"}}},"fidoU2f":{"type":"object","additionalProperties":{"type":"string"}},"fidoWebauthn":{"type":"object","additionalProperties":{"type":"string"}},"googleOtp":{"type":"object","additionalProperties":{"type":"string"}},"hotp":{"type":"object","additionalProperties":{"type":"string"}},"isOie":{"type":"boolean","description":"Is the policy using Okta Identity Engine (OIE) with authenticators instead of factors?\n"},"name":{"type":"string","description":"Default policy name\n"},"oktaCall":{"type":"object","additionalProperties":{"type":"string"}},"oktaEmail":{"type":"object","additionalProperties":{"type":"string"}},"oktaOtp":{"type":"object","additionalProperties":{"type":"string"}},"oktaPassword":{"type":"object","additionalProperties":{"type":"string"}},"oktaPush":{"type":"object","additionalProperties":{"type":"string"}},"oktaQuestion":{"type":"object","additionalProperties":{"type":"string"}},"oktaSms":{"type":"object","additionalProperties":{"type":"string"}},"oktaVerify":{"type":"object","additionalProperties":{"type":"string"}},"onpremMfa":{"type":"object","additionalProperties":{"type":"string"}},"phoneNumber":{"type":"object","additionalProperties":{"type":"string"}},"priority":{"type":"integer","description":"Default policy priority\n"},"rsaToken":{"type":"object","additionalProperties":{"type":"string"}},"securityQuestion":{"type":"object","additionalProperties":{"type":"string"}},"smartCardIdp":{"type":"object","additionalProperties":{"type":"string"}},"status":{"type":"string","description":"Default policy status\n"},"symantecVip":{"type":"object","additionalProperties":{"type":"string"}},"webauthn":{"type":"object","additionalProperties":{"type":"string"}},"yubikeyToken":{"type":"object","additionalProperties":{"type":"string"}}},"type":"object"}},"okta:index/policyPasswordDefault:PolicyPasswordDefault":{"description":"Configures default password policy. This resource allows you to configure default password policy.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst _default = new okta.PolicyPasswordDefault(\"default\", {});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\ndefault = okta.PolicyPasswordDefault(\"default\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var @default = new Okta.PolicyPasswordDefault(\"default\");\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := okta.NewPolicyPasswordDefault(ctx, \"default\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.PolicyPasswordDefault;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        var default_ = new PolicyPasswordDefault(\"default\");\n\n    }\n}\n```\n```yaml\nresources:\n  default:\n    type: okta:PolicyPasswordDefault\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\n```sh\n$ pulumi import okta:index/policyPasswordDefault:PolicyPasswordDefault example .\n```\n\n","properties":{"callRecovery":{"type":"string","description":"Enable or disable voice call recovery: ACTIVE or INACTIVE. Default: `INACTIVE`\n"},"defaultAuthProvider":{"type":"string","description":"Default Authentication Provider\n"},"defaultIncludedGroupId":{"type":"string","description":"Default group ID (always included)\n"},"description":{"type":"string","description":"Default policy description\n"},"emailRecovery":{"type":"string","description":"Enable or disable email password recovery: ACTIVE or INACTIVE. Default: `ACTIVE`\n"},"name":{"type":"string","description":"Default policy name\n"},"passwordAutoUnlockMinutes":{"type":"integer","description":"Number of minutes before a locked account is unlocked: 0 = no limit. Default: \u003cspan pulumi-lang-nodejs=\"`0`\" pulumi-lang-dotnet=\"`0`\" pulumi-lang-go=\"`0`\" pulumi-lang-python=\"`0`\" pulumi-lang-yaml=\"`0`\" pulumi-lang-java=\"`0`\"\u003e`0`\u003c/span\u003e\n"},"passwordDictionaryLookup":{"type":"boolean","description":"Check Passwords Against Common Password Dictionary. Default: \u003cspan pulumi-lang-nodejs=\"`false`\" pulumi-lang-dotnet=\"`False`\" pulumi-lang-go=\"`false`\" pulumi-lang-python=\"`false`\" pulumi-lang-yaml=\"`false`\" pulumi-lang-java=\"`false`\"\u003e`false`\u003c/span\u003e\n"},"passwordExcludeFirstName":{"type":"boolean","description":"User firstName attribute must be excluded from the password\n"},"passwordExcludeLastName":{"type":"boolean","description":"User lastName attribute must be excluded from the password\n"},"passwordExcludeUsername":{"type":"boolean","description":"If the user name must be excluded from the password. Default: \u003cspan pulumi-lang-nodejs=\"`true`\" pulumi-lang-dotnet=\"`True`\" pulumi-lang-go=\"`true`\" pulumi-lang-python=\"`true`\" pulumi-lang-yaml=\"`true`\" pulumi-lang-java=\"`true`\"\u003e`true`\u003c/span\u003e\n"},"passwordExpireWarnDays":{"type":"integer","description":"Length in days a user will be warned before password expiry: 0 = no warning. Default: \u003cspan pulumi-lang-nodejs=\"`0`\" pulumi-lang-dotnet=\"`0`\" pulumi-lang-go=\"`0`\" pulumi-lang-python=\"`0`\" pulumi-lang-yaml=\"`0`\" pulumi-lang-java=\"`0`\"\u003e`0`\u003c/span\u003e\n"},"passwordHistoryCount":{"type":"integer","description":"Number of distinct passwords that must be created before they can be reused: 0 = none. Default: \u003cspan pulumi-lang-nodejs=\"`4`\" pulumi-lang-dotnet=\"`4`\" pulumi-lang-go=\"`4`\" pulumi-lang-python=\"`4`\" pulumi-lang-yaml=\"`4`\" pulumi-lang-java=\"`4`\"\u003e`4`\u003c/span\u003e\n"},"passwordLockoutNotificationChannels":{"type":"array","items":{"type":"string"},"description":"Notification channels to use to notify a user when their account has been locked.\n"},"passwordMaxAgeDays":{"type":"integer","description":"Length in days a password is valid before expiry: 0 = no limit. Default: \u003cspan pulumi-lang-nodejs=\"`0`\" pulumi-lang-dotnet=\"`0`\" pulumi-lang-go=\"`0`\" pulumi-lang-python=\"`0`\" pulumi-lang-yaml=\"`0`\" pulumi-lang-java=\"`0`\"\u003e`0`\u003c/span\u003e\n"},"passwordMaxLockoutAttempts":{"type":"integer","description":"Number of unsuccessful login attempts allowed before lockout: 0 = no limit. Default: \u003cspan pulumi-lang-nodejs=\"`10`\" pulumi-lang-dotnet=\"`10`\" pulumi-lang-go=\"`10`\" pulumi-lang-python=\"`10`\" pulumi-lang-yaml=\"`10`\" pulumi-lang-java=\"`10`\"\u003e`10`\u003c/span\u003e\n"},"passwordMinAgeMinutes":{"type":"integer","description":"Minimum time interval in minutes between password changes: 0 = no limit. Default: \u003cspan pulumi-lang-nodejs=\"`0`\" pulumi-lang-dotnet=\"`0`\" pulumi-lang-go=\"`0`\" pulumi-lang-python=\"`0`\" pulumi-lang-yaml=\"`0`\" pulumi-lang-java=\"`0`\"\u003e`0`\u003c/span\u003e\n"},"passwordMinLength":{"type":"integer","description":"Minimum password length. Default is \u003cspan pulumi-lang-nodejs=\"`8`\" pulumi-lang-dotnet=\"`8`\" pulumi-lang-go=\"`8`\" pulumi-lang-python=\"`8`\" pulumi-lang-yaml=\"`8`\" pulumi-lang-java=\"`8`\"\u003e`8`\u003c/span\u003e.\n"},"passwordMinLowercase":{"type":"integer","description":"If a password must contain at least one lower case letter: 0 = no, 1 = yes. Default = 1\n"},"passwordMinNumber":{"type":"integer","description":"If a password must contain at least one number: 0 = no, 1 = yes. Default = \u003cspan pulumi-lang-nodejs=\"`1`\" pulumi-lang-dotnet=\"`1`\" pulumi-lang-go=\"`1`\" pulumi-lang-python=\"`1`\" pulumi-lang-yaml=\"`1`\" pulumi-lang-java=\"`1`\"\u003e`1`\u003c/span\u003e\n"},"passwordMinSymbol":{"type":"integer","description":"If a password must contain at least one symbol (!@#$%^\u0026*): 0 = no, 1 = yes. Default = \u003cspan pulumi-lang-nodejs=\"`0`\" pulumi-lang-dotnet=\"`0`\" pulumi-lang-go=\"`0`\" pulumi-lang-python=\"`0`\" pulumi-lang-yaml=\"`0`\" pulumi-lang-java=\"`0`\"\u003e`0`\u003c/span\u003e\n"},"passwordMinUppercase":{"type":"integer","description":"If a password must contain at least one upper case letter: 0 = no, 1 = yes. Default = 1\n"},"passwordShowLockoutFailures":{"type":"boolean","description":"If a user should be informed when their account is locked. Default: \u003cspan pulumi-lang-nodejs=\"`false`\" pulumi-lang-dotnet=\"`False`\" pulumi-lang-go=\"`false`\" pulumi-lang-python=\"`false`\" pulumi-lang-yaml=\"`false`\" pulumi-lang-java=\"`false`\"\u003e`false`\u003c/span\u003e\n"},"priority":{"type":"integer","description":"Default policy priority\n"},"questionMinLength":{"type":"integer","description":"Min length of the password recovery question answer. Default: \u003cspan pulumi-lang-nodejs=\"`4`\" pulumi-lang-dotnet=\"`4`\" pulumi-lang-go=\"`4`\" pulumi-lang-python=\"`4`\" pulumi-lang-yaml=\"`4`\" pulumi-lang-java=\"`4`\"\u003e`4`\u003c/span\u003e\n"},"questionRecovery":{"type":"string","description":"Enable or disable security question password recovery: ACTIVE or INACTIVE. Default: `ACTIVE`\n"},"recoveryEmailToken":{"type":"integer","description":"Lifetime in minutes of the recovery email token. Default: \u003cspan pulumi-lang-nodejs=\"`60`\" pulumi-lang-dotnet=\"`60`\" pulumi-lang-go=\"`60`\" pulumi-lang-python=\"`60`\" pulumi-lang-yaml=\"`60`\" pulumi-lang-java=\"`60`\"\u003e`60`\u003c/span\u003e\n"},"skipUnlock":{"type":"boolean","description":"When an Active Directory user is locked out of Okta, the Okta unlock operation should also attempt to unlock the user's Windows account. Default: \u003cspan pulumi-lang-nodejs=\"`false`\" pulumi-lang-dotnet=\"`False`\" pulumi-lang-go=\"`false`\" pulumi-lang-python=\"`false`\" pulumi-lang-yaml=\"`false`\" pulumi-lang-java=\"`false`\"\u003e`false`\u003c/span\u003e\n"},"smsRecovery":{"type":"string","description":"Enable or disable SMS password recovery: ACTIVE or INACTIVE. Default: `INACTIVE`\n"},"status":{"type":"string","description":"Default policy status\n"}},"required":["defaultAuthProvider","defaultIncludedGroupId","description","name","priority","status"],"inputProperties":{"callRecovery":{"type":"string","description":"Enable or disable voice call recovery: ACTIVE or INACTIVE. Default: `INACTIVE`\n"},"emailRecovery":{"type":"string","description":"Enable or disable email password recovery: ACTIVE or INACTIVE. Default: `ACTIVE`\n"},"passwordAutoUnlockMinutes":{"type":"integer","description":"Number of minutes before a locked account is unlocked: 0 = no limit. Default: \u003cspan pulumi-lang-nodejs=\"`0`\" pulumi-lang-dotnet=\"`0`\" pulumi-lang-go=\"`0`\" pulumi-lang-python=\"`0`\" pulumi-lang-yaml=\"`0`\" pulumi-lang-java=\"`0`\"\u003e`0`\u003c/span\u003e\n"},"passwordDictionaryLookup":{"type":"boolean","description":"Check Passwords Against Common Password Dictionary. Default: \u003cspan pulumi-lang-nodejs=\"`false`\" pulumi-lang-dotnet=\"`False`\" pulumi-lang-go=\"`false`\" pulumi-lang-python=\"`false`\" pulumi-lang-yaml=\"`false`\" pulumi-lang-java=\"`false`\"\u003e`false`\u003c/span\u003e\n"},"passwordExcludeFirstName":{"type":"boolean","description":"User firstName attribute must be excluded from the password\n"},"passwordExcludeLastName":{"type":"boolean","description":"User lastName attribute must be excluded from the password\n"},"passwordExcludeUsername":{"type":"boolean","description":"If the user name must be excluded from the password. Default: \u003cspan pulumi-lang-nodejs=\"`true`\" pulumi-lang-dotnet=\"`True`\" pulumi-lang-go=\"`true`\" pulumi-lang-python=\"`true`\" pulumi-lang-yaml=\"`true`\" pulumi-lang-java=\"`true`\"\u003e`true`\u003c/span\u003e\n"},"passwordExpireWarnDays":{"type":"integer","description":"Length in days a user will be warned before password expiry: 0 = no warning. Default: \u003cspan pulumi-lang-nodejs=\"`0`\" pulumi-lang-dotnet=\"`0`\" pulumi-lang-go=\"`0`\" pulumi-lang-python=\"`0`\" pulumi-lang-yaml=\"`0`\" pulumi-lang-java=\"`0`\"\u003e`0`\u003c/span\u003e\n"},"passwordHistoryCount":{"type":"integer","description":"Number of distinct passwords that must be created before they can be reused: 0 = none. Default: \u003cspan pulumi-lang-nodejs=\"`4`\" pulumi-lang-dotnet=\"`4`\" pulumi-lang-go=\"`4`\" pulumi-lang-python=\"`4`\" pulumi-lang-yaml=\"`4`\" pulumi-lang-java=\"`4`\"\u003e`4`\u003c/span\u003e\n"},"passwordLockoutNotificationChannels":{"type":"array","items":{"type":"string"},"description":"Notification channels to use to notify a user when their account has been locked.\n"},"passwordMaxAgeDays":{"type":"integer","description":"Length in days a password is valid before expiry: 0 = no limit. Default: \u003cspan pulumi-lang-nodejs=\"`0`\" pulumi-lang-dotnet=\"`0`\" pulumi-lang-go=\"`0`\" pulumi-lang-python=\"`0`\" pulumi-lang-yaml=\"`0`\" pulumi-lang-java=\"`0`\"\u003e`0`\u003c/span\u003e\n"},"passwordMaxLockoutAttempts":{"type":"integer","description":"Number of unsuccessful login attempts allowed before lockout: 0 = no limit. Default: \u003cspan pulumi-lang-nodejs=\"`10`\" pulumi-lang-dotnet=\"`10`\" pulumi-lang-go=\"`10`\" pulumi-lang-python=\"`10`\" pulumi-lang-yaml=\"`10`\" pulumi-lang-java=\"`10`\"\u003e`10`\u003c/span\u003e\n"},"passwordMinAgeMinutes":{"type":"integer","description":"Minimum time interval in minutes between password changes: 0 = no limit. Default: \u003cspan pulumi-lang-nodejs=\"`0`\" pulumi-lang-dotnet=\"`0`\" pulumi-lang-go=\"`0`\" pulumi-lang-python=\"`0`\" pulumi-lang-yaml=\"`0`\" pulumi-lang-java=\"`0`\"\u003e`0`\u003c/span\u003e\n"},"passwordMinLength":{"type":"integer","description":"Minimum password length. Default is \u003cspan pulumi-lang-nodejs=\"`8`\" pulumi-lang-dotnet=\"`8`\" pulumi-lang-go=\"`8`\" pulumi-lang-python=\"`8`\" pulumi-lang-yaml=\"`8`\" pulumi-lang-java=\"`8`\"\u003e`8`\u003c/span\u003e.\n"},"passwordMinLowercase":{"type":"integer","description":"If a password must contain at least one lower case letter: 0 = no, 1 = yes. Default = 1\n"},"passwordMinNumber":{"type":"integer","description":"If a password must contain at least one number: 0 = no, 1 = yes. Default = \u003cspan pulumi-lang-nodejs=\"`1`\" pulumi-lang-dotnet=\"`1`\" pulumi-lang-go=\"`1`\" pulumi-lang-python=\"`1`\" pulumi-lang-yaml=\"`1`\" pulumi-lang-java=\"`1`\"\u003e`1`\u003c/span\u003e\n"},"passwordMinSymbol":{"type":"integer","description":"If a password must contain at least one symbol (!@#$%^\u0026*): 0 = no, 1 = yes. Default = \u003cspan pulumi-lang-nodejs=\"`0`\" pulumi-lang-dotnet=\"`0`\" pulumi-lang-go=\"`0`\" pulumi-lang-python=\"`0`\" pulumi-lang-yaml=\"`0`\" pulumi-lang-java=\"`0`\"\u003e`0`\u003c/span\u003e\n"},"passwordMinUppercase":{"type":"integer","description":"If a password must contain at least one upper case letter: 0 = no, 1 = yes. Default = 1\n"},"passwordShowLockoutFailures":{"type":"boolean","description":"If a user should be informed when their account is locked. Default: \u003cspan pulumi-lang-nodejs=\"`false`\" pulumi-lang-dotnet=\"`False`\" pulumi-lang-go=\"`false`\" pulumi-lang-python=\"`false`\" pulumi-lang-yaml=\"`false`\" pulumi-lang-java=\"`false`\"\u003e`false`\u003c/span\u003e\n"},"questionMinLength":{"type":"integer","description":"Min length of the password recovery question answer. Default: \u003cspan pulumi-lang-nodejs=\"`4`\" pulumi-lang-dotnet=\"`4`\" pulumi-lang-go=\"`4`\" pulumi-lang-python=\"`4`\" pulumi-lang-yaml=\"`4`\" pulumi-lang-java=\"`4`\"\u003e`4`\u003c/span\u003e\n"},"questionRecovery":{"type":"string","description":"Enable or disable security question password recovery: ACTIVE or INACTIVE. Default: `ACTIVE`\n"},"recoveryEmailToken":{"type":"integer","description":"Lifetime in minutes of the recovery email token. Default: \u003cspan pulumi-lang-nodejs=\"`60`\" pulumi-lang-dotnet=\"`60`\" pulumi-lang-go=\"`60`\" pulumi-lang-python=\"`60`\" pulumi-lang-yaml=\"`60`\" pulumi-lang-java=\"`60`\"\u003e`60`\u003c/span\u003e\n"},"skipUnlock":{"type":"boolean","description":"When an Active Directory user is locked out of Okta, the Okta unlock operation should also attempt to unlock the user's Windows account. Default: \u003cspan pulumi-lang-nodejs=\"`false`\" pulumi-lang-dotnet=\"`False`\" pulumi-lang-go=\"`false`\" pulumi-lang-python=\"`false`\" pulumi-lang-yaml=\"`false`\" pulumi-lang-java=\"`false`\"\u003e`false`\u003c/span\u003e\n"},"smsRecovery":{"type":"string","description":"Enable or disable SMS password recovery: ACTIVE or INACTIVE. Default: `INACTIVE`\n"}},"stateInputs":{"description":"Input properties used for looking up and filtering PolicyPasswordDefault resources.\n","properties":{"callRecovery":{"type":"string","description":"Enable or disable voice call recovery: ACTIVE or INACTIVE. Default: `INACTIVE`\n"},"defaultAuthProvider":{"type":"string","description":"Default Authentication Provider\n"},"defaultIncludedGroupId":{"type":"string","description":"Default group ID (always included)\n"},"description":{"type":"string","description":"Default policy description\n"},"emailRecovery":{"type":"string","description":"Enable or disable email password recovery: ACTIVE or INACTIVE. Default: `ACTIVE`\n"},"name":{"type":"string","description":"Default policy name\n"},"passwordAutoUnlockMinutes":{"type":"integer","description":"Number of minutes before a locked account is unlocked: 0 = no limit. Default: \u003cspan pulumi-lang-nodejs=\"`0`\" pulumi-lang-dotnet=\"`0`\" pulumi-lang-go=\"`0`\" pulumi-lang-python=\"`0`\" pulumi-lang-yaml=\"`0`\" pulumi-lang-java=\"`0`\"\u003e`0`\u003c/span\u003e\n"},"passwordDictionaryLookup":{"type":"boolean","description":"Check Passwords Against Common Password Dictionary. Default: \u003cspan pulumi-lang-nodejs=\"`false`\" pulumi-lang-dotnet=\"`False`\" pulumi-lang-go=\"`false`\" pulumi-lang-python=\"`false`\" pulumi-lang-yaml=\"`false`\" pulumi-lang-java=\"`false`\"\u003e`false`\u003c/span\u003e\n"},"passwordExcludeFirstName":{"type":"boolean","description":"User firstName attribute must be excluded from the password\n"},"passwordExcludeLastName":{"type":"boolean","description":"User lastName attribute must be excluded from the password\n"},"passwordExcludeUsername":{"type":"boolean","description":"If the user name must be excluded from the password. Default: \u003cspan pulumi-lang-nodejs=\"`true`\" pulumi-lang-dotnet=\"`True`\" pulumi-lang-go=\"`true`\" pulumi-lang-python=\"`true`\" pulumi-lang-yaml=\"`true`\" pulumi-lang-java=\"`true`\"\u003e`true`\u003c/span\u003e\n"},"passwordExpireWarnDays":{"type":"integer","description":"Length in days a user will be warned before password expiry: 0 = no warning. Default: \u003cspan pulumi-lang-nodejs=\"`0`\" pulumi-lang-dotnet=\"`0`\" pulumi-lang-go=\"`0`\" pulumi-lang-python=\"`0`\" pulumi-lang-yaml=\"`0`\" pulumi-lang-java=\"`0`\"\u003e`0`\u003c/span\u003e\n"},"passwordHistoryCount":{"type":"integer","description":"Number of distinct passwords that must be created before they can be reused: 0 = none. Default: \u003cspan pulumi-lang-nodejs=\"`4`\" pulumi-lang-dotnet=\"`4`\" pulumi-lang-go=\"`4`\" pulumi-lang-python=\"`4`\" pulumi-lang-yaml=\"`4`\" pulumi-lang-java=\"`4`\"\u003e`4`\u003c/span\u003e\n"},"passwordLockoutNotificationChannels":{"type":"array","items":{"type":"string"},"description":"Notification channels to use to notify a user when their account has been locked.\n"},"passwordMaxAgeDays":{"type":"integer","description":"Length in days a password is valid before expiry: 0 = no limit. Default: \u003cspan pulumi-lang-nodejs=\"`0`\" pulumi-lang-dotnet=\"`0`\" pulumi-lang-go=\"`0`\" pulumi-lang-python=\"`0`\" pulumi-lang-yaml=\"`0`\" pulumi-lang-java=\"`0`\"\u003e`0`\u003c/span\u003e\n"},"passwordMaxLockoutAttempts":{"type":"integer","description":"Number of unsuccessful login attempts allowed before lockout: 0 = no limit. Default: \u003cspan pulumi-lang-nodejs=\"`10`\" pulumi-lang-dotnet=\"`10`\" pulumi-lang-go=\"`10`\" pulumi-lang-python=\"`10`\" pulumi-lang-yaml=\"`10`\" pulumi-lang-java=\"`10`\"\u003e`10`\u003c/span\u003e\n"},"passwordMinAgeMinutes":{"type":"integer","description":"Minimum time interval in minutes between password changes: 0 = no limit. Default: \u003cspan pulumi-lang-nodejs=\"`0`\" pulumi-lang-dotnet=\"`0`\" pulumi-lang-go=\"`0`\" pulumi-lang-python=\"`0`\" pulumi-lang-yaml=\"`0`\" pulumi-lang-java=\"`0`\"\u003e`0`\u003c/span\u003e\n"},"passwordMinLength":{"type":"integer","description":"Minimum password length. Default is \u003cspan pulumi-lang-nodejs=\"`8`\" pulumi-lang-dotnet=\"`8`\" pulumi-lang-go=\"`8`\" pulumi-lang-python=\"`8`\" pulumi-lang-yaml=\"`8`\" pulumi-lang-java=\"`8`\"\u003e`8`\u003c/span\u003e.\n"},"passwordMinLowercase":{"type":"integer","description":"If a password must contain at least one lower case letter: 0 = no, 1 = yes. Default = 1\n"},"passwordMinNumber":{"type":"integer","description":"If a password must contain at least one number: 0 = no, 1 = yes. Default = \u003cspan pulumi-lang-nodejs=\"`1`\" pulumi-lang-dotnet=\"`1`\" pulumi-lang-go=\"`1`\" pulumi-lang-python=\"`1`\" pulumi-lang-yaml=\"`1`\" pulumi-lang-java=\"`1`\"\u003e`1`\u003c/span\u003e\n"},"passwordMinSymbol":{"type":"integer","description":"If a password must contain at least one symbol (!@#$%^\u0026*): 0 = no, 1 = yes. Default = \u003cspan pulumi-lang-nodejs=\"`0`\" pulumi-lang-dotnet=\"`0`\" pulumi-lang-go=\"`0`\" pulumi-lang-python=\"`0`\" pulumi-lang-yaml=\"`0`\" pulumi-lang-java=\"`0`\"\u003e`0`\u003c/span\u003e\n"},"passwordMinUppercase":{"type":"integer","description":"If a password must contain at least one upper case letter: 0 = no, 1 = yes. Default = 1\n"},"passwordShowLockoutFailures":{"type":"boolean","description":"If a user should be informed when their account is locked. Default: \u003cspan pulumi-lang-nodejs=\"`false`\" pulumi-lang-dotnet=\"`False`\" pulumi-lang-go=\"`false`\" pulumi-lang-python=\"`false`\" pulumi-lang-yaml=\"`false`\" pulumi-lang-java=\"`false`\"\u003e`false`\u003c/span\u003e\n"},"priority":{"type":"integer","description":"Default policy priority\n"},"questionMinLength":{"type":"integer","description":"Min length of the password recovery question answer. Default: \u003cspan pulumi-lang-nodejs=\"`4`\" pulumi-lang-dotnet=\"`4`\" pulumi-lang-go=\"`4`\" pulumi-lang-python=\"`4`\" pulumi-lang-yaml=\"`4`\" pulumi-lang-java=\"`4`\"\u003e`4`\u003c/span\u003e\n"},"questionRecovery":{"type":"string","description":"Enable or disable security question password recovery: ACTIVE or INACTIVE. Default: `ACTIVE`\n"},"recoveryEmailToken":{"type":"integer","description":"Lifetime in minutes of the recovery email token. Default: \u003cspan pulumi-lang-nodejs=\"`60`\" pulumi-lang-dotnet=\"`60`\" pulumi-lang-go=\"`60`\" pulumi-lang-python=\"`60`\" pulumi-lang-yaml=\"`60`\" pulumi-lang-java=\"`60`\"\u003e`60`\u003c/span\u003e\n"},"skipUnlock":{"type":"boolean","description":"When an Active Directory user is locked out of Okta, the Okta unlock operation should also attempt to unlock the user's Windows account. Default: \u003cspan pulumi-lang-nodejs=\"`false`\" pulumi-lang-dotnet=\"`False`\" pulumi-lang-go=\"`false`\" pulumi-lang-python=\"`false`\" pulumi-lang-yaml=\"`false`\" pulumi-lang-java=\"`false`\"\u003e`false`\u003c/span\u003e\n"},"smsRecovery":{"type":"string","description":"Enable or disable SMS password recovery: ACTIVE or INACTIVE. Default: `INACTIVE`\n"},"status":{"type":"string","description":"Default policy status\n"}},"type":"object"}},"okta:index/policyProfileEnrollment:PolicyProfileEnrollment":{"description":"Creates a Profile Enrollment Policy\n\t\t\n\u003e **WARNING:** This feature is only available as a part of the Identity Engine. Contact support for further information.\nThis resource allows you to create and configure a Profile Enrollment Policy.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst example = new okta.PolicyProfileEnrollment(\"example\", {\n    name: \"example\",\n    status: \"ACTIVE\",\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\nexample = okta.PolicyProfileEnrollment(\"example\",\n    name=\"example\",\n    status=\"ACTIVE\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var example = new Okta.PolicyProfileEnrollment(\"example\", new()\n    {\n        Name = \"example\",\n        Status = \"ACTIVE\",\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := okta.NewPolicyProfileEnrollment(ctx, \"example\", \u0026okta.PolicyProfileEnrollmentArgs{\n\t\t\tName:   pulumi.String(\"example\"),\n\t\t\tStatus: pulumi.String(\"ACTIVE\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.PolicyProfileEnrollment;\nimport com.pulumi.okta.PolicyProfileEnrollmentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        var example = new PolicyProfileEnrollment(\"example\", PolicyProfileEnrollmentArgs.builder()\n            .name(\"example\")\n            .status(\"ACTIVE\")\n            .build());\n\n    }\n}\n```\n```yaml\nresources:\n  example:\n    type: okta:PolicyProfileEnrollment\n    properties:\n      name: example\n      status: ACTIVE\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\n```sh\n$ pulumi import okta:index/policyProfileEnrollment:PolicyProfileEnrollment example \u003cpolicy_id\u003e\n```\n\n","properties":{"name":{"type":"string","description":"Name of the policy\n"},"status":{"type":"string","description":"Status of the policy\n"}},"required":["name"],"inputProperties":{"name":{"type":"string","description":"Name of the policy\n"},"status":{"type":"string","description":"Status of the policy\n"}},"stateInputs":{"description":"Input properties used for looking up and filtering PolicyProfileEnrollment resources.\n","properties":{"name":{"type":"string","description":"Name of the policy\n"},"status":{"type":"string","description":"Status of the policy\n"}},"type":"object"}},"okta:index/policyProfileEnrollmentApps:PolicyProfileEnrollmentApps":{"description":"Manages Profile Enrollment Policy Apps\n\u003e **WARNING:** This feature is only available as a part of the Identity Engine. Contact support for further information.\nThis resource allows you to manage the apps in the Profile Enrollment Policy. \n**Important Notes:** \n - Default Enrollment Policy can not be used in this resource since it is used as a policy to re-assign apps to when they are unassigned from this one.\n - When re-assigning the app to another policy, please use 'depends_on' in the policy to which the app will be assigned. This is necessary to avoid \n  unexpected behavior, since if the app is unassigned from the policy it is just assigned to the 'Default' one.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst example = okta.policy.getPolicy({\n    name: \"My Policy\",\n    type: \"PROFILE_ENROLLMENT\",\n});\nconst test = okta.app.getApp({\n    label: \"My App\",\n});\nconst examplePolicyProfileEnrollmentApps = new okta.PolicyProfileEnrollmentApps(\"example\", {\n    policyId: exampleOktaPolicy.id,\n    apps: [id],\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\nexample = okta.policy.get_policy(name=\"My Policy\",\n    type=\"PROFILE_ENROLLMENT\")\ntest = okta.app.get_app(label=\"My App\")\nexample_policy_profile_enrollment_apps = okta.PolicyProfileEnrollmentApps(\"example\",\n    policy_id=example_okta_policy[\"id\"],\n    apps=[id])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var example = Okta.Policy.GetPolicy.Invoke(new()\n    {\n        Name = \"My Policy\",\n        Type = \"PROFILE_ENROLLMENT\",\n    });\n\n    var test = Okta.App.GetApp.Invoke(new()\n    {\n        Label = \"My App\",\n    });\n\n    var examplePolicyProfileEnrollmentApps = new Okta.PolicyProfileEnrollmentApps(\"example\", new()\n    {\n        PolicyId = exampleOktaPolicy.Id,\n        Apps = new[]\n        {\n            id,\n        },\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta\"\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta/app\"\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta/policy\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := policy.GetPolicy(ctx, \u0026policy.GetPolicyArgs{\n\t\t\tName: \"My Policy\",\n\t\t\tType: \"PROFILE_ENROLLMENT\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = app.GetApp(ctx, \u0026app.GetAppArgs{\n\t\t\tLabel: pulumi.StringRef(\"My App\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = okta.NewPolicyProfileEnrollmentApps(ctx, \"example\", \u0026okta.PolicyProfileEnrollmentAppsArgs{\n\t\t\tPolicyId: pulumi.Any(exampleOktaPolicy.Id),\n\t\t\tApps: pulumi.StringArray{\n\t\t\t\tid,\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.policy.PolicyFunctions;\nimport com.pulumi.okta.policy.inputs.GetPolicyArgs;\nimport com.pulumi.okta.app.AppFunctions;\nimport com.pulumi.okta.app.inputs.GetAppArgs;\nimport com.pulumi.okta.PolicyProfileEnrollmentApps;\nimport com.pulumi.okta.PolicyProfileEnrollmentAppsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        final var example = PolicyFunctions.getPolicy(GetPolicyArgs.builder()\n            .name(\"My Policy\")\n            .type(\"PROFILE_ENROLLMENT\")\n            .build());\n\n        final var test = AppFunctions.getApp(GetAppArgs.builder()\n            .label(\"My App\")\n            .build());\n\n        var examplePolicyProfileEnrollmentApps = new PolicyProfileEnrollmentApps(\"examplePolicyProfileEnrollmentApps\", PolicyProfileEnrollmentAppsArgs.builder()\n            .policyId(exampleOktaPolicy.id())\n            .apps(id)\n            .build());\n\n    }\n}\n```\n```yaml\nresources:\n  examplePolicyProfileEnrollmentApps:\n    type: okta:PolicyProfileEnrollmentApps\n    name: example\n    properties:\n      policyId: ${exampleOktaPolicy.id}\n      apps:\n        - ${id}\nvariables:\n  example:\n    fn::invoke:\n      function: okta:policy:getPolicy\n      arguments:\n        name: My Policy\n        type: PROFILE_ENROLLMENT\n  test:\n    fn::invoke:\n      function: okta:app:getApp\n      arguments:\n        label: My App\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\n```sh\n$ pulumi import okta:index/policyProfileEnrollmentApps:PolicyProfileEnrollmentApps example \u003cpolicy_id\u003e\n```\n\n","properties":{"apps":{"type":"array","items":{"type":"string"},"description":"List of app IDs to be added to this policy\n"},"defaultPolicyId":{"type":"string","description":"ID of the Default Enrollment Policy. This policy is used as a policy to re-assign apps to when they are unassigned from this one\n"},"policyId":{"type":"string","description":"ID of the enrollment policy.\n"}},"required":["defaultPolicyId","policyId"],"inputProperties":{"apps":{"type":"array","items":{"type":"string"},"description":"List of app IDs to be added to this policy\n"},"policyId":{"type":"string","description":"ID of the enrollment policy.\n","willReplaceOnChanges":true}},"requiredInputs":["policyId"],"stateInputs":{"description":"Input properties used for looking up and filtering PolicyProfileEnrollmentApps resources.\n","properties":{"apps":{"type":"array","items":{"type":"string"},"description":"List of app IDs to be added to this policy\n"},"defaultPolicyId":{"type":"string","description":"ID of the Default Enrollment Policy. This policy is used as a policy to re-assign apps to when they are unassigned from this one\n"},"policyId":{"type":"string","description":"ID of the enrollment policy.\n","willReplaceOnChanges":true}},"type":"object"}},"okta:index/policyRuleProfileEnrollment:PolicyRuleProfileEnrollment":{"description":"Creates a Profile Enrollment Policy Rule.\n\t\t\n\u003e **WARNING:** This feature is only available as a part of the Identity Engine. Contact support for further information.\nA [profile enrollment\npolicy](https://developer.okta.com/docs/reference/api/policy/#profile-enrollment-policy)\nis limited to one default rule. This resource does not create a rule for an\nenrollment policy, it allows the default policy rule to be updated.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst example = new okta.PolicyProfileEnrollment(\"example\", {name: \"My Enrollment Policy\"});\nconst exampleHook = new okta.inline.Hook(\"example\", {\n    name: \"My Inline Hook\",\n    status: \"ACTIVE\",\n    type: \"com.okta.user.pre-registration\",\n    version: \"1.0.3\",\n    channel: {\n        type: \"HTTP\",\n        version: \"1.0.0\",\n        uri: \"https://example.com/test2\",\n        method: \"POST\",\n    },\n});\nconst exampleGroup = new okta.group.Group(\"example\", {\n    name: \"My Group\",\n    description: \"Group of some users\",\n});\nconst examplePolicyRuleProfileEnrollment = new okta.PolicyRuleProfileEnrollment(\"example\", {\n    policyId: example.id,\n    inlineHookId: exampleHook.id,\n    targetGroupId: exampleGroup.id,\n    unknownUserAction: \"REGISTER\",\n    emailVerification: true,\n    access: \"ALLOW\",\n    profileAttributes: [\n        {\n            name: \"email\",\n            label: \"Email\",\n            required: true,\n        },\n        {\n            name: \"name\",\n            label: \"Name\",\n            required: true,\n        },\n        {\n            name: \"t-shirt\",\n            label: \"T-Shirt Size\",\n            required: false,\n        },\n    ],\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\nexample = okta.PolicyProfileEnrollment(\"example\", name=\"My Enrollment Policy\")\nexample_hook = okta.inline.Hook(\"example\",\n    name=\"My Inline Hook\",\n    status=\"ACTIVE\",\n    type=\"com.okta.user.pre-registration\",\n    version=\"1.0.3\",\n    channel={\n        \"type\": \"HTTP\",\n        \"version\": \"1.0.0\",\n        \"uri\": \"https://example.com/test2\",\n        \"method\": \"POST\",\n    })\nexample_group = okta.group.Group(\"example\",\n    name=\"My Group\",\n    description=\"Group of some users\")\nexample_policy_rule_profile_enrollment = okta.PolicyRuleProfileEnrollment(\"example\",\n    policy_id=example.id,\n    inline_hook_id=example_hook.id,\n    target_group_id=example_group.id,\n    unknown_user_action=\"REGISTER\",\n    email_verification=True,\n    access=\"ALLOW\",\n    profile_attributes=[\n        {\n            \"name\": \"email\",\n            \"label\": \"Email\",\n            \"required\": True,\n        },\n        {\n            \"name\": \"name\",\n            \"label\": \"Name\",\n            \"required\": True,\n        },\n        {\n            \"name\": \"t-shirt\",\n            \"label\": \"T-Shirt Size\",\n            \"required\": False,\n        },\n    ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var example = new Okta.PolicyProfileEnrollment(\"example\", new()\n    {\n        Name = \"My Enrollment Policy\",\n    });\n\n    var exampleHook = new Okta.Inline.Hook(\"example\", new()\n    {\n        Name = \"My Inline Hook\",\n        Status = \"ACTIVE\",\n        Type = \"com.okta.user.pre-registration\",\n        Version = \"1.0.3\",\n        Channel = \n        {\n            { \"type\", \"HTTP\" },\n            { \"version\", \"1.0.0\" },\n            { \"uri\", \"https://example.com/test2\" },\n            { \"method\", \"POST\" },\n        },\n    });\n\n    var exampleGroup = new Okta.Group.Group(\"example\", new()\n    {\n        Name = \"My Group\",\n        Description = \"Group of some users\",\n    });\n\n    var examplePolicyRuleProfileEnrollment = new Okta.PolicyRuleProfileEnrollment(\"example\", new()\n    {\n        PolicyId = example.Id,\n        InlineHookId = exampleHook.Id,\n        TargetGroupId = exampleGroup.Id,\n        UnknownUserAction = \"REGISTER\",\n        EmailVerification = true,\n        Access = \"ALLOW\",\n        ProfileAttributes = new[]\n        {\n            new Okta.Inputs.PolicyRuleProfileEnrollmentProfileAttributeArgs\n            {\n                Name = \"email\",\n                Label = \"Email\",\n                Required = true,\n            },\n            new Okta.Inputs.PolicyRuleProfileEnrollmentProfileAttributeArgs\n            {\n                Name = \"name\",\n                Label = \"Name\",\n                Required = true,\n            },\n            new Okta.Inputs.PolicyRuleProfileEnrollmentProfileAttributeArgs\n            {\n                Name = \"t-shirt\",\n                Label = \"T-Shirt Size\",\n                Required = false,\n            },\n        },\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta\"\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta/group\"\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta/inline\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := okta.NewPolicyProfileEnrollment(ctx, \"example\", \u0026okta.PolicyProfileEnrollmentArgs{\n\t\t\tName: pulumi.String(\"My Enrollment Policy\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleHook, err := inline.NewHook(ctx, \"example\", \u0026inline.HookArgs{\n\t\t\tName:    pulumi.String(\"My Inline Hook\"),\n\t\t\tStatus:  pulumi.String(\"ACTIVE\"),\n\t\t\tType:    pulumi.String(\"com.okta.user.pre-registration\"),\n\t\t\tVersion: pulumi.String(\"1.0.3\"),\n\t\t\tChannel: pulumi.StringMap{\n\t\t\t\t\"type\":    pulumi.String(\"HTTP\"),\n\t\t\t\t\"version\": pulumi.String(\"1.0.0\"),\n\t\t\t\t\"uri\":     pulumi.String(\"https://example.com/test2\"),\n\t\t\t\t\"method\":  pulumi.String(\"POST\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleGroup, err := group.NewGroup(ctx, \"example\", \u0026group.GroupArgs{\n\t\t\tName:        pulumi.String(\"My Group\"),\n\t\t\tDescription: pulumi.String(\"Group of some users\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = okta.NewPolicyRuleProfileEnrollment(ctx, \"example\", \u0026okta.PolicyRuleProfileEnrollmentArgs{\n\t\t\tPolicyId:          example.ID(),\n\t\t\tInlineHookId:      exampleHook.ID(),\n\t\t\tTargetGroupId:     exampleGroup.ID(),\n\t\t\tUnknownUserAction: pulumi.String(\"REGISTER\"),\n\t\t\tEmailVerification: pulumi.Bool(true),\n\t\t\tAccess:            pulumi.String(\"ALLOW\"),\n\t\t\tProfileAttributes: okta.PolicyRuleProfileEnrollmentProfileAttributeArray{\n\t\t\t\t\u0026okta.PolicyRuleProfileEnrollmentProfileAttributeArgs{\n\t\t\t\t\tName:     pulumi.String(\"email\"),\n\t\t\t\t\tLabel:    pulumi.String(\"Email\"),\n\t\t\t\t\tRequired: pulumi.Bool(true),\n\t\t\t\t},\n\t\t\t\t\u0026okta.PolicyRuleProfileEnrollmentProfileAttributeArgs{\n\t\t\t\t\tName:     pulumi.String(\"name\"),\n\t\t\t\t\tLabel:    pulumi.String(\"Name\"),\n\t\t\t\t\tRequired: pulumi.Bool(true),\n\t\t\t\t},\n\t\t\t\t\u0026okta.PolicyRuleProfileEnrollmentProfileAttributeArgs{\n\t\t\t\t\tName:     pulumi.String(\"t-shirt\"),\n\t\t\t\t\tLabel:    pulumi.String(\"T-Shirt Size\"),\n\t\t\t\t\tRequired: pulumi.Bool(false),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.PolicyProfileEnrollment;\nimport com.pulumi.okta.PolicyProfileEnrollmentArgs;\nimport com.pulumi.okta.inline.Hook;\nimport com.pulumi.okta.inline.HookArgs;\nimport com.pulumi.okta.group.Group;\nimport com.pulumi.okta.group.GroupArgs;\nimport com.pulumi.okta.PolicyRuleProfileEnrollment;\nimport com.pulumi.okta.PolicyRuleProfileEnrollmentArgs;\nimport com.pulumi.okta.inputs.PolicyRuleProfileEnrollmentProfileAttributeArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        var example = new PolicyProfileEnrollment(\"example\", PolicyProfileEnrollmentArgs.builder()\n            .name(\"My Enrollment Policy\")\n            .build());\n\n        var exampleHook = new Hook(\"exampleHook\", HookArgs.builder()\n            .name(\"My Inline Hook\")\n            .status(\"ACTIVE\")\n            .type(\"com.okta.user.pre-registration\")\n            .version(\"1.0.3\")\n            .channel(Map.ofEntries(\n                Map.entry(\"type\", \"HTTP\"),\n                Map.entry(\"version\", \"1.0.0\"),\n                Map.entry(\"uri\", \"https://example.com/test2\"),\n                Map.entry(\"method\", \"POST\")\n            ))\n            .build());\n\n        var exampleGroup = new Group(\"exampleGroup\", GroupArgs.builder()\n            .name(\"My Group\")\n            .description(\"Group of some users\")\n            .build());\n\n        var examplePolicyRuleProfileEnrollment = new PolicyRuleProfileEnrollment(\"examplePolicyRuleProfileEnrollment\", PolicyRuleProfileEnrollmentArgs.builder()\n            .policyId(example.id())\n            .inlineHookId(exampleHook.id())\n            .targetGroupId(exampleGroup.id())\n            .unknownUserAction(\"REGISTER\")\n            .emailVerification(true)\n            .access(\"ALLOW\")\n            .profileAttributes(            \n                PolicyRuleProfileEnrollmentProfileAttributeArgs.builder()\n                    .name(\"email\")\n                    .label(\"Email\")\n                    .required(true)\n                    .build(),\n                PolicyRuleProfileEnrollmentProfileAttributeArgs.builder()\n                    .name(\"name\")\n                    .label(\"Name\")\n                    .required(true)\n                    .build(),\n                PolicyRuleProfileEnrollmentProfileAttributeArgs.builder()\n                    .name(\"t-shirt\")\n                    .label(\"T-Shirt Size\")\n                    .required(false)\n                    .build())\n            .build());\n\n    }\n}\n```\n```yaml\nresources:\n  example:\n    type: okta:PolicyProfileEnrollment\n    properties:\n      name: My Enrollment Policy\n  exampleHook:\n    type: okta:inline:Hook\n    name: example\n    properties:\n      name: My Inline Hook\n      status: ACTIVE\n      type: com.okta.user.pre-registration\n      version: 1.0.3\n      channel:\n        type: HTTP\n        version: 1.0.0\n        uri: https://example.com/test2\n        method: POST\n  exampleGroup:\n    type: okta:group:Group\n    name: example\n    properties:\n      name: My Group\n      description: Group of some users\n  examplePolicyRuleProfileEnrollment:\n    type: okta:PolicyRuleProfileEnrollment\n    name: example\n    properties:\n      policyId: ${example.id}\n      inlineHookId: ${exampleHook.id}\n      targetGroupId: ${exampleGroup.id}\n      unknownUserAction: REGISTER\n      emailVerification: true\n      access: ALLOW\n      profileAttributes:\n        - name: email\n          label: Email\n          required: true\n        - name: name\n          label: Name\n          required: true\n        - name: t-shirt\n          label: T-Shirt Size\n          required: false\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\n```sh\n$ pulumi import okta:index/policyRuleProfileEnrollment:PolicyRuleProfileEnrollment example \u003cpolicy_id\u003e/\u003crule_id\u003e\n```\n\n","properties":{"access":{"type":"string","description":"Allow or deny access based on the rule conditions. Valid values are: `ALLOW`, `DENY`. Default: `ALLOW`."},"emailVerification":{"type":"boolean","description":"Indicates whether email verification should occur before access is granted. Default: \u003cspan pulumi-lang-nodejs=\"`true`\" pulumi-lang-dotnet=\"`True`\" pulumi-lang-go=\"`true`\" pulumi-lang-python=\"`true`\" pulumi-lang-yaml=\"`true`\" pulumi-lang-java=\"`true`\"\u003e`true`\u003c/span\u003e."},"enrollAuthenticatorTypes":{"type":"array","items":{"type":"string"},"description":"Enrolls authenticator types"},"inlineHookId":{"type":"string","description":"ID of a Registration Inline Hook"},"name":{"type":"string","description":"Name of the rule"},"policyId":{"type":"string","description":"ID of the policy"},"profileAttributes":{"type":"array","items":{"$ref":"#/types/okta:index/PolicyRuleProfileEnrollmentProfileAttribute:PolicyRuleProfileEnrollmentProfileAttribute"},"description":"A list of attributes to prompt the user during registration or progressive profiling. Where defined on the User schema, these attributes are persisted in the User profile. Non-schema attributes may also be added, which aren't persisted to the User's profile, but are included in requests to the registration inline hook. A maximum of 10 Profile properties is supported.\n\t- 'label' - (Required) A display-friendly label for this property\n\t- 'name' - (Required) The name of a User Profile property\n\t- 'required' - (Required) Indicates if this property is required for enrollment. Default is 'false'."},"progressiveProfilingAction":{"type":"string","description":"Enabled or disabled progressive profiling action rule conditions: `ENABLED` or `DISABLED`. Default: `DISABLED`"},"status":{"type":"string","description":"Status of the rule"},"targetGroupId":{"type":"string","description":"The ID of a Group that this User should be added to"},"uiSchemaId":{"type":"string","description":"Value created by the backend. If present all policy updates must include this attribute/value."},"unknownUserAction":{"type":"string","description":"Which action should be taken if this User is new. Valid values are: `DENY`, `REGISTER`"}},"required":["name","policyId","status","unknownUserAction"],"inputProperties":{"access":{"type":"string","description":"Allow or deny access based on the rule conditions. Valid values are: `ALLOW`, `DENY`. Default: `ALLOW`."},"emailVerification":{"type":"boolean","description":"Indicates whether email verification should occur before access is granted. Default: \u003cspan pulumi-lang-nodejs=\"`true`\" pulumi-lang-dotnet=\"`True`\" pulumi-lang-go=\"`true`\" pulumi-lang-python=\"`true`\" pulumi-lang-yaml=\"`true`\" pulumi-lang-java=\"`true`\"\u003e`true`\u003c/span\u003e."},"enrollAuthenticatorTypes":{"type":"array","items":{"type":"string"},"description":"Enrolls authenticator types"},"inlineHookId":{"type":"string","description":"ID of a Registration Inline Hook"},"policyId":{"type":"string","description":"ID of the policy","willReplaceOnChanges":true},"profileAttributes":{"type":"array","items":{"$ref":"#/types/okta:index/PolicyRuleProfileEnrollmentProfileAttribute:PolicyRuleProfileEnrollmentProfileAttribute"},"description":"A list of attributes to prompt the user during registration or progressive profiling. Where defined on the User schema, these attributes are persisted in the User profile. Non-schema attributes may also be added, which aren't persisted to the User's profile, but are included in requests to the registration inline hook. A maximum of 10 Profile properties is supported.\n\t- 'label' - (Required) A display-friendly label for this property\n\t- 'name' - (Required) The name of a User Profile property\n\t- 'required' - (Required) Indicates if this property is required for enrollment. Default is 'false'."},"progressiveProfilingAction":{"type":"string","description":"Enabled or disabled progressive profiling action rule conditions: `ENABLED` or `DISABLED`. Default: `DISABLED`"},"targetGroupId":{"type":"string","description":"The ID of a Group that this User should be added to"},"uiSchemaId":{"type":"string","description":"Value created by the backend. If present all policy updates must include this attribute/value."},"unknownUserAction":{"type":"string","description":"Which action should be taken if this User is new. Valid values are: `DENY`, `REGISTER`"}},"requiredInputs":["policyId","unknownUserAction"],"stateInputs":{"description":"Input properties used for looking up and filtering PolicyRuleProfileEnrollment resources.\n","properties":{"access":{"type":"string","description":"Allow or deny access based on the rule conditions. Valid values are: `ALLOW`, `DENY`. Default: `ALLOW`."},"emailVerification":{"type":"boolean","description":"Indicates whether email verification should occur before access is granted. Default: \u003cspan pulumi-lang-nodejs=\"`true`\" pulumi-lang-dotnet=\"`True`\" pulumi-lang-go=\"`true`\" pulumi-lang-python=\"`true`\" pulumi-lang-yaml=\"`true`\" pulumi-lang-java=\"`true`\"\u003e`true`\u003c/span\u003e."},"enrollAuthenticatorTypes":{"type":"array","items":{"type":"string"},"description":"Enrolls authenticator types"},"inlineHookId":{"type":"string","description":"ID of a Registration Inline Hook"},"name":{"type":"string","description":"Name of the rule"},"policyId":{"type":"string","description":"ID of the policy","willReplaceOnChanges":true},"profileAttributes":{"type":"array","items":{"$ref":"#/types/okta:index/PolicyRuleProfileEnrollmentProfileAttribute:PolicyRuleProfileEnrollmentProfileAttribute"},"description":"A list of attributes to prompt the user during registration or progressive profiling. Where defined on the User schema, these attributes are persisted in the User profile. Non-schema attributes may also be added, which aren't persisted to the User's profile, but are included in requests to the registration inline hook. A maximum of 10 Profile properties is supported.\n\t- 'label' - (Required) A display-friendly label for this property\n\t- 'name' - (Required) The name of a User Profile property\n\t- 'required' - (Required) Indicates if this property is required for enrollment. Default is 'false'."},"progressiveProfilingAction":{"type":"string","description":"Enabled or disabled progressive profiling action rule conditions: `ENABLED` or `DISABLED`. Default: `DISABLED`"},"status":{"type":"string","description":"Status of the rule"},"targetGroupId":{"type":"string","description":"The ID of a Group that this User should be added to"},"uiSchemaId":{"type":"string","description":"Value created by the backend. If present all policy updates must include this attribute/value."},"unknownUserAction":{"type":"string","description":"Which action should be taken if this User is new. Valid values are: `DENY`, `REGISTER`"}},"type":"object"}},"okta:index/previewSigninPage:PreviewSigninPage":{"description":"Manage the preview signin page of a brand\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst test = new okta.Brand(\"test\", {\n    name: \"testBrand\",\n    locale: \"en\",\n});\nconst testPreviewSigninPage = new okta.PreviewSigninPage(\"test\", {\n    brandId: oktaBrand.test.id,\n    pageContent: `\u003c!DOCTYPE html PUBLIC \"-//W3C//DTD HTML 4.01//EN\" \"http://www.w3.org/TR/html4/strict.dtd\"\u003e\n\u003chtml\u003e\n\u003chead\u003e\n    \u003cmeta http-equiv=\"Content-Type\" content=\"text/html; charset=UTF-8\"\u003e\n    \u003cmeta name=\"viewport\" content=\"width=device-width, initial-scale=1.0\" /\u003e\n    \u003cmeta name=\"robots\" content=\"noindex,nofollow\" /\u003e\n    \u003c!-- Styles generated from theme --\u003e\n    \u003clink href=\"{{themedStylesUrl}}\" rel=\"stylesheet\" type=\"text/css\"\u003e\n    \u003c!-- Favicon from theme --\u003e\n    \u003clink rel=\"shortcut icon\" href=\"{{faviconUrl}}\" type=\"image/x-icon\"/\u003e\n\n    \u003ctitle\u003e{{pageTitle}}\u003c/title\u003e\n    {{{SignInWidgetResources}}}\n\n    \u003cstyle nonce=\"{{nonceValue}}\"\u003e\n        #login-bg-image-id {\n            background-image: {{bgImageUrl}}\n        }\n    \u003c/style\u003e\n\u003c/head\u003e\n\u003cbody\u003e\n    \u003cdiv id=\"login-bg-image-id\" class=\"login-bg-image tb--background\"\u003e\u003c/div\u003e\n    \u003cdiv id=\"okta-login-container\"\u003e\u003c/div\u003e\n\n    \u003c!--\n        \"OktaUtil\" defines a global OktaUtil object\n        that contains methods used to complete the Okta login flow.\n     --\u003e\n    {{{OktaUtil}}}\n\n    \u003cscript type=\"text/javascript\" nonce=\"{{nonceValue}}\"\u003e\n        // \"config\" object contains default widget configuration\n        // with any custom overrides defined in your admin settings.\n        var config = OktaUtil.getSignInWidgetConfig();\n\n        // Render the Okta Sign-In Widget\n        var oktaSignIn = new OktaSignIn(config);\n        oktaSignIn.renderEl({ el: '#okta-login-container' },\n            OktaUtil.completeLogin,\n            function(error) {\n                // Logs errors that occur when configuring the widget.\n                // Remove or replace this with your own custom error handler.\n                console.log(error.message, error);\n            }\n        );\n    \u003c/script\u003e\n\u003c/body\u003e\n\u003c/html\u003e\n`,\n    widgetVersion: \"^6\",\n    widgetCustomizations: {\n        widgetGeneration: \"G3\",\n    },\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\ntest = okta.Brand(\"test\",\n    name=\"testBrand\",\n    locale=\"en\")\ntest_preview_signin_page = okta.PreviewSigninPage(\"test\",\n    brand_id=okta_brand[\"test\"][\"id\"],\n    page_content=\"\"\"\u003c!DOCTYPE html PUBLIC \"-//W3C//DTD HTML 4.01//EN\" \"http://www.w3.org/TR/html4/strict.dtd\"\u003e\n\u003chtml\u003e\n\u003chead\u003e\n    \u003cmeta http-equiv=\"Content-Type\" content=\"text/html; charset=UTF-8\"\u003e\n    \u003cmeta name=\"viewport\" content=\"width=device-width, initial-scale=1.0\" /\u003e\n    \u003cmeta name=\"robots\" content=\"noindex,nofollow\" /\u003e\n    \u003c!-- Styles generated from theme --\u003e\n    \u003clink href=\"{{themedStylesUrl}}\" rel=\"stylesheet\" type=\"text/css\"\u003e\n    \u003c!-- Favicon from theme --\u003e\n    \u003clink rel=\"shortcut icon\" href=\"{{faviconUrl}}\" type=\"image/x-icon\"/\u003e\n\n    \u003ctitle\u003e{{pageTitle}}\u003c/title\u003e\n    {{{SignInWidgetResources}}}\n\n    \u003cstyle nonce=\"{{nonceValue}}\"\u003e\n        #login-bg-image-id {\n            background-image: {{bgImageUrl}}\n        }\n    \u003c/style\u003e\n\u003c/head\u003e\n\u003cbody\u003e\n    \u003cdiv id=\"login-bg-image-id\" class=\"login-bg-image tb--background\"\u003e\u003c/div\u003e\n    \u003cdiv id=\"okta-login-container\"\u003e\u003c/div\u003e\n\n    \u003c!--\n        \"OktaUtil\" defines a global OktaUtil object\n        that contains methods used to complete the Okta login flow.\n     --\u003e\n    {{{OktaUtil}}}\n\n    \u003cscript type=\"text/javascript\" nonce=\"{{nonceValue}}\"\u003e\n        // \"config\" object contains default widget configuration\n        // with any custom overrides defined in your admin settings.\n        var config = OktaUtil.getSignInWidgetConfig();\n\n        // Render the Okta Sign-In Widget\n        var oktaSignIn = new OktaSignIn(config);\n        oktaSignIn.renderEl({ el: '#okta-login-container' },\n            OktaUtil.completeLogin,\n            function(error) {\n                // Logs errors that occur when configuring the widget.\n                // Remove or replace this with your own custom error handler.\n                console.log(error.message, error);\n            }\n        );\n    \u003c/script\u003e\n\u003c/body\u003e\n\u003c/html\u003e\n\"\"\",\n    widget_version=\"^6\",\n    widget_customizations={\n        \"widget_generation\": \"G3\",\n    })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var test = new Okta.Brand(\"test\", new()\n    {\n        Name = \"testBrand\",\n        Locale = \"en\",\n    });\n\n    var testPreviewSigninPage = new Okta.PreviewSigninPage(\"test\", new()\n    {\n        BrandId = oktaBrand.Test.Id,\n        PageContent = @\"\u003c!DOCTYPE html PUBLIC \"\"-//W3C//DTD HTML 4.01//EN\"\" \"\"http://www.w3.org/TR/html4/strict.dtd\"\"\u003e\n\u003chtml\u003e\n\u003chead\u003e\n    \u003cmeta http-equiv=\"\"Content-Type\"\" content=\"\"text/html; charset=UTF-8\"\"\u003e\n    \u003cmeta name=\"\"viewport\"\" content=\"\"width=device-width, initial-scale=1.0\"\" /\u003e\n    \u003cmeta name=\"\"robots\"\" content=\"\"noindex,nofollow\"\" /\u003e\n    \u003c!-- Styles generated from theme --\u003e\n    \u003clink href=\"\"{{themedStylesUrl}}\"\" rel=\"\"stylesheet\"\" type=\"\"text/css\"\"\u003e\n    \u003c!-- Favicon from theme --\u003e\n    \u003clink rel=\"\"shortcut icon\"\" href=\"\"{{faviconUrl}}\"\" type=\"\"image/x-icon\"\"/\u003e\n\n    \u003ctitle\u003e{{pageTitle}}\u003c/title\u003e\n    {{{SignInWidgetResources}}}\n\n    \u003cstyle nonce=\"\"{{nonceValue}}\"\"\u003e\n        #login-bg-image-id {\n            background-image: {{bgImageUrl}}\n        }\n    \u003c/style\u003e\n\u003c/head\u003e\n\u003cbody\u003e\n    \u003cdiv id=\"\"login-bg-image-id\"\" class=\"\"login-bg-image tb--background\"\"\u003e\u003c/div\u003e\n    \u003cdiv id=\"\"okta-login-container\"\"\u003e\u003c/div\u003e\n\n    \u003c!--\n        \"\"OktaUtil\"\" defines a global OktaUtil object\n        that contains methods used to complete the Okta login flow.\n     --\u003e\n    {{{OktaUtil}}}\n\n    \u003cscript type=\"\"text/javascript\"\" nonce=\"\"{{nonceValue}}\"\"\u003e\n        // \"\"config\"\" object contains default widget configuration\n        // with any custom overrides defined in your admin settings.\n        var config = OktaUtil.getSignInWidgetConfig();\n\n        // Render the Okta Sign-In Widget\n        var oktaSignIn = new OktaSignIn(config);\n        oktaSignIn.renderEl({ el: '#okta-login-container' },\n            OktaUtil.completeLogin,\n            function(error) {\n                // Logs errors that occur when configuring the widget.\n                // Remove or replace this with your own custom error handler.\n                console.log(error.message, error);\n            }\n        );\n    \u003c/script\u003e\n\u003c/body\u003e\n\u003c/html\u003e\n\",\n        WidgetVersion = \"^6\",\n        WidgetCustomizations = new Okta.Inputs.PreviewSigninPageWidgetCustomizationsArgs\n        {\n            WidgetGeneration = \"G3\",\n        },\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := okta.NewBrand(ctx, \"test\", \u0026okta.BrandArgs{\n\t\t\tName:   pulumi.String(\"testBrand\"),\n\t\t\tLocale: pulumi.String(\"en\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = okta.NewPreviewSigninPage(ctx, \"test\", \u0026okta.PreviewSigninPageArgs{\n\t\t\tBrandId: pulumi.Any(oktaBrand.Test.Id),\n\t\t\tPageContent: pulumi.String(`\u003c!DOCTYPE html PUBLIC \"-//W3C//DTD HTML 4.01//EN\" \"http://www.w3.org/TR/html4/strict.dtd\"\u003e\n\u003chtml\u003e\n\u003chead\u003e\n    \u003cmeta http-equiv=\"Content-Type\" content=\"text/html; charset=UTF-8\"\u003e\n    \u003cmeta name=\"viewport\" content=\"width=device-width, initial-scale=1.0\" /\u003e\n    \u003cmeta name=\"robots\" content=\"noindex,nofollow\" /\u003e\n    \u003c!-- Styles generated from theme --\u003e\n    \u003clink href=\"{{themedStylesUrl}}\" rel=\"stylesheet\" type=\"text/css\"\u003e\n    \u003c!-- Favicon from theme --\u003e\n    \u003clink rel=\"shortcut icon\" href=\"{{faviconUrl}}\" type=\"image/x-icon\"/\u003e\n\n    \u003ctitle\u003e{{pageTitle}}\u003c/title\u003e\n    {{{SignInWidgetResources}}}\n\n    \u003cstyle nonce=\"{{nonceValue}}\"\u003e\n        #login-bg-image-id {\n            background-image: {{bgImageUrl}}\n        }\n    \u003c/style\u003e\n\u003c/head\u003e\n\u003cbody\u003e\n    \u003cdiv id=\"login-bg-image-id\" class=\"login-bg-image tb--background\"\u003e\u003c/div\u003e\n    \u003cdiv id=\"okta-login-container\"\u003e\u003c/div\u003e\n\n    \u003c!--\n        \"OktaUtil\" defines a global OktaUtil object\n        that contains methods used to complete the Okta login flow.\n     --\u003e\n    {{{OktaUtil}}}\n\n    \u003cscript type=\"text/javascript\" nonce=\"{{nonceValue}}\"\u003e\n        // \"config\" object contains default widget configuration\n        // with any custom overrides defined in your admin settings.\n        var config = OktaUtil.getSignInWidgetConfig();\n\n        // Render the Okta Sign-In Widget\n        var oktaSignIn = new OktaSignIn(config);\n        oktaSignIn.renderEl({ el: '#okta-login-container' },\n            OktaUtil.completeLogin,\n            function(error) {\n                // Logs errors that occur when configuring the widget.\n                // Remove or replace this with your own custom error handler.\n                console.log(error.message, error);\n            }\n        );\n    \u003c/script\u003e\n\u003c/body\u003e\n\u003c/html\u003e\n`),\n\t\t\tWidgetVersion: pulumi.String(\"^6\"),\n\t\t\tWidgetCustomizations: \u0026okta.PreviewSigninPageWidgetCustomizationsArgs{\n\t\t\t\tWidgetGeneration: pulumi.String(\"G3\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.Brand;\nimport com.pulumi.okta.BrandArgs;\nimport com.pulumi.okta.PreviewSigninPage;\nimport com.pulumi.okta.PreviewSigninPageArgs;\nimport com.pulumi.okta.inputs.PreviewSigninPageWidgetCustomizationsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        var test = new Brand(\"test\", BrandArgs.builder()\n            .name(\"testBrand\")\n            .locale(\"en\")\n            .build());\n\n        var testPreviewSigninPage = new PreviewSigninPage(\"testPreviewSigninPage\", PreviewSigninPageArgs.builder()\n            .brandId(oktaBrand.test().id())\n            .pageContent(\"\"\"\n\u003c!DOCTYPE html PUBLIC \"-//W3C//DTD HTML 4.01//EN\" \"http://www.w3.org/TR/html4/strict.dtd\"\u003e\n\u003chtml\u003e\n\u003chead\u003e\n    \u003cmeta http-equiv=\"Content-Type\" content=\"text/html; charset=UTF-8\"\u003e\n    \u003cmeta name=\"viewport\" content=\"width=device-width, initial-scale=1.0\" /\u003e\n    \u003cmeta name=\"robots\" content=\"noindex,nofollow\" /\u003e\n    \u003c!-- Styles generated from theme --\u003e\n    \u003clink href=\"{{themedStylesUrl}}\" rel=\"stylesheet\" type=\"text/css\"\u003e\n    \u003c!-- Favicon from theme --\u003e\n    \u003clink rel=\"shortcut icon\" href=\"{{faviconUrl}}\" type=\"image/x-icon\"/\u003e\n\n    \u003ctitle\u003e{{pageTitle}}\u003c/title\u003e\n    {{{SignInWidgetResources}}}\n\n    \u003cstyle nonce=\"{{nonceValue}}\"\u003e\n        #login-bg-image-id {\n            background-image: {{bgImageUrl}}\n        }\n    \u003c/style\u003e\n\u003c/head\u003e\n\u003cbody\u003e\n    \u003cdiv id=\"login-bg-image-id\" class=\"login-bg-image tb--background\"\u003e\u003c/div\u003e\n    \u003cdiv id=\"okta-login-container\"\u003e\u003c/div\u003e\n\n    \u003c!--\n        \"OktaUtil\" defines a global OktaUtil object\n        that contains methods used to complete the Okta login flow.\n     --\u003e\n    {{{OktaUtil}}}\n\n    \u003cscript type=\"text/javascript\" nonce=\"{{nonceValue}}\"\u003e\n        // \"config\" object contains default widget configuration\n        // with any custom overrides defined in your admin settings.\n        var config = OktaUtil.getSignInWidgetConfig();\n\n        // Render the Okta Sign-In Widget\n        var oktaSignIn = new OktaSignIn(config);\n        oktaSignIn.renderEl({ el: '#okta-login-container' },\n            OktaUtil.completeLogin,\n            function(error) {\n                // Logs errors that occur when configuring the widget.\n                // Remove or replace this with your own custom error handler.\n                console.log(error.message, error);\n            }\n        );\n    \u003c/script\u003e\n\u003c/body\u003e\n\u003c/html\u003e\n            \"\"\")\n            .widgetVersion(\"^6\")\n            .widgetCustomizations(PreviewSigninPageWidgetCustomizationsArgs.builder()\n                .widgetGeneration(\"G3\")\n                .build())\n            .build());\n\n    }\n}\n```\n```yaml\nresources:\n  test:\n    type: okta:Brand\n    properties:\n      name: testBrand\n      locale: en\n  testPreviewSigninPage:\n    type: okta:PreviewSigninPage\n    name: test\n    properties:\n      brandId: ${oktaBrand.test.id}\n      pageContent: |\n        \u003c!DOCTYPE html PUBLIC \"-//W3C//DTD HTML 4.01//EN\" \"http://www.w3.org/TR/html4/strict.dtd\"\u003e\n        \u003chtml\u003e\n        \u003chead\u003e\n            \u003cmeta http-equiv=\"Content-Type\" content=\"text/html; charset=UTF-8\"\u003e\n            \u003cmeta name=\"viewport\" content=\"width=device-width, initial-scale=1.0\" /\u003e\n            \u003cmeta name=\"robots\" content=\"noindex,nofollow\" /\u003e\n            \u003c!-- Styles generated from theme --\u003e\n            \u003clink href=\"{{themedStylesUrl}}\" rel=\"stylesheet\" type=\"text/css\"\u003e\n            \u003c!-- Favicon from theme --\u003e\n            \u003clink rel=\"shortcut icon\" href=\"{{faviconUrl}}\" type=\"image/x-icon\"/\u003e\n\n            \u003ctitle\u003e{{pageTitle}}\u003c/title\u003e\n            {{{SignInWidgetResources}}}\n\n            \u003cstyle nonce=\"{{nonceValue}}\"\u003e\n                #login-bg-image-id {\n                    background-image: {{bgImageUrl}}\n                }\n            \u003c/style\u003e\n        \u003c/head\u003e\n        \u003cbody\u003e\n            \u003cdiv id=\"login-bg-image-id\" class=\"login-bg-image tb--background\"\u003e\u003c/div\u003e\n            \u003cdiv id=\"okta-login-container\"\u003e\u003c/div\u003e\n\n            \u003c!--\n                \"OktaUtil\" defines a global OktaUtil object\n                that contains methods used to complete the Okta login flow.\n             --\u003e\n            {{{OktaUtil}}}\n\n            \u003cscript type=\"text/javascript\" nonce=\"{{nonceValue}}\"\u003e\n                // \"config\" object contains default widget configuration\n                // with any custom overrides defined in your admin settings.\n                var config = OktaUtil.getSignInWidgetConfig();\n\n                // Render the Okta Sign-In Widget\n                var oktaSignIn = new OktaSignIn(config);\n                oktaSignIn.renderEl({ el: '#okta-login-container' },\n                    OktaUtil.completeLogin,\n                    function(error) {\n                        // Logs errors that occur when configuring the widget.\n                        // Remove or replace this with your own custom error handler.\n                        console.log(error.message, error);\n                    }\n                );\n            \u003c/script\u003e\n        \u003c/body\u003e\n        \u003c/html\u003e\n      widgetVersion: ^6\n      widgetCustomizations:\n        widgetGeneration: G3\n```\n\u003c!--End PulumiCodeChooser --\u003e\n","properties":{"brandId":{"type":"string","description":"brand id of the preview signin page\n"},"contentSecurityPolicySetting":{"$ref":"#/types/okta:index/PreviewSigninPageContentSecurityPolicySetting:PreviewSigninPageContentSecurityPolicySetting"},"pageContent":{"type":"string","description":"page content of the preview signin page\n"},"widgetCustomizations":{"$ref":"#/types/okta:index/PreviewSigninPageWidgetCustomizations:PreviewSigninPageWidgetCustomizations"},"widgetVersion":{"type":"string","description":"widget version specified as a Semver. The following are currently supported\n\t\t*, ^1, ^2, ^3, ^4, ^5, ^6, ^7, 1.6, 1.7, 1.8, 1.9, 1.10, 1.11, 1.12, 1.13, 2.1, 2.2, 2.3, 2.4,\n\t\t2.5, 2.6, 2.7, 2.8, 2.9, 2.10, 2.11, 2.12, 2.13, 2.14, 2.15, 2.16, 2.17, 2.18, 2.19, 2.20, 2.21,\n\t\t3.0, 3.1, 3.2, 3.3, 3.4, 3.5, 3.6, 3.7, 3.8, 3.9, 4.0, 4.1, 4.2, 4.3, 4.4, 4.5, 5.0, 5.1, 5.2, 5.3,\n\t\t5.4, 5.5, 5.6, 5.7, 5.8, 5.9, 5.10, 5.11, 5.12, 5.13, 5.14, 5.15, 5.16, 6.0, 6.1, 6.2, 6.3, 6.4, 6.5,\n\t\t6.6, 6.7, 6.8, 6.9, 7.0, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.7, 7.8, 7.9, 7.10, 7.11, 7.12, 7.13.\n"}},"required":["brandId"],"inputProperties":{"brandId":{"type":"string","description":"brand id of the preview signin page\n"},"contentSecurityPolicySetting":{"$ref":"#/types/okta:index/PreviewSigninPageContentSecurityPolicySetting:PreviewSigninPageContentSecurityPolicySetting"},"pageContent":{"type":"string","description":"page content of the preview signin page\n"},"widgetCustomizations":{"$ref":"#/types/okta:index/PreviewSigninPageWidgetCustomizations:PreviewSigninPageWidgetCustomizations"},"widgetVersion":{"type":"string","description":"widget version specified as a Semver. The following are currently supported\n\t\t*, ^1, ^2, ^3, ^4, ^5, ^6, ^7, 1.6, 1.7, 1.8, 1.9, 1.10, 1.11, 1.12, 1.13, 2.1, 2.2, 2.3, 2.4,\n\t\t2.5, 2.6, 2.7, 2.8, 2.9, 2.10, 2.11, 2.12, 2.13, 2.14, 2.15, 2.16, 2.17, 2.18, 2.19, 2.20, 2.21,\n\t\t3.0, 3.1, 3.2, 3.3, 3.4, 3.5, 3.6, 3.7, 3.8, 3.9, 4.0, 4.1, 4.2, 4.3, 4.4, 4.5, 5.0, 5.1, 5.2, 5.3,\n\t\t5.4, 5.5, 5.6, 5.7, 5.8, 5.9, 5.10, 5.11, 5.12, 5.13, 5.14, 5.15, 5.16, 6.0, 6.1, 6.2, 6.3, 6.4, 6.5,\n\t\t6.6, 6.7, 6.8, 6.9, 7.0, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.7, 7.8, 7.9, 7.10, 7.11, 7.12, 7.13.\n"}},"requiredInputs":["brandId"],"stateInputs":{"description":"Input properties used for looking up and filtering PreviewSigninPage resources.\n","properties":{"brandId":{"type":"string","description":"brand id of the preview signin page\n"},"contentSecurityPolicySetting":{"$ref":"#/types/okta:index/PreviewSigninPageContentSecurityPolicySetting:PreviewSigninPageContentSecurityPolicySetting"},"pageContent":{"type":"string","description":"page content of the preview signin page\n"},"widgetCustomizations":{"$ref":"#/types/okta:index/PreviewSigninPageWidgetCustomizations:PreviewSigninPageWidgetCustomizations"},"widgetVersion":{"type":"string","description":"widget version specified as a Semver. The following are currently supported\n\t\t*, ^1, ^2, ^3, ^4, ^5, ^6, ^7, 1.6, 1.7, 1.8, 1.9, 1.10, 1.11, 1.12, 1.13, 2.1, 2.2, 2.3, 2.4,\n\t\t2.5, 2.6, 2.7, 2.8, 2.9, 2.10, 2.11, 2.12, 2.13, 2.14, 2.15, 2.16, 2.17, 2.18, 2.19, 2.20, 2.21,\n\t\t3.0, 3.1, 3.2, 3.3, 3.4, 3.5, 3.6, 3.7, 3.8, 3.9, 4.0, 4.1, 4.2, 4.3, 4.4, 4.5, 5.0, 5.1, 5.2, 5.3,\n\t\t5.4, 5.5, 5.6, 5.7, 5.8, 5.9, 5.10, 5.11, 5.12, 5.13, 5.14, 5.15, 5.16, 6.0, 6.1, 6.2, 6.3, 6.4, 6.5,\n\t\t6.6, 6.7, 6.8, 6.9, 7.0, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.7, 7.8, 7.9, 7.10, 7.11, 7.12, 7.13.\n"}},"type":"object"}},"okta:index/principalRateLimits:PrincipalRateLimits":{"properties":{"createdBy":{"type":"string","description":"The Okta user ID of the user who created the principle rate limit entity."},"createdDate":{"type":"string","description":"The date and time the principle rate limit entity was created."},"defaultConcurrencyPercentage":{"type":"integer","description":"The default percentage of a given concurrency limit threshold that the owning principal can consume."},"defaultPercentage":{"type":"integer","description":"The default percentage of a given rate limit threshold that the owning principal can consume."},"idProperty":{"type":"string","description":"The unique identifier of the principle rate limit entity."},"lastUpdate":{"type":"string","description":"The date and time the principle rate limit entity was last updated."},"lastUpdatedBy":{"type":"string","description":"The Okta user ID of the user who last updated the principle rate limit entity."},"orgId":{"type":"string","description":"The unique identifier of the Okta org."},"principalId":{"type":"string","description":"The unique identifier of the principal. This is the ID of the API token or OAuth 2.0 app."},"principalType":{"type":"string","description":"The type of principal, either an API token or an OAuth 2.0 app."}},"required":["createdBy","createdDate","defaultConcurrencyPercentage","defaultPercentage","idProperty","lastUpdate","lastUpdatedBy","orgId","principalId","principalType"],"inputProperties":{"defaultConcurrencyPercentage":{"type":"integer","description":"The default percentage of a given concurrency limit threshold that the owning principal can consume."},"defaultPercentage":{"type":"integer","description":"The default percentage of a given rate limit threshold that the owning principal can consume."},"idProperty":{"type":"string","description":"The unique identifier of the principle rate limit entity."},"principalId":{"type":"string","description":"The unique identifier of the principal. This is the ID of the API token or OAuth 2.0 app."},"principalType":{"type":"string","description":"The type of principal, either an API token or an OAuth 2.0 app."}},"requiredInputs":["principalId","principalType"],"stateInputs":{"description":"Input properties used for looking up and filtering PrincipalRateLimits resources.\n","properties":{"createdBy":{"type":"string","description":"The Okta user ID of the user who created the principle rate limit entity."},"createdDate":{"type":"string","description":"The date and time the principle rate limit entity was created."},"defaultConcurrencyPercentage":{"type":"integer","description":"The default percentage of a given concurrency limit threshold that the owning principal can consume."},"defaultPercentage":{"type":"integer","description":"The default percentage of a given rate limit threshold that the owning principal can consume."},"idProperty":{"type":"string","description":"The unique identifier of the principle rate limit entity."},"lastUpdate":{"type":"string","description":"The date and time the principle rate limit entity was last updated."},"lastUpdatedBy":{"type":"string","description":"The Okta user ID of the user who last updated the principle rate limit entity."},"orgId":{"type":"string","description":"The unique identifier of the Okta org."},"principalId":{"type":"string","description":"The unique identifier of the principal. This is the ID of the API token or OAuth 2.0 app."},"principalType":{"type":"string","description":"The type of principal, either an API token or an OAuth 2.0 app."}},"type":"object"}},"okta:index/pushProvider:PushProvider":{"description":"Manages Okta Push Providers that provide a centralized integration platform to fetch and manage push provider configurations. Okta administrators can use these APIs to provide their push provider credentials, for example from APNs and FCM, so that Okta can send push notifications to their own custom app authenticator applications.\n\n## Example Usage\n\n### FCM Push Provider\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst fcmExample = new okta.PushProvider(\"fcm_example\", {\n    name: \"FCM Push Provider\",\n    providerType: \"FCM\",\n    configuration: {\n        fcmConfiguration: {\n            serviceAccountJson: {\n                type: \"service_account\",\n                projectId: \"my-firebase-project\",\n                privateKeyId: \"abc123def456\",\n                privateKey: `-----BEGIN PRIVATE KEY-----\nMIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC...\n-----END PRIVATE KEY-----\n`,\n                clientEmail: \"firebase-adminsdk-abc123@my-firebase-project.iam.gserviceaccount.com\",\n                clientId: \"123456789012345678901\",\n                authUri: \"https://accounts.google.com/o/oauth2/auth\",\n                tokenUri: \"https://oauth2.googleapis.com/token\",\n                authProviderX509CertUrl: \"https://www.googleapis.com/oauth2/v1/certs\",\n                clientX509CertUrl: \"https://www.googleapis.com/robot/v1/metadata/x509/firebase-adminsdk-abc123%40my-firebase-project.iam.gserviceaccount.com\",\n                fileName: \"service-account-key.json\",\n            },\n        },\n    },\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\nfcm_example = okta.PushProvider(\"fcm_example\",\n    name=\"FCM Push Provider\",\n    provider_type=\"FCM\",\n    configuration={\n        \"fcm_configuration\": {\n            \"service_account_json\": {\n                \"type\": \"service_account\",\n                \"project_id\": \"my-firebase-project\",\n                \"private_key_id\": \"abc123def456\",\n                \"private_key\": \"\"\"-----BEGIN PRIVATE KEY-----\nMIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC...\n-----END PRIVATE KEY-----\n\"\"\",\n                \"client_email\": \"firebase-adminsdk-abc123@my-firebase-project.iam.gserviceaccount.com\",\n                \"client_id\": \"123456789012345678901\",\n                \"auth_uri\": \"https://accounts.google.com/o/oauth2/auth\",\n                \"token_uri\": \"https://oauth2.googleapis.com/token\",\n                \"auth_provider_x509_cert_url\": \"https://www.googleapis.com/oauth2/v1/certs\",\n                \"client_x509_cert_url\": \"https://www.googleapis.com/robot/v1/metadata/x509/firebase-adminsdk-abc123%40my-firebase-project.iam.gserviceaccount.com\",\n                \"file_name\": \"service-account-key.json\",\n            },\n        },\n    })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var fcmExample = new Okta.PushProvider(\"fcm_example\", new()\n    {\n        Name = \"FCM Push Provider\",\n        ProviderType = \"FCM\",\n        Configuration = new Okta.Inputs.PushProviderConfigurationArgs\n        {\n            FcmConfiguration = new Okta.Inputs.PushProviderConfigurationFcmConfigurationArgs\n            {\n                ServiceAccountJson = new Okta.Inputs.PushProviderConfigurationFcmConfigurationServiceAccountJsonArgs\n                {\n                    Type = \"service_account\",\n                    ProjectId = \"my-firebase-project\",\n                    PrivateKeyId = \"abc123def456\",\n                    PrivateKey = @\"-----BEGIN PRIVATE KEY-----\nMIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC...\n-----END PRIVATE KEY-----\n\",\n                    ClientEmail = \"firebase-adminsdk-abc123@my-firebase-project.iam.gserviceaccount.com\",\n                    ClientId = \"123456789012345678901\",\n                    AuthUri = \"https://accounts.google.com/o/oauth2/auth\",\n                    TokenUri = \"https://oauth2.googleapis.com/token\",\n                    AuthProviderX509CertUrl = \"https://www.googleapis.com/oauth2/v1/certs\",\n                    ClientX509CertUrl = \"https://www.googleapis.com/robot/v1/metadata/x509/firebase-adminsdk-abc123%40my-firebase-project.iam.gserviceaccount.com\",\n                    FileName = \"service-account-key.json\",\n                },\n            },\n        },\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := okta.NewPushProvider(ctx, \"fcm_example\", \u0026okta.PushProviderArgs{\n\t\t\tName:         pulumi.String(\"FCM Push Provider\"),\n\t\t\tProviderType: pulumi.String(\"FCM\"),\n\t\t\tConfiguration: \u0026okta.PushProviderConfigurationArgs{\n\t\t\t\tFcmConfiguration: \u0026okta.PushProviderConfigurationFcmConfigurationArgs{\n\t\t\t\t\tServiceAccountJson: \u0026okta.PushProviderConfigurationFcmConfigurationServiceAccountJsonArgs{\n\t\t\t\t\t\tType:                    pulumi.String(\"service_account\"),\n\t\t\t\t\t\tProjectId:               pulumi.String(\"my-firebase-project\"),\n\t\t\t\t\t\tPrivateKeyId:            pulumi.String(\"abc123def456\"),\n\t\t\t\t\t\tPrivateKey:              pulumi.String(\"-----BEGIN PRIVATE KEY-----\\nMIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC...\\n-----END PRIVATE KEY-----\\n\"),\n\t\t\t\t\t\tClientEmail:             pulumi.String(\"firebase-adminsdk-abc123@my-firebase-project.iam.gserviceaccount.com\"),\n\t\t\t\t\t\tClientId:                pulumi.String(\"123456789012345678901\"),\n\t\t\t\t\t\tAuthUri:                 pulumi.String(\"https://accounts.google.com/o/oauth2/auth\"),\n\t\t\t\t\t\tTokenUri:                pulumi.String(\"https://oauth2.googleapis.com/token\"),\n\t\t\t\t\t\tAuthProviderX509CertUrl: pulumi.String(\"https://www.googleapis.com/oauth2/v1/certs\"),\n\t\t\t\t\t\tClientX509CertUrl:       pulumi.String(\"https://www.googleapis.com/robot/v1/metadata/x509/firebase-adminsdk-abc123%40my-firebase-project.iam.gserviceaccount.com\"),\n\t\t\t\t\t\tFileName:                pulumi.String(\"service-account-key.json\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.PushProvider;\nimport com.pulumi.okta.PushProviderArgs;\nimport com.pulumi.okta.inputs.PushProviderConfigurationArgs;\nimport com.pulumi.okta.inputs.PushProviderConfigurationFcmConfigurationArgs;\nimport com.pulumi.okta.inputs.PushProviderConfigurationFcmConfigurationServiceAccountJsonArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        var fcmExample = new PushProvider(\"fcmExample\", PushProviderArgs.builder()\n            .name(\"FCM Push Provider\")\n            .providerType(\"FCM\")\n            .configuration(PushProviderConfigurationArgs.builder()\n                .fcmConfiguration(PushProviderConfigurationFcmConfigurationArgs.builder()\n                    .serviceAccountJson(PushProviderConfigurationFcmConfigurationServiceAccountJsonArgs.builder()\n                        .type(\"service_account\")\n                        .projectId(\"my-firebase-project\")\n                        .privateKeyId(\"abc123def456\")\n                        .privateKey(\"\"\"\n-----BEGIN PRIVATE KEY-----\nMIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC...\n-----END PRIVATE KEY-----\n                        \"\"\")\n                        .clientEmail(\"firebase-adminsdk-abc123@my-firebase-project.iam.gserviceaccount.com\")\n                        .clientId(\"123456789012345678901\")\n                        .authUri(\"https://accounts.google.com/o/oauth2/auth\")\n                        .tokenUri(\"https://oauth2.googleapis.com/token\")\n                        .authProviderX509CertUrl(\"https://www.googleapis.com/oauth2/v1/certs\")\n                        .clientX509CertUrl(\"https://www.googleapis.com/robot/v1/metadata/x509/firebase-adminsdk-abc123%40my-firebase-project.iam.gserviceaccount.com\")\n                        .fileName(\"service-account-key.json\")\n                        .build())\n                    .build())\n                .build())\n            .build());\n\n    }\n}\n```\n```yaml\nresources:\n  fcmExample:\n    type: okta:PushProvider\n    name: fcm_example\n    properties:\n      name: FCM Push Provider\n      providerType: FCM\n      configuration:\n        fcmConfiguration:\n          serviceAccountJson:\n            type: service_account\n            projectId: my-firebase-project\n            privateKeyId: abc123def456\n            privateKey: |\n              -----BEGIN PRIVATE KEY-----\n              MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC...\n              -----END PRIVATE KEY-----\n            clientEmail: firebase-adminsdk-abc123@my-firebase-project.iam.gserviceaccount.com\n            clientId: '123456789012345678901'\n            authUri: https://accounts.google.com/o/oauth2/auth\n            tokenUri: https://oauth2.googleapis.com/token\n            authProviderX509CertUrl: https://www.googleapis.com/oauth2/v1/certs\n            clientX509CertUrl: https://www.googleapis.com/robot/v1/metadata/x509/firebase-adminsdk-abc123%40my-firebase-project.iam.gserviceaccount.com\n            fileName: service-account-key.json\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### APNS (Apple Push Notification Service) Push Provider\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst apnsExample = new okta.PushProvider(\"apns_example\", {\n    name: \"APNS Push Provider\",\n    providerType: \"APNS\",\n    configuration: {\n        apnsConfiguration: {\n            keyId: \"ABC123DEFG\",\n            teamId: \"DEF123GHIJ\",\n            tokenSigningKey: `-----BEGIN PRIVATE KEY-----\nMIGTAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBHkwdwIBAQQg...\n-----END PRIVATE KEY-----\n`,\n            fileName: \"AuthKey_ABC123DEFG.p8\",\n        },\n    },\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\napns_example = okta.PushProvider(\"apns_example\",\n    name=\"APNS Push Provider\",\n    provider_type=\"APNS\",\n    configuration={\n        \"apns_configuration\": {\n            \"key_id\": \"ABC123DEFG\",\n            \"team_id\": \"DEF123GHIJ\",\n            \"token_signing_key\": \"\"\"-----BEGIN PRIVATE KEY-----\nMIGTAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBHkwdwIBAQQg...\n-----END PRIVATE KEY-----\n\"\"\",\n            \"file_name\": \"AuthKey_ABC123DEFG.p8\",\n        },\n    })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var apnsExample = new Okta.PushProvider(\"apns_example\", new()\n    {\n        Name = \"APNS Push Provider\",\n        ProviderType = \"APNS\",\n        Configuration = new Okta.Inputs.PushProviderConfigurationArgs\n        {\n            ApnsConfiguration = new Okta.Inputs.PushProviderConfigurationApnsConfigurationArgs\n            {\n                KeyId = \"ABC123DEFG\",\n                TeamId = \"DEF123GHIJ\",\n                TokenSigningKey = @\"-----BEGIN PRIVATE KEY-----\nMIGTAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBHkwdwIBAQQg...\n-----END PRIVATE KEY-----\n\",\n                FileName = \"AuthKey_ABC123DEFG.p8\",\n            },\n        },\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := okta.NewPushProvider(ctx, \"apns_example\", \u0026okta.PushProviderArgs{\n\t\t\tName:         pulumi.String(\"APNS Push Provider\"),\n\t\t\tProviderType: pulumi.String(\"APNS\"),\n\t\t\tConfiguration: \u0026okta.PushProviderConfigurationArgs{\n\t\t\t\tApnsConfiguration: \u0026okta.PushProviderConfigurationApnsConfigurationArgs{\n\t\t\t\t\tKeyId:           pulumi.String(\"ABC123DEFG\"),\n\t\t\t\t\tTeamId:          pulumi.String(\"DEF123GHIJ\"),\n\t\t\t\t\tTokenSigningKey: pulumi.String(\"-----BEGIN PRIVATE KEY-----\\nMIGTAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBHkwdwIBAQQg...\\n-----END PRIVATE KEY-----\\n\"),\n\t\t\t\t\tFileName:        pulumi.String(\"AuthKey_ABC123DEFG.p8\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.PushProvider;\nimport com.pulumi.okta.PushProviderArgs;\nimport com.pulumi.okta.inputs.PushProviderConfigurationArgs;\nimport com.pulumi.okta.inputs.PushProviderConfigurationApnsConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        var apnsExample = new PushProvider(\"apnsExample\", PushProviderArgs.builder()\n            .name(\"APNS Push Provider\")\n            .providerType(\"APNS\")\n            .configuration(PushProviderConfigurationArgs.builder()\n                .apnsConfiguration(PushProviderConfigurationApnsConfigurationArgs.builder()\n                    .keyId(\"ABC123DEFG\")\n                    .teamId(\"DEF123GHIJ\")\n                    .tokenSigningKey(\"\"\"\n-----BEGIN PRIVATE KEY-----\nMIGTAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBHkwdwIBAQQg...\n-----END PRIVATE KEY-----\n                    \"\"\")\n                    .fileName(\"AuthKey_ABC123DEFG.p8\")\n                    .build())\n                .build())\n            .build());\n\n    }\n}\n```\n```yaml\nresources:\n  apnsExample:\n    type: okta:PushProvider\n    name: apns_example\n    properties:\n      name: APNS Push Provider\n      providerType: APNS\n      configuration:\n        apnsConfiguration:\n          keyId: ABC123DEFG\n          teamId: DEF123GHIJ\n          tokenSigningKey: |\n            -----BEGIN PRIVATE KEY-----\n            MIGTAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBHkwdwIBAQQg...\n            -----END PRIVATE KEY-----\n          fileName: AuthKey_ABC123DEFG.p8\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nPush providers can be imported using their ID:\n\n```sh\n$ pulumi import okta:index/pushProvider:PushProvider example \u003cpush_provider_id\u003e\n```\n\n","properties":{"configuration":{"$ref":"#/types/okta:index/PushProviderConfiguration:PushProviderConfiguration","description":"Configuration block for the push provider. The configuration structure depends on the provider type.\n"},"lastUpdatedDate":{"type":"string","description":"Timestamp when the push provider was last modified. (Computed)\n"},"name":{"type":"string","description":"The display name of the push provider.\n"},"providerType":{"type":"string","description":"The type of push provider. Valid values are `APNS` (Apple Push Notification Service) or `FCM` (Firebase Cloud Messaging).\n"}},"required":["lastUpdatedDate","name","providerType"],"inputProperties":{"configuration":{"$ref":"#/types/okta:index/PushProviderConfiguration:PushProviderConfiguration","description":"Configuration block for the push provider. The configuration structure depends on the provider type.\n"},"name":{"type":"string","description":"The display name of the push provider.\n"},"providerType":{"type":"string","description":"The type of push provider. Valid values are `APNS` (Apple Push Notification Service) or `FCM` (Firebase Cloud Messaging).\n"}},"requiredInputs":["providerType"],"stateInputs":{"description":"Input properties used for looking up and filtering PushProvider resources.\n","properties":{"configuration":{"$ref":"#/types/okta:index/PushProviderConfiguration:PushProviderConfiguration","description":"Configuration block for the push provider. The configuration structure depends on the provider type.\n"},"lastUpdatedDate":{"type":"string","description":"Timestamp when the push provider was last modified. (Computed)\n"},"name":{"type":"string","description":"The display name of the push provider.\n"},"providerType":{"type":"string","description":"The type of push provider. Valid values are `APNS` (Apple Push Notification Service) or `FCM` (Firebase Cloud Messaging).\n"}},"type":"object"}},"okta:index/rateLimitAdminNotificationSettings:RateLimitAdminNotificationSettings":{"description":"Manages principal rate limits.\nPrincipal Rate Limits provides operations to manage Principal Rate Limits for your organization.\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst example = new okta.RateLimitAdminNotificationSettings(\"example\", {notificationsEnabled: true});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\nexample = okta.RateLimitAdminNotificationSettings(\"example\", notifications_enabled=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var example = new Okta.RateLimitAdminNotificationSettings(\"example\", new()\n    {\n        NotificationsEnabled = true,\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := okta.NewRateLimitAdminNotificationSettings(ctx, \"example\", \u0026okta.RateLimitAdminNotificationSettingsArgs{\n\t\t\tNotificationsEnabled: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.RateLimitAdminNotificationSettings;\nimport com.pulumi.okta.RateLimitAdminNotificationSettingsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        var example = new RateLimitAdminNotificationSettings(\"example\", RateLimitAdminNotificationSettingsArgs.builder()\n            .notificationsEnabled(true)\n            .build());\n\n    }\n}\n```\n```yaml\nresources:\n  example:\n    type: okta:RateLimitAdminNotificationSettings\n    properties:\n      notificationsEnabled: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\n```sh\n$ pulumi import okta:index/rateLimitAdminNotificationSettings:RateLimitAdminNotificationSettings example .\n```\n\n","properties":{"notificationsEnabled":{"type":"boolean","description":"Enables or disables admin notifications for rate limiting events.\n"}},"required":["notificationsEnabled"],"inputProperties":{"notificationsEnabled":{"type":"boolean","description":"Enables or disables admin notifications for rate limiting events.\n"}},"requiredInputs":["notificationsEnabled"],"stateInputs":{"description":"Input properties used for looking up and filtering RateLimitAdminNotificationSettings resources.\n","properties":{"notificationsEnabled":{"type":"boolean","description":"Enables or disables admin notifications for rate limiting events.\n"}},"type":"object"}},"okta:index/rateLimitWarningThresholdPercentage:RateLimitWarningThresholdPercentage":{"description":"Rate limit warning threshold percentage provides operations to manage threshold for warning notifications when the API's rate limit is exceeded.\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst example = new okta.RateLimitWarningThresholdPercentage(\"example\", {warningThreshold: 90});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\nexample = okta.RateLimitWarningThresholdPercentage(\"example\", warning_threshold=90)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var example = new Okta.RateLimitWarningThresholdPercentage(\"example\", new()\n    {\n        WarningThreshold = 90,\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := okta.NewRateLimitWarningThresholdPercentage(ctx, \"example\", \u0026okta.RateLimitWarningThresholdPercentageArgs{\n\t\t\tWarningThreshold: pulumi.Int(90),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.RateLimitWarningThresholdPercentage;\nimport com.pulumi.okta.RateLimitWarningThresholdPercentageArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        var example = new RateLimitWarningThresholdPercentage(\"example\", RateLimitWarningThresholdPercentageArgs.builder()\n            .warningThreshold(90)\n            .build());\n\n    }\n}\n```\n```yaml\nresources:\n  example:\n    type: okta:RateLimitWarningThresholdPercentage\n    properties:\n      warningThreshold: 90\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\n```sh\n$ pulumi import okta:index/rateLimitWarningThresholdPercentage:RateLimitWarningThresholdPercentage example .\n```\n\n","properties":{"warningThreshold":{"type":"integer","description":"The threshold value (percentage) of a rate limit that, when exceeded, triggers a warning notification. By default, this value is 90 for Workforce orgs and 60 for CIAM orgs.\n"}},"required":["warningThreshold"],"inputProperties":{"warningThreshold":{"type":"integer","description":"The threshold value (percentage) of a rate limit that, when exceeded, triggers a warning notification. By default, this value is 90 for Workforce orgs and 60 for CIAM orgs.\n"}},"requiredInputs":["warningThreshold"],"stateInputs":{"description":"Input properties used for looking up and filtering RateLimitWarningThresholdPercentage resources.\n","properties":{"warningThreshold":{"type":"integer","description":"The threshold value (percentage) of a rate limit that, when exceeded, triggers a warning notification. By default, this value is 90 for Workforce orgs and 60 for CIAM orgs.\n"}},"type":"object"}},"okta:index/rateLimiting:RateLimiting":{"description":"Manages rate limiting.\nThis resource allows you to configure the client-based rate limit and rate limiting communications settings.\n\u003e **WARNING:** This resource is deprecated and will be removed in a future release. A new resource to manage rate limiting settings will be implemented in the future.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst example = new okta.RateLimiting(\"example\", {\n    login: \"ENFORCE\",\n    authorize: \"ENFORCE\",\n    communicationsEnabled: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\nexample = okta.RateLimiting(\"example\",\n    login=\"ENFORCE\",\n    authorize=\"ENFORCE\",\n    communications_enabled=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var example = new Okta.RateLimiting(\"example\", new()\n    {\n        Login = \"ENFORCE\",\n        Authorize = \"ENFORCE\",\n        CommunicationsEnabled = true,\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := okta.NewRateLimiting(ctx, \"example\", \u0026okta.RateLimitingArgs{\n\t\t\tLogin:                 \"ENFORCE\",\n\t\t\tAuthorize:             \"ENFORCE\",\n\t\t\tCommunicationsEnabled: true,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.RateLimiting;\nimport com.pulumi.okta.RateLimitingArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        var example = new RateLimiting(\"example\", RateLimitingArgs.builder()\n            .login(\"ENFORCE\")\n            .authorize(\"ENFORCE\")\n            .communicationsEnabled(true)\n            .build());\n\n    }\n}\n```\n```yaml\nresources:\n  example:\n    type: okta:RateLimiting\n    properties:\n      login: ENFORCE\n      authorize: ENFORCE\n      communicationsEnabled: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\n```sh\n$ pulumi import okta:index/rateLimiting:RateLimiting example .\n```\n\n","properties":{"defaultMode":{"type":"string"},"useCaseModeOverrides":{"$ref":"#/types/okta:index/RateLimitingUseCaseModeOverrides:RateLimitingUseCaseModeOverrides","description":"A map of Per-Client Rate Limit Use Case to the applicable PerClientRateLimitMode.Overrides the defaultMode property for the specified use cases."}},"required":["defaultMode"],"inputProperties":{"defaultMode":{"type":"string"},"useCaseModeOverrides":{"$ref":"#/types/okta:index/RateLimitingUseCaseModeOverrides:RateLimitingUseCaseModeOverrides","description":"A map of Per-Client Rate Limit Use Case to the applicable PerClientRateLimitMode.Overrides the defaultMode property for the specified use cases."}},"requiredInputs":["defaultMode"],"stateInputs":{"description":"Input properties used for looking up and filtering RateLimiting resources.\n","properties":{"defaultMode":{"type":"string"},"useCaseModeOverrides":{"$ref":"#/types/okta:index/RateLimitingUseCaseModeOverrides:RateLimitingUseCaseModeOverrides","description":"A map of Per-Client Rate Limit Use Case to the applicable PerClientRateLimitMode.Overrides the defaultMode property for the specified use cases."}},"type":"object"}},"okta:index/realm:Realm":{"description":"Creates an Okta Realm. This resource allows you to create and configure an Okta Realm.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst example = new okta.Realm(\"example\", {\n    name: \"Example Realm\",\n    realmType: \"DEFAULT\",\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\nexample = okta.Realm(\"example\",\n    name=\"Example Realm\",\n    realm_type=\"DEFAULT\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var example = new Okta.Realm(\"example\", new()\n    {\n        Name = \"Example Realm\",\n        RealmType = \"DEFAULT\",\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := okta.NewRealm(ctx, \"example\", \u0026okta.RealmArgs{\n\t\t\tName:      pulumi.String(\"Example Realm\"),\n\t\t\tRealmType: pulumi.String(\"DEFAULT\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.Realm;\nimport com.pulumi.okta.RealmArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        var example = new Realm(\"example\", RealmArgs.builder()\n            .name(\"Example Realm\")\n            .realmType(\"DEFAULT\")\n            .build());\n\n    }\n}\n```\n```yaml\nresources:\n  example:\n    type: okta:Realm\n    properties:\n      name: Example Realm\n      realmType: DEFAULT\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\n```sh\n$ pulumi import okta:index/realm:Realm example \u003crealm_id\u003e\n```\n\n","properties":{"isDefault":{"type":"boolean","description":"Indicates whether the realm is the default realm.\n"},"name":{"type":"string","description":"The name of the Okta Realm.\n"},"realmType":{"type":"string","description":"The realm type. Valid values: `PARTNER` and `DEFAULT`\n"}},"required":["isDefault","name"],"inputProperties":{"name":{"type":"string","description":"The name of the Okta Realm.\n"},"realmType":{"type":"string","description":"The realm type. Valid values: `PARTNER` and `DEFAULT`\n"}},"stateInputs":{"description":"Input properties used for looking up and filtering Realm resources.\n","properties":{"isDefault":{"type":"boolean","description":"Indicates whether the realm is the default realm.\n"},"name":{"type":"string","description":"The name of the Okta Realm.\n"},"realmType":{"type":"string","description":"The realm type. Valid values: `PARTNER` and `DEFAULT`\n"}},"type":"object"}},"okta:index/realmAssignment:RealmAssignment":{"description":"Creates an Okta Realm Assignment. This resource allows you to create and configure an Okta Realm Assignment.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst example = new okta.Realm(\"example\", {\n    name: \"Example Realm\",\n    realmType: \"DEFAULT\",\n});\nconst test = new okta.RealmAssignment(\"test\", {\n    name: \"Example Realm Assignment\",\n    priority: 55,\n    status: \"ACTIVE\",\n    profileSourceId: testOktaIdpSaml.id,\n    conditionExpression: \"user.profile.login.contains(\\\"@example.com\\\")\",\n    realmId: example.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\nexample = okta.Realm(\"example\",\n    name=\"Example Realm\",\n    realm_type=\"DEFAULT\")\ntest = okta.RealmAssignment(\"test\",\n    name=\"Example Realm Assignment\",\n    priority=55,\n    status=\"ACTIVE\",\n    profile_source_id=test_okta_idp_saml[\"id\"],\n    condition_expression=\"user.profile.login.contains(\\\"@example.com\\\")\",\n    realm_id=example.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var example = new Okta.Realm(\"example\", new()\n    {\n        Name = \"Example Realm\",\n        RealmType = \"DEFAULT\",\n    });\n\n    var test = new Okta.RealmAssignment(\"test\", new()\n    {\n        Name = \"Example Realm Assignment\",\n        Priority = 55,\n        Status = \"ACTIVE\",\n        ProfileSourceId = testOktaIdpSaml.Id,\n        ConditionExpression = \"user.profile.login.contains(\\\"@example.com\\\")\",\n        RealmId = example.Id,\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := okta.NewRealm(ctx, \"example\", \u0026okta.RealmArgs{\n\t\t\tName:      pulumi.String(\"Example Realm\"),\n\t\t\tRealmType: pulumi.String(\"DEFAULT\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = okta.NewRealmAssignment(ctx, \"test\", \u0026okta.RealmAssignmentArgs{\n\t\t\tName:                pulumi.String(\"Example Realm Assignment\"),\n\t\t\tPriority:            pulumi.Int(55),\n\t\t\tStatus:              pulumi.String(\"ACTIVE\"),\n\t\t\tProfileSourceId:     pulumi.Any(testOktaIdpSaml.Id),\n\t\t\tConditionExpression: pulumi.String(\"user.profile.login.contains(\\\"@example.com\\\")\"),\n\t\t\tRealmId:             example.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.Realm;\nimport com.pulumi.okta.RealmArgs;\nimport com.pulumi.okta.RealmAssignment;\nimport com.pulumi.okta.RealmAssignmentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        var example = new Realm(\"example\", RealmArgs.builder()\n            .name(\"Example Realm\")\n            .realmType(\"DEFAULT\")\n            .build());\n\n        var test = new RealmAssignment(\"test\", RealmAssignmentArgs.builder()\n            .name(\"Example Realm Assignment\")\n            .priority(55)\n            .status(\"ACTIVE\")\n            .profileSourceId(testOktaIdpSaml.id())\n            .conditionExpression(\"user.profile.login.contains(\\\"@example.com\\\")\")\n            .realmId(example.id())\n            .build());\n\n    }\n}\n```\n```yaml\nresources:\n  test:\n    type: okta:RealmAssignment\n    properties:\n      name: Example Realm Assignment\n      priority: 55\n      status: ACTIVE\n      profileSourceId: ${testOktaIdpSaml.id}\n      conditionExpression: user.profile.login.contains(\"@example.com\")\n      realmId: ${example.id}\n  example:\n    type: okta:Realm\n    properties:\n      name: Example Realm\n      realmType: DEFAULT\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\n```sh\n$ pulumi import okta:index/realmAssignment:RealmAssignment example \u003crealm_assignment_id\u003e\n```\n\n","properties":{"conditionExpression":{"type":"string","description":"Condition expression for the Realm Assignment in Okta Expression Language. Example: `user.profile.role ==\"Manager\"` or `user.profile.state.contains(\"example\")`.\n"},"isDefault":{"type":"boolean","description":"Indicates whether the realm assignment is the default.\n"},"name":{"type":"string","description":"The name of the Okta Realm Assignment.\n"},"priority":{"type":"integer","description":"The Priority of the Realm Assignment. The lower the number, the higher the priority.\n"},"profileSourceId":{"type":"string","description":"The ID of the Profile Source.\n"},"realmId":{"type":"string","description":"The ID of the Realm asscociated with the Realm Assignment.\n"},"status":{"type":"string","description":"Defines whether the Realm Assignment is active or not. Valid values: `ACTIVE` and `INACTIVE`.\n"}},"required":["isDefault","name","priority","profileSourceId","realmId","status"],"inputProperties":{"conditionExpression":{"type":"string","description":"Condition expression for the Realm Assignment in Okta Expression Language. Example: `user.profile.role ==\"Manager\"` or `user.profile.state.contains(\"example\")`.\n"},"name":{"type":"string","description":"The name of the Okta Realm Assignment.\n"},"priority":{"type":"integer","description":"The Priority of the Realm Assignment. The lower the number, the higher the priority.\n"},"profileSourceId":{"type":"string","description":"The ID of the Profile Source.\n"},"realmId":{"type":"string","description":"The ID of the Realm asscociated with the Realm Assignment.\n"},"status":{"type":"string","description":"Defines whether the Realm Assignment is active or not. Valid values: `ACTIVE` and `INACTIVE`.\n"}},"requiredInputs":["profileSourceId","realmId"],"stateInputs":{"description":"Input properties used for looking up and filtering RealmAssignment resources.\n","properties":{"conditionExpression":{"type":"string","description":"Condition expression for the Realm Assignment in Okta Expression Language. Example: `user.profile.role ==\"Manager\"` or `user.profile.state.contains(\"example\")`.\n"},"isDefault":{"type":"boolean","description":"Indicates whether the realm assignment is the default.\n"},"name":{"type":"string","description":"The name of the Okta Realm Assignment.\n"},"priority":{"type":"integer","description":"The Priority of the Realm Assignment. The lower the number, the higher the priority.\n"},"profileSourceId":{"type":"string","description":"The ID of the Profile Source.\n"},"realmId":{"type":"string","description":"The ID of the Realm asscociated with the Realm Assignment.\n"},"status":{"type":"string","description":"Defines whether the Realm Assignment is active or not. Valid values: `ACTIVE` and `INACTIVE`.\n"}},"type":"object"}},"okta:index/requestCondition:RequestCondition":{"description":"Manages request conditions. This resource allows you to create and configure an Okta [request-condition](https://developer.okta.com/docs/api/iga/openapi/governance.requests.admin.v2/tag/Request-Conditions/#tag/Request-Conditions).\n\n## Example Usage\n\n### Basic Example\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst example = new okta.RequestCondition(\"example\", {\n    resourceId: \"\u003cresource_id\u003e\",\n    approvalSequenceId: \"\u003capproval_sequence_id\u003e\",\n    name: \"\u003cname\u003e\",\n    accessScopeSettings: {\n        type: \"RESOURCE_DEFAULT\",\n    },\n    requesterSettings: {\n        type: \"EVERYONE\",\n    },\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\nexample = okta.RequestCondition(\"example\",\n    resource_id=\"\u003cresource_id\u003e\",\n    approval_sequence_id=\"\u003capproval_sequence_id\u003e\",\n    name=\"\u003cname\u003e\",\n    access_scope_settings={\n        \"type\": \"RESOURCE_DEFAULT\",\n    },\n    requester_settings={\n        \"type\": \"EVERYONE\",\n    })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var example = new Okta.RequestCondition(\"example\", new()\n    {\n        ResourceId = \"\u003cresource_id\u003e\",\n        ApprovalSequenceId = \"\u003capproval_sequence_id\u003e\",\n        Name = \"\u003cname\u003e\",\n        AccessScopeSettings = new Okta.Inputs.RequestConditionAccessScopeSettingsArgs\n        {\n            Type = \"RESOURCE_DEFAULT\",\n        },\n        RequesterSettings = new Okta.Inputs.RequestConditionRequesterSettingsArgs\n        {\n            Type = \"EVERYONE\",\n        },\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := okta.NewRequestCondition(ctx, \"example\", \u0026okta.RequestConditionArgs{\n\t\t\tResourceId:         pulumi.String(\"\u003cresource_id\u003e\"),\n\t\t\tApprovalSequenceId: pulumi.String(\"\u003capproval_sequence_id\u003e\"),\n\t\t\tName:               pulumi.String(\"\u003cname\u003e\"),\n\t\t\tAccessScopeSettings: \u0026okta.RequestConditionAccessScopeSettingsArgs{\n\t\t\t\tType: pulumi.String(\"RESOURCE_DEFAULT\"),\n\t\t\t},\n\t\t\tRequesterSettings: \u0026okta.RequestConditionRequesterSettingsArgs{\n\t\t\t\tType: pulumi.String(\"EVERYONE\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.RequestCondition;\nimport com.pulumi.okta.RequestConditionArgs;\nimport com.pulumi.okta.inputs.RequestConditionAccessScopeSettingsArgs;\nimport com.pulumi.okta.inputs.RequestConditionRequesterSettingsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        var example = new RequestCondition(\"example\", RequestConditionArgs.builder()\n            .resourceId(\"\u003cresource_id\u003e\")\n            .approvalSequenceId(\"\u003capproval_sequence_id\u003e\")\n            .name(\"\u003cname\u003e\")\n            .accessScopeSettings(RequestConditionAccessScopeSettingsArgs.builder()\n                .type(\"RESOURCE_DEFAULT\")\n                .build())\n            .requesterSettings(RequestConditionRequesterSettingsArgs.builder()\n                .type(\"EVERYONE\")\n                .build())\n            .build());\n\n    }\n}\n```\n```yaml\nresources:\n  example:\n    type: okta:RequestCondition\n    properties:\n      resourceId: \u003cresource_id\u003e\n      approvalSequenceId: \u003capproval_sequence_id\u003e\n      name: \u003cname\u003e\n      accessScopeSettings:\n        type: RESOURCE_DEFAULT\n      requesterSettings:\n        type: EVERYONE\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Example with Active Status\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst exampleActive = new okta.RequestCondition(\"example_active\", {\n    status: \"ACTIVE\",\n    resourceId: \"\u003cresource_id\u003e\",\n    approvalSequenceId: \"\u003capproval_sequence_id\u003e\",\n    name: \"\u003cname\u003e\",\n    accessScopeSettings: {\n        type: \"RESOURCE_DEFAULT\",\n    },\n    requesterSettings: {\n        type: \"EVERYONE\",\n    },\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\nexample_active = okta.RequestCondition(\"example_active\",\n    status=\"ACTIVE\",\n    resource_id=\"\u003cresource_id\u003e\",\n    approval_sequence_id=\"\u003capproval_sequence_id\u003e\",\n    name=\"\u003cname\u003e\",\n    access_scope_settings={\n        \"type\": \"RESOURCE_DEFAULT\",\n    },\n    requester_settings={\n        \"type\": \"EVERYONE\",\n    })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var exampleActive = new Okta.RequestCondition(\"example_active\", new()\n    {\n        Status = \"ACTIVE\",\n        ResourceId = \"\u003cresource_id\u003e\",\n        ApprovalSequenceId = \"\u003capproval_sequence_id\u003e\",\n        Name = \"\u003cname\u003e\",\n        AccessScopeSettings = new Okta.Inputs.RequestConditionAccessScopeSettingsArgs\n        {\n            Type = \"RESOURCE_DEFAULT\",\n        },\n        RequesterSettings = new Okta.Inputs.RequestConditionRequesterSettingsArgs\n        {\n            Type = \"EVERYONE\",\n        },\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := okta.NewRequestCondition(ctx, \"example_active\", \u0026okta.RequestConditionArgs{\n\t\t\tStatus:             pulumi.String(\"ACTIVE\"),\n\t\t\tResourceId:         pulumi.String(\"\u003cresource_id\u003e\"),\n\t\t\tApprovalSequenceId: pulumi.String(\"\u003capproval_sequence_id\u003e\"),\n\t\t\tName:               pulumi.String(\"\u003cname\u003e\"),\n\t\t\tAccessScopeSettings: \u0026okta.RequestConditionAccessScopeSettingsArgs{\n\t\t\t\tType: pulumi.String(\"RESOURCE_DEFAULT\"),\n\t\t\t},\n\t\t\tRequesterSettings: \u0026okta.RequestConditionRequesterSettingsArgs{\n\t\t\t\tType: pulumi.String(\"EVERYONE\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.RequestCondition;\nimport com.pulumi.okta.RequestConditionArgs;\nimport com.pulumi.okta.inputs.RequestConditionAccessScopeSettingsArgs;\nimport com.pulumi.okta.inputs.RequestConditionRequesterSettingsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        var exampleActive = new RequestCondition(\"exampleActive\", RequestConditionArgs.builder()\n            .status(\"ACTIVE\")\n            .resourceId(\"\u003cresource_id\u003e\")\n            .approvalSequenceId(\"\u003capproval_sequence_id\u003e\")\n            .name(\"\u003cname\u003e\")\n            .accessScopeSettings(RequestConditionAccessScopeSettingsArgs.builder()\n                .type(\"RESOURCE_DEFAULT\")\n                .build())\n            .requesterSettings(RequestConditionRequesterSettingsArgs.builder()\n                .type(\"EVERYONE\")\n                .build())\n            .build());\n\n    }\n}\n```\n```yaml\nresources:\n  exampleActive:\n    type: okta:RequestCondition\n    name: example_active\n    properties:\n      status: ACTIVE\n      resourceId: \u003cresource_id\u003e\n      approvalSequenceId: \u003capproval_sequence_id\u003e\n      name: \u003cname\u003e\n      accessScopeSettings:\n        type: RESOURCE_DEFAULT\n      requesterSettings:\n        type: EVERYONE\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\n```sh\n$ pulumi import okta:index/requestCondition:RequestCondition example \u003cresource_id\u003e/\u003crequest_condition_id\u003e\n```\n\n","properties":{"accessDurationSettings":{"$ref":"#/types/okta:index/RequestConditionAccessDurationSettings:RequestConditionAccessDurationSettings","description":"The access duration settings for the request condition\n"},"accessScopeSettings":{"$ref":"#/types/okta:index/RequestConditionAccessScopeSettings:RequestConditionAccessScopeSettings"},"approvalSequenceId":{"type":"string","description":"The ID of the approval sequence.\n"},"created":{"type":"string","description":"The date and time when the request condition was created.\n"},"createdBy":{"type":"string","description":"The id of the user who created the request condition.\n"},"description":{"type":"string","description":"The description of the request condition.\n"},"lastUpdated":{"type":"string","description":"The date and time when the request condition was last updated.\n"},"lastUpdatedBy":{"type":"string","description":"The id of the user who last updated the request condition.\n"},"name":{"type":"string","description":"The name of the request condition.\n"},"priority":{"type":"integer","description":"The priority of the request condition. Lower numbers indicate higher priority.\n"},"requesterSettings":{"$ref":"#/types/okta:index/RequestConditionRequesterSettings:RequestConditionRequesterSettings"},"resourceId":{"type":"string","description":"The id of the resource in Okta ID format.\n"},"status":{"type":"string","description":"Status of the condition. Valid values: `ACTIVE`, `INACTIVE`. Default is `INACTIVE`. Note: `DELETED` and `INVALID` statuses are system-managed and cannot be set directly.\n"}},"required":["approvalSequenceId","created","createdBy","lastUpdated","lastUpdatedBy","name","priority","resourceId","status"],"inputProperties":{"accessDurationSettings":{"$ref":"#/types/okta:index/RequestConditionAccessDurationSettings:RequestConditionAccessDurationSettings","description":"The access duration settings for the request condition\n"},"accessScopeSettings":{"$ref":"#/types/okta:index/RequestConditionAccessScopeSettings:RequestConditionAccessScopeSettings"},"approvalSequenceId":{"type":"string","description":"The ID of the approval sequence.\n"},"description":{"type":"string","description":"The description of the request condition.\n"},"name":{"type":"string","description":"The name of the request condition.\n"},"priority":{"type":"integer","description":"The priority of the request condition. Lower numbers indicate higher priority.\n"},"requesterSettings":{"$ref":"#/types/okta:index/RequestConditionRequesterSettings:RequestConditionRequesterSettings"},"resourceId":{"type":"string","description":"The id of the resource in Okta ID format.\n"},"status":{"type":"string","description":"Status of the condition. Valid values: `ACTIVE`, `INACTIVE`. Default is `INACTIVE`. Note: `DELETED` and `INVALID` statuses are system-managed and cannot be set directly.\n"}},"requiredInputs":["approvalSequenceId","resourceId"],"stateInputs":{"description":"Input properties used for looking up and filtering RequestCondition resources.\n","properties":{"accessDurationSettings":{"$ref":"#/types/okta:index/RequestConditionAccessDurationSettings:RequestConditionAccessDurationSettings","description":"The access duration settings for the request condition\n"},"accessScopeSettings":{"$ref":"#/types/okta:index/RequestConditionAccessScopeSettings:RequestConditionAccessScopeSettings"},"approvalSequenceId":{"type":"string","description":"The ID of the approval sequence.\n"},"created":{"type":"string","description":"The date and time when the request condition was created.\n"},"createdBy":{"type":"string","description":"The id of the user who created the request condition.\n"},"description":{"type":"string","description":"The description of the request condition.\n"},"lastUpdated":{"type":"string","description":"The date and time when the request condition was last updated.\n"},"lastUpdatedBy":{"type":"string","description":"The id of the user who last updated the request condition.\n"},"name":{"type":"string","description":"The name of the request condition.\n"},"priority":{"type":"integer","description":"The priority of the request condition. Lower numbers indicate higher priority.\n"},"requesterSettings":{"$ref":"#/types/okta:index/RequestConditionRequesterSettings:RequestConditionRequesterSettings"},"resourceId":{"type":"string","description":"The id of the resource in Okta ID format.\n"},"status":{"type":"string","description":"Status of the condition. Valid values: `ACTIVE`, `INACTIVE`. Default is `INACTIVE`. Note: `DELETED` and `INVALID` statuses are system-managed and cannot be set directly.\n"}},"type":"object"}},"okta:index/requestSequence:RequestSequence":{"description":"Manages request sequence. This resource allows you to read and delete an Okta [request-sequence](https://developer.okta.com/docs/api/iga/openapi/governance.requests.admin.v2/tag/Request-Sequences/#tag/Request-Sequences).\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst test = new okta.RequestSequence(\"test\", {\n    idProperty: \"\u003csequence_id\u003e\",\n    resourceId: \"\u003cresource_id\u003e\",\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\ntest = okta.RequestSequence(\"test\",\n    id_property=\"\u003csequence_id\u003e\",\n    resource_id=\"\u003cresource_id\u003e\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var test = new Okta.RequestSequence(\"test\", new()\n    {\n        IdProperty = \"\u003csequence_id\u003e\",\n        ResourceId = \"\u003cresource_id\u003e\",\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := okta.NewRequestSequence(ctx, \"test\", \u0026okta.RequestSequenceArgs{\n\t\t\tIdProperty: pulumi.String(\"\u003csequence_id\u003e\"),\n\t\t\tResourceId: pulumi.String(\"\u003cresource_id\u003e\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.RequestSequence;\nimport com.pulumi.okta.RequestSequenceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        var test = new RequestSequence(\"test\", RequestSequenceArgs.builder()\n            .idProperty(\"\u003csequence_id\u003e\")\n            .resourceId(\"\u003cresource_id\u003e\")\n            .build());\n\n    }\n}\n```\n```yaml\nresources:\n  test:\n    type: okta:RequestSequence\n    properties:\n      idProperty: \u003csequence_id\u003e\n      resourceId: \u003cresource_id\u003e\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\n```sh\n$ pulumi import okta:index/requestSequence:RequestSequence example \u003cresource_id\u003e/\u003cid\u003e\n```\n\n","properties":{"compatibleResourceTypes":{"type":"array","items":{"type":"string"},"description":"Enum: `APP`, `GROUP`.\n"},"description":{"type":"string","description":"The description of the request condition.\n"},"idProperty":{"type":"string","description":"The id of the sequence.Must be of 24 characters length.\n"},"link":{"type":"string","description":"Link to edit the request sequence.\n"},"name":{"type":"string","description":"The access duration settings for the request condition\n"},"resourceId":{"type":"string","description":"The id of the resource in Okta ID format.\n"}},"required":["compatibleResourceTypes","description","idProperty","link","name","resourceId"],"inputProperties":{"idProperty":{"type":"string","description":"The id of the sequence.Must be of 24 characters length.\n"},"resourceId":{"type":"string","description":"The id of the resource in Okta ID format.\n"}},"requiredInputs":["idProperty","resourceId"],"stateInputs":{"description":"Input properties used for looking up and filtering RequestSequence resources.\n","properties":{"compatibleResourceTypes":{"type":"array","items":{"type":"string"},"description":"Enum: `APP`, `GROUP`.\n"},"description":{"type":"string","description":"The description of the request condition.\n"},"idProperty":{"type":"string","description":"The id of the sequence.Must be of 24 characters length.\n"},"link":{"type":"string","description":"Link to edit the request sequence.\n"},"name":{"type":"string","description":"The access duration settings for the request condition\n"},"resourceId":{"type":"string","description":"The id of the resource in Okta ID format.\n"}},"type":"object"}},"okta:index/requestSettingOrganization:RequestSettingOrganization":{"description":"Manages request settings. This resource allows you to read and configure an Okta [request-setting](https://developer.okta.com/docs/api/iga/openapi/governance.requests.admin.v2/tag/Request-Settings/#tag/Request-Settings/operation/updateOrgRequestSettingsV2).\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst example = new okta.RequestCondition(\"example\", {\n    resourceId: \"\u003cresource_id\u003e\",\n    approvalSequenceId: \"\u003capproval_sequence_id\u003e\",\n    name: \"\u003cname\u003e\",\n    accessScopeSettings: {\n        type: \"RESOURCE_DEFAULT\",\n    },\n    requesterSettings: {\n        type: \"EVERYONE\",\n    },\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\nexample = okta.RequestCondition(\"example\",\n    resource_id=\"\u003cresource_id\u003e\",\n    approval_sequence_id=\"\u003capproval_sequence_id\u003e\",\n    name=\"\u003cname\u003e\",\n    access_scope_settings={\n        \"type\": \"RESOURCE_DEFAULT\",\n    },\n    requester_settings={\n        \"type\": \"EVERYONE\",\n    })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var example = new Okta.RequestCondition(\"example\", new()\n    {\n        ResourceId = \"\u003cresource_id\u003e\",\n        ApprovalSequenceId = \"\u003capproval_sequence_id\u003e\",\n        Name = \"\u003cname\u003e\",\n        AccessScopeSettings = new Okta.Inputs.RequestConditionAccessScopeSettingsArgs\n        {\n            Type = \"RESOURCE_DEFAULT\",\n        },\n        RequesterSettings = new Okta.Inputs.RequestConditionRequesterSettingsArgs\n        {\n            Type = \"EVERYONE\",\n        },\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := okta.NewRequestCondition(ctx, \"example\", \u0026okta.RequestConditionArgs{\n\t\t\tResourceId:         pulumi.String(\"\u003cresource_id\u003e\"),\n\t\t\tApprovalSequenceId: pulumi.String(\"\u003capproval_sequence_id\u003e\"),\n\t\t\tName:               pulumi.String(\"\u003cname\u003e\"),\n\t\t\tAccessScopeSettings: \u0026okta.RequestConditionAccessScopeSettingsArgs{\n\t\t\t\tType: pulumi.String(\"RESOURCE_DEFAULT\"),\n\t\t\t},\n\t\t\tRequesterSettings: \u0026okta.RequestConditionRequesterSettingsArgs{\n\t\t\t\tType: pulumi.String(\"EVERYONE\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.RequestCondition;\nimport com.pulumi.okta.RequestConditionArgs;\nimport com.pulumi.okta.inputs.RequestConditionAccessScopeSettingsArgs;\nimport com.pulumi.okta.inputs.RequestConditionRequesterSettingsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        var example = new RequestCondition(\"example\", RequestConditionArgs.builder()\n            .resourceId(\"\u003cresource_id\u003e\")\n            .approvalSequenceId(\"\u003capproval_sequence_id\u003e\")\n            .name(\"\u003cname\u003e\")\n            .accessScopeSettings(RequestConditionAccessScopeSettingsArgs.builder()\n                .type(\"RESOURCE_DEFAULT\")\n                .build())\n            .requesterSettings(RequestConditionRequesterSettingsArgs.builder()\n                .type(\"EVERYONE\")\n                .build())\n            .build());\n\n    }\n}\n```\n```yaml\nresources:\n  example:\n    type: okta:RequestCondition\n    properties:\n      resourceId: \u003cresource_id\u003e\n      approvalSequenceId: \u003capproval_sequence_id\u003e\n      name: \u003cname\u003e\n      accessScopeSettings:\n        type: RESOURCE_DEFAULT\n      requesterSettings:\n        type: EVERYONE\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\n```sh\n$ pulumi import okta:index/requestSettingOrganization:RequestSettingOrganization example \"default\"\n```\n\n","properties":{"idProperty":{"type":"string","description":"Request condition id.\n"},"subprocessorsAcknowledged":{"type":"boolean","description":"Whether a customer has acknowledged Access Requests subprocessors.\n"}},"required":["idProperty","subprocessorsAcknowledged"],"inputProperties":{"idProperty":{"type":"string","description":"Request condition id.\n"},"subprocessorsAcknowledged":{"type":"boolean","description":"Whether a customer has acknowledged Access Requests subprocessors.\n"}},"requiredInputs":["idProperty"],"stateInputs":{"description":"Input properties used for looking up and filtering RequestSettingOrganization resources.\n","properties":{"idProperty":{"type":"string","description":"Request condition id.\n"},"subprocessorsAcknowledged":{"type":"boolean","description":"Whether a customer has acknowledged Access Requests subprocessors.\n"}},"type":"object"}},"okta:index/requestSettingResource:RequestSettingResource":{"description":"Manages request settings. This resource allows you to read and configure an Okta [request-setting](https://developer.okta.com/docs/api/iga/openapi/governance.requests.admin.v2/tag/Request-Settings/#tag/Request-Settings/operation/getRequestSettingsV2).\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst test = new okta.RequestSettingResource(\"test\", {\n    resourceId: \"\u003cresource_id\u003e\",\n    riskSettings: {\n        defaultSetting: {\n            requestSubmissionType: \"ALLOWED_WITH_OVERRIDES\",\n            approvalSequenceId: \"\u003capproval_sequence_id\u003e\",\n        },\n    },\n    requestOnBehalfOfSettings: {\n        allowed: true,\n    },\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\ntest = okta.RequestSettingResource(\"test\",\n    resource_id=\"\u003cresource_id\u003e\",\n    risk_settings={\n        \"default_setting\": {\n            \"request_submission_type\": \"ALLOWED_WITH_OVERRIDES\",\n            \"approval_sequence_id\": \"\u003capproval_sequence_id\u003e\",\n        },\n    },\n    request_on_behalf_of_settings={\n        \"allowed\": True,\n    })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var test = new Okta.RequestSettingResource(\"test\", new()\n    {\n        ResourceId = \"\u003cresource_id\u003e\",\n        RiskSettings = new Okta.Inputs.RequestSettingResourceRiskSettingsArgs\n        {\n            DefaultSetting = new Okta.Inputs.RequestSettingResourceRiskSettingsDefaultSettingArgs\n            {\n                RequestSubmissionType = \"ALLOWED_WITH_OVERRIDES\",\n                ApprovalSequenceId = \"\u003capproval_sequence_id\u003e\",\n            },\n        },\n        RequestOnBehalfOfSettings = new Okta.Inputs.RequestSettingResourceRequestOnBehalfOfSettingsArgs\n        {\n            Allowed = true,\n        },\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := okta.NewRequestSettingResource(ctx, \"test\", \u0026okta.RequestSettingResourceArgs{\n\t\t\tResourceId: \"\u003cresource_id\u003e\",\n\t\t\tRiskSettings: \u0026okta.RequestSettingResourceRiskSettingsArgs{\n\t\t\t\tDefaultSetting: \u0026okta.RequestSettingResourceRiskSettingsDefaultSettingArgs{\n\t\t\t\t\tRequestSubmissionType: pulumi.String(\"ALLOWED_WITH_OVERRIDES\"),\n\t\t\t\t\tApprovalSequenceId:    pulumi.String(\"\u003capproval_sequence_id\u003e\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tRequestOnBehalfOfSettings: \u0026okta.RequestSettingResourceRequestOnBehalfOfSettingsArgs{\n\t\t\t\tAllowed: pulumi.Bool(true),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.RequestSettingResource;\nimport com.pulumi.okta.RequestSettingResourceArgs;\nimport com.pulumi.okta.inputs.RequestSettingResourceRiskSettingsArgs;\nimport com.pulumi.okta.inputs.RequestSettingResourceRiskSettingsDefaultSettingArgs;\nimport com.pulumi.okta.inputs.RequestSettingResourceRequestOnBehalfOfSettingsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        var test = new RequestSettingResource(\"test\", RequestSettingResourceArgs.builder()\n            .resourceId(\"\u003cresource_id\u003e\")\n            .riskSettings(RequestSettingResourceRiskSettingsArgs.builder()\n                .defaultSetting(RequestSettingResourceRiskSettingsDefaultSettingArgs.builder()\n                    .requestSubmissionType(\"ALLOWED_WITH_OVERRIDES\")\n                    .approvalSequenceId(\"\u003capproval_sequence_id\u003e\")\n                    .build())\n                .build())\n            .requestOnBehalfOfSettings(RequestSettingResourceRequestOnBehalfOfSettingsArgs.builder()\n                .allowed(true)\n                .build())\n            .build());\n\n    }\n}\n```\n```yaml\nresources:\n  test:\n    type: okta:RequestSettingResource\n    properties:\n      resourceId: \u003cresource_id\u003e\n      riskSettings:\n        defaultSetting:\n          requestSubmissionType: ALLOWED_WITH_OVERRIDES\n          approvalSequenceId: \u003capproval_sequence_id\u003e\n      requestOnBehalfOfSettings:\n        allowed: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\n```sh\n$ pulumi import okta:index/requestSettingResource:RequestSettingResource example \"\u003cresource_id\u003e\"\n```\n\n","properties":{"idProperty":{"type":"string","description":"The id of the resource in Okta ID format."},"requestOnBehalfOfSettings":{"$ref":"#/types/okta:index/RequestSettingResourceRequestOnBehalfOfSettings:RequestSettingResourceRequestOnBehalfOfSettings","description":"Specifies if and for whom a requester may request the resource for.\n"},"riskSettings":{"$ref":"#/types/okta:index/RequestSettingResourceRiskSettings:RequestSettingResourceRiskSettings","description":"Risk settings for the resource.\n"}},"required":["idProperty"],"inputProperties":{"idProperty":{"type":"string","description":"The id of the resource in Okta ID format."},"requestOnBehalfOfSettings":{"$ref":"#/types/okta:index/RequestSettingResourceRequestOnBehalfOfSettings:RequestSettingResourceRequestOnBehalfOfSettings","description":"Specifies if and for whom a requester may request the resource for.\n"},"riskSettings":{"$ref":"#/types/okta:index/RequestSettingResourceRiskSettings:RequestSettingResourceRiskSettings","description":"Risk settings for the resource.\n"}},"requiredInputs":["idProperty"],"stateInputs":{"description":"Input properties used for looking up and filtering RequestSettingResource resources.\n","properties":{"idProperty":{"type":"string","description":"The id of the resource in Okta ID format."},"requestOnBehalfOfSettings":{"$ref":"#/types/okta:index/RequestSettingResourceRequestOnBehalfOfSettings:RequestSettingResourceRequestOnBehalfOfSettings","description":"Specifies if and for whom a requester may request the resource for.\n"},"riskSettings":{"$ref":"#/types/okta:index/RequestSettingResourceRiskSettings:RequestSettingResourceRiskSettings","description":"Risk settings for the resource.\n"}},"type":"object"}},"okta:index/requestV2:RequestV2":{"description":"Manage the access request process. This resource allows you to create and read an Okta [request](https://developer.okta.com/docs/api/iga/openapi/governance.requests.admin.v2/tag/Requests/#tag/Requests).\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst test = new okta.RequestV2(\"test\", {\n    requested: {\n        type: \"CATALOG_ENTRY\",\n        entryId: \"\u003centry_id\u003e\",\n    },\n    requestedFor: {\n        type: \"OKTA_USER\",\n        externalId: \"\u003cuser_id\u003e\",\n    },\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\ntest = okta.RequestV2(\"test\",\n    requested={\n        \"type\": \"CATALOG_ENTRY\",\n        \"entry_id\": \"\u003centry_id\u003e\",\n    },\n    requested_for={\n        \"type\": \"OKTA_USER\",\n        \"external_id\": \"\u003cuser_id\u003e\",\n    })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var test = new Okta.RequestV2(\"test\", new()\n    {\n        Requested = new Okta.Inputs.RequestV2RequestedArgs\n        {\n            Type = \"CATALOG_ENTRY\",\n            EntryId = \"\u003centry_id\u003e\",\n        },\n        RequestedFor = new Okta.Inputs.RequestV2RequestedForArgs\n        {\n            Type = \"OKTA_USER\",\n            ExternalId = \"\u003cuser_id\u003e\",\n        },\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := okta.NewRequestV2(ctx, \"test\", \u0026okta.RequestV2Args{\n\t\t\tRequested: \u0026okta.RequestV2RequestedArgs{\n\t\t\t\tType:    pulumi.String(\"CATALOG_ENTRY\"),\n\t\t\t\tEntryId: pulumi.String(\"\u003centry_id\u003e\"),\n\t\t\t},\n\t\t\tRequestedFor: \u0026okta.RequestV2RequestedForArgs{\n\t\t\t\tType:       pulumi.String(\"OKTA_USER\"),\n\t\t\t\tExternalId: pulumi.String(\"\u003cuser_id\u003e\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.RequestV2;\nimport com.pulumi.okta.RequestV2Args;\nimport com.pulumi.okta.inputs.RequestV2RequestedArgs;\nimport com.pulumi.okta.inputs.RequestV2RequestedForArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        var test = new RequestV2(\"test\", RequestV2Args.builder()\n            .requested(RequestV2RequestedArgs.builder()\n                .type(\"CATALOG_ENTRY\")\n                .entryId(\"\u003centry_id\u003e\")\n                .build())\n            .requestedFor(RequestV2RequestedForArgs.builder()\n                .type(\"OKTA_USER\")\n                .externalId(\"\u003cuser_id\u003e\")\n                .build())\n            .build());\n\n    }\n}\n```\n```yaml\nresources:\n  test:\n    type: okta:RequestV2\n    properties:\n      requested:\n        type: CATALOG_ENTRY\n        entryId: \u003centry_id\u003e\n      requestedFor:\n        type: OKTA_USER\n        externalId: \u003cuser_id\u003e\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\n```sh\n$ pulumi import okta:index/requestV2:RequestV2 example \u003crequest_id\u003e\n```\n\n","properties":{"accessDuration":{"type":"string","description":"How long the requester retains access after their request is approved and fulfilled.\n"},"created":{"type":"string","description":"The date and time when the request condition was created.\n"},"createdBy":{"type":"string","description":"The id of the user who created the request condition.\n"},"grantStatus":{"type":"string","description":"The status of the granted access request.\n"},"granted":{"type":"string","description":"The date the approved access was granted. Only set if request . Status is APPROVED.\n"},"lastUpdated":{"type":"string","description":"The date and time when the request condition was last updated.\n"},"lastUpdatedBy":{"type":"string","description":"The id of the user who last updated the request condition.\n"},"requested":{"$ref":"#/types/okta:index/RequestV2Requested:RequestV2Requested","description":"A representation of a resource that can be requested for access.\n"},"requestedFor":{"$ref":"#/types/okta:index/RequestV2RequestedFor:RequestV2RequestedFor","description":"A representation of a principal.\n"},"requesterFieldValues":{"type":"array","items":{"$ref":"#/types/okta:index/RequestV2RequesterFieldValue:RequestV2RequesterFieldValue"},"description":"The requester input fields required by the approval system.\n"},"resolved":{"type":"string","description":"The date the request was resolved.\n"},"revocationScheduled":{"type":"string","description":"The date the request was scheduled for revocation.\n"},"revocationStatus":{"type":"string","description":"The revocation status of the request.\n"},"revoked":{"type":"string","description":"The date the granted access was revoked.\n"},"status":{"type":"string","description":"The status of the request.\n"}},"required":["accessDuration","created","createdBy","grantStatus","granted","lastUpdated","lastUpdatedBy","resolved","revocationScheduled","revocationStatus","revoked","status"],"inputProperties":{"requested":{"$ref":"#/types/okta:index/RequestV2Requested:RequestV2Requested","description":"A representation of a resource that can be requested for access.\n"},"requestedFor":{"$ref":"#/types/okta:index/RequestV2RequestedFor:RequestV2RequestedFor","description":"A representation of a principal.\n"},"requesterFieldValues":{"type":"array","items":{"$ref":"#/types/okta:index/RequestV2RequesterFieldValue:RequestV2RequesterFieldValue"},"description":"The requester input fields required by the approval system.\n"}},"stateInputs":{"description":"Input properties used for looking up and filtering RequestV2 resources.\n","properties":{"accessDuration":{"type":"string","description":"How long the requester retains access after their request is approved and fulfilled.\n"},"created":{"type":"string","description":"The date and time when the request condition was created.\n"},"createdBy":{"type":"string","description":"The id of the user who created the request condition.\n"},"grantStatus":{"type":"string","description":"The status of the granted access request.\n"},"granted":{"type":"string","description":"The date the approved access was granted. Only set if request . Status is APPROVED.\n"},"lastUpdated":{"type":"string","description":"The date and time when the request condition was last updated.\n"},"lastUpdatedBy":{"type":"string","description":"The id of the user who last updated the request condition.\n"},"requested":{"$ref":"#/types/okta:index/RequestV2Requested:RequestV2Requested","description":"A representation of a resource that can be requested for access.\n"},"requestedFor":{"$ref":"#/types/okta:index/RequestV2RequestedFor:RequestV2RequestedFor","description":"A representation of a principal.\n"},"requesterFieldValues":{"type":"array","items":{"$ref":"#/types/okta:index/RequestV2RequesterFieldValue:RequestV2RequesterFieldValue"},"description":"The requester input fields required by the approval system.\n"},"resolved":{"type":"string","description":"The date the request was resolved.\n"},"revocationScheduled":{"type":"string","description":"The date the request was scheduled for revocation.\n"},"revocationStatus":{"type":"string","description":"The revocation status of the request.\n"},"revoked":{"type":"string","description":"The date the granted access was revoked.\n"},"status":{"type":"string","description":"The status of the request.\n"}},"type":"object"}},"okta:index/resourceSet:ResourceSet":{"description":"Manages Resource Sets as custom collections of resources. This resource allows the creation and manipulation of Okta Resource Sets as custom collections of Okta resources. You can use Okta Resource Sets to assign Custom Roles to administrators who are scoped to the designated resources. \nThe 'resources' field supports the following:\n\t- Apps\n\t- Groups\n\t- All Users within a Group\n\t- All Users within the org\n\t- All Groups within the org\n\t- All Apps within the org\n\t- All Apps of the same type\n\n## Import\n\n```sh\n$ pulumi import okta:index/resourceSet:ResourceSet example \u003cresource_set_id\u003e\n```\n\n","properties":{"description":{"type":"string","description":"A description of the Resource Set\n"},"label":{"type":"string","description":"Unique name given to the Resource Set\n"},"resources":{"type":"array","items":{"type":"string"},"description":"The endpoints that reference the resources to be included in the new Resource Set. At least one endpoint must be specified when creating resource set.\n"},"resourcesOrns":{"type":"array","items":{"type":"string"},"description":"The orn(Okta Resource Name) of the resources to be included in the new Resource Set. At least one orn must be specified when creating resource set.\n"}},"required":["description","label"],"inputProperties":{"description":{"type":"string","description":"A description of the Resource Set\n"},"label":{"type":"string","description":"Unique name given to the Resource Set\n"},"resources":{"type":"array","items":{"type":"string"},"description":"The endpoints that reference the resources to be included in the new Resource Set. At least one endpoint must be specified when creating resource set.\n"},"resourcesOrns":{"type":"array","items":{"type":"string"},"description":"The orn(Okta Resource Name) of the resources to be included in the new Resource Set. At least one orn must be specified when creating resource set.\n"}},"requiredInputs":["description","label"],"stateInputs":{"description":"Input properties used for looking up and filtering ResourceSet resources.\n","properties":{"description":{"type":"string","description":"A description of the Resource Set\n"},"label":{"type":"string","description":"Unique name given to the Resource Set\n"},"resources":{"type":"array","items":{"type":"string"},"description":"The endpoints that reference the resources to be included in the new Resource Set. At least one endpoint must be specified when creating resource set.\n"},"resourcesOrns":{"type":"array","items":{"type":"string"},"description":"The orn(Okta Resource Name) of the resources to be included in the new Resource Set. At least one orn must be specified when creating resource set.\n"}},"type":"object"}},"okta:index/review:Review":{"description":"Manages reassignment of review.\n\nThis resource allows you to reassign an already existing review.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst test = new okta.Review(\"test\", {\n    campaignId: \"icizigd86iM9sOcbN1d6\",\n    reviewerId: \"00unli90kor62oF5Z1d7\",\n    reviewIds: [\"icrztblxbBFiVKepb1d6\"],\n    reviewerLevel: \"FIRST\",\n    note: \"John Smith is on leave for this month. His manager Tim will be the reviewer instead.\",\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\ntest = okta.Review(\"test\",\n    campaign_id=\"icizigd86iM9sOcbN1d6\",\n    reviewer_id=\"00unli90kor62oF5Z1d7\",\n    review_ids=[\"icrztblxbBFiVKepb1d6\"],\n    reviewer_level=\"FIRST\",\n    note=\"John Smith is on leave for this month. His manager Tim will be the reviewer instead.\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var test = new Okta.Review(\"test\", new()\n    {\n        CampaignId = \"icizigd86iM9sOcbN1d6\",\n        ReviewerId = \"00unli90kor62oF5Z1d7\",\n        ReviewIds = new[]\n        {\n            \"icrztblxbBFiVKepb1d6\",\n        },\n        ReviewerLevel = \"FIRST\",\n        Note = \"John Smith is on leave for this month. His manager Tim will be the reviewer instead.\",\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := okta.NewReview(ctx, \"test\", \u0026okta.ReviewArgs{\n\t\t\tCampaignId: pulumi.String(\"icizigd86iM9sOcbN1d6\"),\n\t\t\tReviewerId: pulumi.String(\"00unli90kor62oF5Z1d7\"),\n\t\t\tReviewIds: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"icrztblxbBFiVKepb1d6\"),\n\t\t\t},\n\t\t\tReviewerLevel: pulumi.String(\"FIRST\"),\n\t\t\tNote:          pulumi.String(\"John Smith is on leave for this month. His manager Tim will be the reviewer instead.\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.Review;\nimport com.pulumi.okta.ReviewArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        var test = new Review(\"test\", ReviewArgs.builder()\n            .campaignId(\"icizigd86iM9sOcbN1d6\")\n            .reviewerId(\"00unli90kor62oF5Z1d7\")\n            .reviewIds(\"icrztblxbBFiVKepb1d6\")\n            .reviewerLevel(\"FIRST\")\n            .note(\"John Smith is on leave for this month. His manager Tim will be the reviewer instead.\")\n            .build());\n\n    }\n}\n```\n```yaml\nresources:\n  test:\n    type: okta:Review\n    properties:\n      campaignId: icizigd86iM9sOcbN1d6\n      reviewerId: 00unli90kor62oF5Z1d7\n      reviewIds:\n        - icrztblxbBFiVKepb1d6\n      reviewerLevel: FIRST\n      note: John Smith is on leave for this month. His manager Tim will be the reviewer instead.\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\n```sh\n$ pulumi import okta:index/review:Review example \u003creview_id?\n```\n\n","properties":{"campaignId":{"type":"string","description":"The id of the campaign.\n"},"created":{"type":"string","description":"The ISO 8601 formatted date and time when the resource was created"},"createdBy":{"type":"string","description":"The id of user who created the resource."},"decision":{"type":"string","description":"The decision of the reviewer."},"lastUpdated":{"type":"string","description":"The ISO 8601 formatted date and time when the object was last updated."},"lastUpdatedBy":{"type":"string","description":"The id of user who last updated the object."},"note":{"type":"string","description":"A note to justify the reassignment decision for the specified review.\n"},"resourceId":{"type":"string"},"reviewIds":{"type":"array","items":{"type":"string"},"description":"A list of reviews (review id values) that are reassigned to the new reviewer.\n"},"reviewerId":{"type":"string","description":"The Okta user id of the new reviewer.\n"},"reviewerLevel":{"type":"string","description":"Identifies the reviewer level of each reviews during access certification. Applicable for multi level campaigns only.\n"},"reviewerType":{"type":"string","description":"The type of reviewer to which the review is assigned."}},"required":["campaignId","created","createdBy","decision","lastUpdated","lastUpdatedBy","note","resourceId","reviewIds","reviewerId","reviewerType"],"inputProperties":{"campaignId":{"type":"string","description":"The id of the campaign.\n"},"note":{"type":"string","description":"A note to justify the reassignment decision for the specified review.\n"},"reviewIds":{"type":"array","items":{"type":"string"},"description":"A list of reviews (review id values) that are reassigned to the new reviewer.\n"},"reviewerId":{"type":"string","description":"The Okta user id of the new reviewer.\n"},"reviewerLevel":{"type":"string","description":"Identifies the reviewer level of each reviews during access certification. Applicable for multi level campaigns only.\n"}},"requiredInputs":["campaignId","note","reviewIds","reviewerId"],"stateInputs":{"description":"Input properties used for looking up and filtering Review resources.\n","properties":{"campaignId":{"type":"string","description":"The id of the campaign.\n"},"created":{"type":"string","description":"The ISO 8601 formatted date and time when the resource was created"},"createdBy":{"type":"string","description":"The id of user who created the resource."},"decision":{"type":"string","description":"The decision of the reviewer."},"lastUpdated":{"type":"string","description":"The ISO 8601 formatted date and time when the object was last updated."},"lastUpdatedBy":{"type":"string","description":"The id of user who last updated the object."},"note":{"type":"string","description":"A note to justify the reassignment decision for the specified review.\n"},"resourceId":{"type":"string"},"reviewIds":{"type":"array","items":{"type":"string"},"description":"A list of reviews (review id values) that are reassigned to the new reviewer.\n"},"reviewerId":{"type":"string","description":"The Okta user id of the new reviewer.\n"},"reviewerLevel":{"type":"string","description":"Identifies the reviewer level of each reviews during access certification. Applicable for multi level campaigns only.\n"},"reviewerType":{"type":"string","description":"The type of reviewer to which the review is assigned."}},"type":"object"}},"okta:index/roleSubscription:RoleSubscription":{"description":"Manages group subscription.\n\t\t\nThis resource allows you to configure subscriptions of a Role with a specific type. \nCheck [configure email notifications](https://help.okta.com/oie/en-us/Content/Topics/Security/custom-admin-role/administrator-email-settings.htm) \npage regarding what notifications are available for specific admin roles.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst test = new okta.RoleSubscription(\"test\", {\n    roleType: \"SUPER_ADMIN\",\n    notificationType: \"APP_IMPORT\",\n    status: \"unsubscribed\",\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\ntest = okta.RoleSubscription(\"test\",\n    role_type=\"SUPER_ADMIN\",\n    notification_type=\"APP_IMPORT\",\n    status=\"unsubscribed\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var test = new Okta.RoleSubscription(\"test\", new()\n    {\n        RoleType = \"SUPER_ADMIN\",\n        NotificationType = \"APP_IMPORT\",\n        Status = \"unsubscribed\",\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := okta.NewRoleSubscription(ctx, \"test\", \u0026okta.RoleSubscriptionArgs{\n\t\t\tRoleType:         pulumi.String(\"SUPER_ADMIN\"),\n\t\t\tNotificationType: pulumi.String(\"APP_IMPORT\"),\n\t\t\tStatus:           pulumi.String(\"unsubscribed\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.RoleSubscription;\nimport com.pulumi.okta.RoleSubscriptionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        var test = new RoleSubscription(\"test\", RoleSubscriptionArgs.builder()\n            .roleType(\"SUPER_ADMIN\")\n            .notificationType(\"APP_IMPORT\")\n            .status(\"unsubscribed\")\n            .build());\n\n    }\n}\n```\n```yaml\nresources:\n  test:\n    type: okta:RoleSubscription\n    properties:\n      roleType: SUPER_ADMIN\n      notificationType: APP_IMPORT\n      status: unsubscribed\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\n```sh\n$ pulumi import okta:index/roleSubscription:RoleSubscription example \u003crole_type\u003e/\u003cnotification_type\u003e\n```\n\n","properties":{"notificationType":{"type":"string","description":"Type of the notification. Valid values: \n\t- 'CONNECTOR_AGENT' -  Disconnects and reconnects: On-prem provisioning, on-prem MFA agents, and RADIUS server agent.\n\t- 'USER_LOCKED_OUT' - User lockouts.\n\t- 'APP_IMPORT' - App user import status.\n\t- 'LDAP_AGENT' - Disconnects and reconnects: LDAP agent.\n\t- 'AD_AGENT' - Disconnects and reconnects: AD agent.\n\t- 'OKTA_ANNOUNCEMENT' - Okta release notes and announcements.\n\t- 'OKTA_UPDATE' - Scheduled system updates.\n\t- 'IWA_AGENT' - Disconnects and reconnects: IWA agent.\n\t- 'USER_DEPROVISION' - User deprovisions.\n\t- 'REPORT_SUSPICIOUS_ACTIVITY' - User reporting of suspicious activity.\n\t- 'RATELIMIT_NOTIFICATION' - Rate limit warning and violation.\n\t- 'AGENT_AUTO_UPDATE_NOTIFICATION' - Agent auto-update notifications: AD Agent."},"roleType":{"type":"string","description":"Type of the role. Valid values:\n\t'API_ADMIN',\n\t'APP_ADMIN',\n\t'CUSTOM',\n\t'GROUP_MEMBERSHIP_ADMIN',\n\t'HELP_DESK_ADMIN',\n\t'MOBILE_ADMIN',\n\t'ORG_ADMIN',\n\t'READ_ONLY_ADMIN',\n\t'REPORT_ADMIN',\n\t'SUPER_ADMIN',\n\t'USER_ADMIN'\n\t. See [API docs](https://developer.okta.com/docs/reference/api/admin-notifications/#role-types)."},"status":{"type":"string","description":"Subscription status. Valid values: \u003cspan pulumi-lang-nodejs=\"`subscribed`\" pulumi-lang-dotnet=\"`Subscribed`\" pulumi-lang-go=\"`subscribed`\" pulumi-lang-python=\"`subscribed`\" pulumi-lang-yaml=\"`subscribed`\" pulumi-lang-java=\"`subscribed`\"\u003e`subscribed`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`unsubscribed`\" pulumi-lang-dotnet=\"`Unsubscribed`\" pulumi-lang-go=\"`unsubscribed`\" pulumi-lang-python=\"`unsubscribed`\" pulumi-lang-yaml=\"`unsubscribed`\" pulumi-lang-java=\"`unsubscribed`\"\u003e`unsubscribed`\u003c/span\u003e."}},"required":["notificationType","roleType"],"inputProperties":{"notificationType":{"type":"string","description":"Type of the notification. Valid values: \n\t- 'CONNECTOR_AGENT' -  Disconnects and reconnects: On-prem provisioning, on-prem MFA agents, and RADIUS server agent.\n\t- 'USER_LOCKED_OUT' - User lockouts.\n\t- 'APP_IMPORT' - App user import status.\n\t- 'LDAP_AGENT' - Disconnects and reconnects: LDAP agent.\n\t- 'AD_AGENT' - Disconnects and reconnects: AD agent.\n\t- 'OKTA_ANNOUNCEMENT' - Okta release notes and announcements.\n\t- 'OKTA_UPDATE' - Scheduled system updates.\n\t- 'IWA_AGENT' - Disconnects and reconnects: IWA agent.\n\t- 'USER_DEPROVISION' - User deprovisions.\n\t- 'REPORT_SUSPICIOUS_ACTIVITY' - User reporting of suspicious activity.\n\t- 'RATELIMIT_NOTIFICATION' - Rate limit warning and violation.\n\t- 'AGENT_AUTO_UPDATE_NOTIFICATION' - Agent auto-update notifications: AD Agent.","willReplaceOnChanges":true},"roleType":{"type":"string","description":"Type of the role. Valid values:\n\t'API_ADMIN',\n\t'APP_ADMIN',\n\t'CUSTOM',\n\t'GROUP_MEMBERSHIP_ADMIN',\n\t'HELP_DESK_ADMIN',\n\t'MOBILE_ADMIN',\n\t'ORG_ADMIN',\n\t'READ_ONLY_ADMIN',\n\t'REPORT_ADMIN',\n\t'SUPER_ADMIN',\n\t'USER_ADMIN'\n\t. See [API docs](https://developer.okta.com/docs/reference/api/admin-notifications/#role-types).","willReplaceOnChanges":true},"status":{"type":"string","description":"Subscription status. Valid values: \u003cspan pulumi-lang-nodejs=\"`subscribed`\" pulumi-lang-dotnet=\"`Subscribed`\" pulumi-lang-go=\"`subscribed`\" pulumi-lang-python=\"`subscribed`\" pulumi-lang-yaml=\"`subscribed`\" pulumi-lang-java=\"`subscribed`\"\u003e`subscribed`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`unsubscribed`\" pulumi-lang-dotnet=\"`Unsubscribed`\" pulumi-lang-go=\"`unsubscribed`\" pulumi-lang-python=\"`unsubscribed`\" pulumi-lang-yaml=\"`unsubscribed`\" pulumi-lang-java=\"`unsubscribed`\"\u003e`unsubscribed`\u003c/span\u003e."}},"requiredInputs":["notificationType","roleType"],"stateInputs":{"description":"Input properties used for looking up and filtering RoleSubscription resources.\n","properties":{"notificationType":{"type":"string","description":"Type of the notification. Valid values: \n\t- 'CONNECTOR_AGENT' -  Disconnects and reconnects: On-prem provisioning, on-prem MFA agents, and RADIUS server agent.\n\t- 'USER_LOCKED_OUT' - User lockouts.\n\t- 'APP_IMPORT' - App user import status.\n\t- 'LDAP_AGENT' - Disconnects and reconnects: LDAP agent.\n\t- 'AD_AGENT' - Disconnects and reconnects: AD agent.\n\t- 'OKTA_ANNOUNCEMENT' - Okta release notes and announcements.\n\t- 'OKTA_UPDATE' - Scheduled system updates.\n\t- 'IWA_AGENT' - Disconnects and reconnects: IWA agent.\n\t- 'USER_DEPROVISION' - User deprovisions.\n\t- 'REPORT_SUSPICIOUS_ACTIVITY' - User reporting of suspicious activity.\n\t- 'RATELIMIT_NOTIFICATION' - Rate limit warning and violation.\n\t- 'AGENT_AUTO_UPDATE_NOTIFICATION' - Agent auto-update notifications: AD Agent.","willReplaceOnChanges":true},"roleType":{"type":"string","description":"Type of the role. Valid values:\n\t'API_ADMIN',\n\t'APP_ADMIN',\n\t'CUSTOM',\n\t'GROUP_MEMBERSHIP_ADMIN',\n\t'HELP_DESK_ADMIN',\n\t'MOBILE_ADMIN',\n\t'ORG_ADMIN',\n\t'READ_ONLY_ADMIN',\n\t'REPORT_ADMIN',\n\t'SUPER_ADMIN',\n\t'USER_ADMIN'\n\t. See [API docs](https://developer.okta.com/docs/reference/api/admin-notifications/#role-types).","willReplaceOnChanges":true},"status":{"type":"string","description":"Subscription status. Valid values: \u003cspan pulumi-lang-nodejs=\"`subscribed`\" pulumi-lang-dotnet=\"`Subscribed`\" pulumi-lang-go=\"`subscribed`\" pulumi-lang-python=\"`subscribed`\" pulumi-lang-yaml=\"`subscribed`\" pulumi-lang-java=\"`subscribed`\"\u003e`subscribed`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`unsubscribed`\" pulumi-lang-dotnet=\"`Unsubscribed`\" pulumi-lang-go=\"`unsubscribed`\" pulumi-lang-python=\"`unsubscribed`\" pulumi-lang-yaml=\"`unsubscribed`\" pulumi-lang-java=\"`unsubscribed`\"\u003e`unsubscribed`\u003c/span\u003e."}},"type":"object"}},"okta:index/securityEventsProvider:SecurityEventsProvider":{"description":"Creates and manages Security Events Provider instances for signal ingestion.\n\n## Example Usage\n\n### Security Events Provider with Well-Known URL\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst exampleWellknown = new okta.SecurityEventsProvider(\"example_wellknown\", {\n    name: \"Security Events Provider with well-known URL\",\n    type: \"okta\",\n    isEnabled: \"ACTIVE\",\n    settings: {\n        wellKnownUrl: \"https://example.com/.well-known/ssf_configuration\",\n    },\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\nexample_wellknown = okta.SecurityEventsProvider(\"example_wellknown\",\n    name=\"Security Events Provider with well-known URL\",\n    type=\"okta\",\n    is_enabled=\"ACTIVE\",\n    settings={\n        \"well_known_url\": \"https://example.com/.well-known/ssf_configuration\",\n    })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var exampleWellknown = new Okta.SecurityEventsProvider(\"example_wellknown\", new()\n    {\n        Name = \"Security Events Provider with well-known URL\",\n        Type = \"okta\",\n        IsEnabled = \"ACTIVE\",\n        Settings = new Okta.Inputs.SecurityEventsProviderSettingsArgs\n        {\n            WellKnownUrl = \"https://example.com/.well-known/ssf_configuration\",\n        },\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := okta.NewSecurityEventsProvider(ctx, \"example_wellknown\", \u0026okta.SecurityEventsProviderArgs{\n\t\t\tName:      pulumi.String(\"Security Events Provider with well-known URL\"),\n\t\t\tType:      pulumi.String(\"okta\"),\n\t\t\tIsEnabled: pulumi.String(\"ACTIVE\"),\n\t\t\tSettings: \u0026okta.SecurityEventsProviderSettingsArgs{\n\t\t\t\tWellKnownUrl: pulumi.String(\"https://example.com/.well-known/ssf_configuration\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.SecurityEventsProvider;\nimport com.pulumi.okta.SecurityEventsProviderArgs;\nimport com.pulumi.okta.inputs.SecurityEventsProviderSettingsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        var exampleWellknown = new SecurityEventsProvider(\"exampleWellknown\", SecurityEventsProviderArgs.builder()\n            .name(\"Security Events Provider with well-known URL\")\n            .type(\"okta\")\n            .isEnabled(\"ACTIVE\")\n            .settings(SecurityEventsProviderSettingsArgs.builder()\n                .wellKnownUrl(\"https://example.com/.well-known/ssf_configuration\")\n                .build())\n            .build());\n\n    }\n}\n```\n```yaml\nresources:\n  exampleWellknown:\n    type: okta:SecurityEventsProvider\n    name: example_wellknown\n    properties:\n      name: Security Events Provider with well-known URL\n      type: okta\n      isEnabled: ACTIVE\n      settings:\n        wellKnownUrl: https://example.com/.well-known/ssf_configuration\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Security Events Provider with Issuer and JWKS\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst exampleIssuer = new okta.SecurityEventsProvider(\"example_issuer\", {\n    name: \"Security Events Provider with an issuer and a JWKS URL\",\n    type: \"okta\",\n    isEnabled: \"ACTIVE\",\n    settings: {\n        issuer: \"Issuer\",\n        jwksUrl: \"https://example.okta.com/jwks/path\",\n    },\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\nexample_issuer = okta.SecurityEventsProvider(\"example_issuer\",\n    name=\"Security Events Provider with an issuer and a JWKS URL\",\n    type=\"okta\",\n    is_enabled=\"ACTIVE\",\n    settings={\n        \"issuer\": \"Issuer\",\n        \"jwks_url\": \"https://example.okta.com/jwks/path\",\n    })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var exampleIssuer = new Okta.SecurityEventsProvider(\"example_issuer\", new()\n    {\n        Name = \"Security Events Provider with an issuer and a JWKS URL\",\n        Type = \"okta\",\n        IsEnabled = \"ACTIVE\",\n        Settings = new Okta.Inputs.SecurityEventsProviderSettingsArgs\n        {\n            Issuer = \"Issuer\",\n            JwksUrl = \"https://example.okta.com/jwks/path\",\n        },\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := okta.NewSecurityEventsProvider(ctx, \"example_issuer\", \u0026okta.SecurityEventsProviderArgs{\n\t\t\tName:      pulumi.String(\"Security Events Provider with an issuer and a JWKS URL\"),\n\t\t\tType:      pulumi.String(\"okta\"),\n\t\t\tIsEnabled: pulumi.String(\"ACTIVE\"),\n\t\t\tSettings: \u0026okta.SecurityEventsProviderSettingsArgs{\n\t\t\t\tIssuer:  pulumi.String(\"Issuer\"),\n\t\t\t\tJwksUrl: pulumi.String(\"https://example.okta.com/jwks/path\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.SecurityEventsProvider;\nimport com.pulumi.okta.SecurityEventsProviderArgs;\nimport com.pulumi.okta.inputs.SecurityEventsProviderSettingsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        var exampleIssuer = new SecurityEventsProvider(\"exampleIssuer\", SecurityEventsProviderArgs.builder()\n            .name(\"Security Events Provider with an issuer and a JWKS URL\")\n            .type(\"okta\")\n            .isEnabled(\"ACTIVE\")\n            .settings(SecurityEventsProviderSettingsArgs.builder()\n                .issuer(\"Issuer\")\n                .jwksUrl(\"https://example.okta.com/jwks/path\")\n                .build())\n            .build());\n\n    }\n}\n```\n```yaml\nresources:\n  exampleIssuer:\n    type: okta:SecurityEventsProvider\n    name: example_issuer\n    properties:\n      name: Security Events Provider with an issuer and a JWKS URL\n      type: okta\n      isEnabled: ACTIVE\n      settings:\n        issuer: Issuer\n        jwksUrl: https://example.okta.com/jwks/path\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\n```sh\n$ pulumi import okta:index/securityEventsProvider:SecurityEventsProvider example \u003csecurity_events_provider_id\u003e\n```\n\n","properties":{"isEnabled":{"type":"string","description":"Whether or not the Security Events Provider is enabled. Valid values: `ACTIVE`, `INACTIVE`.\n"},"name":{"type":"string","description":"The name of the Security Events Provider instance.\n"},"settings":{"$ref":"#/types/okta:index/SecurityEventsProviderSettings:SecurityEventsProviderSettings","description":"Information about the Security Events Provider for signal ingestion."},"status":{"type":"string","description":"Indicates whether the Security Events Provider is active or not.\n"},"type":{"type":"string","description":"The application type of the Security Events Provider.\n"}},"required":["isEnabled","name","status","type"],"inputProperties":{"isEnabled":{"type":"string","description":"Whether or not the Security Events Provider is enabled. Valid values: `ACTIVE`, `INACTIVE`.\n"},"name":{"type":"string","description":"The name of the Security Events Provider instance.\n"},"settings":{"$ref":"#/types/okta:index/SecurityEventsProviderSettings:SecurityEventsProviderSettings","description":"Information about the Security Events Provider for signal ingestion."},"type":{"type":"string","description":"The application type of the Security Events Provider.\n"}},"requiredInputs":["isEnabled","type"],"stateInputs":{"description":"Input properties used for looking up and filtering SecurityEventsProvider resources.\n","properties":{"isEnabled":{"type":"string","description":"Whether or not the Security Events Provider is enabled. Valid values: `ACTIVE`, `INACTIVE`.\n"},"name":{"type":"string","description":"The name of the Security Events Provider instance.\n"},"settings":{"$ref":"#/types/okta:index/SecurityEventsProviderSettings:SecurityEventsProviderSettings","description":"Information about the Security Events Provider for signal ingestion."},"status":{"type":"string","description":"Indicates whether the Security Events Provider is active or not.\n"},"type":{"type":"string","description":"The application type of the Security Events Provider.\n"}},"type":"object"}},"okta:index/securityNotificationEmails:SecurityNotificationEmails":{"description":"Manages Security Notification Emails\n\t\tThis resource allows you to configure Security Notification Emails.\n\t\t\u003e **WARNING:** This resource is available only when using a SSWS API token in the provider config, it is incompatible with OAuth 2.0 authentication.\n\t\t\u003e **WARNING:** This resource makes use of an internal/private Okta API endpoint that could change without notice rendering this resource inoperable.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst example = new okta.SecurityNotificationEmails(\"example\", {\n    reportSuspiciousActivityEnabled: true,\n    sendEmailForFactorEnrollmentEnabled: true,\n    sendEmailForFactorResetEnabled: true,\n    sendEmailForNewDeviceEnabled: true,\n    sendEmailForPasswordChangedEnabled: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\nexample = okta.SecurityNotificationEmails(\"example\",\n    report_suspicious_activity_enabled=True,\n    send_email_for_factor_enrollment_enabled=True,\n    send_email_for_factor_reset_enabled=True,\n    send_email_for_new_device_enabled=True,\n    send_email_for_password_changed_enabled=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var example = new Okta.SecurityNotificationEmails(\"example\", new()\n    {\n        ReportSuspiciousActivityEnabled = true,\n        SendEmailForFactorEnrollmentEnabled = true,\n        SendEmailForFactorResetEnabled = true,\n        SendEmailForNewDeviceEnabled = true,\n        SendEmailForPasswordChangedEnabled = true,\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := okta.NewSecurityNotificationEmails(ctx, \"example\", \u0026okta.SecurityNotificationEmailsArgs{\n\t\t\tReportSuspiciousActivityEnabled:     pulumi.Bool(true),\n\t\t\tSendEmailForFactorEnrollmentEnabled: pulumi.Bool(true),\n\t\t\tSendEmailForFactorResetEnabled:      pulumi.Bool(true),\n\t\t\tSendEmailForNewDeviceEnabled:        pulumi.Bool(true),\n\t\t\tSendEmailForPasswordChangedEnabled:  pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.SecurityNotificationEmails;\nimport com.pulumi.okta.SecurityNotificationEmailsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        var example = new SecurityNotificationEmails(\"example\", SecurityNotificationEmailsArgs.builder()\n            .reportSuspiciousActivityEnabled(true)\n            .sendEmailForFactorEnrollmentEnabled(true)\n            .sendEmailForFactorResetEnabled(true)\n            .sendEmailForNewDeviceEnabled(true)\n            .sendEmailForPasswordChangedEnabled(true)\n            .build());\n\n    }\n}\n```\n```yaml\nresources:\n  example:\n    type: okta:SecurityNotificationEmails\n    properties:\n      reportSuspiciousActivityEnabled: true\n      sendEmailForFactorEnrollmentEnabled: true\n      sendEmailForFactorResetEnabled: true\n      sendEmailForNewDeviceEnabled: true\n      sendEmailForPasswordChangedEnabled: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\n```sh\n$ pulumi import okta:index/securityNotificationEmails:SecurityNotificationEmails example _\n```\n\n","properties":{"reportSuspiciousActivityEnabled":{"type":"boolean","description":"Notifies end users about suspicious or unrecognized activity from their account. Default is \u003cspan pulumi-lang-nodejs=\"`true`\" pulumi-lang-dotnet=\"`True`\" pulumi-lang-go=\"`true`\" pulumi-lang-python=\"`true`\" pulumi-lang-yaml=\"`true`\" pulumi-lang-java=\"`true`\"\u003e`true`\u003c/span\u003e.\n"},"sendEmailForFactorEnrollmentEnabled":{"type":"boolean","description":"Notifies end users of any activity on their account related to MFA factor enrollment. Default is \u003cspan pulumi-lang-nodejs=\"`true`\" pulumi-lang-dotnet=\"`True`\" pulumi-lang-go=\"`true`\" pulumi-lang-python=\"`true`\" pulumi-lang-yaml=\"`true`\" pulumi-lang-java=\"`true`\"\u003e`true`\u003c/span\u003e.\n"},"sendEmailForFactorResetEnabled":{"type":"boolean","description":"Notifies end users that one or more factors have been reset for their account. Default is \u003cspan pulumi-lang-nodejs=\"`true`\" pulumi-lang-dotnet=\"`True`\" pulumi-lang-go=\"`true`\" pulumi-lang-python=\"`true`\" pulumi-lang-yaml=\"`true`\" pulumi-lang-java=\"`true`\"\u003e`true`\u003c/span\u003e.\n"},"sendEmailForNewDeviceEnabled":{"type":"boolean","description":"Notifies end users about new sign-on activity. Default is \u003cspan pulumi-lang-nodejs=\"`true`\" pulumi-lang-dotnet=\"`True`\" pulumi-lang-go=\"`true`\" pulumi-lang-python=\"`true`\" pulumi-lang-yaml=\"`true`\" pulumi-lang-java=\"`true`\"\u003e`true`\u003c/span\u003e.\n"},"sendEmailForPasswordChangedEnabled":{"type":"boolean","description":"Notifies end users that the password for their account has changed. Default is \u003cspan pulumi-lang-nodejs=\"`true`\" pulumi-lang-dotnet=\"`True`\" pulumi-lang-go=\"`true`\" pulumi-lang-python=\"`true`\" pulumi-lang-yaml=\"`true`\" pulumi-lang-java=\"`true`\"\u003e`true`\u003c/span\u003e.\n"}},"inputProperties":{"reportSuspiciousActivityEnabled":{"type":"boolean","description":"Notifies end users about suspicious or unrecognized activity from their account. Default is \u003cspan pulumi-lang-nodejs=\"`true`\" pulumi-lang-dotnet=\"`True`\" pulumi-lang-go=\"`true`\" pulumi-lang-python=\"`true`\" pulumi-lang-yaml=\"`true`\" pulumi-lang-java=\"`true`\"\u003e`true`\u003c/span\u003e.\n"},"sendEmailForFactorEnrollmentEnabled":{"type":"boolean","description":"Notifies end users of any activity on their account related to MFA factor enrollment. Default is \u003cspan pulumi-lang-nodejs=\"`true`\" pulumi-lang-dotnet=\"`True`\" pulumi-lang-go=\"`true`\" pulumi-lang-python=\"`true`\" pulumi-lang-yaml=\"`true`\" pulumi-lang-java=\"`true`\"\u003e`true`\u003c/span\u003e.\n"},"sendEmailForFactorResetEnabled":{"type":"boolean","description":"Notifies end users that one or more factors have been reset for their account. Default is \u003cspan pulumi-lang-nodejs=\"`true`\" pulumi-lang-dotnet=\"`True`\" pulumi-lang-go=\"`true`\" pulumi-lang-python=\"`true`\" pulumi-lang-yaml=\"`true`\" pulumi-lang-java=\"`true`\"\u003e`true`\u003c/span\u003e.\n"},"sendEmailForNewDeviceEnabled":{"type":"boolean","description":"Notifies end users about new sign-on activity. Default is \u003cspan pulumi-lang-nodejs=\"`true`\" pulumi-lang-dotnet=\"`True`\" pulumi-lang-go=\"`true`\" pulumi-lang-python=\"`true`\" pulumi-lang-yaml=\"`true`\" pulumi-lang-java=\"`true`\"\u003e`true`\u003c/span\u003e.\n"},"sendEmailForPasswordChangedEnabled":{"type":"boolean","description":"Notifies end users that the password for their account has changed. Default is \u003cspan pulumi-lang-nodejs=\"`true`\" pulumi-lang-dotnet=\"`True`\" pulumi-lang-go=\"`true`\" pulumi-lang-python=\"`true`\" pulumi-lang-yaml=\"`true`\" pulumi-lang-java=\"`true`\"\u003e`true`\u003c/span\u003e.\n"}},"stateInputs":{"description":"Input properties used for looking up and filtering SecurityNotificationEmails resources.\n","properties":{"reportSuspiciousActivityEnabled":{"type":"boolean","description":"Notifies end users about suspicious or unrecognized activity from their account. Default is \u003cspan pulumi-lang-nodejs=\"`true`\" pulumi-lang-dotnet=\"`True`\" pulumi-lang-go=\"`true`\" pulumi-lang-python=\"`true`\" pulumi-lang-yaml=\"`true`\" pulumi-lang-java=\"`true`\"\u003e`true`\u003c/span\u003e.\n"},"sendEmailForFactorEnrollmentEnabled":{"type":"boolean","description":"Notifies end users of any activity on their account related to MFA factor enrollment. Default is \u003cspan pulumi-lang-nodejs=\"`true`\" pulumi-lang-dotnet=\"`True`\" pulumi-lang-go=\"`true`\" pulumi-lang-python=\"`true`\" pulumi-lang-yaml=\"`true`\" pulumi-lang-java=\"`true`\"\u003e`true`\u003c/span\u003e.\n"},"sendEmailForFactorResetEnabled":{"type":"boolean","description":"Notifies end users that one or more factors have been reset for their account. Default is \u003cspan pulumi-lang-nodejs=\"`true`\" pulumi-lang-dotnet=\"`True`\" pulumi-lang-go=\"`true`\" pulumi-lang-python=\"`true`\" pulumi-lang-yaml=\"`true`\" pulumi-lang-java=\"`true`\"\u003e`true`\u003c/span\u003e.\n"},"sendEmailForNewDeviceEnabled":{"type":"boolean","description":"Notifies end users about new sign-on activity. Default is \u003cspan pulumi-lang-nodejs=\"`true`\" pulumi-lang-dotnet=\"`True`\" pulumi-lang-go=\"`true`\" pulumi-lang-python=\"`true`\" pulumi-lang-yaml=\"`true`\" pulumi-lang-java=\"`true`\"\u003e`true`\u003c/span\u003e.\n"},"sendEmailForPasswordChangedEnabled":{"type":"boolean","description":"Notifies end users that the password for their account has changed. Default is \u003cspan pulumi-lang-nodejs=\"`true`\" pulumi-lang-dotnet=\"`True`\" pulumi-lang-go=\"`true`\" pulumi-lang-python=\"`true`\" pulumi-lang-yaml=\"`true`\" pulumi-lang-java=\"`true`\"\u003e`true`\u003c/span\u003e.\n"}},"type":"object"}},"okta:index/templateSms:TemplateSms":{"description":"Creates an Okta SMS Template. This resource allows you to create and configure an Okta SMS Template.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst example = new okta.TemplateSms(\"example\", {\n    type: \"SMS_VERIFY_CODE\",\n    template: \"Your ${org.name} code is: ${code}\",\n    translations: [\n        {\n            language: \"en\",\n            template: \"Your ${org.name} code is: ${code}\",\n        },\n        {\n            language: \"es\",\n            template: \"Tu código de ${org.name} es: ${code}.\",\n        },\n    ],\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\nexample = okta.TemplateSms(\"example\",\n    type=\"SMS_VERIFY_CODE\",\n    template=\"Your ${org.name} code is: ${code}\",\n    translations=[\n        {\n            \"language\": \"en\",\n            \"template\": \"Your ${org.name} code is: ${code}\",\n        },\n        {\n            \"language\": \"es\",\n            \"template\": \"Tu código de ${org.name} es: ${code}.\",\n        },\n    ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var example = new Okta.TemplateSms(\"example\", new()\n    {\n        Type = \"SMS_VERIFY_CODE\",\n        Template = \"Your ${org.name} code is: ${code}\",\n        Translations = new[]\n        {\n            new Okta.Inputs.TemplateSmsTranslationArgs\n            {\n                Language = \"en\",\n                Template = \"Your ${org.name} code is: ${code}\",\n            },\n            new Okta.Inputs.TemplateSmsTranslationArgs\n            {\n                Language = \"es\",\n                Template = \"Tu código de ${org.name} es: ${code}.\",\n            },\n        },\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := okta.NewTemplateSms(ctx, \"example\", \u0026okta.TemplateSmsArgs{\n\t\t\tType:     pulumi.String(\"SMS_VERIFY_CODE\"),\n\t\t\tTemplate: pulumi.String(\"Your ${org.name} code is: ${code}\"),\n\t\t\tTranslations: okta.TemplateSmsTranslationArray{\n\t\t\t\t\u0026okta.TemplateSmsTranslationArgs{\n\t\t\t\t\tLanguage: pulumi.String(\"en\"),\n\t\t\t\t\tTemplate: pulumi.String(\"Your ${org.name} code is: ${code}\"),\n\t\t\t\t},\n\t\t\t\t\u0026okta.TemplateSmsTranslationArgs{\n\t\t\t\t\tLanguage: pulumi.String(\"es\"),\n\t\t\t\t\tTemplate: pulumi.String(\"Tu código de ${org.name} es: ${code}.\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.TemplateSms;\nimport com.pulumi.okta.TemplateSmsArgs;\nimport com.pulumi.okta.inputs.TemplateSmsTranslationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        var example = new TemplateSms(\"example\", TemplateSmsArgs.builder()\n            .type(\"SMS_VERIFY_CODE\")\n            .template(\"Your ${org.name} code is: ${code}\")\n            .translations(            \n                TemplateSmsTranslationArgs.builder()\n                    .language(\"en\")\n                    .template(\"Your ${org.name} code is: ${code}\")\n                    .build(),\n                TemplateSmsTranslationArgs.builder()\n                    .language(\"es\")\n                    .template(\"Tu código de ${org.name} es: ${code}.\")\n                    .build())\n            .build());\n\n    }\n}\n```\n```yaml\nresources:\n  example:\n    type: okta:TemplateSms\n    properties:\n      type: SMS_VERIFY_CODE\n      template: 'Your $${org.name} code is: $${code}'\n      translations:\n        - language: en\n          template: 'Your $${org.name} code is: $${code}'\n        - language: es\n          template: 'Tu código de $${org.name} es: $${code}.'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\n```sh\n$ pulumi import okta:index/templateSms:TemplateSms example \u003ctemplate_type\u003e\n```\n\n","properties":{"template":{"type":"string","description":"SMS default template\n"},"translations":{"type":"array","items":{"$ref":"#/types/okta:index/TemplateSmsTranslation:TemplateSmsTranslation"},"description":"Set of translations for a particular template.\n"},"type":{"type":"string","description":"SMS template type\n"}},"required":["template","type"],"inputProperties":{"template":{"type":"string","description":"SMS default template\n"},"translations":{"type":"array","items":{"$ref":"#/types/okta:index/TemplateSmsTranslation:TemplateSmsTranslation"},"description":"Set of translations for a particular template.\n"},"type":{"type":"string","description":"SMS template type\n"}},"requiredInputs":["template","type"],"stateInputs":{"description":"Input properties used for looking up and filtering TemplateSms resources.\n","properties":{"template":{"type":"string","description":"SMS default template\n"},"translations":{"type":"array","items":{"$ref":"#/types/okta:index/TemplateSmsTranslation:TemplateSmsTranslation"},"description":"Set of translations for a particular template.\n"},"type":{"type":"string","description":"SMS template type\n"}},"type":"object"}},"okta:index/theme:Theme":{"description":"Gets, updates, a single Theme of a Brand of an Okta Organization.\n\nThis resource allows you to get and update an Okta\n[Theme](https://developer.okta.com/docs/reference/api/brands/#theme-object).\n\nThe Okta Management API does not have a true Create or Delete for a theme. Therefore, the theme resource must be imported\nfirst into the pulumi state before updates can be applied to the theme.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst test = okta.getBrands({});\n// resource has been imported into current state:\n// $ terraform import okta_theme.example \u003ctheme id\u003e\nconst example = new okta.Theme(\"example\", {\n    brandId: test.then(test =\u003e test.brands?.[0]?.id),\n    logo: \"path/to/logo.png\",\n    favicon: \"path/to/favicon.png\",\n    backgroundImage: \"path/to/background.png\",\n    primaryColorHex: \"#1662dd\",\n    secondaryColorHex: \"#ebebed\",\n    signInPageTouchPointVariant: \"OKTA_DEFAULT\",\n    endUserDashboardTouchPointVariant: \"OKTA_DEFAULT\",\n    errorPageTouchPointVariant: \"OKTA_DEFAULT\",\n    emailTemplateTouchPointVariant: \"OKTA_DEFAULT\",\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\ntest = okta.get_brands()\n# resource has been imported into current state:\n# $ terraform import okta_theme.example \u003ctheme id\u003e\nexample = okta.Theme(\"example\",\n    brand_id=test.brands[0].id,\n    logo=\"path/to/logo.png\",\n    favicon=\"path/to/favicon.png\",\n    background_image=\"path/to/background.png\",\n    primary_color_hex=\"#1662dd\",\n    secondary_color_hex=\"#ebebed\",\n    sign_in_page_touch_point_variant=\"OKTA_DEFAULT\",\n    end_user_dashboard_touch_point_variant=\"OKTA_DEFAULT\",\n    error_page_touch_point_variant=\"OKTA_DEFAULT\",\n    email_template_touch_point_variant=\"OKTA_DEFAULT\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var test = Okta.GetBrands.Invoke();\n\n    // resource has been imported into current state:\n    // $ terraform import okta_theme.example \u003ctheme id\u003e\n    var example = new Okta.Theme(\"example\", new()\n    {\n        BrandId = test.Apply(getBrandsResult =\u003e getBrandsResult.Brands[0]?.Id),\n        Logo = \"path/to/logo.png\",\n        Favicon = \"path/to/favicon.png\",\n        BackgroundImage = \"path/to/background.png\",\n        PrimaryColorHex = \"#1662dd\",\n        SecondaryColorHex = \"#ebebed\",\n        SignInPageTouchPointVariant = \"OKTA_DEFAULT\",\n        EndUserDashboardTouchPointVariant = \"OKTA_DEFAULT\",\n        ErrorPageTouchPointVariant = \"OKTA_DEFAULT\",\n        EmailTemplateTouchPointVariant = \"OKTA_DEFAULT\",\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttest, err := okta.GetBrands(ctx, map[string]interface{}{}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// resource has been imported into current state:\n\t\t// $ terraform import okta_theme.example \u003ctheme id\u003e\n\t\t_, err = okta.NewTheme(ctx, \"example\", \u0026okta.ThemeArgs{\n\t\t\tBrandId:                           pulumi.String(test.Brands[0].Id),\n\t\t\tLogo:                              pulumi.String(\"path/to/logo.png\"),\n\t\t\tFavicon:                           pulumi.String(\"path/to/favicon.png\"),\n\t\t\tBackgroundImage:                   pulumi.String(\"path/to/background.png\"),\n\t\t\tPrimaryColorHex:                   pulumi.String(\"#1662dd\"),\n\t\t\tSecondaryColorHex:                 pulumi.String(\"#ebebed\"),\n\t\t\tSignInPageTouchPointVariant:       pulumi.String(\"OKTA_DEFAULT\"),\n\t\t\tEndUserDashboardTouchPointVariant: pulumi.String(\"OKTA_DEFAULT\"),\n\t\t\tErrorPageTouchPointVariant:        pulumi.String(\"OKTA_DEFAULT\"),\n\t\t\tEmailTemplateTouchPointVariant:    pulumi.String(\"OKTA_DEFAULT\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.OktaFunctions;\nimport com.pulumi.okta.Theme;\nimport com.pulumi.okta.ThemeArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        final var test = OktaFunctions.getBrands(%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference);\n\n        // resource has been imported into current state:\n        // $ terraform import okta_theme.example \u003ctheme id\u003e\n        var example = new Theme(\"example\", ThemeArgs.builder()\n            .brandId(test.brands()[0].id())\n            .logo(\"path/to/logo.png\")\n            .favicon(\"path/to/favicon.png\")\n            .backgroundImage(\"path/to/background.png\")\n            .primaryColorHex(\"#1662dd\")\n            .secondaryColorHex(\"#ebebed\")\n            .signInPageTouchPointVariant(\"OKTA_DEFAULT\")\n            .endUserDashboardTouchPointVariant(\"OKTA_DEFAULT\")\n            .errorPageTouchPointVariant(\"OKTA_DEFAULT\")\n            .emailTemplateTouchPointVariant(\"OKTA_DEFAULT\")\n            .build());\n\n    }\n}\n```\n```yaml\nresources:\n  # resource has been imported into current state:\n  # $ terraform import okta_theme.example \u003ctheme id\u003e\n  example:\n    type: okta:Theme\n    properties:\n      brandId: ${test.brands[0].id}\n      logo: path/to/logo.png\n      favicon: path/to/favicon.png\n      backgroundImage: path/to/background.png\n      primaryColorHex: '#1662dd'\n      secondaryColorHex: '#ebebed'\n      signInPageTouchPointVariant: OKTA_DEFAULT\n      endUserDashboardTouchPointVariant: OKTA_DEFAULT\n      errorPageTouchPointVariant: OKTA_DEFAULT\n      emailTemplateTouchPointVariant: OKTA_DEFAULT\nvariables:\n  test:\n    fn::invoke:\n      function: okta:getBrands\n      arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\n```sh\n$ pulumi import okta:index/theme:Theme example \u003cbrand_id\u003e/\u003ctheme_id\u003e\n```\n\n","properties":{"backgroundImage":{"type":"string","description":"Path to local file\n"},"backgroundImageUrl":{"type":"string","description":"Background image URL\n"},"brandId":{"type":"string","description":"Brand ID\n"},"emailTemplateTouchPointVariant":{"type":"string","description":"Variant for email templates (`OKTA_DEFAULT`, `FULL_THEME`)\n"},"endUserDashboardTouchPointVariant":{"type":"string","description":"Variant for the Okta End-User Dashboard (`OKTA_DEFAULT`, `WHITE_LOGO_BACKGROUND`, `FULL_THEME`, `LOGO_ON_FULL_WHITE_BACKGROUND`)\n"},"errorPageTouchPointVariant":{"type":"string","description":"Variant for the error page (`OKTA_DEFAULT`, `BACKGROUND_SECONDARY_COLOR`, `BACKGROUND_IMAGE`)\n"},"favicon":{"type":"string","description":"Path to local file\n"},"faviconUrl":{"type":"string","description":"Favicon URL\n"},"links":{"type":"string","description":"Link relations for this object - JSON HAL - Discoverable resources related to the email template\n"},"logo":{"type":"string","description":"Path to local file\n"},"logoUrl":{"type":"string","description":"Logo URL\n"},"primaryColorContrastHex":{"type":"string","description":"Primary color contrast hex code\n"},"primaryColorHex":{"type":"string","description":"Primary color hex code\n"},"secondaryColorContrastHex":{"type":"string","description":"Secondary color contrast hex code\n"},"secondaryColorHex":{"type":"string","description":"Secondary color hex code\n"},"signInPageTouchPointVariant":{"type":"string","description":"Variant for the Okta Sign-In Page (`OKTA_DEFAULT`, `BACKGROUND_SECONDARY_COLOR`, `BACKGROUND_IMAGE`)\n"},"themeId":{"type":"string","description":"Theme ID - Note: Okta API for theme only reads and updates therefore the okta*theme resource needs to act as a quasi data source. Do this by setting theme*id.\n"}},"required":["backgroundImageUrl","brandId","faviconUrl","links","logoUrl"],"inputProperties":{"backgroundImage":{"type":"string","description":"Path to local file\n"},"brandId":{"type":"string","description":"Brand ID\n"},"emailTemplateTouchPointVariant":{"type":"string","description":"Variant for email templates (`OKTA_DEFAULT`, `FULL_THEME`)\n"},"endUserDashboardTouchPointVariant":{"type":"string","description":"Variant for the Okta End-User Dashboard (`OKTA_DEFAULT`, `WHITE_LOGO_BACKGROUND`, `FULL_THEME`, `LOGO_ON_FULL_WHITE_BACKGROUND`)\n"},"errorPageTouchPointVariant":{"type":"string","description":"Variant for the error page (`OKTA_DEFAULT`, `BACKGROUND_SECONDARY_COLOR`, `BACKGROUND_IMAGE`)\n"},"favicon":{"type":"string","description":"Path to local file\n"},"logo":{"type":"string","description":"Path to local file\n"},"primaryColorContrastHex":{"type":"string","description":"Primary color contrast hex code\n"},"primaryColorHex":{"type":"string","description":"Primary color hex code\n"},"secondaryColorContrastHex":{"type":"string","description":"Secondary color contrast hex code\n"},"secondaryColorHex":{"type":"string","description":"Secondary color hex code\n"},"signInPageTouchPointVariant":{"type":"string","description":"Variant for the Okta Sign-In Page (`OKTA_DEFAULT`, `BACKGROUND_SECONDARY_COLOR`, `BACKGROUND_IMAGE`)\n"},"themeId":{"type":"string","description":"Theme ID - Note: Okta API for theme only reads and updates therefore the okta*theme resource needs to act as a quasi data source. Do this by setting theme*id.\n"}},"requiredInputs":["brandId"],"stateInputs":{"description":"Input properties used for looking up and filtering Theme resources.\n","properties":{"backgroundImage":{"type":"string","description":"Path to local file\n"},"backgroundImageUrl":{"type":"string","description":"Background image URL\n"},"brandId":{"type":"string","description":"Brand ID\n"},"emailTemplateTouchPointVariant":{"type":"string","description":"Variant for email templates (`OKTA_DEFAULT`, `FULL_THEME`)\n"},"endUserDashboardTouchPointVariant":{"type":"string","description":"Variant for the Okta End-User Dashboard (`OKTA_DEFAULT`, `WHITE_LOGO_BACKGROUND`, `FULL_THEME`, `LOGO_ON_FULL_WHITE_BACKGROUND`)\n"},"errorPageTouchPointVariant":{"type":"string","description":"Variant for the error page (`OKTA_DEFAULT`, `BACKGROUND_SECONDARY_COLOR`, `BACKGROUND_IMAGE`)\n"},"favicon":{"type":"string","description":"Path to local file\n"},"faviconUrl":{"type":"string","description":"Favicon URL\n"},"links":{"type":"string","description":"Link relations for this object - JSON HAL - Discoverable resources related to the email template\n"},"logo":{"type":"string","description":"Path to local file\n"},"logoUrl":{"type":"string","description":"Logo URL\n"},"primaryColorContrastHex":{"type":"string","description":"Primary color contrast hex code\n"},"primaryColorHex":{"type":"string","description":"Primary color hex code\n"},"secondaryColorContrastHex":{"type":"string","description":"Secondary color contrast hex code\n"},"secondaryColorHex":{"type":"string","description":"Secondary color hex code\n"},"signInPageTouchPointVariant":{"type":"string","description":"Variant for the Okta Sign-In Page (`OKTA_DEFAULT`, `BACKGROUND_SECONDARY_COLOR`, `BACKGROUND_IMAGE`)\n"},"themeId":{"type":"string","description":"Theme ID - Note: Okta API for theme only reads and updates therefore the okta*theme resource needs to act as a quasi data source. Do this by setting theme*id.\n"}},"type":"object"}},"okta:index/threatInsightSettings:ThreatInsightSettings":{"description":"Manages Okta Threat Insight Settings. This resource allows you to configure Threat Insight Settings.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst ipNetworkZoneExample = new okta.network.Zone(\"ip_network_zone_example\", {\n    name: \"example\",\n    type: \"IP\",\n    gateways: [\n        \"1.2.3.4/24\",\n        \"2.3.4.5-2.3.4.15\",\n    ],\n    proxies: [\n        \"2.2.3.4/24\",\n        \"3.3.4.5-3.3.4.15\",\n    ],\n});\nconst example = new okta.ThreatInsightSettings(\"example\", {\n    action: \"block\",\n    networkExcludes: [ipNetworkZoneExample.id],\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\nip_network_zone_example = okta.network.Zone(\"ip_network_zone_example\",\n    name=\"example\",\n    type=\"IP\",\n    gateways=[\n        \"1.2.3.4/24\",\n        \"2.3.4.5-2.3.4.15\",\n    ],\n    proxies=[\n        \"2.2.3.4/24\",\n        \"3.3.4.5-3.3.4.15\",\n    ])\nexample = okta.ThreatInsightSettings(\"example\",\n    action=\"block\",\n    network_excludes=[ip_network_zone_example.id])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var ipNetworkZoneExample = new Okta.Network.Zone(\"ip_network_zone_example\", new()\n    {\n        Name = \"example\",\n        Type = \"IP\",\n        Gateways = new[]\n        {\n            \"1.2.3.4/24\",\n            \"2.3.4.5-2.3.4.15\",\n        },\n        Proxies = new[]\n        {\n            \"2.2.3.4/24\",\n            \"3.3.4.5-3.3.4.15\",\n        },\n    });\n\n    var example = new Okta.ThreatInsightSettings(\"example\", new()\n    {\n        Action = \"block\",\n        NetworkExcludes = new[]\n        {\n            ipNetworkZoneExample.Id,\n        },\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta\"\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta/network\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tipNetworkZoneExample, err := network.NewZone(ctx, \"ip_network_zone_example\", \u0026network.ZoneArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tType: pulumi.String(\"IP\"),\n\t\t\tGateways: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"1.2.3.4/24\"),\n\t\t\t\tpulumi.String(\"2.3.4.5-2.3.4.15\"),\n\t\t\t},\n\t\t\tProxies: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"2.2.3.4/24\"),\n\t\t\t\tpulumi.String(\"3.3.4.5-3.3.4.15\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = okta.NewThreatInsightSettings(ctx, \"example\", \u0026okta.ThreatInsightSettingsArgs{\n\t\t\tAction: pulumi.String(\"block\"),\n\t\t\tNetworkExcludes: pulumi.StringArray{\n\t\t\t\tipNetworkZoneExample.ID(),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.network.Zone;\nimport com.pulumi.okta.network.ZoneArgs;\nimport com.pulumi.okta.ThreatInsightSettings;\nimport com.pulumi.okta.ThreatInsightSettingsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        var ipNetworkZoneExample = new Zone(\"ipNetworkZoneExample\", ZoneArgs.builder()\n            .name(\"example\")\n            .type(\"IP\")\n            .gateways(            \n                \"1.2.3.4/24\",\n                \"2.3.4.5-2.3.4.15\")\n            .proxies(            \n                \"2.2.3.4/24\",\n                \"3.3.4.5-3.3.4.15\")\n            .build());\n\n        var example = new ThreatInsightSettings(\"example\", ThreatInsightSettingsArgs.builder()\n            .action(\"block\")\n            .networkExcludes(ipNetworkZoneExample.id())\n            .build());\n\n    }\n}\n```\n```yaml\nresources:\n  ipNetworkZoneExample:\n    type: okta:network:Zone\n    name: ip_network_zone_example\n    properties:\n      name: example\n      type: IP\n      gateways:\n        - 1.2.3.4/24\n        - 2.3.4.5-2.3.4.15\n      proxies:\n        - 2.2.3.4/24\n        - 3.3.4.5-3.3.4.15\n  example:\n    type: okta:ThreatInsightSettings\n    properties:\n      action: block\n      networkExcludes:\n        - ${ipNetworkZoneExample.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\n```sh\n$ pulumi import okta:index/threatInsightSettings:ThreatInsightSettings example _\n```\n\n","properties":{"action":{"type":"string","description":"Specifies how Okta responds to authentication requests from suspicious IPs. Valid values are \u003cspan pulumi-lang-nodejs=\"`none`\" pulumi-lang-dotnet=\"`None`\" pulumi-lang-go=\"`none`\" pulumi-lang-python=\"`none`\" pulumi-lang-yaml=\"`none`\" pulumi-lang-java=\"`none`\"\u003e`none`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`audit`\" pulumi-lang-dotnet=\"`Audit`\" pulumi-lang-go=\"`audit`\" pulumi-lang-python=\"`audit`\" pulumi-lang-yaml=\"`audit`\" pulumi-lang-java=\"`audit`\"\u003e`audit`\u003c/span\u003e, or \u003cspan pulumi-lang-nodejs=\"`block`\" pulumi-lang-dotnet=\"`Block`\" pulumi-lang-go=\"`block`\" pulumi-lang-python=\"`block`\" pulumi-lang-yaml=\"`block`\" pulumi-lang-java=\"`block`\"\u003e`block`\u003c/span\u003e. A value of \u003cspan pulumi-lang-nodejs=\"`none`\" pulumi-lang-dotnet=\"`None`\" pulumi-lang-go=\"`none`\" pulumi-lang-python=\"`none`\" pulumi-lang-yaml=\"`none`\" pulumi-lang-java=\"`none`\"\u003e`none`\u003c/span\u003e indicates that ThreatInsight is disabled. A value of \u003cspan pulumi-lang-nodejs=\"`audit`\" pulumi-lang-dotnet=\"`Audit`\" pulumi-lang-go=\"`audit`\" pulumi-lang-python=\"`audit`\" pulumi-lang-yaml=\"`audit`\" pulumi-lang-java=\"`audit`\"\u003e`audit`\u003c/span\u003e indicates that Okta logs suspicious requests in the System Log. A value of \u003cspan pulumi-lang-nodejs=\"`block`\" pulumi-lang-dotnet=\"`Block`\" pulumi-lang-go=\"`block`\" pulumi-lang-python=\"`block`\" pulumi-lang-yaml=\"`block`\" pulumi-lang-java=\"`block`\"\u003e`block`\u003c/span\u003e indicates that Okta logs suspicious requests in the System Log and blocks the requests.\n"},"networkExcludes":{"type":"array","items":{"type":"string"},"description":"Accepts a list of Network Zone IDs. Can only accept zones of `IP` type. IPs in the excluded Network Zones aren't logged or blocked by Okta ThreatInsight and proceed to Sign On rules evaluation. This ensures that traffic from known, trusted IPs isn't accidentally logged or blocked. The ordering of the network zone is not guarantee from the API sides\n"}},"required":["action"],"inputProperties":{"action":{"type":"string","description":"Specifies how Okta responds to authentication requests from suspicious IPs. Valid values are \u003cspan pulumi-lang-nodejs=\"`none`\" pulumi-lang-dotnet=\"`None`\" pulumi-lang-go=\"`none`\" pulumi-lang-python=\"`none`\" pulumi-lang-yaml=\"`none`\" pulumi-lang-java=\"`none`\"\u003e`none`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`audit`\" pulumi-lang-dotnet=\"`Audit`\" pulumi-lang-go=\"`audit`\" pulumi-lang-python=\"`audit`\" pulumi-lang-yaml=\"`audit`\" pulumi-lang-java=\"`audit`\"\u003e`audit`\u003c/span\u003e, or \u003cspan pulumi-lang-nodejs=\"`block`\" pulumi-lang-dotnet=\"`Block`\" pulumi-lang-go=\"`block`\" pulumi-lang-python=\"`block`\" pulumi-lang-yaml=\"`block`\" pulumi-lang-java=\"`block`\"\u003e`block`\u003c/span\u003e. A value of \u003cspan pulumi-lang-nodejs=\"`none`\" pulumi-lang-dotnet=\"`None`\" pulumi-lang-go=\"`none`\" pulumi-lang-python=\"`none`\" pulumi-lang-yaml=\"`none`\" pulumi-lang-java=\"`none`\"\u003e`none`\u003c/span\u003e indicates that ThreatInsight is disabled. A value of \u003cspan pulumi-lang-nodejs=\"`audit`\" pulumi-lang-dotnet=\"`Audit`\" pulumi-lang-go=\"`audit`\" pulumi-lang-python=\"`audit`\" pulumi-lang-yaml=\"`audit`\" pulumi-lang-java=\"`audit`\"\u003e`audit`\u003c/span\u003e indicates that Okta logs suspicious requests in the System Log. A value of \u003cspan pulumi-lang-nodejs=\"`block`\" pulumi-lang-dotnet=\"`Block`\" pulumi-lang-go=\"`block`\" pulumi-lang-python=\"`block`\" pulumi-lang-yaml=\"`block`\" pulumi-lang-java=\"`block`\"\u003e`block`\u003c/span\u003e indicates that Okta logs suspicious requests in the System Log and blocks the requests.\n"},"networkExcludes":{"type":"array","items":{"type":"string"},"description":"Accepts a list of Network Zone IDs. Can only accept zones of `IP` type. IPs in the excluded Network Zones aren't logged or blocked by Okta ThreatInsight and proceed to Sign On rules evaluation. This ensures that traffic from known, trusted IPs isn't accidentally logged or blocked. The ordering of the network zone is not guarantee from the API sides\n"}},"requiredInputs":["action"],"stateInputs":{"description":"Input properties used for looking up and filtering ThreatInsightSettings resources.\n","properties":{"action":{"type":"string","description":"Specifies how Okta responds to authentication requests from suspicious IPs. Valid values are \u003cspan pulumi-lang-nodejs=\"`none`\" pulumi-lang-dotnet=\"`None`\" pulumi-lang-go=\"`none`\" pulumi-lang-python=\"`none`\" pulumi-lang-yaml=\"`none`\" pulumi-lang-java=\"`none`\"\u003e`none`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`audit`\" pulumi-lang-dotnet=\"`Audit`\" pulumi-lang-go=\"`audit`\" pulumi-lang-python=\"`audit`\" pulumi-lang-yaml=\"`audit`\" pulumi-lang-java=\"`audit`\"\u003e`audit`\u003c/span\u003e, or \u003cspan pulumi-lang-nodejs=\"`block`\" pulumi-lang-dotnet=\"`Block`\" pulumi-lang-go=\"`block`\" pulumi-lang-python=\"`block`\" pulumi-lang-yaml=\"`block`\" pulumi-lang-java=\"`block`\"\u003e`block`\u003c/span\u003e. A value of \u003cspan pulumi-lang-nodejs=\"`none`\" pulumi-lang-dotnet=\"`None`\" pulumi-lang-go=\"`none`\" pulumi-lang-python=\"`none`\" pulumi-lang-yaml=\"`none`\" pulumi-lang-java=\"`none`\"\u003e`none`\u003c/span\u003e indicates that ThreatInsight is disabled. A value of \u003cspan pulumi-lang-nodejs=\"`audit`\" pulumi-lang-dotnet=\"`Audit`\" pulumi-lang-go=\"`audit`\" pulumi-lang-python=\"`audit`\" pulumi-lang-yaml=\"`audit`\" pulumi-lang-java=\"`audit`\"\u003e`audit`\u003c/span\u003e indicates that Okta logs suspicious requests in the System Log. A value of \u003cspan pulumi-lang-nodejs=\"`block`\" pulumi-lang-dotnet=\"`Block`\" pulumi-lang-go=\"`block`\" pulumi-lang-python=\"`block`\" pulumi-lang-yaml=\"`block`\" pulumi-lang-java=\"`block`\"\u003e`block`\u003c/span\u003e indicates that Okta logs suspicious requests in the System Log and blocks the requests.\n"},"networkExcludes":{"type":"array","items":{"type":"string"},"description":"Accepts a list of Network Zone IDs. Can only accept zones of `IP` type. IPs in the excluded Network Zones aren't logged or blocked by Okta ThreatInsight and proceed to Sign On rules evaluation. This ensures that traffic from known, trusted IPs isn't accidentally logged or blocked. The ordering of the network zone is not guarantee from the API sides\n"}},"type":"object"}},"okta:index/trustedServer:TrustedServer":{"description":"Associated (Trusted) authorization servers allow you to designate a trusted authorization server that you associate with another authorization server.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst test1 = new okta.auth.Server(\"test1\", {\n    audiences: [\"whatever.rise.zone\"],\n    credentialsRotationMode: \"AUTO\",\n    description: \"The best way to find out if you can trust somebody is to trust them.\",\n    name: \"testAcc-replace_with_uuid\",\n});\nconst test2 = new okta.auth.Server(\"test2\", {\n    audiences: [\"whatever.rise.zone\"],\n    credentialsRotationMode: \"AUTO\",\n    description: \"The best way to find out if you can trust somebody is to trust them.\",\n    name: \"testAcc-replace_with_uuid\",\n});\nconst test3 = new okta.auth.Server(\"test3\", {\n    audiences: [\"whatever.rise.zone\"],\n    credentialsRotationMode: \"AUTO\",\n    description: \"The best way to find out if you can trust somebody is to trust them.\",\n    name: \"testAcc-replace_with_uuid\",\n});\nconst example = new okta.TrustedServer(\"example\", {\n    authServerId: oktaAuthServer.test1.id,\n    trusteds: [\n        oktaAuthServer.test2.id,\n        oktaAuthServer.test3.id,\n    ],\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\ntest1 = okta.auth.Server(\"test1\",\n    audiences=[\"whatever.rise.zone\"],\n    credentials_rotation_mode=\"AUTO\",\n    description=\"The best way to find out if you can trust somebody is to trust them.\",\n    name=\"testAcc-replace_with_uuid\")\ntest2 = okta.auth.Server(\"test2\",\n    audiences=[\"whatever.rise.zone\"],\n    credentials_rotation_mode=\"AUTO\",\n    description=\"The best way to find out if you can trust somebody is to trust them.\",\n    name=\"testAcc-replace_with_uuid\")\ntest3 = okta.auth.Server(\"test3\",\n    audiences=[\"whatever.rise.zone\"],\n    credentials_rotation_mode=\"AUTO\",\n    description=\"The best way to find out if you can trust somebody is to trust them.\",\n    name=\"testAcc-replace_with_uuid\")\nexample = okta.TrustedServer(\"example\",\n    auth_server_id=okta_auth_server[\"test1\"][\"id\"],\n    trusteds=[\n        okta_auth_server[\"test2\"][\"id\"],\n        okta_auth_server[\"test3\"][\"id\"],\n    ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var test1 = new Okta.Auth.Server(\"test1\", new()\n    {\n        Audiences = new[]\n        {\n            \"whatever.rise.zone\",\n        },\n        CredentialsRotationMode = \"AUTO\",\n        Description = \"The best way to find out if you can trust somebody is to trust them.\",\n        Name = \"testAcc-replace_with_uuid\",\n    });\n\n    var test2 = new Okta.Auth.Server(\"test2\", new()\n    {\n        Audiences = new[]\n        {\n            \"whatever.rise.zone\",\n        },\n        CredentialsRotationMode = \"AUTO\",\n        Description = \"The best way to find out if you can trust somebody is to trust them.\",\n        Name = \"testAcc-replace_with_uuid\",\n    });\n\n    var test3 = new Okta.Auth.Server(\"test3\", new()\n    {\n        Audiences = new[]\n        {\n            \"whatever.rise.zone\",\n        },\n        CredentialsRotationMode = \"AUTO\",\n        Description = \"The best way to find out if you can trust somebody is to trust them.\",\n        Name = \"testAcc-replace_with_uuid\",\n    });\n\n    var example = new Okta.TrustedServer(\"example\", new()\n    {\n        AuthServerId = oktaAuthServer.Test1.Id,\n        Trusteds = new[]\n        {\n            oktaAuthServer.Test2.Id,\n            oktaAuthServer.Test3.Id,\n        },\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta\"\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta/auth\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := auth.NewServer(ctx, \"test1\", \u0026auth.ServerArgs{\n\t\t\tAudiences: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"whatever.rise.zone\"),\n\t\t\t},\n\t\t\tCredentialsRotationMode: pulumi.String(\"AUTO\"),\n\t\t\tDescription:             pulumi.String(\"The best way to find out if you can trust somebody is to trust them.\"),\n\t\t\tName:                    pulumi.String(\"testAcc-replace_with_uuid\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = auth.NewServer(ctx, \"test2\", \u0026auth.ServerArgs{\n\t\t\tAudiences: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"whatever.rise.zone\"),\n\t\t\t},\n\t\t\tCredentialsRotationMode: pulumi.String(\"AUTO\"),\n\t\t\tDescription:             pulumi.String(\"The best way to find out if you can trust somebody is to trust them.\"),\n\t\t\tName:                    pulumi.String(\"testAcc-replace_with_uuid\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = auth.NewServer(ctx, \"test3\", \u0026auth.ServerArgs{\n\t\t\tAudiences: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"whatever.rise.zone\"),\n\t\t\t},\n\t\t\tCredentialsRotationMode: pulumi.String(\"AUTO\"),\n\t\t\tDescription:             pulumi.String(\"The best way to find out if you can trust somebody is to trust them.\"),\n\t\t\tName:                    pulumi.String(\"testAcc-replace_with_uuid\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = okta.NewTrustedServer(ctx, \"example\", \u0026okta.TrustedServerArgs{\n\t\t\tAuthServerId: pulumi.Any(oktaAuthServer.Test1.Id),\n\t\t\tTrusteds: pulumi.StringArray{\n\t\t\t\toktaAuthServer.Test2.Id,\n\t\t\t\toktaAuthServer.Test3.Id,\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.auth.Server;\nimport com.pulumi.okta.auth.ServerArgs;\nimport com.pulumi.okta.TrustedServer;\nimport com.pulumi.okta.TrustedServerArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        var test1 = new Server(\"test1\", ServerArgs.builder()\n            .audiences(\"whatever.rise.zone\")\n            .credentialsRotationMode(\"AUTO\")\n            .description(\"The best way to find out if you can trust somebody is to trust them.\")\n            .name(\"testAcc-replace_with_uuid\")\n            .build());\n\n        var test2 = new Server(\"test2\", ServerArgs.builder()\n            .audiences(\"whatever.rise.zone\")\n            .credentialsRotationMode(\"AUTO\")\n            .description(\"The best way to find out if you can trust somebody is to trust them.\")\n            .name(\"testAcc-replace_with_uuid\")\n            .build());\n\n        var test3 = new Server(\"test3\", ServerArgs.builder()\n            .audiences(\"whatever.rise.zone\")\n            .credentialsRotationMode(\"AUTO\")\n            .description(\"The best way to find out if you can trust somebody is to trust them.\")\n            .name(\"testAcc-replace_with_uuid\")\n            .build());\n\n        var example = new TrustedServer(\"example\", TrustedServerArgs.builder()\n            .authServerId(oktaAuthServer.test1().id())\n            .trusteds(            \n                oktaAuthServer.test2().id(),\n                oktaAuthServer.test3().id())\n            .build());\n\n    }\n}\n```\n```yaml\nresources:\n  test1:\n    type: okta:auth:Server\n    properties:\n      audiences:\n        - whatever.rise.zone\n      credentialsRotationMode: AUTO\n      description: The best way to find out if you can trust somebody is to trust them.\n      name: testAcc-replace_with_uuid\n  test2:\n    type: okta:auth:Server\n    properties:\n      audiences:\n        - whatever.rise.zone\n      credentialsRotationMode: AUTO\n      description: The best way to find out if you can trust somebody is to trust them.\n      name: testAcc-replace_with_uuid\n  test3:\n    type: okta:auth:Server\n    properties:\n      audiences:\n        - whatever.rise.zone\n      credentialsRotationMode: AUTO\n      description: The best way to find out if you can trust somebody is to trust them.\n      name: testAcc-replace_with_uuid\n  example:\n    type: okta:TrustedServer\n    properties:\n      authServerId: ${oktaAuthServer.test1.id}\n      trusteds:\n        - ${oktaAuthServer.test2.id}\n        - ${oktaAuthServer.test3.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n","properties":{"authServerId":{"type":"string","description":"Authorization server ID\n"},"trusteds":{"type":"array","items":{"type":"string"},"description":"A list of the authorization server IDs user want to trust\n"}},"required":["authServerId","trusteds"],"inputProperties":{"authServerId":{"type":"string","description":"Authorization server ID\n"},"trusteds":{"type":"array","items":{"type":"string"},"description":"A list of the authorization server IDs user want to trust\n"}},"requiredInputs":["authServerId","trusteds"],"stateInputs":{"description":"Input properties used for looking up and filtering TrustedServer resources.\n","properties":{"authServerId":{"type":"string","description":"Authorization server ID\n"},"trusteds":{"type":"array","items":{"type":"string"},"description":"A list of the authorization server IDs user want to trust\n"}},"type":"object"}},"okta:index/uiSchema:UiSchema":{"description":"Manages UI Schema. This resource allows you to create and configure an Okta [UI Schema](https://developer.okta.com/docs/api/openapi/okta-management/management/tag/UISchema/#tag/UISchema) for form layouts and controls.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst example = new okta.UiSchema(\"example\", {uiSchema: {\n    buttonLabel: \"submit\",\n    type: \"Group\",\n    elements: [{\n        scope: \"#/properties/lastName\",\n    }],\n}});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\nexample = okta.UiSchema(\"example\", ui_schema={\n    \"button_label\": \"submit\",\n    \"type\": \"Group\",\n    \"elements\": [{\n        \"scope\": \"#/properties/lastName\",\n    }],\n})\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var example = new Okta.UiSchema(\"example\", new()\n    {\n        UiSchemaName = new Okta.Inputs.UiSchemaUiSchemaArgs\n        {\n            ButtonLabel = \"submit\",\n            Type = \"Group\",\n            Elements = new[]\n            {\n                new Okta.Inputs.UiSchemaUiSchemaElementArgs\n                {\n                    Scope = \"#/properties/lastName\",\n                },\n            },\n        },\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := okta.NewUiSchema(ctx, \"example\", \u0026okta.UiSchemaArgs{\n\t\t\tUiSchema: \u0026okta.UiSchemaUiSchemaArgs{\n\t\t\t\tButtonLabel: pulumi.String(\"submit\"),\n\t\t\t\tType:        pulumi.String(\"Group\"),\n\t\t\t\tElements: okta.UiSchemaUiSchemaElementArray{\n\t\t\t\t\t\u0026okta.UiSchemaUiSchemaElementArgs{\n\t\t\t\t\t\tScope: pulumi.String(\"#/properties/lastName\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.UiSchema;\nimport com.pulumi.okta.UiSchemaArgs;\nimport com.pulumi.okta.inputs.UiSchemaUiSchemaArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        var example = new UiSchema(\"example\", UiSchemaArgs.builder()\n            .uiSchema(UiSchemaUiSchemaArgs.builder()\n                .buttonLabel(\"submit\")\n                .type(\"Group\")\n                .elements(UiSchemaUiSchemaElementArgs.builder()\n                    .scope(\"#/properties/lastName\")\n                    .build())\n                .build())\n            .build());\n\n    }\n}\n```\n```yaml\nresources:\n  example:\n    type: okta:UiSchema\n    properties:\n      uiSchema:\n        buttonLabel: submit\n        type: Group\n        elements:\n          - scope: '#/properties/lastName'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\n```sh\n$ pulumi import okta:index/uiSchema:UiSchema example \u003cui_schema_id\u003e\n```\n\n","properties":{"uiSchema":{"$ref":"#/types/okta:index/UiSchemaUiSchema:UiSchemaUiSchema","description":"Properties of the UI schema.\n","language":{"csharp":{"name":"UiSchemaName"}}}},"inputProperties":{"uiSchema":{"$ref":"#/types/okta:index/UiSchemaUiSchema:UiSchemaUiSchema","description":"Properties of the UI schema.\n","language":{"csharp":{"name":"UiSchemaName"}}}},"stateInputs":{"description":"Input properties used for looking up and filtering UiSchema resources.\n","properties":{"uiSchema":{"$ref":"#/types/okta:index/UiSchemaUiSchema:UiSchemaUiSchema","description":"Properties of the UI schema.\n","language":{"csharp":{"name":"UiSchemaName"}}}},"type":"object"}},"okta:index/userAdminRoles:UserAdminRoles":{"description":"Resource to manage a set of administrator roles for a specific user. This resource allows you to manage admin roles for a single user, independent of the user schema itself.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst test = new okta.user.User(\"test\", {\n    firstName: \"TestAcc\",\n    lastName: \"Smith\",\n    login: \"testAcc-replace_with_uuid@example.com\",\n    email: \"testAcc-replace_with_uuid@example.com\",\n});\nconst testUserAdminRoles = new okta.UserAdminRoles(\"test\", {\n    userId: test.id,\n    adminRoles: [\"APP_ADMIN\"],\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\ntest = okta.user.User(\"test\",\n    first_name=\"TestAcc\",\n    last_name=\"Smith\",\n    login=\"testAcc-replace_with_uuid@example.com\",\n    email=\"testAcc-replace_with_uuid@example.com\")\ntest_user_admin_roles = okta.UserAdminRoles(\"test\",\n    user_id=test.id,\n    admin_roles=[\"APP_ADMIN\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var test = new Okta.User.User(\"test\", new()\n    {\n        FirstName = \"TestAcc\",\n        LastName = \"Smith\",\n        Login = \"testAcc-replace_with_uuid@example.com\",\n        Email = \"testAcc-replace_with_uuid@example.com\",\n    });\n\n    var testUserAdminRoles = new Okta.UserAdminRoles(\"test\", new()\n    {\n        UserId = test.Id,\n        AdminRoles = new[]\n        {\n            \"APP_ADMIN\",\n        },\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta\"\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta/user\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttest, err := user.NewUser(ctx, \"test\", \u0026user.UserArgs{\n\t\t\tFirstName: pulumi.String(\"TestAcc\"),\n\t\t\tLastName:  pulumi.String(\"Smith\"),\n\t\t\tLogin:     pulumi.String(\"testAcc-replace_with_uuid@example.com\"),\n\t\t\tEmail:     pulumi.String(\"testAcc-replace_with_uuid@example.com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = okta.NewUserAdminRoles(ctx, \"test\", \u0026okta.UserAdminRolesArgs{\n\t\t\tUserId: test.ID(),\n\t\t\tAdminRoles: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"APP_ADMIN\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.user.User;\nimport com.pulumi.okta.user.UserArgs;\nimport com.pulumi.okta.UserAdminRoles;\nimport com.pulumi.okta.UserAdminRolesArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        var test = new User(\"test\", UserArgs.builder()\n            .firstName(\"TestAcc\")\n            .lastName(\"Smith\")\n            .login(\"testAcc-replace_with_uuid@example.com\")\n            .email(\"testAcc-replace_with_uuid@example.com\")\n            .build());\n\n        var testUserAdminRoles = new UserAdminRoles(\"testUserAdminRoles\", UserAdminRolesArgs.builder()\n            .userId(test.id())\n            .adminRoles(\"APP_ADMIN\")\n            .build());\n\n    }\n}\n```\n```yaml\nresources:\n  test:\n    type: okta:user:User\n    properties:\n      firstName: TestAcc\n      lastName: Smith\n      login: testAcc-replace_with_uuid@example.com\n      email: testAcc-replace_with_uuid@example.com\n  testUserAdminRoles:\n    type: okta:UserAdminRoles\n    name: test\n    properties:\n      userId: ${test.id}\n      adminRoles:\n        - APP_ADMIN\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\n```sh\n$ pulumi import okta:index/userAdminRoles:UserAdminRoles example \u003cuser_id\u003e\n```\n\n","properties":{"adminRoles":{"type":"array","items":{"type":"string"},"description":"The list of Okta user admin roles, e.g. `['APP_ADMIN', 'USER_ADMIN']` See [API Docs](https://developer.okta.com/docs/api/openapi/okta-management/guides/roles/#standard-roles).\n"},"disableNotifications":{"type":"boolean","description":"When this setting is enabled, the admins won't receive any of the default Okta administrator emails. These admins also won't have access to contact Okta Support and open support cases on behalf of your org.\n"},"userId":{"type":"string","description":"ID of a Okta User\n"}},"required":["adminRoles","userId"],"inputProperties":{"adminRoles":{"type":"array","items":{"type":"string"},"description":"The list of Okta user admin roles, e.g. `['APP_ADMIN', 'USER_ADMIN']` See [API Docs](https://developer.okta.com/docs/api/openapi/okta-management/guides/roles/#standard-roles).\n"},"disableNotifications":{"type":"boolean","description":"When this setting is enabled, the admins won't receive any of the default Okta administrator emails. These admins also won't have access to contact Okta Support and open support cases on behalf of your org.\n"},"userId":{"type":"string","description":"ID of a Okta User\n","willReplaceOnChanges":true}},"requiredInputs":["adminRoles","userId"],"stateInputs":{"description":"Input properties used for looking up and filtering UserAdminRoles resources.\n","properties":{"adminRoles":{"type":"array","items":{"type":"string"},"description":"The list of Okta user admin roles, e.g. `['APP_ADMIN', 'USER_ADMIN']` See [API Docs](https://developer.okta.com/docs/api/openapi/okta-management/guides/roles/#standard-roles).\n"},"disableNotifications":{"type":"boolean","description":"When this setting is enabled, the admins won't receive any of the default Okta administrator emails. These admins also won't have access to contact Okta Support and open support cases on behalf of your org.\n"},"userId":{"type":"string","description":"ID of a Okta User\n","willReplaceOnChanges":true}},"type":"object"}},"okta:index/userBaseSchemaProperty:UserBaseSchemaProperty":{"description":"Manages a User Base Schema property. This resource allows you to configure a base user schema property.\n\n## IMPORTANT NOTE: \n\nBased on the [official documentation](https://developer.okta.com/docs/reference/api/schemas/#user-profile-base-subschema)\nbase properties can not be modified, except to update permissions, to change the nullability of `firstName` and \n`lastName` (\u003cspan pulumi-lang-nodejs=\"`required`\" pulumi-lang-dotnet=\"`Required`\" pulumi-lang-go=\"`required`\" pulumi-lang-python=\"`required`\" pulumi-lang-yaml=\"`required`\" pulumi-lang-java=\"`required`\"\u003e`required`\u003c/span\u003e property) or to specify a \u003cspan pulumi-lang-nodejs=\"`pattern`\" pulumi-lang-dotnet=\"`Pattern`\" pulumi-lang-go=\"`pattern`\" pulumi-lang-python=\"`pattern`\" pulumi-lang-yaml=\"`pattern`\" pulumi-lang-java=\"`pattern`\"\u003e`pattern`\u003c/span\u003e for \u003cspan pulumi-lang-nodejs=\"`login`\" pulumi-lang-dotnet=\"`Login`\" pulumi-lang-go=\"`login`\" pulumi-lang-python=\"`login`\" pulumi-lang-yaml=\"`login`\" pulumi-lang-java=\"`login`\"\u003e`login`\u003c/span\u003e. Currently, \u003cspan pulumi-lang-nodejs=\"`title`\" pulumi-lang-dotnet=\"`Title`\" pulumi-lang-go=\"`title`\" pulumi-lang-python=\"`title`\" pulumi-lang-yaml=\"`title`\" pulumi-lang-java=\"`title`\"\u003e`title`\u003c/span\u003e and \u003cspan pulumi-lang-nodejs=\"`type`\" pulumi-lang-dotnet=\"`Type`\" pulumi-lang-go=\"`type`\" pulumi-lang-python=\"`type`\" pulumi-lang-yaml=\"`type`\" pulumi-lang-java=\"`type`\"\u003e`type`\u003c/span\u003e are required, so\nthey should be set to the current values of the base property. This will be fixed in the future releases, as this is \na breaking change.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst example = new okta.UserBaseSchemaProperty(\"example\", {\n    index: \"firstName\",\n    title: \"First name\",\n    type: \"string\",\n    required: true,\n    master: \"OKTA\",\n    userType: exampleOktaUserType.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\nexample = okta.UserBaseSchemaProperty(\"example\",\n    index=\"firstName\",\n    title=\"First name\",\n    type=\"string\",\n    required=True,\n    master=\"OKTA\",\n    user_type=example_okta_user_type[\"id\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var example = new Okta.UserBaseSchemaProperty(\"example\", new()\n    {\n        Index = \"firstName\",\n        Title = \"First name\",\n        Type = \"string\",\n        Required = true,\n        Master = \"OKTA\",\n        UserType = exampleOktaUserType.Id,\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := okta.NewUserBaseSchemaProperty(ctx, \"example\", \u0026okta.UserBaseSchemaPropertyArgs{\n\t\t\tIndex:    pulumi.String(\"firstName\"),\n\t\t\tTitle:    pulumi.String(\"First name\"),\n\t\t\tType:     pulumi.String(\"string\"),\n\t\t\tRequired: pulumi.Bool(true),\n\t\t\tMaster:   pulumi.String(\"OKTA\"),\n\t\t\tUserType: pulumi.Any(exampleOktaUserType.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.UserBaseSchemaProperty;\nimport com.pulumi.okta.UserBaseSchemaPropertyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        var example = new UserBaseSchemaProperty(\"example\", UserBaseSchemaPropertyArgs.builder()\n            .index(\"firstName\")\n            .title(\"First name\")\n            .type(\"string\")\n            .required(true)\n            .master(\"OKTA\")\n            .userType(exampleOktaUserType.id())\n            .build());\n\n    }\n}\n```\n```yaml\nresources:\n  example:\n    type: okta:UserBaseSchemaProperty\n    properties:\n      index: firstName\n      title: First name\n      type: string\n      required: true\n      master: OKTA\n      userType: ${exampleOktaUserType.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\n### User schema property of default user type can be imported via the property index.\n\n```sh\n$ pulumi import okta:index/userBaseSchemaProperty:UserBaseSchemaProperty example \u003cproperty_name\u003e\n```\n\n### User schema property of custom user type can be imported via user type id and property index\n\n```sh\n$ pulumi import okta:index/userBaseSchemaProperty:UserBaseSchemaProperty example \u003cuser_type_id\u003e.\u003cproperty name\u003e\n```\n\n","properties":{"index":{"type":"string","description":"Subschema unique string identifier\n"},"master":{"type":"string","description":"Master priority for the user schema property. It can be set to `PROFILE_MASTER` or `OKTA`. Default: `PROFILE_MASTER`\n"},"pattern":{"type":"string","description":"The validation pattern to use for the subschema. Must be in form of '.+', or '[\\n\\n]+' if present.'\n"},"permissions":{"type":"string","description":"Access control permissions for the property. It can be set to `READ_WRITE`, `READ_ONLY`, `HIDE`. Default: `READ_ONLY`\n"},"required":{"type":"boolean","description":"Whether the subschema is required\n"},"title":{"type":"string","description":"Subschema title (display name)\n"},"type":{"type":"string","description":"The type of the schema property. It can be \u003cspan pulumi-lang-nodejs=\"`string`\" pulumi-lang-dotnet=\"`String`\" pulumi-lang-go=\"`string`\" pulumi-lang-python=\"`string`\" pulumi-lang-yaml=\"`string`\" pulumi-lang-java=\"`string`\"\u003e`string`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`boolean`\" pulumi-lang-dotnet=\"`Boolean`\" pulumi-lang-go=\"`boolean`\" pulumi-lang-python=\"`boolean`\" pulumi-lang-yaml=\"`boolean`\" pulumi-lang-java=\"`boolean`\"\u003e`boolean`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`number`\" pulumi-lang-dotnet=\"`Number`\" pulumi-lang-go=\"`number`\" pulumi-lang-python=\"`number`\" pulumi-lang-yaml=\"`number`\" pulumi-lang-java=\"`number`\"\u003e`number`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`integer`\" pulumi-lang-dotnet=\"`Integer`\" pulumi-lang-go=\"`integer`\" pulumi-lang-python=\"`integer`\" pulumi-lang-yaml=\"`integer`\" pulumi-lang-java=\"`integer`\"\u003e`integer`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`array`\" pulumi-lang-dotnet=\"`Array`\" pulumi-lang-go=\"`array`\" pulumi-lang-python=\"`array`\" pulumi-lang-yaml=\"`array`\" pulumi-lang-java=\"`array`\"\u003e`array`\u003c/span\u003e, or \u003cspan pulumi-lang-nodejs=\"`object`\" pulumi-lang-dotnet=\"`Object`\" pulumi-lang-go=\"`object`\" pulumi-lang-python=\"`object`\" pulumi-lang-yaml=\"`object`\" pulumi-lang-java=\"`object`\"\u003e`object`\u003c/span\u003e\n"},"userType":{"type":"string","description":"User type ID. By default, it is \u003cspan pulumi-lang-nodejs=\"`default`\" pulumi-lang-dotnet=\"`Default`\" pulumi-lang-go=\"`default`\" pulumi-lang-python=\"`default`\" pulumi-lang-yaml=\"`default`\" pulumi-lang-java=\"`default`\"\u003e`default`\u003c/span\u003e\n"}},"required":["index","title","type"],"inputProperties":{"index":{"type":"string","description":"Subschema unique string identifier\n","willReplaceOnChanges":true},"master":{"type":"string","description":"Master priority for the user schema property. It can be set to `PROFILE_MASTER` or `OKTA`. Default: `PROFILE_MASTER`\n"},"pattern":{"type":"string","description":"The validation pattern to use for the subschema. Must be in form of '.+', or '[\\n\\n]+' if present.'\n"},"permissions":{"type":"string","description":"Access control permissions for the property. It can be set to `READ_WRITE`, `READ_ONLY`, `HIDE`. Default: `READ_ONLY`\n"},"required":{"type":"boolean","description":"Whether the subschema is required\n"},"title":{"type":"string","description":"Subschema title (display name)\n"},"type":{"type":"string","description":"The type of the schema property. It can be \u003cspan pulumi-lang-nodejs=\"`string`\" pulumi-lang-dotnet=\"`String`\" pulumi-lang-go=\"`string`\" pulumi-lang-python=\"`string`\" pulumi-lang-yaml=\"`string`\" pulumi-lang-java=\"`string`\"\u003e`string`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`boolean`\" pulumi-lang-dotnet=\"`Boolean`\" pulumi-lang-go=\"`boolean`\" pulumi-lang-python=\"`boolean`\" pulumi-lang-yaml=\"`boolean`\" pulumi-lang-java=\"`boolean`\"\u003e`boolean`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`number`\" pulumi-lang-dotnet=\"`Number`\" pulumi-lang-go=\"`number`\" pulumi-lang-python=\"`number`\" pulumi-lang-yaml=\"`number`\" pulumi-lang-java=\"`number`\"\u003e`number`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`integer`\" pulumi-lang-dotnet=\"`Integer`\" pulumi-lang-go=\"`integer`\" pulumi-lang-python=\"`integer`\" pulumi-lang-yaml=\"`integer`\" pulumi-lang-java=\"`integer`\"\u003e`integer`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`array`\" pulumi-lang-dotnet=\"`Array`\" pulumi-lang-go=\"`array`\" pulumi-lang-python=\"`array`\" pulumi-lang-yaml=\"`array`\" pulumi-lang-java=\"`array`\"\u003e`array`\u003c/span\u003e, or \u003cspan pulumi-lang-nodejs=\"`object`\" pulumi-lang-dotnet=\"`Object`\" pulumi-lang-go=\"`object`\" pulumi-lang-python=\"`object`\" pulumi-lang-yaml=\"`object`\" pulumi-lang-java=\"`object`\"\u003e`object`\u003c/span\u003e\n","willReplaceOnChanges":true},"userType":{"type":"string","description":"User type ID. By default, it is \u003cspan pulumi-lang-nodejs=\"`default`\" pulumi-lang-dotnet=\"`Default`\" pulumi-lang-go=\"`default`\" pulumi-lang-python=\"`default`\" pulumi-lang-yaml=\"`default`\" pulumi-lang-java=\"`default`\"\u003e`default`\u003c/span\u003e\n"}},"requiredInputs":["index","title","type"],"stateInputs":{"description":"Input properties used for looking up and filtering UserBaseSchemaProperty resources.\n","properties":{"index":{"type":"string","description":"Subschema unique string identifier\n","willReplaceOnChanges":true},"master":{"type":"string","description":"Master priority for the user schema property. It can be set to `PROFILE_MASTER` or `OKTA`. Default: `PROFILE_MASTER`\n"},"pattern":{"type":"string","description":"The validation pattern to use for the subschema. Must be in form of '.+', or '[\\n\\n]+' if present.'\n"},"permissions":{"type":"string","description":"Access control permissions for the property. It can be set to `READ_WRITE`, `READ_ONLY`, `HIDE`. Default: `READ_ONLY`\n"},"required":{"type":"boolean","description":"Whether the subschema is required\n"},"title":{"type":"string","description":"Subschema title (display name)\n"},"type":{"type":"string","description":"The type of the schema property. It can be \u003cspan pulumi-lang-nodejs=\"`string`\" pulumi-lang-dotnet=\"`String`\" pulumi-lang-go=\"`string`\" pulumi-lang-python=\"`string`\" pulumi-lang-yaml=\"`string`\" pulumi-lang-java=\"`string`\"\u003e`string`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`boolean`\" pulumi-lang-dotnet=\"`Boolean`\" pulumi-lang-go=\"`boolean`\" pulumi-lang-python=\"`boolean`\" pulumi-lang-yaml=\"`boolean`\" pulumi-lang-java=\"`boolean`\"\u003e`boolean`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`number`\" pulumi-lang-dotnet=\"`Number`\" pulumi-lang-go=\"`number`\" pulumi-lang-python=\"`number`\" pulumi-lang-yaml=\"`number`\" pulumi-lang-java=\"`number`\"\u003e`number`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`integer`\" pulumi-lang-dotnet=\"`Integer`\" pulumi-lang-go=\"`integer`\" pulumi-lang-python=\"`integer`\" pulumi-lang-yaml=\"`integer`\" pulumi-lang-java=\"`integer`\"\u003e`integer`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`array`\" pulumi-lang-dotnet=\"`Array`\" pulumi-lang-go=\"`array`\" pulumi-lang-python=\"`array`\" pulumi-lang-yaml=\"`array`\" pulumi-lang-java=\"`array`\"\u003e`array`\u003c/span\u003e, or \u003cspan pulumi-lang-nodejs=\"`object`\" pulumi-lang-dotnet=\"`Object`\" pulumi-lang-go=\"`object`\" pulumi-lang-python=\"`object`\" pulumi-lang-yaml=\"`object`\" pulumi-lang-java=\"`object`\"\u003e`object`\u003c/span\u003e\n","willReplaceOnChanges":true},"userType":{"type":"string","description":"User type ID. By default, it is \u003cspan pulumi-lang-nodejs=\"`default`\" pulumi-lang-dotnet=\"`Default`\" pulumi-lang-go=\"`default`\" pulumi-lang-python=\"`default`\" pulumi-lang-yaml=\"`default`\" pulumi-lang-java=\"`default`\"\u003e`default`\u003c/span\u003e\n"}},"type":"object"}},"okta:index/userFactorQuestion:UserFactorQuestion":{"description":"Creates security question factor for a user. This resource allows you to create and configure security question factor for a user.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst exampleUser = new okta.user.User(\"example\", {\n    firstName: \"John\",\n    lastName: \"Smith\",\n    login: \"john.smith@example.com\",\n    email: \"john.smith@example.com\",\n});\nconst example = okta.getUserSecurityQuestionsOutput({\n    userId: exampleUser.id,\n});\nconst exampleFactor = new okta.factor.Factor(\"example\", {\n    providerId: \"okta_question\",\n    active: true,\n});\nconst exampleUserFactorQuestion = new okta.UserFactorQuestion(\"example\", {\n    userId: exampleUser.id,\n    key: example.apply(example =\u003e example.questions?.[0]?.key),\n    answer: \"meatball\",\n}, {\n    dependsOn: [exampleFactor],\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\nexample_user = okta.user.User(\"example\",\n    first_name=\"John\",\n    last_name=\"Smith\",\n    login=\"john.smith@example.com\",\n    email=\"john.smith@example.com\")\nexample = okta.get_user_security_questions_output(user_id=example_user.id)\nexample_factor = okta.factor.Factor(\"example\",\n    provider_id=\"okta_question\",\n    active=True)\nexample_user_factor_question = okta.UserFactorQuestion(\"example\",\n    user_id=example_user.id,\n    key=example.questions[0].key,\n    answer=\"meatball\",\n    opts = pulumi.ResourceOptions(depends_on=[example_factor]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var exampleUser = new Okta.User.User(\"example\", new()\n    {\n        FirstName = \"John\",\n        LastName = \"Smith\",\n        Login = \"john.smith@example.com\",\n        Email = \"john.smith@example.com\",\n    });\n\n    var example = Okta.GetUserSecurityQuestions.Invoke(new()\n    {\n        UserId = exampleUser.Id,\n    });\n\n    var exampleFactor = new Okta.Factor.Factor(\"example\", new()\n    {\n        ProviderId = \"okta_question\",\n        Active = true,\n    });\n\n    var exampleUserFactorQuestion = new Okta.UserFactorQuestion(\"example\", new()\n    {\n        UserId = exampleUser.Id,\n        Key = example.Apply(getUserSecurityQuestionsResult =\u003e getUserSecurityQuestionsResult.Questions[0]?.Key),\n        Answer = \"meatball\",\n    }, new CustomResourceOptions\n    {\n        DependsOn =\n        {\n            exampleFactor,\n        },\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta\"\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta/factor\"\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta/user\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleUser, err := user.NewUser(ctx, \"example\", \u0026user.UserArgs{\n\t\t\tFirstName: pulumi.String(\"John\"),\n\t\t\tLastName:  pulumi.String(\"Smith\"),\n\t\t\tLogin:     pulumi.String(\"john.smith@example.com\"),\n\t\t\tEmail:     pulumi.String(\"john.smith@example.com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample := okta.GetUserSecurityQuestionsOutput(ctx, okta.GetUserSecurityQuestionsOutputArgs{\n\t\t\tUserId: exampleUser.ID(),\n\t\t}, nil)\n\t\texampleFactor, err := factor.NewFactor(ctx, \"example\", \u0026factor.FactorArgs{\n\t\t\tProviderId: pulumi.String(\"okta_question\"),\n\t\t\tActive:     pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = okta.NewUserFactorQuestion(ctx, \"example\", \u0026okta.UserFactorQuestionArgs{\n\t\t\tUserId: exampleUser.ID(),\n\t\t\tKey: pulumi.String(example.ApplyT(func(example okta.GetUserSecurityQuestionsResult) (*string, error) {\n\t\t\t\treturn \u0026example.Questions[0].Key, nil\n\t\t\t}).(pulumi.StringPtrOutput)),\n\t\t\tAnswer: pulumi.String(\"meatball\"),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texampleFactor,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.user.User;\nimport com.pulumi.okta.user.UserArgs;\nimport com.pulumi.okta.OktaFunctions;\nimport com.pulumi.okta.inputs.GetUserSecurityQuestionsArgs;\nimport com.pulumi.okta.factor.Factor;\nimport com.pulumi.okta.factor.FactorArgs;\nimport com.pulumi.okta.UserFactorQuestion;\nimport com.pulumi.okta.UserFactorQuestionArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        var exampleUser = new User(\"exampleUser\", UserArgs.builder()\n            .firstName(\"John\")\n            .lastName(\"Smith\")\n            .login(\"john.smith@example.com\")\n            .email(\"john.smith@example.com\")\n            .build());\n\n        final var example = OktaFunctions.getUserSecurityQuestions(GetUserSecurityQuestionsArgs.builder()\n            .userId(exampleUser.id())\n            .build());\n\n        var exampleFactor = new Factor(\"exampleFactor\", FactorArgs.builder()\n            .providerId(\"okta_question\")\n            .active(true)\n            .build());\n\n        var exampleUserFactorQuestion = new UserFactorQuestion(\"exampleUserFactorQuestion\", UserFactorQuestionArgs.builder()\n            .userId(exampleUser.id())\n            .key(example.applyValue(_example -\u003e _example.questions()[0].key()))\n            .answer(\"meatball\")\n            .build(), CustomResourceOptions.builder()\n                .dependsOn(exampleFactor)\n                .build());\n\n    }\n}\n```\n```yaml\nresources:\n  exampleUser:\n    type: okta:user:User\n    name: example\n    properties:\n      firstName: John\n      lastName: Smith\n      login: john.smith@example.com\n      email: john.smith@example.com\n  exampleFactor:\n    type: okta:factor:Factor\n    name: example\n    properties:\n      providerId: okta_question\n      active: true\n  exampleUserFactorQuestion:\n    type: okta:UserFactorQuestion\n    name: example\n    properties:\n      userId: ${exampleUser.id}\n      key: ${example.questions[0].key}\n      answer: meatball\n    options:\n      dependsOn:\n        - ${exampleFactor}\nvariables:\n  example:\n    fn::invoke:\n      function: okta:getUserSecurityQuestions\n      arguments:\n        userId: ${exampleUser.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\n```sh\n$ pulumi import okta:index/userFactorQuestion:UserFactorQuestion example \u003cuser_id\u003e/\u003cquestion_factor_id\u003e\n```\n\n","properties":{"answer":{"type":"string","description":"Security question answer. Note here that answer won't be set during the resource import.\n","secret":true},"key":{"type":"string","description":"Security question unique key.\n"},"status":{"type":"string","description":"The status of the security question factor.\n"},"text":{"type":"string","description":"Display text for security question.\n"},"userId":{"type":"string","description":"ID of the user. Resource will be recreated when \u003cspan pulumi-lang-nodejs=\"`userId`\" pulumi-lang-dotnet=\"`UserId`\" pulumi-lang-go=\"`userId`\" pulumi-lang-python=\"`user_id`\" pulumi-lang-yaml=\"`userId`\" pulumi-lang-java=\"`userId`\"\u003e`user_id`\u003c/span\u003e changes.\n"}},"required":["answer","key","status","text","userId"],"inputProperties":{"answer":{"type":"string","description":"Security question answer. Note here that answer won't be set during the resource import.\n","secret":true},"key":{"type":"string","description":"Security question unique key.\n"},"userId":{"type":"string","description":"ID of the user. Resource will be recreated when \u003cspan pulumi-lang-nodejs=\"`userId`\" pulumi-lang-dotnet=\"`UserId`\" pulumi-lang-go=\"`userId`\" pulumi-lang-python=\"`user_id`\" pulumi-lang-yaml=\"`userId`\" pulumi-lang-java=\"`userId`\"\u003e`user_id`\u003c/span\u003e changes.\n","willReplaceOnChanges":true}},"requiredInputs":["answer","key","userId"],"stateInputs":{"description":"Input properties used for looking up and filtering UserFactorQuestion resources.\n","properties":{"answer":{"type":"string","description":"Security question answer. Note here that answer won't be set during the resource import.\n","secret":true},"key":{"type":"string","description":"Security question unique key.\n"},"status":{"type":"string","description":"The status of the security question factor.\n"},"text":{"type":"string","description":"Display text for security question.\n"},"userId":{"type":"string","description":"ID of the user. Resource will be recreated when \u003cspan pulumi-lang-nodejs=\"`userId`\" pulumi-lang-dotnet=\"`UserId`\" pulumi-lang-go=\"`userId`\" pulumi-lang-python=\"`user_id`\" pulumi-lang-yaml=\"`userId`\" pulumi-lang-java=\"`userId`\"\u003e`user_id`\u003c/span\u003e changes.\n","willReplaceOnChanges":true}},"type":"object"}},"okta:index/userGroupMemberships:UserGroupMemberships":{"description":"## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst test = new okta.user.User(\"test\", {\n    firstName: \"TestAcc\",\n    lastName: \"Smith\",\n    login: \"testAcc-replace_with_uuid@example.com\",\n    email: \"testAcc-replace_with_uuid@example.com\",\n});\nconst testUserGroupMemberships = new okta.UserGroupMemberships(\"test\", {\n    userId: test.id,\n    groups: [\n        test1.id,\n        test2.id,\n    ],\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\ntest = okta.user.User(\"test\",\n    first_name=\"TestAcc\",\n    last_name=\"Smith\",\n    login=\"testAcc-replace_with_uuid@example.com\",\n    email=\"testAcc-replace_with_uuid@example.com\")\ntest_user_group_memberships = okta.UserGroupMemberships(\"test\",\n    user_id=test.id,\n    groups=[\n        test1[\"id\"],\n        test2[\"id\"],\n    ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var test = new Okta.User.User(\"test\", new()\n    {\n        FirstName = \"TestAcc\",\n        LastName = \"Smith\",\n        Login = \"testAcc-replace_with_uuid@example.com\",\n        Email = \"testAcc-replace_with_uuid@example.com\",\n    });\n\n    var testUserGroupMemberships = new Okta.UserGroupMemberships(\"test\", new()\n    {\n        UserId = test.Id,\n        Groups = new[]\n        {\n            test1.Id,\n            test2.Id,\n        },\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta\"\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta/user\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttest, err := user.NewUser(ctx, \"test\", \u0026user.UserArgs{\n\t\t\tFirstName: pulumi.String(\"TestAcc\"),\n\t\t\tLastName:  pulumi.String(\"Smith\"),\n\t\t\tLogin:     pulumi.String(\"testAcc-replace_with_uuid@example.com\"),\n\t\t\tEmail:     pulumi.String(\"testAcc-replace_with_uuid@example.com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = okta.NewUserGroupMemberships(ctx, \"test\", \u0026okta.UserGroupMembershipsArgs{\n\t\t\tUserId: test.ID(),\n\t\t\tGroups: pulumi.StringArray{\n\t\t\t\ttest1.Id,\n\t\t\t\ttest2.Id,\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.user.User;\nimport com.pulumi.okta.user.UserArgs;\nimport com.pulumi.okta.UserGroupMemberships;\nimport com.pulumi.okta.UserGroupMembershipsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        var test = new User(\"test\", UserArgs.builder()\n            .firstName(\"TestAcc\")\n            .lastName(\"Smith\")\n            .login(\"testAcc-replace_with_uuid@example.com\")\n            .email(\"testAcc-replace_with_uuid@example.com\")\n            .build());\n\n        var testUserGroupMemberships = new UserGroupMemberships(\"testUserGroupMemberships\", UserGroupMembershipsArgs.builder()\n            .userId(test.id())\n            .groups(            \n                test1.id(),\n                test2.id())\n            .build());\n\n    }\n}\n```\n```yaml\nresources:\n  test:\n    type: okta:user:User\n    properties:\n      firstName: TestAcc\n      lastName: Smith\n      login: testAcc-replace_with_uuid@example.com\n      email: testAcc-replace_with_uuid@example.com\n  testUserGroupMemberships:\n    type: okta:UserGroupMemberships\n    name: test\n    properties:\n      userId: ${test.id}\n      groups:\n        - ${test1.id}\n        - ${test2.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n","properties":{"groups":{"type":"array","items":{"type":"string"},"description":"The list of Okta group IDs which the user should have membership managed for.\n"},"userId":{"type":"string","description":"ID of a Okta User\n"}},"required":["groups","userId"],"inputProperties":{"groups":{"type":"array","items":{"type":"string"},"description":"The list of Okta group IDs which the user should have membership managed for.\n"},"userId":{"type":"string","description":"ID of a Okta User\n","willReplaceOnChanges":true}},"requiredInputs":["groups","userId"],"stateInputs":{"description":"Input properties used for looking up and filtering UserGroupMemberships resources.\n","properties":{"groups":{"type":"array","items":{"type":"string"},"description":"The list of Okta group IDs which the user should have membership managed for.\n"},"userId":{"type":"string","description":"ID of a Okta User\n","willReplaceOnChanges":true}},"type":"object"}},"okta:index/userSchemaProperty:UserSchemaProperty":{"description":"## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst example = new okta.UserSchemaProperty(\"example\", {\n    index: \"customPropertyName\",\n    title: \"customPropertyName\",\n    type: \"string\",\n    description: \"My custom property name\",\n    master: \"OKTA\",\n    scope: \"SELF\",\n    userType: exampleOktaUserType.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\nexample = okta.UserSchemaProperty(\"example\",\n    index=\"customPropertyName\",\n    title=\"customPropertyName\",\n    type=\"string\",\n    description=\"My custom property name\",\n    master=\"OKTA\",\n    scope=\"SELF\",\n    user_type=example_okta_user_type[\"id\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var example = new Okta.UserSchemaProperty(\"example\", new()\n    {\n        Index = \"customPropertyName\",\n        Title = \"customPropertyName\",\n        Type = \"string\",\n        Description = \"My custom property name\",\n        Master = \"OKTA\",\n        Scope = \"SELF\",\n        UserType = exampleOktaUserType.Id,\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := okta.NewUserSchemaProperty(ctx, \"example\", \u0026okta.UserSchemaPropertyArgs{\n\t\t\tIndex:       pulumi.String(\"customPropertyName\"),\n\t\t\tTitle:       pulumi.String(\"customPropertyName\"),\n\t\t\tType:        pulumi.String(\"string\"),\n\t\t\tDescription: pulumi.String(\"My custom property name\"),\n\t\t\tMaster:      pulumi.String(\"OKTA\"),\n\t\t\tScope:       pulumi.String(\"SELF\"),\n\t\t\tUserType:    pulumi.Any(exampleOktaUserType.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.UserSchemaProperty;\nimport com.pulumi.okta.UserSchemaPropertyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        var example = new UserSchemaProperty(\"example\", UserSchemaPropertyArgs.builder()\n            .index(\"customPropertyName\")\n            .title(\"customPropertyName\")\n            .type(\"string\")\n            .description(\"My custom property name\")\n            .master(\"OKTA\")\n            .scope(\"SELF\")\n            .userType(exampleOktaUserType.id())\n            .build());\n\n    }\n}\n```\n```yaml\nresources:\n  example:\n    type: okta:UserSchemaProperty\n    properties:\n      index: customPropertyName\n      title: customPropertyName\n      type: string\n      description: My custom property name\n      master: OKTA\n      scope: SELF\n      userType: ${exampleOktaUserType.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\n```sh\n$ pulumi import okta:index/userSchemaProperty:UserSchemaProperty example \u003cvariableName\u003e\n```\n\n```sh\n$ pulumi import okta:index/userSchemaProperty:UserSchemaProperty example \u003cuser_type_id\u003e.\u003cindex\u003e\n```\n\n","properties":{"arrayEnums":{"type":"array","items":{"type":"string"},"description":"Array of values that an array property's items can be set to."},"arrayOneOfs":{"type":"array","items":{"$ref":"#/types/okta:index/UserSchemaPropertyArrayOneOf:UserSchemaPropertyArrayOneOf"},"description":"Display name and value an enum array can be set to.\n\t- 'const' - (Required) value mapping to member of 'enum'.\n\t- 'title' - (Required) display name for the enum value."},"arrayType":{"type":"string","description":"The type of the array elements if \u003cspan pulumi-lang-nodejs=\"`type`\" pulumi-lang-dotnet=\"`Type`\" pulumi-lang-go=\"`type`\" pulumi-lang-python=\"`type`\" pulumi-lang-yaml=\"`type`\" pulumi-lang-java=\"`type`\"\u003e`type`\u003c/span\u003e is set to \u003cspan pulumi-lang-nodejs=\"`array`\" pulumi-lang-dotnet=\"`Array`\" pulumi-lang-go=\"`array`\" pulumi-lang-python=\"`array`\" pulumi-lang-yaml=\"`array`\" pulumi-lang-java=\"`array`\"\u003e`array`\u003c/span\u003e"},"description":{"type":"string","description":"The description of the user schema property."},"enums":{"type":"array","items":{"type":"string"},"description":"Array of values a primitive property can be set to. See \u003cspan pulumi-lang-nodejs=\"`arrayEnum`\" pulumi-lang-dotnet=\"`ArrayEnum`\" pulumi-lang-go=\"`arrayEnum`\" pulumi-lang-python=\"`array_enum`\" pulumi-lang-yaml=\"`arrayEnum`\" pulumi-lang-java=\"`arrayEnum`\"\u003e`array_enum`\u003c/span\u003e for arrays."},"externalName":{"type":"string","description":"External name of the user schema property."},"externalNamespace":{"type":"string","description":"External namespace of the user schema property."},"index":{"type":"string","description":"Subschema unique string identifier"},"master":{"type":"string","description":"Master priority for the user schema property. It can be set to `PROFILE_MASTER`, `OVERRIDE` or `OKTA`."},"masterOverridePriorities":{"type":"array","items":{"$ref":"#/types/okta:index/UserSchemaPropertyMasterOverridePriority:UserSchemaPropertyMasterOverridePriority"},"description":"Prioritized list of profile sources (required when 'master' is 'OVERRIDE').\n\t- 'type' - (Optional) - Type of profile source.\n\t- 'value' - (Required) - ID of profile source."},"maxLength":{"type":"integer","description":"The maximum length of the user property value. Only applies to type \u003cspan pulumi-lang-nodejs=\"`string`\" pulumi-lang-dotnet=\"`String`\" pulumi-lang-go=\"`string`\" pulumi-lang-python=\"`string`\" pulumi-lang-yaml=\"`string`\" pulumi-lang-java=\"`string`\"\u003e`string`\u003c/span\u003e"},"minLength":{"type":"integer","description":"The minimum length of the user property value. Only applies to type \u003cspan pulumi-lang-nodejs=\"`string`\" pulumi-lang-dotnet=\"`String`\" pulumi-lang-go=\"`string`\" pulumi-lang-python=\"`string`\" pulumi-lang-yaml=\"`string`\" pulumi-lang-java=\"`string`\"\u003e`string`\u003c/span\u003e"},"oneOfs":{"type":"array","items":{"$ref":"#/types/okta:index/UserSchemaPropertyOneOf:UserSchemaPropertyOneOf"},"description":"Array of maps containing a mapping for display name to enum value.\n\t- 'const' - (Required) value mapping to member of 'enum'.\n\t- 'title' - (Required) display name for the enum value."},"pattern":{"type":"string","description":"The validation pattern to use for the subschema. Must be in form of '.+', or '[\u003cpattern\u003e]+' if present.'"},"permissions":{"type":"string","description":"Access control permissions for the property. It can be set to `READ_WRITE`, `READ_ONLY`, `HIDE`. Default: `READ_ONLY`"},"required":{"type":"boolean","description":"Whether the subschema is required"},"scope":{"type":"string","description":"determines whether an app user attribute can be set at the Individual or Group Level. Default: `NONE`"},"title":{"type":"string","description":"Subschema title (display name)"},"type":{"type":"string","description":"The type of the schema property. It can be \u003cspan pulumi-lang-nodejs=\"`string`\" pulumi-lang-dotnet=\"`String`\" pulumi-lang-go=\"`string`\" pulumi-lang-python=\"`string`\" pulumi-lang-yaml=\"`string`\" pulumi-lang-java=\"`string`\"\u003e`string`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`boolean`\" pulumi-lang-dotnet=\"`Boolean`\" pulumi-lang-go=\"`boolean`\" pulumi-lang-python=\"`boolean`\" pulumi-lang-yaml=\"`boolean`\" pulumi-lang-java=\"`boolean`\"\u003e`boolean`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`number`\" pulumi-lang-dotnet=\"`Number`\" pulumi-lang-go=\"`number`\" pulumi-lang-python=\"`number`\" pulumi-lang-yaml=\"`number`\" pulumi-lang-java=\"`number`\"\u003e`number`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`integer`\" pulumi-lang-dotnet=\"`Integer`\" pulumi-lang-go=\"`integer`\" pulumi-lang-python=\"`integer`\" pulumi-lang-yaml=\"`integer`\" pulumi-lang-java=\"`integer`\"\u003e`integer`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`array`\" pulumi-lang-dotnet=\"`Array`\" pulumi-lang-go=\"`array`\" pulumi-lang-python=\"`array`\" pulumi-lang-yaml=\"`array`\" pulumi-lang-java=\"`array`\"\u003e`array`\u003c/span\u003e, or \u003cspan pulumi-lang-nodejs=\"`object`\" pulumi-lang-dotnet=\"`Object`\" pulumi-lang-go=\"`object`\" pulumi-lang-python=\"`object`\" pulumi-lang-yaml=\"`object`\" pulumi-lang-java=\"`object`\"\u003e`object`\u003c/span\u003e"},"unique":{"type":"string","description":"Whether the property should be unique. It can be set to `UNIQUE_VALIDATED` or `NOT_UNIQUE`."},"userType":{"type":"string","description":"User type ID. By default, it is \u003cspan pulumi-lang-nodejs=\"`default`\" pulumi-lang-dotnet=\"`Default`\" pulumi-lang-go=\"`default`\" pulumi-lang-python=\"`default`\" pulumi-lang-yaml=\"`default`\" pulumi-lang-java=\"`default`\"\u003e`default`\u003c/span\u003e"}},"required":["index","title","type"],"inputProperties":{"arrayEnums":{"type":"array","items":{"type":"string"},"description":"Array of values that an array property's items can be set to."},"arrayOneOfs":{"type":"array","items":{"$ref":"#/types/okta:index/UserSchemaPropertyArrayOneOf:UserSchemaPropertyArrayOneOf"},"description":"Display name and value an enum array can be set to.\n\t- 'const' - (Required) value mapping to member of 'enum'.\n\t- 'title' - (Required) display name for the enum value."},"arrayType":{"type":"string","description":"The type of the array elements if \u003cspan pulumi-lang-nodejs=\"`type`\" pulumi-lang-dotnet=\"`Type`\" pulumi-lang-go=\"`type`\" pulumi-lang-python=\"`type`\" pulumi-lang-yaml=\"`type`\" pulumi-lang-java=\"`type`\"\u003e`type`\u003c/span\u003e is set to \u003cspan pulumi-lang-nodejs=\"`array`\" pulumi-lang-dotnet=\"`Array`\" pulumi-lang-go=\"`array`\" pulumi-lang-python=\"`array`\" pulumi-lang-yaml=\"`array`\" pulumi-lang-java=\"`array`\"\u003e`array`\u003c/span\u003e","willReplaceOnChanges":true},"description":{"type":"string","description":"The description of the user schema property."},"enums":{"type":"array","items":{"type":"string"},"description":"Array of values a primitive property can be set to. See \u003cspan pulumi-lang-nodejs=\"`arrayEnum`\" pulumi-lang-dotnet=\"`ArrayEnum`\" pulumi-lang-go=\"`arrayEnum`\" pulumi-lang-python=\"`array_enum`\" pulumi-lang-yaml=\"`arrayEnum`\" pulumi-lang-java=\"`arrayEnum`\"\u003e`array_enum`\u003c/span\u003e for arrays."},"externalName":{"type":"string","description":"External name of the user schema property.","willReplaceOnChanges":true},"externalNamespace":{"type":"string","description":"External namespace of the user schema property.","willReplaceOnChanges":true},"index":{"type":"string","description":"Subschema unique string identifier","willReplaceOnChanges":true},"master":{"type":"string","description":"Master priority for the user schema property. It can be set to `PROFILE_MASTER`, `OVERRIDE` or `OKTA`."},"masterOverridePriorities":{"type":"array","items":{"$ref":"#/types/okta:index/UserSchemaPropertyMasterOverridePriority:UserSchemaPropertyMasterOverridePriority"},"description":"Prioritized list of profile sources (required when 'master' is 'OVERRIDE').\n\t- 'type' - (Optional) - Type of profile source.\n\t- 'value' - (Required) - ID of profile source."},"maxLength":{"type":"integer","description":"The maximum length of the user property value. Only applies to type \u003cspan pulumi-lang-nodejs=\"`string`\" pulumi-lang-dotnet=\"`String`\" pulumi-lang-go=\"`string`\" pulumi-lang-python=\"`string`\" pulumi-lang-yaml=\"`string`\" pulumi-lang-java=\"`string`\"\u003e`string`\u003c/span\u003e"},"minLength":{"type":"integer","description":"The minimum length of the user property value. Only applies to type \u003cspan pulumi-lang-nodejs=\"`string`\" pulumi-lang-dotnet=\"`String`\" pulumi-lang-go=\"`string`\" pulumi-lang-python=\"`string`\" pulumi-lang-yaml=\"`string`\" pulumi-lang-java=\"`string`\"\u003e`string`\u003c/span\u003e"},"oneOfs":{"type":"array","items":{"$ref":"#/types/okta:index/UserSchemaPropertyOneOf:UserSchemaPropertyOneOf"},"description":"Array of maps containing a mapping for display name to enum value.\n\t- 'const' - (Required) value mapping to member of 'enum'.\n\t- 'title' - (Required) display name for the enum value."},"pattern":{"type":"string","description":"The validation pattern to use for the subschema. Must be in form of '.+', or '[\u003cpattern\u003e]+' if present.'"},"permissions":{"type":"string","description":"Access control permissions for the property. It can be set to `READ_WRITE`, `READ_ONLY`, `HIDE`. Default: `READ_ONLY`"},"required":{"type":"boolean","description":"Whether the subschema is required"},"scope":{"type":"string","description":"determines whether an app user attribute can be set at the Individual or Group Level. Default: `NONE`"},"title":{"type":"string","description":"Subschema title (display name)"},"type":{"type":"string","description":"The type of the schema property. It can be \u003cspan pulumi-lang-nodejs=\"`string`\" pulumi-lang-dotnet=\"`String`\" pulumi-lang-go=\"`string`\" pulumi-lang-python=\"`string`\" pulumi-lang-yaml=\"`string`\" pulumi-lang-java=\"`string`\"\u003e`string`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`boolean`\" pulumi-lang-dotnet=\"`Boolean`\" pulumi-lang-go=\"`boolean`\" pulumi-lang-python=\"`boolean`\" pulumi-lang-yaml=\"`boolean`\" pulumi-lang-java=\"`boolean`\"\u003e`boolean`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`number`\" pulumi-lang-dotnet=\"`Number`\" pulumi-lang-go=\"`number`\" pulumi-lang-python=\"`number`\" pulumi-lang-yaml=\"`number`\" pulumi-lang-java=\"`number`\"\u003e`number`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`integer`\" pulumi-lang-dotnet=\"`Integer`\" pulumi-lang-go=\"`integer`\" pulumi-lang-python=\"`integer`\" pulumi-lang-yaml=\"`integer`\" pulumi-lang-java=\"`integer`\"\u003e`integer`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`array`\" pulumi-lang-dotnet=\"`Array`\" pulumi-lang-go=\"`array`\" pulumi-lang-python=\"`array`\" pulumi-lang-yaml=\"`array`\" pulumi-lang-java=\"`array`\"\u003e`array`\u003c/span\u003e, or \u003cspan pulumi-lang-nodejs=\"`object`\" pulumi-lang-dotnet=\"`Object`\" pulumi-lang-go=\"`object`\" pulumi-lang-python=\"`object`\" pulumi-lang-yaml=\"`object`\" pulumi-lang-java=\"`object`\"\u003e`object`\u003c/span\u003e","willReplaceOnChanges":true},"unique":{"type":"string","description":"Whether the property should be unique. It can be set to `UNIQUE_VALIDATED` or `NOT_UNIQUE`.","willReplaceOnChanges":true},"userType":{"type":"string","description":"User type ID. By default, it is \u003cspan pulumi-lang-nodejs=\"`default`\" pulumi-lang-dotnet=\"`Default`\" pulumi-lang-go=\"`default`\" pulumi-lang-python=\"`default`\" pulumi-lang-yaml=\"`default`\" pulumi-lang-java=\"`default`\"\u003e`default`\u003c/span\u003e"}},"requiredInputs":["index","title","type"],"stateInputs":{"description":"Input properties used for looking up and filtering UserSchemaProperty resources.\n","properties":{"arrayEnums":{"type":"array","items":{"type":"string"},"description":"Array of values that an array property's items can be set to."},"arrayOneOfs":{"type":"array","items":{"$ref":"#/types/okta:index/UserSchemaPropertyArrayOneOf:UserSchemaPropertyArrayOneOf"},"description":"Display name and value an enum array can be set to.\n\t- 'const' - (Required) value mapping to member of 'enum'.\n\t- 'title' - (Required) display name for the enum value."},"arrayType":{"type":"string","description":"The type of the array elements if \u003cspan pulumi-lang-nodejs=\"`type`\" pulumi-lang-dotnet=\"`Type`\" pulumi-lang-go=\"`type`\" pulumi-lang-python=\"`type`\" pulumi-lang-yaml=\"`type`\" pulumi-lang-java=\"`type`\"\u003e`type`\u003c/span\u003e is set to \u003cspan pulumi-lang-nodejs=\"`array`\" pulumi-lang-dotnet=\"`Array`\" pulumi-lang-go=\"`array`\" pulumi-lang-python=\"`array`\" pulumi-lang-yaml=\"`array`\" pulumi-lang-java=\"`array`\"\u003e`array`\u003c/span\u003e","willReplaceOnChanges":true},"description":{"type":"string","description":"The description of the user schema property."},"enums":{"type":"array","items":{"type":"string"},"description":"Array of values a primitive property can be set to. See \u003cspan pulumi-lang-nodejs=\"`arrayEnum`\" pulumi-lang-dotnet=\"`ArrayEnum`\" pulumi-lang-go=\"`arrayEnum`\" pulumi-lang-python=\"`array_enum`\" pulumi-lang-yaml=\"`arrayEnum`\" pulumi-lang-java=\"`arrayEnum`\"\u003e`array_enum`\u003c/span\u003e for arrays."},"externalName":{"type":"string","description":"External name of the user schema property.","willReplaceOnChanges":true},"externalNamespace":{"type":"string","description":"External namespace of the user schema property.","willReplaceOnChanges":true},"index":{"type":"string","description":"Subschema unique string identifier","willReplaceOnChanges":true},"master":{"type":"string","description":"Master priority for the user schema property. It can be set to `PROFILE_MASTER`, `OVERRIDE` or `OKTA`."},"masterOverridePriorities":{"type":"array","items":{"$ref":"#/types/okta:index/UserSchemaPropertyMasterOverridePriority:UserSchemaPropertyMasterOverridePriority"},"description":"Prioritized list of profile sources (required when 'master' is 'OVERRIDE').\n\t- 'type' - (Optional) - Type of profile source.\n\t- 'value' - (Required) - ID of profile source."},"maxLength":{"type":"integer","description":"The maximum length of the user property value. Only applies to type \u003cspan pulumi-lang-nodejs=\"`string`\" pulumi-lang-dotnet=\"`String`\" pulumi-lang-go=\"`string`\" pulumi-lang-python=\"`string`\" pulumi-lang-yaml=\"`string`\" pulumi-lang-java=\"`string`\"\u003e`string`\u003c/span\u003e"},"minLength":{"type":"integer","description":"The minimum length of the user property value. Only applies to type \u003cspan pulumi-lang-nodejs=\"`string`\" pulumi-lang-dotnet=\"`String`\" pulumi-lang-go=\"`string`\" pulumi-lang-python=\"`string`\" pulumi-lang-yaml=\"`string`\" pulumi-lang-java=\"`string`\"\u003e`string`\u003c/span\u003e"},"oneOfs":{"type":"array","items":{"$ref":"#/types/okta:index/UserSchemaPropertyOneOf:UserSchemaPropertyOneOf"},"description":"Array of maps containing a mapping for display name to enum value.\n\t- 'const' - (Required) value mapping to member of 'enum'.\n\t- 'title' - (Required) display name for the enum value."},"pattern":{"type":"string","description":"The validation pattern to use for the subschema. Must be in form of '.+', or '[\u003cpattern\u003e]+' if present.'"},"permissions":{"type":"string","description":"Access control permissions for the property. It can be set to `READ_WRITE`, `READ_ONLY`, `HIDE`. Default: `READ_ONLY`"},"required":{"type":"boolean","description":"Whether the subschema is required"},"scope":{"type":"string","description":"determines whether an app user attribute can be set at the Individual or Group Level. Default: `NONE`"},"title":{"type":"string","description":"Subschema title (display name)"},"type":{"type":"string","description":"The type of the schema property. It can be \u003cspan pulumi-lang-nodejs=\"`string`\" pulumi-lang-dotnet=\"`String`\" pulumi-lang-go=\"`string`\" pulumi-lang-python=\"`string`\" pulumi-lang-yaml=\"`string`\" pulumi-lang-java=\"`string`\"\u003e`string`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`boolean`\" pulumi-lang-dotnet=\"`Boolean`\" pulumi-lang-go=\"`boolean`\" pulumi-lang-python=\"`boolean`\" pulumi-lang-yaml=\"`boolean`\" pulumi-lang-java=\"`boolean`\"\u003e`boolean`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`number`\" pulumi-lang-dotnet=\"`Number`\" pulumi-lang-go=\"`number`\" pulumi-lang-python=\"`number`\" pulumi-lang-yaml=\"`number`\" pulumi-lang-java=\"`number`\"\u003e`number`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`integer`\" pulumi-lang-dotnet=\"`Integer`\" pulumi-lang-go=\"`integer`\" pulumi-lang-python=\"`integer`\" pulumi-lang-yaml=\"`integer`\" pulumi-lang-java=\"`integer`\"\u003e`integer`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`array`\" pulumi-lang-dotnet=\"`Array`\" pulumi-lang-go=\"`array`\" pulumi-lang-python=\"`array`\" pulumi-lang-yaml=\"`array`\" pulumi-lang-java=\"`array`\"\u003e`array`\u003c/span\u003e, or \u003cspan pulumi-lang-nodejs=\"`object`\" pulumi-lang-dotnet=\"`Object`\" pulumi-lang-go=\"`object`\" pulumi-lang-python=\"`object`\" pulumi-lang-yaml=\"`object`\" pulumi-lang-java=\"`object`\"\u003e`object`\u003c/span\u003e","willReplaceOnChanges":true},"unique":{"type":"string","description":"Whether the property should be unique. It can be set to `UNIQUE_VALIDATED` or `NOT_UNIQUE`.","willReplaceOnChanges":true},"userType":{"type":"string","description":"User type ID. By default, it is \u003cspan pulumi-lang-nodejs=\"`default`\" pulumi-lang-dotnet=\"`Default`\" pulumi-lang-go=\"`default`\" pulumi-lang-python=\"`default`\" pulumi-lang-yaml=\"`default`\" pulumi-lang-java=\"`default`\"\u003e`default`\u003c/span\u003e"}},"type":"object"}},"okta:inline/hook:Hook":{"description":"Creates an inline hook. This resource allows you to create and configure an inline hook.\n\n## Example Usage\n\n### HTTP Auth\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst example = new okta.inline.Hook(\"example\", {\n    name: \"example\",\n    version: \"1.0.0\",\n    type: \"com.okta.oauth2.tokens.transform\",\n    channel: {\n        version: \"1.0.0\",\n        uri: \"https://example.com/test\",\n        method: \"POST\",\n    },\n    auth: {\n        key: \"Authorization\",\n        type: \"HEADER\",\n        value: \"secret\",\n    },\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\nexample = okta.inline.Hook(\"example\",\n    name=\"example\",\n    version=\"1.0.0\",\n    type=\"com.okta.oauth2.tokens.transform\",\n    channel={\n        \"version\": \"1.0.0\",\n        \"uri\": \"https://example.com/test\",\n        \"method\": \"POST\",\n    },\n    auth={\n        \"key\": \"Authorization\",\n        \"type\": \"HEADER\",\n        \"value\": \"secret\",\n    })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var example = new Okta.Inline.Hook(\"example\", new()\n    {\n        Name = \"example\",\n        Version = \"1.0.0\",\n        Type = \"com.okta.oauth2.tokens.transform\",\n        Channel = \n        {\n            { \"version\", \"1.0.0\" },\n            { \"uri\", \"https://example.com/test\" },\n            { \"method\", \"POST\" },\n        },\n        Auth = \n        {\n            { \"key\", \"Authorization\" },\n            { \"type\", \"HEADER\" },\n            { \"value\", \"secret\" },\n        },\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta/inline\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := inline.NewHook(ctx, \"example\", \u0026inline.HookArgs{\n\t\t\tName:    pulumi.String(\"example\"),\n\t\t\tVersion: pulumi.String(\"1.0.0\"),\n\t\t\tType:    pulumi.String(\"com.okta.oauth2.tokens.transform\"),\n\t\t\tChannel: pulumi.StringMap{\n\t\t\t\t\"version\": pulumi.String(\"1.0.0\"),\n\t\t\t\t\"uri\":     pulumi.String(\"https://example.com/test\"),\n\t\t\t\t\"method\":  pulumi.String(\"POST\"),\n\t\t\t},\n\t\t\tAuth: pulumi.StringMap{\n\t\t\t\t\"key\":   pulumi.String(\"Authorization\"),\n\t\t\t\t\"type\":  pulumi.String(\"HEADER\"),\n\t\t\t\t\"value\": pulumi.String(\"secret\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.inline.Hook;\nimport com.pulumi.okta.inline.HookArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        var example = new Hook(\"example\", HookArgs.builder()\n            .name(\"example\")\n            .version(\"1.0.0\")\n            .type(\"com.okta.oauth2.tokens.transform\")\n            .channel(Map.ofEntries(\n                Map.entry(\"version\", \"1.0.0\"),\n                Map.entry(\"uri\", \"https://example.com/test\"),\n                Map.entry(\"method\", \"POST\")\n            ))\n            .auth(Map.ofEntries(\n                Map.entry(\"key\", \"Authorization\"),\n                Map.entry(\"type\", \"HEADER\"),\n                Map.entry(\"value\", \"secret\")\n            ))\n            .build());\n\n    }\n}\n```\n```yaml\nresources:\n  example:\n    type: okta:inline:Hook\n    properties:\n      name: example\n      version: 1.0.0\n      type: com.okta.oauth2.tokens.transform\n      channel:\n        version: 1.0.0\n        uri: https://example.com/test\n        method: POST\n      auth:\n        key: Authorization\n        type: HEADER\n        value: secret\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### OAuth2.0 Auth\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst example = new okta.inline.Hook(\"example\", {\n    name: \"example\",\n    version: \"1.0.0\",\n    type: \"com.okta.saml.tokens.transform\",\n    status: \"ACTIVE\",\n    channelJson: `{\n        \\\\\"type\\\\\": \\\\\"OAUTH\\\\\",\n        \\\\\"version\\\\\": \\\\\"1.0.0\\\\\",\n        \\\\\"config\\\\\": {\n            \\\\\"headers\\\\\": [\n                {\n                    \\\\\"key\\\\\": \\\\\"Field 1\\\\\",\n                    \\\\\"value\\\\\": \\\\\"Value 1\\\\\"\n                },\n                {\n                    \\\\\"key\\\\\": \\\\\"Field 2\\\\\",\n                    \\\\\"value\\\\\": \\\\\"Value 2\\\\\"\n                }\n            ],\n            \\\\\"method\\\\\": \\\\\"POST\\\\\",\n            \\\\\"authType\\\\\": \\\\\"client_secret_post\\\\\",\n            \\\\\"uri\\\\\": \\\\\"https://example.com/service\\\\\",\n            \\\\\"clientId\\\\\": \\\\\"abc123\\\\\",\n            \\\\\"clientSecret\\\\\": \\\\\"fake-secret\\\\\",\n            \\\\\"tokenUrl\\\\\": \\\\\"https://example.com/token\\\\\",\n            \\\\\"scope\\\\\": \\\\\"api\\\\\"\n        }\n}\n`,\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\nexample = okta.inline.Hook(\"example\",\n    name=\"example\",\n    version=\"1.0.0\",\n    type=\"com.okta.saml.tokens.transform\",\n    status=\"ACTIVE\",\n    channel_json=\"\"\"{\n        \\\"type\\\": \\\"OAUTH\\\",\n        \\\"version\\\": \\\"1.0.0\\\",\n        \\\"config\\\": {\n            \\\"headers\\\": [\n                {\n                    \\\"key\\\": \\\"Field 1\\\",\n                    \\\"value\\\": \\\"Value 1\\\"\n                },\n                {\n                    \\\"key\\\": \\\"Field 2\\\",\n                    \\\"value\\\": \\\"Value 2\\\"\n                }\n            ],\n            \\\"method\\\": \\\"POST\\\",\n            \\\"authType\\\": \\\"client_secret_post\\\",\n            \\\"uri\\\": \\\"https://example.com/service\\\",\n            \\\"clientId\\\": \\\"abc123\\\",\n            \\\"clientSecret\\\": \\\"fake-secret\\\",\n            \\\"tokenUrl\\\": \\\"https://example.com/token\\\",\n            \\\"scope\\\": \\\"api\\\"\n        }\n}\n\"\"\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var example = new Okta.Inline.Hook(\"example\", new()\n    {\n        Name = \"example\",\n        Version = \"1.0.0\",\n        Type = \"com.okta.saml.tokens.transform\",\n        Status = \"ACTIVE\",\n        ChannelJson = @\"{\n        \\\"\"type\\\"\": \\\"\"OAUTH\\\"\",\n        \\\"\"version\\\"\": \\\"\"1.0.0\\\"\",\n        \\\"\"config\\\"\": {\n            \\\"\"headers\\\"\": [\n                {\n                    \\\"\"key\\\"\": \\\"\"Field 1\\\"\",\n                    \\\"\"value\\\"\": \\\"\"Value 1\\\"\"\n                },\n                {\n                    \\\"\"key\\\"\": \\\"\"Field 2\\\"\",\n                    \\\"\"value\\\"\": \\\"\"Value 2\\\"\"\n                }\n            ],\n            \\\"\"method\\\"\": \\\"\"POST\\\"\",\n            \\\"\"authType\\\"\": \\\"\"client_secret_post\\\"\",\n            \\\"\"uri\\\"\": \\\"\"https://example.com/service\\\"\",\n            \\\"\"clientId\\\"\": \\\"\"abc123\\\"\",\n            \\\"\"clientSecret\\\"\": \\\"\"fake-secret\\\"\",\n            \\\"\"tokenUrl\\\"\": \\\"\"https://example.com/token\\\"\",\n            \\\"\"scope\\\"\": \\\"\"api\\\"\"\n        }\n}\n\",\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta/inline\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := inline.NewHook(ctx, \"example\", \u0026inline.HookArgs{\n\t\t\tName:    pulumi.String(\"example\"),\n\t\t\tVersion: pulumi.String(\"1.0.0\"),\n\t\t\tType:    pulumi.String(\"com.okta.saml.tokens.transform\"),\n\t\t\tStatus:  pulumi.String(\"ACTIVE\"),\n\t\t\tChannelJson: pulumi.String(`{\n        \\\"type\\\": \\\"OAUTH\\\",\n        \\\"version\\\": \\\"1.0.0\\\",\n        \\\"config\\\": {\n            \\\"headers\\\": [\n                {\n                    \\\"key\\\": \\\"Field 1\\\",\n                    \\\"value\\\": \\\"Value 1\\\"\n                },\n                {\n                    \\\"key\\\": \\\"Field 2\\\",\n                    \\\"value\\\": \\\"Value 2\\\"\n                }\n            ],\n            \\\"method\\\": \\\"POST\\\",\n            \\\"authType\\\": \\\"client_secret_post\\\",\n            \\\"uri\\\": \\\"https://example.com/service\\\",\n            \\\"clientId\\\": \\\"abc123\\\",\n            \\\"clientSecret\\\": \\\"fake-secret\\\",\n            \\\"tokenUrl\\\": \\\"https://example.com/token\\\",\n            \\\"scope\\\": \\\"api\\\"\n        }\n}\n`),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.inline.Hook;\nimport com.pulumi.okta.inline.HookArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        var example = new Hook(\"example\", HookArgs.builder()\n            .name(\"example\")\n            .version(\"1.0.0\")\n            .type(\"com.okta.saml.tokens.transform\")\n            .status(\"ACTIVE\")\n            .channelJson(\"\"\"\n{\n        \\\"type\\\": \\\"OAUTH\\\",\n        \\\"version\\\": \\\"1.0.0\\\",\n        \\\"config\\\": {\n            \\\"headers\\\": [\n                {\n                    \\\"key\\\": \\\"Field 1\\\",\n                    \\\"value\\\": \\\"Value 1\\\"\n                },\n                {\n                    \\\"key\\\": \\\"Field 2\\\",\n                    \\\"value\\\": \\\"Value 2\\\"\n                }\n            ],\n            \\\"method\\\": \\\"POST\\\",\n            \\\"authType\\\": \\\"client_secret_post\\\",\n            \\\"uri\\\": \\\"https://example.com/service\\\",\n            \\\"clientId\\\": \\\"abc123\\\",\n            \\\"clientSecret\\\": \\\"fake-secret\\\",\n            \\\"tokenUrl\\\": \\\"https://example.com/token\\\",\n            \\\"scope\\\": \\\"api\\\"\n        }\n}\n            \"\"\")\n            .build());\n\n    }\n}\n```\n```yaml\nresources:\n  example:\n    type: okta:inline:Hook\n    properties:\n      name: example\n      version: 1.0.0\n      type: com.okta.saml.tokens.transform\n      status: ACTIVE\n      channelJson: |\n        {\n                \\\"type\\\": \\\"OAUTH\\\",\n                \\\"version\\\": \\\"1.0.0\\\",\n                \\\"config\\\": {\n                    \\\"headers\\\": [\n                        {\n                            \\\"key\\\": \\\"Field 1\\\",\n                            \\\"value\\\": \\\"Value 1\\\"\n                        },\n                        {\n                            \\\"key\\\": \\\"Field 2\\\",\n                            \\\"value\\\": \\\"Value 2\\\"\n                        }\n                    ],\n                    \\\"method\\\": \\\"POST\\\",\n                    \\\"authType\\\": \\\"client_secret_post\\\",\n                    \\\"uri\\\": \\\"https://example.com/service\\\",\n                    \\\"clientId\\\": \\\"abc123\\\",\n                    \\\"clientSecret\\\": \\\"fake-secret\\\",\n                    \\\"tokenUrl\\\": \\\"https://example.com/token\\\",\n                    \\\"scope\\\": \\\"api\\\"\n                }\n        }\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\n```sh\n$ pulumi import okta:inline/hook:Hook example \u003chook_id\u003e\n```\n\n","properties":{"auth":{"type":"object","additionalProperties":{"type":"string"}},"channel":{"type":"object","additionalProperties":{"type":"string"}},"channelJson":{"type":"string","description":"true channel object for the inline hook API contract"},"headers":{"type":"array","items":{"$ref":"#/types/okta:inline/HookHeader:HookHeader"},"description":"Map of headers to send along in inline hook request."},"name":{"type":"string","description":"The inline hook display name.\n"},"status":{"type":"string","description":"Default to `ACTIVE`"},"type":{"type":"string","description":"The type of hook to create. [See here for supported types](https://developer.okta.com/docs/reference/api/inline-hooks/#supported-inline-hook-types).\n"},"version":{"type":"string","description":"The version of the hook. The currently-supported version is `1.0.0`.\n"}},"required":["name","type","version"],"inputProperties":{"auth":{"type":"object","additionalProperties":{"type":"string"}},"channel":{"type":"object","additionalProperties":{"type":"string"}},"channelJson":{"type":"string","description":"true channel object for the inline hook API contract"},"headers":{"type":"array","items":{"$ref":"#/types/okta:inline/HookHeader:HookHeader"},"description":"Map of headers to send along in inline hook request."},"name":{"type":"string","description":"The inline hook display name.\n"},"status":{"type":"string","description":"Default to `ACTIVE`"},"type":{"type":"string","description":"The type of hook to create. [See here for supported types](https://developer.okta.com/docs/reference/api/inline-hooks/#supported-inline-hook-types).\n","willReplaceOnChanges":true},"version":{"type":"string","description":"The version of the hook. The currently-supported version is `1.0.0`.\n"}},"requiredInputs":["type","version"],"stateInputs":{"description":"Input properties used for looking up and filtering Hook resources.\n","properties":{"auth":{"type":"object","additionalProperties":{"type":"string"}},"channel":{"type":"object","additionalProperties":{"type":"string"}},"channelJson":{"type":"string","description":"true channel object for the inline hook API contract"},"headers":{"type":"array","items":{"$ref":"#/types/okta:inline/HookHeader:HookHeader"},"description":"Map of headers to send along in inline hook request."},"name":{"type":"string","description":"The inline hook display name.\n"},"status":{"type":"string","description":"Default to `ACTIVE`"},"type":{"type":"string","description":"The type of hook to create. [See here for supported types](https://developer.okta.com/docs/reference/api/inline-hooks/#supported-inline-hook-types).\n","willReplaceOnChanges":true},"version":{"type":"string","description":"The version of the hook. The currently-supported version is `1.0.0`.\n"}},"type":"object"}},"okta:network/zone:Zone":{"description":"Creates an Okta Network Zone. This resource allows you to create and configure an Okta Network Zone.\n\n## Import\n\n```sh\n$ pulumi import okta:network/zone:Zone example \u003czone_id\u003e\n```\n\n","properties":{"asns":{"type":"array","items":{"type":"string"},"description":"List of asns included. Format of each array value: a string representation of an ASN numeric value. Use with type `DYNAMIC` or `DYNAMIC_V2`\n"},"dynamicLocations":{"type":"array","items":{"type":"string"},"description":"Array of locations ISO-3166-1(2) included. Format code: countryCode OR countryCode-regionCode. Use with type `DYNAMIC` or `DYNAMIC_V2`\n"},"dynamicLocationsExcludes":{"type":"array","items":{"type":"string"},"description":"Array of locations ISO-3166-1(2) excluded. Format code: countryCode OR countryCode-regionCode. Use with type `DYNAMIC_V2`\n"},"dynamicProxyType":{"type":"string","description":"Type of proxy being controlled by this dynamic network zone - can be one of `Any`, `TorAnonymizer` or `NotTorAnonymizer`. Use with type `DYNAMIC`\n"},"gateways":{"type":"array","items":{"type":"string"},"description":"Array of values in CIDR/range form depending on the way it's been declared (i.e. CIDR will contain /suffix). Please check API docs for examples. Use with type `IP`\n"},"ipServiceCategoriesExcludes":{"type":"array","items":{"type":"string"},"description":"List of ip service excluded. Use with type `DYNAMIC_V2`\n"},"ipServiceCategoriesIncludes":{"type":"array","items":{"type":"string"},"description":"List of ip service included. Use with type `DYNAMIC_V2`\n"},"name":{"type":"string","description":"Name of the Network Zone Resource\n"},"proxies":{"type":"array","items":{"type":"string"},"description":"Array of values in CIDR/range form depending on the way it's been declared (i.e. CIDR will contain /suffix). Please check API docs for examples. Can not be set if \u003cspan pulumi-lang-nodejs=\"`usage`\" pulumi-lang-dotnet=\"`Usage`\" pulumi-lang-go=\"`usage`\" pulumi-lang-python=\"`usage`\" pulumi-lang-yaml=\"`usage`\" pulumi-lang-java=\"`usage`\"\u003e`usage`\u003c/span\u003e is set to `BLOCKLIST`. Use with type `IP`\n"},"status":{"type":"string","description":"Network Status - can either be `ACTIVE` or `INACTIVE` only\n"},"type":{"type":"string","description":"Type of the Network Zone - can be `IP`, `DYNAMIC` or `DYNAMIC_V2` only\n"},"usage":{"type":"string","description":"Usage of the Network Zone - can be either `POLICY` or `BLOCKLIST`. By default, it is `POLICY`\n"}},"required":["name","type"],"inputProperties":{"asns":{"type":"array","items":{"type":"string"},"description":"List of asns included. Format of each array value: a string representation of an ASN numeric value. Use with type `DYNAMIC` or `DYNAMIC_V2`\n"},"dynamicLocations":{"type":"array","items":{"type":"string"},"description":"Array of locations ISO-3166-1(2) included. Format code: countryCode OR countryCode-regionCode. Use with type `DYNAMIC` or `DYNAMIC_V2`\n"},"dynamicLocationsExcludes":{"type":"array","items":{"type":"string"},"description":"Array of locations ISO-3166-1(2) excluded. Format code: countryCode OR countryCode-regionCode. Use with type `DYNAMIC_V2`\n"},"dynamicProxyType":{"type":"string","description":"Type of proxy being controlled by this dynamic network zone - can be one of `Any`, `TorAnonymizer` or `NotTorAnonymizer`. Use with type `DYNAMIC`\n"},"gateways":{"type":"array","items":{"type":"string"},"description":"Array of values in CIDR/range form depending on the way it's been declared (i.e. CIDR will contain /suffix). Please check API docs for examples. Use with type `IP`\n"},"ipServiceCategoriesExcludes":{"type":"array","items":{"type":"string"},"description":"List of ip service excluded. Use with type `DYNAMIC_V2`\n"},"ipServiceCategoriesIncludes":{"type":"array","items":{"type":"string"},"description":"List of ip service included. Use with type `DYNAMIC_V2`\n"},"name":{"type":"string","description":"Name of the Network Zone Resource\n"},"proxies":{"type":"array","items":{"type":"string"},"description":"Array of values in CIDR/range form depending on the way it's been declared (i.e. CIDR will contain /suffix). Please check API docs for examples. Can not be set if \u003cspan pulumi-lang-nodejs=\"`usage`\" pulumi-lang-dotnet=\"`Usage`\" pulumi-lang-go=\"`usage`\" pulumi-lang-python=\"`usage`\" pulumi-lang-yaml=\"`usage`\" pulumi-lang-java=\"`usage`\"\u003e`usage`\u003c/span\u003e is set to `BLOCKLIST`. Use with type `IP`\n"},"status":{"type":"string","description":"Network Status - can either be `ACTIVE` or `INACTIVE` only\n"},"type":{"type":"string","description":"Type of the Network Zone - can be `IP`, `DYNAMIC` or `DYNAMIC_V2` only\n"},"usage":{"type":"string","description":"Usage of the Network Zone - can be either `POLICY` or `BLOCKLIST`. By default, it is `POLICY`\n"}},"requiredInputs":["type"],"stateInputs":{"description":"Input properties used for looking up and filtering Zone resources.\n","properties":{"asns":{"type":"array","items":{"type":"string"},"description":"List of asns included. Format of each array value: a string representation of an ASN numeric value. Use with type `DYNAMIC` or `DYNAMIC_V2`\n"},"dynamicLocations":{"type":"array","items":{"type":"string"},"description":"Array of locations ISO-3166-1(2) included. Format code: countryCode OR countryCode-regionCode. Use with type `DYNAMIC` or `DYNAMIC_V2`\n"},"dynamicLocationsExcludes":{"type":"array","items":{"type":"string"},"description":"Array of locations ISO-3166-1(2) excluded. Format code: countryCode OR countryCode-regionCode. Use with type `DYNAMIC_V2`\n"},"dynamicProxyType":{"type":"string","description":"Type of proxy being controlled by this dynamic network zone - can be one of `Any`, `TorAnonymizer` or `NotTorAnonymizer`. Use with type `DYNAMIC`\n"},"gateways":{"type":"array","items":{"type":"string"},"description":"Array of values in CIDR/range form depending on the way it's been declared (i.e. CIDR will contain /suffix). Please check API docs for examples. Use with type `IP`\n"},"ipServiceCategoriesExcludes":{"type":"array","items":{"type":"string"},"description":"List of ip service excluded. Use with type `DYNAMIC_V2`\n"},"ipServiceCategoriesIncludes":{"type":"array","items":{"type":"string"},"description":"List of ip service included. Use with type `DYNAMIC_V2`\n"},"name":{"type":"string","description":"Name of the Network Zone Resource\n"},"proxies":{"type":"array","items":{"type":"string"},"description":"Array of values in CIDR/range form depending on the way it's been declared (i.e. CIDR will contain /suffix). Please check API docs for examples. Can not be set if \u003cspan pulumi-lang-nodejs=\"`usage`\" pulumi-lang-dotnet=\"`Usage`\" pulumi-lang-go=\"`usage`\" pulumi-lang-python=\"`usage`\" pulumi-lang-yaml=\"`usage`\" pulumi-lang-java=\"`usage`\"\u003e`usage`\u003c/span\u003e is set to `BLOCKLIST`. Use with type `IP`\n"},"status":{"type":"string","description":"Network Status - can either be `ACTIVE` or `INACTIVE` only\n"},"type":{"type":"string","description":"Type of the Network Zone - can be `IP`, `DYNAMIC` or `DYNAMIC_V2` only\n"},"usage":{"type":"string","description":"Usage of the Network Zone - can be either `POLICY` or `BLOCKLIST`. By default, it is `POLICY`\n"}},"type":"object"}},"okta:policy/deviceAssuranceAndroid:DeviceAssuranceAndroid":{"description":"Manages a device assurance policy for android.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\nimport * as std from \"@pulumi/std\";\n\nconst example = new okta.policy.DeviceAssuranceAndroid(\"example\", {\n    name: \"example\",\n    osVersion: \"12\",\n    diskEncryptionTypes: std.index.toset({\n        input: [\n            \"FULL\",\n            \"USER\",\n        ],\n    }).result,\n    jailbreak: false,\n    secureHardwarePresent: true,\n    screenlockTypes: std.index.toset({\n        input: [\"BIOMETRIC\"],\n    }).result,\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\nimport pulumi_std as std\n\nexample = okta.policy.DeviceAssuranceAndroid(\"example\",\n    name=\"example\",\n    os_version=\"12\",\n    disk_encryption_types=std.index.toset(input=[\n        \"FULL\",\n        \"USER\",\n    ])[\"result\"],\n    jailbreak=False,\n    secure_hardware_present=True,\n    screenlock_types=std.index.toset(input=[\"BIOMETRIC\"])[\"result\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\nusing Std = Pulumi.Std;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var example = new Okta.Policy.DeviceAssuranceAndroid(\"example\", new()\n    {\n        Name = \"example\",\n        OsVersion = \"12\",\n        DiskEncryptionTypes = Std.Index.Toset.Invoke(new()\n        {\n            Input = new[]\n            {\n                \"FULL\",\n                \"USER\",\n            },\n        }).Result,\n        Jailbreak = false,\n        SecureHardwarePresent = true,\n        ScreenlockTypes = Std.Index.Toset.Invoke(new()\n        {\n            Input = new[]\n            {\n                \"BIOMETRIC\",\n            },\n        }).Result,\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta/policy\"\n\t\"github.com/pulumi/pulumi-std/sdk/go/std\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tinvokeToset, err := std.Toset(ctx, map[string]interface{}{\n\t\t\t\"input\": []string{\n\t\t\t\t\"FULL\",\n\t\t\t\t\"USER\",\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tinvokeToset1, err := std.Toset(ctx, map[string]interface{}{\n\t\t\t\"input\": []string{\n\t\t\t\t\"BIOMETRIC\",\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = policy.NewDeviceAssuranceAndroid(ctx, \"example\", \u0026policy.DeviceAssuranceAndroidArgs{\n\t\t\tName:                  pulumi.String(\"example\"),\n\t\t\tOsVersion:             pulumi.String(\"12\"),\n\t\t\tDiskEncryptionTypes:   []pulumi.String(invokeToset.Result),\n\t\t\tJailbreak:             pulumi.Bool(false),\n\t\t\tSecureHardwarePresent: pulumi.Bool(true),\n\t\t\tScreenlockTypes:       []pulumi.String(invokeToset1.Result),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.policy.DeviceAssuranceAndroid;\nimport com.pulumi.okta.policy.DeviceAssuranceAndroidArgs;\nimport com.pulumi.std.StdFunctions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        var example = new DeviceAssuranceAndroid(\"example\", DeviceAssuranceAndroidArgs.builder()\n            .name(\"example\")\n            .osVersion(\"12\")\n            .diskEncryptionTypes(StdFunctions.toset(Map.of(\"input\",             \n                \"FULL\",\n                \"USER\")).result())\n            .jailbreak(false)\n            .secureHardwarePresent(true)\n            .screenlockTypes(StdFunctions.toset(Map.of(\"input\", \"BIOMETRIC\")).result())\n            .build());\n\n    }\n}\n```\n```yaml\nresources:\n  example:\n    type: okta:policy:DeviceAssuranceAndroid\n    properties:\n      name: example\n      osVersion: '12'\n      diskEncryptionTypes:\n        fn::invoke:\n          function: std:toset\n          arguments:\n            input:\n              - FULL\n              - USER\n          return: result\n      jailbreak: false\n      secureHardwarePresent: true\n      screenlockTypes:\n        fn::invoke:\n          function: std:toset\n          arguments:\n            input:\n              - BIOMETRIC\n          return: result\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\n```sh\n$ pulumi import okta:policy/deviceAssuranceAndroid:DeviceAssuranceAndroid example \u003cdevice_assurance_id\u003e\n```\n\n","properties":{"createdBy":{"type":"string","description":"Created by\n"},"createdDate":{"type":"string","description":"Created date\n"},"diskEncryptionTypes":{"type":"array","items":{"type":"string"},"description":"List of disk encryption type, can be `FULL`, `USER`\n"},"jailbreak":{"type":"boolean","description":"Is the device jailbroken in the device assurance policy.\n"},"lastUpdate":{"type":"string","description":"Last update\n"},"lastUpdatedBy":{"type":"string","description":"Last updated by\n"},"name":{"type":"string","description":"Policy device assurance name\n"},"osVersion":{"type":"string","description":"Minimum os version of the device in the device assurance policy.\n"},"platform":{"type":"string","description":"Policy device assurance platform\n"},"screenlockTypes":{"type":"array","items":{"type":"string"},"description":"List of screenlock type, can be `BIOMETRIC` or `BIOMETRIC, PASSCODE`\n"},"secureHardwarePresent":{"type":"boolean","description":"Indicates if the device contains a secure hardware functionality\n"}},"required":["createdBy","createdDate","lastUpdate","lastUpdatedBy","name","platform"],"inputProperties":{"diskEncryptionTypes":{"type":"array","items":{"type":"string"},"description":"List of disk encryption type, can be `FULL`, `USER`\n"},"jailbreak":{"type":"boolean","description":"Is the device jailbroken in the device assurance policy.\n"},"name":{"type":"string","description":"Policy device assurance name\n"},"osVersion":{"type":"string","description":"Minimum os version of the device in the device assurance policy.\n"},"screenlockTypes":{"type":"array","items":{"type":"string"},"description":"List of screenlock type, can be `BIOMETRIC` or `BIOMETRIC, PASSCODE`\n"},"secureHardwarePresent":{"type":"boolean","description":"Indicates if the device contains a secure hardware functionality\n"}},"stateInputs":{"description":"Input properties used for looking up and filtering DeviceAssuranceAndroid resources.\n","properties":{"createdBy":{"type":"string","description":"Created by\n"},"createdDate":{"type":"string","description":"Created date\n"},"diskEncryptionTypes":{"type":"array","items":{"type":"string"},"description":"List of disk encryption type, can be `FULL`, `USER`\n"},"jailbreak":{"type":"boolean","description":"Is the device jailbroken in the device assurance policy.\n"},"lastUpdate":{"type":"string","description":"Last update\n"},"lastUpdatedBy":{"type":"string","description":"Last updated by\n"},"name":{"type":"string","description":"Policy device assurance name\n"},"osVersion":{"type":"string","description":"Minimum os version of the device in the device assurance policy.\n"},"platform":{"type":"string","description":"Policy device assurance platform\n"},"screenlockTypes":{"type":"array","items":{"type":"string"},"description":"List of screenlock type, can be `BIOMETRIC` or `BIOMETRIC, PASSCODE`\n"},"secureHardwarePresent":{"type":"boolean","description":"Indicates if the device contains a secure hardware functionality\n"}},"type":"object"}},"okta:policy/deviceAssuranceChromeos:DeviceAssuranceChromeos":{"description":"Manages a device assurance policy for chromeos.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst example = new okta.policy.DeviceAssuranceChromeos(\"example\", {\n    name: \"example\",\n    tpspAllowScreenLock: true,\n    tpspBrowserVersion: \"15393.27.0\",\n    tpspBuiltinDnsClientEnabled: true,\n    tpspChromeRemoteDesktopAppBlocked: true,\n    tpspDeviceEnrollmentDomain: \"exampleDomain\",\n    tpspDiskEncrypted: true,\n    tpspKeyTrustLevel: \"CHROME_OS_VERIFIED_MODE\",\n    tpspOsFirewall: true,\n    tpspOsVersion: \"10.0.19041.1110\",\n    tpspPasswordProctectionWarningTrigger: \"PASSWORD_PROTECTION_OFF\",\n    tpspRealtimeUrlCheckMode: true,\n    tpspSafeBrowsingProtectionLevel: \"ENHANCED_PROTECTION\",\n    tpspScreenLockSecured: true,\n    tpspSiteIsolationEnabled: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\nexample = okta.policy.DeviceAssuranceChromeos(\"example\",\n    name=\"example\",\n    tpsp_allow_screen_lock=True,\n    tpsp_browser_version=\"15393.27.0\",\n    tpsp_builtin_dns_client_enabled=True,\n    tpsp_chrome_remote_desktop_app_blocked=True,\n    tpsp_device_enrollment_domain=\"exampleDomain\",\n    tpsp_disk_encrypted=True,\n    tpsp_key_trust_level=\"CHROME_OS_VERIFIED_MODE\",\n    tpsp_os_firewall=True,\n    tpsp_os_version=\"10.0.19041.1110\",\n    tpsp_password_proctection_warning_trigger=\"PASSWORD_PROTECTION_OFF\",\n    tpsp_realtime_url_check_mode=True,\n    tpsp_safe_browsing_protection_level=\"ENHANCED_PROTECTION\",\n    tpsp_screen_lock_secured=True,\n    tpsp_site_isolation_enabled=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var example = new Okta.Policy.DeviceAssuranceChromeos(\"example\", new()\n    {\n        Name = \"example\",\n        TpspAllowScreenLock = true,\n        TpspBrowserVersion = \"15393.27.0\",\n        TpspBuiltinDnsClientEnabled = true,\n        TpspChromeRemoteDesktopAppBlocked = true,\n        TpspDeviceEnrollmentDomain = \"exampleDomain\",\n        TpspDiskEncrypted = true,\n        TpspKeyTrustLevel = \"CHROME_OS_VERIFIED_MODE\",\n        TpspOsFirewall = true,\n        TpspOsVersion = \"10.0.19041.1110\",\n        TpspPasswordProctectionWarningTrigger = \"PASSWORD_PROTECTION_OFF\",\n        TpspRealtimeUrlCheckMode = true,\n        TpspSafeBrowsingProtectionLevel = \"ENHANCED_PROTECTION\",\n        TpspScreenLockSecured = true,\n        TpspSiteIsolationEnabled = true,\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta/policy\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := policy.NewDeviceAssuranceChromeos(ctx, \"example\", \u0026policy.DeviceAssuranceChromeosArgs{\n\t\t\tName:                                  pulumi.String(\"example\"),\n\t\t\tTpspAllowScreenLock:                   pulumi.Bool(true),\n\t\t\tTpspBrowserVersion:                    pulumi.String(\"15393.27.0\"),\n\t\t\tTpspBuiltinDnsClientEnabled:           pulumi.Bool(true),\n\t\t\tTpspChromeRemoteDesktopAppBlocked:     pulumi.Bool(true),\n\t\t\tTpspDeviceEnrollmentDomain:            pulumi.String(\"exampleDomain\"),\n\t\t\tTpspDiskEncrypted:                     pulumi.Bool(true),\n\t\t\tTpspKeyTrustLevel:                     pulumi.String(\"CHROME_OS_VERIFIED_MODE\"),\n\t\t\tTpspOsFirewall:                        pulumi.Bool(true),\n\t\t\tTpspOsVersion:                         pulumi.String(\"10.0.19041.1110\"),\n\t\t\tTpspPasswordProctectionWarningTrigger: pulumi.String(\"PASSWORD_PROTECTION_OFF\"),\n\t\t\tTpspRealtimeUrlCheckMode:              pulumi.Bool(true),\n\t\t\tTpspSafeBrowsingProtectionLevel:       pulumi.String(\"ENHANCED_PROTECTION\"),\n\t\t\tTpspScreenLockSecured:                 pulumi.Bool(true),\n\t\t\tTpspSiteIsolationEnabled:              pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.policy.DeviceAssuranceChromeos;\nimport com.pulumi.okta.policy.DeviceAssuranceChromeosArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        var example = new DeviceAssuranceChromeos(\"example\", DeviceAssuranceChromeosArgs.builder()\n            .name(\"example\")\n            .tpspAllowScreenLock(true)\n            .tpspBrowserVersion(\"15393.27.0\")\n            .tpspBuiltinDnsClientEnabled(true)\n            .tpspChromeRemoteDesktopAppBlocked(true)\n            .tpspDeviceEnrollmentDomain(\"exampleDomain\")\n            .tpspDiskEncrypted(true)\n            .tpspKeyTrustLevel(\"CHROME_OS_VERIFIED_MODE\")\n            .tpspOsFirewall(true)\n            .tpspOsVersion(\"10.0.19041.1110\")\n            .tpspPasswordProctectionWarningTrigger(\"PASSWORD_PROTECTION_OFF\")\n            .tpspRealtimeUrlCheckMode(true)\n            .tpspSafeBrowsingProtectionLevel(\"ENHANCED_PROTECTION\")\n            .tpspScreenLockSecured(true)\n            .tpspSiteIsolationEnabled(true)\n            .build());\n\n    }\n}\n```\n```yaml\nresources:\n  example:\n    type: okta:policy:DeviceAssuranceChromeos\n    properties:\n      name: example\n      tpspAllowScreenLock: true\n      tpspBrowserVersion: 15393.27.0\n      tpspBuiltinDnsClientEnabled: true\n      tpspChromeRemoteDesktopAppBlocked: true\n      tpspDeviceEnrollmentDomain: exampleDomain\n      tpspDiskEncrypted: true\n      tpspKeyTrustLevel: CHROME_OS_VERIFIED_MODE\n      tpspOsFirewall: true\n      tpspOsVersion: 10.0.19041.1110\n      tpspPasswordProctectionWarningTrigger: PASSWORD_PROTECTION_OFF\n      tpspRealtimeUrlCheckMode: true\n      tpspSafeBrowsingProtectionLevel: ENHANCED_PROTECTION\n      tpspScreenLockSecured: true\n      tpspSiteIsolationEnabled: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\n```sh\n$ pulumi import okta:policy/deviceAssuranceChromeos:DeviceAssuranceChromeos example \u003cdevice_assurance_id\u003e\n```\n\n","properties":{"createdBy":{"type":"string","description":"Created by\n"},"createdDate":{"type":"string","description":"Created date\n"},"lastUpdate":{"type":"string","description":"Last update\n"},"lastUpdatedBy":{"type":"string","description":"Last updated by\n"},"name":{"type":"string","description":"Name of the device assurance policy.\n"},"platform":{"type":"string","description":"Policy device assurance platform\n"},"tpspAllowScreenLock":{"type":"boolean","description":"Third party signal provider allow screen lock\n"},"tpspBrowserVersion":{"type":"string","description":"Third party signal provider minimum browser version\n"},"tpspBuiltinDnsClientEnabled":{"type":"boolean","description":"Third party signal provider builtin dns client enabled\n"},"tpspChromeRemoteDesktopAppBlocked":{"type":"boolean","description":"Third party signal provider chrome remote desktop app blocked\n"},"tpspDeviceEnrollmentDomain":{"type":"string","description":"Third party signal provider device enrollment domain\n"},"tpspDiskEncrypted":{"type":"boolean","description":"Third party signal provider disk encrypted\n"},"tpspKeyTrustLevel":{"type":"string","description":"Third party signal provider key trust level\n"},"tpspOsFirewall":{"type":"boolean","description":"Third party signal provider os firewall\n"},"tpspOsVersion":{"type":"string","description":"Third party signal provider minimum os version\n"},"tpspPasswordProctectionWarningTrigger":{"type":"string","description":"Third party signal provider password protection warning trigger\n"},"tpspRealtimeUrlCheckMode":{"type":"boolean","description":"Third party signal provider realtime url check mode\n"},"tpspSafeBrowsingProtectionLevel":{"type":"string","description":"Third party signal provider safe browsing protection level\n"},"tpspScreenLockSecured":{"type":"boolean","description":"Third party signal provider screen lock secure\n"},"tpspSiteIsolationEnabled":{"type":"boolean","description":"Third party signal provider site isolation enabled\n"}},"required":["createdBy","createdDate","lastUpdate","lastUpdatedBy","name","platform"],"inputProperties":{"name":{"type":"string","description":"Name of the device assurance policy.\n"},"tpspAllowScreenLock":{"type":"boolean","description":"Third party signal provider allow screen lock\n"},"tpspBrowserVersion":{"type":"string","description":"Third party signal provider minimum browser version\n"},"tpspBuiltinDnsClientEnabled":{"type":"boolean","description":"Third party signal provider builtin dns client enabled\n"},"tpspChromeRemoteDesktopAppBlocked":{"type":"boolean","description":"Third party signal provider chrome remote desktop app blocked\n"},"tpspDeviceEnrollmentDomain":{"type":"string","description":"Third party signal provider device enrollment domain\n"},"tpspDiskEncrypted":{"type":"boolean","description":"Third party signal provider disk encrypted\n"},"tpspKeyTrustLevel":{"type":"string","description":"Third party signal provider key trust level\n"},"tpspOsFirewall":{"type":"boolean","description":"Third party signal provider os firewall\n"},"tpspOsVersion":{"type":"string","description":"Third party signal provider minimum os version\n"},"tpspPasswordProctectionWarningTrigger":{"type":"string","description":"Third party signal provider password protection warning trigger\n"},"tpspRealtimeUrlCheckMode":{"type":"boolean","description":"Third party signal provider realtime url check mode\n"},"tpspSafeBrowsingProtectionLevel":{"type":"string","description":"Third party signal provider safe browsing protection level\n"},"tpspScreenLockSecured":{"type":"boolean","description":"Third party signal provider screen lock secure\n"},"tpspSiteIsolationEnabled":{"type":"boolean","description":"Third party signal provider site isolation enabled\n"}},"stateInputs":{"description":"Input properties used for looking up and filtering DeviceAssuranceChromeos resources.\n","properties":{"createdBy":{"type":"string","description":"Created by\n"},"createdDate":{"type":"string","description":"Created date\n"},"lastUpdate":{"type":"string","description":"Last update\n"},"lastUpdatedBy":{"type":"string","description":"Last updated by\n"},"name":{"type":"string","description":"Name of the device assurance policy.\n"},"platform":{"type":"string","description":"Policy device assurance platform\n"},"tpspAllowScreenLock":{"type":"boolean","description":"Third party signal provider allow screen lock\n"},"tpspBrowserVersion":{"type":"string","description":"Third party signal provider minimum browser version\n"},"tpspBuiltinDnsClientEnabled":{"type":"boolean","description":"Third party signal provider builtin dns client enabled\n"},"tpspChromeRemoteDesktopAppBlocked":{"type":"boolean","description":"Third party signal provider chrome remote desktop app blocked\n"},"tpspDeviceEnrollmentDomain":{"type":"string","description":"Third party signal provider device enrollment domain\n"},"tpspDiskEncrypted":{"type":"boolean","description":"Third party signal provider disk encrypted\n"},"tpspKeyTrustLevel":{"type":"string","description":"Third party signal provider key trust level\n"},"tpspOsFirewall":{"type":"boolean","description":"Third party signal provider os firewall\n"},"tpspOsVersion":{"type":"string","description":"Third party signal provider minimum os version\n"},"tpspPasswordProctectionWarningTrigger":{"type":"string","description":"Third party signal provider password protection warning trigger\n"},"tpspRealtimeUrlCheckMode":{"type":"boolean","description":"Third party signal provider realtime url check mode\n"},"tpspSafeBrowsingProtectionLevel":{"type":"string","description":"Third party signal provider safe browsing protection level\n"},"tpspScreenLockSecured":{"type":"boolean","description":"Third party signal provider screen lock secure\n"},"tpspSiteIsolationEnabled":{"type":"boolean","description":"Third party signal provider site isolation enabled\n"}},"type":"object"}},"okta:policy/deviceAssuranceIos:DeviceAssuranceIos":{"description":"Manages a device assurance policy for ios.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\nimport * as std from \"@pulumi/std\";\n\nconst example = new okta.policy.DeviceAssuranceIos(\"example\", {\n    name: \"example\",\n    osVersion: \"12.4.5\",\n    jailbreak: false,\n    screenlockTypes: std.index.toset({\n        input: [\"BIOMETRIC\"],\n    }).result,\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\nimport pulumi_std as std\n\nexample = okta.policy.DeviceAssuranceIos(\"example\",\n    name=\"example\",\n    os_version=\"12.4.5\",\n    jailbreak=False,\n    screenlock_types=std.index.toset(input=[\"BIOMETRIC\"])[\"result\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\nusing Std = Pulumi.Std;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var example = new Okta.Policy.DeviceAssuranceIos(\"example\", new()\n    {\n        Name = \"example\",\n        OsVersion = \"12.4.5\",\n        Jailbreak = false,\n        ScreenlockTypes = Std.Index.Toset.Invoke(new()\n        {\n            Input = new[]\n            {\n                \"BIOMETRIC\",\n            },\n        }).Result,\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta/policy\"\n\t\"github.com/pulumi/pulumi-std/sdk/go/std\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tinvokeToset, err := std.Toset(ctx, map[string]interface{}{\n\t\t\t\"input\": []string{\n\t\t\t\t\"BIOMETRIC\",\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = policy.NewDeviceAssuranceIos(ctx, \"example\", \u0026policy.DeviceAssuranceIosArgs{\n\t\t\tName:            pulumi.String(\"example\"),\n\t\t\tOsVersion:       pulumi.String(\"12.4.5\"),\n\t\t\tJailbreak:       pulumi.Bool(false),\n\t\t\tScreenlockTypes: []pulumi.String(invokeToset.Result),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.policy.DeviceAssuranceIos;\nimport com.pulumi.okta.policy.DeviceAssuranceIosArgs;\nimport com.pulumi.std.StdFunctions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        var example = new DeviceAssuranceIos(\"example\", DeviceAssuranceIosArgs.builder()\n            .name(\"example\")\n            .osVersion(\"12.4.5\")\n            .jailbreak(false)\n            .screenlockTypes(StdFunctions.toset(Map.of(\"input\", \"BIOMETRIC\")).result())\n            .build());\n\n    }\n}\n```\n```yaml\nresources:\n  example:\n    type: okta:policy:DeviceAssuranceIos\n    properties:\n      name: example\n      osVersion: 12.4.5\n      jailbreak: false\n      screenlockTypes:\n        fn::invoke:\n          function: std:toset\n          arguments:\n            input:\n              - BIOMETRIC\n          return: result\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\n```sh\n$ pulumi import okta:policy/deviceAssuranceIos:DeviceAssuranceIos example \u003cdevice_assurance_id\u003e\n```\n\n","properties":{"createdBy":{"type":"string","description":"Created by of the device assurance polic\n"},"createdDate":{"type":"string","description":"Created date of the device assurance polic\n"},"jailbreak":{"type":"boolean","description":"Is the device jailbroken in the device assurance policy.\n"},"lastUpdate":{"type":"string","description":"Last update of the device assurance polic\n"},"lastUpdatedBy":{"type":"string","description":"Last updated by of the device assurance polic\n"},"name":{"type":"string","description":"Name of the device assurance policy.\n"},"osVersion":{"type":"string","description":"Minimum os version of the device in the device assurance policy.\n"},"platform":{"type":"string","description":"Policy device assurance platform\n"},"screenlockTypes":{"type":"array","items":{"type":"string"},"description":"List of screenlock type, can be `BIOMETRIC` or `BIOMETRIC, PASSCODE`\n"}},"required":["createdBy","createdDate","lastUpdate","lastUpdatedBy","name","platform"],"inputProperties":{"jailbreak":{"type":"boolean","description":"Is the device jailbroken in the device assurance policy.\n"},"name":{"type":"string","description":"Name of the device assurance policy.\n"},"osVersion":{"type":"string","description":"Minimum os version of the device in the device assurance policy.\n"},"screenlockTypes":{"type":"array","items":{"type":"string"},"description":"List of screenlock type, can be `BIOMETRIC` or `BIOMETRIC, PASSCODE`\n"}},"stateInputs":{"description":"Input properties used for looking up and filtering DeviceAssuranceIos resources.\n","properties":{"createdBy":{"type":"string","description":"Created by of the device assurance polic\n"},"createdDate":{"type":"string","description":"Created date of the device assurance polic\n"},"jailbreak":{"type":"boolean","description":"Is the device jailbroken in the device assurance policy.\n"},"lastUpdate":{"type":"string","description":"Last update of the device assurance polic\n"},"lastUpdatedBy":{"type":"string","description":"Last updated by of the device assurance polic\n"},"name":{"type":"string","description":"Name of the device assurance policy.\n"},"osVersion":{"type":"string","description":"Minimum os version of the device in the device assurance policy.\n"},"platform":{"type":"string","description":"Policy device assurance platform\n"},"screenlockTypes":{"type":"array","items":{"type":"string"},"description":"List of screenlock type, can be `BIOMETRIC` or `BIOMETRIC, PASSCODE`\n"}},"type":"object"}},"okta:policy/deviceAssuranceMacos:DeviceAssuranceMacos":{"description":"Manages a device assurance policy for macos.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\nimport * as std from \"@pulumi/std\";\n\nconst example = new okta.policy.DeviceAssuranceMacos(\"example\", {\n    name: \"example\",\n    osVersion: \"12.4.6\",\n    diskEncryptionTypes: std.index.toset({\n        input: [\"ALL_INTERNAL_VOLUMES\"],\n    }).result,\n    secureHardwarePresent: true,\n    screenlockTypes: std.index.toset({\n        input: [\n            \"BIOMETRIC\",\n            \"PASSCODE\",\n        ],\n    }).result,\n    thirdPartySignalProviders: true,\n    tpspBrowserVersion: \"15393.27.0\",\n    tpspBuiltinDnsClientEnabled: true,\n    tpspChromeRemoteDesktopAppBlocked: true,\n    tpspDeviceEnrollmentDomain: \"exampleDomain\",\n    tpspDiskEncrypted: true,\n    tpspKeyTrustLevel: \"CHROME_BROWSER_HW_KEY\",\n    tpspOsFirewall: true,\n    tpspOsVersion: \"10.0.19041\",\n    tpspPasswordProctectionWarningTrigger: \"PASSWORD_PROTECTION_OFF\",\n    tpspRealtimeUrlCheckMode: true,\n    tpspSafeBrowsingProtectionLevel: \"ENHANCED_PROTECTION\",\n    tpspScreenLockSecured: true,\n    tpspSiteIsolationEnabled: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\nimport pulumi_std as std\n\nexample = okta.policy.DeviceAssuranceMacos(\"example\",\n    name=\"example\",\n    os_version=\"12.4.6\",\n    disk_encryption_types=std.index.toset(input=[\"ALL_INTERNAL_VOLUMES\"])[\"result\"],\n    secure_hardware_present=True,\n    screenlock_types=std.index.toset(input=[\n        \"BIOMETRIC\",\n        \"PASSCODE\",\n    ])[\"result\"],\n    third_party_signal_providers=True,\n    tpsp_browser_version=\"15393.27.0\",\n    tpsp_builtin_dns_client_enabled=True,\n    tpsp_chrome_remote_desktop_app_blocked=True,\n    tpsp_device_enrollment_domain=\"exampleDomain\",\n    tpsp_disk_encrypted=True,\n    tpsp_key_trust_level=\"CHROME_BROWSER_HW_KEY\",\n    tpsp_os_firewall=True,\n    tpsp_os_version=\"10.0.19041\",\n    tpsp_password_proctection_warning_trigger=\"PASSWORD_PROTECTION_OFF\",\n    tpsp_realtime_url_check_mode=True,\n    tpsp_safe_browsing_protection_level=\"ENHANCED_PROTECTION\",\n    tpsp_screen_lock_secured=True,\n    tpsp_site_isolation_enabled=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\nusing Std = Pulumi.Std;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var example = new Okta.Policy.DeviceAssuranceMacos(\"example\", new()\n    {\n        Name = \"example\",\n        OsVersion = \"12.4.6\",\n        DiskEncryptionTypes = Std.Index.Toset.Invoke(new()\n        {\n            Input = new[]\n            {\n                \"ALL_INTERNAL_VOLUMES\",\n            },\n        }).Result,\n        SecureHardwarePresent = true,\n        ScreenlockTypes = Std.Index.Toset.Invoke(new()\n        {\n            Input = new[]\n            {\n                \"BIOMETRIC\",\n                \"PASSCODE\",\n            },\n        }).Result,\n        ThirdPartySignalProviders = true,\n        TpspBrowserVersion = \"15393.27.0\",\n        TpspBuiltinDnsClientEnabled = true,\n        TpspChromeRemoteDesktopAppBlocked = true,\n        TpspDeviceEnrollmentDomain = \"exampleDomain\",\n        TpspDiskEncrypted = true,\n        TpspKeyTrustLevel = \"CHROME_BROWSER_HW_KEY\",\n        TpspOsFirewall = true,\n        TpspOsVersion = \"10.0.19041\",\n        TpspPasswordProctectionWarningTrigger = \"PASSWORD_PROTECTION_OFF\",\n        TpspRealtimeUrlCheckMode = true,\n        TpspSafeBrowsingProtectionLevel = \"ENHANCED_PROTECTION\",\n        TpspScreenLockSecured = true,\n        TpspSiteIsolationEnabled = true,\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta/policy\"\n\t\"github.com/pulumi/pulumi-std/sdk/go/std\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tinvokeToset, err := std.Toset(ctx, map[string]interface{}{\n\t\t\t\"input\": []string{\n\t\t\t\t\"ALL_INTERNAL_VOLUMES\",\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tinvokeToset1, err := std.Toset(ctx, map[string]interface{}{\n\t\t\t\"input\": []string{\n\t\t\t\t\"BIOMETRIC\",\n\t\t\t\t\"PASSCODE\",\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = policy.NewDeviceAssuranceMacos(ctx, \"example\", \u0026policy.DeviceAssuranceMacosArgs{\n\t\t\tName:                                  pulumi.String(\"example\"),\n\t\t\tOsVersion:                             pulumi.String(\"12.4.6\"),\n\t\t\tDiskEncryptionTypes:                   []pulumi.String(invokeToset.Result),\n\t\t\tSecureHardwarePresent:                 pulumi.Bool(true),\n\t\t\tScreenlockTypes:                       []pulumi.String(invokeToset1.Result),\n\t\t\tThirdPartySignalProviders:             pulumi.Bool(true),\n\t\t\tTpspBrowserVersion:                    pulumi.String(\"15393.27.0\"),\n\t\t\tTpspBuiltinDnsClientEnabled:           pulumi.Bool(true),\n\t\t\tTpspChromeRemoteDesktopAppBlocked:     pulumi.Bool(true),\n\t\t\tTpspDeviceEnrollmentDomain:            pulumi.String(\"exampleDomain\"),\n\t\t\tTpspDiskEncrypted:                     pulumi.Bool(true),\n\t\t\tTpspKeyTrustLevel:                     pulumi.String(\"CHROME_BROWSER_HW_KEY\"),\n\t\t\tTpspOsFirewall:                        pulumi.Bool(true),\n\t\t\tTpspOsVersion:                         pulumi.String(\"10.0.19041\"),\n\t\t\tTpspPasswordProctectionWarningTrigger: pulumi.String(\"PASSWORD_PROTECTION_OFF\"),\n\t\t\tTpspRealtimeUrlCheckMode:              pulumi.Bool(true),\n\t\t\tTpspSafeBrowsingProtectionLevel:       pulumi.String(\"ENHANCED_PROTECTION\"),\n\t\t\tTpspScreenLockSecured:                 pulumi.Bool(true),\n\t\t\tTpspSiteIsolationEnabled:              pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.policy.DeviceAssuranceMacos;\nimport com.pulumi.okta.policy.DeviceAssuranceMacosArgs;\nimport com.pulumi.std.StdFunctions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        var example = new DeviceAssuranceMacos(\"example\", DeviceAssuranceMacosArgs.builder()\n            .name(\"example\")\n            .osVersion(\"12.4.6\")\n            .diskEncryptionTypes(StdFunctions.toset(Map.of(\"input\", \"ALL_INTERNAL_VOLUMES\")).result())\n            .secureHardwarePresent(true)\n            .screenlockTypes(StdFunctions.toset(Map.of(\"input\",             \n                \"BIOMETRIC\",\n                \"PASSCODE\")).result())\n            .thirdPartySignalProviders(true)\n            .tpspBrowserVersion(\"15393.27.0\")\n            .tpspBuiltinDnsClientEnabled(true)\n            .tpspChromeRemoteDesktopAppBlocked(true)\n            .tpspDeviceEnrollmentDomain(\"exampleDomain\")\n            .tpspDiskEncrypted(true)\n            .tpspKeyTrustLevel(\"CHROME_BROWSER_HW_KEY\")\n            .tpspOsFirewall(true)\n            .tpspOsVersion(\"10.0.19041\")\n            .tpspPasswordProctectionWarningTrigger(\"PASSWORD_PROTECTION_OFF\")\n            .tpspRealtimeUrlCheckMode(true)\n            .tpspSafeBrowsingProtectionLevel(\"ENHANCED_PROTECTION\")\n            .tpspScreenLockSecured(true)\n            .tpspSiteIsolationEnabled(true)\n            .build());\n\n    }\n}\n```\n```yaml\nresources:\n  example:\n    type: okta:policy:DeviceAssuranceMacos\n    properties:\n      name: example\n      osVersion: 12.4.6\n      diskEncryptionTypes:\n        fn::invoke:\n          function: std:toset\n          arguments:\n            input:\n              - ALL_INTERNAL_VOLUMES\n          return: result\n      secureHardwarePresent: true\n      screenlockTypes:\n        fn::invoke:\n          function: std:toset\n          arguments:\n            input:\n              - BIOMETRIC\n              - PASSCODE\n          return: result\n      thirdPartySignalProviders: true\n      tpspBrowserVersion: 15393.27.0\n      tpspBuiltinDnsClientEnabled: true\n      tpspChromeRemoteDesktopAppBlocked: true\n      tpspDeviceEnrollmentDomain: exampleDomain\n      tpspDiskEncrypted: true\n      tpspKeyTrustLevel: CHROME_BROWSER_HW_KEY\n      tpspOsFirewall: true\n      tpspOsVersion: 10.0.19041\n      tpspPasswordProctectionWarningTrigger: PASSWORD_PROTECTION_OFF\n      tpspRealtimeUrlCheckMode: true\n      tpspSafeBrowsingProtectionLevel: ENHANCED_PROTECTION\n      tpspScreenLockSecured: true\n      tpspSiteIsolationEnabled: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\n```sh\n$ pulumi import okta:policy/deviceAssuranceMacos:DeviceAssuranceMacos example \u003cdevice_assurance_id\u003e\n```\n\n","properties":{"createdBy":{"type":"string","description":"Created by\n"},"createdDate":{"type":"string","description":"Created date\n"},"diskEncryptionTypes":{"type":"array","items":{"type":"string"},"description":"List of disk encryption type, can be `ALL_INTERNAL_VOLUMES`\n"},"lastUpdate":{"type":"string","description":"Last update\n"},"lastUpdatedBy":{"type":"string","description":"Last updated by\n"},"name":{"type":"string","description":"Name of the device assurance policy.\n"},"osVersion":{"type":"string","description":"Minimum os version of the device in the device assurance policy.\n"},"platform":{"type":"string","description":"Policy device assurance platform\n"},"screenlockTypes":{"type":"array","items":{"type":"string"},"description":"List of screenlock type, can be `BIOMETRIC` or `BIOMETRIC, PASSCODE`\n"},"secureHardwarePresent":{"type":"boolean","description":"Is the device secure with hardware in the device assurance policy.\n"},"thirdPartySignalProviders":{"type":"boolean","description":"Check to include third party signal provider\n"},"tpspBrowserVersion":{"type":"string","description":"Third party signal provider minimum browser version\n"},"tpspBuiltinDnsClientEnabled":{"type":"boolean","description":"Third party signal provider builtin dns client enable\n"},"tpspChromeRemoteDesktopAppBlocked":{"type":"boolean","description":"Third party signal provider chrome remote desktop app blocked\n"},"tpspDeviceEnrollmentDomain":{"type":"string","description":"Third party signal provider device enrollment domain\n"},"tpspDiskEncrypted":{"type":"boolean","description":"Third party signal provider disk encrypted\n"},"tpspKeyTrustLevel":{"type":"string","description":"Third party signal provider key trust level\n"},"tpspOsFirewall":{"type":"boolean","description":"Third party signal provider os firewall\n"},"tpspOsVersion":{"type":"string","description":"Third party signal provider minimum os version\n"},"tpspPasswordProctectionWarningTrigger":{"type":"string","description":"Third party signal provider password protection warning trigger\n"},"tpspRealtimeUrlCheckMode":{"type":"boolean","description":"Third party signal provider realtime url check mode\n"},"tpspSafeBrowsingProtectionLevel":{"type":"string","description":"Third party signal provider safe browsing protection level\n"},"tpspScreenLockSecured":{"type":"boolean","description":"Third party signal provider screen lock secure\n"},"tpspSiteIsolationEnabled":{"type":"boolean","description":"Third party signal provider site isolation enabled\n"}},"required":["createdBy","createdDate","lastUpdate","lastUpdatedBy","name","platform"],"inputProperties":{"diskEncryptionTypes":{"type":"array","items":{"type":"string"},"description":"List of disk encryption type, can be `ALL_INTERNAL_VOLUMES`\n"},"name":{"type":"string","description":"Name of the device assurance policy.\n"},"osVersion":{"type":"string","description":"Minimum os version of the device in the device assurance policy.\n"},"screenlockTypes":{"type":"array","items":{"type":"string"},"description":"List of screenlock type, can be `BIOMETRIC` or `BIOMETRIC, PASSCODE`\n"},"secureHardwarePresent":{"type":"boolean","description":"Is the device secure with hardware in the device assurance policy.\n"},"thirdPartySignalProviders":{"type":"boolean","description":"Check to include third party signal provider\n"},"tpspBrowserVersion":{"type":"string","description":"Third party signal provider minimum browser version\n"},"tpspBuiltinDnsClientEnabled":{"type":"boolean","description":"Third party signal provider builtin dns client enable\n"},"tpspChromeRemoteDesktopAppBlocked":{"type":"boolean","description":"Third party signal provider chrome remote desktop app blocked\n"},"tpspDeviceEnrollmentDomain":{"type":"string","description":"Third party signal provider device enrollment domain\n"},"tpspDiskEncrypted":{"type":"boolean","description":"Third party signal provider disk encrypted\n"},"tpspKeyTrustLevel":{"type":"string","description":"Third party signal provider key trust level\n"},"tpspOsFirewall":{"type":"boolean","description":"Third party signal provider os firewall\n"},"tpspOsVersion":{"type":"string","description":"Third party signal provider minimum os version\n"},"tpspPasswordProctectionWarningTrigger":{"type":"string","description":"Third party signal provider password protection warning trigger\n"},"tpspRealtimeUrlCheckMode":{"type":"boolean","description":"Third party signal provider realtime url check mode\n"},"tpspSafeBrowsingProtectionLevel":{"type":"string","description":"Third party signal provider safe browsing protection level\n"},"tpspScreenLockSecured":{"type":"boolean","description":"Third party signal provider screen lock secure\n"},"tpspSiteIsolationEnabled":{"type":"boolean","description":"Third party signal provider site isolation enabled\n"}},"stateInputs":{"description":"Input properties used for looking up and filtering DeviceAssuranceMacos resources.\n","properties":{"createdBy":{"type":"string","description":"Created by\n"},"createdDate":{"type":"string","description":"Created date\n"},"diskEncryptionTypes":{"type":"array","items":{"type":"string"},"description":"List of disk encryption type, can be `ALL_INTERNAL_VOLUMES`\n"},"lastUpdate":{"type":"string","description":"Last update\n"},"lastUpdatedBy":{"type":"string","description":"Last updated by\n"},"name":{"type":"string","description":"Name of the device assurance policy.\n"},"osVersion":{"type":"string","description":"Minimum os version of the device in the device assurance policy.\n"},"platform":{"type":"string","description":"Policy device assurance platform\n"},"screenlockTypes":{"type":"array","items":{"type":"string"},"description":"List of screenlock type, can be `BIOMETRIC` or `BIOMETRIC, PASSCODE`\n"},"secureHardwarePresent":{"type":"boolean","description":"Is the device secure with hardware in the device assurance policy.\n"},"thirdPartySignalProviders":{"type":"boolean","description":"Check to include third party signal provider\n"},"tpspBrowserVersion":{"type":"string","description":"Third party signal provider minimum browser version\n"},"tpspBuiltinDnsClientEnabled":{"type":"boolean","description":"Third party signal provider builtin dns client enable\n"},"tpspChromeRemoteDesktopAppBlocked":{"type":"boolean","description":"Third party signal provider chrome remote desktop app blocked\n"},"tpspDeviceEnrollmentDomain":{"type":"string","description":"Third party signal provider device enrollment domain\n"},"tpspDiskEncrypted":{"type":"boolean","description":"Third party signal provider disk encrypted\n"},"tpspKeyTrustLevel":{"type":"string","description":"Third party signal provider key trust level\n"},"tpspOsFirewall":{"type":"boolean","description":"Third party signal provider os firewall\n"},"tpspOsVersion":{"type":"string","description":"Third party signal provider minimum os version\n"},"tpspPasswordProctectionWarningTrigger":{"type":"string","description":"Third party signal provider password protection warning trigger\n"},"tpspRealtimeUrlCheckMode":{"type":"boolean","description":"Third party signal provider realtime url check mode\n"},"tpspSafeBrowsingProtectionLevel":{"type":"string","description":"Third party signal provider safe browsing protection level\n"},"tpspScreenLockSecured":{"type":"boolean","description":"Third party signal provider screen lock secure\n"},"tpspSiteIsolationEnabled":{"type":"boolean","description":"Third party signal provider site isolation enabled\n"}},"type":"object"}},"okta:policy/deviceAssuranceWindows:DeviceAssuranceWindows":{"description":"Manages a device assurance policy for windows.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\nimport * as std from \"@pulumi/std\";\n\nconst example = new okta.policy.DeviceAssuranceWindows(\"example\", {\n    name: \"example\",\n    osVersion: \"12.4.6\",\n    diskEncryptionTypes: std.index.toset({\n        input: [\"ALL_INTERNAL_VOLUMES\"],\n    }).result,\n    secureHardwarePresent: true,\n    screenlockTypes: std.index.toset({\n        input: [\n            \"BIOMETRIC\",\n            \"PASSCODE\",\n        ],\n    }).result,\n    thirdPartySignalProviders: true,\n    tpspBrowserVersion: \"15393.27.0\",\n    tpspBuiltinDnsClientEnabled: true,\n    tpspChromeRemoteDesktopAppBlocked: true,\n    tpspCrowdStrikeAgentId: \"exampleAgentId\",\n    tpspCrowdStrikeCustomerId: \"exampleCustomerId\",\n    tpspDeviceEnrollmentDomain: \"exampleDomain\",\n    tpspDiskEncrypted: true,\n    tpspKeyTrustLevel: \"CHROME_BROWSER_HW_KEY\",\n    tpspOsFirewall: true,\n    tpspOsVersion: \"10.0.19041\",\n    tpspPasswordProctectionWarningTrigger: \"PASSWORD_PROTECTION_OFF\",\n    tpspRealtimeUrlCheckMode: true,\n    tpspSafeBrowsingProtectionLevel: \"ENHANCED_PROTECTION\",\n    tpspScreenLockSecured: true,\n    tpspSecureBootEnabled: true,\n    tpspSiteIsolationEnabled: true,\n    tpspThirdPartyBlockingEnabled: true,\n    tpspWindowsMachineDomain: \"exampleMachineDomain\",\n    tpspWindowsUserDomain: \"exampleUserDomain\",\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\nimport pulumi_std as std\n\nexample = okta.policy.DeviceAssuranceWindows(\"example\",\n    name=\"example\",\n    os_version=\"12.4.6\",\n    disk_encryption_types=std.index.toset(input=[\"ALL_INTERNAL_VOLUMES\"])[\"result\"],\n    secure_hardware_present=True,\n    screenlock_types=std.index.toset(input=[\n        \"BIOMETRIC\",\n        \"PASSCODE\",\n    ])[\"result\"],\n    third_party_signal_providers=True,\n    tpsp_browser_version=\"15393.27.0\",\n    tpsp_builtin_dns_client_enabled=True,\n    tpsp_chrome_remote_desktop_app_blocked=True,\n    tpsp_crowd_strike_agent_id=\"exampleAgentId\",\n    tpsp_crowd_strike_customer_id=\"exampleCustomerId\",\n    tpsp_device_enrollment_domain=\"exampleDomain\",\n    tpsp_disk_encrypted=True,\n    tpsp_key_trust_level=\"CHROME_BROWSER_HW_KEY\",\n    tpsp_os_firewall=True,\n    tpsp_os_version=\"10.0.19041\",\n    tpsp_password_proctection_warning_trigger=\"PASSWORD_PROTECTION_OFF\",\n    tpsp_realtime_url_check_mode=True,\n    tpsp_safe_browsing_protection_level=\"ENHANCED_PROTECTION\",\n    tpsp_screen_lock_secured=True,\n    tpsp_secure_boot_enabled=True,\n    tpsp_site_isolation_enabled=True,\n    tpsp_third_party_blocking_enabled=True,\n    tpsp_windows_machine_domain=\"exampleMachineDomain\",\n    tpsp_windows_user_domain=\"exampleUserDomain\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\nusing Std = Pulumi.Std;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var example = new Okta.Policy.DeviceAssuranceWindows(\"example\", new()\n    {\n        Name = \"example\",\n        OsVersion = \"12.4.6\",\n        DiskEncryptionTypes = Std.Index.Toset.Invoke(new()\n        {\n            Input = new[]\n            {\n                \"ALL_INTERNAL_VOLUMES\",\n            },\n        }).Result,\n        SecureHardwarePresent = true,\n        ScreenlockTypes = Std.Index.Toset.Invoke(new()\n        {\n            Input = new[]\n            {\n                \"BIOMETRIC\",\n                \"PASSCODE\",\n            },\n        }).Result,\n        ThirdPartySignalProviders = true,\n        TpspBrowserVersion = \"15393.27.0\",\n        TpspBuiltinDnsClientEnabled = true,\n        TpspChromeRemoteDesktopAppBlocked = true,\n        TpspCrowdStrikeAgentId = \"exampleAgentId\",\n        TpspCrowdStrikeCustomerId = \"exampleCustomerId\",\n        TpspDeviceEnrollmentDomain = \"exampleDomain\",\n        TpspDiskEncrypted = true,\n        TpspKeyTrustLevel = \"CHROME_BROWSER_HW_KEY\",\n        TpspOsFirewall = true,\n        TpspOsVersion = \"10.0.19041\",\n        TpspPasswordProctectionWarningTrigger = \"PASSWORD_PROTECTION_OFF\",\n        TpspRealtimeUrlCheckMode = true,\n        TpspSafeBrowsingProtectionLevel = \"ENHANCED_PROTECTION\",\n        TpspScreenLockSecured = true,\n        TpspSecureBootEnabled = true,\n        TpspSiteIsolationEnabled = true,\n        TpspThirdPartyBlockingEnabled = true,\n        TpspWindowsMachineDomain = \"exampleMachineDomain\",\n        TpspWindowsUserDomain = \"exampleUserDomain\",\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta/policy\"\n\t\"github.com/pulumi/pulumi-std/sdk/go/std\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tinvokeToset, err := std.Toset(ctx, map[string]interface{}{\n\t\t\t\"input\": []string{\n\t\t\t\t\"ALL_INTERNAL_VOLUMES\",\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tinvokeToset1, err := std.Toset(ctx, map[string]interface{}{\n\t\t\t\"input\": []string{\n\t\t\t\t\"BIOMETRIC\",\n\t\t\t\t\"PASSCODE\",\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = policy.NewDeviceAssuranceWindows(ctx, \"example\", \u0026policy.DeviceAssuranceWindowsArgs{\n\t\t\tName:                                  pulumi.String(\"example\"),\n\t\t\tOsVersion:                             pulumi.String(\"12.4.6\"),\n\t\t\tDiskEncryptionTypes:                   []pulumi.String(invokeToset.Result),\n\t\t\tSecureHardwarePresent:                 pulumi.Bool(true),\n\t\t\tScreenlockTypes:                       []pulumi.String(invokeToset1.Result),\n\t\t\tThirdPartySignalProviders:             pulumi.Bool(true),\n\t\t\tTpspBrowserVersion:                    pulumi.String(\"15393.27.0\"),\n\t\t\tTpspBuiltinDnsClientEnabled:           pulumi.Bool(true),\n\t\t\tTpspChromeRemoteDesktopAppBlocked:     pulumi.Bool(true),\n\t\t\tTpspCrowdStrikeAgentId:                pulumi.String(\"exampleAgentId\"),\n\t\t\tTpspCrowdStrikeCustomerId:             pulumi.String(\"exampleCustomerId\"),\n\t\t\tTpspDeviceEnrollmentDomain:            pulumi.String(\"exampleDomain\"),\n\t\t\tTpspDiskEncrypted:                     pulumi.Bool(true),\n\t\t\tTpspKeyTrustLevel:                     pulumi.String(\"CHROME_BROWSER_HW_KEY\"),\n\t\t\tTpspOsFirewall:                        pulumi.Bool(true),\n\t\t\tTpspOsVersion:                         pulumi.String(\"10.0.19041\"),\n\t\t\tTpspPasswordProctectionWarningTrigger: pulumi.String(\"PASSWORD_PROTECTION_OFF\"),\n\t\t\tTpspRealtimeUrlCheckMode:              pulumi.Bool(true),\n\t\t\tTpspSafeBrowsingProtectionLevel:       pulumi.String(\"ENHANCED_PROTECTION\"),\n\t\t\tTpspScreenLockSecured:                 pulumi.Bool(true),\n\t\t\tTpspSecureBootEnabled:                 pulumi.Bool(true),\n\t\t\tTpspSiteIsolationEnabled:              pulumi.Bool(true),\n\t\t\tTpspThirdPartyBlockingEnabled:         pulumi.Bool(true),\n\t\t\tTpspWindowsMachineDomain:              pulumi.String(\"exampleMachineDomain\"),\n\t\t\tTpspWindowsUserDomain:                 pulumi.String(\"exampleUserDomain\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.policy.DeviceAssuranceWindows;\nimport com.pulumi.okta.policy.DeviceAssuranceWindowsArgs;\nimport com.pulumi.std.StdFunctions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        var example = new DeviceAssuranceWindows(\"example\", DeviceAssuranceWindowsArgs.builder()\n            .name(\"example\")\n            .osVersion(\"12.4.6\")\n            .diskEncryptionTypes(StdFunctions.toset(Map.of(\"input\", \"ALL_INTERNAL_VOLUMES\")).result())\n            .secureHardwarePresent(true)\n            .screenlockTypes(StdFunctions.toset(Map.of(\"input\",             \n                \"BIOMETRIC\",\n                \"PASSCODE\")).result())\n            .thirdPartySignalProviders(true)\n            .tpspBrowserVersion(\"15393.27.0\")\n            .tpspBuiltinDnsClientEnabled(true)\n            .tpspChromeRemoteDesktopAppBlocked(true)\n            .tpspCrowdStrikeAgentId(\"exampleAgentId\")\n            .tpspCrowdStrikeCustomerId(\"exampleCustomerId\")\n            .tpspDeviceEnrollmentDomain(\"exampleDomain\")\n            .tpspDiskEncrypted(true)\n            .tpspKeyTrustLevel(\"CHROME_BROWSER_HW_KEY\")\n            .tpspOsFirewall(true)\n            .tpspOsVersion(\"10.0.19041\")\n            .tpspPasswordProctectionWarningTrigger(\"PASSWORD_PROTECTION_OFF\")\n            .tpspRealtimeUrlCheckMode(true)\n            .tpspSafeBrowsingProtectionLevel(\"ENHANCED_PROTECTION\")\n            .tpspScreenLockSecured(true)\n            .tpspSecureBootEnabled(true)\n            .tpspSiteIsolationEnabled(true)\n            .tpspThirdPartyBlockingEnabled(true)\n            .tpspWindowsMachineDomain(\"exampleMachineDomain\")\n            .tpspWindowsUserDomain(\"exampleUserDomain\")\n            .build());\n\n    }\n}\n```\n```yaml\nresources:\n  example:\n    type: okta:policy:DeviceAssuranceWindows\n    properties:\n      name: example\n      osVersion: 12.4.6\n      diskEncryptionTypes:\n        fn::invoke:\n          function: std:toset\n          arguments:\n            input:\n              - ALL_INTERNAL_VOLUMES\n          return: result\n      secureHardwarePresent: true\n      screenlockTypes:\n        fn::invoke:\n          function: std:toset\n          arguments:\n            input:\n              - BIOMETRIC\n              - PASSCODE\n          return: result\n      thirdPartySignalProviders: true\n      tpspBrowserVersion: 15393.27.0\n      tpspBuiltinDnsClientEnabled: true\n      tpspChromeRemoteDesktopAppBlocked: true\n      tpspCrowdStrikeAgentId: exampleAgentId\n      tpspCrowdStrikeCustomerId: exampleCustomerId\n      tpspDeviceEnrollmentDomain: exampleDomain\n      tpspDiskEncrypted: true\n      tpspKeyTrustLevel: CHROME_BROWSER_HW_KEY\n      tpspOsFirewall: true\n      tpspOsVersion: 10.0.19041\n      tpspPasswordProctectionWarningTrigger: PASSWORD_PROTECTION_OFF\n      tpspRealtimeUrlCheckMode: true\n      tpspSafeBrowsingProtectionLevel: ENHANCED_PROTECTION\n      tpspScreenLockSecured: true\n      tpspSecureBootEnabled: true\n      tpspSiteIsolationEnabled: true\n      tpspThirdPartyBlockingEnabled: true\n      tpspWindowsMachineDomain: exampleMachineDomain\n      tpspWindowsUserDomain: exampleUserDomain\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\n```sh\n$ pulumi import okta:policy/deviceAssuranceWindows:DeviceAssuranceWindows example \u003cdevice_assurance_id\u003e\n```\n\n","properties":{"createdBy":{"type":"string","description":"Created by\n"},"createdDate":{"type":"string","description":"Created date\n"},"diskEncryptionTypes":{"type":"array","items":{"type":"string"},"description":"List of disk encryption type, can be `ALL_INTERNAL_VOLUMES`\n"},"lastUpdate":{"type":"string","description":"Last update\n"},"lastUpdatedBy":{"type":"string","description":"Last updated by\n"},"name":{"type":"string","description":"Name of the device assurance policy.\n"},"osVersion":{"type":"string","description":"Minimum os version of the device in the device assurance policy.\n"},"platform":{"type":"string","description":"Policy device assurance platform\n"},"screenlockTypes":{"type":"array","items":{"type":"string"},"description":"List of screenlock type, can be `BIOMETRIC` or `BIOMETRIC, PASSCODE`\n"},"secureHardwarePresent":{"type":"boolean","description":"Is the device secure with hardware in the device assurance policy.\n"},"thirdPartySignalProviders":{"type":"boolean","description":"Check to include third party signal provider\n"},"tpspBrowserVersion":{"type":"string","description":"Third party signal provider minimum browser version\n"},"tpspBuiltinDnsClientEnabled":{"type":"boolean","description":"Third party signal provider builtin dns client enable\n"},"tpspChromeRemoteDesktopAppBlocked":{"type":"boolean","description":"Third party signal provider chrome remote desktop app blocked\n"},"tpspCrowdStrikeAgentId":{"type":"string","description":"Third party signal provider crowdstrike agent id\n"},"tpspCrowdStrikeCustomerId":{"type":"string","description":"Third party signal provider crowdstrike user id\n"},"tpspDeviceEnrollmentDomain":{"type":"string","description":"Third party signal provider device enrollment domain\n"},"tpspDiskEncrypted":{"type":"boolean","description":"Third party signal provider disk encrypted\n"},"tpspKeyTrustLevel":{"type":"string","description":"Third party signal provider key trust level\n"},"tpspOsFirewall":{"type":"boolean","description":"Third party signal provider os firewall\n"},"tpspOsVersion":{"type":"string","description":"Third party signal provider minimum os version\n"},"tpspPasswordProctectionWarningTrigger":{"type":"string","description":"Third party signal provider password protection warning trigger\n"},"tpspRealtimeUrlCheckMode":{"type":"boolean","description":"Third party signal provider realtime url check mode\n"},"tpspSafeBrowsingProtectionLevel":{"type":"string","description":"Third party signal provider safe browsing protection level\n"},"tpspScreenLockSecured":{"type":"boolean","description":"Third party signal provider screen lock secure\n"},"tpspSecureBootEnabled":{"type":"boolean","description":"Third party signal provider secure boot enabled\n"},"tpspSiteIsolationEnabled":{"type":"boolean","description":"Third party signal provider site isolation enabled\n"},"tpspThirdPartyBlockingEnabled":{"type":"boolean","description":"Third party signal provider third party blocking enabled\n"},"tpspWindowsMachineDomain":{"type":"string","description":"Third party signal provider windows machine domain\n"},"tpspWindowsUserDomain":{"type":"string","description":"Third party signal provider windows user domain\n"}},"required":["createdBy","createdDate","lastUpdate","lastUpdatedBy","name","platform"],"inputProperties":{"diskEncryptionTypes":{"type":"array","items":{"type":"string"},"description":"List of disk encryption type, can be `ALL_INTERNAL_VOLUMES`\n"},"name":{"type":"string","description":"Name of the device assurance policy.\n"},"osVersion":{"type":"string","description":"Minimum os version of the device in the device assurance policy.\n"},"screenlockTypes":{"type":"array","items":{"type":"string"},"description":"List of screenlock type, can be `BIOMETRIC` or `BIOMETRIC, PASSCODE`\n"},"secureHardwarePresent":{"type":"boolean","description":"Is the device secure with hardware in the device assurance policy.\n"},"thirdPartySignalProviders":{"type":"boolean","description":"Check to include third party signal provider\n"},"tpspBrowserVersion":{"type":"string","description":"Third party signal provider minimum browser version\n"},"tpspBuiltinDnsClientEnabled":{"type":"boolean","description":"Third party signal provider builtin dns client enable\n"},"tpspChromeRemoteDesktopAppBlocked":{"type":"boolean","description":"Third party signal provider chrome remote desktop app blocked\n"},"tpspCrowdStrikeAgentId":{"type":"string","description":"Third party signal provider crowdstrike agent id\n"},"tpspCrowdStrikeCustomerId":{"type":"string","description":"Third party signal provider crowdstrike user id\n"},"tpspDeviceEnrollmentDomain":{"type":"string","description":"Third party signal provider device enrollment domain\n"},"tpspDiskEncrypted":{"type":"boolean","description":"Third party signal provider disk encrypted\n"},"tpspKeyTrustLevel":{"type":"string","description":"Third party signal provider key trust level\n"},"tpspOsFirewall":{"type":"boolean","description":"Third party signal provider os firewall\n"},"tpspOsVersion":{"type":"string","description":"Third party signal provider minimum os version\n"},"tpspPasswordProctectionWarningTrigger":{"type":"string","description":"Third party signal provider password protection warning trigger\n"},"tpspRealtimeUrlCheckMode":{"type":"boolean","description":"Third party signal provider realtime url check mode\n"},"tpspSafeBrowsingProtectionLevel":{"type":"string","description":"Third party signal provider safe browsing protection level\n"},"tpspScreenLockSecured":{"type":"boolean","description":"Third party signal provider screen lock secure\n"},"tpspSecureBootEnabled":{"type":"boolean","description":"Third party signal provider secure boot enabled\n"},"tpspSiteIsolationEnabled":{"type":"boolean","description":"Third party signal provider site isolation enabled\n"},"tpspThirdPartyBlockingEnabled":{"type":"boolean","description":"Third party signal provider third party blocking enabled\n"},"tpspWindowsMachineDomain":{"type":"string","description":"Third party signal provider windows machine domain\n"},"tpspWindowsUserDomain":{"type":"string","description":"Third party signal provider windows user domain\n"}},"stateInputs":{"description":"Input properties used for looking up and filtering DeviceAssuranceWindows resources.\n","properties":{"createdBy":{"type":"string","description":"Created by\n"},"createdDate":{"type":"string","description":"Created date\n"},"diskEncryptionTypes":{"type":"array","items":{"type":"string"},"description":"List of disk encryption type, can be `ALL_INTERNAL_VOLUMES`\n"},"lastUpdate":{"type":"string","description":"Last update\n"},"lastUpdatedBy":{"type":"string","description":"Last updated by\n"},"name":{"type":"string","description":"Name of the device assurance policy.\n"},"osVersion":{"type":"string","description":"Minimum os version of the device in the device assurance policy.\n"},"platform":{"type":"string","description":"Policy device assurance platform\n"},"screenlockTypes":{"type":"array","items":{"type":"string"},"description":"List of screenlock type, can be `BIOMETRIC` or `BIOMETRIC, PASSCODE`\n"},"secureHardwarePresent":{"type":"boolean","description":"Is the device secure with hardware in the device assurance policy.\n"},"thirdPartySignalProviders":{"type":"boolean","description":"Check to include third party signal provider\n"},"tpspBrowserVersion":{"type":"string","description":"Third party signal provider minimum browser version\n"},"tpspBuiltinDnsClientEnabled":{"type":"boolean","description":"Third party signal provider builtin dns client enable\n"},"tpspChromeRemoteDesktopAppBlocked":{"type":"boolean","description":"Third party signal provider chrome remote desktop app blocked\n"},"tpspCrowdStrikeAgentId":{"type":"string","description":"Third party signal provider crowdstrike agent id\n"},"tpspCrowdStrikeCustomerId":{"type":"string","description":"Third party signal provider crowdstrike user id\n"},"tpspDeviceEnrollmentDomain":{"type":"string","description":"Third party signal provider device enrollment domain\n"},"tpspDiskEncrypted":{"type":"boolean","description":"Third party signal provider disk encrypted\n"},"tpspKeyTrustLevel":{"type":"string","description":"Third party signal provider key trust level\n"},"tpspOsFirewall":{"type":"boolean","description":"Third party signal provider os firewall\n"},"tpspOsVersion":{"type":"string","description":"Third party signal provider minimum os version\n"},"tpspPasswordProctectionWarningTrigger":{"type":"string","description":"Third party signal provider password protection warning trigger\n"},"tpspRealtimeUrlCheckMode":{"type":"boolean","description":"Third party signal provider realtime url check mode\n"},"tpspSafeBrowsingProtectionLevel":{"type":"string","description":"Third party signal provider safe browsing protection level\n"},"tpspScreenLockSecured":{"type":"boolean","description":"Third party signal provider screen lock secure\n"},"tpspSecureBootEnabled":{"type":"boolean","description":"Third party signal provider secure boot enabled\n"},"tpspSiteIsolationEnabled":{"type":"boolean","description":"Third party signal provider site isolation enabled\n"},"tpspThirdPartyBlockingEnabled":{"type":"boolean","description":"Third party signal provider third party blocking enabled\n"},"tpspWindowsMachineDomain":{"type":"string","description":"Third party signal provider windows machine domain\n"},"tpspWindowsUserDomain":{"type":"string","description":"Third party signal provider windows user domain\n"}},"type":"object"}},"okta:policy/mfa:Mfa":{"description":"## Example Usage\n\n## Import\n\n```sh\n$ pulumi import okta:policy/mfa:Mfa example \u003cpolicy_id\u003e\n```\n\n","properties":{"customApps":{"type":"array","items":{"type":"object","additionalProperties":{"type":"string"}},"description":"List of custom authenticators, specify entry like {\"enroll\": \"OPTIONAL\", \"id\": \"\u003cid_of_custom_app\u003e\"} to mark specific custom app optional, list must contain at least 1 entry."},"description":{"type":"string","description":"Policy Description\n"},"duo":{"type":"object","additionalProperties":{"type":"string"}},"externalIdp":{"type":"object","additionalProperties":{"type":"string"},"deprecationMessage":"Since okta now support multiple external_idps, this will be deprecated. Please use \u003cspan pulumi-lang-nodejs=\"`externalIdps`\" pulumi-lang-dotnet=\"`ExternalIdps`\" pulumi-lang-go=\"`externalIdps`\" pulumi-lang-python=\"`external_idps`\" pulumi-lang-yaml=\"`externalIdps`\" pulumi-lang-java=\"`externalIdps`\"\u003e`external_idps`\u003c/span\u003e instead"},"externalIdps":{"type":"array","items":{"type":"object","additionalProperties":{"type":"string"}}},"fidoU2f":{"type":"object","additionalProperties":{"type":"string"}},"fidoWebauthn":{"type":"object","additionalProperties":{"type":"string"}},"googleOtp":{"type":"object","additionalProperties":{"type":"string"}},"groupsIncludeds":{"type":"array","items":{"type":"string"},"description":"List of Group IDs to Include\n"},"hotp":{"type":"object","additionalProperties":{"type":"string"}},"isOie":{"type":"boolean","description":"Is the policy using Okta Identity Engine (OIE) with authenticators instead of factors?\n"},"name":{"type":"string","description":"Policy Name\n"},"oktaCall":{"type":"object","additionalProperties":{"type":"string"}},"oktaEmail":{"type":"object","additionalProperties":{"type":"string"}},"oktaOtp":{"type":"object","additionalProperties":{"type":"string"}},"oktaPassword":{"type":"object","additionalProperties":{"type":"string"}},"oktaPush":{"type":"object","additionalProperties":{"type":"string"}},"oktaQuestion":{"type":"object","additionalProperties":{"type":"string"}},"oktaSms":{"type":"object","additionalProperties":{"type":"string"}},"oktaVerify":{"type":"object","additionalProperties":{"type":"string"}},"onpremMfa":{"type":"object","additionalProperties":{"type":"string"}},"phoneNumber":{"type":"object","additionalProperties":{"type":"string"}},"priority":{"type":"integer","description":"Policy Priority, this attribute can be set to a valid priority. To avoid endless diff situation we error if an invalid priority is provided. API defaults it to the last (lowest) if not there.\n"},"rsaToken":{"type":"object","additionalProperties":{"type":"string"}},"securityQuestion":{"type":"object","additionalProperties":{"type":"string"}},"smartCardIdp":{"type":"object","additionalProperties":{"type":"string"}},"status":{"type":"string","description":"Policy Status: `ACTIVE` or `INACTIVE`. Default: `ACTIVE`\n"},"symantecVip":{"type":"object","additionalProperties":{"type":"string"}},"webauthn":{"type":"object","additionalProperties":{"type":"string"}},"yubikeyToken":{"type":"object","additionalProperties":{"type":"string"}}},"required":["name"],"inputProperties":{"customApps":{"type":"array","items":{"type":"object","additionalProperties":{"type":"string"}},"description":"List of custom authenticators, specify entry like {\"enroll\": \"OPTIONAL\", \"id\": \"\u003cid_of_custom_app\u003e\"} to mark specific custom app optional, list must contain at least 1 entry."},"description":{"type":"string","description":"Policy Description\n"},"duo":{"type":"object","additionalProperties":{"type":"string"}},"externalIdp":{"type":"object","additionalProperties":{"type":"string"},"deprecationMessage":"Since okta now support multiple external_idps, this will be deprecated. Please use \u003cspan pulumi-lang-nodejs=\"`externalIdps`\" pulumi-lang-dotnet=\"`ExternalIdps`\" pulumi-lang-go=\"`externalIdps`\" pulumi-lang-python=\"`external_idps`\" pulumi-lang-yaml=\"`externalIdps`\" pulumi-lang-java=\"`externalIdps`\"\u003e`external_idps`\u003c/span\u003e instead"},"externalIdps":{"type":"array","items":{"type":"object","additionalProperties":{"type":"string"}}},"fidoU2f":{"type":"object","additionalProperties":{"type":"string"}},"fidoWebauthn":{"type":"object","additionalProperties":{"type":"string"}},"googleOtp":{"type":"object","additionalProperties":{"type":"string"}},"groupsIncludeds":{"type":"array","items":{"type":"string"},"description":"List of Group IDs to Include\n"},"hotp":{"type":"object","additionalProperties":{"type":"string"}},"isOie":{"type":"boolean","description":"Is the policy using Okta Identity Engine (OIE) with authenticators instead of factors?\n"},"name":{"type":"string","description":"Policy Name\n"},"oktaCall":{"type":"object","additionalProperties":{"type":"string"}},"oktaEmail":{"type":"object","additionalProperties":{"type":"string"}},"oktaOtp":{"type":"object","additionalProperties":{"type":"string"}},"oktaPassword":{"type":"object","additionalProperties":{"type":"string"}},"oktaPush":{"type":"object","additionalProperties":{"type":"string"}},"oktaQuestion":{"type":"object","additionalProperties":{"type":"string"}},"oktaSms":{"type":"object","additionalProperties":{"type":"string"}},"oktaVerify":{"type":"object","additionalProperties":{"type":"string"}},"onpremMfa":{"type":"object","additionalProperties":{"type":"string"}},"phoneNumber":{"type":"object","additionalProperties":{"type":"string"}},"priority":{"type":"integer","description":"Policy Priority, this attribute can be set to a valid priority. To avoid endless diff situation we error if an invalid priority is provided. API defaults it to the last (lowest) if not there.\n"},"rsaToken":{"type":"object","additionalProperties":{"type":"string"}},"securityQuestion":{"type":"object","additionalProperties":{"type":"string"}},"smartCardIdp":{"type":"object","additionalProperties":{"type":"string"}},"status":{"type":"string","description":"Policy Status: `ACTIVE` or `INACTIVE`. Default: `ACTIVE`\n"},"symantecVip":{"type":"object","additionalProperties":{"type":"string"}},"webauthn":{"type":"object","additionalProperties":{"type":"string"}},"yubikeyToken":{"type":"object","additionalProperties":{"type":"string"}}},"stateInputs":{"description":"Input properties used for looking up and filtering Mfa resources.\n","properties":{"customApps":{"type":"array","items":{"type":"object","additionalProperties":{"type":"string"}},"description":"List of custom authenticators, specify entry like {\"enroll\": \"OPTIONAL\", \"id\": \"\u003cid_of_custom_app\u003e\"} to mark specific custom app optional, list must contain at least 1 entry."},"description":{"type":"string","description":"Policy Description\n"},"duo":{"type":"object","additionalProperties":{"type":"string"}},"externalIdp":{"type":"object","additionalProperties":{"type":"string"},"deprecationMessage":"Since okta now support multiple external_idps, this will be deprecated. Please use \u003cspan pulumi-lang-nodejs=\"`externalIdps`\" pulumi-lang-dotnet=\"`ExternalIdps`\" pulumi-lang-go=\"`externalIdps`\" pulumi-lang-python=\"`external_idps`\" pulumi-lang-yaml=\"`externalIdps`\" pulumi-lang-java=\"`externalIdps`\"\u003e`external_idps`\u003c/span\u003e instead"},"externalIdps":{"type":"array","items":{"type":"object","additionalProperties":{"type":"string"}}},"fidoU2f":{"type":"object","additionalProperties":{"type":"string"}},"fidoWebauthn":{"type":"object","additionalProperties":{"type":"string"}},"googleOtp":{"type":"object","additionalProperties":{"type":"string"}},"groupsIncludeds":{"type":"array","items":{"type":"string"},"description":"List of Group IDs to Include\n"},"hotp":{"type":"object","additionalProperties":{"type":"string"}},"isOie":{"type":"boolean","description":"Is the policy using Okta Identity Engine (OIE) with authenticators instead of factors?\n"},"name":{"type":"string","description":"Policy Name\n"},"oktaCall":{"type":"object","additionalProperties":{"type":"string"}},"oktaEmail":{"type":"object","additionalProperties":{"type":"string"}},"oktaOtp":{"type":"object","additionalProperties":{"type":"string"}},"oktaPassword":{"type":"object","additionalProperties":{"type":"string"}},"oktaPush":{"type":"object","additionalProperties":{"type":"string"}},"oktaQuestion":{"type":"object","additionalProperties":{"type":"string"}},"oktaSms":{"type":"object","additionalProperties":{"type":"string"}},"oktaVerify":{"type":"object","additionalProperties":{"type":"string"}},"onpremMfa":{"type":"object","additionalProperties":{"type":"string"}},"phoneNumber":{"type":"object","additionalProperties":{"type":"string"}},"priority":{"type":"integer","description":"Policy Priority, this attribute can be set to a valid priority. To avoid endless diff situation we error if an invalid priority is provided. API defaults it to the last (lowest) if not there.\n"},"rsaToken":{"type":"object","additionalProperties":{"type":"string"}},"securityQuestion":{"type":"object","additionalProperties":{"type":"string"}},"smartCardIdp":{"type":"object","additionalProperties":{"type":"string"}},"status":{"type":"string","description":"Policy Status: `ACTIVE` or `INACTIVE`. Default: `ACTIVE`\n"},"symantecVip":{"type":"object","additionalProperties":{"type":"string"}},"webauthn":{"type":"object","additionalProperties":{"type":"string"}},"yubikeyToken":{"type":"object","additionalProperties":{"type":"string"}}},"type":"object"}},"okta:policy/password:Password":{"description":"Creates a Password Policy. This resource allows you to create and configure a Password Policy.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst example = new okta.policy.Password(\"example\", {\n    name: \"example\",\n    status: \"ACTIVE\",\n    description: \"Example\",\n    passwordHistoryCount: 4,\n    groupsIncludeds: [everyone.id],\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\nexample = okta.policy.Password(\"example\",\n    name=\"example\",\n    status=\"ACTIVE\",\n    description=\"Example\",\n    password_history_count=4,\n    groups_includeds=[everyone[\"id\"]])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var example = new Okta.Policy.Password(\"example\", new()\n    {\n        Name = \"example\",\n        Status = \"ACTIVE\",\n        Description = \"Example\",\n        PasswordHistoryCount = 4,\n        GroupsIncludeds = new[]\n        {\n            everyone.Id,\n        },\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta/policy\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := policy.NewPassword(ctx, \"example\", \u0026policy.PasswordArgs{\n\t\t\tName:                 pulumi.String(\"example\"),\n\t\t\tStatus:               pulumi.String(\"ACTIVE\"),\n\t\t\tDescription:          pulumi.String(\"Example\"),\n\t\t\tPasswordHistoryCount: pulumi.Int(4),\n\t\t\tGroupsIncludeds: pulumi.StringArray{\n\t\t\t\teveryone.Id,\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.policy.Password;\nimport com.pulumi.okta.policy.PasswordArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        var example = new Password(\"example\", PasswordArgs.builder()\n            .name(\"example\")\n            .status(\"ACTIVE\")\n            .description(\"Example\")\n            .passwordHistoryCount(4)\n            .groupsIncludeds(everyone.id())\n            .build());\n\n    }\n}\n```\n```yaml\nresources:\n  example:\n    type: okta:policy:Password\n    properties:\n      name: example\n      status: ACTIVE\n      description: Example\n      passwordHistoryCount: 4\n      groupsIncludeds:\n        - ${everyone.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\n```sh\n$ pulumi import okta:policy/password:Password example \u003cpolicy_id\u003e\n```\n\n","properties":{"authProvider":{"type":"string","description":"Authentication Provider: `OKTA`, `ACTIVE_DIRECTORY` or `LDAP`. Default: `OKTA`\n"},"callRecovery":{"type":"string","description":"Enable or disable voice call recovery: `ACTIVE` or `INACTIVE`. Default: `INACTIVE`\n"},"description":{"type":"string","description":"Policy Description\n"},"emailRecovery":{"type":"string","description":"Enable or disable email password recovery: `ACTIVE` or `INACTIVE`. Default: `ACTIVE`\n"},"groupsIncludeds":{"type":"array","items":{"type":"string"},"description":"List of Group IDs to Include\n"},"name":{"type":"string","description":"Policy Name\n"},"passwordAutoUnlockMinutes":{"type":"integer","description":"Number of minutes before a locked account is unlocked: 0 = no limit. Default: \u003cspan pulumi-lang-nodejs=\"`0`\" pulumi-lang-dotnet=\"`0`\" pulumi-lang-go=\"`0`\" pulumi-lang-python=\"`0`\" pulumi-lang-yaml=\"`0`\" pulumi-lang-java=\"`0`\"\u003e`0`\u003c/span\u003e\n"},"passwordDictionaryLookup":{"type":"boolean","description":"Check Passwords Against Common Password Dictionary. Default: \u003cspan pulumi-lang-nodejs=\"`false`\" pulumi-lang-dotnet=\"`False`\" pulumi-lang-go=\"`false`\" pulumi-lang-python=\"`false`\" pulumi-lang-yaml=\"`false`\" pulumi-lang-java=\"`false`\"\u003e`false`\u003c/span\u003e\n"},"passwordExcludeFirstName":{"type":"boolean","description":"User firstName attribute must be excluded from the password\n"},"passwordExcludeLastName":{"type":"boolean","description":"User lastName attribute must be excluded from the password\n"},"passwordExcludeUsername":{"type":"boolean","description":"If the user name must be excluded from the password. Default: \u003cspan pulumi-lang-nodejs=\"`true`\" pulumi-lang-dotnet=\"`True`\" pulumi-lang-go=\"`true`\" pulumi-lang-python=\"`true`\" pulumi-lang-yaml=\"`true`\" pulumi-lang-java=\"`true`\"\u003e`true`\u003c/span\u003e\n"},"passwordExpireWarnDays":{"type":"integer","description":"Length in days a user will be warned before password expiry: 0 = no warning. Default: \u003cspan pulumi-lang-nodejs=\"`0`\" pulumi-lang-dotnet=\"`0`\" pulumi-lang-go=\"`0`\" pulumi-lang-python=\"`0`\" pulumi-lang-yaml=\"`0`\" pulumi-lang-java=\"`0`\"\u003e`0`\u003c/span\u003e\n"},"passwordHistoryCount":{"type":"integer","description":"Number of distinct passwords that must be created before they can be reused: 0 = none. Default: \u003cspan pulumi-lang-nodejs=\"`0`\" pulumi-lang-dotnet=\"`0`\" pulumi-lang-go=\"`0`\" pulumi-lang-python=\"`0`\" pulumi-lang-yaml=\"`0`\" pulumi-lang-java=\"`0`\"\u003e`0`\u003c/span\u003e\n"},"passwordLockoutNotificationChannels":{"type":"array","items":{"type":"string"},"description":"Notification channels to use to notify a user when their account has been locked.\n"},"passwordMaxAgeDays":{"type":"integer","description":"Length in days a password is valid before expiry: 0 = no limit. Default: \u003cspan pulumi-lang-nodejs=\"`0`\" pulumi-lang-dotnet=\"`0`\" pulumi-lang-go=\"`0`\" pulumi-lang-python=\"`0`\" pulumi-lang-yaml=\"`0`\" pulumi-lang-java=\"`0`\"\u003e`0`\u003c/span\u003e\n"},"passwordMaxLockoutAttempts":{"type":"integer","description":"Number of unsuccessful login attempts allowed before lockout: 0 = no limit. Default: \u003cspan pulumi-lang-nodejs=\"`10`\" pulumi-lang-dotnet=\"`10`\" pulumi-lang-go=\"`10`\" pulumi-lang-python=\"`10`\" pulumi-lang-yaml=\"`10`\" pulumi-lang-java=\"`10`\"\u003e`10`\u003c/span\u003e\n"},"passwordMinAgeMinutes":{"type":"integer","description":"Minimum time interval in minutes between password changes: 0 = no limit. Default: \u003cspan pulumi-lang-nodejs=\"`0`\" pulumi-lang-dotnet=\"`0`\" pulumi-lang-go=\"`0`\" pulumi-lang-python=\"`0`\" pulumi-lang-yaml=\"`0`\" pulumi-lang-java=\"`0`\"\u003e`0`\u003c/span\u003e\n"},"passwordMinLength":{"type":"integer","description":"Minimum password length. Default: \u003cspan pulumi-lang-nodejs=\"`8`\" pulumi-lang-dotnet=\"`8`\" pulumi-lang-go=\"`8`\" pulumi-lang-python=\"`8`\" pulumi-lang-yaml=\"`8`\" pulumi-lang-java=\"`8`\"\u003e`8`\u003c/span\u003e\n"},"passwordMinLowercase":{"type":"integer","description":"If a password must contain at least one lower case letter: 0 = no, 1 = yes. Default: \u003cspan pulumi-lang-nodejs=\"`1`\" pulumi-lang-dotnet=\"`1`\" pulumi-lang-go=\"`1`\" pulumi-lang-python=\"`1`\" pulumi-lang-yaml=\"`1`\" pulumi-lang-java=\"`1`\"\u003e`1`\u003c/span\u003e\n"},"passwordMinNumber":{"type":"integer","description":"If a password must contain at least one number: 0 = no, 1 = yes. Default: \u003cspan pulumi-lang-nodejs=\"`1`\" pulumi-lang-dotnet=\"`1`\" pulumi-lang-go=\"`1`\" pulumi-lang-python=\"`1`\" pulumi-lang-yaml=\"`1`\" pulumi-lang-java=\"`1`\"\u003e`1`\u003c/span\u003e\n"},"passwordMinSymbol":{"type":"integer","description":"If a password must contain at least one symbol (!@#$%^\u0026*): 0 = no, 1 = yes. Default: \u003cspan pulumi-lang-nodejs=\"`0`\" pulumi-lang-dotnet=\"`0`\" pulumi-lang-go=\"`0`\" pulumi-lang-python=\"`0`\" pulumi-lang-yaml=\"`0`\" pulumi-lang-java=\"`0`\"\u003e`0`\u003c/span\u003e\n"},"passwordMinUppercase":{"type":"integer","description":"If a password must contain at least one upper case letter: 0 = no, 1 = yes. Default: \u003cspan pulumi-lang-nodejs=\"`1`\" pulumi-lang-dotnet=\"`1`\" pulumi-lang-go=\"`1`\" pulumi-lang-python=\"`1`\" pulumi-lang-yaml=\"`1`\" pulumi-lang-java=\"`1`\"\u003e`1`\u003c/span\u003e\n"},"passwordShowLockoutFailures":{"type":"boolean","description":"If a user should be informed when their account is locked. Default: \u003cspan pulumi-lang-nodejs=\"`false`\" pulumi-lang-dotnet=\"`False`\" pulumi-lang-go=\"`false`\" pulumi-lang-python=\"`false`\" pulumi-lang-yaml=\"`false`\" pulumi-lang-java=\"`false`\"\u003e`false`\u003c/span\u003e\n"},"priority":{"type":"integer","description":"Policy Priority, this attribute can be set to a valid priority. To avoid endless diff situation we error if an invalid priority is provided. API defaults it to the last (lowest) if not there.\n"},"questionMinLength":{"type":"integer","description":"Min length of the password recovery question answer. Default: \u003cspan pulumi-lang-nodejs=\"`4`\" pulumi-lang-dotnet=\"`4`\" pulumi-lang-go=\"`4`\" pulumi-lang-python=\"`4`\" pulumi-lang-yaml=\"`4`\" pulumi-lang-java=\"`4`\"\u003e`4`\u003c/span\u003e\n"},"questionRecovery":{"type":"string","description":"Enable or disable security question password recovery: `ACTIVE` or `INACTIVE`. Default: `ACTIVE`\n"},"recoveryEmailToken":{"type":"integer","description":"Lifetime in minutes of the recovery email token. Default: \u003cspan pulumi-lang-nodejs=\"`60`\" pulumi-lang-dotnet=\"`60`\" pulumi-lang-go=\"`60`\" pulumi-lang-python=\"`60`\" pulumi-lang-yaml=\"`60`\" pulumi-lang-java=\"`60`\"\u003e`60`\u003c/span\u003e\n"},"skipUnlock":{"type":"boolean","description":"When an Active Directory user is locked out of Okta, the Okta unlock operation should also attempt to unlock the user's Windows account. Default: \u003cspan pulumi-lang-nodejs=\"`false`\" pulumi-lang-dotnet=\"`False`\" pulumi-lang-go=\"`false`\" pulumi-lang-python=\"`false`\" pulumi-lang-yaml=\"`false`\" pulumi-lang-java=\"`false`\"\u003e`false`\u003c/span\u003e\n"},"smsRecovery":{"type":"string","description":"Enable or disable SMS password recovery: `ACTIVE` or `INACTIVE`. Default: `INACTIVE`\n"},"status":{"type":"string","description":"Policy Status: `ACTIVE` or `INACTIVE`. Default: `ACTIVE`\n"}},"required":["name"],"inputProperties":{"authProvider":{"type":"string","description":"Authentication Provider: `OKTA`, `ACTIVE_DIRECTORY` or `LDAP`. Default: `OKTA`\n"},"callRecovery":{"type":"string","description":"Enable or disable voice call recovery: `ACTIVE` or `INACTIVE`. Default: `INACTIVE`\n"},"description":{"type":"string","description":"Policy Description\n"},"emailRecovery":{"type":"string","description":"Enable or disable email password recovery: `ACTIVE` or `INACTIVE`. Default: `ACTIVE`\n"},"groupsIncludeds":{"type":"array","items":{"type":"string"},"description":"List of Group IDs to Include\n"},"name":{"type":"string","description":"Policy Name\n"},"passwordAutoUnlockMinutes":{"type":"integer","description":"Number of minutes before a locked account is unlocked: 0 = no limit. Default: \u003cspan pulumi-lang-nodejs=\"`0`\" pulumi-lang-dotnet=\"`0`\" pulumi-lang-go=\"`0`\" pulumi-lang-python=\"`0`\" pulumi-lang-yaml=\"`0`\" pulumi-lang-java=\"`0`\"\u003e`0`\u003c/span\u003e\n"},"passwordDictionaryLookup":{"type":"boolean","description":"Check Passwords Against Common Password Dictionary. Default: \u003cspan pulumi-lang-nodejs=\"`false`\" pulumi-lang-dotnet=\"`False`\" pulumi-lang-go=\"`false`\" pulumi-lang-python=\"`false`\" pulumi-lang-yaml=\"`false`\" pulumi-lang-java=\"`false`\"\u003e`false`\u003c/span\u003e\n"},"passwordExcludeFirstName":{"type":"boolean","description":"User firstName attribute must be excluded from the password\n"},"passwordExcludeLastName":{"type":"boolean","description":"User lastName attribute must be excluded from the password\n"},"passwordExcludeUsername":{"type":"boolean","description":"If the user name must be excluded from the password. Default: \u003cspan pulumi-lang-nodejs=\"`true`\" pulumi-lang-dotnet=\"`True`\" pulumi-lang-go=\"`true`\" pulumi-lang-python=\"`true`\" pulumi-lang-yaml=\"`true`\" pulumi-lang-java=\"`true`\"\u003e`true`\u003c/span\u003e\n"},"passwordExpireWarnDays":{"type":"integer","description":"Length in days a user will be warned before password expiry: 0 = no warning. Default: \u003cspan pulumi-lang-nodejs=\"`0`\" pulumi-lang-dotnet=\"`0`\" pulumi-lang-go=\"`0`\" pulumi-lang-python=\"`0`\" pulumi-lang-yaml=\"`0`\" pulumi-lang-java=\"`0`\"\u003e`0`\u003c/span\u003e\n"},"passwordHistoryCount":{"type":"integer","description":"Number of distinct passwords that must be created before they can be reused: 0 = none. Default: \u003cspan pulumi-lang-nodejs=\"`0`\" pulumi-lang-dotnet=\"`0`\" pulumi-lang-go=\"`0`\" pulumi-lang-python=\"`0`\" pulumi-lang-yaml=\"`0`\" pulumi-lang-java=\"`0`\"\u003e`0`\u003c/span\u003e\n"},"passwordLockoutNotificationChannels":{"type":"array","items":{"type":"string"},"description":"Notification channels to use to notify a user when their account has been locked.\n"},"passwordMaxAgeDays":{"type":"integer","description":"Length in days a password is valid before expiry: 0 = no limit. Default: \u003cspan pulumi-lang-nodejs=\"`0`\" pulumi-lang-dotnet=\"`0`\" pulumi-lang-go=\"`0`\" pulumi-lang-python=\"`0`\" pulumi-lang-yaml=\"`0`\" pulumi-lang-java=\"`0`\"\u003e`0`\u003c/span\u003e\n"},"passwordMaxLockoutAttempts":{"type":"integer","description":"Number of unsuccessful login attempts allowed before lockout: 0 = no limit. Default: \u003cspan pulumi-lang-nodejs=\"`10`\" pulumi-lang-dotnet=\"`10`\" pulumi-lang-go=\"`10`\" pulumi-lang-python=\"`10`\" pulumi-lang-yaml=\"`10`\" pulumi-lang-java=\"`10`\"\u003e`10`\u003c/span\u003e\n"},"passwordMinAgeMinutes":{"type":"integer","description":"Minimum time interval in minutes between password changes: 0 = no limit. Default: \u003cspan pulumi-lang-nodejs=\"`0`\" pulumi-lang-dotnet=\"`0`\" pulumi-lang-go=\"`0`\" pulumi-lang-python=\"`0`\" pulumi-lang-yaml=\"`0`\" pulumi-lang-java=\"`0`\"\u003e`0`\u003c/span\u003e\n"},"passwordMinLength":{"type":"integer","description":"Minimum password length. Default: \u003cspan pulumi-lang-nodejs=\"`8`\" pulumi-lang-dotnet=\"`8`\" pulumi-lang-go=\"`8`\" pulumi-lang-python=\"`8`\" pulumi-lang-yaml=\"`8`\" pulumi-lang-java=\"`8`\"\u003e`8`\u003c/span\u003e\n"},"passwordMinLowercase":{"type":"integer","description":"If a password must contain at least one lower case letter: 0 = no, 1 = yes. Default: \u003cspan pulumi-lang-nodejs=\"`1`\" pulumi-lang-dotnet=\"`1`\" pulumi-lang-go=\"`1`\" pulumi-lang-python=\"`1`\" pulumi-lang-yaml=\"`1`\" pulumi-lang-java=\"`1`\"\u003e`1`\u003c/span\u003e\n"},"passwordMinNumber":{"type":"integer","description":"If a password must contain at least one number: 0 = no, 1 = yes. Default: \u003cspan pulumi-lang-nodejs=\"`1`\" pulumi-lang-dotnet=\"`1`\" pulumi-lang-go=\"`1`\" pulumi-lang-python=\"`1`\" pulumi-lang-yaml=\"`1`\" pulumi-lang-java=\"`1`\"\u003e`1`\u003c/span\u003e\n"},"passwordMinSymbol":{"type":"integer","description":"If a password must contain at least one symbol (!@#$%^\u0026*): 0 = no, 1 = yes. Default: \u003cspan pulumi-lang-nodejs=\"`0`\" pulumi-lang-dotnet=\"`0`\" pulumi-lang-go=\"`0`\" pulumi-lang-python=\"`0`\" pulumi-lang-yaml=\"`0`\" pulumi-lang-java=\"`0`\"\u003e`0`\u003c/span\u003e\n"},"passwordMinUppercase":{"type":"integer","description":"If a password must contain at least one upper case letter: 0 = no, 1 = yes. Default: \u003cspan pulumi-lang-nodejs=\"`1`\" pulumi-lang-dotnet=\"`1`\" pulumi-lang-go=\"`1`\" pulumi-lang-python=\"`1`\" pulumi-lang-yaml=\"`1`\" pulumi-lang-java=\"`1`\"\u003e`1`\u003c/span\u003e\n"},"passwordShowLockoutFailures":{"type":"boolean","description":"If a user should be informed when their account is locked. Default: \u003cspan pulumi-lang-nodejs=\"`false`\" pulumi-lang-dotnet=\"`False`\" pulumi-lang-go=\"`false`\" pulumi-lang-python=\"`false`\" pulumi-lang-yaml=\"`false`\" pulumi-lang-java=\"`false`\"\u003e`false`\u003c/span\u003e\n"},"priority":{"type":"integer","description":"Policy Priority, this attribute can be set to a valid priority. To avoid endless diff situation we error if an invalid priority is provided. API defaults it to the last (lowest) if not there.\n"},"questionMinLength":{"type":"integer","description":"Min length of the password recovery question answer. Default: \u003cspan pulumi-lang-nodejs=\"`4`\" pulumi-lang-dotnet=\"`4`\" pulumi-lang-go=\"`4`\" pulumi-lang-python=\"`4`\" pulumi-lang-yaml=\"`4`\" pulumi-lang-java=\"`4`\"\u003e`4`\u003c/span\u003e\n"},"questionRecovery":{"type":"string","description":"Enable or disable security question password recovery: `ACTIVE` or `INACTIVE`. Default: `ACTIVE`\n"},"recoveryEmailToken":{"type":"integer","description":"Lifetime in minutes of the recovery email token. Default: \u003cspan pulumi-lang-nodejs=\"`60`\" pulumi-lang-dotnet=\"`60`\" pulumi-lang-go=\"`60`\" pulumi-lang-python=\"`60`\" pulumi-lang-yaml=\"`60`\" pulumi-lang-java=\"`60`\"\u003e`60`\u003c/span\u003e\n"},"skipUnlock":{"type":"boolean","description":"When an Active Directory user is locked out of Okta, the Okta unlock operation should also attempt to unlock the user's Windows account. Default: \u003cspan pulumi-lang-nodejs=\"`false`\" pulumi-lang-dotnet=\"`False`\" pulumi-lang-go=\"`false`\" pulumi-lang-python=\"`false`\" pulumi-lang-yaml=\"`false`\" pulumi-lang-java=\"`false`\"\u003e`false`\u003c/span\u003e\n"},"smsRecovery":{"type":"string","description":"Enable or disable SMS password recovery: `ACTIVE` or `INACTIVE`. Default: `INACTIVE`\n"},"status":{"type":"string","description":"Policy Status: `ACTIVE` or `INACTIVE`. Default: `ACTIVE`\n"}},"stateInputs":{"description":"Input properties used for looking up and filtering Password resources.\n","properties":{"authProvider":{"type":"string","description":"Authentication Provider: `OKTA`, `ACTIVE_DIRECTORY` or `LDAP`. Default: `OKTA`\n"},"callRecovery":{"type":"string","description":"Enable or disable voice call recovery: `ACTIVE` or `INACTIVE`. Default: `INACTIVE`\n"},"description":{"type":"string","description":"Policy Description\n"},"emailRecovery":{"type":"string","description":"Enable or disable email password recovery: `ACTIVE` or `INACTIVE`. Default: `ACTIVE`\n"},"groupsIncludeds":{"type":"array","items":{"type":"string"},"description":"List of Group IDs to Include\n"},"name":{"type":"string","description":"Policy Name\n"},"passwordAutoUnlockMinutes":{"type":"integer","description":"Number of minutes before a locked account is unlocked: 0 = no limit. Default: \u003cspan pulumi-lang-nodejs=\"`0`\" pulumi-lang-dotnet=\"`0`\" pulumi-lang-go=\"`0`\" pulumi-lang-python=\"`0`\" pulumi-lang-yaml=\"`0`\" pulumi-lang-java=\"`0`\"\u003e`0`\u003c/span\u003e\n"},"passwordDictionaryLookup":{"type":"boolean","description":"Check Passwords Against Common Password Dictionary. Default: \u003cspan pulumi-lang-nodejs=\"`false`\" pulumi-lang-dotnet=\"`False`\" pulumi-lang-go=\"`false`\" pulumi-lang-python=\"`false`\" pulumi-lang-yaml=\"`false`\" pulumi-lang-java=\"`false`\"\u003e`false`\u003c/span\u003e\n"},"passwordExcludeFirstName":{"type":"boolean","description":"User firstName attribute must be excluded from the password\n"},"passwordExcludeLastName":{"type":"boolean","description":"User lastName attribute must be excluded from the password\n"},"passwordExcludeUsername":{"type":"boolean","description":"If the user name must be excluded from the password. Default: \u003cspan pulumi-lang-nodejs=\"`true`\" pulumi-lang-dotnet=\"`True`\" pulumi-lang-go=\"`true`\" pulumi-lang-python=\"`true`\" pulumi-lang-yaml=\"`true`\" pulumi-lang-java=\"`true`\"\u003e`true`\u003c/span\u003e\n"},"passwordExpireWarnDays":{"type":"integer","description":"Length in days a user will be warned before password expiry: 0 = no warning. Default: \u003cspan pulumi-lang-nodejs=\"`0`\" pulumi-lang-dotnet=\"`0`\" pulumi-lang-go=\"`0`\" pulumi-lang-python=\"`0`\" pulumi-lang-yaml=\"`0`\" pulumi-lang-java=\"`0`\"\u003e`0`\u003c/span\u003e\n"},"passwordHistoryCount":{"type":"integer","description":"Number of distinct passwords that must be created before they can be reused: 0 = none. Default: \u003cspan pulumi-lang-nodejs=\"`0`\" pulumi-lang-dotnet=\"`0`\" pulumi-lang-go=\"`0`\" pulumi-lang-python=\"`0`\" pulumi-lang-yaml=\"`0`\" pulumi-lang-java=\"`0`\"\u003e`0`\u003c/span\u003e\n"},"passwordLockoutNotificationChannels":{"type":"array","items":{"type":"string"},"description":"Notification channels to use to notify a user when their account has been locked.\n"},"passwordMaxAgeDays":{"type":"integer","description":"Length in days a password is valid before expiry: 0 = no limit. Default: \u003cspan pulumi-lang-nodejs=\"`0`\" pulumi-lang-dotnet=\"`0`\" pulumi-lang-go=\"`0`\" pulumi-lang-python=\"`0`\" pulumi-lang-yaml=\"`0`\" pulumi-lang-java=\"`0`\"\u003e`0`\u003c/span\u003e\n"},"passwordMaxLockoutAttempts":{"type":"integer","description":"Number of unsuccessful login attempts allowed before lockout: 0 = no limit. Default: \u003cspan pulumi-lang-nodejs=\"`10`\" pulumi-lang-dotnet=\"`10`\" pulumi-lang-go=\"`10`\" pulumi-lang-python=\"`10`\" pulumi-lang-yaml=\"`10`\" pulumi-lang-java=\"`10`\"\u003e`10`\u003c/span\u003e\n"},"passwordMinAgeMinutes":{"type":"integer","description":"Minimum time interval in minutes between password changes: 0 = no limit. Default: \u003cspan pulumi-lang-nodejs=\"`0`\" pulumi-lang-dotnet=\"`0`\" pulumi-lang-go=\"`0`\" pulumi-lang-python=\"`0`\" pulumi-lang-yaml=\"`0`\" pulumi-lang-java=\"`0`\"\u003e`0`\u003c/span\u003e\n"},"passwordMinLength":{"type":"integer","description":"Minimum password length. Default: \u003cspan pulumi-lang-nodejs=\"`8`\" pulumi-lang-dotnet=\"`8`\" pulumi-lang-go=\"`8`\" pulumi-lang-python=\"`8`\" pulumi-lang-yaml=\"`8`\" pulumi-lang-java=\"`8`\"\u003e`8`\u003c/span\u003e\n"},"passwordMinLowercase":{"type":"integer","description":"If a password must contain at least one lower case letter: 0 = no, 1 = yes. Default: \u003cspan pulumi-lang-nodejs=\"`1`\" pulumi-lang-dotnet=\"`1`\" pulumi-lang-go=\"`1`\" pulumi-lang-python=\"`1`\" pulumi-lang-yaml=\"`1`\" pulumi-lang-java=\"`1`\"\u003e`1`\u003c/span\u003e\n"},"passwordMinNumber":{"type":"integer","description":"If a password must contain at least one number: 0 = no, 1 = yes. Default: \u003cspan pulumi-lang-nodejs=\"`1`\" pulumi-lang-dotnet=\"`1`\" pulumi-lang-go=\"`1`\" pulumi-lang-python=\"`1`\" pulumi-lang-yaml=\"`1`\" pulumi-lang-java=\"`1`\"\u003e`1`\u003c/span\u003e\n"},"passwordMinSymbol":{"type":"integer","description":"If a password must contain at least one symbol (!@#$%^\u0026*): 0 = no, 1 = yes. Default: \u003cspan pulumi-lang-nodejs=\"`0`\" pulumi-lang-dotnet=\"`0`\" pulumi-lang-go=\"`0`\" pulumi-lang-python=\"`0`\" pulumi-lang-yaml=\"`0`\" pulumi-lang-java=\"`0`\"\u003e`0`\u003c/span\u003e\n"},"passwordMinUppercase":{"type":"integer","description":"If a password must contain at least one upper case letter: 0 = no, 1 = yes. Default: \u003cspan pulumi-lang-nodejs=\"`1`\" pulumi-lang-dotnet=\"`1`\" pulumi-lang-go=\"`1`\" pulumi-lang-python=\"`1`\" pulumi-lang-yaml=\"`1`\" pulumi-lang-java=\"`1`\"\u003e`1`\u003c/span\u003e\n"},"passwordShowLockoutFailures":{"type":"boolean","description":"If a user should be informed when their account is locked. Default: \u003cspan pulumi-lang-nodejs=\"`false`\" pulumi-lang-dotnet=\"`False`\" pulumi-lang-go=\"`false`\" pulumi-lang-python=\"`false`\" pulumi-lang-yaml=\"`false`\" pulumi-lang-java=\"`false`\"\u003e`false`\u003c/span\u003e\n"},"priority":{"type":"integer","description":"Policy Priority, this attribute can be set to a valid priority. To avoid endless diff situation we error if an invalid priority is provided. API defaults it to the last (lowest) if not there.\n"},"questionMinLength":{"type":"integer","description":"Min length of the password recovery question answer. Default: \u003cspan pulumi-lang-nodejs=\"`4`\" pulumi-lang-dotnet=\"`4`\" pulumi-lang-go=\"`4`\" pulumi-lang-python=\"`4`\" pulumi-lang-yaml=\"`4`\" pulumi-lang-java=\"`4`\"\u003e`4`\u003c/span\u003e\n"},"questionRecovery":{"type":"string","description":"Enable or disable security question password recovery: `ACTIVE` or `INACTIVE`. Default: `ACTIVE`\n"},"recoveryEmailToken":{"type":"integer","description":"Lifetime in minutes of the recovery email token. Default: \u003cspan pulumi-lang-nodejs=\"`60`\" pulumi-lang-dotnet=\"`60`\" pulumi-lang-go=\"`60`\" pulumi-lang-python=\"`60`\" pulumi-lang-yaml=\"`60`\" pulumi-lang-java=\"`60`\"\u003e`60`\u003c/span\u003e\n"},"skipUnlock":{"type":"boolean","description":"When an Active Directory user is locked out of Okta, the Okta unlock operation should also attempt to unlock the user's Windows account. Default: \u003cspan pulumi-lang-nodejs=\"`false`\" pulumi-lang-dotnet=\"`False`\" pulumi-lang-go=\"`false`\" pulumi-lang-python=\"`false`\" pulumi-lang-yaml=\"`false`\" pulumi-lang-java=\"`false`\"\u003e`false`\u003c/span\u003e\n"},"smsRecovery":{"type":"string","description":"Enable or disable SMS password recovery: `ACTIVE` or `INACTIVE`. Default: `INACTIVE`\n"},"status":{"type":"string","description":"Policy Status: `ACTIVE` or `INACTIVE`. Default: `ACTIVE`\n"}},"type":"object"}},"okta:policy/ruleIdpDiscovery:RuleIdpDiscovery":{"description":"Creates an IdP Discovery Policy Rule.\n\t\t\nThis resource allows you to create and configure an IdP Discovery Policy Rule.\n\u003e If you receive the error 'You do not have permission to access the feature\nyou are requesting' contact support and\nrequest feature flag 'ADVANCED_SSO' be applied to your org.\n\n## Import\n\n```sh\n$ pulumi import okta:policy/ruleIdpDiscovery:RuleIdpDiscovery example \u003cpolicy_id\u003e/\u003crule_id\u003e\n```\n\n","properties":{"appExcludes":{"type":"array","items":{"$ref":"#/types/okta:policy/RuleIdpDiscoveryAppExclude:RuleIdpDiscoveryAppExclude"},"description":"Applications to exclude in discovery. See \u003cspan pulumi-lang-nodejs=\"`appInclude`\" pulumi-lang-dotnet=\"`AppInclude`\" pulumi-lang-go=\"`appInclude`\" pulumi-lang-python=\"`app_include`\" pulumi-lang-yaml=\"`appInclude`\" pulumi-lang-java=\"`appInclude`\"\u003e`app_include`\u003c/span\u003e for details."},"appIncludes":{"type":"array","items":{"$ref":"#/types/okta:policy/RuleIdpDiscoveryAppInclude:RuleIdpDiscoveryAppInclude"},"description":"Applications to include in discovery rule.\n- 'id' - (Optional) Use if 'type' is 'APP' to indicate the application id to include.\n- 'name' - (Optional) Use if the 'type' is 'APP_TYPE' to indicate the type of application(s) to include in instances where an entire group (i.e. 'yahoo_mail') of applications should be included.\n- 'type' - (Required) One of: 'APP', 'APP_TYPE'"},"idpProviders":{"type":"array","items":{"$ref":"#/types/okta:policy/RuleIdpDiscoveryIdpProvider:RuleIdpDiscoveryIdpProvider"}},"name":{"type":"string","description":"Policy Rule Name"},"networkConnection":{"type":"string","description":"Network selection mode: `ANYWHERE`, `ZONE`, `ON_NETWORK`, or `OFF_NETWORK`. Default: `ANYWHERE`"},"networkExcludes":{"type":"array","items":{"type":"string"},"description":"Required if \u003cspan pulumi-lang-nodejs=\"`networkConnection`\" pulumi-lang-dotnet=\"`NetworkConnection`\" pulumi-lang-go=\"`networkConnection`\" pulumi-lang-python=\"`network_connection`\" pulumi-lang-yaml=\"`networkConnection`\" pulumi-lang-java=\"`networkConnection`\"\u003e`network_connection`\u003c/span\u003e = `ZONE`. Indicates the network zones to exclude."},"networkIncludes":{"type":"array","items":{"type":"string"},"description":"Required if \u003cspan pulumi-lang-nodejs=\"`networkConnection`\" pulumi-lang-dotnet=\"`NetworkConnection`\" pulumi-lang-go=\"`networkConnection`\" pulumi-lang-python=\"`network_connection`\" pulumi-lang-yaml=\"`networkConnection`\" pulumi-lang-java=\"`networkConnection`\"\u003e`network_connection`\u003c/span\u003e = `ZONE`. Indicates the network zones to include."},"platformIncludes":{"type":"array","items":{"$ref":"#/types/okta:policy/RuleIdpDiscoveryPlatformInclude:RuleIdpDiscoveryPlatformInclude"},"description":"Platform to include in discovery rule.\n- 'type' - (Optional) One of: 'ANY', 'MOBILE', 'DESKTOP'\n- 'os_expression - (Optional) Only available when using\u003cspan pulumi-lang-nodejs=\" osType \" pulumi-lang-dotnet=\" OsType \" pulumi-lang-go=\" osType \" pulumi-lang-python=\" os_type \" pulumi-lang-yaml=\" osType \" pulumi-lang-java=\" osType \"\u003e os_type \u003c/span\u003e= 'OTHER'\n- 'os_type' - (Optional) One of: 'ANY', 'IOS', 'WINDOWS', 'ANDROID', 'OTHER', 'OSX'"},"policyId":{"type":"string","description":"Policy ID of the Rule"},"priority":{"type":"integer","description":"Rule priority. This attribute can be set to a valid priority. To avoid an endless diff situation an error is thrown if an invalid property is provided. The Okta API defaults to the last (lowest) if not provided."},"status":{"type":"string","description":"Policy Rule Status: `ACTIVE` or `INACTIVE`. Default: `ACTIVE`"},"userIdentifierAttribute":{"type":"string","description":"Profile attribute matching can only have a single value that describes the type indicated in \u003cspan pulumi-lang-nodejs=\"`userIdentifierType`\" pulumi-lang-dotnet=\"`UserIdentifierType`\" pulumi-lang-go=\"`userIdentifierType`\" pulumi-lang-python=\"`user_identifier_type`\" pulumi-lang-yaml=\"`userIdentifierType`\" pulumi-lang-java=\"`userIdentifierType`\"\u003e`user_identifier_type`\u003c/span\u003e. This is the attribute or identifier that the \u003cspan pulumi-lang-nodejs=\"`userIdentifierPatterns`\" pulumi-lang-dotnet=\"`UserIdentifierPatterns`\" pulumi-lang-go=\"`userIdentifierPatterns`\" pulumi-lang-python=\"`user_identifier_patterns`\" pulumi-lang-yaml=\"`userIdentifierPatterns`\" pulumi-lang-java=\"`userIdentifierPatterns`\"\u003e`user_identifier_patterns`\u003c/span\u003e are checked against."},"userIdentifierPatterns":{"type":"array","items":{"$ref":"#/types/okta:policy/RuleIdpDiscoveryUserIdentifierPattern:RuleIdpDiscoveryUserIdentifierPattern"},"description":"Specifies a User Identifier pattern condition to match against. If 'match_type' of 'EXPRESSION' is used, only a *single* element can be set, otherwise multiple elements of matching patterns may be provided.\n- 'match_type' - (Optional) The kind of pattern. For regex, use 'EXPRESSION'. For simple string matches, use one of the following: 'SUFFIX', 'EQUALS', 'STARTS_WITH', 'CONTAINS'\n- 'value' - (Optional) The regex or simple match string to match against."},"userIdentifierType":{"type":"string","description":"One of: `IDENTIFIER`, `ATTRIBUTE`"}},"required":["idpProviders","name"],"inputProperties":{"appExcludes":{"type":"array","items":{"$ref":"#/types/okta:policy/RuleIdpDiscoveryAppExclude:RuleIdpDiscoveryAppExclude"},"description":"Applications to exclude in discovery. See \u003cspan pulumi-lang-nodejs=\"`appInclude`\" pulumi-lang-dotnet=\"`AppInclude`\" pulumi-lang-go=\"`appInclude`\" pulumi-lang-python=\"`app_include`\" pulumi-lang-yaml=\"`appInclude`\" pulumi-lang-java=\"`appInclude`\"\u003e`app_include`\u003c/span\u003e for details."},"appIncludes":{"type":"array","items":{"$ref":"#/types/okta:policy/RuleIdpDiscoveryAppInclude:RuleIdpDiscoveryAppInclude"},"description":"Applications to include in discovery rule.\n- 'id' - (Optional) Use if 'type' is 'APP' to indicate the application id to include.\n- 'name' - (Optional) Use if the 'type' is 'APP_TYPE' to indicate the type of application(s) to include in instances where an entire group (i.e. 'yahoo_mail') of applications should be included.\n- 'type' - (Required) One of: 'APP', 'APP_TYPE'"},"idpProviders":{"type":"array","items":{"$ref":"#/types/okta:policy/RuleIdpDiscoveryIdpProvider:RuleIdpDiscoveryIdpProvider"}},"name":{"type":"string","description":"Policy Rule Name","willReplaceOnChanges":true},"networkConnection":{"type":"string","description":"Network selection mode: `ANYWHERE`, `ZONE`, `ON_NETWORK`, or `OFF_NETWORK`. Default: `ANYWHERE`"},"networkExcludes":{"type":"array","items":{"type":"string"},"description":"Required if \u003cspan pulumi-lang-nodejs=\"`networkConnection`\" pulumi-lang-dotnet=\"`NetworkConnection`\" pulumi-lang-go=\"`networkConnection`\" pulumi-lang-python=\"`network_connection`\" pulumi-lang-yaml=\"`networkConnection`\" pulumi-lang-java=\"`networkConnection`\"\u003e`network_connection`\u003c/span\u003e = `ZONE`. Indicates the network zones to exclude."},"networkIncludes":{"type":"array","items":{"type":"string"},"description":"Required if \u003cspan pulumi-lang-nodejs=\"`networkConnection`\" pulumi-lang-dotnet=\"`NetworkConnection`\" pulumi-lang-go=\"`networkConnection`\" pulumi-lang-python=\"`network_connection`\" pulumi-lang-yaml=\"`networkConnection`\" pulumi-lang-java=\"`networkConnection`\"\u003e`network_connection`\u003c/span\u003e = `ZONE`. Indicates the network zones to include."},"platformIncludes":{"type":"array","items":{"$ref":"#/types/okta:policy/RuleIdpDiscoveryPlatformInclude:RuleIdpDiscoveryPlatformInclude"},"description":"Platform to include in discovery rule.\n- 'type' - (Optional) One of: 'ANY', 'MOBILE', 'DESKTOP'\n- 'os_expression - (Optional) Only available when using\u003cspan pulumi-lang-nodejs=\" osType \" pulumi-lang-dotnet=\" OsType \" pulumi-lang-go=\" osType \" pulumi-lang-python=\" os_type \" pulumi-lang-yaml=\" osType \" pulumi-lang-java=\" osType \"\u003e os_type \u003c/span\u003e= 'OTHER'\n- 'os_type' - (Optional) One of: 'ANY', 'IOS', 'WINDOWS', 'ANDROID', 'OTHER', 'OSX'"},"policyId":{"type":"string","description":"Policy ID of the Rule","willReplaceOnChanges":true},"priority":{"type":"integer","description":"Rule priority. This attribute can be set to a valid priority. To avoid an endless diff situation an error is thrown if an invalid property is provided. The Okta API defaults to the last (lowest) if not provided."},"status":{"type":"string","description":"Policy Rule Status: `ACTIVE` or `INACTIVE`. Default: `ACTIVE`"},"userIdentifierAttribute":{"type":"string","description":"Profile attribute matching can only have a single value that describes the type indicated in \u003cspan pulumi-lang-nodejs=\"`userIdentifierType`\" pulumi-lang-dotnet=\"`UserIdentifierType`\" pulumi-lang-go=\"`userIdentifierType`\" pulumi-lang-python=\"`user_identifier_type`\" pulumi-lang-yaml=\"`userIdentifierType`\" pulumi-lang-java=\"`userIdentifierType`\"\u003e`user_identifier_type`\u003c/span\u003e. This is the attribute or identifier that the \u003cspan pulumi-lang-nodejs=\"`userIdentifierPatterns`\" pulumi-lang-dotnet=\"`UserIdentifierPatterns`\" pulumi-lang-go=\"`userIdentifierPatterns`\" pulumi-lang-python=\"`user_identifier_patterns`\" pulumi-lang-yaml=\"`userIdentifierPatterns`\" pulumi-lang-java=\"`userIdentifierPatterns`\"\u003e`user_identifier_patterns`\u003c/span\u003e are checked against."},"userIdentifierPatterns":{"type":"array","items":{"$ref":"#/types/okta:policy/RuleIdpDiscoveryUserIdentifierPattern:RuleIdpDiscoveryUserIdentifierPattern"},"description":"Specifies a User Identifier pattern condition to match against. If 'match_type' of 'EXPRESSION' is used, only a *single* element can be set, otherwise multiple elements of matching patterns may be provided.\n- 'match_type' - (Optional) The kind of pattern. For regex, use 'EXPRESSION'. For simple string matches, use one of the following: 'SUFFIX', 'EQUALS', 'STARTS_WITH', 'CONTAINS'\n- 'value' - (Optional) The regex or simple match string to match against."},"userIdentifierType":{"type":"string","description":"One of: `IDENTIFIER`, `ATTRIBUTE`"}},"stateInputs":{"description":"Input properties used for looking up and filtering RuleIdpDiscovery resources.\n","properties":{"appExcludes":{"type":"array","items":{"$ref":"#/types/okta:policy/RuleIdpDiscoveryAppExclude:RuleIdpDiscoveryAppExclude"},"description":"Applications to exclude in discovery. See \u003cspan pulumi-lang-nodejs=\"`appInclude`\" pulumi-lang-dotnet=\"`AppInclude`\" pulumi-lang-go=\"`appInclude`\" pulumi-lang-python=\"`app_include`\" pulumi-lang-yaml=\"`appInclude`\" pulumi-lang-java=\"`appInclude`\"\u003e`app_include`\u003c/span\u003e for details."},"appIncludes":{"type":"array","items":{"$ref":"#/types/okta:policy/RuleIdpDiscoveryAppInclude:RuleIdpDiscoveryAppInclude"},"description":"Applications to include in discovery rule.\n- 'id' - (Optional) Use if 'type' is 'APP' to indicate the application id to include.\n- 'name' - (Optional) Use if the 'type' is 'APP_TYPE' to indicate the type of application(s) to include in instances where an entire group (i.e. 'yahoo_mail') of applications should be included.\n- 'type' - (Required) One of: 'APP', 'APP_TYPE'"},"idpProviders":{"type":"array","items":{"$ref":"#/types/okta:policy/RuleIdpDiscoveryIdpProvider:RuleIdpDiscoveryIdpProvider"}},"name":{"type":"string","description":"Policy Rule Name","willReplaceOnChanges":true},"networkConnection":{"type":"string","description":"Network selection mode: `ANYWHERE`, `ZONE`, `ON_NETWORK`, or `OFF_NETWORK`. Default: `ANYWHERE`"},"networkExcludes":{"type":"array","items":{"type":"string"},"description":"Required if \u003cspan pulumi-lang-nodejs=\"`networkConnection`\" pulumi-lang-dotnet=\"`NetworkConnection`\" pulumi-lang-go=\"`networkConnection`\" pulumi-lang-python=\"`network_connection`\" pulumi-lang-yaml=\"`networkConnection`\" pulumi-lang-java=\"`networkConnection`\"\u003e`network_connection`\u003c/span\u003e = `ZONE`. Indicates the network zones to exclude."},"networkIncludes":{"type":"array","items":{"type":"string"},"description":"Required if \u003cspan pulumi-lang-nodejs=\"`networkConnection`\" pulumi-lang-dotnet=\"`NetworkConnection`\" pulumi-lang-go=\"`networkConnection`\" pulumi-lang-python=\"`network_connection`\" pulumi-lang-yaml=\"`networkConnection`\" pulumi-lang-java=\"`networkConnection`\"\u003e`network_connection`\u003c/span\u003e = `ZONE`. Indicates the network zones to include."},"platformIncludes":{"type":"array","items":{"$ref":"#/types/okta:policy/RuleIdpDiscoveryPlatformInclude:RuleIdpDiscoveryPlatformInclude"},"description":"Platform to include in discovery rule.\n- 'type' - (Optional) One of: 'ANY', 'MOBILE', 'DESKTOP'\n- 'os_expression - (Optional) Only available when using\u003cspan pulumi-lang-nodejs=\" osType \" pulumi-lang-dotnet=\" OsType \" pulumi-lang-go=\" osType \" pulumi-lang-python=\" os_type \" pulumi-lang-yaml=\" osType \" pulumi-lang-java=\" osType \"\u003e os_type \u003c/span\u003e= 'OTHER'\n- 'os_type' - (Optional) One of: 'ANY', 'IOS', 'WINDOWS', 'ANDROID', 'OTHER', 'OSX'"},"policyId":{"type":"string","description":"Policy ID of the Rule","willReplaceOnChanges":true},"priority":{"type":"integer","description":"Rule priority. This attribute can be set to a valid priority. To avoid an endless diff situation an error is thrown if an invalid property is provided. The Okta API defaults to the last (lowest) if not provided."},"status":{"type":"string","description":"Policy Rule Status: `ACTIVE` or `INACTIVE`. Default: `ACTIVE`"},"userIdentifierAttribute":{"type":"string","description":"Profile attribute matching can only have a single value that describes the type indicated in \u003cspan pulumi-lang-nodejs=\"`userIdentifierType`\" pulumi-lang-dotnet=\"`UserIdentifierType`\" pulumi-lang-go=\"`userIdentifierType`\" pulumi-lang-python=\"`user_identifier_type`\" pulumi-lang-yaml=\"`userIdentifierType`\" pulumi-lang-java=\"`userIdentifierType`\"\u003e`user_identifier_type`\u003c/span\u003e. This is the attribute or identifier that the \u003cspan pulumi-lang-nodejs=\"`userIdentifierPatterns`\" pulumi-lang-dotnet=\"`UserIdentifierPatterns`\" pulumi-lang-go=\"`userIdentifierPatterns`\" pulumi-lang-python=\"`user_identifier_patterns`\" pulumi-lang-yaml=\"`userIdentifierPatterns`\" pulumi-lang-java=\"`userIdentifierPatterns`\"\u003e`user_identifier_patterns`\u003c/span\u003e are checked against."},"userIdentifierPatterns":{"type":"array","items":{"$ref":"#/types/okta:policy/RuleIdpDiscoveryUserIdentifierPattern:RuleIdpDiscoveryUserIdentifierPattern"},"description":"Specifies a User Identifier pattern condition to match against. If 'match_type' of 'EXPRESSION' is used, only a *single* element can be set, otherwise multiple elements of matching patterns may be provided.\n- 'match_type' - (Optional) The kind of pattern. For regex, use 'EXPRESSION'. For simple string matches, use one of the following: 'SUFFIX', 'EQUALS', 'STARTS_WITH', 'CONTAINS'\n- 'value' - (Optional) The regex or simple match string to match against."},"userIdentifierType":{"type":"string","description":"One of: `IDENTIFIER`, `ATTRIBUTE`"}},"type":"object"}},"okta:policy/ruleMfa:RuleMfa":{"description":"Creates an MFA Policy Rule. This resource allows you to create and configure an MFA Policy Rule.\n\n## Import\n\n```sh\n$ pulumi import okta:policy/ruleMfa:RuleMfa example \u003cpolicy_id\u003e/\u003crule_id\u003e\n```\n\n","properties":{"appExcludes":{"type":"array","items":{"$ref":"#/types/okta:policy/RuleMfaAppExclude:RuleMfaAppExclude"},"description":"Applications to exclude in discovery rule. **IMPORTANT**: this field is only available in Classic Organizations.\n\t- 'id' - (Optional) Use if 'type' is 'APP' to indicate the application id to include.\n\t- 'name' - (Optional) Use if the 'type' is 'APP_TYPE' to indicate the type of application(s) to include in instances where an entire group (i.e. 'yahoo_mail') of applications should be included.\n\t- 'type' - (Required) One of: 'APP', 'APP_TYPE'"},"appIncludes":{"type":"array","items":{"$ref":"#/types/okta:policy/RuleMfaAppInclude:RuleMfaAppInclude"},"description":"Applications to include in discovery rule. **IMPORTANT**: this field is only available in Classic Organizations.\n\t- 'id' - (Optional) Use if 'type' is 'APP' to indicate the application id to include.\n\t- 'name' - (Optional) Use if the 'type' is 'APP_TYPE' to indicate the type of application(s) to include in instances where an entire group (i.e. 'yahoo_mail') of applications should be included.\n\t- 'type' - (Required) One of: 'APP', 'APP_TYPE'"},"enroll":{"type":"string","description":"When a user should be prompted for MFA. It can be `CHALLENGE`, `LOGIN`, or `NEVER`."},"name":{"type":"string","description":"Policy Rule Name"},"networkConnection":{"type":"string","description":"Network selection mode: `ANYWHERE`, `ZONE`, `ON_NETWORK`, or `OFF_NETWORK`. Default: `ANYWHERE`"},"networkExcludes":{"type":"array","items":{"type":"string"},"description":"Required if \u003cspan pulumi-lang-nodejs=\"`networkConnection`\" pulumi-lang-dotnet=\"`NetworkConnection`\" pulumi-lang-go=\"`networkConnection`\" pulumi-lang-python=\"`network_connection`\" pulumi-lang-yaml=\"`networkConnection`\" pulumi-lang-java=\"`networkConnection`\"\u003e`network_connection`\u003c/span\u003e = `ZONE`. Indicates the network zones to exclude."},"networkIncludes":{"type":"array","items":{"type":"string"},"description":"Required if \u003cspan pulumi-lang-nodejs=\"`networkConnection`\" pulumi-lang-dotnet=\"`NetworkConnection`\" pulumi-lang-go=\"`networkConnection`\" pulumi-lang-python=\"`network_connection`\" pulumi-lang-yaml=\"`networkConnection`\" pulumi-lang-java=\"`networkConnection`\"\u003e`network_connection`\u003c/span\u003e = `ZONE`. Indicates the network zones to include."},"policyId":{"type":"string","description":"Policy ID of the Rule"},"priority":{"type":"integer","description":"Rule priority. This attribute can be set to a valid priority. To avoid an endless diff situation an error is thrown if an invalid property is provided. The Okta API defaults to the last (lowest) if not provided."},"status":{"type":"string","description":"Policy Rule Status: `ACTIVE` or `INACTIVE`. Default: `ACTIVE`"},"usersExcludeds":{"type":"array","items":{"type":"string"},"description":"Set of User IDs to Exclude"}},"required":["name"],"inputProperties":{"appExcludes":{"type":"array","items":{"$ref":"#/types/okta:policy/RuleMfaAppExclude:RuleMfaAppExclude"},"description":"Applications to exclude in discovery rule. **IMPORTANT**: this field is only available in Classic Organizations.\n\t- 'id' - (Optional) Use if 'type' is 'APP' to indicate the application id to include.\n\t- 'name' - (Optional) Use if the 'type' is 'APP_TYPE' to indicate the type of application(s) to include in instances where an entire group (i.e. 'yahoo_mail') of applications should be included.\n\t- 'type' - (Required) One of: 'APP', 'APP_TYPE'"},"appIncludes":{"type":"array","items":{"$ref":"#/types/okta:policy/RuleMfaAppInclude:RuleMfaAppInclude"},"description":"Applications to include in discovery rule. **IMPORTANT**: this field is only available in Classic Organizations.\n\t- 'id' - (Optional) Use if 'type' is 'APP' to indicate the application id to include.\n\t- 'name' - (Optional) Use if the 'type' is 'APP_TYPE' to indicate the type of application(s) to include in instances where an entire group (i.e. 'yahoo_mail') of applications should be included.\n\t- 'type' - (Required) One of: 'APP', 'APP_TYPE'"},"enroll":{"type":"string","description":"When a user should be prompted for MFA. It can be `CHALLENGE`, `LOGIN`, or `NEVER`."},"name":{"type":"string","description":"Policy Rule Name","willReplaceOnChanges":true},"networkConnection":{"type":"string","description":"Network selection mode: `ANYWHERE`, `ZONE`, `ON_NETWORK`, or `OFF_NETWORK`. Default: `ANYWHERE`"},"networkExcludes":{"type":"array","items":{"type":"string"},"description":"Required if \u003cspan pulumi-lang-nodejs=\"`networkConnection`\" pulumi-lang-dotnet=\"`NetworkConnection`\" pulumi-lang-go=\"`networkConnection`\" pulumi-lang-python=\"`network_connection`\" pulumi-lang-yaml=\"`networkConnection`\" pulumi-lang-java=\"`networkConnection`\"\u003e`network_connection`\u003c/span\u003e = `ZONE`. Indicates the network zones to exclude."},"networkIncludes":{"type":"array","items":{"type":"string"},"description":"Required if \u003cspan pulumi-lang-nodejs=\"`networkConnection`\" pulumi-lang-dotnet=\"`NetworkConnection`\" pulumi-lang-go=\"`networkConnection`\" pulumi-lang-python=\"`network_connection`\" pulumi-lang-yaml=\"`networkConnection`\" pulumi-lang-java=\"`networkConnection`\"\u003e`network_connection`\u003c/span\u003e = `ZONE`. Indicates the network zones to include."},"policyId":{"type":"string","description":"Policy ID of the Rule","willReplaceOnChanges":true},"priority":{"type":"integer","description":"Rule priority. This attribute can be set to a valid priority. To avoid an endless diff situation an error is thrown if an invalid property is provided. The Okta API defaults to the last (lowest) if not provided."},"status":{"type":"string","description":"Policy Rule Status: `ACTIVE` or `INACTIVE`. Default: `ACTIVE`"},"usersExcludeds":{"type":"array","items":{"type":"string"},"description":"Set of User IDs to Exclude"}},"stateInputs":{"description":"Input properties used for looking up and filtering RuleMfa resources.\n","properties":{"appExcludes":{"type":"array","items":{"$ref":"#/types/okta:policy/RuleMfaAppExclude:RuleMfaAppExclude"},"description":"Applications to exclude in discovery rule. **IMPORTANT**: this field is only available in Classic Organizations.\n\t- 'id' - (Optional) Use if 'type' is 'APP' to indicate the application id to include.\n\t- 'name' - (Optional) Use if the 'type' is 'APP_TYPE' to indicate the type of application(s) to include in instances where an entire group (i.e. 'yahoo_mail') of applications should be included.\n\t- 'type' - (Required) One of: 'APP', 'APP_TYPE'"},"appIncludes":{"type":"array","items":{"$ref":"#/types/okta:policy/RuleMfaAppInclude:RuleMfaAppInclude"},"description":"Applications to include in discovery rule. **IMPORTANT**: this field is only available in Classic Organizations.\n\t- 'id' - (Optional) Use if 'type' is 'APP' to indicate the application id to include.\n\t- 'name' - (Optional) Use if the 'type' is 'APP_TYPE' to indicate the type of application(s) to include in instances where an entire group (i.e. 'yahoo_mail') of applications should be included.\n\t- 'type' - (Required) One of: 'APP', 'APP_TYPE'"},"enroll":{"type":"string","description":"When a user should be prompted for MFA. It can be `CHALLENGE`, `LOGIN`, or `NEVER`."},"name":{"type":"string","description":"Policy Rule Name","willReplaceOnChanges":true},"networkConnection":{"type":"string","description":"Network selection mode: `ANYWHERE`, `ZONE`, `ON_NETWORK`, or `OFF_NETWORK`. Default: `ANYWHERE`"},"networkExcludes":{"type":"array","items":{"type":"string"},"description":"Required if \u003cspan pulumi-lang-nodejs=\"`networkConnection`\" pulumi-lang-dotnet=\"`NetworkConnection`\" pulumi-lang-go=\"`networkConnection`\" pulumi-lang-python=\"`network_connection`\" pulumi-lang-yaml=\"`networkConnection`\" pulumi-lang-java=\"`networkConnection`\"\u003e`network_connection`\u003c/span\u003e = `ZONE`. Indicates the network zones to exclude."},"networkIncludes":{"type":"array","items":{"type":"string"},"description":"Required if \u003cspan pulumi-lang-nodejs=\"`networkConnection`\" pulumi-lang-dotnet=\"`NetworkConnection`\" pulumi-lang-go=\"`networkConnection`\" pulumi-lang-python=\"`network_connection`\" pulumi-lang-yaml=\"`networkConnection`\" pulumi-lang-java=\"`networkConnection`\"\u003e`network_connection`\u003c/span\u003e = `ZONE`. Indicates the network zones to include."},"policyId":{"type":"string","description":"Policy ID of the Rule","willReplaceOnChanges":true},"priority":{"type":"integer","description":"Rule priority. This attribute can be set to a valid priority. To avoid an endless diff situation an error is thrown if an invalid property is provided. The Okta API defaults to the last (lowest) if not provided."},"status":{"type":"string","description":"Policy Rule Status: `ACTIVE` or `INACTIVE`. Default: `ACTIVE`"},"usersExcludeds":{"type":"array","items":{"type":"string"},"description":"Set of User IDs to Exclude"}},"type":"object"}},"okta:policy/rulePassword:RulePassword":{"description":"Creates a Password Policy Rule. This resource allows you to create and configure a Password Policy Rule.\n\n## Import\n\n```sh\n$ pulumi import okta:policy/rulePassword:RulePassword example \u003cpolicy_id\u003e/\u003crule_id\u003e\n```\n\n","properties":{"name":{"type":"string","description":"Policy Rule Name\n"},"networkConnection":{"type":"string","description":"Network selection mode: `ANYWHERE`, `ZONE`, `ON_NETWORK`, or `OFF_NETWORK`. Default: `ANYWHERE`\n"},"networkExcludes":{"type":"array","items":{"type":"string"},"description":"Required if \u003cspan pulumi-lang-nodejs=\"`networkConnection`\" pulumi-lang-dotnet=\"`NetworkConnection`\" pulumi-lang-go=\"`networkConnection`\" pulumi-lang-python=\"`network_connection`\" pulumi-lang-yaml=\"`networkConnection`\" pulumi-lang-java=\"`networkConnection`\"\u003e`network_connection`\u003c/span\u003e = `ZONE`. Indicates the network zones to exclude.\n"},"networkIncludes":{"type":"array","items":{"type":"string"},"description":"Required if \u003cspan pulumi-lang-nodejs=\"`networkConnection`\" pulumi-lang-dotnet=\"`NetworkConnection`\" pulumi-lang-go=\"`networkConnection`\" pulumi-lang-python=\"`network_connection`\" pulumi-lang-yaml=\"`networkConnection`\" pulumi-lang-java=\"`networkConnection`\"\u003e`network_connection`\u003c/span\u003e = `ZONE`. Indicates the network zones to include.\n"},"passwordChange":{"type":"string","description":"Allow or deny a user to change their password: `ALLOW` or `DENY`. Default: `ALLOW`\n"},"passwordReset":{"type":"string","description":"Allow or deny a user to reset their password: `ALLOW` or `DENY`. Default: `ALLOW`\n"},"passwordUnlock":{"type":"string","description":"Allow or deny a user to unlock. Default: `DENY`\n"},"policyId":{"type":"string","description":"Policy ID of the Rule\n"},"priority":{"type":"integer","description":"Rule priority. This attribute can be set to a valid priority. To avoid an endless diff situation an error is thrown if an invalid property is provided. The Okta API defaults to the last (lowest) if not provided.\n"},"status":{"type":"string","description":"Policy Rule Status: `ACTIVE` or `INACTIVE`. Default: `ACTIVE`\n"},"usersExcludeds":{"type":"array","items":{"type":"string"},"description":"Set of User IDs to Exclude\n"}},"required":["name"],"inputProperties":{"name":{"type":"string","description":"Policy Rule Name\n","willReplaceOnChanges":true},"networkConnection":{"type":"string","description":"Network selection mode: `ANYWHERE`, `ZONE`, `ON_NETWORK`, or `OFF_NETWORK`. Default: `ANYWHERE`\n"},"networkExcludes":{"type":"array","items":{"type":"string"},"description":"Required if \u003cspan pulumi-lang-nodejs=\"`networkConnection`\" pulumi-lang-dotnet=\"`NetworkConnection`\" pulumi-lang-go=\"`networkConnection`\" pulumi-lang-python=\"`network_connection`\" pulumi-lang-yaml=\"`networkConnection`\" pulumi-lang-java=\"`networkConnection`\"\u003e`network_connection`\u003c/span\u003e = `ZONE`. Indicates the network zones to exclude.\n"},"networkIncludes":{"type":"array","items":{"type":"string"},"description":"Required if \u003cspan pulumi-lang-nodejs=\"`networkConnection`\" pulumi-lang-dotnet=\"`NetworkConnection`\" pulumi-lang-go=\"`networkConnection`\" pulumi-lang-python=\"`network_connection`\" pulumi-lang-yaml=\"`networkConnection`\" pulumi-lang-java=\"`networkConnection`\"\u003e`network_connection`\u003c/span\u003e = `ZONE`. Indicates the network zones to include.\n"},"passwordChange":{"type":"string","description":"Allow or deny a user to change their password: `ALLOW` or `DENY`. Default: `ALLOW`\n"},"passwordReset":{"type":"string","description":"Allow or deny a user to reset their password: `ALLOW` or `DENY`. Default: `ALLOW`\n"},"passwordUnlock":{"type":"string","description":"Allow or deny a user to unlock. Default: `DENY`\n"},"policyId":{"type":"string","description":"Policy ID of the Rule\n","willReplaceOnChanges":true},"priority":{"type":"integer","description":"Rule priority. This attribute can be set to a valid priority. To avoid an endless diff situation an error is thrown if an invalid property is provided. The Okta API defaults to the last (lowest) if not provided.\n"},"status":{"type":"string","description":"Policy Rule Status: `ACTIVE` or `INACTIVE`. Default: `ACTIVE`\n"},"usersExcludeds":{"type":"array","items":{"type":"string"},"description":"Set of User IDs to Exclude\n"}},"stateInputs":{"description":"Input properties used for looking up and filtering RulePassword resources.\n","properties":{"name":{"type":"string","description":"Policy Rule Name\n","willReplaceOnChanges":true},"networkConnection":{"type":"string","description":"Network selection mode: `ANYWHERE`, `ZONE`, `ON_NETWORK`, or `OFF_NETWORK`. Default: `ANYWHERE`\n"},"networkExcludes":{"type":"array","items":{"type":"string"},"description":"Required if \u003cspan pulumi-lang-nodejs=\"`networkConnection`\" pulumi-lang-dotnet=\"`NetworkConnection`\" pulumi-lang-go=\"`networkConnection`\" pulumi-lang-python=\"`network_connection`\" pulumi-lang-yaml=\"`networkConnection`\" pulumi-lang-java=\"`networkConnection`\"\u003e`network_connection`\u003c/span\u003e = `ZONE`. Indicates the network zones to exclude.\n"},"networkIncludes":{"type":"array","items":{"type":"string"},"description":"Required if \u003cspan pulumi-lang-nodejs=\"`networkConnection`\" pulumi-lang-dotnet=\"`NetworkConnection`\" pulumi-lang-go=\"`networkConnection`\" pulumi-lang-python=\"`network_connection`\" pulumi-lang-yaml=\"`networkConnection`\" pulumi-lang-java=\"`networkConnection`\"\u003e`network_connection`\u003c/span\u003e = `ZONE`. Indicates the network zones to include.\n"},"passwordChange":{"type":"string","description":"Allow or deny a user to change their password: `ALLOW` or `DENY`. Default: `ALLOW`\n"},"passwordReset":{"type":"string","description":"Allow or deny a user to reset their password: `ALLOW` or `DENY`. Default: `ALLOW`\n"},"passwordUnlock":{"type":"string","description":"Allow or deny a user to unlock. Default: `DENY`\n"},"policyId":{"type":"string","description":"Policy ID of the Rule\n","willReplaceOnChanges":true},"priority":{"type":"integer","description":"Rule priority. This attribute can be set to a valid priority. To avoid an endless diff situation an error is thrown if an invalid property is provided. The Okta API defaults to the last (lowest) if not provided.\n"},"status":{"type":"string","description":"Policy Rule Status: `ACTIVE` or `INACTIVE`. Default: `ACTIVE`\n"},"usersExcludeds":{"type":"array","items":{"type":"string"},"description":"Set of User IDs to Exclude\n"}},"type":"object"}},"okta:policy/ruleSignon:RuleSignon":{"description":"Creates a Sign On Policy Rule. In case `Invalid condition type specified: riskScore.` error is thrown, set \u003cspan pulumi-lang-nodejs=\"`riscLevel`\" pulumi-lang-dotnet=\"`RiscLevel`\" pulumi-lang-go=\"`riscLevel`\" pulumi-lang-python=\"`risc_level`\" pulumi-lang-yaml=\"`riscLevel`\" pulumi-lang-java=\"`riscLevel`\"\u003e`risc_level`\u003c/span\u003e to an empty string, since this feature is not enabled.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst test = new okta.policy.Signon(\"test\", {\n    name: \"Example Policy\",\n    status: \"ACTIVE\",\n    description: \"Example Policy\",\n});\nconst newCity = okta.getBehaviour({\n    name: \"New City\",\n});\nconst example = new okta.policy.RuleSignon(\"example\", {\n    access: \"CHALLENGE\",\n    authtype: \"RADIUS\",\n    name: \"Example Policy Rule\",\n    networkConnection: \"ANYWHERE\",\n    policyId: exampleOktaPolicySignon.id,\n    status: \"ACTIVE\",\n    riscLevel: \"HIGH\",\n    behaviors: [newCity.then(newCity =\u003e newCity.id)],\n    factorSequences: [\n        {\n            primaryCriteriaFactorType: \"token:hotp\",\n            primaryCriteriaProvider: \"CUSTOM\",\n            secondaryCriterias: [\n                {\n                    factorType: \"token:software:totp\",\n                    provider: \"OKTA\",\n                },\n                {\n                    factorType: \"push\",\n                    provider: \"OKTA\",\n                },\n                {\n                    factorType: \"password\",\n                    provider: \"OKTA\",\n                },\n                {\n                    factorType: \"question\",\n                    provider: \"OKTA\",\n                },\n                {\n                    factorType: \"sms\",\n                    provider: \"OKTA\",\n                },\n                {\n                    factorType: \"token:software:totp\",\n                    provider: \"GOOGLE\",\n                },\n                {\n                    factorType: \"email\",\n                    provider: \"OKTA\",\n                },\n                {\n                    factorType: \"call\",\n                    provider: \"OKTA\",\n                },\n                {\n                    factorType: \"webauthn\",\n                    provider: \"FIDO\",\n                },\n                {\n                    factorType: \"token\",\n                    provider: \"RSA\",\n                },\n                {\n                    factorType: \"token\",\n                    provider: \"SYMANTEC\",\n                },\n            ],\n        },\n        {\n            primaryCriteriaFactorType: \"token:software:totp\",\n            primaryCriteriaProvider: \"OKTA\",\n        },\n    ],\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\ntest = okta.policy.Signon(\"test\",\n    name=\"Example Policy\",\n    status=\"ACTIVE\",\n    description=\"Example Policy\")\nnew_city = okta.get_behaviour(name=\"New City\")\nexample = okta.policy.RuleSignon(\"example\",\n    access=\"CHALLENGE\",\n    authtype=\"RADIUS\",\n    name=\"Example Policy Rule\",\n    network_connection=\"ANYWHERE\",\n    policy_id=example_okta_policy_signon[\"id\"],\n    status=\"ACTIVE\",\n    risc_level=\"HIGH\",\n    behaviors=[new_city.id],\n    factor_sequences=[\n        {\n            \"primary_criteria_factor_type\": \"token:hotp\",\n            \"primary_criteria_provider\": \"CUSTOM\",\n            \"secondary_criterias\": [\n                {\n                    \"factor_type\": \"token:software:totp\",\n                    \"provider\": \"OKTA\",\n                },\n                {\n                    \"factor_type\": \"push\",\n                    \"provider\": \"OKTA\",\n                },\n                {\n                    \"factor_type\": \"password\",\n                    \"provider\": \"OKTA\",\n                },\n                {\n                    \"factor_type\": \"question\",\n                    \"provider\": \"OKTA\",\n                },\n                {\n                    \"factor_type\": \"sms\",\n                    \"provider\": \"OKTA\",\n                },\n                {\n                    \"factor_type\": \"token:software:totp\",\n                    \"provider\": \"GOOGLE\",\n                },\n                {\n                    \"factor_type\": \"email\",\n                    \"provider\": \"OKTA\",\n                },\n                {\n                    \"factor_type\": \"call\",\n                    \"provider\": \"OKTA\",\n                },\n                {\n                    \"factor_type\": \"webauthn\",\n                    \"provider\": \"FIDO\",\n                },\n                {\n                    \"factor_type\": \"token\",\n                    \"provider\": \"RSA\",\n                },\n                {\n                    \"factor_type\": \"token\",\n                    \"provider\": \"SYMANTEC\",\n                },\n            ],\n        },\n        {\n            \"primary_criteria_factor_type\": \"token:software:totp\",\n            \"primary_criteria_provider\": \"OKTA\",\n        },\n    ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var test = new Okta.Policy.Signon(\"test\", new()\n    {\n        Name = \"Example Policy\",\n        Status = \"ACTIVE\",\n        Description = \"Example Policy\",\n    });\n\n    var newCity = Okta.GetBehaviour.Invoke(new()\n    {\n        Name = \"New City\",\n    });\n\n    var example = new Okta.Policy.RuleSignon(\"example\", new()\n    {\n        Access = \"CHALLENGE\",\n        Authtype = \"RADIUS\",\n        Name = \"Example Policy Rule\",\n        NetworkConnection = \"ANYWHERE\",\n        PolicyId = exampleOktaPolicySignon.Id,\n        Status = \"ACTIVE\",\n        RiscLevel = \"HIGH\",\n        Behaviors = new[]\n        {\n            newCity.Apply(getBehaviourResult =\u003e getBehaviourResult.Id),\n        },\n        FactorSequences = new[]\n        {\n            new Okta.Policy.Inputs.RuleSignonFactorSequenceArgs\n            {\n                PrimaryCriteriaFactorType = \"token:hotp\",\n                PrimaryCriteriaProvider = \"CUSTOM\",\n                SecondaryCriterias = new[]\n                {\n                    new Okta.Policy.Inputs.RuleSignonFactorSequenceSecondaryCriteriaArgs\n                    {\n                        FactorType = \"token:software:totp\",\n                        Provider = \"OKTA\",\n                    },\n                    new Okta.Policy.Inputs.RuleSignonFactorSequenceSecondaryCriteriaArgs\n                    {\n                        FactorType = \"push\",\n                        Provider = \"OKTA\",\n                    },\n                    new Okta.Policy.Inputs.RuleSignonFactorSequenceSecondaryCriteriaArgs\n                    {\n                        FactorType = \"password\",\n                        Provider = \"OKTA\",\n                    },\n                    new Okta.Policy.Inputs.RuleSignonFactorSequenceSecondaryCriteriaArgs\n                    {\n                        FactorType = \"question\",\n                        Provider = \"OKTA\",\n                    },\n                    new Okta.Policy.Inputs.RuleSignonFactorSequenceSecondaryCriteriaArgs\n                    {\n                        FactorType = \"sms\",\n                        Provider = \"OKTA\",\n                    },\n                    new Okta.Policy.Inputs.RuleSignonFactorSequenceSecondaryCriteriaArgs\n                    {\n                        FactorType = \"token:software:totp\",\n                        Provider = \"GOOGLE\",\n                    },\n                    new Okta.Policy.Inputs.RuleSignonFactorSequenceSecondaryCriteriaArgs\n                    {\n                        FactorType = \"email\",\n                        Provider = \"OKTA\",\n                    },\n                    new Okta.Policy.Inputs.RuleSignonFactorSequenceSecondaryCriteriaArgs\n                    {\n                        FactorType = \"call\",\n                        Provider = \"OKTA\",\n                    },\n                    new Okta.Policy.Inputs.RuleSignonFactorSequenceSecondaryCriteriaArgs\n                    {\n                        FactorType = \"webauthn\",\n                        Provider = \"FIDO\",\n                    },\n                    new Okta.Policy.Inputs.RuleSignonFactorSequenceSecondaryCriteriaArgs\n                    {\n                        FactorType = \"token\",\n                        Provider = \"RSA\",\n                    },\n                    new Okta.Policy.Inputs.RuleSignonFactorSequenceSecondaryCriteriaArgs\n                    {\n                        FactorType = \"token\",\n                        Provider = \"SYMANTEC\",\n                    },\n                },\n            },\n            new Okta.Policy.Inputs.RuleSignonFactorSequenceArgs\n            {\n                PrimaryCriteriaFactorType = \"token:software:totp\",\n                PrimaryCriteriaProvider = \"OKTA\",\n            },\n        },\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta\"\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta/policy\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := policy.NewSignon(ctx, \"test\", \u0026policy.SignonArgs{\n\t\t\tName:        pulumi.String(\"Example Policy\"),\n\t\t\tStatus:      pulumi.String(\"ACTIVE\"),\n\t\t\tDescription: pulumi.String(\"Example Policy\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tnewCity, err := okta.LookupBehaviour(ctx, \u0026okta.LookupBehaviourArgs{\n\t\t\tName: pulumi.StringRef(\"New City\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = policy.NewRuleSignon(ctx, \"example\", \u0026policy.RuleSignonArgs{\n\t\t\tAccess:            pulumi.String(\"CHALLENGE\"),\n\t\t\tAuthtype:          pulumi.String(\"RADIUS\"),\n\t\t\tName:              pulumi.String(\"Example Policy Rule\"),\n\t\t\tNetworkConnection: pulumi.String(\"ANYWHERE\"),\n\t\t\tPolicyId:          pulumi.Any(exampleOktaPolicySignon.Id),\n\t\t\tStatus:            pulumi.String(\"ACTIVE\"),\n\t\t\tRiscLevel:         pulumi.String(\"HIGH\"),\n\t\t\tBehaviors: pulumi.StringArray{\n\t\t\t\tpulumi.String(newCity.Id),\n\t\t\t},\n\t\t\tFactorSequences: policy.RuleSignonFactorSequenceArray{\n\t\t\t\t\u0026policy.RuleSignonFactorSequenceArgs{\n\t\t\t\t\tPrimaryCriteriaFactorType: pulumi.String(\"token:hotp\"),\n\t\t\t\t\tPrimaryCriteriaProvider:   pulumi.String(\"CUSTOM\"),\n\t\t\t\t\tSecondaryCriterias: policy.RuleSignonFactorSequenceSecondaryCriteriaArray{\n\t\t\t\t\t\t\u0026policy.RuleSignonFactorSequenceSecondaryCriteriaArgs{\n\t\t\t\t\t\t\tFactorType: pulumi.String(\"token:software:totp\"),\n\t\t\t\t\t\t\tProvider:   pulumi.String(\"OKTA\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026policy.RuleSignonFactorSequenceSecondaryCriteriaArgs{\n\t\t\t\t\t\t\tFactorType: pulumi.String(\"push\"),\n\t\t\t\t\t\t\tProvider:   pulumi.String(\"OKTA\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026policy.RuleSignonFactorSequenceSecondaryCriteriaArgs{\n\t\t\t\t\t\t\tFactorType: pulumi.String(\"password\"),\n\t\t\t\t\t\t\tProvider:   pulumi.String(\"OKTA\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026policy.RuleSignonFactorSequenceSecondaryCriteriaArgs{\n\t\t\t\t\t\t\tFactorType: pulumi.String(\"question\"),\n\t\t\t\t\t\t\tProvider:   pulumi.String(\"OKTA\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026policy.RuleSignonFactorSequenceSecondaryCriteriaArgs{\n\t\t\t\t\t\t\tFactorType: pulumi.String(\"sms\"),\n\t\t\t\t\t\t\tProvider:   pulumi.String(\"OKTA\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026policy.RuleSignonFactorSequenceSecondaryCriteriaArgs{\n\t\t\t\t\t\t\tFactorType: pulumi.String(\"token:software:totp\"),\n\t\t\t\t\t\t\tProvider:   pulumi.String(\"GOOGLE\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026policy.RuleSignonFactorSequenceSecondaryCriteriaArgs{\n\t\t\t\t\t\t\tFactorType: pulumi.String(\"email\"),\n\t\t\t\t\t\t\tProvider:   pulumi.String(\"OKTA\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026policy.RuleSignonFactorSequenceSecondaryCriteriaArgs{\n\t\t\t\t\t\t\tFactorType: pulumi.String(\"call\"),\n\t\t\t\t\t\t\tProvider:   pulumi.String(\"OKTA\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026policy.RuleSignonFactorSequenceSecondaryCriteriaArgs{\n\t\t\t\t\t\t\tFactorType: pulumi.String(\"webauthn\"),\n\t\t\t\t\t\t\tProvider:   pulumi.String(\"FIDO\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026policy.RuleSignonFactorSequenceSecondaryCriteriaArgs{\n\t\t\t\t\t\t\tFactorType: pulumi.String(\"token\"),\n\t\t\t\t\t\t\tProvider:   pulumi.String(\"RSA\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026policy.RuleSignonFactorSequenceSecondaryCriteriaArgs{\n\t\t\t\t\t\t\tFactorType: pulumi.String(\"token\"),\n\t\t\t\t\t\t\tProvider:   pulumi.String(\"SYMANTEC\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026policy.RuleSignonFactorSequenceArgs{\n\t\t\t\t\tPrimaryCriteriaFactorType: pulumi.String(\"token:software:totp\"),\n\t\t\t\t\tPrimaryCriteriaProvider:   pulumi.String(\"OKTA\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.policy.Signon;\nimport com.pulumi.okta.policy.SignonArgs;\nimport com.pulumi.okta.OktaFunctions;\nimport com.pulumi.okta.inputs.GetBehaviourArgs;\nimport com.pulumi.okta.policy.RuleSignon;\nimport com.pulumi.okta.policy.RuleSignonArgs;\nimport com.pulumi.okta.policy.inputs.RuleSignonFactorSequenceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        var test = new Signon(\"test\", SignonArgs.builder()\n            .name(\"Example Policy\")\n            .status(\"ACTIVE\")\n            .description(\"Example Policy\")\n            .build());\n\n        final var newCity = OktaFunctions.getBehaviour(GetBehaviourArgs.builder()\n            .name(\"New City\")\n            .build());\n\n        var example = new RuleSignon(\"example\", RuleSignonArgs.builder()\n            .access(\"CHALLENGE\")\n            .authtype(\"RADIUS\")\n            .name(\"Example Policy Rule\")\n            .networkConnection(\"ANYWHERE\")\n            .policyId(exampleOktaPolicySignon.id())\n            .status(\"ACTIVE\")\n            .riscLevel(\"HIGH\")\n            .behaviors(newCity.id())\n            .factorSequences(            \n                RuleSignonFactorSequenceArgs.builder()\n                    .primaryCriteriaFactorType(\"token:hotp\")\n                    .primaryCriteriaProvider(\"CUSTOM\")\n                    .secondaryCriterias(                    \n                        RuleSignonFactorSequenceSecondaryCriteriaArgs.builder()\n                            .factorType(\"token:software:totp\")\n                            .provider(\"OKTA\")\n                            .build(),\n                        RuleSignonFactorSequenceSecondaryCriteriaArgs.builder()\n                            .factorType(\"push\")\n                            .provider(\"OKTA\")\n                            .build(),\n                        RuleSignonFactorSequenceSecondaryCriteriaArgs.builder()\n                            .factorType(\"password\")\n                            .provider(\"OKTA\")\n                            .build(),\n                        RuleSignonFactorSequenceSecondaryCriteriaArgs.builder()\n                            .factorType(\"question\")\n                            .provider(\"OKTA\")\n                            .build(),\n                        RuleSignonFactorSequenceSecondaryCriteriaArgs.builder()\n                            .factorType(\"sms\")\n                            .provider(\"OKTA\")\n                            .build(),\n                        RuleSignonFactorSequenceSecondaryCriteriaArgs.builder()\n                            .factorType(\"token:software:totp\")\n                            .provider(\"GOOGLE\")\n                            .build(),\n                        RuleSignonFactorSequenceSecondaryCriteriaArgs.builder()\n                            .factorType(\"email\")\n                            .provider(\"OKTA\")\n                            .build(),\n                        RuleSignonFactorSequenceSecondaryCriteriaArgs.builder()\n                            .factorType(\"call\")\n                            .provider(\"OKTA\")\n                            .build(),\n                        RuleSignonFactorSequenceSecondaryCriteriaArgs.builder()\n                            .factorType(\"webauthn\")\n                            .provider(\"FIDO\")\n                            .build(),\n                        RuleSignonFactorSequenceSecondaryCriteriaArgs.builder()\n                            .factorType(\"token\")\n                            .provider(\"RSA\")\n                            .build(),\n                        RuleSignonFactorSequenceSecondaryCriteriaArgs.builder()\n                            .factorType(\"token\")\n                            .provider(\"SYMANTEC\")\n                            .build())\n                    .build(),\n                RuleSignonFactorSequenceArgs.builder()\n                    .primaryCriteriaFactorType(\"token:software:totp\")\n                    .primaryCriteriaProvider(\"OKTA\")\n                    .build())\n            .build());\n\n    }\n}\n```\n```yaml\nresources:\n  test:\n    type: okta:policy:Signon\n    properties:\n      name: Example Policy\n      status: ACTIVE\n      description: Example Policy\n  example:\n    type: okta:policy:RuleSignon\n    properties:\n      access: CHALLENGE\n      authtype: RADIUS\n      name: Example Policy Rule\n      networkConnection: ANYWHERE\n      policyId: ${exampleOktaPolicySignon.id}\n      status: ACTIVE\n      riscLevel: HIGH\n      behaviors:\n        - ${newCity.id}\n      factorSequences:\n        - primaryCriteriaFactorType: token:hotp\n          primaryCriteriaProvider: CUSTOM\n          secondaryCriterias:\n            - factorType: token:software:totp\n              provider: OKTA\n            - factorType: push\n              provider: OKTA\n            - factorType: password\n              provider: OKTA\n            - factorType: question\n              provider: OKTA\n            - factorType: sms\n              provider: OKTA\n            - factorType: token:software:totp\n              provider: GOOGLE\n            - factorType: email\n              provider: OKTA\n            - factorType: call\n              provider: OKTA\n            - factorType: webauthn\n              provider: FIDO\n            - factorType: token\n              provider: RSA\n            - factorType: token\n              provider: SYMANTEC\n        - primaryCriteriaFactorType: token:software:totp\n          primaryCriteriaProvider: OKTA\nvariables:\n  newCity:\n    fn::invoke:\n      function: okta:getBehaviour\n      arguments:\n        name: New City\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\n```sh\n$ pulumi import okta:policy/ruleSignon:RuleSignon example \u003cpolicy_id\u003e/\u003crule_id\u003e\n```\n\n","properties":{"access":{"type":"string","description":"Allow or deny access based on the rule conditions: `ALLOW`, `DENY` or `CHALLENGE`. Default: `ALLOW`"},"authtype":{"type":"string","description":"Authentication entrypoint: `ANY`, `RADIUS` or `LDAP_INTERFACE`. Default: `ANY`"},"behaviors":{"type":"array","items":{"type":"string"},"description":"List of behavior IDs"},"factorSequences":{"type":"array","items":{"$ref":"#/types/okta:policy/RuleSignonFactorSequence:RuleSignonFactorSequence"},"description":"Auth factor sequences. Should be set if 'access = \"CHALLENGE\"'.\n\t- 'primary_criteria_provider' - (Required) Primary provider of the auth section.\n\t- 'primary_criteria_factor_type' - (Required) Primary factor type of the auth section.\n\t- 'secondary_criteria' - (Optional) Additional authentication steps.\n\t- 'provider' - (Required) Provider of the additional authentication step.\n\t- 'factor_type' - (Required) Factor type of the additional authentication step."},"identityProvider":{"type":"string","description":"Apply rule based on the IdP used: `ANY`, `OKTA` or `SPECIFIC_IDP`. Default: `ANY`. \u003e **WARNING**: Use of \u003cspan pulumi-lang-nodejs=\"`identityProvider`\" pulumi-lang-dotnet=\"`IdentityProvider`\" pulumi-lang-go=\"`identityProvider`\" pulumi-lang-python=\"`identity_provider`\" pulumi-lang-yaml=\"`identityProvider`\" pulumi-lang-java=\"`identityProvider`\"\u003e`identity_provider`\u003c/span\u003e requires a feature flag to be enabled."},"identityProviderIds":{"type":"array","items":{"type":"string"},"description":"When\u003cspan pulumi-lang-nodejs=\" identityProvider \" pulumi-lang-dotnet=\" IdentityProvider \" pulumi-lang-go=\" identityProvider \" pulumi-lang-python=\" identity_provider \" pulumi-lang-yaml=\" identityProvider \" pulumi-lang-java=\" identityProvider \"\u003e identity_provider \u003c/span\u003eis `SPECIFIC_IDP` then this is the list of IdP IDs to apply the rule on"},"mfaLifetime":{"type":"integer","description":"Elapsed time before the next MFA challenge"},"mfaPrompt":{"type":"string","description":"Prompt for MFA based on the device used, a factor session lifetime, or every sign-on attempt: `DEVICE`, `SESSION` or`ALWAYS`."},"mfaRememberDevice":{"type":"boolean","description":"Remember MFA device. Default: \u003cspan pulumi-lang-nodejs=\"`false`\" pulumi-lang-dotnet=\"`False`\" pulumi-lang-go=\"`false`\" pulumi-lang-python=\"`false`\" pulumi-lang-yaml=\"`false`\" pulumi-lang-java=\"`false`\"\u003e`false`\u003c/span\u003e"},"mfaRequired":{"type":"boolean","description":"Require MFA. Default: \u003cspan pulumi-lang-nodejs=\"`false`\" pulumi-lang-dotnet=\"`False`\" pulumi-lang-go=\"`false`\" pulumi-lang-python=\"`false`\" pulumi-lang-yaml=\"`false`\" pulumi-lang-java=\"`false`\"\u003e`false`\u003c/span\u003e"},"name":{"type":"string","description":"Policy Rule Name"},"networkConnection":{"type":"string","description":"Network selection mode: `ANYWHERE`, `ZONE`, `ON_NETWORK`, or `OFF_NETWORK`. Default: `ANYWHERE`"},"networkExcludes":{"type":"array","items":{"type":"string"},"description":"Required if \u003cspan pulumi-lang-nodejs=\"`networkConnection`\" pulumi-lang-dotnet=\"`NetworkConnection`\" pulumi-lang-go=\"`networkConnection`\" pulumi-lang-python=\"`network_connection`\" pulumi-lang-yaml=\"`networkConnection`\" pulumi-lang-java=\"`networkConnection`\"\u003e`network_connection`\u003c/span\u003e = `ZONE`. Indicates the network zones to exclude."},"networkIncludes":{"type":"array","items":{"type":"string"},"description":"Required if \u003cspan pulumi-lang-nodejs=\"`networkConnection`\" pulumi-lang-dotnet=\"`NetworkConnection`\" pulumi-lang-go=\"`networkConnection`\" pulumi-lang-python=\"`network_connection`\" pulumi-lang-yaml=\"`networkConnection`\" pulumi-lang-java=\"`networkConnection`\"\u003e`network_connection`\u003c/span\u003e = `ZONE`. Indicates the network zones to include."},"policyId":{"type":"string","description":"Policy ID of the Rule"},"primaryFactor":{"type":"string","description":"Rule's primary factor. **WARNING** Ony works as a part of the Identity Engine. Valid values: `PASSWORD_IDP_ANY_FACTOR`, `PASSWORD_IDP`."},"priority":{"type":"integer","description":"Rule priority. This attribute can be set to a valid priority. To avoid an endless diff situation an error is thrown if an invalid property is provided. The Okta API defaults to the last (lowest) if not provided."},"riscLevel":{"type":"string","description":"Risc level: ANY, LOW, MEDIUM or HIGH. Default: `ANY`","deprecationMessage":"Attribute typo, switch to\u003cspan pulumi-lang-nodejs=\" riskLevel \" pulumi-lang-dotnet=\" RiskLevel \" pulumi-lang-go=\" riskLevel \" pulumi-lang-python=\" risk_level \" pulumi-lang-yaml=\" riskLevel \" pulumi-lang-java=\" riskLevel \"\u003e risk_level \u003c/span\u003einstead. Default: `ANY`"},"riskLevel":{"type":"string","description":"Risk level: ANY, LOW, MEDIUM or HIGH. Default: `ANY`"},"sessionIdle":{"type":"integer","description":"Max minutes a session can be idle. Default: \u003cspan pulumi-lang-nodejs=\"`120`\" pulumi-lang-dotnet=\"`120`\" pulumi-lang-go=\"`120`\" pulumi-lang-python=\"`120`\" pulumi-lang-yaml=\"`120`\" pulumi-lang-java=\"`120`\"\u003e`120`\u003c/span\u003e"},"sessionLifetime":{"type":"integer","description":"Max minutes a session is active: Disable = 0. Default: \u003cspan pulumi-lang-nodejs=\"`120`\" pulumi-lang-dotnet=\"`120`\" pulumi-lang-go=\"`120`\" pulumi-lang-python=\"`120`\" pulumi-lang-yaml=\"`120`\" pulumi-lang-java=\"`120`\"\u003e`120`\u003c/span\u003e"},"sessionPersistent":{"type":"boolean","description":"Whether session cookies will last across browser sessions. Okta Administrators can never have persistent session cookies. Default: \u003cspan pulumi-lang-nodejs=\"`false`\" pulumi-lang-dotnet=\"`False`\" pulumi-lang-go=\"`false`\" pulumi-lang-python=\"`false`\" pulumi-lang-yaml=\"`false`\" pulumi-lang-java=\"`false`\"\u003e`false`\u003c/span\u003e"},"status":{"type":"string","description":"Policy Rule Status: `ACTIVE` or `INACTIVE`. Default: `ACTIVE`"},"usersExcludeds":{"type":"array","items":{"type":"string"},"description":"Set of User IDs to Exclude"}},"required":["name","primaryFactor"],"inputProperties":{"access":{"type":"string","description":"Allow or deny access based on the rule conditions: `ALLOW`, `DENY` or `CHALLENGE`. Default: `ALLOW`"},"authtype":{"type":"string","description":"Authentication entrypoint: `ANY`, `RADIUS` or `LDAP_INTERFACE`. Default: `ANY`"},"behaviors":{"type":"array","items":{"type":"string"},"description":"List of behavior IDs"},"factorSequences":{"type":"array","items":{"$ref":"#/types/okta:policy/RuleSignonFactorSequence:RuleSignonFactorSequence"},"description":"Auth factor sequences. Should be set if 'access = \"CHALLENGE\"'.\n\t- 'primary_criteria_provider' - (Required) Primary provider of the auth section.\n\t- 'primary_criteria_factor_type' - (Required) Primary factor type of the auth section.\n\t- 'secondary_criteria' - (Optional) Additional authentication steps.\n\t- 'provider' - (Required) Provider of the additional authentication step.\n\t- 'factor_type' - (Required) Factor type of the additional authentication step."},"identityProvider":{"type":"string","description":"Apply rule based on the IdP used: `ANY`, `OKTA` or `SPECIFIC_IDP`. Default: `ANY`. \u003e **WARNING**: Use of \u003cspan pulumi-lang-nodejs=\"`identityProvider`\" pulumi-lang-dotnet=\"`IdentityProvider`\" pulumi-lang-go=\"`identityProvider`\" pulumi-lang-python=\"`identity_provider`\" pulumi-lang-yaml=\"`identityProvider`\" pulumi-lang-java=\"`identityProvider`\"\u003e`identity_provider`\u003c/span\u003e requires a feature flag to be enabled."},"identityProviderIds":{"type":"array","items":{"type":"string"},"description":"When\u003cspan pulumi-lang-nodejs=\" identityProvider \" pulumi-lang-dotnet=\" IdentityProvider \" pulumi-lang-go=\" identityProvider \" pulumi-lang-python=\" identity_provider \" pulumi-lang-yaml=\" identityProvider \" pulumi-lang-java=\" identityProvider \"\u003e identity_provider \u003c/span\u003eis `SPECIFIC_IDP` then this is the list of IdP IDs to apply the rule on"},"mfaLifetime":{"type":"integer","description":"Elapsed time before the next MFA challenge"},"mfaPrompt":{"type":"string","description":"Prompt for MFA based on the device used, a factor session lifetime, or every sign-on attempt: `DEVICE`, `SESSION` or`ALWAYS`."},"mfaRememberDevice":{"type":"boolean","description":"Remember MFA device. Default: \u003cspan pulumi-lang-nodejs=\"`false`\" pulumi-lang-dotnet=\"`False`\" pulumi-lang-go=\"`false`\" pulumi-lang-python=\"`false`\" pulumi-lang-yaml=\"`false`\" pulumi-lang-java=\"`false`\"\u003e`false`\u003c/span\u003e"},"mfaRequired":{"type":"boolean","description":"Require MFA. Default: \u003cspan pulumi-lang-nodejs=\"`false`\" pulumi-lang-dotnet=\"`False`\" pulumi-lang-go=\"`false`\" pulumi-lang-python=\"`false`\" pulumi-lang-yaml=\"`false`\" pulumi-lang-java=\"`false`\"\u003e`false`\u003c/span\u003e"},"name":{"type":"string","description":"Policy Rule Name","willReplaceOnChanges":true},"networkConnection":{"type":"string","description":"Network selection mode: `ANYWHERE`, `ZONE`, `ON_NETWORK`, or `OFF_NETWORK`. Default: `ANYWHERE`"},"networkExcludes":{"type":"array","items":{"type":"string"},"description":"Required if \u003cspan pulumi-lang-nodejs=\"`networkConnection`\" pulumi-lang-dotnet=\"`NetworkConnection`\" pulumi-lang-go=\"`networkConnection`\" pulumi-lang-python=\"`network_connection`\" pulumi-lang-yaml=\"`networkConnection`\" pulumi-lang-java=\"`networkConnection`\"\u003e`network_connection`\u003c/span\u003e = `ZONE`. Indicates the network zones to exclude."},"networkIncludes":{"type":"array","items":{"type":"string"},"description":"Required if \u003cspan pulumi-lang-nodejs=\"`networkConnection`\" pulumi-lang-dotnet=\"`NetworkConnection`\" pulumi-lang-go=\"`networkConnection`\" pulumi-lang-python=\"`network_connection`\" pulumi-lang-yaml=\"`networkConnection`\" pulumi-lang-java=\"`networkConnection`\"\u003e`network_connection`\u003c/span\u003e = `ZONE`. Indicates the network zones to include."},"policyId":{"type":"string","description":"Policy ID of the Rule","willReplaceOnChanges":true},"primaryFactor":{"type":"string","description":"Rule's primary factor. **WARNING** Ony works as a part of the Identity Engine. Valid values: `PASSWORD_IDP_ANY_FACTOR`, `PASSWORD_IDP`."},"priority":{"type":"integer","description":"Rule priority. This attribute can be set to a valid priority. To avoid an endless diff situation an error is thrown if an invalid property is provided. The Okta API defaults to the last (lowest) if not provided."},"riscLevel":{"type":"string","description":"Risc level: ANY, LOW, MEDIUM or HIGH. Default: `ANY`","deprecationMessage":"Attribute typo, switch to\u003cspan pulumi-lang-nodejs=\" riskLevel \" pulumi-lang-dotnet=\" RiskLevel \" pulumi-lang-go=\" riskLevel \" pulumi-lang-python=\" risk_level \" pulumi-lang-yaml=\" riskLevel \" pulumi-lang-java=\" riskLevel \"\u003e risk_level \u003c/span\u003einstead. Default: `ANY`"},"riskLevel":{"type":"string","description":"Risk level: ANY, LOW, MEDIUM or HIGH. Default: `ANY`"},"sessionIdle":{"type":"integer","description":"Max minutes a session can be idle. Default: \u003cspan pulumi-lang-nodejs=\"`120`\" pulumi-lang-dotnet=\"`120`\" pulumi-lang-go=\"`120`\" pulumi-lang-python=\"`120`\" pulumi-lang-yaml=\"`120`\" pulumi-lang-java=\"`120`\"\u003e`120`\u003c/span\u003e"},"sessionLifetime":{"type":"integer","description":"Max minutes a session is active: Disable = 0. Default: \u003cspan pulumi-lang-nodejs=\"`120`\" pulumi-lang-dotnet=\"`120`\" pulumi-lang-go=\"`120`\" pulumi-lang-python=\"`120`\" pulumi-lang-yaml=\"`120`\" pulumi-lang-java=\"`120`\"\u003e`120`\u003c/span\u003e"},"sessionPersistent":{"type":"boolean","description":"Whether session cookies will last across browser sessions. Okta Administrators can never have persistent session cookies. Default: \u003cspan pulumi-lang-nodejs=\"`false`\" pulumi-lang-dotnet=\"`False`\" pulumi-lang-go=\"`false`\" pulumi-lang-python=\"`false`\" pulumi-lang-yaml=\"`false`\" pulumi-lang-java=\"`false`\"\u003e`false`\u003c/span\u003e"},"status":{"type":"string","description":"Policy Rule Status: `ACTIVE` or `INACTIVE`. Default: `ACTIVE`"},"usersExcludeds":{"type":"array","items":{"type":"string"},"description":"Set of User IDs to Exclude"}},"stateInputs":{"description":"Input properties used for looking up and filtering RuleSignon resources.\n","properties":{"access":{"type":"string","description":"Allow or deny access based on the rule conditions: `ALLOW`, `DENY` or `CHALLENGE`. Default: `ALLOW`"},"authtype":{"type":"string","description":"Authentication entrypoint: `ANY`, `RADIUS` or `LDAP_INTERFACE`. Default: `ANY`"},"behaviors":{"type":"array","items":{"type":"string"},"description":"List of behavior IDs"},"factorSequences":{"type":"array","items":{"$ref":"#/types/okta:policy/RuleSignonFactorSequence:RuleSignonFactorSequence"},"description":"Auth factor sequences. Should be set if 'access = \"CHALLENGE\"'.\n\t- 'primary_criteria_provider' - (Required) Primary provider of the auth section.\n\t- 'primary_criteria_factor_type' - (Required) Primary factor type of the auth section.\n\t- 'secondary_criteria' - (Optional) Additional authentication steps.\n\t- 'provider' - (Required) Provider of the additional authentication step.\n\t- 'factor_type' - (Required) Factor type of the additional authentication step."},"identityProvider":{"type":"string","description":"Apply rule based on the IdP used: `ANY`, `OKTA` or `SPECIFIC_IDP`. Default: `ANY`. \u003e **WARNING**: Use of \u003cspan pulumi-lang-nodejs=\"`identityProvider`\" pulumi-lang-dotnet=\"`IdentityProvider`\" pulumi-lang-go=\"`identityProvider`\" pulumi-lang-python=\"`identity_provider`\" pulumi-lang-yaml=\"`identityProvider`\" pulumi-lang-java=\"`identityProvider`\"\u003e`identity_provider`\u003c/span\u003e requires a feature flag to be enabled."},"identityProviderIds":{"type":"array","items":{"type":"string"},"description":"When\u003cspan pulumi-lang-nodejs=\" identityProvider \" pulumi-lang-dotnet=\" IdentityProvider \" pulumi-lang-go=\" identityProvider \" pulumi-lang-python=\" identity_provider \" pulumi-lang-yaml=\" identityProvider \" pulumi-lang-java=\" identityProvider \"\u003e identity_provider \u003c/span\u003eis `SPECIFIC_IDP` then this is the list of IdP IDs to apply the rule on"},"mfaLifetime":{"type":"integer","description":"Elapsed time before the next MFA challenge"},"mfaPrompt":{"type":"string","description":"Prompt for MFA based on the device used, a factor session lifetime, or every sign-on attempt: `DEVICE`, `SESSION` or`ALWAYS`."},"mfaRememberDevice":{"type":"boolean","description":"Remember MFA device. Default: \u003cspan pulumi-lang-nodejs=\"`false`\" pulumi-lang-dotnet=\"`False`\" pulumi-lang-go=\"`false`\" pulumi-lang-python=\"`false`\" pulumi-lang-yaml=\"`false`\" pulumi-lang-java=\"`false`\"\u003e`false`\u003c/span\u003e"},"mfaRequired":{"type":"boolean","description":"Require MFA. Default: \u003cspan pulumi-lang-nodejs=\"`false`\" pulumi-lang-dotnet=\"`False`\" pulumi-lang-go=\"`false`\" pulumi-lang-python=\"`false`\" pulumi-lang-yaml=\"`false`\" pulumi-lang-java=\"`false`\"\u003e`false`\u003c/span\u003e"},"name":{"type":"string","description":"Policy Rule Name","willReplaceOnChanges":true},"networkConnection":{"type":"string","description":"Network selection mode: `ANYWHERE`, `ZONE`, `ON_NETWORK`, or `OFF_NETWORK`. Default: `ANYWHERE`"},"networkExcludes":{"type":"array","items":{"type":"string"},"description":"Required if \u003cspan pulumi-lang-nodejs=\"`networkConnection`\" pulumi-lang-dotnet=\"`NetworkConnection`\" pulumi-lang-go=\"`networkConnection`\" pulumi-lang-python=\"`network_connection`\" pulumi-lang-yaml=\"`networkConnection`\" pulumi-lang-java=\"`networkConnection`\"\u003e`network_connection`\u003c/span\u003e = `ZONE`. Indicates the network zones to exclude."},"networkIncludes":{"type":"array","items":{"type":"string"},"description":"Required if \u003cspan pulumi-lang-nodejs=\"`networkConnection`\" pulumi-lang-dotnet=\"`NetworkConnection`\" pulumi-lang-go=\"`networkConnection`\" pulumi-lang-python=\"`network_connection`\" pulumi-lang-yaml=\"`networkConnection`\" pulumi-lang-java=\"`networkConnection`\"\u003e`network_connection`\u003c/span\u003e = `ZONE`. Indicates the network zones to include."},"policyId":{"type":"string","description":"Policy ID of the Rule","willReplaceOnChanges":true},"primaryFactor":{"type":"string","description":"Rule's primary factor. **WARNING** Ony works as a part of the Identity Engine. Valid values: `PASSWORD_IDP_ANY_FACTOR`, `PASSWORD_IDP`."},"priority":{"type":"integer","description":"Rule priority. This attribute can be set to a valid priority. To avoid an endless diff situation an error is thrown if an invalid property is provided. The Okta API defaults to the last (lowest) if not provided."},"riscLevel":{"type":"string","description":"Risc level: ANY, LOW, MEDIUM or HIGH. Default: `ANY`","deprecationMessage":"Attribute typo, switch to\u003cspan pulumi-lang-nodejs=\" riskLevel \" pulumi-lang-dotnet=\" RiskLevel \" pulumi-lang-go=\" riskLevel \" pulumi-lang-python=\" risk_level \" pulumi-lang-yaml=\" riskLevel \" pulumi-lang-java=\" riskLevel \"\u003e risk_level \u003c/span\u003einstead. Default: `ANY`"},"riskLevel":{"type":"string","description":"Risk level: ANY, LOW, MEDIUM or HIGH. Default: `ANY`"},"sessionIdle":{"type":"integer","description":"Max minutes a session can be idle. Default: \u003cspan pulumi-lang-nodejs=\"`120`\" pulumi-lang-dotnet=\"`120`\" pulumi-lang-go=\"`120`\" pulumi-lang-python=\"`120`\" pulumi-lang-yaml=\"`120`\" pulumi-lang-java=\"`120`\"\u003e`120`\u003c/span\u003e"},"sessionLifetime":{"type":"integer","description":"Max minutes a session is active: Disable = 0. Default: \u003cspan pulumi-lang-nodejs=\"`120`\" pulumi-lang-dotnet=\"`120`\" pulumi-lang-go=\"`120`\" pulumi-lang-python=\"`120`\" pulumi-lang-yaml=\"`120`\" pulumi-lang-java=\"`120`\"\u003e`120`\u003c/span\u003e"},"sessionPersistent":{"type":"boolean","description":"Whether session cookies will last across browser sessions. Okta Administrators can never have persistent session cookies. Default: \u003cspan pulumi-lang-nodejs=\"`false`\" pulumi-lang-dotnet=\"`False`\" pulumi-lang-go=\"`false`\" pulumi-lang-python=\"`false`\" pulumi-lang-yaml=\"`false`\" pulumi-lang-java=\"`false`\"\u003e`false`\u003c/span\u003e"},"status":{"type":"string","description":"Policy Rule Status: `ACTIVE` or `INACTIVE`. Default: `ACTIVE`"},"usersExcludeds":{"type":"array","items":{"type":"string"},"description":"Set of User IDs to Exclude"}},"type":"object"}},"okta:policy/signon:Signon":{"description":"Creates a Sign On Policy. This resource allows you to create and configure a Sign On Policy.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst example = new okta.policy.Signon(\"example\", {\n    name: \"example\",\n    status: \"ACTIVE\",\n    description: \"Example\",\n    groupsIncludeds: [everyone.id],\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\nexample = okta.policy.Signon(\"example\",\n    name=\"example\",\n    status=\"ACTIVE\",\n    description=\"Example\",\n    groups_includeds=[everyone[\"id\"]])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var example = new Okta.Policy.Signon(\"example\", new()\n    {\n        Name = \"example\",\n        Status = \"ACTIVE\",\n        Description = \"Example\",\n        GroupsIncludeds = new[]\n        {\n            everyone.Id,\n        },\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta/policy\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := policy.NewSignon(ctx, \"example\", \u0026policy.SignonArgs{\n\t\t\tName:        pulumi.String(\"example\"),\n\t\t\tStatus:      pulumi.String(\"ACTIVE\"),\n\t\t\tDescription: pulumi.String(\"Example\"),\n\t\t\tGroupsIncludeds: pulumi.StringArray{\n\t\t\t\teveryone.Id,\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.policy.Signon;\nimport com.pulumi.okta.policy.SignonArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        var example = new Signon(\"example\", SignonArgs.builder()\n            .name(\"example\")\n            .status(\"ACTIVE\")\n            .description(\"Example\")\n            .groupsIncludeds(everyone.id())\n            .build());\n\n    }\n}\n```\n```yaml\nresources:\n  example:\n    type: okta:policy:Signon\n    properties:\n      name: example\n      status: ACTIVE\n      description: Example\n      groupsIncludeds:\n        - ${everyone.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\n```sh\n$ pulumi import okta:policy/signon:Signon example \u003cpolicy_id\u003e\n```\n\n","properties":{"description":{"type":"string","description":"Policy Description\n"},"groupsIncludeds":{"type":"array","items":{"type":"string"},"description":"List of Group IDs to Include\n"},"name":{"type":"string","description":"Policy Name\n"},"priority":{"type":"integer","description":"Policy Priority, this attribute can be set to a valid priority. To avoid endless diff situation we error if an invalid priority is provided. API defaults it to the last (lowest) if not there.\n"},"status":{"type":"string","description":"Policy Status: `ACTIVE` or `INACTIVE`. Default: `ACTIVE`\n"}},"required":["name"],"inputProperties":{"description":{"type":"string","description":"Policy Description\n"},"groupsIncludeds":{"type":"array","items":{"type":"string"},"description":"List of Group IDs to Include\n"},"name":{"type":"string","description":"Policy Name\n"},"priority":{"type":"integer","description":"Policy Priority, this attribute can be set to a valid priority. To avoid endless diff situation we error if an invalid priority is provided. API defaults it to the last (lowest) if not there.\n"},"status":{"type":"string","description":"Policy Status: `ACTIVE` or `INACTIVE`. Default: `ACTIVE`\n"}},"stateInputs":{"description":"Input properties used for looking up and filtering Signon resources.\n","properties":{"description":{"type":"string","description":"Policy Description\n"},"groupsIncludeds":{"type":"array","items":{"type":"string"},"description":"List of Group IDs to Include\n"},"name":{"type":"string","description":"Policy Name\n"},"priority":{"type":"integer","description":"Policy Priority, this attribute can be set to a valid priority. To avoid endless diff situation we error if an invalid priority is provided. API defaults it to the last (lowest) if not there.\n"},"status":{"type":"string","description":"Policy Status: `ACTIVE` or `INACTIVE`. Default: `ACTIVE`\n"}},"type":"object"}},"okta:profile/mapping:Mapping":{"description":"Manages a profile mapping. This resource allows you to manage a profile mapping by source and target IDs. \u003e **NOTE:** If using this resource with OAuth2 scopes, this resource requires `okta.profileMappings.manage` scope.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst user = okta.user.getUserProfileMappingSource({});\nconst example = new okta.profile.Mapping(\"example\", {\n    sourceId: \"\u003csource id\u003e\",\n    targetId: user.then(user =\u003e user.id),\n    deleteWhenAbsent: true,\n    mappings: [\n        {\n            id: \"firstName\",\n            expression: \"appuser.firstName\",\n        },\n        {\n            id: \"lastName\",\n            expression: \"appuser.lastName\",\n        },\n        {\n            id: \"email\",\n            expression: \"appuser.email\",\n        },\n        {\n            id: \"login\",\n            expression: \"appuser.email\",\n        },\n    ],\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\nuser = okta.user.get_user_profile_mapping_source()\nexample = okta.profile.Mapping(\"example\",\n    source_id=\"\u003csource id\u003e\",\n    target_id=user.id,\n    delete_when_absent=True,\n    mappings=[\n        {\n            \"id\": \"firstName\",\n            \"expression\": \"appuser.firstName\",\n        },\n        {\n            \"id\": \"lastName\",\n            \"expression\": \"appuser.lastName\",\n        },\n        {\n            \"id\": \"email\",\n            \"expression\": \"appuser.email\",\n        },\n        {\n            \"id\": \"login\",\n            \"expression\": \"appuser.email\",\n        },\n    ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var user = Okta.User.GetUserProfileMappingSource.Invoke();\n\n    var example = new Okta.Profile.Mapping(\"example\", new()\n    {\n        SourceId = \"\u003csource id\u003e\",\n        TargetId = user.Apply(getUserProfileMappingSourceResult =\u003e getUserProfileMappingSourceResult.Id),\n        DeleteWhenAbsent = true,\n        Mappings = new[]\n        {\n            new Okta.Profile.Inputs.MappingMappingArgs\n            {\n                Id = \"firstName\",\n                Expression = \"appuser.firstName\",\n            },\n            new Okta.Profile.Inputs.MappingMappingArgs\n            {\n                Id = \"lastName\",\n                Expression = \"appuser.lastName\",\n            },\n            new Okta.Profile.Inputs.MappingMappingArgs\n            {\n                Id = \"email\",\n                Expression = \"appuser.email\",\n            },\n            new Okta.Profile.Inputs.MappingMappingArgs\n            {\n                Id = \"login\",\n                Expression = \"appuser.email\",\n            },\n        },\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta/profile\"\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta/user\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tuser, err := user.GetUserProfileMappingSource(ctx, map[string]interface{}{}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = profile.NewMapping(ctx, \"example\", \u0026profile.MappingArgs{\n\t\t\tSourceId:         pulumi.String(\"\u003csource id\u003e\"),\n\t\t\tTargetId:         pulumi.String(user.Id),\n\t\t\tDeleteWhenAbsent: pulumi.Bool(true),\n\t\t\tMappings: profile.MappingMappingArray{\n\t\t\t\t\u0026profile.MappingMappingArgs{\n\t\t\t\t\tId:         pulumi.String(\"firstName\"),\n\t\t\t\t\tExpression: pulumi.String(\"appuser.firstName\"),\n\t\t\t\t},\n\t\t\t\t\u0026profile.MappingMappingArgs{\n\t\t\t\t\tId:         pulumi.String(\"lastName\"),\n\t\t\t\t\tExpression: pulumi.String(\"appuser.lastName\"),\n\t\t\t\t},\n\t\t\t\t\u0026profile.MappingMappingArgs{\n\t\t\t\t\tId:         pulumi.String(\"email\"),\n\t\t\t\t\tExpression: pulumi.String(\"appuser.email\"),\n\t\t\t\t},\n\t\t\t\t\u0026profile.MappingMappingArgs{\n\t\t\t\t\tId:         pulumi.String(\"login\"),\n\t\t\t\t\tExpression: pulumi.String(\"appuser.email\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.user.UserFunctions;\nimport com.pulumi.okta.profile.Mapping;\nimport com.pulumi.okta.profile.MappingArgs;\nimport com.pulumi.okta.profile.inputs.MappingMappingArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        final var user = UserFunctions.getUserProfileMappingSource(%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference);\n\n        var example = new Mapping(\"example\", MappingArgs.builder()\n            .sourceId(\"\u003csource id\u003e\")\n            .targetId(user.id())\n            .deleteWhenAbsent(true)\n            .mappings(            \n                MappingMappingArgs.builder()\n                    .id(\"firstName\")\n                    .expression(\"appuser.firstName\")\n                    .build(),\n                MappingMappingArgs.builder()\n                    .id(\"lastName\")\n                    .expression(\"appuser.lastName\")\n                    .build(),\n                MappingMappingArgs.builder()\n                    .id(\"email\")\n                    .expression(\"appuser.email\")\n                    .build(),\n                MappingMappingArgs.builder()\n                    .id(\"login\")\n                    .expression(\"appuser.email\")\n                    .build())\n            .build());\n\n    }\n}\n```\n```yaml\nresources:\n  example:\n    type: okta:profile:Mapping\n    properties:\n      sourceId: \u003csource id\u003e\n      targetId: ${user.id}\n      deleteWhenAbsent: true\n      mappings:\n        - id: firstName\n          expression: appuser.firstName\n        - id: lastName\n          expression: appuser.lastName\n        - id: email\n          expression: appuser.email\n        - id: login\n          expression: appuser.email\nvariables:\n  user:\n    fn::invoke:\n      function: okta:user:getUserProfileMappingSource\n      arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n","properties":{"alwaysApply":{"type":"boolean","description":"Whether apply the changes to all users with this profile after updating or creating the these mappings.\n\u003e **WARNING:**: 'always*apply' is incompatible with OAuth 2.0 authentication and will be ignored when using that type of authentication.\n\u003e **WARNING:** 'always*apply' makes use of an internal/private Okta API endpoint that could change without notice rendering this resource inoperable.\n"},"deleteWhenAbsent":{"type":"boolean","description":"When turned on this flag will trigger the provider to delete mapping properties that are not defined in config. By default, we do not delete missing properties.\n"},"mappings":{"type":"array","items":{"$ref":"#/types/okta:profile/MappingMapping:MappingMapping"}},"sourceId":{"type":"string","description":"The source id of the mapping to manage.\n"},"sourceName":{"type":"string","description":"Name of the mapping source.\n"},"sourceType":{"type":"string","description":"ID of the mapping source.\n"},"targetId":{"type":"string","description":"The target id of the mapping to manage.\n"},"targetName":{"type":"string","description":"Name of the mapping target.\n"},"targetType":{"type":"string","description":"ID of the mapping target.\n"}},"required":["sourceId","sourceName","sourceType","targetId","targetName","targetType"],"inputProperties":{"alwaysApply":{"type":"boolean","description":"Whether apply the changes to all users with this profile after updating or creating the these mappings.\n\u003e **WARNING:**: 'always*apply' is incompatible with OAuth 2.0 authentication and will be ignored when using that type of authentication.\n\u003e **WARNING:** 'always*apply' makes use of an internal/private Okta API endpoint that could change without notice rendering this resource inoperable.\n"},"deleteWhenAbsent":{"type":"boolean","description":"When turned on this flag will trigger the provider to delete mapping properties that are not defined in config. By default, we do not delete missing properties.\n"},"mappings":{"type":"array","items":{"$ref":"#/types/okta:profile/MappingMapping:MappingMapping"}},"sourceId":{"type":"string","description":"The source id of the mapping to manage.\n"},"targetId":{"type":"string","description":"The target id of the mapping to manage.\n"}},"requiredInputs":["sourceId","targetId"],"stateInputs":{"description":"Input properties used for looking up and filtering Mapping resources.\n","properties":{"alwaysApply":{"type":"boolean","description":"Whether apply the changes to all users with this profile after updating or creating the these mappings.\n\u003e **WARNING:**: 'always*apply' is incompatible with OAuth 2.0 authentication and will be ignored when using that type of authentication.\n\u003e **WARNING:** 'always*apply' makes use of an internal/private Okta API endpoint that could change without notice rendering this resource inoperable.\n"},"deleteWhenAbsent":{"type":"boolean","description":"When turned on this flag will trigger the provider to delete mapping properties that are not defined in config. By default, we do not delete missing properties.\n"},"mappings":{"type":"array","items":{"$ref":"#/types/okta:profile/MappingMapping:MappingMapping"}},"sourceId":{"type":"string","description":"The source id of the mapping to manage.\n"},"sourceName":{"type":"string","description":"Name of the mapping source.\n"},"sourceType":{"type":"string","description":"ID of the mapping source.\n"},"targetId":{"type":"string","description":"The target id of the mapping to manage.\n"},"targetName":{"type":"string","description":"Name of the mapping target.\n"},"targetType":{"type":"string","description":"ID of the mapping target.\n"}},"type":"object"}},"okta:trustedorigin/origin:Origin":{"description":"Creates a Trusted Origin. This resource allows you to create and configure a Trusted Origin.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst example = new okta.trustedorigin.Origin(\"example\", {\n    name: \"example\",\n    origin: \"https://example.com\",\n    scopes: [\"CORS\"],\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\nexample = okta.trustedorigin.Origin(\"example\",\n    name=\"example\",\n    origin=\"https://example.com\",\n    scopes=[\"CORS\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var example = new Okta.TrustedOrigin.Origin(\"example\", new()\n    {\n        Name = \"example\",\n        OriginName = \"https://example.com\",\n        Scopes = new[]\n        {\n            \"CORS\",\n        },\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta/trustedorigin\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := trustedorigin.NewOrigin(ctx, \"example\", \u0026trustedorigin.OriginArgs{\n\t\t\tName:   pulumi.String(\"example\"),\n\t\t\tOrigin: pulumi.String(\"https://example.com\"),\n\t\t\tScopes: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"CORS\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.trustedorigin.Origin;\nimport com.pulumi.okta.trustedorigin.OriginArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        var example = new Origin(\"example\", OriginArgs.builder()\n            .name(\"example\")\n            .origin(\"https://example.com\")\n            .scopes(\"CORS\")\n            .build());\n\n    }\n}\n```\n```yaml\nresources:\n  example:\n    type: okta:trustedorigin:Origin\n    properties:\n      name: example\n      origin: https://example.com\n      scopes:\n        - CORS\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\n```sh\n$ pulumi import okta:trustedorigin/origin:Origin example \u003ctrusted_origin_id\u003e\n```\n\n","properties":{"active":{"type":"boolean","description":"Whether the Trusted Origin is active or not - can only be issued post-creation. By default, it is \u003cspan pulumi-lang-nodejs=\"`true`\" pulumi-lang-dotnet=\"`True`\" pulumi-lang-go=\"`true`\" pulumi-lang-python=\"`true`\" pulumi-lang-yaml=\"`true`\" pulumi-lang-java=\"`true`\"\u003e`true`\u003c/span\u003e.\n"},"name":{"type":"string","description":"Unique name for this trusted origin\n"},"origin":{"type":"string","description":"Unique origin URL for this trusted origin\n","language":{"csharp":{"name":"OriginName"}}},"scopes":{"type":"array","items":{"type":"string"},"description":"Scopes of the Trusted Origin - can either be `CORS` and/or `REDIRECT`\n"}},"required":["name","origin","scopes"],"inputProperties":{"active":{"type":"boolean","description":"Whether the Trusted Origin is active or not - can only be issued post-creation. By default, it is \u003cspan pulumi-lang-nodejs=\"`true`\" pulumi-lang-dotnet=\"`True`\" pulumi-lang-go=\"`true`\" pulumi-lang-python=\"`true`\" pulumi-lang-yaml=\"`true`\" pulumi-lang-java=\"`true`\"\u003e`true`\u003c/span\u003e.\n"},"name":{"type":"string","description":"Unique name for this trusted origin\n"},"origin":{"type":"string","description":"Unique origin URL for this trusted origin\n","language":{"csharp":{"name":"OriginName"}}},"scopes":{"type":"array","items":{"type":"string"},"description":"Scopes of the Trusted Origin - can either be `CORS` and/or `REDIRECT`\n"}},"requiredInputs":["origin","scopes"],"stateInputs":{"description":"Input properties used for looking up and filtering Origin resources.\n","properties":{"active":{"type":"boolean","description":"Whether the Trusted Origin is active or not - can only be issued post-creation. By default, it is \u003cspan pulumi-lang-nodejs=\"`true`\" pulumi-lang-dotnet=\"`True`\" pulumi-lang-go=\"`true`\" pulumi-lang-python=\"`true`\" pulumi-lang-yaml=\"`true`\" pulumi-lang-java=\"`true`\"\u003e`true`\u003c/span\u003e.\n"},"name":{"type":"string","description":"Unique name for this trusted origin\n"},"origin":{"type":"string","description":"Unique origin URL for this trusted origin\n","language":{"csharp":{"name":"OriginName"}}},"scopes":{"type":"array","items":{"type":"string"},"description":"Scopes of the Trusted Origin - can either be `CORS` and/or `REDIRECT`\n"}},"type":"object"}},"okta:user/user:User":{"description":"Creates an Okta User. This resource allows you to create and configure an Okta User.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\n//## Full profile:\nconst example = new okta.user.User(\"example\", {\n    firstName: \"John\",\n    lastName: \"Smith\",\n    login: \"john.smith@example.com\",\n    email: \"john.smith@example.com\",\n    city: \"New York\",\n    costCenter: \"10\",\n    countryCode: \"US\",\n    department: \"IT\",\n    displayName: \"Dr. John Smith\",\n    division: \"Acquisitions\",\n    employeeNumber: \"111111\",\n    honorificPrefix: \"Dr.\",\n    honorificSuffix: \"Jr.\",\n    locale: \"en_US\",\n    manager: \"Jimbo\",\n    managerId: \"222222\",\n    middleName: \"John\",\n    mobilePhone: \"1112223333\",\n    nickName: \"Johnny\",\n    organization: \"Testing Inc.\",\n    postalAddress: \"1234 Testing St.\",\n    preferredLanguage: \"en-us\",\n    primaryPhone: \"4445556666\",\n    profileUrl: \"https://www.example.com/profile\",\n    secondEmail: \"john.smith.fun@example.com\",\n    state: \"NY\",\n    streetAddress: \"5678 Testing Ave.\",\n    timezone: \"America/New_York\",\n    title: \"Director\",\n    userType: \"Employee\",\n    zipCode: \"11111\",\n});\n//## With Password Inline Hook:\nconst test2 = new okta.user.User(\"test2\", {\n    firstName: \"John\",\n    lastName: \"Smith\",\n    login: \"example@example.com\",\n    email: \"example@example.com\",\n    passwordInlineHook: \"default\",\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\n### Full profile:\nexample = okta.user.User(\"example\",\n    first_name=\"John\",\n    last_name=\"Smith\",\n    login=\"john.smith@example.com\",\n    email=\"john.smith@example.com\",\n    city=\"New York\",\n    cost_center=\"10\",\n    country_code=\"US\",\n    department=\"IT\",\n    display_name=\"Dr. John Smith\",\n    division=\"Acquisitions\",\n    employee_number=\"111111\",\n    honorific_prefix=\"Dr.\",\n    honorific_suffix=\"Jr.\",\n    locale=\"en_US\",\n    manager=\"Jimbo\",\n    manager_id=\"222222\",\n    middle_name=\"John\",\n    mobile_phone=\"1112223333\",\n    nick_name=\"Johnny\",\n    organization=\"Testing Inc.\",\n    postal_address=\"1234 Testing St.\",\n    preferred_language=\"en-us\",\n    primary_phone=\"4445556666\",\n    profile_url=\"https://www.example.com/profile\",\n    second_email=\"john.smith.fun@example.com\",\n    state=\"NY\",\n    street_address=\"5678 Testing Ave.\",\n    timezone=\"America/New_York\",\n    title=\"Director\",\n    user_type=\"Employee\",\n    zip_code=\"11111\")\n### With Password Inline Hook:\ntest2 = okta.user.User(\"test2\",\n    first_name=\"John\",\n    last_name=\"Smith\",\n    login=\"example@example.com\",\n    email=\"example@example.com\",\n    password_inline_hook=\"default\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    //## Full profile:\n    var example = new Okta.User.User(\"example\", new()\n    {\n        FirstName = \"John\",\n        LastName = \"Smith\",\n        Login = \"john.smith@example.com\",\n        Email = \"john.smith@example.com\",\n        City = \"New York\",\n        CostCenter = \"10\",\n        CountryCode = \"US\",\n        Department = \"IT\",\n        DisplayName = \"Dr. John Smith\",\n        Division = \"Acquisitions\",\n        EmployeeNumber = \"111111\",\n        HonorificPrefix = \"Dr.\",\n        HonorificSuffix = \"Jr.\",\n        Locale = \"en_US\",\n        Manager = \"Jimbo\",\n        ManagerId = \"222222\",\n        MiddleName = \"John\",\n        MobilePhone = \"1112223333\",\n        NickName = \"Johnny\",\n        Organization = \"Testing Inc.\",\n        PostalAddress = \"1234 Testing St.\",\n        PreferredLanguage = \"en-us\",\n        PrimaryPhone = \"4445556666\",\n        ProfileUrl = \"https://www.example.com/profile\",\n        SecondEmail = \"john.smith.fun@example.com\",\n        State = \"NY\",\n        StreetAddress = \"5678 Testing Ave.\",\n        Timezone = \"America/New_York\",\n        Title = \"Director\",\n        UserType = \"Employee\",\n        ZipCode = \"11111\",\n    });\n\n    //## With Password Inline Hook:\n    var test2 = new Okta.User.User(\"test2\", new()\n    {\n        FirstName = \"John\",\n        LastName = \"Smith\",\n        Login = \"example@example.com\",\n        Email = \"example@example.com\",\n        PasswordInlineHook = \"default\",\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta/user\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t// ## Full profile:\n\t\t_, err := user.NewUser(ctx, \"example\", \u0026user.UserArgs{\n\t\t\tFirstName:         pulumi.String(\"John\"),\n\t\t\tLastName:          pulumi.String(\"Smith\"),\n\t\t\tLogin:             pulumi.String(\"john.smith@example.com\"),\n\t\t\tEmail:             pulumi.String(\"john.smith@example.com\"),\n\t\t\tCity:              pulumi.String(\"New York\"),\n\t\t\tCostCenter:        pulumi.String(\"10\"),\n\t\t\tCountryCode:       pulumi.String(\"US\"),\n\t\t\tDepartment:        pulumi.String(\"IT\"),\n\t\t\tDisplayName:       pulumi.String(\"Dr. John Smith\"),\n\t\t\tDivision:          pulumi.String(\"Acquisitions\"),\n\t\t\tEmployeeNumber:    pulumi.String(\"111111\"),\n\t\t\tHonorificPrefix:   pulumi.String(\"Dr.\"),\n\t\t\tHonorificSuffix:   pulumi.String(\"Jr.\"),\n\t\t\tLocale:            pulumi.String(\"en_US\"),\n\t\t\tManager:           pulumi.String(\"Jimbo\"),\n\t\t\tManagerId:         pulumi.String(\"222222\"),\n\t\t\tMiddleName:        pulumi.String(\"John\"),\n\t\t\tMobilePhone:       pulumi.String(\"1112223333\"),\n\t\t\tNickName:          pulumi.String(\"Johnny\"),\n\t\t\tOrganization:      pulumi.String(\"Testing Inc.\"),\n\t\t\tPostalAddress:     pulumi.String(\"1234 Testing St.\"),\n\t\t\tPreferredLanguage: pulumi.String(\"en-us\"),\n\t\t\tPrimaryPhone:      pulumi.String(\"4445556666\"),\n\t\t\tProfileUrl:        pulumi.String(\"https://www.example.com/profile\"),\n\t\t\tSecondEmail:       pulumi.String(\"john.smith.fun@example.com\"),\n\t\t\tState:             pulumi.String(\"NY\"),\n\t\t\tStreetAddress:     pulumi.String(\"5678 Testing Ave.\"),\n\t\t\tTimezone:          pulumi.String(\"America/New_York\"),\n\t\t\tTitle:             pulumi.String(\"Director\"),\n\t\t\tUserType:          pulumi.String(\"Employee\"),\n\t\t\tZipCode:           pulumi.String(\"11111\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// ## With Password Inline Hook:\n\t\t_, err = user.NewUser(ctx, \"test2\", \u0026user.UserArgs{\n\t\t\tFirstName:          pulumi.String(\"John\"),\n\t\t\tLastName:           pulumi.String(\"Smith\"),\n\t\t\tLogin:              pulumi.String(\"example@example.com\"),\n\t\t\tEmail:              pulumi.String(\"example@example.com\"),\n\t\t\tPasswordInlineHook: pulumi.String(\"default\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.user.User;\nimport com.pulumi.okta.user.UserArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        //## Full profile:\n        var example = new User(\"example\", UserArgs.builder()\n            .firstName(\"John\")\n            .lastName(\"Smith\")\n            .login(\"john.smith@example.com\")\n            .email(\"john.smith@example.com\")\n            .city(\"New York\")\n            .costCenter(\"10\")\n            .countryCode(\"US\")\n            .department(\"IT\")\n            .displayName(\"Dr. John Smith\")\n            .division(\"Acquisitions\")\n            .employeeNumber(\"111111\")\n            .honorificPrefix(\"Dr.\")\n            .honorificSuffix(\"Jr.\")\n            .locale(\"en_US\")\n            .manager(\"Jimbo\")\n            .managerId(\"222222\")\n            .middleName(\"John\")\n            .mobilePhone(\"1112223333\")\n            .nickName(\"Johnny\")\n            .organization(\"Testing Inc.\")\n            .postalAddress(\"1234 Testing St.\")\n            .preferredLanguage(\"en-us\")\n            .primaryPhone(\"4445556666\")\n            .profileUrl(\"https://www.example.com/profile\")\n            .secondEmail(\"john.smith.fun@example.com\")\n            .state(\"NY\")\n            .streetAddress(\"5678 Testing Ave.\")\n            .timezone(\"America/New_York\")\n            .title(\"Director\")\n            .userType(\"Employee\")\n            .zipCode(\"11111\")\n            .build());\n\n        //## With Password Inline Hook:\n        var test2 = new User(\"test2\", UserArgs.builder()\n            .firstName(\"John\")\n            .lastName(\"Smith\")\n            .login(\"example@example.com\")\n            .email(\"example@example.com\")\n            .passwordInlineHook(\"default\")\n            .build());\n\n    }\n}\n```\n```yaml\nresources:\n  ### Full profile:\n  example:\n    type: okta:user:User\n    properties:\n      firstName: John\n      lastName: Smith\n      login: john.smith@example.com\n      email: john.smith@example.com\n      city: New York\n      costCenter: '10'\n      countryCode: US\n      department: IT\n      displayName: Dr. John Smith\n      division: Acquisitions\n      employeeNumber: '111111'\n      honorificPrefix: Dr.\n      honorificSuffix: Jr.\n      locale: en_US\n      manager: Jimbo\n      managerId: '222222'\n      middleName: John\n      mobilePhone: '1112223333'\n      nickName: Johnny\n      organization: Testing Inc.\n      postalAddress: 1234 Testing St.\n      preferredLanguage: en-us\n      primaryPhone: '4445556666'\n      profileUrl: https://www.example.com/profile\n      secondEmail: john.smith.fun@example.com\n      state: NY\n      streetAddress: 5678 Testing Ave.\n      timezone: America/New_York\n      title: Director\n      userType: Employee\n      zipCode: '11111'\n  ### With Password Inline Hook:\n  test2:\n    type: okta:user:User\n    properties:\n      firstName: John\n      lastName: Smith\n      login: example@example.com\n      email: example@example.com\n      passwordInlineHook: default\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\n```sh\n$ pulumi import okta:user/user:User example \u003cuser_id\u003e\n```\n\n","properties":{"city":{"type":"string","description":"User city\n"},"costCenter":{"type":"string","description":"User cost center\n"},"countryCode":{"type":"string","description":"User country code\n"},"customProfileAttributes":{"type":"string","description":"JSON formatted custom attributes for a user. It must be JSON due to various types Okta allows. You must first add the custom property to the user profile schema before you reference it. You can use the Profile Editor in the Admin Console or the [Schemas](https://developer.okta.com/docs/api/openapi/okta-management/management/tag/UISchema/#tag/UISchema) API to manage schema extensions.\n"},"customProfileAttributesToIgnores":{"type":"array","items":{"type":"string"}},"department":{"type":"string","description":"User department\n"},"displayName":{"type":"string","description":"User display name, suitable to show end users\n"},"division":{"type":"string","description":"User division\n"},"email":{"type":"string","description":"User primary email address\n"},"employeeNumber":{"type":"string","description":"User employee number\n"},"expirePasswordOnCreate":{"type":"boolean","description":"If set to \u003cspan pulumi-lang-nodejs=\"`true`\" pulumi-lang-dotnet=\"`True`\" pulumi-lang-go=\"`true`\" pulumi-lang-python=\"`true`\" pulumi-lang-yaml=\"`true`\" pulumi-lang-java=\"`true`\"\u003e`true`\u003c/span\u003e, the user will have to change the password at the next login. This property will be used when user is being created and works only when \u003cspan pulumi-lang-nodejs=\"`password`\" pulumi-lang-dotnet=\"`Password`\" pulumi-lang-go=\"`password`\" pulumi-lang-python=\"`password`\" pulumi-lang-yaml=\"`password`\" pulumi-lang-java=\"`password`\"\u003e`password`\u003c/span\u003e field is set. Default: \u003cspan pulumi-lang-nodejs=\"`false`\" pulumi-lang-dotnet=\"`False`\" pulumi-lang-go=\"`false`\" pulumi-lang-python=\"`false`\" pulumi-lang-yaml=\"`false`\" pulumi-lang-java=\"`false`\"\u003e`false`\u003c/span\u003e\n"},"firstName":{"type":"string","description":"User first name\n"},"honorificPrefix":{"type":"string","description":"User honorific prefix\n"},"honorificSuffix":{"type":"string","description":"User honorific suffix\n"},"lastName":{"type":"string","description":"User last name\n"},"locale":{"type":"string","description":"User default location\n"},"login":{"type":"string","description":"User Okta login\n"},"manager":{"type":"string","description":"Manager of User\n"},"managerId":{"type":"string","description":"Manager ID of User\n"},"middleName":{"type":"string","description":"User middle name\n"},"mobilePhone":{"type":"string","description":"User mobile phone number\n"},"nickName":{"type":"string","description":"User nickname\n"},"oldPassword":{"type":"string","description":"Old User Password. Should be only set in case the password was not changed using the provider. fter successful password change this field should be removed and \u003cspan pulumi-lang-nodejs=\"`password`\" pulumi-lang-dotnet=\"`Password`\" pulumi-lang-go=\"`password`\" pulumi-lang-python=\"`password`\" pulumi-lang-yaml=\"`password`\" pulumi-lang-java=\"`password`\"\u003e`password`\u003c/span\u003e field should be used for further changes.\n","secret":true},"organization":{"type":"string","description":"User organization\n"},"password":{"type":"string","description":"User Password\n","secret":true},"passwordHash":{"$ref":"#/types/okta:user/UserPasswordHash:UserPasswordHash","description":"Specifies a hashed password to import into Okta.\n"},"passwordInlineHook":{"type":"string","description":"Specifies that a Password Import Inline Hook should be triggered to handle verification of the user's password the first time the user logs in. This allows an existing password to be imported into Okta directly from some other store. When updating a user with a password hook the user must be in the `STAGED` status. The \u003cspan pulumi-lang-nodejs=\"`password`\" pulumi-lang-dotnet=\"`Password`\" pulumi-lang-go=\"`password`\" pulumi-lang-python=\"`password`\" pulumi-lang-yaml=\"`password`\" pulumi-lang-java=\"`password`\"\u003e`password`\u003c/span\u003e field should not be specified when using Password Import Inline Hook.\n"},"postalAddress":{"type":"string","description":"User mailing address\n"},"preferredLanguage":{"type":"string","description":"User preferred language\n"},"primaryPhone":{"type":"string","description":"User primary phone number\n"},"profileUrl":{"type":"string","description":"User online profile (web page)\n"},"rawStatus":{"type":"string","description":"The raw status of the User in Okta - (status is mapped)\n"},"realmId":{"type":"string","description":"The Realm ID to associate the user with\n"},"recoveryAnswer":{"type":"string","description":"User Password Recovery Answer\n","secret":true},"recoveryQuestion":{"type":"string","description":"User Password Recovery Question\n"},"secondEmail":{"type":"string","description":"User secondary email address, used for account recovery\n"},"skipRoles":{"type":"boolean","description":"Do not populate user roles information (prevents additional API call)\n","deprecationMessage":"Because\u003cspan pulumi-lang-nodejs=\" adminRoles \" pulumi-lang-dotnet=\" AdminRoles \" pulumi-lang-go=\" adminRoles \" pulumi-lang-python=\" admin_roles \" pulumi-lang-yaml=\" adminRoles \" pulumi-lang-java=\" adminRoles \"\u003e admin_roles \u003c/span\u003ehas been removed, this attribute is a no op and will be removed"},"state":{"type":"string","description":"User state or region\n"},"status":{"type":"string","description":"User profile property. Valid values are `ACTIVE`, `DEPROVISIONED`, `STAGED`, `SUSPENDED`. Default: `ACTIVE`\n"},"streetAddress":{"type":"string","description":"User street address\n"},"timezone":{"type":"string","description":"User default timezone\n"},"title":{"type":"string","description":"User title\n"},"userType":{"type":"string","description":"User employee type\n"},"zipCode":{"type":"string","description":"User zipcode or postal code\n"}},"required":["customProfileAttributes","email","firstName","lastName","login","rawStatus","realmId"],"inputProperties":{"city":{"type":"string","description":"User city\n"},"costCenter":{"type":"string","description":"User cost center\n"},"countryCode":{"type":"string","description":"User country code\n"},"customProfileAttributes":{"type":"string","description":"JSON formatted custom attributes for a user. It must be JSON due to various types Okta allows. You must first add the custom property to the user profile schema before you reference it. You can use the Profile Editor in the Admin Console or the [Schemas](https://developer.okta.com/docs/api/openapi/okta-management/management/tag/UISchema/#tag/UISchema) API to manage schema extensions.\n"},"customProfileAttributesToIgnores":{"type":"array","items":{"type":"string"}},"department":{"type":"string","description":"User department\n"},"displayName":{"type":"string","description":"User display name, suitable to show end users\n"},"division":{"type":"string","description":"User division\n"},"email":{"type":"string","description":"User primary email address\n"},"employeeNumber":{"type":"string","description":"User employee number\n"},"expirePasswordOnCreate":{"type":"boolean","description":"If set to \u003cspan pulumi-lang-nodejs=\"`true`\" pulumi-lang-dotnet=\"`True`\" pulumi-lang-go=\"`true`\" pulumi-lang-python=\"`true`\" pulumi-lang-yaml=\"`true`\" pulumi-lang-java=\"`true`\"\u003e`true`\u003c/span\u003e, the user will have to change the password at the next login. This property will be used when user is being created and works only when \u003cspan pulumi-lang-nodejs=\"`password`\" pulumi-lang-dotnet=\"`Password`\" pulumi-lang-go=\"`password`\" pulumi-lang-python=\"`password`\" pulumi-lang-yaml=\"`password`\" pulumi-lang-java=\"`password`\"\u003e`password`\u003c/span\u003e field is set. Default: \u003cspan pulumi-lang-nodejs=\"`false`\" pulumi-lang-dotnet=\"`False`\" pulumi-lang-go=\"`false`\" pulumi-lang-python=\"`false`\" pulumi-lang-yaml=\"`false`\" pulumi-lang-java=\"`false`\"\u003e`false`\u003c/span\u003e\n"},"firstName":{"type":"string","description":"User first name\n"},"honorificPrefix":{"type":"string","description":"User honorific prefix\n"},"honorificSuffix":{"type":"string","description":"User honorific suffix\n"},"lastName":{"type":"string","description":"User last name\n"},"locale":{"type":"string","description":"User default location\n"},"login":{"type":"string","description":"User Okta login\n"},"manager":{"type":"string","description":"Manager of User\n"},"managerId":{"type":"string","description":"Manager ID of User\n"},"middleName":{"type":"string","description":"User middle name\n"},"mobilePhone":{"type":"string","description":"User mobile phone number\n"},"nickName":{"type":"string","description":"User nickname\n"},"oldPassword":{"type":"string","description":"Old User Password. Should be only set in case the password was not changed using the provider. fter successful password change this field should be removed and \u003cspan pulumi-lang-nodejs=\"`password`\" pulumi-lang-dotnet=\"`Password`\" pulumi-lang-go=\"`password`\" pulumi-lang-python=\"`password`\" pulumi-lang-yaml=\"`password`\" pulumi-lang-java=\"`password`\"\u003e`password`\u003c/span\u003e field should be used for further changes.\n","secret":true},"organization":{"type":"string","description":"User organization\n"},"password":{"type":"string","description":"User Password\n","secret":true},"passwordHash":{"$ref":"#/types/okta:user/UserPasswordHash:UserPasswordHash","description":"Specifies a hashed password to import into Okta.\n"},"passwordInlineHook":{"type":"string","description":"Specifies that a Password Import Inline Hook should be triggered to handle verification of the user's password the first time the user logs in. This allows an existing password to be imported into Okta directly from some other store. When updating a user with a password hook the user must be in the `STAGED` status. The \u003cspan pulumi-lang-nodejs=\"`password`\" pulumi-lang-dotnet=\"`Password`\" pulumi-lang-go=\"`password`\" pulumi-lang-python=\"`password`\" pulumi-lang-yaml=\"`password`\" pulumi-lang-java=\"`password`\"\u003e`password`\u003c/span\u003e field should not be specified when using Password Import Inline Hook.\n"},"postalAddress":{"type":"string","description":"User mailing address\n"},"preferredLanguage":{"type":"string","description":"User preferred language\n"},"primaryPhone":{"type":"string","description":"User primary phone number\n"},"profileUrl":{"type":"string","description":"User online profile (web page)\n"},"realmId":{"type":"string","description":"The Realm ID to associate the user with\n"},"recoveryAnswer":{"type":"string","description":"User Password Recovery Answer\n","secret":true},"recoveryQuestion":{"type":"string","description":"User Password Recovery Question\n"},"secondEmail":{"type":"string","description":"User secondary email address, used for account recovery\n"},"skipRoles":{"type":"boolean","description":"Do not populate user roles information (prevents additional API call)\n","deprecationMessage":"Because\u003cspan pulumi-lang-nodejs=\" adminRoles \" pulumi-lang-dotnet=\" AdminRoles \" pulumi-lang-go=\" adminRoles \" pulumi-lang-python=\" admin_roles \" pulumi-lang-yaml=\" adminRoles \" pulumi-lang-java=\" adminRoles \"\u003e admin_roles \u003c/span\u003ehas been removed, this attribute is a no op and will be removed"},"state":{"type":"string","description":"User state or region\n"},"status":{"type":"string","description":"User profile property. Valid values are `ACTIVE`, `DEPROVISIONED`, `STAGED`, `SUSPENDED`. Default: `ACTIVE`\n"},"streetAddress":{"type":"string","description":"User street address\n"},"timezone":{"type":"string","description":"User default timezone\n"},"title":{"type":"string","description":"User title\n"},"userType":{"type":"string","description":"User employee type\n"},"zipCode":{"type":"string","description":"User zipcode or postal code\n"}},"requiredInputs":["email","firstName","lastName","login"],"stateInputs":{"description":"Input properties used for looking up and filtering User resources.\n","properties":{"city":{"type":"string","description":"User city\n"},"costCenter":{"type":"string","description":"User cost center\n"},"countryCode":{"type":"string","description":"User country code\n"},"customProfileAttributes":{"type":"string","description":"JSON formatted custom attributes for a user. It must be JSON due to various types Okta allows. You must first add the custom property to the user profile schema before you reference it. You can use the Profile Editor in the Admin Console or the [Schemas](https://developer.okta.com/docs/api/openapi/okta-management/management/tag/UISchema/#tag/UISchema) API to manage schema extensions.\n"},"customProfileAttributesToIgnores":{"type":"array","items":{"type":"string"}},"department":{"type":"string","description":"User department\n"},"displayName":{"type":"string","description":"User display name, suitable to show end users\n"},"division":{"type":"string","description":"User division\n"},"email":{"type":"string","description":"User primary email address\n"},"employeeNumber":{"type":"string","description":"User employee number\n"},"expirePasswordOnCreate":{"type":"boolean","description":"If set to \u003cspan pulumi-lang-nodejs=\"`true`\" pulumi-lang-dotnet=\"`True`\" pulumi-lang-go=\"`true`\" pulumi-lang-python=\"`true`\" pulumi-lang-yaml=\"`true`\" pulumi-lang-java=\"`true`\"\u003e`true`\u003c/span\u003e, the user will have to change the password at the next login. This property will be used when user is being created and works only when \u003cspan pulumi-lang-nodejs=\"`password`\" pulumi-lang-dotnet=\"`Password`\" pulumi-lang-go=\"`password`\" pulumi-lang-python=\"`password`\" pulumi-lang-yaml=\"`password`\" pulumi-lang-java=\"`password`\"\u003e`password`\u003c/span\u003e field is set. Default: \u003cspan pulumi-lang-nodejs=\"`false`\" pulumi-lang-dotnet=\"`False`\" pulumi-lang-go=\"`false`\" pulumi-lang-python=\"`false`\" pulumi-lang-yaml=\"`false`\" pulumi-lang-java=\"`false`\"\u003e`false`\u003c/span\u003e\n"},"firstName":{"type":"string","description":"User first name\n"},"honorificPrefix":{"type":"string","description":"User honorific prefix\n"},"honorificSuffix":{"type":"string","description":"User honorific suffix\n"},"lastName":{"type":"string","description":"User last name\n"},"locale":{"type":"string","description":"User default location\n"},"login":{"type":"string","description":"User Okta login\n"},"manager":{"type":"string","description":"Manager of User\n"},"managerId":{"type":"string","description":"Manager ID of User\n"},"middleName":{"type":"string","description":"User middle name\n"},"mobilePhone":{"type":"string","description":"User mobile phone number\n"},"nickName":{"type":"string","description":"User nickname\n"},"oldPassword":{"type":"string","description":"Old User Password. Should be only set in case the password was not changed using the provider. fter successful password change this field should be removed and \u003cspan pulumi-lang-nodejs=\"`password`\" pulumi-lang-dotnet=\"`Password`\" pulumi-lang-go=\"`password`\" pulumi-lang-python=\"`password`\" pulumi-lang-yaml=\"`password`\" pulumi-lang-java=\"`password`\"\u003e`password`\u003c/span\u003e field should be used for further changes.\n","secret":true},"organization":{"type":"string","description":"User organization\n"},"password":{"type":"string","description":"User Password\n","secret":true},"passwordHash":{"$ref":"#/types/okta:user/UserPasswordHash:UserPasswordHash","description":"Specifies a hashed password to import into Okta.\n"},"passwordInlineHook":{"type":"string","description":"Specifies that a Password Import Inline Hook should be triggered to handle verification of the user's password the first time the user logs in. This allows an existing password to be imported into Okta directly from some other store. When updating a user with a password hook the user must be in the `STAGED` status. The \u003cspan pulumi-lang-nodejs=\"`password`\" pulumi-lang-dotnet=\"`Password`\" pulumi-lang-go=\"`password`\" pulumi-lang-python=\"`password`\" pulumi-lang-yaml=\"`password`\" pulumi-lang-java=\"`password`\"\u003e`password`\u003c/span\u003e field should not be specified when using Password Import Inline Hook.\n"},"postalAddress":{"type":"string","description":"User mailing address\n"},"preferredLanguage":{"type":"string","description":"User preferred language\n"},"primaryPhone":{"type":"string","description":"User primary phone number\n"},"profileUrl":{"type":"string","description":"User online profile (web page)\n"},"rawStatus":{"type":"string","description":"The raw status of the User in Okta - (status is mapped)\n"},"realmId":{"type":"string","description":"The Realm ID to associate the user with\n"},"recoveryAnswer":{"type":"string","description":"User Password Recovery Answer\n","secret":true},"recoveryQuestion":{"type":"string","description":"User Password Recovery Question\n"},"secondEmail":{"type":"string","description":"User secondary email address, used for account recovery\n"},"skipRoles":{"type":"boolean","description":"Do not populate user roles information (prevents additional API call)\n","deprecationMessage":"Because\u003cspan pulumi-lang-nodejs=\" adminRoles \" pulumi-lang-dotnet=\" AdminRoles \" pulumi-lang-go=\" adminRoles \" pulumi-lang-python=\" admin_roles \" pulumi-lang-yaml=\" adminRoles \" pulumi-lang-java=\" adminRoles \"\u003e admin_roles \u003c/span\u003ehas been removed, this attribute is a no op and will be removed"},"state":{"type":"string","description":"User state or region\n"},"status":{"type":"string","description":"User profile property. Valid values are `ACTIVE`, `DEPROVISIONED`, `STAGED`, `SUSPENDED`. Default: `ACTIVE`\n"},"streetAddress":{"type":"string","description":"User street address\n"},"timezone":{"type":"string","description":"User default timezone\n"},"title":{"type":"string","description":"User title\n"},"userType":{"type":"string","description":"User employee type\n"},"zipCode":{"type":"string","description":"User zipcode or postal code\n"}},"type":"object"}},"okta:user/userType:UserType":{"description":"Creates a User type. This resource allows you to create and configure a User Type.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst example = new okta.user.UserType(\"example\", {\n    name: \"example\",\n    displayName: \"example\",\n    description: \"example\",\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\nexample = okta.user.UserType(\"example\",\n    name=\"example\",\n    display_name=\"example\",\n    description=\"example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var example = new Okta.User.UserType(\"example\", new()\n    {\n        Name = \"example\",\n        DisplayName = \"example\",\n        Description = \"example\",\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta/user\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := user.NewUserType(ctx, \"example\", \u0026user.UserTypeArgs{\n\t\t\tName:        pulumi.String(\"example\"),\n\t\t\tDisplayName: pulumi.String(\"example\"),\n\t\t\tDescription: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.user.UserType;\nimport com.pulumi.okta.user.UserTypeArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        var example = new UserType(\"example\", UserTypeArgs.builder()\n            .name(\"example\")\n            .displayName(\"example\")\n            .description(\"example\")\n            .build());\n\n    }\n}\n```\n```yaml\nresources:\n  example:\n    type: okta:user:UserType\n    properties:\n      name: example\n      displayName: example\n      description: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\n```sh\n$ pulumi import okta:user/userType:UserType example \u003cuser_type_id\u003e\n```\n\n","properties":{"description":{"type":"string","description":"Description of the User Type.\n"},"displayName":{"type":"string","description":"Display Name of the User Type.\n"},"name":{"type":"string","description":"Name of the User Type.\n"}},"required":["description","displayName","name"],"inputProperties":{"description":{"type":"string","description":"Description of the User Type.\n"},"displayName":{"type":"string","description":"Display Name of the User Type.\n"},"name":{"type":"string","description":"Name of the User Type.\n"}},"requiredInputs":["description","displayName"],"stateInputs":{"description":"Input properties used for looking up and filtering UserType resources.\n","properties":{"description":{"type":"string","description":"Description of the User Type.\n"},"displayName":{"type":"string","description":"Display Name of the User Type.\n"},"name":{"type":"string","description":"Name of the User Type.\n"}},"type":"object"}}},"functions":{"okta:app/getApp:getApp":{"description":"Get an application of any kind from Okta.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst example = okta.app.getApp({\n    label: \"Example App\",\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\nexample = okta.app.get_app(label=\"Example App\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var example = Okta.App.GetApp.Invoke(new()\n    {\n        Label = \"Example App\",\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta/app\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := app.GetApp(ctx, \u0026app.GetAppArgs{\n\t\t\tLabel: pulumi.StringRef(\"Example App\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.app.AppFunctions;\nimport com.pulumi.okta.app.inputs.GetAppArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        final var example = AppFunctions.getApp(GetAppArgs.builder()\n            .label(\"Example App\")\n            .build());\n\n    }\n}\n```\n```yaml\nvariables:\n  example:\n    fn::invoke:\n      function: okta:app:getApp\n      arguments:\n        label: Example App\n```\n\u003c!--End PulumiCodeChooser --\u003e\n","inputs":{"description":"A collection of arguments for invoking getApp.\n","properties":{"activeOnly":{"type":"boolean","description":"Search only ACTIVE applications.\n"},"id":{"type":"string","description":"Id of application to retrieve, conflicts with label and label_prefix.\n"},"label":{"type":"string","description":"The label of the app to retrieve, conflicts with\n\t\t\u003cspan pulumi-lang-nodejs=\"\tlabelPrefix \" pulumi-lang-dotnet=\"\tLabelPrefix \" pulumi-lang-go=\"\tlabelPrefix \" pulumi-lang-python=\"\tlabel_prefix \" pulumi-lang-yaml=\"\tlabelPrefix \" pulumi-lang-java=\"\tlabelPrefix \"\u003e\tlabel_prefix \u003c/span\u003eand id. Label uses the ?q=\\n\\n query parameter exposed by\n\t\t\tOkta's List Apps API. The API will search both name and label using that\n\t\t\tquery. Therefore similarily named and labeled apps may be returned in the query\n\t\t\tand have the unitended result of associating the wrong app with this data\n\t\t\tsource. See:\n\t\t\thttps://developer.okta.com/docs/reference/api/apps/#list-applications\n"},"labelPrefix":{"type":"string","description":"Label prefix of the app to retrieve, conflicts with label and id. This will tell the\n\t\t\tprovider to do a starts with query as opposed to an equals query.\n"},"skipGroups":{"type":"boolean","description":"Ignore groups sync. This is a temporary solution until 'groups' field is supported in all the app-like resources\n","deprecationMessage":"Because groups has been removed, this attribute is a no op and will be removed"},"skipUsers":{"type":"boolean","description":"Ignore users sync. This is a temporary solution until 'users' field is supported in all the app-like resources\n","deprecationMessage":"Because users has been removed, this attribute is a no op and will be removed"}},"type":"object"},"outputs":{"description":"A collection of values returned by getApp.\n","properties":{"activeOnly":{"description":"Search only ACTIVE applications.\n","type":"boolean"},"groups":{"deprecationMessage":"The \u003cspan pulumi-lang-nodejs=\"`groups`\" pulumi-lang-dotnet=\"`Groups`\" pulumi-lang-go=\"`groups`\" pulumi-lang-python=\"`groups`\" pulumi-lang-yaml=\"`groups`\" pulumi-lang-java=\"`groups`\"\u003e`groups`\u003c/span\u003e field is now deprecated for the data source \u003cspan pulumi-lang-nodejs=\"`okta.app.getApp`\" pulumi-lang-dotnet=\"`okta.app.getApp`\" pulumi-lang-go=\"`app.getApp`\" pulumi-lang-python=\"`app_get_app`\" pulumi-lang-yaml=\"`okta.app.getApp`\" pulumi-lang-java=\"`okta.app.getApp`\"\u003e`okta.app.getApp`\u003c/span\u003e, please replace all uses of this with: \u003cspan pulumi-lang-nodejs=\"`okta.AppGroupAssignments`\" pulumi-lang-dotnet=\"`okta.AppGroupAssignments`\" pulumi-lang-go=\"`AppGroupAssignments`\" pulumi-lang-python=\"`AppGroupAssignments`\" pulumi-lang-yaml=\"`okta.AppGroupAssignments`\" pulumi-lang-java=\"`okta.AppGroupAssignments`\"\u003e`okta.AppGroupAssignments`\u003c/span\u003e","description":"Groups associated with the application\n","items":{"type":"string"},"type":"array"},"id":{"description":"Id of application to retrieve, conflicts with label and label_prefix.\n","type":"string"},"label":{"description":"The label of the app to retrieve, conflicts with\n\t\t\u003cspan pulumi-lang-nodejs=\"\tlabelPrefix \" pulumi-lang-dotnet=\"\tLabelPrefix \" pulumi-lang-go=\"\tlabelPrefix \" pulumi-lang-python=\"\tlabel_prefix \" pulumi-lang-yaml=\"\tlabelPrefix \" pulumi-lang-java=\"\tlabelPrefix \"\u003e\tlabel_prefix \u003c/span\u003eand id. Label uses the ?q=\\n\\n query parameter exposed by\n\t\t\tOkta's List Apps API. The API will search both name and label using that\n\t\t\tquery. Therefore similarily named and labeled apps may be returned in the query\n\t\t\tand have the unitended result of associating the wrong app with this data\n\t\t\tsource. See:\n\t\t\thttps://developer.okta.com/docs/reference/api/apps/#list-applications\n","type":"string"},"labelPrefix":{"description":"Label prefix of the app to retrieve, conflicts with label and id. This will tell the\n\t\t\tprovider to do a starts with query as opposed to an equals query.\n","type":"string"},"links":{"description":"Discoverable resources related to the app\n","type":"string"},"name":{"description":"Name of application.\n","type":"string"},"skipGroups":{"deprecationMessage":"Because groups has been removed, this attribute is a no op and will be removed","description":"Ignore groups sync. This is a temporary solution until 'groups' field is supported in all the app-like resources\n","type":"boolean"},"skipUsers":{"deprecationMessage":"Because users has been removed, this attribute is a no op and will be removed","description":"Ignore users sync. This is a temporary solution until 'users' field is supported in all the app-like resources\n","type":"boolean"},"status":{"description":"Status of application.\n","type":"string"},"users":{"deprecationMessage":"The \u003cspan pulumi-lang-nodejs=\"`users`\" pulumi-lang-dotnet=\"`Users`\" pulumi-lang-go=\"`users`\" pulumi-lang-python=\"`users`\" pulumi-lang-yaml=\"`users`\" pulumi-lang-java=\"`users`\"\u003e`users`\u003c/span\u003e field is now deprecated for the data source \u003cspan pulumi-lang-nodejs=\"`okta.app.getApp`\" pulumi-lang-dotnet=\"`okta.app.getApp`\" pulumi-lang-go=\"`app.getApp`\" pulumi-lang-python=\"`app_get_app`\" pulumi-lang-yaml=\"`okta.app.getApp`\" pulumi-lang-java=\"`okta.app.getApp`\"\u003e`okta.app.getApp`\u003c/span\u003e, please replace all uses of this with: \u003cspan pulumi-lang-nodejs=\"`okta.getAppUserAssignments`\" pulumi-lang-dotnet=\"`okta.getAppUserAssignments`\" pulumi-lang-go=\"`getAppUserAssignments`\" pulumi-lang-python=\"`get_app_user_assignments`\" pulumi-lang-yaml=\"`okta.getAppUserAssignments`\" pulumi-lang-java=\"`okta.getAppUserAssignments`\"\u003e`okta.getAppUserAssignments`\u003c/span\u003e","description":"Users associated with the application\n","items":{"type":"string"},"type":"array"}},"required":["groups","links","name","status","users"],"type":"object"}},"okta:app/getConnection:getConnection":{"description":"Retrieves the default provisioning connection for an app.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst example = okta.app.getConnection({\n    id: \"0oa1234567890abcdef\",\n});\nexport const connectionStatus = example.then(example =\u003e example.status);\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\nexample = okta.app.get_connection(id=\"0oa1234567890abcdef\")\npulumi.export(\"connectionStatus\", example.status)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var example = Okta.App.GetConnection.Invoke(new()\n    {\n        Id = \"0oa1234567890abcdef\",\n    });\n\n    return new Dictionary\u003cstring, object?\u003e\n    {\n        [\"connectionStatus\"] = example.Apply(getConnectionResult =\u003e getConnectionResult.Status),\n    };\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta/app\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := app.LookupConnection(ctx, \u0026app.LookupConnectionArgs{\n\t\t\tId: \"0oa1234567890abcdef\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tctx.Export(\"connectionStatus\", example.Status)\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.app.AppFunctions;\nimport com.pulumi.okta.app.inputs.GetConnectionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        final var example = AppFunctions.getConnection(GetConnectionArgs.builder()\n            .id(\"0oa1234567890abcdef\")\n            .build());\n\n        ctx.export(\"connectionStatus\", example.status());\n    }\n}\n```\n```yaml\nvariables:\n  example:\n    fn::invoke:\n      function: okta:app:getConnection\n      arguments:\n        id: 0oa1234567890abcdef\noutputs:\n  # Use the retrieved data\n  connectionStatus: ${example.status}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n","inputs":{"description":"A collection of arguments for invoking getConnection.\n","properties":{"authScheme":{"type":"string","description":"A token is used to authenticate with the app. This property is only returned for the TOKEN authentication scheme.\n"},"baseUrl":{"type":"string","description":"The base URL for the provisioning connection.\n"},"id":{"type":"string","description":"The application ID for which to retrieve the provisioning connection information.\n"},"profile":{"$ref":"#/types/okta:app/getConnectionProfile:getConnectionProfile","description":"Profile information for the app connection.\n"}},"type":"object","required":["id"]},"outputs":{"description":"A collection of values returned by getConnection.\n","properties":{"authScheme":{"description":"A token is used to authenticate with the app. This property is only returned for the TOKEN authentication scheme.\n","type":"string"},"baseUrl":{"description":"The base URL for the provisioning connection.\n","type":"string"},"id":{"description":"The application ID for which to retrieve the provisioning connection information.\n","type":"string"},"profile":{"$ref":"#/types/okta:app/getConnectionProfile:getConnectionProfile","description":"Profile information for the app connection.\n"},"status":{"description":"Provisioning connection status.\n","type":"string"}},"required":["authScheme","baseUrl","id","status"],"type":"object"}},"okta:app/getFeatures:getFeatures":{"description":"Retrieves a Feature object for an app.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst example = okta.app.getFeatures({\n    appId: \"0oarblaf7hWdLawNg1d7\",\n    name: \"INBOUND_PROVISIONING\",\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\nexample = okta.app.get_features(app_id=\"0oarblaf7hWdLawNg1d7\",\n    name=\"INBOUND_PROVISIONING\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var example = Okta.App.GetFeatures.Invoke(new()\n    {\n        AppId = \"0oarblaf7hWdLawNg1d7\",\n        Name = \"INBOUND_PROVISIONING\",\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta/app\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := app.LookupFeatures(ctx, \u0026app.LookupFeaturesArgs{\n\t\t\tAppId: \"0oarblaf7hWdLawNg1d7\",\n\t\t\tName:  \"INBOUND_PROVISIONING\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.app.AppFunctions;\nimport com.pulumi.okta.app.inputs.GetFeaturesArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        final var example = AppFunctions.getFeatures(GetFeaturesArgs.builder()\n            .appId(\"0oarblaf7hWdLawNg1d7\")\n            .name(\"INBOUND_PROVISIONING\")\n            .build());\n\n    }\n}\n```\n```yaml\nvariables:\n  example:\n    fn::invoke:\n      function: okta:app:getFeatures\n      arguments:\n        appId: 0oarblaf7hWdLawNg1d7\n        name: INBOUND_PROVISIONING\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### User Provisioning Feature\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst userProvisioning = okta.app.getFeatures({\n    appId: example.id,\n    name: \"USER_PROVISIONING\",\n});\nexport const provisioningStatus = userProvisioning.then(userProvisioning =\u003e userProvisioning.status);\nexport const passwordSyncEnabled = userProvisioning.then(userProvisioning =\u003e userProvisioning.capabilities?.update?.password?.status);\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\nuser_provisioning = okta.app.get_features(app_id=example[\"id\"],\n    name=\"USER_PROVISIONING\")\npulumi.export(\"provisioningStatus\", user_provisioning.status)\npulumi.export(\"passwordSyncEnabled\", user_provisioning.capabilities.update.password.status)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var userProvisioning = Okta.App.GetFeatures.Invoke(new()\n    {\n        AppId = example.Id,\n        Name = \"USER_PROVISIONING\",\n    });\n\n    return new Dictionary\u003cstring, object?\u003e\n    {\n        [\"provisioningStatus\"] = userProvisioning.Apply(getFeaturesResult =\u003e getFeaturesResult.Status),\n        [\"passwordSyncEnabled\"] = userProvisioning.Apply(getFeaturesResult =\u003e getFeaturesResult.Capabilities?.Update?.Password?.Status),\n    };\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta/app\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tuserProvisioning, err := app.LookupFeatures(ctx, \u0026app.LookupFeaturesArgs{\n\t\t\tAppId: example.Id,\n\t\t\tName:  \"USER_PROVISIONING\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tctx.Export(\"provisioningStatus\", userProvisioning.Status)\n\t\tctx.Export(\"passwordSyncEnabled\", userProvisioning.Capabilities.Update.Password.Status)\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.app.AppFunctions;\nimport com.pulumi.okta.app.inputs.GetFeaturesArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        final var userProvisioning = AppFunctions.getFeatures(GetFeaturesArgs.builder()\n            .appId(example.id())\n            .name(\"USER_PROVISIONING\")\n            .build());\n\n        ctx.export(\"provisioningStatus\", userProvisioning.status());\n        ctx.export(\"passwordSyncEnabled\", userProvisioning.capabilities().update().password().status());\n    }\n}\n```\n```yaml\nvariables:\n  userProvisioning:\n    fn::invoke:\n      function: okta:app:getFeatures\n      arguments:\n        appId: ${example.id}\n        name: USER_PROVISIONING\noutputs:\n  provisioningStatus: ${userProvisioning.status}\n  passwordSyncEnabled: ${userProvisioning.capabilities.update.password.status}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Inbound Provisioning Feature\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst inboundProvisioning = okta.app.getFeatures({\n    appId: example.id,\n    name: \"INBOUND_PROVISIONING\",\n});\nexport const importScheduleStatus = inboundProvisioning.then(inboundProvisioning =\u003e inboundProvisioning.capabilities?.importSettings?.schedule?.status);\nexport const autoActivateUsers = inboundProvisioning.then(inboundProvisioning =\u003e inboundProvisioning.capabilities?.importRules?.userCreateAndMatch?.autoActivateNewUsers);\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\ninbound_provisioning = okta.app.get_features(app_id=example[\"id\"],\n    name=\"INBOUND_PROVISIONING\")\npulumi.export(\"importScheduleStatus\", inbound_provisioning.capabilities.import_settings.schedule.status)\npulumi.export(\"autoActivateUsers\", inbound_provisioning.capabilities.import_rules.user_create_and_match.auto_activate_new_users)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var inboundProvisioning = Okta.App.GetFeatures.Invoke(new()\n    {\n        AppId = example.Id,\n        Name = \"INBOUND_PROVISIONING\",\n    });\n\n    return new Dictionary\u003cstring, object?\u003e\n    {\n        [\"importScheduleStatus\"] = inboundProvisioning.Apply(getFeaturesResult =\u003e getFeaturesResult.Capabilities?.ImportSettings?.Schedule?.Status),\n        [\"autoActivateUsers\"] = inboundProvisioning.Apply(getFeaturesResult =\u003e getFeaturesResult.Capabilities?.ImportRules?.UserCreateAndMatch?.AutoActivateNewUsers),\n    };\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta/app\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tinboundProvisioning, err := app.LookupFeatures(ctx, \u0026app.LookupFeaturesArgs{\n\t\t\tAppId: example.Id,\n\t\t\tName:  \"INBOUND_PROVISIONING\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tctx.Export(\"importScheduleStatus\", inboundProvisioning.Capabilities.ImportSettings.Schedule.Status)\n\t\tctx.Export(\"autoActivateUsers\", inboundProvisioning.Capabilities.ImportRules.UserCreateAndMatch.AutoActivateNewUsers)\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.app.AppFunctions;\nimport com.pulumi.okta.app.inputs.GetFeaturesArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        final var inboundProvisioning = AppFunctions.getFeatures(GetFeaturesArgs.builder()\n            .appId(example.id())\n            .name(\"INBOUND_PROVISIONING\")\n            .build());\n\n        ctx.export(\"importScheduleStatus\", inboundProvisioning.capabilities().importSettings().schedule().status());\n        ctx.export(\"autoActivateUsers\", inboundProvisioning.capabilities().importRules().userCreateAndMatch().autoActivateNewUsers());\n    }\n}\n```\n```yaml\nvariables:\n  inboundProvisioning:\n    fn::invoke:\n      function: okta:app:getFeatures\n      arguments:\n        appId: ${example.id}\n        name: INBOUND_PROVISIONING\noutputs:\n  importScheduleStatus: ${inboundProvisioning.capabilities.importSettings.schedule.status}\n  autoActivateUsers: ${inboundProvisioning.capabilities.importRules.userCreateAndMatch.autoActivateNewUsers}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n","inputs":{"description":"A collection of arguments for invoking getFeatures.\n","properties":{"appId":{"type":"string","description":"The ID of the application to retrieve features for.\n"},"capabilities":{"$ref":"#/types/okta:app/getFeaturesCapabilities:getFeaturesCapabilities","description":"A block containing the feature capabilities configuration. See Capabilities below.\n"},"name":{"type":"string","description":"The name of the feature to retrieve. Valid values include:\n* `USER_PROVISIONING` - User profiles are pushed from Okta to the third-party app.\n* `INBOUND_PROVISIONING` - User profiles are imported from the third-party app into Okta.\n"}},"type":"object","required":["appId","name"]},"outputs":{"description":"A collection of values returned by getFeatures.\n","properties":{"appId":{"type":"string"},"capabilities":{"$ref":"#/types/okta:app/getFeaturesCapabilities:getFeaturesCapabilities","description":"A block containing the feature capabilities configuration. See Capabilities below.\n"},"description":{"description":"Description of the feature.\n","type":"string"},"id":{"description":"The unique identifier of the app feature.\n","type":"string"},"name":{"type":"string"},"status":{"description":"(String) Status of the import schedule. Valid values are `ENABLED` or `DISABLED`.\n","type":"string"}},"required":["appId","description","id","name","status"],"type":"object"}},"okta:app/getFederatedClaim:getFederatedClaim":{"description":"Get a federated claim for an Okta application.\n\nUse this data source to retrieve information about a federated claim that has been configured for an application. Federated claims add custom claims to tokens produced for an application using Okta Expression Language.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst example = okta.app.getFederatedClaim({\n    appId: \"0oa1234567890abcdef\",\n    id: \"ofcu234567890abcdef\",\n});\nexport const claimExpression = example.then(example =\u003e example.expression);\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\nexample = okta.app.get_federated_claim(app_id=\"0oa1234567890abcdef\",\n    id=\"ofcu234567890abcdef\")\npulumi.export(\"claimExpression\", example.expression)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var example = Okta.App.GetFederatedClaim.Invoke(new()\n    {\n        AppId = \"0oa1234567890abcdef\",\n        Id = \"ofcu234567890abcdef\",\n    });\n\n    return new Dictionary\u003cstring, object?\u003e\n    {\n        [\"claimExpression\"] = example.Apply(getFederatedClaimResult =\u003e getFederatedClaimResult.Expression),\n    };\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta/app\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := app.LookupFederatedClaim(ctx, \u0026app.LookupFederatedClaimArgs{\n\t\t\tAppId: \"0oa1234567890abcdef\",\n\t\t\tId:    \"ofcu234567890abcdef\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tctx.Export(\"claimExpression\", example.Expression)\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.app.AppFunctions;\nimport com.pulumi.okta.app.inputs.GetFederatedClaimArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        final var example = AppFunctions.getFederatedClaim(GetFederatedClaimArgs.builder()\n            .appId(\"0oa1234567890abcdef\")\n            .id(\"ofcu234567890abcdef\")\n            .build());\n\n        ctx.export(\"claimExpression\", example.expression());\n    }\n}\n```\n```yaml\nvariables:\n  example:\n    fn::invoke:\n      function: okta:app:getFederatedClaim\n      arguments:\n        appId: 0oa1234567890abcdef\n        id: ofcu234567890abcdef\noutputs:\n  claimExpression: ${example.expression}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Using with a Resource\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst testApp = new okta.app.Saml(\"test_app\", {\n    label: \"example\",\n    ssoUrl: \"https://example.com\",\n    recipient: \"https://example.com\",\n    destination: \"https://example.com\",\n    audience: \"https://example.com/audience\",\n    subjectNameIdTemplate: \"${user.userName}\",\n    subjectNameIdFormat: \"urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress\",\n    responseSigned: true,\n    signatureAlgorithm: \"RSA_SHA256\",\n    digestAlgorithm: \"SHA256\",\n});\nconst exampleFederatedClaim = new okta.app.FederatedClaim(\"example\", {\n    appId: testApp.id,\n    name: \"role_last_name\",\n    expression: \"user.profile.lastName\",\n});\nconst example = okta.app.getFederatedClaimOutput({\n    appId: testApp.id,\n    id: exampleFederatedClaim.id,\n});\nexport const claimName = example.apply(example =\u003e example.name);\nexport const claimExpression = example.apply(example =\u003e example.expression);\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\ntest_app = okta.app.Saml(\"test_app\",\n    label=\"example\",\n    sso_url=\"https://example.com\",\n    recipient=\"https://example.com\",\n    destination=\"https://example.com\",\n    audience=\"https://example.com/audience\",\n    subject_name_id_template=\"${user.userName}\",\n    subject_name_id_format=\"urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress\",\n    response_signed=True,\n    signature_algorithm=\"RSA_SHA256\",\n    digest_algorithm=\"SHA256\")\nexample_federated_claim = okta.app.FederatedClaim(\"example\",\n    app_id=test_app.id,\n    name=\"role_last_name\",\n    expression=\"user.profile.lastName\")\nexample = okta.app.get_federated_claim_output(app_id=test_app.id,\n    id=example_federated_claim.id)\npulumi.export(\"claimName\", example.name)\npulumi.export(\"claimExpression\", example.expression)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var testApp = new Okta.App.Saml(\"test_app\", new()\n    {\n        Label = \"example\",\n        SsoUrl = \"https://example.com\",\n        Recipient = \"https://example.com\",\n        Destination = \"https://example.com\",\n        Audience = \"https://example.com/audience\",\n        SubjectNameIdTemplate = \"${user.userName}\",\n        SubjectNameIdFormat = \"urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress\",\n        ResponseSigned = true,\n        SignatureAlgorithm = \"RSA_SHA256\",\n        DigestAlgorithm = \"SHA256\",\n    });\n\n    var exampleFederatedClaim = new Okta.App.FederatedClaim(\"example\", new()\n    {\n        AppId = testApp.Id,\n        Name = \"role_last_name\",\n        Expression = \"user.profile.lastName\",\n    });\n\n    var example = Okta.App.GetFederatedClaim.Invoke(new()\n    {\n        AppId = testApp.Id,\n        Id = exampleFederatedClaim.Id,\n    });\n\n    return new Dictionary\u003cstring, object?\u003e\n    {\n        [\"claimName\"] = example.Apply(getFederatedClaimResult =\u003e getFederatedClaimResult.Name),\n        [\"claimExpression\"] = example.Apply(getFederatedClaimResult =\u003e getFederatedClaimResult.Expression),\n    };\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta/app\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttestApp, err := app.NewSaml(ctx, \"test_app\", \u0026app.SamlArgs{\n\t\t\tLabel:                 pulumi.String(\"example\"),\n\t\t\tSsoUrl:                pulumi.String(\"https://example.com\"),\n\t\t\tRecipient:             pulumi.String(\"https://example.com\"),\n\t\t\tDestination:           pulumi.String(\"https://example.com\"),\n\t\t\tAudience:              pulumi.String(\"https://example.com/audience\"),\n\t\t\tSubjectNameIdTemplate: pulumi.String(\"${user.userName}\"),\n\t\t\tSubjectNameIdFormat:   pulumi.String(\"urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress\"),\n\t\t\tResponseSigned:        pulumi.Bool(true),\n\t\t\tSignatureAlgorithm:    pulumi.String(\"RSA_SHA256\"),\n\t\t\tDigestAlgorithm:       pulumi.String(\"SHA256\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleFederatedClaim, err := app.NewFederatedClaim(ctx, \"example\", \u0026app.FederatedClaimArgs{\n\t\t\tAppId:      testApp.ID(),\n\t\t\tName:       pulumi.String(\"role_last_name\"),\n\t\t\tExpression: pulumi.String(\"user.profile.lastName\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample := app.LookupFederatedClaimOutput(ctx, app.GetFederatedClaimOutputArgs{\n\t\t\tAppId: testApp.ID(),\n\t\t\tId:    exampleFederatedClaim.ID(),\n\t\t}, nil)\n\t\tctx.Export(\"claimName\", example.ApplyT(func(example app.GetFederatedClaimResult) (*string, error) {\n\t\t\treturn \u0026example.Name, nil\n\t\t}).(pulumi.StringPtrOutput))\n\t\tctx.Export(\"claimExpression\", example.ApplyT(func(example app.GetFederatedClaimResult) (*string, error) {\n\t\t\treturn \u0026example.Expression, nil\n\t\t}).(pulumi.StringPtrOutput))\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.app.Saml;\nimport com.pulumi.okta.app.SamlArgs;\nimport com.pulumi.okta.app.FederatedClaim;\nimport com.pulumi.okta.app.FederatedClaimArgs;\nimport com.pulumi.okta.app.AppFunctions;\nimport com.pulumi.okta.app.inputs.GetFederatedClaimArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        var testApp = new Saml(\"testApp\", SamlArgs.builder()\n            .label(\"example\")\n            .ssoUrl(\"https://example.com\")\n            .recipient(\"https://example.com\")\n            .destination(\"https://example.com\")\n            .audience(\"https://example.com/audience\")\n            .subjectNameIdTemplate(\"${user.userName}\")\n            .subjectNameIdFormat(\"urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress\")\n            .responseSigned(true)\n            .signatureAlgorithm(\"RSA_SHA256\")\n            .digestAlgorithm(\"SHA256\")\n            .build());\n\n        var exampleFederatedClaim = new FederatedClaim(\"exampleFederatedClaim\", FederatedClaimArgs.builder()\n            .appId(testApp.id())\n            .name(\"role_last_name\")\n            .expression(\"user.profile.lastName\")\n            .build());\n\n        final var example = AppFunctions.getFederatedClaim(GetFederatedClaimArgs.builder()\n            .appId(testApp.id())\n            .id(exampleFederatedClaim.id())\n            .build());\n\n        ctx.export(\"claimName\", example.applyValue(_example -\u003e _example.name()));\n        ctx.export(\"claimExpression\", example.applyValue(_example -\u003e _example.expression()));\n    }\n}\n```\n```yaml\nresources:\n  testApp:\n    type: okta:app:Saml\n    name: test_app\n    properties:\n      label: example\n      ssoUrl: https://example.com\n      recipient: https://example.com\n      destination: https://example.com\n      audience: https://example.com/audience\n      subjectNameIdTemplate: $${user.userName}\n      subjectNameIdFormat: urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress\n      responseSigned: true\n      signatureAlgorithm: RSA_SHA256\n      digestAlgorithm: SHA256\n  exampleFederatedClaim:\n    type: okta:app:FederatedClaim\n    name: example\n    properties:\n      appId: ${testApp.id}\n      name: role_last_name\n      expression: user.profile.lastName\nvariables:\n  example:\n    fn::invoke:\n      function: okta:app:getFederatedClaim\n      arguments:\n        appId: ${testApp.id}\n        id: ${exampleFederatedClaim.id}\noutputs:\n  claimName: ${example.name}\n  claimExpression: ${example.expression}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n","inputs":{"description":"A collection of arguments for invoking getFederatedClaim.\n","properties":{"appId":{"type":"string","description":"The ID of the application that the federated claim belongs to.\n"},"id":{"type":"string","description":"The unique identifier for the federated claim.\n"}},"type":"object","required":["appId","id"]},"outputs":{"description":"A collection of values returned by getFederatedClaim.\n","properties":{"appId":{"description":"The ID of the application that the federated claim belongs to.\n","type":"string"},"expression":{"description":"The Okta Expression Language expression to be evaluated at runtime.\n","type":"string"},"id":{"description":"The unique identifier for the federated claim.\n","type":"string"},"name":{"description":"The name of the claim to be used in the produced token.\n","type":"string"}},"required":["appId","expression","id","name"],"type":"object"}},"okta:app/getMetadataSaml:getMetadataSaml":{"description":"Get a SAML application's metadata from Okta.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst example = okta.app.getMetadataSaml({\n    appId: \"\u003capp id\u003e\",\n    keyId: \"\u003ccert key id\u003e\",\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\nexample = okta.app.get_metadata_saml(app_id=\"\u003capp id\u003e\",\n    key_id=\"\u003ccert key id\u003e\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var example = Okta.App.GetMetadataSaml.Invoke(new()\n    {\n        AppId = \"\u003capp id\u003e\",\n        KeyId = \"\u003ccert key id\u003e\",\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta/app\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := app.GetMetadataSaml(ctx, \u0026app.GetMetadataSamlArgs{\n\t\t\tAppId: \"\u003capp id\u003e\",\n\t\t\tKeyId: pulumi.StringRef(\"\u003ccert key id\u003e\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.app.AppFunctions;\nimport com.pulumi.okta.app.inputs.GetMetadataSamlArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        final var example = AppFunctions.getMetadataSaml(GetMetadataSamlArgs.builder()\n            .appId(\"\u003capp id\u003e\")\n            .keyId(\"\u003ccert key id\u003e\")\n            .build());\n\n    }\n}\n```\n```yaml\nvariables:\n  example:\n    fn::invoke:\n      function: okta:app:getMetadataSaml\n      arguments:\n        appId: \u003capp id\u003e\n        keyId: \u003ccert key id\u003e\n```\n\u003c!--End PulumiCodeChooser --\u003e\n","inputs":{"description":"A collection of arguments for invoking getMetadataSaml.\n","properties":{"appId":{"type":"string","description":"The application ID.\n"},"keyId":{"type":"string","description":"Certificate Key ID.\n"}},"type":"object","required":["appId"]},"outputs":{"description":"A collection of values returned by getMetadataSaml.\n","properties":{"appId":{"description":"The application ID.\n","type":"string"},"certificate":{"description":"Public certificate from application metadata.\n","type":"string"},"entityId":{"description":"Entity URL for instance https://www.okta.com/saml2/service-provider/sposcfdmlybtwkdcgtuf\n","type":"string"},"httpPostBinding":{"description":"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Post location from the SAML metadata.\n","type":"string"},"httpRedirectBinding":{"description":"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect location from the SAML metadata.\n","type":"string"},"id":{"description":"The provider-assigned unique ID for this managed resource.","type":"string"},"keyId":{"description":"Certificate Key ID.\n","type":"string"},"metadata":{"description":"Raw metadata of application.\n","type":"string"},"wantAuthnRequestsSigned":{"description":"Whether authn requests are signed.\n","type":"boolean"}},"required":["appId","certificate","entityId","httpPostBinding","httpRedirectBinding","metadata","wantAuthnRequestsSigned","id"],"type":"object"}},"okta:app/getOauth:getOauth":{"description":"Get a OIDC application from Okta.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst test = okta.app.getOauth({\n    label: \"Example App\",\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\ntest = okta.app.get_oauth(label=\"Example App\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var test = Okta.App.GetOauth.Invoke(new()\n    {\n        Label = \"Example App\",\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta/app\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := app.GetOauth(ctx, \u0026app.GetOauthArgs{\n\t\t\tLabel: pulumi.StringRef(\"Example App\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.app.AppFunctions;\nimport com.pulumi.okta.app.inputs.GetOauthArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        final var test = AppFunctions.getOauth(GetOauthArgs.builder()\n            .label(\"Example App\")\n            .build());\n\n    }\n}\n```\n```yaml\nvariables:\n  test:\n    fn::invoke:\n      function: okta:app:getOauth\n      arguments:\n        label: Example App\n```\n\u003c!--End PulumiCodeChooser --\u003e\n","inputs":{"description":"A collection of arguments for invoking getOauth.\n","properties":{"activeOnly":{"type":"boolean","description":"Search only ACTIVE applications.\n"},"id":{"type":"string","description":"Id of application to retrieve, conflicts with label and label_prefix.\n"},"label":{"type":"string","description":"The label of the app to retrieve, conflicts with\n\t\t\u003cspan pulumi-lang-nodejs=\"\tlabelPrefix \" pulumi-lang-dotnet=\"\tLabelPrefix \" pulumi-lang-go=\"\tlabelPrefix \" pulumi-lang-python=\"\tlabel_prefix \" pulumi-lang-yaml=\"\tlabelPrefix \" pulumi-lang-java=\"\tlabelPrefix \"\u003e\tlabel_prefix \u003c/span\u003eand id. Label uses the ?q=\\n\\n query parameter exposed by\n\t\t\tOkta's List Apps API. The API will search both name and label using that\n\t\t\tquery. Therefore similarily named and labeled apps may be returned in the query\n\t\t\tand have the unitended result of associating the wrong app with this data\n\t\t\tsource. See:\n\t\t\thttps://developer.okta.com/docs/reference/api/apps/#list-applications\n"},"labelPrefix":{"type":"string","description":"Label prefix of the app to retrieve, conflicts with label and id. This will tell the\n\t\t\tprovider to do a starts with query as opposed to an equals query.\n"},"skipGroups":{"type":"boolean","description":"Ignore groups sync. This is a temporary solution until 'groups' field is supported in all the app-like resources\n","deprecationMessage":"Because groups has been removed, this attribute is a no op and will be removed"},"skipUsers":{"type":"boolean","description":"Ignore users sync. This is a temporary solution until 'users' field is supported in all the app-like resources\n","deprecationMessage":"Because users has been removed, this attribute is a no op and will be removed"}},"type":"object"},"outputs":{"description":"A collection of values returned by getOauth.\n","properties":{"activeOnly":{"description":"Search only ACTIVE applications.\n","type":"boolean"},"autoSubmitToolbar":{"description":"Display auto submit toolbar\n","type":"boolean"},"clientId":{"description":"OAuth client ID\n","type":"string"},"clientSecret":{"description":"OAuth client secret\n","secret":true,"type":"string"},"clientUri":{"description":"URI to a web page providing information about the client.\n","type":"string"},"grantTypes":{"description":"List of OAuth 2.0 grant types\n","items":{"type":"string"},"type":"array"},"hideIos":{"description":"Do not display application icon on mobile app\n","type":"boolean"},"hideWeb":{"description":"Do not display application icon to users\n","type":"boolean"},"id":{"description":"Id of application to retrieve, conflicts with label and label_prefix.\n","type":"string"},"label":{"description":"The label of the app to retrieve, conflicts with\n\t\t\u003cspan pulumi-lang-nodejs=\"\tlabelPrefix \" pulumi-lang-dotnet=\"\tLabelPrefix \" pulumi-lang-go=\"\tlabelPrefix \" pulumi-lang-python=\"\tlabel_prefix \" pulumi-lang-yaml=\"\tlabelPrefix \" pulumi-lang-java=\"\tlabelPrefix \"\u003e\tlabel_prefix \u003c/span\u003eand id. Label uses the ?q=\\n\\n query parameter exposed by\n\t\t\tOkta's List Apps API. The API will search both name and label using that\n\t\t\tquery. Therefore similarily named and labeled apps may be returned in the query\n\t\t\tand have the unitended result of associating the wrong app with this data\n\t\t\tsource. See:\n\t\t\thttps://developer.okta.com/docs/reference/api/apps/#list-applications\n","type":"string"},"labelPrefix":{"description":"Label prefix of the app to retrieve, conflicts with label and id. This will tell the\n\t\t\tprovider to do a starts with query as opposed to an equals query.\n","type":"string"},"links":{"description":"Discoverable resources related to the app\n","type":"string"},"loginMode":{"description":"The type of Idp-Initiated login that the client supports, if any\n","type":"string"},"loginScopes":{"description":"List of scopes to use for the request when 'login_mode' == OKTA\n","items":{"type":"string"},"type":"array"},"loginUri":{"description":"URI that initiates login.\n","type":"string"},"logoUri":{"description":"URI that references a logo for the client.\n","type":"string"},"name":{"description":"Name of application.\n","type":"string"},"policyUri":{"description":"URI to web page providing client policy document.\n","type":"string"},"postLogoutRedirectUris":{"description":"List of URIs for redirection after logout\n","items":{"type":"string"},"type":"array"},"redirectUris":{"description":"List of URIs for use in the redirect-based flow.\n","items":{"type":"string"},"type":"array"},"responseTypes":{"description":"List of OAuth 2.0 response type strings.\n","items":{"type":"string"},"type":"array"},"skipGroups":{"deprecationMessage":"Because groups has been removed, this attribute is a no op and will be removed","description":"Ignore groups sync. This is a temporary solution until 'groups' field is supported in all the app-like resources\n","type":"boolean"},"skipUsers":{"deprecationMessage":"Because users has been removed, this attribute is a no op and will be removed","description":"Ignore users sync. This is a temporary solution until 'users' field is supported in all the app-like resources\n","type":"boolean"},"status":{"description":"Status of application.\n","type":"string"},"type":{"description":"The type of OAuth application.\n","type":"string"},"wildcardRedirect":{"description":"Indicates if the client is allowed to use wildcard matching of redirect_uris. Some valid values include: \"SUBDOMAIN\", \"DISABLED\".\n","type":"string"}},"required":["autoSubmitToolbar","clientId","clientSecret","clientUri","grantTypes","hideIos","hideWeb","links","loginMode","loginScopes","loginUri","logoUri","name","policyUri","postLogoutRedirectUris","redirectUris","responseTypes","status","type","wildcardRedirect"],"type":"object"}},"okta:app/getSaml:getSaml":{"description":"Get a SAML application from Okta.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst example = okta.app.getSaml({\n    label: \"Example App\",\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\nexample = okta.app.get_saml(label=\"Example App\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var example = Okta.App.GetSaml.Invoke(new()\n    {\n        Label = \"Example App\",\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta/app\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := app.LookupSaml(ctx, \u0026app.LookupSamlArgs{\n\t\t\tLabel: pulumi.StringRef(\"Example App\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.app.AppFunctions;\nimport com.pulumi.okta.app.inputs.GetSamlArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        final var example = AppFunctions.getSaml(GetSamlArgs.builder()\n            .label(\"Example App\")\n            .build());\n\n    }\n}\n```\n```yaml\nvariables:\n  example:\n    fn::invoke:\n      function: okta:app:getSaml\n      arguments:\n        label: Example App\n```\n\u003c!--End PulumiCodeChooser --\u003e\n","inputs":{"description":"A collection of arguments for invoking getSaml.\n","properties":{"activeOnly":{"type":"boolean","description":"Search only ACTIVE applications.\n"},"id":{"type":"string","description":"Id of application to retrieve, conflicts with label and label_prefix.\n"},"label":{"type":"string","description":"The label of the app to retrieve, conflicts with\u003cspan pulumi-lang-nodejs=\" labelPrefix \" pulumi-lang-dotnet=\" LabelPrefix \" pulumi-lang-go=\" labelPrefix \" pulumi-lang-python=\" label_prefix \" pulumi-lang-yaml=\" labelPrefix \" pulumi-lang-java=\" labelPrefix \"\u003e label_prefix \u003c/span\u003eand id. Label\n\t\t\tuses the ?q=\\n\\n query parameter exposed by Okta's API. It should be noted that at this time\n\t\t\tthis searches both name and label. This is used to avoid paginating through all applications.\n"},"labelPrefix":{"type":"string","description":"Label prefix of the app to retrieve, conflicts with label and id. This will tell the\n\t\t\tprovider to do a starts with query as opposed to an equals query.\n"},"requestCompressed":{"type":"boolean","description":"Denotes whether the request is compressed or not.\n"},"skipGroups":{"type":"boolean","description":"Ignore groups sync. This is a temporary solution until 'groups' field is supported in all the app-like resources\n","deprecationMessage":"Because groups has been removed, this attribute is a no op and will be removed"},"skipUsers":{"type":"boolean","description":"Ignore users sync. This is a temporary solution until 'users' field is supported in all the app-like resources\n","deprecationMessage":"Because users has been removed, this attribute is a no op and will be removed"}},"type":"object"},"outputs":{"description":"A collection of values returned by getSaml.\n","properties":{"accessibilityErrorRedirectUrl":{"description":"Custom error page URL\n","type":"string"},"accessibilityLoginRedirectUrl":{"description":"Custom login page URL\n","type":"string"},"accessibilitySelfService":{"description":"Enable self service\n","type":"boolean"},"acsEndpoints":{"description":"List of ACS endpoints for this SAML application\n","items":{"type":"string"},"type":"array"},"activeOnly":{"description":"Search only ACTIVE applications.\n","type":"boolean"},"appSettingsJson":{"description":"Application settings in JSON format\n","type":"string"},"assertionSigned":{"description":"Determines whether the SAML assertion is digitally signed\n","type":"boolean"},"attributeStatements":{"items":{"$ref":"#/types/okta:app/getSamlAttributeStatement:getSamlAttributeStatement"},"type":"array"},"audience":{"description":"Audience Restriction\n","type":"string"},"authnContextClassRef":{"description":"Identifies the SAML authentication context class for the assertion’s authentication statement\n","type":"string"},"autoSubmitToolbar":{"description":"Display auto submit toolbar\n","type":"boolean"},"defaultRelayState":{"description":"Identifies a specific application resource in an IDP initiated SSO scenario.\n","type":"string"},"destination":{"description":"Identifies the location where the SAML response is intended to be sent inside of the SAML assertion\n","type":"string"},"digestAlgorithm":{"description":"Determines the digest algorithm used to digitally sign the SAML assertion and response\n","type":"string"},"features":{"description":"features to enable\n","items":{"type":"string"},"type":"array"},"groups":{"deprecationMessage":"The \u003cspan pulumi-lang-nodejs=\"`groups`\" pulumi-lang-dotnet=\"`Groups`\" pulumi-lang-go=\"`groups`\" pulumi-lang-python=\"`groups`\" pulumi-lang-yaml=\"`groups`\" pulumi-lang-java=\"`groups`\"\u003e`groups`\u003c/span\u003e field is now deprecated for the data source \u003cspan pulumi-lang-nodejs=\"`okta.app.Saml`\" pulumi-lang-dotnet=\"`okta.app.Saml`\" pulumi-lang-go=\"`app.Saml`\" pulumi-lang-python=\"`app.Saml`\" pulumi-lang-yaml=\"`okta.app.Saml`\" pulumi-lang-java=\"`okta.app.Saml`\"\u003e`okta.app.Saml`\u003c/span\u003e, please replace all uses of this with: \u003cspan pulumi-lang-nodejs=\"`okta.AppGroupAssignments`\" pulumi-lang-dotnet=\"`okta.AppGroupAssignments`\" pulumi-lang-go=\"`AppGroupAssignments`\" pulumi-lang-python=\"`AppGroupAssignments`\" pulumi-lang-yaml=\"`okta.AppGroupAssignments`\" pulumi-lang-java=\"`okta.AppGroupAssignments`\"\u003e`okta.AppGroupAssignments`\u003c/span\u003e","description":"Groups associated with the application\n","items":{"type":"string"},"type":"array"},"hideIos":{"description":"Do not display application icon on mobile app\n","type":"boolean"},"hideWeb":{"description":"Do not display application icon to users\n","type":"boolean"},"honorForceAuthn":{"description":"Prompt user to re-authenticate if SP asks for it\n","type":"boolean"},"id":{"description":"Id of application to retrieve, conflicts with label and label_prefix.\n","type":"string"},"idpIssuer":{"description":"SAML issuer ID\n","type":"string"},"inlineHookId":{"description":"Saml Inline Hook setting\n","type":"string"},"keyId":{"description":"Certificate ID\n","type":"string"},"label":{"description":"The label of the app to retrieve, conflicts with\u003cspan pulumi-lang-nodejs=\" labelPrefix \" pulumi-lang-dotnet=\" LabelPrefix \" pulumi-lang-go=\" labelPrefix \" pulumi-lang-python=\" label_prefix \" pulumi-lang-yaml=\" labelPrefix \" pulumi-lang-java=\" labelPrefix \"\u003e label_prefix \u003c/span\u003eand id. Label\n\t\t\tuses the ?q=\\n\\n query parameter exposed by Okta's API. It should be noted that at this time\n\t\t\tthis searches both name and label. This is used to avoid paginating through all applications.\n","type":"string"},"labelPrefix":{"description":"Label prefix of the app to retrieve, conflicts with label and id. This will tell the\n\t\t\tprovider to do a starts with query as opposed to an equals query.\n","type":"string"},"links":{"description":"Discoverable resources related to the app\n","type":"string"},"name":{"description":"Name of application.\n","type":"string"},"recipient":{"description":"The location where the app may present the SAML assertion\n","type":"string"},"requestCompressed":{"description":"Denotes whether the request is compressed or not.\n","type":"boolean"},"responseSigned":{"description":"Determines whether the SAML auth response message is digitally signed\n","type":"boolean"},"samlSignedRequestEnabled":{"description":"SAML Signed Request enabled\n","type":"boolean"},"signatureAlgorithm":{"description":"Signature algorithm used to digitally sign the assertion and response\n","type":"string"},"singleLogoutCertificate":{"description":"x509 encoded certificate that the Service Provider uses to sign Single Logout requests\n","type":"string"},"singleLogoutIssuer":{"description":"The issuer of the Service Provider that generates the Single Logout request\n","type":"string"},"singleLogoutUrl":{"description":"The location where the logout response is sent\n","type":"string"},"skipGroups":{"deprecationMessage":"Because groups has been removed, this attribute is a no op and will be removed","description":"Ignore groups sync. This is a temporary solution until 'groups' field is supported in all the app-like resources\n","type":"boolean"},"skipUsers":{"deprecationMessage":"Because users has been removed, this attribute is a no op and will be removed","description":"Ignore users sync. This is a temporary solution until 'users' field is supported in all the app-like resources\n","type":"boolean"},"spIssuer":{"description":"SAML SP issuer ID\n","type":"string"},"ssoUrl":{"description":"Single Sign On URL\n","type":"string"},"status":{"description":"Status of application.\n","type":"string"},"subjectNameIdFormat":{"description":"Identifies the SAML processing rules.\n","type":"string"},"subjectNameIdTemplate":{"description":"Template for app user's username when a user is assigned to the app\n","type":"string"},"userNameTemplate":{"description":"Username template\n","type":"string"},"userNameTemplatePushStatus":{"description":"Push username on update\n","type":"string"},"userNameTemplateSuffix":{"description":"Username template suffix\n","type":"string"},"userNameTemplateType":{"description":"Username template type\n","type":"string"},"users":{"deprecationMessage":"The \u003cspan pulumi-lang-nodejs=\"`users`\" pulumi-lang-dotnet=\"`Users`\" pulumi-lang-go=\"`users`\" pulumi-lang-python=\"`users`\" pulumi-lang-yaml=\"`users`\" pulumi-lang-java=\"`users`\"\u003e`users`\u003c/span\u003e field is now deprecated for the data source \u003cspan pulumi-lang-nodejs=\"`okta.app.Saml`\" pulumi-lang-dotnet=\"`okta.app.Saml`\" pulumi-lang-go=\"`app.Saml`\" pulumi-lang-python=\"`app.Saml`\" pulumi-lang-yaml=\"`okta.app.Saml`\" pulumi-lang-java=\"`okta.app.Saml`\"\u003e`okta.app.Saml`\u003c/span\u003e, please replace all uses of this with: \u003cspan pulumi-lang-nodejs=\"`okta.getAppUserAssignments`\" pulumi-lang-dotnet=\"`okta.getAppUserAssignments`\" pulumi-lang-go=\"`getAppUserAssignments`\" pulumi-lang-python=\"`get_app_user_assignments`\" pulumi-lang-yaml=\"`okta.getAppUserAssignments`\" pulumi-lang-java=\"`okta.getAppUserAssignments`\"\u003e`okta.getAppUserAssignments`\u003c/span\u003e","description":"Users associated with the application\n","items":{"type":"string"},"type":"array"}},"required":["accessibilityErrorRedirectUrl","accessibilityLoginRedirectUrl","accessibilitySelfService","acsEndpoints","appSettingsJson","assertionSigned","attributeStatements","audience","authnContextClassRef","autoSubmitToolbar","defaultRelayState","destination","digestAlgorithm","features","groups","hideIos","hideWeb","honorForceAuthn","idpIssuer","inlineHookId","keyId","links","name","recipient","responseSigned","samlSignedRequestEnabled","signatureAlgorithm","singleLogoutCertificate","singleLogoutIssuer","singleLogoutUrl","spIssuer","ssoUrl","status","subjectNameIdFormat","subjectNameIdTemplate","userNameTemplate","userNameTemplatePushStatus","userNameTemplateSuffix","userNameTemplateType","users"],"type":"object"}},"okta:app/getToken:getToken":{"description":"Retrieves a refresh token for the specified app.\n\n## Example Usage\n\n### Basic Token Information\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst example = okta.app.getToken({\n    clientId: \"0oardd5r32PWsF4421d7\",\n    id: \"oar1godmqw4QUiX4C1d7\",\n});\nexport const tokenStatus = example.then(example =\u003e example.status);\nexport const tokenUser = example.then(example =\u003e example.userId);\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\nexample = okta.app.get_token(client_id=\"0oardd5r32PWsF4421d7\",\n    id=\"oar1godmqw4QUiX4C1d7\")\npulumi.export(\"tokenStatus\", example.status)\npulumi.export(\"tokenUser\", example.user_id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var example = Okta.App.GetToken.Invoke(new()\n    {\n        ClientId = \"0oardd5r32PWsF4421d7\",\n        Id = \"oar1godmqw4QUiX4C1d7\",\n    });\n\n    return new Dictionary\u003cstring, object?\u003e\n    {\n        [\"tokenStatus\"] = example.Apply(getTokenResult =\u003e getTokenResult.Status),\n        [\"tokenUser\"] = example.Apply(getTokenResult =\u003e getTokenResult.UserId),\n    };\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta/app\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := app.LookupToken(ctx, \u0026app.LookupTokenArgs{\n\t\t\tClientId: \"0oardd5r32PWsF4421d7\",\n\t\t\tId:       \"oar1godmqw4QUiX4C1d7\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tctx.Export(\"tokenStatus\", example.Status)\n\t\tctx.Export(\"tokenUser\", example.UserId)\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.app.AppFunctions;\nimport com.pulumi.okta.app.inputs.GetTokenArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        final var example = AppFunctions.getToken(GetTokenArgs.builder()\n            .clientId(\"0oardd5r32PWsF4421d7\")\n            .id(\"oar1godmqw4QUiX4C1d7\")\n            .build());\n\n        ctx.export(\"tokenStatus\", example.status());\n        ctx.export(\"tokenUser\", example.userId());\n    }\n}\n```\n```yaml\nvariables:\n  example:\n    fn::invoke:\n      function: okta:app:getToken\n      arguments:\n        clientId: 0oardd5r32PWsF4421d7\n        id: oar1godmqw4QUiX4C1d7\noutputs:\n  tokenStatus: ${example.status}\n  tokenUser: ${example.userId}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n","inputs":{"description":"A collection of arguments for invoking getToken.\n","properties":{"clientId":{"type":"string","description":"The unique Okta ID of the application associated with this token. This is typically the \u003cspan pulumi-lang-nodejs=\"`clientId`\" pulumi-lang-dotnet=\"`ClientId`\" pulumi-lang-go=\"`clientId`\" pulumi-lang-python=\"`client_id`\" pulumi-lang-yaml=\"`clientId`\" pulumi-lang-java=\"`clientId`\"\u003e`client_id`\u003c/span\u003e of an application.\n"},"id":{"type":"string","description":"The unique Okta ID of the refresh token to retrieve.\n"}},"type":"object","required":["clientId","id"]},"outputs":{"description":"A collection of values returned by getToken.\n","properties":{"clientId":{"type":"string"},"created":{"description":"Timestamp when the token was created, in RFC3339 format.\n","type":"string"},"expiresAt":{"description":"Timestamp when the token expires, in RFC3339 format.\n","type":"string"},"id":{"type":"string"},"issuer":{"description":"The complete URL of the authorization server that issued the token.\n","type":"string"},"scopes":{"description":"List of scope names attached to the token.\n","items":{"type":"string"},"type":"array"},"status":{"description":"The current status of the token (e.g., `ACTIVE`, `REVOKED`).\n","type":"string"},"userId":{"description":"The unique ID of the user associated with this token.\n","type":"string"}},"required":["clientId","created","expiresAt","id","issuer","scopes","status","userId"],"type":"object"}},"okta:auth/getServer:getServer":{"description":"Get an auth server from Okta.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst example = okta.auth.getServer({\n    name: \"Example Auth\",\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\nexample = okta.auth.get_server(name=\"Example Auth\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var example = Okta.Auth.GetServer.Invoke(new()\n    {\n        Name = \"Example Auth\",\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta/auth\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := auth.LookupServer(ctx, \u0026auth.LookupServerArgs{\n\t\t\tName: \"Example Auth\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.auth.AuthFunctions;\nimport com.pulumi.okta.auth.inputs.GetServerArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        final var example = AuthFunctions.getServer(GetServerArgs.builder()\n            .name(\"Example Auth\")\n            .build());\n\n    }\n}\n```\n```yaml\nvariables:\n  example:\n    fn::invoke:\n      function: okta:auth:getServer\n      arguments:\n        name: Example Auth\n```\n\u003c!--End PulumiCodeChooser --\u003e\n","inputs":{"description":"A collection of arguments for invoking getServer.\n","properties":{"name":{"type":"string","description":"The name of the auth server to retrieve.\n"}},"type":"object","required":["name"]},"outputs":{"description":"A collection of values returned by getServer.\n","properties":{"audiences":{"description":"Description of Authorization server.\n","items":{"type":"string"},"type":"array"},"credentialsLastRotated":{"description":"Last time credentials were rotated.\n","type":"string"},"credentialsNextRotation":{"description":"Next time credentials will be rotated\n","type":"string"},"credentialsRotationMode":{"description":"Mode of credential rotation, auto or manual.\n","type":"string"},"description":{"description":"Description of Authorization server.\n","type":"string"},"id":{"description":"The provider-assigned unique ID for this managed resource.","type":"string"},"issuer":{"description":"The complete URL of the authorization server. This becomes the \u003cspan pulumi-lang-nodejs=\"`iss`\" pulumi-lang-dotnet=\"`Iss`\" pulumi-lang-go=\"`iss`\" pulumi-lang-python=\"`iss`\" pulumi-lang-yaml=\"`iss`\" pulumi-lang-java=\"`iss`\"\u003e`iss`\u003c/span\u003e claim in an access token.\n","type":"string"},"issuerMode":{"description":"Can be set to `CUSTOM_URL` or `ORG_URL`\n","type":"string"},"kid":{"description":"Auth server key id.\n","type":"string"},"name":{"description":"The name of the auth server to retrieve.\n","type":"string"},"status":{"description":"The activation status of the authorization server.\n","type":"string"}},"required":["audiences","credentialsLastRotated","credentialsNextRotation","credentialsRotationMode","description","issuer","issuerMode","kid","name","status","id"],"type":"object"}},"okta:auth/getServerClients:getServerClients":{"description":"Get OAuth 2.0 refresh token information for an authorization server client from Okta.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst example = okta.auth.getServerClients({\n    id: \"oar123456abcdefghijklm\",\n    authServerId: \"aus123456abcdefghijklm\",\n    clientId: \"0oa123456abcdefghijklm\",\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\nexample = okta.auth.get_server_clients(id=\"oar123456abcdefghijklm\",\n    auth_server_id=\"aus123456abcdefghijklm\",\n    client_id=\"0oa123456abcdefghijklm\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var example = Okta.Auth.GetServerClients.Invoke(new()\n    {\n        Id = \"oar123456abcdefghijklm\",\n        AuthServerId = \"aus123456abcdefghijklm\",\n        ClientId = \"0oa123456abcdefghijklm\",\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta/auth\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := auth.GetServerClients(ctx, \u0026auth.GetServerClientsArgs{\n\t\t\tId:           \"oar123456abcdefghijklm\",\n\t\t\tAuthServerId: \"aus123456abcdefghijklm\",\n\t\t\tClientId:     \"0oa123456abcdefghijklm\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.auth.AuthFunctions;\nimport com.pulumi.okta.auth.inputs.GetServerClientsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        final var example = AuthFunctions.getServerClients(GetServerClientsArgs.builder()\n            .id(\"oar123456abcdefghijklm\")\n            .authServerId(\"aus123456abcdefghijklm\")\n            .clientId(\"0oa123456abcdefghijklm\")\n            .build());\n\n    }\n}\n```\n```yaml\nvariables:\n  example:\n    fn::invoke:\n      function: okta:auth:getServerClients\n      arguments:\n        id: oar123456abcdefghijklm\n        authServerId: aus123456abcdefghijklm\n        clientId: 0oa123456abcdefghijklm\n```\n\u003c!--End PulumiCodeChooser --\u003e\n","inputs":{"description":"A collection of arguments for invoking getServerClients.\n","properties":{"authServerId":{"type":"string","description":"The ID of the authorization server.\n"},"clientId":{"type":"string","description":"The client ID of the app.\n"},"id":{"type":"string","description":"The ID of the token.\n"}},"type":"object","required":["authServerId","clientId","id"]},"outputs":{"description":"A collection of values returned by getServerClients.\n","properties":{"authServerId":{"description":"The ID of the authorization server.\n","type":"string"},"clientId":{"description":"The client ID of the app.\n","type":"string"},"created":{"description":"Timestamp when the object was created.\n","type":"string"},"expiresAt":{"description":"Expiration time of the OAuth 2.0 Token.\n","type":"string"},"id":{"description":"The ID of the token.\n","type":"string"},"issuer":{"description":"The complete URL of the authorization server that issued the Token\n","type":"string"},"lastUpdated":{"description":"Timestamp when the object was last updated.\n","type":"string"},"scopes":{"description":"The scope names attached to the Token.\n","items":{"type":"string"},"type":"array"},"status":{"description":"The status URI of the OAuth 2.0 application.\n","type":"string"},"userId":{"description":"The ID of the user associated with the Token.\n","type":"string"}},"required":["authServerId","clientId","created","expiresAt","id","issuer","lastUpdated","scopes","status","userId"],"type":"object"}},"okta:auth/getServerKeys:getServerKeys":{"description":"Get a specific authorization server credential key from Okta. Authorization server keys are JSON Web Keys (JWK) used for signing tokens issued by the authorization server.\n\nThis data source allows you to retrieve information about a specific key used by an authorization server for token signing operations.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst example = okta.auth.getServerKeys({\n    authServerId: \"aus123456789abcdefgh\",\n    keyId: \"abcdefghijk0123456789\",\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\nexample = okta.auth.get_server_keys(auth_server_id=\"aus123456789abcdefgh\",\n    key_id=\"abcdefghijk0123456789\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var example = Okta.Auth.GetServerKeys.Invoke(new()\n    {\n        AuthServerId = \"aus123456789abcdefgh\",\n        KeyId = \"abcdefghijk0123456789\",\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta/auth\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := auth.GetServerKeys(ctx, \u0026auth.GetServerKeysArgs{\n\t\t\tAuthServerId: \"aus123456789abcdefgh\",\n\t\t\tKeyId:        \"abcdefghijk0123456789\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.auth.AuthFunctions;\nimport com.pulumi.okta.auth.inputs.GetServerKeysArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        final var example = AuthFunctions.getServerKeys(GetServerKeysArgs.builder()\n            .authServerId(\"aus123456789abcdefgh\")\n            .keyId(\"abcdefghijk0123456789\")\n            .build());\n\n    }\n}\n```\n```yaml\nvariables:\n  example:\n    fn::invoke:\n      function: okta:auth:getServerKeys\n      arguments:\n        authServerId: aus123456789abcdefgh\n        keyId: abcdefghijk0123456789\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Notes\n\n- To find available key IDs for an authorization server, you can use the Okta Admin Console or make a direct API call to `/api/v1/authorizationServers/{authServerId}/credentials/keys`\n- The key ID (\u003cspan pulumi-lang-nodejs=\"`kid`\" pulumi-lang-dotnet=\"`Kid`\" pulumi-lang-go=\"`kid`\" pulumi-lang-python=\"`kid`\" pulumi-lang-yaml=\"`kid`\" pulumi-lang-java=\"`kid`\"\u003e`kid`\u003c/span\u003e) is automatically generated by Okta and is unique within the authorization server\n- This data source is useful for retrieving key information for verification purposes or to reference in other configurations\n","inputs":{"description":"A collection of arguments for invoking getServerKeys.\n","properties":{"authServerId":{"type":"string","description":"The ID of the authorization server.\n"},"keyId":{"type":"string","description":"The ID of the certificate key.\n"}},"type":"object","required":["authServerId","keyId"]},"outputs":{"description":"A collection of values returned by getServerKeys.\n","properties":{"alg":{"description":"The algorithm used with the Key. Typically \"RS256\" for RSA keys.\n","type":"string"},"authServerId":{"description":"The ID of the authorization server.\n","type":"string"},"e":{"description":"RSA key value (public exponent) for Key binding. Typically \"AQAB\".\n","type":"string"},"id":{"type":"string"},"keyId":{"description":"The ID of the certificate key.\n","type":"string"},"kid":{"description":"Unique identifier for the key (Key ID).\n","type":"string"},"n":{"description":"RSA modulus value that is used by both the public and private keys and provides a link between them.\n","type":"string"},"status":{"description":"The status of the key. An ACTIVE key is used to sign tokens issued by the authorization server. Supported values: `ACTIVE`, `NEXT`, or `EXPIRED`. A NEXT key is the next key that the authorization server uses to sign tokens when keys are rotated. The NEXT key might not be listed if it hasn't been generated. An EXPIRED key is the previous key that the authorization server used to sign tokens. The EXPIRED key might not be listed if no key has expired or the expired key was deleted.\n","type":"string"},"use":{"description":"Acceptable use of the key. Typically \"sig\" for signature operations.\n","type":"string"}},"required":["alg","authServerId","e","id","keyId","kid","n","status","use"],"type":"object"}},"okta:auth/getServerPolicy:getServerPolicy":{"description":"Get an authorization server policy from Okta.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst example = okta.auth.getServerPolicy({\n    authServerId: \"\u003cauth server id\u003e\",\n    name: \"staff\",\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\nexample = okta.auth.get_server_policy(auth_server_id=\"\u003cauth server id\u003e\",\n    name=\"staff\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var example = Okta.Auth.GetServerPolicy.Invoke(new()\n    {\n        AuthServerId = \"\u003cauth server id\u003e\",\n        Name = \"staff\",\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta/auth\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := auth.LookupServerPolicy(ctx, \u0026auth.LookupServerPolicyArgs{\n\t\t\tAuthServerId: \"\u003cauth server id\u003e\",\n\t\t\tName:         \"staff\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.auth.AuthFunctions;\nimport com.pulumi.okta.auth.inputs.GetServerPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        final var example = AuthFunctions.getServerPolicy(GetServerPolicyArgs.builder()\n            .authServerId(\"\u003cauth server id\u003e\")\n            .name(\"staff\")\n            .build());\n\n    }\n}\n```\n```yaml\nvariables:\n  example:\n    fn::invoke:\n      function: okta:auth:getServerPolicy\n      arguments:\n        authServerId: \u003cauth server id\u003e\n        name: staff\n```\n\u003c!--End PulumiCodeChooser --\u003e\n","inputs":{"description":"A collection of arguments for invoking getServerPolicy.\n","properties":{"authServerId":{"type":"string","description":"Auth server ID\n"},"name":{"type":"string","description":"Name of the policy\n"}},"type":"object","required":["authServerId","name"]},"outputs":{"description":"A collection of values returned by getServerPolicy.\n","properties":{"assignedClients":{"description":"List of clients this policy is assigned to. `[ALL_CLIENTS]` is a special value when policy is assigned to all clients.\n","items":{"type":"string"},"type":"array"},"authServerId":{"description":"Auth server ID\n","type":"string"},"description":{"description":"Description of authorization server policy.\n","type":"string"},"id":{"description":"The provider-assigned unique ID for this managed resource.","type":"string"},"name":{"description":"Name of the policy\n","type":"string"},"priority":{"description":"Priority of the auth server policy\n","type":"integer"}},"required":["assignedClients","authServerId","description","name","priority","id"],"type":"object"}},"okta:auth/getServerScopes:getServerScopes":{"description":"Get a list of authorization server scopes from Okta.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst test = okta.auth.getServerScopes({\n    authServerId: \"default\",\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\ntest = okta.auth.get_server_scopes(auth_server_id=\"default\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var test = Okta.Auth.GetServerScopes.Invoke(new()\n    {\n        AuthServerId = \"default\",\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta/auth\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := auth.GetServerScopes(ctx, \u0026auth.GetServerScopesArgs{\n\t\t\tAuthServerId: \"default\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.auth.AuthFunctions;\nimport com.pulumi.okta.auth.inputs.GetServerScopesArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        final var test = AuthFunctions.getServerScopes(GetServerScopesArgs.builder()\n            .authServerId(\"default\")\n            .build());\n\n    }\n}\n```\n```yaml\nvariables:\n  test:\n    fn::invoke:\n      function: okta:auth:getServerScopes\n      arguments:\n        authServerId: default\n```\n\u003c!--End PulumiCodeChooser --\u003e\n","inputs":{"description":"A collection of arguments for invoking getServerScopes.\n","properties":{"authServerId":{"type":"string","description":"Auth server ID\n"}},"type":"object","required":["authServerId"]},"outputs":{"description":"A collection of values returned by getServerScopes.\n","properties":{"authServerId":{"description":"Auth server ID\n","type":"string"},"id":{"description":"The provider-assigned unique ID for this managed resource.","type":"string"},"scopes":{"description":"Collection of authorization server scopes retrieved from Okta with the following properties.\n","items":{"$ref":"#/types/okta:auth/getServerScopesScope:getServerScopesScope"},"type":"array"}},"required":["authServerId","scopes","id"],"type":"object"}},"okta:group/getEveryoneGroup:getEveryoneGroup":{"description":"Use this data source to retrieve the `Everyone` group from Okta. The \nsame can be achieved with the \u003cspan pulumi-lang-nodejs=\"`okta.group.Group`\" pulumi-lang-dotnet=\"`okta.group.Group`\" pulumi-lang-go=\"`group.Group`\" pulumi-lang-python=\"`group.Group`\" pulumi-lang-yaml=\"`okta.group.Group`\" pulumi-lang-java=\"`okta.group.Group`\"\u003e`okta.group.Group`\u003c/span\u003e data\nsource with `name = \"Everyone\"`. This is simply a shortcut.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst example = okta.group.getEveryoneGroup({});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\nexample = okta.group.get_everyone_group()\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var example = Okta.Group.GetEveryoneGroup.Invoke();\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta/group\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := group.GetEveryoneGroup(ctx, \u0026group.GetEveryoneGroupArgs{}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.group.GroupFunctions;\nimport com.pulumi.okta.group.inputs.GetEveryoneGroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        final var example = GroupFunctions.getEveryoneGroup(GetEveryoneGroupArgs.builder()\n            .build());\n\n    }\n}\n```\n```yaml\nvariables:\n  example:\n    fn::invoke:\n      function: okta:group:getEveryoneGroup\n      arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n","inputs":{"description":"A collection of arguments for invoking getEveryoneGroup.\n","properties":{"includeUsers":{"type":"boolean","description":"Fetch group users, having default off cuts down on API calls.\n"}},"type":"object"},"outputs":{"description":"A collection of values returned by getEveryoneGroup.\n","properties":{"description":{"description":"Description of group.\n","type":"string"},"id":{"description":"The provider-assigned unique ID for this managed resource.","type":"string"},"includeUsers":{"description":"Fetch group users, having default off cuts down on API calls.\n","type":"boolean"}},"required":["description","id"],"type":"object"}},"okta:group/getGroup:getGroup":{"description":"Get a group from Okta.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst example = okta.group.getGroup({\n    name: \"Example App\",\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\nexample = okta.group.get_group(name=\"Example App\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var example = Okta.Group.GetGroup.Invoke(new()\n    {\n        Name = \"Example App\",\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta/group\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := group.LookupGroup(ctx, \u0026group.LookupGroupArgs{\n\t\t\tName: pulumi.StringRef(\"Example App\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.group.GroupFunctions;\nimport com.pulumi.okta.group.inputs.GetGroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        final var example = GroupFunctions.getGroup(GetGroupArgs.builder()\n            .name(\"Example App\")\n            .build());\n\n    }\n}\n```\n```yaml\nvariables:\n  example:\n    fn::invoke:\n      function: okta:group:getGroup\n      arguments:\n        name: Example App\n```\n\u003c!--End PulumiCodeChooser --\u003e\n","inputs":{"description":"A collection of arguments for invoking getGroup.\n","properties":{"delayReadSeconds":{"type":"string","description":"Force delay of the group read by N seconds. Useful when eventual consistency of group information needs to be allowed for; for instance, when group rules are known to have been applied.\n"},"id":{"type":"string","description":"ID of group.\n"},"includeUsers":{"type":"boolean","description":"Fetch group users, having default off cuts down on API calls.\n"},"name":{"type":"string","description":"Name of group.\n"},"type":{"type":"string"}},"type":"object"},"outputs":{"description":"A collection of values returned by getGroup.\n","properties":{"delayReadSeconds":{"description":"Force delay of the group read by N seconds. Useful when eventual consistency of group information needs to be allowed for; for instance, when group rules are known to have been applied.\n","type":"string"},"description":{"description":"Description of group.\n","type":"string"},"id":{"description":"ID of group.\n","type":"string"},"includeUsers":{"description":"Fetch group users, having default off cuts down on API calls.\n","type":"boolean"},"name":{"description":"Name of group.\n","type":"string"},"type":{"type":"string"},"users":{"description":"Users associated with the group. This can also be done per user.\n","items":{"type":"string"},"type":"array"}},"required":["description","id","name","users"],"type":"object"}},"okta:group/getRule:getRule":{"description":"Get a group rule from Okta.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst test = okta.group.getRule({\n    id: example.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\ntest = okta.group.get_rule(id=example[\"id\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var test = Okta.Group.GetRule.Invoke(new()\n    {\n        Id = example.Id,\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta/group\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := group.LookupRule(ctx, \u0026group.LookupRuleArgs{\n\t\t\tId: pulumi.StringRef(example.Id),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.group.GroupFunctions;\nimport com.pulumi.okta.group.inputs.GetRuleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        final var test = GroupFunctions.getRule(GetRuleArgs.builder()\n            .id(example.id())\n            .build());\n\n    }\n}\n```\n```yaml\nvariables:\n  test:\n    fn::invoke:\n      function: okta:group:getRule\n      arguments:\n        id: ${example.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n","inputs":{"description":"A collection of arguments for invoking getRule.\n","properties":{"id":{"type":"string","description":"The ID of the Group Rule.\n"},"name":{"type":"string","description":"The name of the Group Rule.\n"},"status":{"type":"string","description":"Default to `ACTIVE`\n"}},"type":"object"},"outputs":{"description":"A collection of values returned by getRule.\n","properties":{"expressionType":{"description":"The expression type to use to invoke the rule.\n","type":"string"},"expressionValue":{"description":"The expression value.\n","type":"string"},"groupAssignments":{"description":"The list of group ids to assign the users to.\n","items":{"type":"string"},"type":"array"},"id":{"description":"The ID of the Group Rule.\n","type":"string"},"name":{"description":"The name of the Group Rule.\n","type":"string"},"status":{"description":"Default to `ACTIVE`\n","type":"string"},"usersExcludeds":{"description":"The list of user IDs that would be excluded when rules are processed.\n","items":{"type":"string"},"type":"array"}},"required":["expressionType","expressionValue","groupAssignments","usersExcludeds"],"type":"object"}},"okta:idp/getMetadataSaml:getMetadataSaml":{"description":"Get SAML IdP metadata from Okta.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst example = okta.idp.getMetadataSaml({\n    idpId: \"\u003cidp id\u003e\",\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\nexample = okta.idp.get_metadata_saml(idp_id=\"\u003cidp id\u003e\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var example = Okta.Idp.GetMetadataSaml.Invoke(new()\n    {\n        IdpId = \"\u003cidp id\u003e\",\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta/idp\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := idp.GetMetadataSaml(ctx, \u0026idp.GetMetadataSamlArgs{\n\t\t\tIdpId: pulumi.StringRef(\"\u003cidp id\u003e\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.idp.IdpFunctions;\nimport com.pulumi.okta.idp.inputs.GetMetadataSamlArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        final var example = IdpFunctions.getMetadataSaml(GetMetadataSamlArgs.builder()\n            .idpId(\"\u003cidp id\u003e\")\n            .build());\n\n    }\n}\n```\n```yaml\nvariables:\n  example:\n    fn::invoke:\n      function: okta:idp:getMetadataSaml\n      arguments:\n        idpId: \u003cidp id\u003e\n```\n\u003c!--End PulumiCodeChooser --\u003e\n","inputs":{"description":"A collection of arguments for invoking getMetadataSaml.\n","properties":{"idpId":{"type":"string","description":"The id of the IdP to retrieve metadata for.\n"}},"type":"object"},"outputs":{"description":"A collection of values returned by getMetadataSaml.\n","properties":{"assertionsSigned":{"description":"Whether assertions are signed.\n","type":"boolean"},"authnRequestSigned":{"description":"Whether authn requests are signed.\n","type":"boolean"},"encryptionCertificate":{"description":"SAML request encryption certificate.\n","type":"string"},"entityId":{"description":"Entity URL for instance https://www.okta.com/saml2/service-provider/sposcfdmlybtwkdcgtuf\n","type":"string"},"httpPostBinding":{"description":"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Post location from the SAML metadata.\n","type":"string"},"httpRedirectBinding":{"description":"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect location from the SAML metadata.\n","type":"string"},"id":{"description":"The provider-assigned unique ID for this managed resource.","type":"string"},"idpId":{"description":"The id of the IdP to retrieve metadata for.\n","type":"string"},"metadata":{"description":"Raw IdP metadata.\n","type":"string"},"signingCertificate":{"description":"SAML request signing certificate.\n","type":"string"}},"required":["assertionsSigned","authnRequestSigned","encryptionCertificate","entityId","httpPostBinding","httpRedirectBinding","metadata","signingCertificate","id"],"type":"object"}},"okta:idp/getOidc:getOidc":{"description":"Get a OIDC IdP from Okta.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst example = okta.idp.getOidc({\n    name: \"Example Provider\",\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\nexample = okta.idp.get_oidc(name=\"Example Provider\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var example = Okta.Idp.GetOidc.Invoke(new()\n    {\n        Name = \"Example Provider\",\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta/idp\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := idp.LookupOidc(ctx, \u0026idp.LookupOidcArgs{\n\t\t\tName: pulumi.StringRef(\"Example Provider\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.idp.IdpFunctions;\nimport com.pulumi.okta.idp.inputs.GetOidcArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        final var example = IdpFunctions.getOidc(GetOidcArgs.builder()\n            .name(\"Example Provider\")\n            .build());\n\n    }\n}\n```\n```yaml\nvariables:\n  example:\n    fn::invoke:\n      function: okta:idp:getOidc\n      arguments:\n        name: Example Provider\n```\n\u003c!--End PulumiCodeChooser --\u003e\n","inputs":{"description":"A collection of arguments for invoking getOidc.\n","properties":{"id":{"type":"string","description":"Id of idp.\n"},"name":{"type":"string","description":"Name of the idp.\n"}},"type":"object"},"outputs":{"description":"A collection of values returned by getOidc.\n","properties":{"authorizationBinding":{"description":"The method of making an authorization request.\n","type":"string"},"authorizationUrl":{"description":"IdP Authorization Server (AS) endpoint to request consent from the user and obtain an authorization code grant.\n","type":"string"},"clientId":{"description":"Unique identifier issued by AS for the Okta IdP instance.\n","type":"string"},"clientSecret":{"description":"Client secret issued by AS for the Okta IdP instance.\n","secret":true,"type":"string"},"id":{"description":"Id of idp.\n","type":"string"},"issuerMode":{"description":"Indicates whether Okta uses the original Okta org domain URL, a custom domain URL, or dynamic.\n","type":"string"},"issuerUrl":{"description":"URI that identifies the issuer.\n","type":"string"},"jwksBinding":{"description":"The method of making a request for the OIDC JWKS.\n","type":"string"},"jwksUrl":{"description":"Endpoint where the keys signer publishes its keys in a JWK Set.\n","type":"string"},"maxClockSkew":{"description":"Maximum allowable clock-skew when processing messages from the IdP.\n","type":"integer"},"name":{"description":"Name of the idp.\n","type":"string"},"protocolType":{"description":"The type of protocol to use.\n","type":"string"},"scopes":{"description":"The scopes of the IdP.\n","items":{"type":"string"},"type":"array"},"tokenBinding":{"description":"The method of making a token request.\n","type":"string"},"tokenUrl":{"description":"IdP Authorization Server (AS) endpoint to exchange the authorization code grant for an access token.\n","type":"string"},"type":{"description":"Type of idp.\n","type":"string"},"userInfoBinding":{"description":"The method of making a user info request.\n","type":"string"},"userInfoUrl":{"description":"Protected resource endpoint that returns claims about the authenticated user.\n","type":"string"}},"required":["authorizationBinding","authorizationUrl","clientId","clientSecret","issuerMode","issuerUrl","jwksBinding","jwksUrl","maxClockSkew","protocolType","scopes","tokenBinding","tokenUrl","type","userInfoBinding","userInfoUrl"],"type":"object"}},"okta:idp/getSaml:getSaml":{"description":"Get a SAML IdP from Okta.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst example = okta.idp.getSaml({\n    name: \"Example App\",\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\nexample = okta.idp.get_saml(name=\"Example App\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var example = Okta.Idp.GetSaml.Invoke(new()\n    {\n        Name = \"Example App\",\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta/idp\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := idp.LookupSaml(ctx, \u0026idp.LookupSamlArgs{\n\t\t\tName: pulumi.StringRef(\"Example App\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.idp.IdpFunctions;\nimport com.pulumi.okta.idp.inputs.GetSamlArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        final var example = IdpFunctions.getSaml(GetSamlArgs.builder()\n            .name(\"Example App\")\n            .build());\n\n    }\n}\n```\n```yaml\nvariables:\n  example:\n    fn::invoke:\n      function: okta:idp:getSaml\n      arguments:\n        name: Example App\n```\n\u003c!--End PulumiCodeChooser --\u003e\n","inputs":{"description":"A collection of arguments for invoking getSaml.\n","properties":{"id":{"type":"string","description":"Id of idp.\n"},"name":{"type":"string","description":"Name of the idp.\n"}},"type":"object"},"outputs":{"description":"A collection of values returned by getSaml.\n","properties":{"acsBinding":{"description":"ACS binding\n","type":"string"},"acsType":{"description":"Determines whether to publish an instance-specific (trust) or organization (shared) ACS endpoint in the SAML metadata.\n","type":"string"},"audience":{"description":"URI that identifies the target Okta IdP instance (SP)\n","type":"string"},"id":{"description":"Id of idp.\n","type":"string"},"issuer":{"description":"URI that identifies the issuer (IdP).\n","type":"string"},"issuerMode":{"description":"Indicates whether Okta uses the original Okta org domain URL, or a custom domain URL in the request to the IdP.\n","type":"string"},"kid":{"description":"Key ID reference to the IdP's X.509 signature certificate.\n","type":"string"},"name":{"description":"Name of the idp.\n","type":"string"},"ssoBinding":{"description":"Single sign-on binding.\n","type":"string"},"ssoDestination":{"description":"SSO request binding, HTTP-POST or HTTP-REDIRECT.\n","type":"string"},"ssoUrl":{"description":"Single sign-on url.\n","type":"string"},"subjectFilter":{"description":"Regular expression pattern used to filter untrusted IdP usernames.\n","type":"string"},"subjectFormats":{"description":"Expression to generate or transform a unique username for the IdP user.\n","items":{"type":"string"},"type":"array"},"type":{"description":"Type of idp.\n","type":"string"}},"required":["acsBinding","acsType","audience","issuer","issuerMode","kid","ssoBinding","ssoDestination","ssoUrl","subjectFilter","subjectFormats","type"],"type":"object"}},"okta:idp/getSocial:getSocial":{"description":"Get a social IdP from Okta.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst example = okta.idp.getSocial({\n    name: \"My Facebook IdP\",\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\nexample = okta.idp.get_social(name=\"My Facebook IdP\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var example = Okta.Idp.GetSocial.Invoke(new()\n    {\n        Name = \"My Facebook IdP\",\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta/idp\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := idp.LookupSocial(ctx, \u0026idp.LookupSocialArgs{\n\t\t\tName: pulumi.StringRef(\"My Facebook IdP\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.idp.IdpFunctions;\nimport com.pulumi.okta.idp.inputs.GetSocialArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        final var example = IdpFunctions.getSocial(GetSocialArgs.builder()\n            .name(\"My Facebook IdP\")\n            .build());\n\n    }\n}\n```\n```yaml\nvariables:\n  example:\n    fn::invoke:\n      function: okta:idp:getSocial\n      arguments:\n        name: My Facebook IdP\n```\n\u003c!--End PulumiCodeChooser --\u003e\n","inputs":{"description":"A collection of arguments for invoking getSocial.\n","properties":{"id":{"type":"string","description":"The id of the social idp to retrieve, conflicts with \u003cspan pulumi-lang-nodejs=\"`name`\" pulumi-lang-dotnet=\"`Name`\" pulumi-lang-go=\"`name`\" pulumi-lang-python=\"`name`\" pulumi-lang-yaml=\"`name`\" pulumi-lang-java=\"`name`\"\u003e`name`\u003c/span\u003e.\n"},"name":{"type":"string","description":"The name of the social idp to retrieve, conflicts with \u003cspan pulumi-lang-nodejs=\"`id`\" pulumi-lang-dotnet=\"`Id`\" pulumi-lang-go=\"`id`\" pulumi-lang-python=\"`id`\" pulumi-lang-yaml=\"`id`\" pulumi-lang-java=\"`id`\"\u003e`id`\u003c/span\u003e.\n"}},"type":"object"},"outputs":{"description":"A collection of values returned by getSocial.\n","properties":{"accountLinkAction":{"description":"Specifies the account linking action for an IdP user.\n","type":"string"},"accountLinkGroupIncludes":{"description":"Group memberships to determine link candidates.\n","items":{"type":"string"},"type":"array"},"authorizationBinding":{"description":"The method of making an authorization request.\n","type":"string"},"authorizationUrl":{"description":"IdP Authorization Server (AS) endpoint to request consent from the user and obtain an authorization code grant.\n","type":"string"},"clientId":{"description":"Unique identifier issued by AS for the Okta IdP instance.\n","type":"string"},"clientSecret":{"description":"Client secret issued by AS for the Okta IdP instance.\n","secret":true,"type":"string"},"deprovisionedAction":{"description":"Action for a previously deprovisioned IdP user during authentication.\n","type":"string"},"groupsAction":{"description":"Provisioning action for IdP user's group memberships.\n","type":"string"},"groupsAssignments":{"description":"List of Okta Group IDs.\n","items":{"type":"string"},"type":"array"},"groupsAttribute":{"description":"IdP user profile attribute name for an array value that contains group memberships.\n","type":"string"},"groupsFilters":{"description":"Whitelist of Okta Group identifiers.\n","items":{"type":"string"},"type":"array"},"id":{"description":"The id of the social idp to retrieve, conflicts with \u003cspan pulumi-lang-nodejs=\"`name`\" pulumi-lang-dotnet=\"`Name`\" pulumi-lang-go=\"`name`\" pulumi-lang-python=\"`name`\" pulumi-lang-yaml=\"`name`\" pulumi-lang-java=\"`name`\"\u003e`name`\u003c/span\u003e.\n","type":"string"},"issuerMode":{"description":"Indicates whether Okta uses the original Okta org domain URL, or a custom domain URL.\n","type":"string"},"maxClockSkew":{"description":"Maximum allowable clock-skew when processing messages from the IdP.\n","type":"integer"},"name":{"description":"The name of the social idp to retrieve, conflicts with \u003cspan pulumi-lang-nodejs=\"`id`\" pulumi-lang-dotnet=\"`Id`\" pulumi-lang-go=\"`id`\" pulumi-lang-python=\"`id`\" pulumi-lang-yaml=\"`id`\" pulumi-lang-java=\"`id`\"\u003e`id`\u003c/span\u003e.\n","type":"string"},"profileMaster":{"description":"Determines if the IdP should act as a source of truth for user profile attributes.\n","type":"boolean"},"protocolType":{"description":"The type of protocol to use.\n","type":"string"},"provisioningAction":{"description":"Provisioning action for an IdP user during authentication.\n","type":"string"},"scopes":{"description":"The scopes of the IdP.\n","items":{"type":"string"},"type":"array"},"status":{"description":"Status of the IdP.\n","type":"string"},"subjectMatchAttribute":{"description":"Okta user profile attribute for matching transformed IdP username.\n","type":"string"},"subjectMatchType":{"description":"Determines the Okta user profile attribute match conditions for account linking and authentication of the transformed IdP username.\n","type":"string"},"suspendedAction":{"description":"Action for a previously suspended IdP user during authentication.\n","type":"string"},"tokenBinding":{"description":"The method of making a token request.\n","type":"string"},"tokenUrl":{"description":"IdP Authorization Server (AS) endpoint to exchange the authorization code grant for an access token.\n","type":"string"},"type":{"description":"The type of Social IdP. See API docs [Identity Provider Type](https://developer.okta.com/docs/reference/api/idps/#identity-provider-type)\n","type":"string"},"usernameTemplate":{"description":"Okta EL Expression to generate or transform a unique username for the IdP user.\n","type":"string"}},"required":["accountLinkAction","accountLinkGroupIncludes","authorizationBinding","authorizationUrl","clientId","clientSecret","deprovisionedAction","groupsAction","groupsAssignments","groupsAttribute","groupsFilters","issuerMode","maxClockSkew","profileMaster","protocolType","provisioningAction","scopes","status","subjectMatchAttribute","subjectMatchType","suspendedAction","tokenBinding","tokenUrl","type","usernameTemplate"],"type":"object"}},"okta:index/getAgentPoolUpdate:getAgentPoolUpdate":{"description":"Retrieves an Okta Agent Pool Update. Agent pool updates allow you to schedule and manage updates for agent pools.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst example = okta.getAgentPoolUpdate({\n    id: \"\u003cupdate_id\u003e\",\n    poolId: \"\u003cpool_id\u003e\",\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\nexample = okta.get_agent_pool_update(id=\"\u003cupdate_id\u003e\",\n    pool_id=\"\u003cpool_id\u003e\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var example = Okta.GetAgentPoolUpdate.Invoke(new()\n    {\n        Id = \"\u003cupdate_id\u003e\",\n        PoolId = \"\u003cpool_id\u003e\",\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := okta.LookupAgentPoolUpdate(ctx, \u0026okta.LookupAgentPoolUpdateArgs{\n\t\t\tId:     \"\u003cupdate_id\u003e\",\n\t\t\tPoolId: \"\u003cpool_id\u003e\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.OktaFunctions;\nimport com.pulumi.okta.inputs.GetAgentPoolUpdateArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        final var example = OktaFunctions.getAgentPoolUpdate(GetAgentPoolUpdateArgs.builder()\n            .id(\"\u003cupdate_id\u003e\")\n            .poolId(\"\u003cpool_id\u003e\")\n            .build());\n\n    }\n}\n```\n```yaml\nvariables:\n  example:\n    fn::invoke:\n      function: okta:getAgentPoolUpdate\n      arguments:\n        id: \u003cupdate_id\u003e\n        poolId: \u003cpool_id\u003e\n```\n\u003c!--End PulumiCodeChooser --\u003e\n","inputs":{"description":"A collection of arguments for invoking getAgentPoolUpdate.\n","properties":{"agents":{"type":"array","items":{"$ref":"#/types/okta:index/getAgentPoolUpdateAgent:getAgentPoolUpdateAgent"},"description":"The agents associated with the agent pool update.\n"},"id":{"type":"string","description":"The unique identifier of the agent pool update.\n"},"poolId":{"type":"string","description":"The unique identifier of the agent pool.\n"},"schedule":{"$ref":"#/types/okta:index/getAgentPoolUpdateSchedule:getAgentPoolUpdateSchedule","description":"The schedule configuration for the agent pool update.\n"}},"type":"object","required":["id","poolId"]},"outputs":{"description":"A collection of values returned by getAgentPoolUpdate.\n","properties":{"agentType":{"description":"Agent types that are being monitored (e.g. AD, LDAP, IWA, RADIUS, MFA, OPP, RUM, Radius).\n","type":"string"},"agents":{"description":"The agents associated with the agent pool update.\n","items":{"$ref":"#/types/okta:index/getAgentPoolUpdateAgent:getAgentPoolUpdateAgent"},"type":"array"},"enabled":{"description":"Indicates if auto-update is enabled for the agent pool.\n","type":"boolean"},"id":{"description":"The unique identifier of the agent pool update.\n","type":"string"},"name":{"description":"The name of the agent pool update.\n","type":"string"},"notifyAdmin":{"description":"Indicates if the admin is notified about the update.\n","type":"boolean"},"poolId":{"description":"The unique identifier of the agent pool.\n","type":"string"},"reason":{"description":"Reason for the update.\n","type":"string"},"schedule":{"$ref":"#/types/okta:index/getAgentPoolUpdateSchedule:getAgentPoolUpdateSchedule","description":"The schedule configuration for the agent pool update.\n"},"sortOrder":{"description":"Specifies the sort order.\n","type":"integer"},"status":{"description":"Overall state for the auto-update job from the admin perspective (e.g., Cancelled, Failed, InProgress, Paused, Scheduled, Success).\n","type":"string"},"targetVersion":{"description":"The agent version to update to.\n","type":"string"}},"required":["agentType","enabled","id","name","notifyAdmin","poolId","reason","sortOrder","status","targetVersion"],"type":"object"}},"okta:index/getApiServiceIntegration:getApiServiceIntegration":{"description":"Retrieves an API Service Integration instance by id\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst test = okta.getApiServiceIntegration({\n    id: \"\u003capi_service_integration_id\u003e\",\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\ntest = okta.get_api_service_integration(id=\"\u003capi_service_integration_id\u003e\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var test = Okta.GetApiServiceIntegration.Invoke(new()\n    {\n        Id = \"\u003capi_service_integration_id\u003e\",\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := okta.LookupApiServiceIntegration(ctx, \u0026okta.LookupApiServiceIntegrationArgs{\n\t\t\tId: \"\u003capi_service_integration_id\u003e\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.OktaFunctions;\nimport com.pulumi.okta.inputs.GetApiServiceIntegrationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        final var test = OktaFunctions.getApiServiceIntegration(GetApiServiceIntegrationArgs.builder()\n            .id(\"\u003capi_service_integration_id\u003e\")\n            .build());\n\n    }\n}\n```\n```yaml\nvariables:\n  test:\n    fn::invoke:\n      function: okta:getApiServiceIntegration\n      arguments:\n        id: \u003capi_service_integration_id\u003e\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n\n\n## Required\n\n- \u003cspan pulumi-lang-nodejs=\"`id`\" pulumi-lang-dotnet=\"`Id`\" pulumi-lang-go=\"`id`\" pulumi-lang-python=\"`id`\" pulumi-lang-yaml=\"`id`\" pulumi-lang-java=\"`id`\"\u003e`id`\u003c/span\u003e (String) The id of the API Service Integration instance.\n\n### Read-Only\n\n- \u003cspan pulumi-lang-nodejs=\"`configGuideUrl`\" pulumi-lang-dotnet=\"`ConfigGuideUrl`\" pulumi-lang-go=\"`configGuideUrl`\" pulumi-lang-python=\"`config_guide_url`\" pulumi-lang-yaml=\"`configGuideUrl`\" pulumi-lang-java=\"`configGuideUrl`\"\u003e`config_guide_url`\u003c/span\u003e (String) The URL to the API service integration configuration guide.\n- \u003cspan pulumi-lang-nodejs=\"`created`\" pulumi-lang-dotnet=\"`Created`\" pulumi-lang-go=\"`created`\" pulumi-lang-python=\"`created`\" pulumi-lang-yaml=\"`created`\" pulumi-lang-java=\"`created`\"\u003e`created`\u003c/span\u003e (String) The created timestamp of the API Service Integration instance.\n- \u003cspan pulumi-lang-nodejs=\"`createdAt`\" pulumi-lang-dotnet=\"`CreatedAt`\" pulumi-lang-go=\"`createdAt`\" pulumi-lang-python=\"`created_at`\" pulumi-lang-yaml=\"`createdAt`\" pulumi-lang-java=\"`createdAt`\"\u003e`created_at`\u003c/span\u003e (String) Timestamp when the API Service Integration instance was created.\n- \u003cspan pulumi-lang-nodejs=\"`grantedScopes`\" pulumi-lang-dotnet=\"`GrantedScopes`\" pulumi-lang-go=\"`grantedScopes`\" pulumi-lang-python=\"`granted_scopes`\" pulumi-lang-yaml=\"`grantedScopes`\" pulumi-lang-java=\"`grantedScopes`\"\u003e`granted_scopes`\u003c/span\u003e (List of String) The list of Okta management scopes granted to the API Service Integration instance.(see below for nested schema).\n- \u003cspan pulumi-lang-nodejs=\"`name`\" pulumi-lang-dotnet=\"`Name`\" pulumi-lang-go=\"`name`\" pulumi-lang-python=\"`name`\" pulumi-lang-yaml=\"`name`\" pulumi-lang-java=\"`name`\"\u003e`name`\u003c/span\u003e (String) The name of the API service integration that corresponds with the type property. This is the full name of the API service integration listed in the Okta Integration Network (OIN) catalog.\n- \u003cspan pulumi-lang-nodejs=\"`type`\" pulumi-lang-dotnet=\"`Type`\" pulumi-lang-go=\"`type`\" pulumi-lang-python=\"`type`\" pulumi-lang-yaml=\"`type`\" pulumi-lang-java=\"`type`\"\u003e`type`\u003c/span\u003e (String) The type of the API service integration. This string is an underscore-concatenated, lowercased API service integration name. For example, my_api_log_integration.\n","inputs":{"description":"A collection of arguments for invoking getApiServiceIntegration.\n","properties":{"grantedScopes":{"type":"array","items":{"$ref":"#/types/okta:index/getApiServiceIntegrationGrantedScope:getApiServiceIntegrationGrantedScope"}},"id":{"type":"string"}},"type":"object","required":["id"]},"outputs":{"description":"A collection of values returned by getApiServiceIntegration.\n","properties":{"configGuideUrl":{"type":"string"},"created":{"type":"string"},"createdBy":{"type":"string"},"grantedScopes":{"items":{"$ref":"#/types/okta:index/getApiServiceIntegrationGrantedScope:getApiServiceIntegrationGrantedScope"},"type":"array"},"id":{"type":"string"},"name":{"type":"string"},"type":{"type":"string"}},"required":["configGuideUrl","created","createdBy","id","name","type"],"type":"object"}},"okta:index/getApiToken:getApiToken":{"description":"Use this data source to retrieve information about an Okta API token.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst example = okta.getApiToken({\n    id: \"00T1fxzubpq2epw11d38\",\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\nexample = okta.get_api_token(id=\"00T1fxzubpq2epw11d38\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var example = Okta.GetApiToken.Invoke(new()\n    {\n        Id = \"00T1fxzubpq2epw11d38\",\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := okta.LookupApiToken(ctx, \u0026okta.LookupApiTokenArgs{\n\t\t\tId: \"00T1fxzubpq2epw11d38\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.OktaFunctions;\nimport com.pulumi.okta.inputs.GetApiTokenArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        final var example = OktaFunctions.getApiToken(GetApiTokenArgs.builder()\n            .id(\"00T1fxzubpq2epw11d38\")\n            .build());\n\n    }\n}\n```\n```yaml\nvariables:\n  example:\n    fn::invoke:\n      function: okta:getApiToken\n      arguments:\n        id: 00T1fxzubpq2epw11d38\n```\n\u003c!--End PulumiCodeChooser --\u003e\n","inputs":{"description":"A collection of arguments for invoking getApiToken.\n","properties":{"id":{"type":"string","description":"The unique identifier of the API token.\n"},"network":{"$ref":"#/types/okta:index/getApiTokenNetwork:getApiTokenNetwork","description":"The network configuration of the API token.\n"}},"type":"object","required":["id"]},"outputs":{"description":"A collection of values returned by getApiToken.\n","properties":{"clientName":{"description":"The name of the API token client.\n","type":"string"},"created":{"description":"The date and time the API token was created.\n","type":"string"},"id":{"description":"The unique identifier of the API token.\n","type":"string"},"name":{"description":"The name of the API token.\n","type":"string"},"network":{"$ref":"#/types/okta:index/getApiTokenNetwork:getApiTokenNetwork","description":"The network configuration of the API token.\n"},"userId":{"description":"The userId of the user who created the API Token.\n","type":"string"}},"required":["clientName","created","id","name","userId"],"type":"object"}},"okta:index/getAppGroupAssignments:getAppGroupAssignments":{"description":"Get a set of groups assigned to an Okta application.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst test = okta.getAppGroupAssignments({\n    id: testOktaAppOauth.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\ntest = okta.get_app_group_assignments(id=test_okta_app_oauth[\"id\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var test = Okta.GetAppGroupAssignments.Invoke(new()\n    {\n        Id = testOktaAppOauth.Id,\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := okta.LookupAppGroupAssignments(ctx, \u0026okta.LookupAppGroupAssignmentsArgs{\n\t\t\tId: testOktaAppOauth.Id,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.OktaFunctions;\nimport com.pulumi.okta.inputs.GetAppGroupAssignmentsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        final var test = OktaFunctions.getAppGroupAssignments(GetAppGroupAssignmentsArgs.builder()\n            .id(testOktaAppOauth.id())\n            .build());\n\n    }\n}\n```\n```yaml\nvariables:\n  test:\n    fn::invoke:\n      function: okta:getAppGroupAssignments\n      arguments:\n        id: ${testOktaAppOauth.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n","inputs":{"description":"A collection of arguments for invoking getAppGroupAssignments.\n","properties":{"id":{"type":"string","description":"ID of the Okta App being queried for groups\n","willReplaceOnChanges":true}},"type":"object","required":["id"]},"outputs":{"description":"A collection of values returned by getAppGroupAssignments.\n","properties":{"groups":{"description":"List of groups IDs assigned to the app\n","items":{"type":"string"},"type":"array"},"id":{"description":"ID of the Okta App being queried for groups\n","type":"string"}},"required":["groups","id"],"type":"object"}},"okta:index/getAppSignonPolicy:getAppSignonPolicy":{"description":"Get a sign-on policy for the application.\n\n\u003e **WARNING:** This feature is only available as a part of the \nIdentity Engine. Contact support \nfor further information.\n\n\u003e Inside the product a sign-on policy is referenced as an _authentication\npolicy_, in the public API the policy is of type\n[`ACCESS_POLICY`](https://developer.okta.com/docs/reference/api/policy/#policy-object).\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst example = okta.getAppSignonPolicy({\n    appId: \"app_id\",\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\nexample = okta.get_app_signon_policy(app_id=\"app_id\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var example = Okta.GetAppSignonPolicy.Invoke(new()\n    {\n        AppId = \"app_id\",\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := okta.LookupAppSignonPolicy(ctx, \u0026okta.LookupAppSignonPolicyArgs{\n\t\t\tAppId: \"app_id\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.OktaFunctions;\nimport com.pulumi.okta.inputs.GetAppSignonPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        final var example = OktaFunctions.getAppSignonPolicy(GetAppSignonPolicyArgs.builder()\n            .appId(\"app_id\")\n            .build());\n\n    }\n}\n```\n```yaml\nvariables:\n  example:\n    fn::invoke:\n      function: okta:getAppSignonPolicy\n      arguments:\n        appId: app_id\n```\n\u003c!--End PulumiCodeChooser --\u003e\n","inputs":{"description":"A collection of arguments for invoking getAppSignonPolicy.\n","properties":{"appId":{"type":"string","description":"App ID\n"}},"type":"object","required":["appId"]},"outputs":{"description":"A collection of values returned by getAppSignonPolicy.\n","properties":{"appId":{"description":"App ID\n","type":"string"},"id":{"description":"The provider-assigned unique ID for this managed resource.","type":"string"},"name":{"description":"Policy name\n","type":"string"}},"required":["appId","name","id"],"type":"object"}},"okta:index/getAppUserAssignments:getAppUserAssignments":{"description":"Get a set of users assigned to an Okta application.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst test = okta.getAppUserAssignments({\n    id: testOktaAppOauth.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\ntest = okta.get_app_user_assignments(id=test_okta_app_oauth[\"id\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var test = Okta.GetAppUserAssignments.Invoke(new()\n    {\n        Id = testOktaAppOauth.Id,\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := okta.GetAppUserAssignments(ctx, \u0026okta.GetAppUserAssignmentsArgs{\n\t\t\tId: testOktaAppOauth.Id,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.OktaFunctions;\nimport com.pulumi.okta.inputs.GetAppUserAssignmentsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        final var test = OktaFunctions.getAppUserAssignments(GetAppUserAssignmentsArgs.builder()\n            .id(testOktaAppOauth.id())\n            .build());\n\n    }\n}\n```\n```yaml\nvariables:\n  test:\n    fn::invoke:\n      function: okta:getAppUserAssignments\n      arguments:\n        id: ${testOktaAppOauth.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n","inputs":{"description":"A collection of arguments for invoking getAppUserAssignments.\n","properties":{"id":{"type":"string","description":"ID of the Okta App being queried for groups\n","willReplaceOnChanges":true}},"type":"object","required":["id"]},"outputs":{"description":"A collection of values returned by getAppUserAssignments.\n","properties":{"id":{"description":"ID of the Okta App being queried for groups\n","type":"string"},"users":{"description":"List of user IDs assigned to the app\n","items":{"type":"string"},"type":"array"}},"required":["id","users"],"type":"object"}},"okta:index/getApps:getApps":{"inputs":{"description":"A collection of arguments for invoking getApps.\n","properties":{"activeOnly":{"type":"boolean","description":"Search only active applications.\n"},"includeNonDeleted":{"type":"boolean","description":"Specifies whether to include non-active, but not deleted apps in the results.\n"},"label":{"type":"string","description":"Searches for applications whose label or name property matches this value exactly.\n"},"labelPrefix":{"type":"string","description":"Searches for applications whose label or name property begins with this value. **Warning:** This might not work as intended and will be removed in the future release. Use \u003cspan pulumi-lang-nodejs=\"`q`\" pulumi-lang-dotnet=\"`Q`\" pulumi-lang-go=\"`q`\" pulumi-lang-python=\"`q`\" pulumi-lang-yaml=\"`q`\" pulumi-lang-java=\"`q`\"\u003e`q`\u003c/span\u003e instead.\n","deprecationMessage":"Use \u003cspan pulumi-lang-nodejs=\"`q`\" pulumi-lang-dotnet=\"`Q`\" pulumi-lang-go=\"`q`\" pulumi-lang-python=\"`q`\" pulumi-lang-yaml=\"`q`\" pulumi-lang-java=\"`q`\"\u003e`q`\u003c/span\u003e instead. This attribute will be removed in a future version."},"q":{"type":"string","description":"Searches for apps with name or label properties that starts with the \u003cspan pulumi-lang-nodejs=\"`q`\" pulumi-lang-dotnet=\"`Q`\" pulumi-lang-go=\"`q`\" pulumi-lang-python=\"`q`\" pulumi-lang-yaml=\"`q`\" pulumi-lang-java=\"`q`\"\u003e`q`\u003c/span\u003e value.\n"},"useOptimization":{"type":"boolean","description":"Specifies whether to use query optimization. If you specify `useOptimization=true` in the request query, the response contains a subset of app instance properties.\n"}},"type":"object"},"outputs":{"description":"A collection of values returned by getApps.\n","properties":{"activeOnly":{"description":"Search only active applications.\n","type":"boolean"},"apps":{"description":"The list of applications that match the search criteria.\n","items":{"$ref":"#/types/okta:index/getAppsApp:getAppsApp"},"type":"array"},"id":{"description":"The provider-assigned unique ID for this managed resource.","type":"string"},"includeNonDeleted":{"description":"Specifies whether to include non-active, but not deleted apps in the results.\n","type":"boolean"},"label":{"description":"Searches for applications whose label or name property matches this value exactly.\n","type":"string"},"labelPrefix":{"deprecationMessage":"Use \u003cspan pulumi-lang-nodejs=\"`q`\" pulumi-lang-dotnet=\"`Q`\" pulumi-lang-go=\"`q`\" pulumi-lang-python=\"`q`\" pulumi-lang-yaml=\"`q`\" pulumi-lang-java=\"`q`\"\u003e`q`\u003c/span\u003e instead. This attribute will be removed in a future version.","description":"Searches for applications whose label or name property begins with this value. **Warning:** This might not work as intended and will be removed in the future release. Use \u003cspan pulumi-lang-nodejs=\"`q`\" pulumi-lang-dotnet=\"`Q`\" pulumi-lang-go=\"`q`\" pulumi-lang-python=\"`q`\" pulumi-lang-yaml=\"`q`\" pulumi-lang-java=\"`q`\"\u003e`q`\u003c/span\u003e instead.\n","type":"string"},"q":{"description":"Searches for apps with name or label properties that starts with the \u003cspan pulumi-lang-nodejs=\"`q`\" pulumi-lang-dotnet=\"`Q`\" pulumi-lang-go=\"`q`\" pulumi-lang-python=\"`q`\" pulumi-lang-yaml=\"`q`\" pulumi-lang-java=\"`q`\"\u003e`q`\u003c/span\u003e value.\n","type":"string"},"useOptimization":{"description":"Specifies whether to use query optimization. If you specify `useOptimization=true` in the request query, the response contains a subset of app instance properties.\n","type":"boolean"}},"required":["apps","id"],"type":"object"}},"okta:index/getAuthServerClaim:getAuthServerClaim":{"description":"Get authorization server claim from Okta.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst test = okta.getAuthServerClaim({\n    authServerId: \"default\",\n    name: \"birthdate\",\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\ntest = okta.get_auth_server_claim(auth_server_id=\"default\",\n    name=\"birthdate\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var test = Okta.GetAuthServerClaim.Invoke(new()\n    {\n        AuthServerId = \"default\",\n        Name = \"birthdate\",\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := okta.GetAuthServerClaim(ctx, \u0026okta.GetAuthServerClaimArgs{\n\t\t\tAuthServerId: \"default\",\n\t\t\tName:         pulumi.StringRef(\"birthdate\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.OktaFunctions;\nimport com.pulumi.okta.inputs.GetAuthServerClaimArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        final var test = OktaFunctions.getAuthServerClaim(GetAuthServerClaimArgs.builder()\n            .authServerId(\"default\")\n            .name(\"birthdate\")\n            .build());\n\n    }\n}\n```\n```yaml\nvariables:\n  test:\n    fn::invoke:\n      function: okta:getAuthServerClaim\n      arguments:\n        authServerId: default\n        name: birthdate\n```\n\u003c!--End PulumiCodeChooser --\u003e\n","inputs":{"description":"A collection of arguments for invoking getAuthServerClaim.\n","properties":{"authServerId":{"type":"string","description":"Auth server ID\n"},"id":{"type":"string","description":"Name of the claim. Conflicts with \u003cspan pulumi-lang-nodejs=\"`name`\" pulumi-lang-dotnet=\"`Name`\" pulumi-lang-go=\"`name`\" pulumi-lang-python=\"`name`\" pulumi-lang-yaml=\"`name`\" pulumi-lang-java=\"`name`\"\u003e`name`\u003c/span\u003e.\n"},"name":{"type":"string","description":"Name of the claim. Conflicts with \u003cspan pulumi-lang-nodejs=\"`id`\" pulumi-lang-dotnet=\"`Id`\" pulumi-lang-go=\"`id`\" pulumi-lang-python=\"`id`\" pulumi-lang-yaml=\"`id`\" pulumi-lang-java=\"`id`\"\u003e`id`\u003c/span\u003e.\n"}},"type":"object","required":["authServerId"]},"outputs":{"description":"A collection of values returned by getAuthServerClaim.\n","properties":{"alwaysIncludeInToken":{"description":"Specifies whether to include Claims in the token.\n","type":"boolean"},"authServerId":{"description":"Auth server ID\n","type":"string"},"claimType":{"description":"Specifies whether the Claim is for an access token (`RESOURCE`) or ID token (`IDENTITY`).\n","type":"string"},"id":{"description":"Name of the claim. Conflicts with \u003cspan pulumi-lang-nodejs=\"`name`\" pulumi-lang-dotnet=\"`Name`\" pulumi-lang-go=\"`name`\" pulumi-lang-python=\"`name`\" pulumi-lang-yaml=\"`name`\" pulumi-lang-java=\"`name`\"\u003e`name`\u003c/span\u003e.\n","type":"string"},"name":{"description":"Name of the claim. Conflicts with \u003cspan pulumi-lang-nodejs=\"`id`\" pulumi-lang-dotnet=\"`Id`\" pulumi-lang-go=\"`id`\" pulumi-lang-python=\"`id`\" pulumi-lang-yaml=\"`id`\" pulumi-lang-java=\"`id`\"\u003e`id`\u003c/span\u003e.\n","type":"string"},"scopes":{"description":"Auth server claim list of scopes\n","items":{"type":"string"},"type":"array"},"status":{"description":"Status of the claim.\n","type":"string"},"value":{"description":"Value of the claim.\n","type":"string"},"valueType":{"description":"Specifies whether the Claim is an Okta EL expression (`EXPRESSION`), a set of groups (`GROUPS`), or a system claim (`SYSTEM`)\n","type":"string"}},"required":["alwaysIncludeInToken","authServerId","claimType","scopes","status","value","valueType"],"type":"object"}},"okta:index/getAuthServerClaims:getAuthServerClaims":{"description":"Get a list of authorization server claims from Okta.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst test = okta.getAuthServerClaims({\n    authServerId: \"default\",\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\ntest = okta.get_auth_server_claims(auth_server_id=\"default\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var test = Okta.GetAuthServerClaims.Invoke(new()\n    {\n        AuthServerId = \"default\",\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := okta.GetAuthServerClaims(ctx, \u0026okta.GetAuthServerClaimsArgs{\n\t\t\tAuthServerId: \"default\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.OktaFunctions;\nimport com.pulumi.okta.inputs.GetAuthServerClaimsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        final var test = OktaFunctions.getAuthServerClaims(GetAuthServerClaimsArgs.builder()\n            .authServerId(\"default\")\n            .build());\n\n    }\n}\n```\n```yaml\nvariables:\n  test:\n    fn::invoke:\n      function: okta:getAuthServerClaims\n      arguments:\n        authServerId: default\n```\n\u003c!--End PulumiCodeChooser --\u003e\n","inputs":{"description":"A collection of arguments for invoking getAuthServerClaims.\n","properties":{"authServerId":{"type":"string","description":"Auth server ID\n"}},"type":"object","required":["authServerId"]},"outputs":{"description":"A collection of values returned by getAuthServerClaims.\n","properties":{"authServerId":{"description":"Auth server ID\n","type":"string"},"claims":{"description":"Collection of authorization server claims retrieved from Okta with the following properties.\n","items":{"$ref":"#/types/okta:index/getAuthServerClaimsClaim:getAuthServerClaimsClaim"},"type":"array"},"id":{"description":"The provider-assigned unique ID for this managed resource.","type":"string"}},"required":["authServerId","claims","id"],"type":"object"}},"okta:index/getAuthenticator:getAuthenticator":{"description":"Get an authenticator by key, name of ID.\n\n\u003e **WARNING:** This feature is only available as a part of the \nIdentity Engine. Contact support \nfor further information.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst test = okta.getAuthenticator({\n    key: \"security_question\",\n});\nconst test1 = okta.getAuthenticator({\n    name: \"Okta Verify\",\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\ntest = okta.get_authenticator(key=\"security_question\")\ntest1 = okta.get_authenticator(name=\"Okta Verify\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var test = Okta.GetAuthenticator.Invoke(new()\n    {\n        Key = \"security_question\",\n    });\n\n    var test1 = Okta.GetAuthenticator.Invoke(new()\n    {\n        Name = \"Okta Verify\",\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := okta.LookupAuthenticator(ctx, \u0026okta.LookupAuthenticatorArgs{\n\t\t\tKey: pulumi.StringRef(\"security_question\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = okta.LookupAuthenticator(ctx, \u0026okta.LookupAuthenticatorArgs{\n\t\t\tName: pulumi.StringRef(\"Okta Verify\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.OktaFunctions;\nimport com.pulumi.okta.inputs.GetAuthenticatorArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        final var test = OktaFunctions.getAuthenticator(GetAuthenticatorArgs.builder()\n            .key(\"security_question\")\n            .build());\n\n        final var test1 = OktaFunctions.getAuthenticator(GetAuthenticatorArgs.builder()\n            .name(\"Okta Verify\")\n            .build());\n\n    }\n}\n```\n```yaml\nvariables:\n  test:\n    fn::invoke:\n      function: okta:getAuthenticator\n      arguments:\n        key: security_question\n  test1:\n    fn::invoke:\n      function: okta:getAuthenticator\n      arguments:\n        name: Okta Verify\n```\n\u003c!--End PulumiCodeChooser --\u003e\n","inputs":{"description":"A collection of arguments for invoking getAuthenticator.\n","properties":{"id":{"type":"string","description":"ID of the authenticator.\n"},"key":{"type":"string","description":"A human-readable string that identifies the authenticator.\n"},"name":{"type":"string","description":"Name of the authenticator.\n"}},"type":"object"},"outputs":{"description":"A collection of values returned by getAuthenticator.\n","properties":{"id":{"description":"ID of the authenticator.\n","type":"string"},"key":{"description":"A human-readable string that identifies the authenticator.\n","type":"string"},"name":{"description":"Name of the authenticator.\n","type":"string"},"providerAuthPort":{"description":"The RADIUS server port (for example 1812). This is defined when the On-Prem RADIUS server is configured\n","type":"integer"},"providerHostname":{"description":"Server host name or IP address\n","type":"string"},"providerInstanceId":{"description":"(Specific to \u003cspan pulumi-lang-nodejs=\"`securityKey`\" pulumi-lang-dotnet=\"`SecurityKey`\" pulumi-lang-go=\"`securityKey`\" pulumi-lang-python=\"`security_key`\" pulumi-lang-yaml=\"`securityKey`\" pulumi-lang-java=\"`securityKey`\"\u003e`security_key`\u003c/span\u003e) App Instance ID.\n","type":"string"},"providerJson":{"description":"Authenticator Provider in JSON format\n","type":"string"},"providerType":{"description":"Provider type.\n","type":"string"},"providerUserNameTemplate":{"description":"Username template expected by the provider.\n","type":"string"},"settings":{"description":"Authenticator settings in JSON format\n","type":"string"},"status":{"description":"Status of the Authenticator.\n","type":"string"},"type":{"description":"Type of the authenticator\n","type":"string"}},"required":["providerAuthPort","providerHostname","providerInstanceId","providerJson","providerType","providerUserNameTemplate","settings","status","type"],"type":"object"}},"okta:index/getBehaviour:getBehaviour":{"description":"Get a behavior by name or ID.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```yaml\nvariables:\n  example:\n    fn::invoke:\n      function: okta:getBehaviour\n      arguments:\n        label: New City\n```\n\u003c!--End PulumiCodeChooser --\u003e\n","inputs":{"description":"A collection of arguments for invoking getBehaviour.\n","properties":{"id":{"type":"string","description":"Behavior ID.\n"},"name":{"type":"string","description":"Behavior name.\n"}},"type":"object"},"outputs":{"description":"A collection of values returned by getBehaviour.\n","properties":{"id":{"description":"Behavior ID.\n","type":"string"},"name":{"description":"Behavior name.\n","type":"string"},"settings":{"additionalProperties":{"type":"string"},"description":"Map of behavior settings.\n","type":"object"},"status":{"description":"Behavior status.\n","type":"string"},"type":{"description":"Behavior type.\n","type":"string"}},"required":["settings","status","type"],"type":"object"}},"okta:index/getBehaviours:getBehaviours":{"description":"Get a behaviors by search criteria.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst example = okta.getBehaviours({\n    q: \"New\",\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\nexample = okta.get_behaviours(q=\"New\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var example = Okta.GetBehaviours.Invoke(new()\n    {\n        Q = \"New\",\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := okta.GetBehaviours(ctx, \u0026okta.GetBehavioursArgs{\n\t\t\tQ: pulumi.StringRef(\"New\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.OktaFunctions;\nimport com.pulumi.okta.inputs.GetBehavioursArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        final var example = OktaFunctions.getBehaviours(GetBehavioursArgs.builder()\n            .q(\"New\")\n            .build());\n\n    }\n}\n```\n```yaml\nvariables:\n  example:\n    fn::invoke:\n      function: okta:getBehaviours\n      arguments:\n        q: New\n```\n\u003c!--End PulumiCodeChooser --\u003e\n","inputs":{"description":"A collection of arguments for invoking getBehaviours.\n","properties":{"q":{"type":"string","description":"Searches the name property of behaviors for matching value\n"}},"type":"object"},"outputs":{"description":"A collection of values returned by getBehaviours.\n","properties":{"behaviors":{"items":{"$ref":"#/types/okta:index/getBehavioursBehavior:getBehavioursBehavior"},"type":"array"},"id":{"description":"The provider-assigned unique ID for this managed resource.","type":"string"},"q":{"description":"Searches the name property of behaviors for matching value\n","type":"string"}},"required":["behaviors","id"],"type":"object"}},"okta:index/getBrand:getBrand":{"description":"Get a single Brand from Okta.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst test = okta.getBrands({});\nconst testGetBrand = test.then(test =\u003e okta.getBrand({\n    brandId: test.brands?.[0]?.id,\n}));\nconst _default = okta.getBrand({\n    brandId: \"default\",\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\ntest = okta.get_brands()\ntest_get_brand = okta.get_brand(brand_id=test.brands[0].id)\ndefault = okta.get_brand(brand_id=\"default\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var test = Okta.GetBrands.Invoke();\n\n    var testGetBrand = Okta.GetBrand.Invoke(new()\n    {\n        BrandId = test.Apply(getBrandsResult =\u003e getBrandsResult.Brands[0]?.Id),\n    });\n\n    var @default = Okta.GetBrand.Invoke(new()\n    {\n        BrandId = \"default\",\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttest, err := okta.GetBrands(ctx, map[string]interface{}{}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = okta.LookupBrand(ctx, \u0026okta.LookupBrandArgs{\n\t\t\tBrandId: test.Brands[0].Id,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = okta.LookupBrand(ctx, \u0026okta.LookupBrandArgs{\n\t\t\tBrandId: \"default\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.OktaFunctions;\nimport com.pulumi.okta.inputs.GetBrandArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        final var test = OktaFunctions.getBrands(%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference);\n\n        final var testGetBrand = OktaFunctions.getBrand(GetBrandArgs.builder()\n            .brandId(test.brands()[0].id())\n            .build());\n\n        final var default = OktaFunctions.getBrand(GetBrandArgs.builder()\n            .brandId(\"default\")\n            .build());\n\n    }\n}\n```\n```yaml\nvariables:\n  test:\n    fn::invoke:\n      function: okta:getBrands\n      arguments: {}\n  testGetBrand:\n    fn::invoke:\n      function: okta:getBrand\n      arguments:\n        brandId: ${test.brands[0].id}\n  default:\n    fn::invoke:\n      function: okta:getBrand\n      arguments:\n        brandId: default\n```\n\u003c!--End PulumiCodeChooser --\u003e\n","inputs":{"description":"A collection of arguments for invoking getBrand.\n","properties":{"brandId":{"type":"string","description":"Brand ID\n"}},"type":"object","required":["brandId"]},"outputs":{"description":"A collection of values returned by getBrand.\n","properties":{"brandId":{"description":"Brand ID\n","type":"string"},"customPrivacyPolicyUrl":{"description":"Custom privacy policy URL\n","type":"string"},"id":{"description":"The ID of the Brand\n","type":"string"},"links":{"description":"Link relations for this object - JSON HAL - Discoverable resources related to the brand\n","type":"string"},"name":{"description":"Brand name\n","type":"string"},"removePoweredByOkta":{"description":"Removes \"Powered by Okta\" from the Okta-hosted sign-in page and \"© 2021 Okta, Inc.\" from the Okta End-User Dashboard\n","type":"boolean"}},"required":["brandId","customPrivacyPolicyUrl","id","links","name","removePoweredByOkta"],"type":"object"}},"okta:index/getBrands:getBrands":{"description":"Get the brands belonging to an Okta organization.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst test = okta.getBrands({});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\ntest = okta.get_brands()\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var test = Okta.GetBrands.Invoke();\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := okta.GetBrands(ctx, map[string]interface{}{}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.OktaFunctions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        final var test = OktaFunctions.getBrands(%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference);\n\n    }\n}\n```\n```yaml\nvariables:\n  test:\n    fn::invoke:\n      function: okta:getBrands\n      arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n","outputs":{"description":"A collection of values returned by getBrands.\n","properties":{"brands":{"description":"List of \u003cspan pulumi-lang-nodejs=\"`okta.Brand`\" pulumi-lang-dotnet=\"`okta.Brand`\" pulumi-lang-go=\"`Brand`\" pulumi-lang-python=\"`Brand`\" pulumi-lang-yaml=\"`okta.Brand`\" pulumi-lang-java=\"`okta.Brand`\"\u003e`okta.Brand`\u003c/span\u003e belonging to the organization\n","items":{"$ref":"#/types/okta:index/getBrandsBrand:getBrandsBrand"},"type":"array"},"id":{"description":"The provider-assigned unique ID for this managed resource.","type":"string"}},"required":["brands","id"],"type":"object"}},"okta:index/getCampaign:getCampaign":{"description":"Get the campaign belonging to an Okta organization.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst test = okta.getCampaign({\n    id: \"\u003ccampaign id\u003e\",\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\ntest = okta.get_campaign(id=\"\u003ccampaign id\u003e\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var test = Okta.GetCampaign.Invoke(new()\n    {\n        Id = \"\u003ccampaign id\u003e\",\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := okta.LookupCampaign(ctx, \u0026okta.LookupCampaignArgs{\n\t\t\tId: pulumi.StringRef(\"\u003ccampaign id\u003e\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.OktaFunctions;\nimport com.pulumi.okta.inputs.GetCampaignArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        final var test = OktaFunctions.getCampaign(GetCampaignArgs.builder()\n            .id(\"\u003ccampaign id\u003e\")\n            .build());\n\n    }\n}\n```\n```yaml\nvariables:\n  test:\n    fn::invoke:\n      function: okta:getCampaign\n      arguments:\n        id: \u003ccampaign id\u003e\n```\n\u003c!--End PulumiCodeChooser --\u003e\n","inputs":{"description":"A collection of arguments for invoking getCampaign.\n","properties":{"campaignType":{"type":"string"},"description":{"type":"string"},"id":{"type":"string","description":"The ID of this resource.\n"},"notificationSettings":{"$ref":"#/types/okta:index/getCampaignNotificationSettings:getCampaignNotificationSettings"},"principalScopeSettings":{"$ref":"#/types/okta:index/getCampaignPrincipalScopeSettings:getCampaignPrincipalScopeSettings"},"remediationSettings":{"$ref":"#/types/okta:index/getCampaignRemediationSettings:getCampaignRemediationSettings"},"resourceSettings":{"$ref":"#/types/okta:index/getCampaignResourceSettings:getCampaignResourceSettings"},"reviewerSettings":{"$ref":"#/types/okta:index/getCampaignReviewerSettings:getCampaignReviewerSettings"},"scheduleSettings":{"$ref":"#/types/okta:index/getCampaignScheduleSettings:getCampaignScheduleSettings"}},"type":"object"},"outputs":{"description":"A collection of values returned by getCampaign.\n","properties":{"campaignType":{"type":"string"},"created":{"type":"string"},"createdBy":{"type":"string"},"description":{"type":"string"},"id":{"description":"The ID of this resource.\n","type":"string"},"lastUpdated":{"type":"string"},"lastUpdatedBy":{"type":"string"},"name":{"type":"string"},"notificationSettings":{"$ref":"#/types/okta:index/getCampaignNotificationSettings:getCampaignNotificationSettings"},"principalScopeSettings":{"$ref":"#/types/okta:index/getCampaignPrincipalScopeSettings:getCampaignPrincipalScopeSettings"},"recurringCampaignId":{"type":"string"},"remediationSettings":{"$ref":"#/types/okta:index/getCampaignRemediationSettings:getCampaignRemediationSettings"},"resourceSettings":{"$ref":"#/types/okta:index/getCampaignResourceSettings:getCampaignResourceSettings"},"reviewerSettings":{"$ref":"#/types/okta:index/getCampaignReviewerSettings:getCampaignReviewerSettings"},"scheduleSettings":{"$ref":"#/types/okta:index/getCampaignScheduleSettings:getCampaignScheduleSettings"},"status":{"type":"string"}},"required":["campaignType","created","createdBy","description","id","lastUpdated","lastUpdatedBy","name","recurringCampaignId","status"],"type":"object"}},"okta:index/getCatalogEntryDefault:getCatalogEntryDefault":{"description":"Retrieves a catalog entry.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst test = okta.getCatalogEntryUserAccessRequestFields({});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\ntest = okta.get_catalog_entry_user_access_request_fields()\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var test = Okta.GetCatalogEntryUserAccessRequestFields.Invoke();\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := okta.GetCatalogEntryUserAccessRequestFields(ctx, \u0026okta.GetCatalogEntryUserAccessRequestFieldsArgs{}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.OktaFunctions;\nimport com.pulumi.okta.inputs.GetCatalogEntryUserAccessRequestFieldsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        final var test = OktaFunctions.getCatalogEntryUserAccessRequestFields(GetCatalogEntryUserAccessRequestFieldsArgs.builder()\n            .build());\n\n    }\n}\n```\n```yaml\nvariables:\n  test:\n    fn::invoke:\n      function: okta:getCatalogEntryUserAccessRequestFields\n      arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n","inputs":{"description":"A collection of arguments for invoking getCatalogEntryDefault.\n","properties":{"counts":{"$ref":"#/types/okta:index/getCatalogEntryDefaultCounts:getCatalogEntryDefaultCounts"},"entryId":{"type":"string","description":"TThe ID of the catalog entry.\n"},"links":{"$ref":"#/types/okta:index/getCatalogEntryDefaultLinks:getCatalogEntryDefaultLinks"}},"type":"object","required":["entryId"]},"outputs":{"description":"A collection of values returned by getCatalogEntryDefault.\n","properties":{"counts":{"$ref":"#/types/okta:index/getCatalogEntryDefaultCounts:getCatalogEntryDefaultCounts"},"description":{"description":"Description of the catalog entry.\n","type":"string"},"entryId":{"description":"TThe ID of the catalog entry.\n","type":"string"},"id":{"description":"Unique identifier for the entry.\n","type":"string"},"label":{"description":"Label of the entry. Enum: `Application`, `Resource Collection`.\n","type":"string"},"links":{"$ref":"#/types/okta:index/getCatalogEntryDefaultLinks:getCatalogEntryDefaultLinks"},"name":{"description":"The name of the catalog entry.\n","type":"string"},"parent":{"description":"Parent of the catalog entry.\n","type":"string"},"requestable":{"description":"Is the resource requestable.\n","type":"boolean"}},"required":["description","entryId","id","label","name","parent","requestable"],"type":"object"}},"okta:index/getCatalogEntryUserAccessRequestFields:getCatalogEntryUserAccessRequestFields":{"description":"Get the request fields for catalog entry.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst test = okta.getCatalogEntryUserAccessRequestFields({});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\ntest = okta.get_catalog_entry_user_access_request_fields()\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var test = Okta.GetCatalogEntryUserAccessRequestFields.Invoke();\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := okta.GetCatalogEntryUserAccessRequestFields(ctx, \u0026okta.GetCatalogEntryUserAccessRequestFieldsArgs{}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.OktaFunctions;\nimport com.pulumi.okta.inputs.GetCatalogEntryUserAccessRequestFieldsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        final var test = OktaFunctions.getCatalogEntryUserAccessRequestFields(GetCatalogEntryUserAccessRequestFieldsArgs.builder()\n            .build());\n\n    }\n}\n```\n```yaml\nvariables:\n  test:\n    fn::invoke:\n      function: okta:getCatalogEntryUserAccessRequestFields\n      arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n","inputs":{"description":"A collection of arguments for invoking getCatalogEntryUserAccessRequestFields.\n","properties":{"datas":{"type":"array","items":{"$ref":"#/types/okta:index/getCatalogEntryUserAccessRequestFieldsData:getCatalogEntryUserAccessRequestFieldsData"}},"entryId":{"type":"string","description":"TThe ID of the catalog entry.\n"},"userId":{"type":"string","description":"The ID of the user.\n"}},"type":"object","required":["entryId","userId"]},"outputs":{"description":"A collection of values returned by getCatalogEntryUserAccessRequestFields.\n","properties":{"datas":{"items":{"$ref":"#/types/okta:index/getCatalogEntryUserAccessRequestFieldsData:getCatalogEntryUserAccessRequestFieldsData"},"type":"array"},"entryId":{"description":"TThe ID of the catalog entry.\n","type":"string"},"id":{"type":"string"},"userId":{"description":"The ID of the user.\n","type":"string"}},"required":["entryId","id","userId"],"type":"object"}},"okta:index/getDefaultSigninPage:getDefaultSigninPage":{"description":"Retrieve the default signin page of a brand\n","inputs":{"description":"A collection of arguments for invoking getDefaultSigninPage.\n","properties":{"brandId":{"type":"string","description":"brand id of the preview signin page\n"},"contentSecurityPolicySetting":{"$ref":"#/types/okta:index/getDefaultSigninPageContentSecurityPolicySetting:getDefaultSigninPageContentSecurityPolicySetting"},"widgetCustomizations":{"$ref":"#/types/okta:index/getDefaultSigninPageWidgetCustomizations:getDefaultSigninPageWidgetCustomizations"}},"type":"object","required":["brandId"]},"outputs":{"description":"A collection of values returned by getDefaultSigninPage.\n","properties":{"brandId":{"description":"brand id of the preview signin page\n","type":"string"},"contentSecurityPolicySetting":{"$ref":"#/types/okta:index/getDefaultSigninPageContentSecurityPolicySetting:getDefaultSigninPageContentSecurityPolicySetting"},"id":{"description":"placeholder id\n","type":"string"},"pageContent":{"description":"page content of the preview signin page\n","type":"string"},"widgetCustomizations":{"$ref":"#/types/okta:index/getDefaultSigninPageWidgetCustomizations:getDefaultSigninPageWidgetCustomizations"},"widgetVersion":{"description":"widget version specified as a Semver\n","type":"string"}},"required":["brandId","id","pageContent","widgetVersion"],"type":"object"}},"okta:index/getDevice:getDevice":{"description":"Get information about a device in Okta.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst example = okta.getDevice({\n    id: \"\u003cdevice_id\u003e\",\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\nexample = okta.get_device(id=\"\u003cdevice_id\u003e\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var example = Okta.GetDevice.Invoke(new()\n    {\n        Id = \"\u003cdevice_id\u003e\",\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := okta.LookupDevice(ctx, \u0026okta.LookupDeviceArgs{\n\t\t\tId: \"\u003cdevice_id\u003e\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.OktaFunctions;\nimport com.pulumi.okta.inputs.GetDeviceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        final var example = OktaFunctions.getDevice(GetDeviceArgs.builder()\n            .id(\"\u003cdevice_id\u003e\")\n            .build());\n\n    }\n}\n```\n```yaml\nvariables:\n  example:\n    fn::invoke:\n      function: okta:getDevice\n      arguments:\n        id: \u003cdevice_id\u003e\n```\n\u003c!--End PulumiCodeChooser --\u003e\n","inputs":{"description":"A collection of arguments for invoking getDevice.\n","properties":{"id":{"type":"string","description":"The ID of the device.\n"},"profile":{"$ref":"#/types/okta:index/getDeviceProfile:getDeviceProfile"},"resourceDisplayName":{"$ref":"#/types/okta:index/getDeviceResourceDisplayName:getDeviceResourceDisplayName"}},"type":"object","required":["id"]},"outputs":{"description":"A collection of values returned by getDevice.\n","properties":{"created":{"description":"The creation timestamp of the device.\n","type":"string"},"id":{"description":"The ID of the device.\n","type":"string"},"lastUpdated":{"description":"The last updated timestamp of the device.\n","type":"string"},"profile":{"$ref":"#/types/okta:index/getDeviceProfile:getDeviceProfile"},"resourceAlternateId":{"description":"The alternate ID of the device resource.\n","type":"string"},"resourceDisplayName":{"$ref":"#/types/okta:index/getDeviceResourceDisplayName:getDeviceResourceDisplayName"},"resourceId":{"description":"Alternate key for the id.\n","type":"string"},"resourceType":{"description":"The resource type of the device.\n","type":"string"},"status":{"description":"The status of the device.\n","type":"string"}},"required":["created","id","lastUpdated","resourceAlternateId","resourceId","resourceType","status"],"type":"object"}},"okta:index/getDeviceAssurancePolicy:getDeviceAssurancePolicy":{"description":"Get a policy assurance from Okta.\n","inputs":{"description":"A collection of arguments for invoking getDeviceAssurancePolicy.\n","properties":{"id":{"type":"string","description":"ID of the user type to retrieve, conflicts with \u003cspan pulumi-lang-nodejs=\"`name`\" pulumi-lang-dotnet=\"`Name`\" pulumi-lang-go=\"`name`\" pulumi-lang-python=\"`name`\" pulumi-lang-yaml=\"`name`\" pulumi-lang-java=\"`name`\"\u003e`name`\u003c/span\u003e.\n"},"name":{"type":"string","description":"Name of user type to retrieve, conflicts with \u003cspan pulumi-lang-nodejs=\"`id`\" pulumi-lang-dotnet=\"`Id`\" pulumi-lang-go=\"`id`\" pulumi-lang-python=\"`id`\" pulumi-lang-yaml=\"`id`\" pulumi-lang-java=\"`id`\"\u003e`id`\u003c/span\u003e.\n"},"secureHardwarePresent":{"type":"boolean","description":"Indicates if the device contains a secure hardware functionality\n"},"thirdPartySignalProvider":{"$ref":"#/types/okta:index/getDeviceAssurancePolicyThirdPartySignalProvider:getDeviceAssurancePolicyThirdPartySignalProvider","description":"Indicates if the device contains a secure hardware functionality\n"}},"type":"object"},"outputs":{"description":"A collection of values returned by getDeviceAssurancePolicy.\n","properties":{"diskEncryptionType":{"$ref":"#/types/okta:index/getDeviceAssurancePolicyDiskEncryptionType:getDeviceAssurancePolicyDiskEncryptionType","description":"List of disk encryption type, can be `FULL`, `USER`\n"},"id":{"description":"ID of the user type to retrieve, conflicts with \u003cspan pulumi-lang-nodejs=\"`name`\" pulumi-lang-dotnet=\"`Name`\" pulumi-lang-go=\"`name`\" pulumi-lang-python=\"`name`\" pulumi-lang-yaml=\"`name`\" pulumi-lang-java=\"`name`\"\u003e`name`\u003c/span\u003e.\n","type":"string"},"jailbreak":{"description":"Is the device jailbroken in the device assurance policy.\n","type":"boolean"},"name":{"description":"Name of user type to retrieve, conflicts with \u003cspan pulumi-lang-nodejs=\"`id`\" pulumi-lang-dotnet=\"`Id`\" pulumi-lang-go=\"`id`\" pulumi-lang-python=\"`id`\" pulumi-lang-yaml=\"`id`\" pulumi-lang-java=\"`id`\"\u003e`id`\u003c/span\u003e.\n","type":"string"},"osVersion":{"$ref":"#/types/okta:index/getDeviceAssurancePolicyOsVersion:getDeviceAssurancePolicyOsVersion","description":"Minimum os version of the device in the device assurance policy.\n"},"osVersionConstraints":{"description":"The list of os version constraints.\n","items":{"$ref":"#/types/okta:index/getDeviceAssurancePolicyOsVersionConstraint:getDeviceAssurancePolicyOsVersionConstraint"},"type":"array"},"platform":{"description":"Policy device assurance platform\n","type":"string"},"screenlockType":{"$ref":"#/types/okta:index/getDeviceAssurancePolicyScreenlockType:getDeviceAssurancePolicyScreenlockType","description":"List of screenlock type, can be `BIOMETRIC` or `BIOMETRIC, PASSCODE`\n"},"secureHardwarePresent":{"description":"Indicates if the device contains a secure hardware functionality\n","type":"boolean"},"thirdPartySignalProvider":{"$ref":"#/types/okta:index/getDeviceAssurancePolicyThirdPartySignalProvider:getDeviceAssurancePolicyThirdPartySignalProvider","description":"Indicates if the device contains a secure hardware functionality\n"}},"required":["diskEncryptionType","jailbreak","osVersion","osVersionConstraints","platform","screenlockType"],"type":"object"}},"okta:index/getDomain:getDomain":{"description":"Get a domain from Okta.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst example = new okta.Domain(\"example\", {name: \"www.example.com\"});\nconst by_name = okta.getDomain({\n    domainIdOrName: \"www.example.com\",\n});\nconst by_id = okta.getDomainOutput({\n    domainIdOrName: example.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\nexample = okta.Domain(\"example\", name=\"www.example.com\")\nby_name = okta.get_domain(domain_id_or_name=\"www.example.com\")\nby_id = okta.get_domain_output(domain_id_or_name=example.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var example = new Okta.Domain(\"example\", new()\n    {\n        Name = \"www.example.com\",\n    });\n\n    var by_name = Okta.GetDomain.Invoke(new()\n    {\n        DomainIdOrName = \"www.example.com\",\n    });\n\n    var by_id = Okta.GetDomain.Invoke(new()\n    {\n        DomainIdOrName = example.Id,\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := okta.NewDomain(ctx, \"example\", \u0026okta.DomainArgs{\n\t\t\tName: pulumi.String(\"www.example.com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = okta.LookupDomain(ctx, \u0026okta.LookupDomainArgs{\n\t\t\tDomainIdOrName: \"www.example.com\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_ = okta.LookupDomainOutput(ctx, okta.GetDomainOutputArgs{\n\t\t\tDomainIdOrName: example.ID(),\n\t\t}, nil)\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.Domain;\nimport com.pulumi.okta.DomainArgs;\nimport com.pulumi.okta.OktaFunctions;\nimport com.pulumi.okta.inputs.GetDomainArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        var example = new Domain(\"example\", DomainArgs.builder()\n            .name(\"www.example.com\")\n            .build());\n\n        final var by-name = OktaFunctions.getDomain(GetDomainArgs.builder()\n            .domainIdOrName(\"www.example.com\")\n            .build());\n\n        final var by-id = OktaFunctions.getDomain(GetDomainArgs.builder()\n            .domainIdOrName(example.id())\n            .build());\n\n    }\n}\n```\n```yaml\nresources:\n  example:\n    type: okta:Domain\n    properties:\n      name: www.example.com\nvariables:\n  by-name:\n    fn::invoke:\n      function: okta:getDomain\n      arguments:\n        domainIdOrName: www.example.com\n  by-id:\n    fn::invoke:\n      function: okta:getDomain\n      arguments:\n        domainIdOrName: ${example.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n","inputs":{"description":"A collection of arguments for invoking getDomain.\n","properties":{"domainIdOrName":{"type":"string","description":"Brand ID\n"}},"type":"object","required":["domainIdOrName"]},"outputs":{"description":"A collection of values returned by getDomain.\n","properties":{"certificateSourceType":{"description":"Certificate source type that indicates whether the certificate is provided by the user or Okta. Values: MANUAL, OKTA_MANAGED\n","type":"string"},"dnsRecords":{"description":"TXT and CNAME records to be registered for the Domain\n","items":{"$ref":"#/types/okta:index/getDomainDnsRecord:getDomainDnsRecord"},"type":"array"},"domain":{"description":"Domain name\n","type":"string"},"domainIdOrName":{"description":"Brand ID\n","type":"string"},"id":{"description":"The ID of the Domain\n","type":"string"},"publicCertificate":{"additionalProperties":{"type":"string"},"description":"Certificate metadata for the Domain\n","type":"object"},"validationStatus":{"description":"Status of the domain. Values: NOT*STARTED, IN*PROGRESS, VERIFIED, COMPLETED\n","type":"string"}},"required":["certificateSourceType","dnsRecords","domain","domainIdOrName","id","publicCertificate","validationStatus"],"type":"object"}},"okta:index/getEmailCustomization:getEmailCustomization":{"description":"Get the email customization of an email template belonging to a brand in an Okta organization.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst test = okta.getBrands({});\nconst forgotPassword = test.then(test =\u003e okta.getEmailCustomizations({\n    brandId: test.brands?.[0]?.id,\n    templateName: \"ForgotPassword\",\n}));\nconst forgotPasswordEn = Promise.all([test, forgotPassword]).then(([test, forgotPassword]) =\u003e okta.getEmailCustomization({\n    brandId: test.brands?.[0]?.id,\n    templateName: \"ForgotPassword\",\n    customizationId: forgotPassword.emailCustomizations?.[0]?.id,\n}));\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\ntest = okta.get_brands()\nforgot_password = okta.get_email_customizations(brand_id=test.brands[0].id,\n    template_name=\"ForgotPassword\")\nforgot_password_en = okta.get_email_customization(brand_id=test.brands[0].id,\n    template_name=\"ForgotPassword\",\n    customization_id=forgot_password.email_customizations[0].id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var test = Okta.GetBrands.Invoke();\n\n    var forgotPassword = Okta.GetEmailCustomizations.Invoke(new()\n    {\n        BrandId = test.Apply(getBrandsResult =\u003e getBrandsResult.Brands[0]?.Id),\n        TemplateName = \"ForgotPassword\",\n    });\n\n    var forgotPasswordEn = Okta.GetEmailCustomization.Invoke(new()\n    {\n        BrandId = test.Apply(getBrandsResult =\u003e getBrandsResult.Brands[0]?.Id),\n        TemplateName = \"ForgotPassword\",\n        CustomizationId = forgotPassword.Apply(getEmailCustomizationsResult =\u003e getEmailCustomizationsResult.EmailCustomizations[0]?.Id),\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttest, err := okta.GetBrands(ctx, map[string]interface{}{}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tforgotPassword, err := okta.GetEmailCustomizations(ctx, \u0026okta.GetEmailCustomizationsArgs{\n\t\t\tBrandId:      test.Brands[0].Id,\n\t\t\tTemplateName: \"ForgotPassword\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = okta.LookupEmailCustomization(ctx, \u0026okta.LookupEmailCustomizationArgs{\n\t\t\tBrandId:         test.Brands[0].Id,\n\t\t\tTemplateName:    \"ForgotPassword\",\n\t\t\tCustomizationId: forgotPassword.EmailCustomizations[0].Id,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.OktaFunctions;\nimport com.pulumi.okta.inputs.GetEmailCustomizationsArgs;\nimport com.pulumi.okta.inputs.GetEmailCustomizationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        final var test = OktaFunctions.getBrands(%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference);\n\n        final var forgotPassword = OktaFunctions.getEmailCustomizations(GetEmailCustomizationsArgs.builder()\n            .brandId(test.brands()[0].id())\n            .templateName(\"ForgotPassword\")\n            .build());\n\n        final var forgotPasswordEn = OktaFunctions.getEmailCustomization(GetEmailCustomizationArgs.builder()\n            .brandId(test.brands()[0].id())\n            .templateName(\"ForgotPassword\")\n            .customizationId(forgotPassword.emailCustomizations()[0].id())\n            .build());\n\n    }\n}\n```\n```yaml\nvariables:\n  test:\n    fn::invoke:\n      function: okta:getBrands\n      arguments: {}\n  forgotPassword:\n    fn::invoke:\n      function: okta:getEmailCustomizations\n      arguments:\n        brandId: ${test.brands[0].id}\n        templateName: ForgotPassword\n  forgotPasswordEn:\n    fn::invoke:\n      function: okta:getEmailCustomization\n      arguments:\n        brandId: ${test.brands[0].id}\n        templateName: ForgotPassword\n        customizationId: ${forgotPassword.emailCustomizations[0].id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n","inputs":{"description":"A collection of arguments for invoking getEmailCustomization.\n","properties":{"brandId":{"type":"string","description":"Brand ID\n"},"customizationId":{"type":"string","description":"The ID of the customization\n"},"templateName":{"type":"string","description":"Template Name\n"}},"type":"object","required":["brandId","customizationId","templateName"]},"outputs":{"description":"A collection of values returned by getEmailCustomization.\n","properties":{"body":{"description":"The body of the customization\n","type":"string"},"brandId":{"description":"Brand ID\n","type":"string"},"customizationId":{"description":"The ID of the customization\n","type":"string"},"id":{"description":"The ID of the customization\n","type":"string"},"isDefault":{"description":"Whether the customization is the default\n","type":"boolean"},"language":{"description":"The language supported by the customization\n","type":"string"},"links":{"description":"Link relations for this object - JSON HAL - Discoverable resources related to the email template\n","type":"string"},"subject":{"description":"The subject of the customization\n","type":"string"},"templateName":{"description":"Template Name\n","type":"string"}},"required":["body","brandId","customizationId","id","isDefault","language","links","subject","templateName"],"type":"object"}},"okta:index/getEmailCustomizations:getEmailCustomizations":{"description":"Get the email customizations of an email template belonging to a brand in an Okta organization.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst test = okta.getBrands({});\nconst forgotPassword = test.then(test =\u003e okta.getEmailCustomizations({\n    brandId: test.brands?.[0]?.id,\n    templateName: \"ForgotPassword\",\n}));\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\ntest = okta.get_brands()\nforgot_password = okta.get_email_customizations(brand_id=test.brands[0].id,\n    template_name=\"ForgotPassword\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var test = Okta.GetBrands.Invoke();\n\n    var forgotPassword = Okta.GetEmailCustomizations.Invoke(new()\n    {\n        BrandId = test.Apply(getBrandsResult =\u003e getBrandsResult.Brands[0]?.Id),\n        TemplateName = \"ForgotPassword\",\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttest, err := okta.GetBrands(ctx, map[string]interface{}{}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = okta.GetEmailCustomizations(ctx, \u0026okta.GetEmailCustomizationsArgs{\n\t\t\tBrandId:      test.Brands[0].Id,\n\t\t\tTemplateName: \"ForgotPassword\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.OktaFunctions;\nimport com.pulumi.okta.inputs.GetEmailCustomizationsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        final var test = OktaFunctions.getBrands(%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference);\n\n        final var forgotPassword = OktaFunctions.getEmailCustomizations(GetEmailCustomizationsArgs.builder()\n            .brandId(test.brands()[0].id())\n            .templateName(\"ForgotPassword\")\n            .build());\n\n    }\n}\n```\n```yaml\nvariables:\n  test:\n    fn::invoke:\n      function: okta:getBrands\n      arguments: {}\n  forgotPassword:\n    fn::invoke:\n      function: okta:getEmailCustomizations\n      arguments:\n        brandId: ${test.brands[0].id}\n        templateName: ForgotPassword\n```\n\u003c!--End PulumiCodeChooser --\u003e\n","inputs":{"description":"A collection of arguments for invoking getEmailCustomizations.\n","properties":{"brandId":{"type":"string","description":"Brand ID\n"},"templateName":{"type":"string","description":"Template Name\n"}},"type":"object","required":["brandId","templateName"]},"outputs":{"description":"A collection of values returned by getEmailCustomizations.\n","properties":{"brandId":{"description":"Brand ID\n","type":"string"},"emailCustomizations":{"description":"List of \u003cspan pulumi-lang-nodejs=\"`okta.EmailCustomization`\" pulumi-lang-dotnet=\"`okta.EmailCustomization`\" pulumi-lang-go=\"`EmailCustomization`\" pulumi-lang-python=\"`EmailCustomization`\" pulumi-lang-yaml=\"`okta.EmailCustomization`\" pulumi-lang-java=\"`okta.EmailCustomization`\"\u003e`okta.EmailCustomization`\u003c/span\u003e belonging to the named email template of the brand in the organization\n","items":{"$ref":"#/types/okta:index/getEmailCustomizationsEmailCustomization:getEmailCustomizationsEmailCustomization"},"type":"array"},"id":{"description":"The provider-assigned unique ID for this managed resource.","type":"string"},"templateName":{"description":"Template Name\n","type":"string"}},"required":["brandId","emailCustomizations","templateName","id"],"type":"object"}},"okta:index/getEmailSmtpServer:getEmailSmtpServer":{"description":"Get existing SMTP email server configuration.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst smtpServer = new okta.EmailSmtpServer(\"smtp_server\", {\n    alias: \"CustomServer\",\n    host: \"192.168.160.1\",\n    port: 8086,\n    username: \"aUser\",\n    password: \"abcd\",\n});\nconst serverConfig = okta.getEmailSmtpServer({\n    id: \"id-of-your-smtp-server\",\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\nsmtp_server = okta.EmailSmtpServer(\"smtp_server\",\n    alias=\"CustomServer\",\n    host=\"192.168.160.1\",\n    port=8086,\n    username=\"aUser\",\n    password=\"abcd\")\nserver_config = okta.get_email_smtp_server(id=\"id-of-your-smtp-server\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var smtpServer = new Okta.EmailSmtpServer(\"smtp_server\", new()\n    {\n        Alias = \"CustomServer\",\n        Host = \"192.168.160.1\",\n        Port = 8086,\n        Username = \"aUser\",\n        Password = \"abcd\",\n    });\n\n    var serverConfig = Okta.GetEmailSmtpServer.Invoke(new()\n    {\n        Id = \"id-of-your-smtp-server\",\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := okta.NewEmailSmtpServer(ctx, \"smtp_server\", \u0026okta.EmailSmtpServerArgs{\n\t\t\tAlias:    pulumi.String(\"CustomServer\"),\n\t\t\tHost:     pulumi.String(\"192.168.160.1\"),\n\t\t\tPort:     pulumi.Int(8086),\n\t\t\tUsername: pulumi.String(\"aUser\"),\n\t\t\tPassword: pulumi.String(\"abcd\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = okta.LookupEmailSmtpServer(ctx, \u0026okta.LookupEmailSmtpServerArgs{\n\t\t\tId: \"id-of-your-smtp-server\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.EmailSmtpServer;\nimport com.pulumi.okta.EmailSmtpServerArgs;\nimport com.pulumi.okta.OktaFunctions;\nimport com.pulumi.okta.inputs.GetEmailSmtpServerArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        var smtpServer = new EmailSmtpServer(\"smtpServer\", EmailSmtpServerArgs.builder()\n            .alias(\"CustomServer\")\n            .host(\"192.168.160.1\")\n            .port(8086)\n            .username(\"aUser\")\n            .password(\"abcd\")\n            .build());\n\n        final var serverConfig = OktaFunctions.getEmailSmtpServer(GetEmailSmtpServerArgs.builder()\n            .id(\"id-of-your-smtp-server\")\n            .build());\n\n    }\n}\n```\n```yaml\nresources:\n  smtpServer:\n    type: okta:EmailSmtpServer\n    name: smtp_server\n    properties:\n      alias: CustomServer\n      host: 192.168.160.1\n      port: 8086\n      username: aUser\n      password: abcd\nvariables:\n  serverConfig:\n    fn::invoke:\n      function: okta:getEmailSmtpServer\n      arguments:\n        id: id-of-your-smtp-server\n```\n\u003c!--End PulumiCodeChooser --\u003e\n","inputs":{"description":"A collection of arguments for invoking getEmailSmtpServer.\n","properties":{"id":{"type":"string","description":"ID of your SMTP server\n"}},"type":"object","required":["id"]},"outputs":{"description":"A collection of values returned by getEmailSmtpServer.\n","properties":{"alias":{"description":"Human-readable name for SMTP server\n","type":"string"},"enabled":{"description":"If true, routes all email traffic through the SMTP server.\n","type":"boolean"},"host":{"description":"Hostname or IP address of the SMTP server\n","type":"string"},"id":{"description":"ID of your SMTP server\n","type":"string"},"port":{"description":"The port number of the SMTP server\n","type":"integer"},"username":{"description":"Username used to access the SMTP server\n","type":"string"}},"required":["alias","enabled","host","id","port","username"],"type":"object"}},"okta:index/getEndUserMyRequests:getEndUserMyRequests":{"description":"Get an End User Request from Okta Identity Governance. This data source allows you to retrieve information about existing access requests in the Okta Identity Governance system.\n\nUse this data source to fetch details about a specific request, including its current status, field values, and other metadata.\n\n\u003e **Note:** This data source is part of Okta Identity Governance functionality and requires appropriate licensing and configuration.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\n// Get a request by its catalog entry ID and request ID\nconst example = okta.getEndUserMyRequests({\n    entryId: \"cen123456789abcdefgh\",\n    id: \"reqABCDEFG0123456789\",\n});\nexport const requestStatus = example.then(example =\u003e example.status);\nexport const requestFieldValues = example.then(example =\u003e example.requesterFieldValues);\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\n# Get a request by its catalog entry ID and request ID\nexample = okta.get_end_user_my_requests(entry_id=\"cen123456789abcdefgh\",\n    id=\"reqABCDEFG0123456789\")\npulumi.export(\"requestStatus\", example.status)\npulumi.export(\"requestFieldValues\", example.requester_field_values)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    // Get a request by its catalog entry ID and request ID\n    var example = Okta.GetEndUserMyRequests.Invoke(new()\n    {\n        EntryId = \"cen123456789abcdefgh\",\n        Id = \"reqABCDEFG0123456789\",\n    });\n\n    return new Dictionary\u003cstring, object?\u003e\n    {\n        [\"requestStatus\"] = example.Apply(getEndUserMyRequestsResult =\u003e getEndUserMyRequestsResult.Status),\n        [\"requestFieldValues\"] = example.Apply(getEndUserMyRequestsResult =\u003e getEndUserMyRequestsResult.RequesterFieldValues),\n    };\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t// Get a request by its catalog entry ID and request ID\n\t\texample, err := okta.LookupEndUserMyRequests(ctx, \u0026okta.LookupEndUserMyRequestsArgs{\n\t\t\tEntryId: \"cen123456789abcdefgh\",\n\t\t\tId:      \"reqABCDEFG0123456789\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tctx.Export(\"requestStatus\", example.Status)\n\t\tctx.Export(\"requestFieldValues\", example.RequesterFieldValues)\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.OktaFunctions;\nimport com.pulumi.okta.inputs.GetEndUserMyRequestsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        // Get a request by its catalog entry ID and request ID\n        final var example = OktaFunctions.getEndUserMyRequests(GetEndUserMyRequestsArgs.builder()\n            .entryId(\"cen123456789abcdefgh\")\n            .id(\"reqABCDEFG0123456789\")\n            .build());\n\n        ctx.export(\"requestStatus\", example.status());\n        ctx.export(\"requestFieldValues\", example.requesterFieldValues());\n    }\n}\n```\n```yaml\nvariables:\n  # Get a request by its catalog entry ID and request ID\n  example:\n    fn::invoke:\n      function: okta:getEndUserMyRequests\n      arguments:\n        entryId: cen123456789abcdefgh\n        id: reqABCDEFG0123456789\noutputs:\n  # Output the request status\n  requestStatus: ${example.status}\n  # Output specific field values\n  requestFieldValues: ${example.requesterFieldValues}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n\n## Field Type Reference\n\n### Field Types and Values\n\n- **TEXT**: Contains free-form text input in the \u003cspan pulumi-lang-nodejs=\"`value`\" pulumi-lang-dotnet=\"`Value`\" pulumi-lang-go=\"`value`\" pulumi-lang-python=\"`value`\" pulumi-lang-yaml=\"`value`\" pulumi-lang-java=\"`value`\"\u003e`value`\u003c/span\u003e attribute\n- **SELECT**: Contains single selection value in the \u003cspan pulumi-lang-nodejs=\"`value`\" pulumi-lang-dotnet=\"`Value`\" pulumi-lang-go=\"`value`\" pulumi-lang-python=\"`value`\" pulumi-lang-yaml=\"`value`\" pulumi-lang-java=\"`value`\"\u003e`value`\u003c/span\u003e attribute\n- **MULTISELECT**: Contains multiple selection values in the \u003cspan pulumi-lang-nodejs=\"`values`\" pulumi-lang-dotnet=\"`Values`\" pulumi-lang-go=\"`values`\" pulumi-lang-python=\"`values`\" pulumi-lang-yaml=\"`values`\" pulumi-lang-java=\"`values`\"\u003e`values`\u003c/span\u003e attribute (list)\n- **DURATION**: Contains time duration specification in the \u003cspan pulumi-lang-nodejs=\"`value`\" pulumi-lang-dotnet=\"`Value`\" pulumi-lang-go=\"`value`\" pulumi-lang-python=\"`value`\" pulumi-lang-yaml=\"`value`\" pulumi-lang-java=\"`value`\"\u003e`value`\u003c/span\u003e attribute (e.g., \"5 days\", \"2 weeks\")\n- **ISO_DATE**: Contains date specification in ISO format in the \u003cspan pulumi-lang-nodejs=\"`value`\" pulumi-lang-dotnet=\"`Value`\" pulumi-lang-go=\"`value`\" pulumi-lang-python=\"`value`\" pulumi-lang-yaml=\"`value`\" pulumi-lang-java=\"`value`\"\u003e`value`\u003c/span\u003e attribute\n- **OKTA_USER_ID**: Contains Okta user ID in the \u003cspan pulumi-lang-nodejs=\"`value`\" pulumi-lang-dotnet=\"`Value`\" pulumi-lang-go=\"`value`\" pulumi-lang-python=\"`value`\" pulumi-lang-yaml=\"`value`\" pulumi-lang-java=\"`value`\"\u003e`value`\u003c/span\u003e attribute\n\n### Usage Notes\n\n- For `MULTISELECT` type fields, the values will be in the \u003cspan pulumi-lang-nodejs=\"`values`\" pulumi-lang-dotnet=\"`Values`\" pulumi-lang-go=\"`values`\" pulumi-lang-python=\"`values`\" pulumi-lang-yaml=\"`values`\" pulumi-lang-java=\"`values`\"\u003e`values`\u003c/span\u003e attribute as a list\n- For all other field types, the value will be in the \u003cspan pulumi-lang-nodejs=\"`value`\" pulumi-lang-dotnet=\"`Value`\" pulumi-lang-go=\"`value`\" pulumi-lang-python=\"`value`\" pulumi-lang-yaml=\"`value`\" pulumi-lang-java=\"`value`\"\u003e`value`\u003c/span\u003e attribute as a string\n- The \u003cspan pulumi-lang-nodejs=\"`label`\" pulumi-lang-dotnet=\"`Label`\" pulumi-lang-go=\"`label`\" pulumi-lang-python=\"`label`\" pulumi-lang-yaml=\"`label`\" pulumi-lang-java=\"`label`\"\u003e`label`\u003c/span\u003e and \u003cspan pulumi-lang-nodejs=\"`type`\" pulumi-lang-dotnet=\"`Type`\" pulumi-lang-go=\"`type`\" pulumi-lang-python=\"`type`\" pulumi-lang-yaml=\"`type`\" pulumi-lang-java=\"`type`\"\u003e`type`\u003c/span\u003e attributes provide metadata about the field structure\n- Field definitions and requirements are determined by the approval system configuration\n\n## Limitations and Considerations\n\n1. **Read-Only**: This data source only retrieves existing request information and cannot modify requests.\n\n2. **Identity Governance Licensing**: This data source requires Okta Identity Governance licensing and proper configuration.\n\n3. **Request Lifecycle**: The data reflects the current state of the request in the approval workflow.\n\n4. **Field Structure**: The field structure and available types depend on the approval system configuration in Okta Identity Governance.\n","inputs":{"description":"A collection of arguments for invoking getEndUserMyRequests.\n","properties":{"entryId":{"type":"string","description":"The ID of the catalog entry for which the request was made.\n"},"id":{"type":"string","description":"The ID of the request to retrieve.\n"},"requested":{"$ref":"#/types/okta:index/getEndUserMyRequestsRequested:getEndUserMyRequestsRequested"},"requestedBy":{"$ref":"#/types/okta:index/getEndUserMyRequestsRequestedBy:getEndUserMyRequestsRequestedBy"},"requestedFor":{"$ref":"#/types/okta:index/getEndUserMyRequestsRequestedFor:getEndUserMyRequestsRequestedFor"},"requesterFieldValues":{"type":"array","items":{"$ref":"#/types/okta:index/getEndUserMyRequestsRequesterFieldValue:getEndUserMyRequestsRequesterFieldValue"},"description":"The requester input fields and their values from the request.\n"},"riskAssessment":{"$ref":"#/types/okta:index/getEndUserMyRequestsRiskAssessment:getEndUserMyRequestsRiskAssessment"}},"type":"object","required":["entryId","id"]},"outputs":{"description":"A collection of values returned by getEndUserMyRequests.\n","properties":{"accessDuration":{"type":"string"},"created":{"type":"string"},"createdBy":{"type":"string"},"entryId":{"description":"The ID of the catalog entry for which the request was made.\n","type":"string"},"grantStatus":{"type":"string"},"granted":{"type":"string"},"id":{"description":"The ID of the request to retrieve.\n","type":"string"},"lastUpdated":{"type":"string"},"lastUpdatedBy":{"type":"string"},"requested":{"$ref":"#/types/okta:index/getEndUserMyRequestsRequested:getEndUserMyRequestsRequested"},"requestedBy":{"$ref":"#/types/okta:index/getEndUserMyRequestsRequestedBy:getEndUserMyRequestsRequestedBy"},"requestedFor":{"$ref":"#/types/okta:index/getEndUserMyRequestsRequestedFor:getEndUserMyRequestsRequestedFor"},"requesterFieldValues":{"description":"The requester input fields and their values from the request.\n","items":{"$ref":"#/types/okta:index/getEndUserMyRequestsRequesterFieldValue:getEndUserMyRequestsRequesterFieldValue"},"type":"array"},"resolved":{"type":"string"},"revocationScheduled":{"type":"string"},"revocationStatus":{"type":"string"},"revoked":{"type":"string"},"riskAssessment":{"$ref":"#/types/okta:index/getEndUserMyRequestsRiskAssessment:getEndUserMyRequestsRiskAssessment"},"status":{"description":"The current status of the request. Possible values include: `APPROVED`, `CANCELED`, `DENIED`, `EXPIRED`, `PENDING`, `REJECTED`, `SUBMITTED`\n","type":"string"}},"required":["accessDuration","created","createdBy","entryId","grantStatus","granted","id","lastUpdated","lastUpdatedBy","resolved","revocationScheduled","revocationStatus","revoked","status"],"type":"object"}},"okta:index/getEntitlement:getEntitlement":{"description":"Get the entitlement belonging to an Okta organization.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst test = okta.getEntitlement({\n    id: \"\u003centitlement id\u003e\",\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\ntest = okta.get_entitlement(id=\"\u003centitlement id\u003e\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var test = Okta.GetEntitlement.Invoke(new()\n    {\n        Id = \"\u003centitlement id\u003e\",\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := okta.LookupEntitlement(ctx, \u0026okta.LookupEntitlementArgs{\n\t\t\tId: \"\u003centitlement id\u003e\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.OktaFunctions;\nimport com.pulumi.okta.inputs.GetEntitlementArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        final var test = OktaFunctions.getEntitlement(GetEntitlementArgs.builder()\n            .id(\"\u003centitlement id\u003e\")\n            .build());\n\n    }\n}\n```\n```yaml\nvariables:\n  test:\n    fn::invoke:\n      function: okta:getEntitlement\n      arguments:\n        id: \u003centitlement id\u003e\n```\n\u003c!--End PulumiCodeChooser --\u003e\n","inputs":{"description":"A collection of arguments for invoking getEntitlement.\n","properties":{"id":{"type":"string","description":"The ID of this resource.\n"},"parent":{"$ref":"#/types/okta:index/getEntitlementParent:getEntitlementParent"},"values":{"type":"array","items":{"$ref":"#/types/okta:index/getEntitlementValue:getEntitlementValue"}}},"type":"object","required":["id"]},"outputs":{"description":"A collection of values returned by getEntitlement.\n","properties":{"dataType":{"type":"string"},"externalValue":{"type":"string"},"id":{"description":"The ID of this resource.\n","type":"string"},"multiValue":{"type":"boolean"},"name":{"type":"string"},"parent":{"$ref":"#/types/okta:index/getEntitlementParent:getEntitlementParent"},"parentResourceOrn":{"type":"string"},"values":{"items":{"$ref":"#/types/okta:index/getEntitlementValue:getEntitlementValue"},"type":"array"}},"required":["dataType","externalValue","id","multiValue","name","parentResourceOrn"],"type":"object"}},"okta:index/getEntitlementBundle:getEntitlementBundle":{"description":"Get the entitlement bundle for the given id.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst test = okta.getEntitlementBundle({\n    id: \"\u003centitlement_bundle id\u003e\",\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\ntest = okta.get_entitlement_bundle(id=\"\u003centitlement_bundle id\u003e\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var test = Okta.GetEntitlementBundle.Invoke(new()\n    {\n        Id = \"\u003centitlement_bundle id\u003e\",\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := okta.LookupEntitlementBundle(ctx, \u0026okta.LookupEntitlementBundleArgs{\n\t\t\tId: \"\u003centitlement_bundle id\u003e\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.OktaFunctions;\nimport com.pulumi.okta.inputs.GetEntitlementBundleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        final var test = OktaFunctions.getEntitlementBundle(GetEntitlementBundleArgs.builder()\n            .id(\"\u003centitlement_bundle id\u003e\")\n            .build());\n\n    }\n}\n```\n```yaml\nvariables:\n  test:\n    fn::invoke:\n      function: okta:getEntitlementBundle\n      arguments:\n        id: \u003centitlement_bundle id\u003e\n```\n\u003c!--End PulumiCodeChooser --\u003e\n","inputs":{"description":"A collection of arguments for invoking getEntitlementBundle.\n","properties":{"entitlements":{"type":"array","items":{"$ref":"#/types/okta:index/getEntitlementBundleEntitlement:getEntitlementBundleEntitlement"},"description":"List of entitlements in the bundle\n"},"id":{"type":"string","description":"The ID of this resource.\n"},"target":{"$ref":"#/types/okta:index/getEntitlementBundleTarget:getEntitlementBundleTarget","description":"Representation of a resource\n"}},"type":"object","required":["id"]},"outputs":{"description":"A collection of values returned by getEntitlementBundle.\n","properties":{"created":{"description":"The created timestamp of this resource.\n","type":"string"},"createdBy":{"description":"The ID of the user that created this resource.\n","type":"string"},"description":{"description":"The description of an entitlement property.\n","type":"string"},"entitlements":{"description":"List of entitlements in the bundle\n","items":{"$ref":"#/types/okta:index/getEntitlementBundleEntitlement:getEntitlementBundleEntitlement"},"type":"array"},"id":{"description":"The ID of this resource.\n","type":"string"},"lastUpdated":{"description":"The last updated timestamp of this resource.\n","type":"string"},"lastUpdatedBy":{"description":"The ID of the user that last updated this resource.\n","type":"string"},"name":{"description":"The display name for an entitlement bundle.\n","type":"string"},"status":{"description":"The status of the entitlement bundle.\n","type":"string"},"target":{"$ref":"#/types/okta:index/getEntitlementBundleTarget:getEntitlementBundleTarget","description":"Representation of a resource\n"},"targetResourceOrn":{"description":"The ORN of the target resource. Required when updating the entitlement bundle.\n","type":"string"}},"required":["created","createdBy","description","id","lastUpdated","lastUpdatedBy","name","status","targetResourceOrn"],"type":"object"}},"okta:index/getFeatures:getFeatures":{"description":"Get a list of features from Okta.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst example = okta.getFeatures({\n    label: \"Android Device Trust\",\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\nexample = okta.get_features(label=\"Android Device Trust\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var example = Okta.GetFeatures.Invoke(new()\n    {\n        Label = \"Android Device Trust\",\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := okta.GetFeatures(ctx, \u0026okta.GetFeaturesArgs{\n\t\t\tLabel: pulumi.StringRef(\"Android Device Trust\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.OktaFunctions;\nimport com.pulumi.okta.inputs.GetFeaturesArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        final var example = OktaFunctions.getFeatures(GetFeaturesArgs.builder()\n            .label(\"Android Device Trust\")\n            .build());\n\n    }\n}\n```\n```yaml\nvariables:\n  example:\n    fn::invoke:\n      function: okta:getFeatures\n      arguments:\n        label: Android Device Trust\n```\n\u003c!--End PulumiCodeChooser --\u003e\n","inputs":{"description":"A collection of arguments for invoking getFeatures.\n","properties":{"label":{"type":"string","description":"Searches for features whose label or name property matches this value exactly. Case sensitive\n"},"substring":{"type":"string","description":"Searches for features whose label or name property substring match this value. Case sensitive\n"}},"type":"object"},"outputs":{"description":"A collection of values returned by getFeatures.\n","properties":{"features":{"description":"List of \u003cspan pulumi-lang-nodejs=\"`okta.Feature`\" pulumi-lang-dotnet=\"`okta.Feature`\" pulumi-lang-go=\"`Feature`\" pulumi-lang-python=\"`Feature`\" pulumi-lang-yaml=\"`okta.Feature`\" pulumi-lang-java=\"`okta.Feature`\"\u003e`okta.Feature`\u003c/span\u003e belonging to the organization\n","items":{"$ref":"#/types/okta:index/getFeaturesFeature:getFeaturesFeature"},"type":"array"},"id":{"description":"Generated ID\n","type":"string"},"label":{"description":"Searches for features whose label or name property matches this value exactly. Case sensitive\n","type":"string"},"substring":{"description":"Searches for features whose label or name property substring match this value. Case sensitive\n","type":"string"}},"required":["features","id"],"type":"object"}},"okta:index/getGroups:getGroups":{"description":"Get a list of groups from Okta.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst example = okta.getGroups({\n    q: \"Engineering - \",\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\nexample = okta.get_groups(q=\"Engineering - \")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var example = Okta.GetGroups.Invoke(new()\n    {\n        Q = \"Engineering - \",\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := okta.GetGroups(ctx, \u0026okta.GetGroupsArgs{\n\t\t\tQ: pulumi.StringRef(\"Engineering - \"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.OktaFunctions;\nimport com.pulumi.okta.inputs.GetGroupsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        final var example = OktaFunctions.getGroups(GetGroupsArgs.builder()\n            .q(\"Engineering - \")\n            .build());\n\n    }\n}\n```\n```yaml\nvariables:\n  example:\n    fn::invoke:\n      function: okta:getGroups\n      arguments:\n        q: 'Engineering - '\n```\n\u003c!--End PulumiCodeChooser --\u003e\n","inputs":{"description":"A collection of arguments for invoking getGroups.\n","properties":{"limit":{"type":"integer","description":"The maximum number of groups returned by the Okta API, between 1 and 10000.\n"},"q":{"type":"string","description":"Searches the name property of groups for matching value\n"},"search":{"type":"string","description":"Searches for groups with a supported filtering expression for all attributes except for '*embedded', '*links', and 'objectClass'\n"},"type":{"type":"string"}},"type":"object"},"outputs":{"description":"A collection of values returned by getGroups.\n","properties":{"groups":{"items":{"$ref":"#/types/okta:index/getGroupsGroup:getGroupsGroup"},"type":"array"},"id":{"description":"The provider-assigned unique ID for this managed resource.","type":"string"},"limit":{"description":"The maximum number of groups returned by the Okta API, between 1 and 10000.\n","type":"integer"},"q":{"description":"Searches the name property of groups for matching value\n","type":"string"},"search":{"description":"Searches for groups with a supported filtering expression for all attributes except for '*embedded', '*links', and 'objectClass'\n","type":"string"},"type":{"type":"string"}},"required":["groups","id"],"type":"object"}},"okta:index/getHookKey:getHookKey":{"description":"Use Key Management to create and manage JSON Web Keys (JWKS) that support OAuth 2.0 client authentication. The key is composed of a public and private key pair. The private key signs the JSON Web Token (JWT) and the public key validates it on the client side.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\n// Get hook key by ID\nconst example = okta.getHookKey({\n    id: \"abcdefghij0123456789\",\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\n# Get hook key by ID\nexample = okta.get_hook_key(id=\"abcdefghij0123456789\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    // Get hook key by ID\n    var example = Okta.GetHookKey.Invoke(new()\n    {\n        Id = \"abcdefghij0123456789\",\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t// Get hook key by ID\n\t\t_, err := okta.LookupHookKey(ctx, \u0026okta.LookupHookKeyArgs{\n\t\t\tId: \"abcdefghij0123456789\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.OktaFunctions;\nimport com.pulumi.okta.inputs.GetHookKeyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        // Get hook key by ID\n        final var example = OktaFunctions.getHookKey(GetHookKeyArgs.builder()\n            .id(\"abcdefghij0123456789\")\n            .build());\n\n    }\n}\n```\n```yaml\nvariables:\n  # Get hook key by ID\n  example:\n    fn::invoke:\n      function: okta:getHookKey\n      arguments:\n        id: abcdefghij0123456789\n```\n\u003c!--End PulumiCodeChooser --\u003e\n","inputs":{"description":"A collection of arguments for invoking getHookKey.\n","properties":{"id":{"type":"string","description":"The unique identifier of the Hook Key.\n"}},"type":"object","required":["id"]},"outputs":{"description":"A collection of values returned by getHookKey.\n","properties":{"created":{"description":"The date and time the Hook Key was created.\n","type":"string"},"id":{"description":"The unique identifier of the Hook Key.\n","type":"string"},"isUsed":{"description":"Whether the Hook Key is currently being used.\n","type":"boolean"},"keyId":{"description":"The alias of the public key that can be used to retrieve the public key data.\n","type":"string"},"lastUpdated":{"description":"The date and time the Hook Key was last updated.\n","type":"string"},"name":{"type":"string"}},"required":["created","id","isUsed","keyId","lastUpdated","name"],"type":"object"}},"okta:index/getLogStream:getLogStream":{"description":"Log Streams\n","inputs":{"description":"A collection of arguments for invoking getLogStream.\n","properties":{"id":{"type":"string","description":"ID of the log stream to retrieve, conflicts with \u003cspan pulumi-lang-nodejs=\"`name`\" pulumi-lang-dotnet=\"`Name`\" pulumi-lang-go=\"`name`\" pulumi-lang-python=\"`name`\" pulumi-lang-yaml=\"`name`\" pulumi-lang-java=\"`name`\"\u003e`name`\u003c/span\u003e.\n"},"name":{"type":"string","description":"Unique name for the Log Stream object, conflicts with \u003cspan pulumi-lang-nodejs=\"`id`\" pulumi-lang-dotnet=\"`Id`\" pulumi-lang-go=\"`id`\" pulumi-lang-python=\"`id`\" pulumi-lang-yaml=\"`id`\" pulumi-lang-java=\"`id`\"\u003e`id`\u003c/span\u003e.\n"},"settings":{"$ref":"#/types/okta:index/getLogStreamSettings:getLogStreamSettings"}},"type":"object"},"outputs":{"description":"A collection of values returned by getLogStream.\n","properties":{"id":{"description":"ID of the log stream to retrieve, conflicts with \u003cspan pulumi-lang-nodejs=\"`name`\" pulumi-lang-dotnet=\"`Name`\" pulumi-lang-go=\"`name`\" pulumi-lang-python=\"`name`\" pulumi-lang-yaml=\"`name`\" pulumi-lang-java=\"`name`\"\u003e`name`\u003c/span\u003e.\n","type":"string"},"name":{"description":"Unique name for the Log Stream object, conflicts with \u003cspan pulumi-lang-nodejs=\"`id`\" pulumi-lang-dotnet=\"`Id`\" pulumi-lang-go=\"`id`\" pulumi-lang-python=\"`id`\" pulumi-lang-yaml=\"`id`\" pulumi-lang-java=\"`id`\"\u003e`id`\u003c/span\u003e.\n","type":"string"},"settings":{"$ref":"#/types/okta:index/getLogStreamSettings:getLogStreamSettings"},"status":{"description":"Log Stream Status - can either be ACTIVE or INACTIVE only\n","type":"string"},"type":{"description":"Streaming provider used - aws*eventbridge or splunk*cloud_logstreaming\n","type":"string"}},"required":["status","type"],"type":"object"}},"okta:index/getNetworkZone:getNetworkZone":{"description":"Gets Okta Network Zone.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst example = okta.getNetworkZone({\n    name: \"Block Antarctica\",\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\nexample = okta.get_network_zone(name=\"Block Antarctica\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var example = Okta.GetNetworkZone.Invoke(new()\n    {\n        Name = \"Block Antarctica\",\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := okta.GetNetworkZone(ctx, \u0026okta.GetNetworkZoneArgs{\n\t\t\tName: pulumi.StringRef(\"Block Antarctica\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.OktaFunctions;\nimport com.pulumi.okta.inputs.GetNetworkZoneArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        final var example = OktaFunctions.getNetworkZone(GetNetworkZoneArgs.builder()\n            .name(\"Block Antarctica\")\n            .build());\n\n    }\n}\n```\n```yaml\nvariables:\n  example:\n    fn::invoke:\n      function: okta:getNetworkZone\n      arguments:\n        name: Block Antarctica\n```\n\u003c!--End PulumiCodeChooser --\u003e\n","inputs":{"description":"A collection of arguments for invoking getNetworkZone.\n","properties":{"dynamicLocationsExcludes":{"type":"array","items":{"type":"string"},"description":"Array of locations ISO-3166-1(2) excluded. Format code: countryCode OR countryCode-regionCode. Use with type `DYNAMIC_V2`\n"},"id":{"type":"string","description":"ID of the network zone to retrieve, conflicts with \u003cspan pulumi-lang-nodejs=\"`name`\" pulumi-lang-dotnet=\"`Name`\" pulumi-lang-go=\"`name`\" pulumi-lang-python=\"`name`\" pulumi-lang-yaml=\"`name`\" pulumi-lang-java=\"`name`\"\u003e`name`\u003c/span\u003e.\n"},"ipServiceCategoriesExcludes":{"type":"array","items":{"type":"string"},"description":"List of ip service excluded. Use with type `DYNAMIC_V2`\n"},"ipServiceCategoriesIncludes":{"type":"array","items":{"type":"string"},"description":"List of ip service included. Use with type `DYNAMIC_V2`\n"},"name":{"type":"string","description":"Name of the network zone to retrieve, conflicts with \u003cspan pulumi-lang-nodejs=\"`id`\" pulumi-lang-dotnet=\"`Id`\" pulumi-lang-go=\"`id`\" pulumi-lang-python=\"`id`\" pulumi-lang-yaml=\"`id`\" pulumi-lang-java=\"`id`\"\u003e`id`\u003c/span\u003e.\n"}},"type":"object"},"outputs":{"description":"A collection of values returned by getNetworkZone.\n","properties":{"asns":{"description":"List of asns included. Format of each array value: a string representation of an ASN numeric value. Use with type `DYNAMIC` or `DYNAMIC_V2`\n","items":{"type":"string"},"type":"array"},"dynamicLocations":{"description":"Array of locations ISO-3166-1(2) included. Format code: countryCode OR countryCode-regionCode. Use with type `DYNAMIC` or `DYNAMIC_V2`\n","items":{"type":"string"},"type":"array"},"dynamicLocationsExcludes":{"description":"Array of locations ISO-3166-1(2) excluded. Format code: countryCode OR countryCode-regionCode. Use with type `DYNAMIC_V2`\n","items":{"type":"string"},"type":"array"},"dynamicProxyType":{"description":"Type of proxy being controlled by this dynamic network zone - can be one of `Any`, `TorAnonymizer` or `NotTorAnonymizer`. Use with type `DYNAMIC`\n","type":"string"},"gateways":{"description":"Array of values in CIDR/range form depending on the way it's been declared (i.e. CIDR will contain /suffix). Please check API docs for examples. Use with type `IP`\n","items":{"type":"string"},"type":"array"},"id":{"description":"ID of the network zone to retrieve, conflicts with \u003cspan pulumi-lang-nodejs=\"`name`\" pulumi-lang-dotnet=\"`Name`\" pulumi-lang-go=\"`name`\" pulumi-lang-python=\"`name`\" pulumi-lang-yaml=\"`name`\" pulumi-lang-java=\"`name`\"\u003e`name`\u003c/span\u003e.\n","type":"string"},"ipServiceCategoriesExcludes":{"description":"List of ip service excluded. Use with type `DYNAMIC_V2`\n","items":{"type":"string"},"type":"array"},"ipServiceCategoriesIncludes":{"description":"List of ip service included. Use with type `DYNAMIC_V2`\n","items":{"type":"string"},"type":"array"},"name":{"description":"Name of the network zone to retrieve, conflicts with \u003cspan pulumi-lang-nodejs=\"`id`\" pulumi-lang-dotnet=\"`Id`\" pulumi-lang-go=\"`id`\" pulumi-lang-python=\"`id`\" pulumi-lang-yaml=\"`id`\" pulumi-lang-java=\"`id`\"\u003e`id`\u003c/span\u003e.\n","type":"string"},"proxies":{"description":"Array of values in CIDR/range form depending on the way it's been declared (i.e. CIDR will contain /suffix). Please check API docs for examples. Can not be set if \u003cspan pulumi-lang-nodejs=\"`usage`\" pulumi-lang-dotnet=\"`Usage`\" pulumi-lang-go=\"`usage`\" pulumi-lang-python=\"`usage`\" pulumi-lang-yaml=\"`usage`\" pulumi-lang-java=\"`usage`\"\u003e`usage`\u003c/span\u003e is set to `BLOCKLIST`. Use with type `IP`\n","items":{"type":"string"},"type":"array"},"status":{"description":"Network Status - can either be ACTIVE or INACTIVE only\n","type":"string"},"type":{"description":"Type of the Network Zone - can be `IP`, `DYNAMIC` or `DYNAMIC_V2` only\n","type":"string"},"usage":{"description":"Zone's purpose: POLICY or BLOCKLIST\n","type":"string"}},"required":["asns","dynamicLocations","dynamicProxyType","gateways","proxies","status","type","usage"],"type":"object"}},"okta:index/getOrgMetadata:getOrgMetadata":{"description":"Retrieves the well-known org metadata, which includes the id, configured custom domains, authentication pipeline, and various other org settings.\n","inputs":{"description":"A collection of arguments for invoking getOrgMetadata.\n","properties":{"domains":{"$ref":"#/types/okta:index/getOrgMetadataDomains:getOrgMetadataDomains","description":"The URIs for the org's configured domains.\n"},"settings":{"$ref":"#/types/okta:index/getOrgMetadataSettings:getOrgMetadataSettings","description":"The wellknown org settings (safe for public consumption).\n"}},"type":"object"},"outputs":{"description":"A collection of values returned by getOrgMetadata.\n","properties":{"domains":{"$ref":"#/types/okta:index/getOrgMetadataDomains:getOrgMetadataDomains","description":"The URIs for the org's configured domains.\n"},"id":{"description":"The unique identifier of the Org.\n","type":"string"},"pipeline":{"description":"The authentication pipeline of the org. idx means the org is using the Identity Engine, while v1 means the org is using the Classic authentication pipeline.\n","type":"string"},"settings":{"$ref":"#/types/okta:index/getOrgMetadataSettings:getOrgMetadataSettings","description":"The wellknown org settings (safe for public consumption).\n"}},"required":["id","pipeline"],"type":"object"}},"okta:index/getPrincipalEntitlements:getPrincipalEntitlements":{"description":"Get the entitlements for a user and resource after evaluating all grants.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst test = okta.getPrincipalEntitlements({\n    parent: {\n        externalId: \"\u003cresource_id\u003e\",\n        type: \"\u003cresource_type\u003e\",\n    },\n    targetPrincipal: {\n        externalId: \"\u003cprincipal_id\u003e\",\n        type: \"\u003cprincipal_type\u003e\",\n    },\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\ntest = okta.get_principal_entitlements(parent={\n        \"external_id\": \"\u003cresource_id\u003e\",\n        \"type\": \"\u003cresource_type\u003e\",\n    },\n    target_principal={\n        \"external_id\": \"\u003cprincipal_id\u003e\",\n        \"type\": \"\u003cprincipal_type\u003e\",\n    })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var test = Okta.GetPrincipalEntitlements.Invoke(new()\n    {\n        Parent = new Okta.Inputs.GetPrincipalEntitlementsParentInputArgs\n        {\n            ExternalId = \"\u003cresource_id\u003e\",\n            Type = \"\u003cresource_type\u003e\",\n        },\n        TargetPrincipal = new Okta.Inputs.GetPrincipalEntitlementsTargetPrincipalInputArgs\n        {\n            ExternalId = \"\u003cprincipal_id\u003e\",\n            Type = \"\u003cprincipal_type\u003e\",\n        },\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := okta.GetPrincipalEntitlements(ctx, \u0026okta.GetPrincipalEntitlementsArgs{\n\t\t\tParent: okta.GetPrincipalEntitlementsParent{\n\t\t\t\tExternalId: \"\u003cresource_id\u003e\",\n\t\t\t\tType:       \"\u003cresource_type\u003e\",\n\t\t\t},\n\t\t\tTargetPrincipal: okta.GetPrincipalEntitlementsTargetPrincipal{\n\t\t\t\tExternalId: \"\u003cprincipal_id\u003e\",\n\t\t\t\tType:       \"\u003cprincipal_type\u003e\",\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.OktaFunctions;\nimport com.pulumi.okta.inputs.GetPrincipalEntitlementsArgs;\nimport com.pulumi.okta.inputs.GetPrincipalEntitlementsParentArgs;\nimport com.pulumi.okta.inputs.GetPrincipalEntitlementsTargetPrincipalArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        final var test = OktaFunctions.getPrincipalEntitlements(GetPrincipalEntitlementsArgs.builder()\n            .parent(GetPrincipalEntitlementsParentArgs.builder()\n                .externalId(\"\u003cresource_id\u003e\")\n                .type(\"\u003cresource_type\u003e\")\n                .build())\n            .targetPrincipal(GetPrincipalEntitlementsTargetPrincipalArgs.builder()\n                .externalId(\"\u003cprincipal_id\u003e\")\n                .type(\"\u003cprincipal_type\u003e\")\n                .build())\n            .build());\n\n    }\n}\n```\n```yaml\nvariables:\n  test:\n    fn::invoke:\n      function: okta:getPrincipalEntitlements\n      arguments:\n        parent:\n          externalId: \u003cresource_id\u003e\n          type: \u003cresource_type\u003e\n        targetPrincipal:\n          externalId: \u003cprincipal_id\u003e\n          type: \u003cprincipal_type\u003e\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n\n## Required:\n\n- \u003cspan pulumi-lang-nodejs=\"`externalId`\" pulumi-lang-dotnet=\"`ExternalId`\" pulumi-lang-go=\"`externalId`\" pulumi-lang-python=\"`external_id`\" pulumi-lang-yaml=\"`externalId`\" pulumi-lang-java=\"`externalId`\"\u003e`external_id`\u003c/span\u003e (String) The Okta user's email address.\n- \u003cspan pulumi-lang-nodejs=\"`type`\" pulumi-lang-dotnet=\"`Type`\" pulumi-lang-go=\"`type`\" pulumi-lang-python=\"`type`\" pulumi-lang-yaml=\"`type`\" pulumi-lang-java=\"`type`\"\u003e`type`\u003c/span\u003e (String) The Okta user id.\n\n\u003ca id=\"nestedblock--target_principal\"\u003e\u003c/a\u003e\n### Nested Schema for \u003cspan pulumi-lang-nodejs=\"`targetPrincipal`\" pulumi-lang-dotnet=\"`TargetPrincipal`\" pulumi-lang-go=\"`targetPrincipal`\" pulumi-lang-python=\"`target_principal`\" pulumi-lang-yaml=\"`targetPrincipal`\" pulumi-lang-java=\"`targetPrincipal`\"\u003e`target_principal`\u003c/span\u003e\n## Required:\n\n- \u003cspan pulumi-lang-nodejs=\"`externalId`\" pulumi-lang-dotnet=\"`ExternalId`\" pulumi-lang-go=\"`externalId`\" pulumi-lang-python=\"`external_id`\" pulumi-lang-yaml=\"`externalId`\" pulumi-lang-java=\"`externalId`\"\u003e`external_id`\u003c/span\u003e (String) The Okta user id.\n- \u003cspan pulumi-lang-nodejs=\"`type`\" pulumi-lang-dotnet=\"`Type`\" pulumi-lang-go=\"`type`\" pulumi-lang-python=\"`type`\" pulumi-lang-yaml=\"`type`\" pulumi-lang-java=\"`type`\"\u003e`type`\u003c/span\u003e (String) The type of principal. Enum: `OKTA_USER`.\n\n\u003ca id=\"nestedblock--data\"\u003e\u003c/a\u003e\n### Nested Schema for \u003cspan pulumi-lang-nodejs=\"`data`\" pulumi-lang-dotnet=\"`Data`\" pulumi-lang-go=\"`data`\" pulumi-lang-python=\"`data`\" pulumi-lang-yaml=\"`data`\" pulumi-lang-java=\"`data`\"\u003e`data`\u003c/span\u003e\n## Required:\n\n- \u003cspan pulumi-lang-nodejs=\"`parent`\" pulumi-lang-dotnet=\"`Parent`\" pulumi-lang-go=\"`parent`\" pulumi-lang-python=\"`parent`\" pulumi-lang-yaml=\"`parent`\" pulumi-lang-java=\"`parent`\"\u003e`parent`\u003c/span\u003e (Object) Representation of a resource. (see below for nested schema)\n- \u003cspan pulumi-lang-nodejs=\"`targetPrincipal`\" pulumi-lang-dotnet=\"`TargetPrincipal`\" pulumi-lang-go=\"`targetPrincipal`\" pulumi-lang-python=\"`target_principal`\" pulumi-lang-yaml=\"`targetPrincipal`\" pulumi-lang-java=\"`targetPrincipal`\"\u003e`target_principal`\u003c/span\u003e (Object) Representation of a principal. (see below for nested schema)\n\n## Optional:\n\n- \u003cspan pulumi-lang-nodejs=\"`dataType`\" pulumi-lang-dotnet=\"`DataType`\" pulumi-lang-go=\"`dataType`\" pulumi-lang-python=\"`data_type`\" pulumi-lang-yaml=\"`dataType`\" pulumi-lang-java=\"`dataType`\"\u003e`data_type`\u003c/span\u003e (String) The data type of the entitlement property. Enum: \u003cspan pulumi-lang-nodejs=\"`array`\" pulumi-lang-dotnet=\"`Array`\" pulumi-lang-go=\"`array`\" pulumi-lang-python=\"`array`\" pulumi-lang-yaml=\"`array`\" pulumi-lang-java=\"`array`\"\u003e`array`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`string`\" pulumi-lang-dotnet=\"`String`\" pulumi-lang-go=\"`string`\" pulumi-lang-python=\"`string`\" pulumi-lang-yaml=\"`string`\" pulumi-lang-java=\"`string`\"\u003e`string`\u003c/span\u003e.\n- \u003cspan pulumi-lang-nodejs=\"`description`\" pulumi-lang-dotnet=\"`Description`\" pulumi-lang-go=\"`description`\" pulumi-lang-python=\"`description`\" pulumi-lang-yaml=\"`description`\" pulumi-lang-java=\"`description`\"\u003e`description`\u003c/span\u003e (String) The Okta user id.\n- \u003cspan pulumi-lang-nodejs=\"`externalValue`\" pulumi-lang-dotnet=\"`ExternalValue`\" pulumi-lang-go=\"`externalValue`\" pulumi-lang-python=\"`external_value`\" pulumi-lang-yaml=\"`externalValue`\" pulumi-lang-java=\"`externalValue`\"\u003e`external_value`\u003c/span\u003e (String) The type of principal. Enum: `OKTA_USER`.\n- \u003cspan pulumi-lang-nodejs=\"`id`\" pulumi-lang-dotnet=\"`Id`\" pulumi-lang-go=\"`id`\" pulumi-lang-python=\"`id`\" pulumi-lang-yaml=\"`id`\" pulumi-lang-java=\"`id`\"\u003e`id`\u003c/span\u003e (String) The unique identifier of the entitlement.\n- \u003cspan pulumi-lang-nodejs=\"`multiValue`\" pulumi-lang-dotnet=\"`MultiValue`\" pulumi-lang-go=\"`multiValue`\" pulumi-lang-python=\"`multi_value`\" pulumi-lang-yaml=\"`multiValue`\" pulumi-lang-java=\"`multiValue`\"\u003e`multi_value`\u003c/span\u003e (Boolean) Indicates if the entitlement is multi-valued.\n- \u003cspan pulumi-lang-nodejs=\"`name`\" pulumi-lang-dotnet=\"`Name`\" pulumi-lang-go=\"`name`\" pulumi-lang-python=\"`name`\" pulumi-lang-yaml=\"`name`\" pulumi-lang-java=\"`name`\"\u003e`name`\u003c/span\u003e (String) The name of the entitlement.\n- \u003cspan pulumi-lang-nodejs=\"`parentResourceOrn`\" pulumi-lang-dotnet=\"`ParentResourceOrn`\" pulumi-lang-go=\"`parentResourceOrn`\" pulumi-lang-python=\"`parent_resource_orn`\" pulumi-lang-yaml=\"`parentResourceOrn`\" pulumi-lang-java=\"`parentResourceOrn`\"\u003e`parent_resource_orn`\u003c/span\u003e (String) The Okta app instance, in ORN format.\n- \u003cspan pulumi-lang-nodejs=\"`required`\" pulumi-lang-dotnet=\"`Required`\" pulumi-lang-go=\"`required`\" pulumi-lang-python=\"`required`\" pulumi-lang-yaml=\"`required`\" pulumi-lang-java=\"`required`\"\u003e`required`\u003c/span\u003e (Boolean) Indicates if the entitlement is required.\n- \u003cspan pulumi-lang-nodejs=\"`targetPrincipalOrn`\" pulumi-lang-dotnet=\"`TargetPrincipalOrn`\" pulumi-lang-go=\"`targetPrincipalOrn`\" pulumi-lang-python=\"`target_principal_orn`\" pulumi-lang-yaml=\"`targetPrincipalOrn`\" pulumi-lang-java=\"`targetPrincipalOrn`\"\u003e`target_principal_orn`\u003c/span\u003e (String) The Okta user id, in ORN format.\n- \u003cspan pulumi-lang-nodejs=\"`values`\" pulumi-lang-dotnet=\"`Values`\" pulumi-lang-go=\"`values`\" pulumi-lang-python=\"`values`\" pulumi-lang-yaml=\"`values`\" pulumi-lang-java=\"`values`\"\u003e`values`\u003c/span\u003e (List of Objects) The values of the entitlement. (see below for nested schema)\n\n\n\u003ca id=\"nestedblock--values\"\u003e\u003c/a\u003e\n### Nested Schema for \u003cspan pulumi-lang-nodejs=\"`values`\" pulumi-lang-dotnet=\"`Values`\" pulumi-lang-go=\"`values`\" pulumi-lang-python=\"`values`\" pulumi-lang-yaml=\"`values`\" pulumi-lang-java=\"`values`\"\u003e`values`\u003c/span\u003e\n- \u003cspan pulumi-lang-nodejs=\"`description`\" pulumi-lang-dotnet=\"`Description`\" pulumi-lang-go=\"`description`\" pulumi-lang-python=\"`description`\" pulumi-lang-yaml=\"`description`\" pulumi-lang-java=\"`description`\"\u003e`description`\u003c/span\u003e (String) The description of the value.\n- \u003cspan pulumi-lang-nodejs=\"`externalId`\" pulumi-lang-dotnet=\"`ExternalId`\" pulumi-lang-go=\"`externalId`\" pulumi-lang-python=\"`external_id`\" pulumi-lang-yaml=\"`externalId`\" pulumi-lang-java=\"`externalId`\"\u003e`external_id`\u003c/span\u003e (String) The external ID of the value.\n- \u003cspan pulumi-lang-nodejs=\"`externalValue`\" pulumi-lang-dotnet=\"`ExternalValue`\" pulumi-lang-go=\"`externalValue`\" pulumi-lang-python=\"`external_value`\" pulumi-lang-yaml=\"`externalValue`\" pulumi-lang-java=\"`externalValue`\"\u003e`external_value`\u003c/span\u003e (String) The value of an entitlement property value.\n- \u003cspan pulumi-lang-nodejs=\"`id`\" pulumi-lang-dotnet=\"`Id`\" pulumi-lang-go=\"`id`\" pulumi-lang-python=\"`id`\" pulumi-lang-yaml=\"`id`\" pulumi-lang-java=\"`id`\"\u003e`id`\u003c/span\u003e (String) The unique identifier of the value.\n- \u003cspan pulumi-lang-nodejs=\"`name`\" pulumi-lang-dotnet=\"`Name`\" pulumi-lang-go=\"`name`\" pulumi-lang-python=\"`name`\" pulumi-lang-yaml=\"`name`\" pulumi-lang-java=\"`name`\"\u003e`name`\u003c/span\u003e (String) The name of the value.\n","inputs":{"description":"A collection of arguments for invoking getPrincipalEntitlements.\n","properties":{"datas":{"type":"array","items":{"$ref":"#/types/okta:index/getPrincipalEntitlementsData:getPrincipalEntitlementsData"},"description":"Principal entitlements list.\n"},"parent":{"$ref":"#/types/okta:index/getPrincipalEntitlementsParent:getPrincipalEntitlementsParent","description":"Representation of a resource.\n"},"targetPrincipal":{"$ref":"#/types/okta:index/getPrincipalEntitlementsTargetPrincipal:getPrincipalEntitlementsTargetPrincipal","description":"Representation of a principal.\n"}},"type":"object"},"outputs":{"description":"A collection of values returned by getPrincipalEntitlements.\n","properties":{"datas":{"description":"Principal entitlements list.\n","items":{"$ref":"#/types/okta:index/getPrincipalEntitlementsData:getPrincipalEntitlementsData"},"type":"array"},"id":{"type":"string"},"parent":{"$ref":"#/types/okta:index/getPrincipalEntitlementsParent:getPrincipalEntitlementsParent","description":"Representation of a resource.\n"},"targetPrincipal":{"$ref":"#/types/okta:index/getPrincipalEntitlementsTargetPrincipal:getPrincipalEntitlementsTargetPrincipal","description":"Representation of a principal.\n"}},"required":["id"],"type":"object"}},"okta:index/getPrincipalRateLimits:getPrincipalRateLimits":{"description":"Get the entitlements for a user and resource after evaluating all grants.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst example = okta.getPrincipalRateLimits({\n    id: \"\u003cprincipal_rate_limit_id\u003e\",\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\nexample = okta.get_principal_rate_limits(id=\"\u003cprincipal_rate_limit_id\u003e\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var example = Okta.GetPrincipalRateLimits.Invoke(new()\n    {\n        Id = \"\u003cprincipal_rate_limit_id\u003e\",\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := okta.LookupPrincipalRateLimits(ctx, \u0026okta.LookupPrincipalRateLimitsArgs{\n\t\t\tId: \"\u003cprincipal_rate_limit_id\u003e\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.OktaFunctions;\nimport com.pulumi.okta.inputs.GetPrincipalRateLimitsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        final var example = OktaFunctions.getPrincipalRateLimits(GetPrincipalRateLimitsArgs.builder()\n            .id(\"\u003cprincipal_rate_limit_id\u003e\")\n            .build());\n\n    }\n}\n```\n```yaml\nvariables:\n  example:\n    fn::invoke:\n      function: okta:getPrincipalRateLimits\n      arguments:\n        id: \u003cprincipal_rate_limit_id\u003e\n```\n\u003c!--End PulumiCodeChooser --\u003e\n","inputs":{"description":"A collection of arguments for invoking getPrincipalRateLimits.\n","properties":{"id":{"type":"string","description":"The unique identifier of the principle rate limit entity.\n"}},"type":"object","required":["id"]},"outputs":{"description":"A collection of values returned by getPrincipalRateLimits.\n","properties":{"createdBy":{"description":"The ID of the user who created the principal rate limit.\n","type":"string"},"createdDate":{"description":"The date and time when the principal rate limit was created.\n","type":"string"},"defaultConcurrencyPercentage":{"description":"The default concurrency percentage for the principal rate limit.\n","type":"integer"},"defaultPercentage":{"description":"The default percentage for the principal rate limit.\n","type":"integer"},"id":{"description":"The unique identifier of the principle rate limit entity.\n","type":"string"},"lastUpdate":{"type":"string"},"lastUpdatedBy":{"description":"The ID of the user who last updated the principal rate limit.\n","type":"string"},"orgId":{"description":"The unique identifier of the Okta organization.\n","type":"string"},"principalId":{"description":"The unique identifier of the principal. This is the ID of the API token or OAuth 2.0 app.\n","type":"string"},"principalType":{"description":"The type of principal, either an API token or an OAuth 2.0 app.\n","type":"string"}},"required":["createdBy","createdDate","defaultConcurrencyPercentage","defaultPercentage","id","lastUpdate","lastUpdatedBy","orgId","principalId","principalType"],"type":"object"}},"okta:index/getPushProvider:getPushProvider":{"description":"Retrieves information about an Okta Push Provider configuration. This data source allows you to fetch details about existing push providers for Apple Push Notification Service (APNS) and Firebase Cloud Messaging (FCM).\n\n## Example Usage\n\n### Retrieve an APNS Push Provider\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst apnsExample = okta.getPushProvider({\n    id: \"ppc1234567890abcdef\",\n});\nexport const apnsProviderName = apnsExample.then(apnsExample =\u003e apnsExample.name);\nexport const apnsKeyId = apnsExample.then(apnsExample =\u003e apnsExample.configuration?.apnsConfiguration?.keyId);\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\napns_example = okta.get_push_provider(id=\"ppc1234567890abcdef\")\npulumi.export(\"apnsProviderName\", apns_example.name)\npulumi.export(\"apnsKeyId\", apns_example.configuration.apns_configuration.key_id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var apnsExample = Okta.GetPushProvider.Invoke(new()\n    {\n        Id = \"ppc1234567890abcdef\",\n    });\n\n    return new Dictionary\u003cstring, object?\u003e\n    {\n        [\"apnsProviderName\"] = apnsExample.Apply(getPushProviderResult =\u003e getPushProviderResult.Name),\n        [\"apnsKeyId\"] = apnsExample.Apply(getPushProviderResult =\u003e getPushProviderResult.Configuration?.ApnsConfiguration?.KeyId),\n    };\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tapnsExample, err := okta.LookupPushProvider(ctx, \u0026okta.LookupPushProviderArgs{\n\t\t\tId: \"ppc1234567890abcdef\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tctx.Export(\"apnsProviderName\", apnsExample.Name)\n\t\tctx.Export(\"apnsKeyId\", apnsExample.Configuration.ApnsConfiguration.KeyId)\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.OktaFunctions;\nimport com.pulumi.okta.inputs.GetPushProviderArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        final var apnsExample = OktaFunctions.getPushProvider(GetPushProviderArgs.builder()\n            .id(\"ppc1234567890abcdef\")\n            .build());\n\n        ctx.export(\"apnsProviderName\", apnsExample.name());\n        ctx.export(\"apnsKeyId\", apnsExample.configuration().apnsConfiguration().keyId());\n    }\n}\n```\n```yaml\nvariables:\n  apnsExample:\n    fn::invoke:\n      function: okta:getPushProvider\n      arguments:\n        id: ppc1234567890abcdef\noutputs:\n  # Use the retrieved data\n  apnsProviderName: ${apnsExample.name}\n  apnsKeyId: ${apnsExample.configuration.apnsConfiguration.keyId}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Retrieve an FCM Push Provider\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst fcmExample = okta.getPushProvider({\n    id: \"ppc0987654321fedcba\",\n});\nexport const fcmProviderName = fcmExample.then(fcmExample =\u003e fcmExample.name);\nexport const fcmProjectId = fcmExample.then(fcmExample =\u003e fcmExample.configuration?.fcmConfiguration?.serviceAccountJson?.projectId);\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\nfcm_example = okta.get_push_provider(id=\"ppc0987654321fedcba\")\npulumi.export(\"fcmProviderName\", fcm_example.name)\npulumi.export(\"fcmProjectId\", fcm_example.configuration.fcm_configuration.service_account_json.project_id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var fcmExample = Okta.GetPushProvider.Invoke(new()\n    {\n        Id = \"ppc0987654321fedcba\",\n    });\n\n    return new Dictionary\u003cstring, object?\u003e\n    {\n        [\"fcmProviderName\"] = fcmExample.Apply(getPushProviderResult =\u003e getPushProviderResult.Name),\n        [\"fcmProjectId\"] = fcmExample.Apply(getPushProviderResult =\u003e getPushProviderResult.Configuration?.FcmConfiguration?.ServiceAccountJson?.ProjectId),\n    };\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tfcmExample, err := okta.LookupPushProvider(ctx, \u0026okta.LookupPushProviderArgs{\n\t\t\tId: \"ppc0987654321fedcba\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tctx.Export(\"fcmProviderName\", fcmExample.Name)\n\t\tctx.Export(\"fcmProjectId\", fcmExample.Configuration.FcmConfiguration.ServiceAccountJson.ProjectId)\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.OktaFunctions;\nimport com.pulumi.okta.inputs.GetPushProviderArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        final var fcmExample = OktaFunctions.getPushProvider(GetPushProviderArgs.builder()\n            .id(\"ppc0987654321fedcba\")\n            .build());\n\n        ctx.export(\"fcmProviderName\", fcmExample.name());\n        ctx.export(\"fcmProjectId\", fcmExample.configuration().fcmConfiguration().serviceAccountJson().projectId());\n    }\n}\n```\n```yaml\nvariables:\n  fcmExample:\n    fn::invoke:\n      function: okta:getPushProvider\n      arguments:\n        id: ppc0987654321fedcba\noutputs:\n  # Use the retrieved data\n  fcmProviderName: ${fcmExample.name}\n  fcmProjectId: ${fcmExample.configuration.fcmConfiguration.serviceAccountJson.projectId}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n","inputs":{"description":"A collection of arguments for invoking getPushProvider.\n","properties":{"configuration":{"$ref":"#/types/okta:index/getPushProviderConfiguration:getPushProviderConfiguration","description":"Configuration details for the push provider. The structure depends on the provider type.\n"},"id":{"type":"string","description":"The unique identifier of the push provider to retrieve.\n"}},"type":"object","required":["id"]},"outputs":{"description":"A collection of values returned by getPushProvider.\n","properties":{"configuration":{"$ref":"#/types/okta:index/getPushProviderConfiguration:getPushProviderConfiguration","description":"Configuration details for the push provider. The structure depends on the provider type.\n"},"id":{"description":"The unique identifier of the push provider to retrieve.\n","type":"string"},"lastUpdatedDate":{"description":"Timestamp when the push provider was last modified.\n","type":"string"},"name":{"description":"The display name of the push provider.\n","type":"string"},"providerType":{"description":"The type of push provider. Values are `APNS` (Apple Push Notification Service) or `FCM` (Firebase Cloud Messaging).\n","type":"string"}},"required":["id","lastUpdatedDate","name","providerType"],"type":"object"}},"okta:index/getRateLimitAdminNotificationSettings:getRateLimitAdminNotificationSettings":{"description":"Retrieves the currently configured Rate Limit Admin Notification Settings\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst example = okta.getRateLimitAdminNotificationSettings({});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\nexample = okta.get_rate_limit_admin_notification_settings()\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var example = Okta.GetRateLimitAdminNotificationSettings.Invoke();\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := okta.LookupRateLimitAdminNotificationSettings(ctx, map[string]interface{}{}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.OktaFunctions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        final var example = OktaFunctions.getRateLimitAdminNotificationSettings(%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference);\n\n    }\n}\n```\n```yaml\nvariables:\n  example:\n    fn::invoke:\n      function: okta:getRateLimitAdminNotificationSettings\n      arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n","outputs":{"description":"A collection of values returned by getRateLimitAdminNotificationSettings.\n","properties":{"id":{"description":"The unique identifier of the principal. This is the ID of the API token or OAuth 2.0 app.\n","type":"string"},"notificationsEnabled":{"description":"Enables or disables admin notifications for rate limiting events.\n","type":"boolean"}},"required":["id","notificationsEnabled"],"type":"object"}},"okta:index/getRateLimitWarningThresholdPercentage:getRateLimitWarningThresholdPercentage":{"description":"Manages principal rate limits.\nPrincipal Rate Limits provides operations to manage Principal Rate Limits for your organization.\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst example = okta.getRateLimitWarningThresholdPercentage({});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\nexample = okta.get_rate_limit_warning_threshold_percentage()\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var example = Okta.GetRateLimitWarningThresholdPercentage.Invoke();\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := okta.LookupRateLimitWarningThresholdPercentage(ctx, map[string]interface{}{}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.OktaFunctions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        final var example = OktaFunctions.getRateLimitWarningThresholdPercentage(%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference);\n\n    }\n}\n```\n```yaml\nvariables:\n  example:\n    fn::invoke:\n      function: okta:getRateLimitWarningThresholdPercentage\n      arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n","outputs":{"description":"A collection of values returned by getRateLimitWarningThresholdPercentage.\n","properties":{"id":{"description":"The unique identifier of the warning threshold percentage entity.\n","type":"string"},"warningThreshold":{"description":"The threshold value (percentage) of a rate limit that, when exceeded, triggers a warning notification. By default, this value is 90 for Workforce orgs and 60 for CIAM orgs.\n","type":"integer"}},"required":["id","warningThreshold"],"type":"object"}},"okta:index/getRealm:getRealm":{"description":"Get a realm from Okta.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst exampleName = okta.getRealm({\n    name: \"Example Realm\",\n});\nconst exampleId = okta.getRealm({\n    id: \"\u003crealm_id\u003e\",\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\nexample_name = okta.get_realm(name=\"Example Realm\")\nexample_id = okta.get_realm(id=\"\u003crealm_id\u003e\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var exampleName = Okta.GetRealm.Invoke(new()\n    {\n        Name = \"Example Realm\",\n    });\n\n    var exampleId = Okta.GetRealm.Invoke(new()\n    {\n        Id = \"\u003crealm_id\u003e\",\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := okta.LookupRealm(ctx, \u0026okta.LookupRealmArgs{\n\t\t\tName: pulumi.StringRef(\"Example Realm\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = okta.LookupRealm(ctx, \u0026okta.LookupRealmArgs{\n\t\t\tId: pulumi.StringRef(\"\u003crealm_id\u003e\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.OktaFunctions;\nimport com.pulumi.okta.inputs.GetRealmArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        final var exampleName = OktaFunctions.getRealm(GetRealmArgs.builder()\n            .name(\"Example Realm\")\n            .build());\n\n        final var exampleId = OktaFunctions.getRealm(GetRealmArgs.builder()\n            .id(\"\u003crealm_id\u003e\")\n            .build());\n\n    }\n}\n```\n```yaml\nvariables:\n  exampleName:\n    fn::invoke:\n      function: okta:getRealm\n      arguments:\n        name: Example Realm\n  exampleId:\n    fn::invoke:\n      function: okta:getRealm\n      arguments:\n        id: \u003crealm_id\u003e\n```\n\u003c!--End PulumiCodeChooser --\u003e\n","inputs":{"description":"A collection of arguments for invoking getRealm.\n","properties":{"id":{"type":"string","description":"The id of the Okta Realm.\n"},"name":{"type":"string","description":"The name of the Okta Realm.\n"},"realmType":{"type":"string","description":"The realm type. Valid values: `PARTNER` and `DEFAULT`\n"}},"type":"object"},"outputs":{"description":"A collection of values returned by getRealm.\n","properties":{"id":{"description":"The id of the Okta Realm.\n","type":"string"},"isDefault":{"description":"Indicates whether the realm is the default realm.\n","type":"boolean"},"name":{"description":"The name of the Okta Realm.\n","type":"string"},"realmType":{"description":"The realm type. Valid values: `PARTNER` and `DEFAULT`\n","type":"string"}},"required":["id","isDefault","name"],"type":"object"}},"okta:index/getRealmAssignment:getRealmAssignment":{"description":"Get a realm assignment from Okta.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```yaml\nvariables:\n  exampleName:\n    fn::invoke:\n      function: okta:getRealmAssignment\n      arguments:\n        name: Example Realm Assignment\n  exampleId:\n    fn::invoke:\n      function: okta:getRealmAssignment\n      arguments:\n        id: \u003crealm_assignment_id\u003e\n```\n\u003c!--End PulumiCodeChooser --\u003e\n","inputs":{"description":"A collection of arguments for invoking getRealmAssignment.\n","properties":{"name":{"type":"string","description":"The name of the Okta Realm Assignment.\n"}},"type":"object"},"outputs":{"description":"A collection of values returned by getRealmAssignment.\n","properties":{"conditionExpression":{"description":"Condition expression for the Realm Assignment in Okta Expression Language. Example: `user.profile.role ==\"Manager\"` or `user.profile.state.contains(\"example\")`.\n","type":"string"},"id":{"description":"Realm Assignment ID.\n","type":"string"},"isDefault":{"description":"Indicates whether the realm assignment is the default.\n","type":"boolean"},"name":{"description":"The name of the Okta Realm Assignment.\n","type":"string"},"priority":{"description":"The Priority of the Realm Assignment. The lower the number, the higher the priority.\n","type":"integer"},"profileSourceId":{"description":"The ID of the Profile Source.\n","type":"string"},"realmId":{"description":"The ID of the Realm asscociated with the Realm Assignment.\n","type":"string"},"status":{"description":"Defines whether the Realm Assignment is active or not. Valid values: `ACTIVE` and `INACTIVE`.\n","type":"string"}},"required":["conditionExpression","id","isDefault","priority","profileSourceId","realmId","status"],"type":"object"}},"okta:index/getRequestCondition:getRequestCondition":{"description":"Retrieves a resource request condition\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst test = okta.getRequestCondition({\n    id: \"\u003crequest_condition_id\u003e\",\n    resourceId: \"\u003cresource_id\u003e\",\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\ntest = okta.get_request_condition(id=\"\u003crequest_condition_id\u003e\",\n    resource_id=\"\u003cresource_id\u003e\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var test = Okta.GetRequestCondition.Invoke(new()\n    {\n        Id = \"\u003crequest_condition_id\u003e\",\n        ResourceId = \"\u003cresource_id\u003e\",\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := okta.LookupRequestCondition(ctx, \u0026okta.LookupRequestConditionArgs{\n\t\t\tId:         \"\u003crequest_condition_id\u003e\",\n\t\t\tResourceId: \"\u003cresource_id\u003e\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.OktaFunctions;\nimport com.pulumi.okta.inputs.GetRequestConditionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        final var test = OktaFunctions.getRequestCondition(GetRequestConditionArgs.builder()\n            .id(\"\u003crequest_condition_id\u003e\")\n            .resourceId(\"\u003cresource_id\u003e\")\n            .build());\n\n    }\n}\n```\n```yaml\nvariables:\n  test:\n    fn::invoke:\n      function: okta:getRequestCondition\n      arguments:\n        id: \u003crequest_condition_id\u003e\n        resourceId: \u003cresource_id\u003e\n```\n\u003c!--End PulumiCodeChooser --\u003e\n","inputs":{"description":"A collection of arguments for invoking getRequestCondition.\n","properties":{"accessScopeSettings":{"$ref":"#/types/okta:index/getRequestConditionAccessScopeSettings:getRequestConditionAccessScopeSettings"},"id":{"type":"string","description":"Request condition id.\n"},"requesterSettings":{"$ref":"#/types/okta:index/getRequestConditionRequesterSettings:getRequestConditionRequesterSettings"},"resourceId":{"type":"string","description":"The id of the resource in Okta ID format.\n"}},"type":"object","required":["id","resourceId"]},"outputs":{"description":"A collection of values returned by getRequestCondition.\n","properties":{"accessScopeSettings":{"$ref":"#/types/okta:index/getRequestConditionAccessScopeSettings:getRequestConditionAccessScopeSettings"},"created":{"description":"The date and time when the request condition was created.\n","type":"string"},"createdBy":{"description":"The id of the user who created the request condition.\n","type":"string"},"id":{"description":"Request condition id.\n","type":"string"},"lastUpdated":{"description":"The date and time when the request condition was last updated.\n","type":"string"},"lastUpdatedBy":{"description":"The id of the user who last updated the request condition.\n","type":"string"},"name":{"description":"The name of the request condition.\n","type":"string"},"priority":{"description":"The priority of the request condition. Lower numbers indicate higher priority.\n","type":"integer"},"requesterSettings":{"$ref":"#/types/okta:index/getRequestConditionRequesterSettings:getRequestConditionRequesterSettings"},"resourceId":{"description":"The id of the resource in Okta ID format.\n","type":"string"},"status":{"description":"Status indicates if this condition is active or not. Default status is INACTIVE. Enum: `ACTIVE`, `INACTIVE`, `DELETED`, `INVALID`.\n","type":"string"}},"required":["created","createdBy","id","lastUpdated","lastUpdatedBy","name","priority","resourceId","status"],"type":"object"}},"okta:index/getRequestSequence:getRequestSequence":{"description":"Retrieves a access request sequence referenced by the specified resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst test = okta.getRequestSequence({\n    id: \"\u003csequence_id\u003e\",\n    resourceId: \"\u003cresource_id\u003e\",\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\ntest = okta.get_request_sequence(id=\"\u003csequence_id\u003e\",\n    resource_id=\"\u003cresource_id\u003e\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var test = Okta.GetRequestSequence.Invoke(new()\n    {\n        Id = \"\u003csequence_id\u003e\",\n        ResourceId = \"\u003cresource_id\u003e\",\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := okta.LookupRequestSequence(ctx, \u0026okta.LookupRequestSequenceArgs{\n\t\t\tId:         \"\u003csequence_id\u003e\",\n\t\t\tResourceId: \"\u003cresource_id\u003e\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.OktaFunctions;\nimport com.pulumi.okta.inputs.GetRequestSequenceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        final var test = OktaFunctions.getRequestSequence(GetRequestSequenceArgs.builder()\n            .id(\"\u003csequence_id\u003e\")\n            .resourceId(\"\u003cresource_id\u003e\")\n            .build());\n\n    }\n}\n```\n```yaml\nvariables:\n  test:\n    fn::invoke:\n      function: okta:getRequestSequence\n      arguments:\n        id: \u003csequence_id\u003e\n        resourceId: \u003cresource_id\u003e\n```\n\u003c!--End PulumiCodeChooser --\u003e\n","inputs":{"description":"A collection of arguments for invoking getRequestSequence.\n","properties":{"id":{"type":"string","description":"The id of the sequence.Must be of 24 characters length.\n"},"resourceId":{"type":"string","description":"The id of the resource in Okta ID format.\n"}},"type":"object","required":["id","resourceId"]},"outputs":{"description":"A collection of values returned by getRequestSequence.\n","properties":{"compatibleResourceTypes":{"description":"Enum: `APP`, `GROUP`.\n","items":{"type":"string"},"type":"array"},"description":{"description":"The description of the request condition.\n","type":"string"},"id":{"description":"The id of the sequence.Must be of 24 characters length.\n","type":"string"},"link":{"description":"Link to edit the request sequence.\n","type":"string"},"name":{"description":"The access duration settings for the request condition\n","type":"string"},"resourceId":{"description":"The id of the resource in Okta ID format.\n","type":"string"}},"required":["compatibleResourceTypes","description","id","link","name","resourceId"],"type":"object"}},"okta:index/getRequestSettingOrganization:getRequestSettingOrganization":{"description":"Retrieves the request settings for the org.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst test = okta.getRequestSettingOrganization({});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\ntest = okta.get_request_setting_organization()\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var test = Okta.GetRequestSettingOrganization.Invoke();\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := okta.LookupRequestSettingOrganization(ctx, \u0026okta.LookupRequestSettingOrganizationArgs{}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.OktaFunctions;\nimport com.pulumi.okta.inputs.GetRequestSettingOrganizationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        final var test = OktaFunctions.getRequestSettingOrganization(GetRequestSettingOrganizationArgs.builder()\n            .build());\n\n    }\n}\n```\n```yaml\nvariables:\n  test:\n    fn::invoke:\n      function: okta:getRequestSettingOrganization\n      arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n","inputs":{"description":"A collection of arguments for invoking getRequestSettingOrganization.\n","properties":{"requestExperiences":{"type":"array","items":{"$ref":"#/types/okta:index/getRequestSettingOrganizationRequestExperience:getRequestSettingOrganizationRequestExperience"}}},"type":"object"},"outputs":{"description":"A collection of values returned by getRequestSettingOrganization.\n","properties":{"id":{"type":"string"},"longTimePastProvisioned":{"type":"boolean"},"provisioningStatus":{"type":"string"},"requestExperiences":{"items":{"$ref":"#/types/okta:index/getRequestSettingOrganizationRequestExperience:getRequestSettingOrganizationRequestExperience"},"type":"array"},"subprocessorsAcknowledged":{"type":"boolean"}},"required":["id","longTimePastProvisioned","provisioningStatus","subprocessorsAcknowledged"],"type":"object"}},"okta:index/getRequestSettingResource:getRequestSettingResource":{"description":"Retrieves the request settings for a resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```yaml\nvariables:\n  test:\n    fn::invoke:\n      function: okta:getRequestSettingResource\n      arguments:\n        resourceId: \u003cid\u003e\n```\n\u003c!--End PulumiCodeChooser --\u003e\n","inputs":{"description":"A collection of arguments for invoking getRequestSettingResource.\n","properties":{"id":{"type":"string","description":"The resource ID of the request settings to retrieve. This is the unique identifier for the resource in Okta.\n"},"requestOnBehalfOfSettings":{"$ref":"#/types/okta:index/getRequestSettingResourceRequestOnBehalfOfSettings:getRequestSettingResourceRequestOnBehalfOfSettings","description":"Risk settings for the resource.\n"},"riskSettings":{"$ref":"#/types/okta:index/getRequestSettingResourceRiskSettings:getRequestSettingResourceRiskSettings","description":"Risk settings for the resource.\n"},"validAccessDurationSettings":{"$ref":"#/types/okta:index/getRequestSettingResourceValidAccessDurationSettings:getRequestSettingResourceValidAccessDurationSettings","description":"Specifies if and for whom a requester may request the resource for.\n"},"validAccessScopeSettings":{"type":"array","items":{"$ref":"#/types/okta:index/getRequestSettingResourceValidAccessScopeSetting:getRequestSettingResourceValidAccessScopeSetting"},"description":"Risk settings for the resource.\n"},"validRequesterSettings":{"type":"array","items":{"$ref":"#/types/okta:index/getRequestSettingResourceValidRequesterSetting:getRequestSettingResourceValidRequesterSetting"},"description":"Risk settings for the resource.\n"}},"type":"object","required":["id"]},"outputs":{"description":"A collection of values returned by getRequestSettingResource.\n","properties":{"id":{"description":"The resource ID of the request settings to retrieve. This is the unique identifier for the resource in Okta.\n","type":"string"},"requestOnBehalfOfSettings":{"$ref":"#/types/okta:index/getRequestSettingResourceRequestOnBehalfOfSettings:getRequestSettingResourceRequestOnBehalfOfSettings","description":"Risk settings for the resource.\n"},"riskSettings":{"$ref":"#/types/okta:index/getRequestSettingResourceRiskSettings:getRequestSettingResourceRiskSettings","description":"Risk settings for the resource.\n"},"validAccessDurationSettings":{"$ref":"#/types/okta:index/getRequestSettingResourceValidAccessDurationSettings:getRequestSettingResourceValidAccessDurationSettings","description":"Specifies if and for whom a requester may request the resource for.\n"},"validAccessScopeSettings":{"description":"Risk settings for the resource.\n","items":{"$ref":"#/types/okta:index/getRequestSettingResourceValidAccessScopeSetting:getRequestSettingResourceValidAccessScopeSetting"},"type":"array"},"validRequesterSettings":{"description":"Risk settings for the resource.\n","items":{"$ref":"#/types/okta:index/getRequestSettingResourceValidRequesterSetting:getRequestSettingResourceValidRequesterSetting"},"type":"array"}},"required":["id"],"type":"object"}},"okta:index/getRequestV2:getRequestV2":{"description":"Retrieves the full representation of a specific request.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst test = okta.getRequestV2({\n    id: \"\u003crequest_id\u003e\",\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\ntest = okta.get_request_v2(id=\"\u003crequest_id\u003e\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var test = Okta.GetRequestV2.Invoke(new()\n    {\n        Id = \"\u003crequest_id\u003e\",\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := okta.LookupRequestV2(ctx, \u0026okta.LookupRequestV2Args{\n\t\t\tId: \"\u003crequest_id\u003e\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.OktaFunctions;\nimport com.pulumi.okta.inputs.GetRequestV2Args;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        final var test = OktaFunctions.getRequestV2(GetRequestV2Args.builder()\n            .id(\"\u003crequest_id\u003e\")\n            .build());\n\n    }\n}\n```\n```yaml\nvariables:\n  test:\n    fn::invoke:\n      function: okta:getRequestV2\n      arguments:\n        id: \u003crequest_id\u003e\n```\n\u003c!--End PulumiCodeChooser --\u003e\n","inputs":{"description":"A collection of arguments for invoking getRequestV2.\n","properties":{"id":{"type":"string","description":"The ID of the request.\n"},"requested":{"$ref":"#/types/okta:index/getRequestV2Requested:getRequestV2Requested","description":"A representation of a resource that can be requested for access.\n"},"requestedBy":{"$ref":"#/types/okta:index/getRequestV2RequestedBy:getRequestV2RequestedBy","description":"A representation of a principal.\n"},"requestedFor":{"$ref":"#/types/okta:index/getRequestV2RequestedFor:getRequestV2RequestedFor","description":"A representation of a principal.\n"}},"type":"object","required":["id"]},"outputs":{"description":"A collection of values returned by getRequestV2.\n","properties":{"created":{"description":"The date and time when the request condition was created.\n","type":"string"},"createdBy":{"description":"The id of the user who created the request condition.\n","type":"string"},"id":{"description":"The ID of the request.\n","type":"string"},"lastUpdated":{"description":"The date and time when the request condition was last updated.\n","type":"string"},"lastUpdatedBy":{"description":"The id of the user who last updated the request condition.\n","type":"string"},"requested":{"$ref":"#/types/okta:index/getRequestV2Requested:getRequestV2Requested","description":"A representation of a resource that can be requested for access.\n"},"requestedBy":{"$ref":"#/types/okta:index/getRequestV2RequestedBy:getRequestV2RequestedBy","description":"A representation of a principal.\n"},"requestedFor":{"$ref":"#/types/okta:index/getRequestV2RequestedFor:getRequestV2RequestedFor","description":"A representation of a principal.\n"},"status":{"description":"The status of the request.\n","type":"string"}},"required":["created","createdBy","id","lastUpdated","lastUpdatedBy","status"],"type":"object"}},"okta:index/getReview:getReview":{"description":"Get the reviews belonging to a campaign\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst test = okta.getReview({});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\ntest = okta.get_review()\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var test = Okta.GetReview.Invoke();\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := okta.LookupReview(ctx, \u0026okta.LookupReviewArgs{}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.OktaFunctions;\nimport com.pulumi.okta.inputs.GetReviewArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        final var test = OktaFunctions.getReview(GetReviewArgs.builder()\n            .build());\n\n    }\n}\n```\n```yaml\nvariables:\n  test:\n    fn::invoke:\n      function: okta:getReview\n      arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n\n## Required:\n\n- \u003cspan pulumi-lang-nodejs=\"`email`\" pulumi-lang-dotnet=\"`Email`\" pulumi-lang-go=\"`email`\" pulumi-lang-python=\"`email`\" pulumi-lang-yaml=\"`email`\" pulumi-lang-java=\"`email`\"\u003e`email`\u003c/span\u003e (String) The Okta user's email address.\n- \u003cspan pulumi-lang-nodejs=\"`id`\" pulumi-lang-dotnet=\"`Id`\" pulumi-lang-go=\"`id`\" pulumi-lang-python=\"`id`\" pulumi-lang-yaml=\"`id`\" pulumi-lang-java=\"`id`\"\u003e`id`\u003c/span\u003e (String) The Okta user id.\n- \u003cspan pulumi-lang-nodejs=\"`status`\" pulumi-lang-dotnet=\"`Status`\" pulumi-lang-go=\"`status`\" pulumi-lang-python=\"`status`\" pulumi-lang-yaml=\"`status`\" pulumi-lang-java=\"`status`\"\u003e`status`\u003c/span\u003e (String) The status of the principal's profile. Enum: `INACTIVE`, `ACTIVE`.\n\n## Optional:\n\n- \u003cspan pulumi-lang-nodejs=\"`firstName`\" pulumi-lang-dotnet=\"`FirstName`\" pulumi-lang-go=\"`firstName`\" pulumi-lang-python=\"`first_name`\" pulumi-lang-yaml=\"`firstName`\" pulumi-lang-java=\"`firstName`\"\u003e`first_name`\u003c/span\u003e (String) The Okta user's first name.\n- `lastName` (String) The Okta user's last name\n- \u003cspan pulumi-lang-nodejs=\"`login`\" pulumi-lang-dotnet=\"`Login`\" pulumi-lang-go=\"`login`\" pulumi-lang-python=\"`login`\" pulumi-lang-yaml=\"`login`\" pulumi-lang-java=\"`login`\"\u003e`login`\u003c/span\u003e (String) The Okta user's login\n","inputs":{"description":"A collection of arguments for invoking getReview.\n","properties":{"allReviewerLevels":{"type":"array","items":{"$ref":"#/types/okta:index/getReviewAllReviewerLevel:getReviewAllReviewerLevel"}},"entitlementBundle":{"$ref":"#/types/okta:index/getReviewEntitlementBundle:getReviewEntitlementBundle"},"entitlementValue":{"$ref":"#/types/okta:index/getReviewEntitlementValue:getReviewEntitlementValue"},"id":{"type":"string","description":"The ID of  review.\n"},"links":{"$ref":"#/types/okta:index/getReviewLinks:getReviewLinks"},"note":{"$ref":"#/types/okta:index/getReviewNote:getReviewNote"},"principalProfile":{"$ref":"#/types/okta:index/getReviewPrincipalProfile:getReviewPrincipalProfile","description":"A limited set of properties from the user profile who created the review.\n"},"reviewerProfile":{"$ref":"#/types/okta:index/getReviewReviewerProfile:getReviewReviewerProfile"}},"type":"object","required":["id"]},"outputs":{"description":"A collection of values returned by getReview.\n","properties":{"allReviewerLevels":{"items":{"$ref":"#/types/okta:index/getReviewAllReviewerLevel:getReviewAllReviewerLevel"},"type":"array"},"campaignId":{"description":"ID of the Campaign.\n","type":"string"},"created":{"description":"The ISO 8601 formatted date and time when the resource was created.\n","type":"string"},"createdBy":{"description":"The id of user who created the resource.\n","type":"string"},"currentReviewerLevel":{"description":"Identifies the reviewer level of each reviews during access certification.\n","type":"string"},"decided":{"description":"The ISO 8601 formatted date and time when the object status was decided.\n","type":"string"},"decision":{"description":"The decision taken by the reviewer. Will be `UNASSIGNED` if no decision is made.\n","type":"string"},"entitlementBundle":{"$ref":"#/types/okta:index/getReviewEntitlementBundle:getReviewEntitlementBundle"},"entitlementValue":{"$ref":"#/types/okta:index/getReviewEntitlementValue:getReviewEntitlementValue"},"id":{"description":"The ID of  review.\n","type":"string"},"lastUpdated":{"description":"The ISO 8601 formatted date and time when the object was last updated.\n","type":"string"},"lastUpdatedBy":{"description":"The id of user who last updated the object.\n","type":"string"},"links":{"$ref":"#/types/okta:index/getReviewLinks:getReviewLinks"},"note":{"$ref":"#/types/okta:index/getReviewNote:getReviewNote"},"principalProfile":{"$ref":"#/types/okta:index/getReviewPrincipalProfile:getReviewPrincipalProfile","description":"A limited set of properties from the user profile who created the review.\n"},"remediationStatus":{"description":"Enum: `ERROR`, `MANUAL`, `NONE`, `OPEN`, `SUCCESS`.\n","type":"string"},"resourceId":{"description":"Resource ID for the Review.\n","type":"string"},"reviewerProfile":{"$ref":"#/types/okta:index/getReviewReviewerProfile:getReviewReviewerProfile"},"reviewerType":{"description":"The type of reviewer to which the review is assigned.\n","type":"string"}},"required":["campaignId","created","createdBy","currentReviewerLevel","decided","decision","id","lastUpdated","lastUpdatedBy","remediationStatus","resourceId","reviewerType"],"type":"object"}},"okta:index/getRoleSubscription:getRoleSubscription":{"description":"Get subscriptions of a Role with a specific type\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst example = okta.getRoleSubscription({\n    notificationType: \"APP_IMPORT\",\n    roleType: \"SUPER_ADMIN\",\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\nexample = okta.get_role_subscription(notification_type=\"APP_IMPORT\",\n    role_type=\"SUPER_ADMIN\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var example = Okta.GetRoleSubscription.Invoke(new()\n    {\n        NotificationType = \"APP_IMPORT\",\n        RoleType = \"SUPER_ADMIN\",\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := okta.LookupRoleSubscription(ctx, \u0026okta.LookupRoleSubscriptionArgs{\n\t\t\tNotificationType: \"APP_IMPORT\",\n\t\t\tRoleType:         \"SUPER_ADMIN\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.OktaFunctions;\nimport com.pulumi.okta.inputs.GetRoleSubscriptionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        final var example = OktaFunctions.getRoleSubscription(GetRoleSubscriptionArgs.builder()\n            .notificationType(\"APP_IMPORT\")\n            .roleType(\"SUPER_ADMIN\")\n            .build());\n\n    }\n}\n```\n```yaml\nvariables:\n  example:\n    fn::invoke:\n      function: okta:getRoleSubscription\n      arguments:\n        notificationType: APP_IMPORT\n        roleType: SUPER_ADMIN\n```\n\u003c!--End PulumiCodeChooser --\u003e\n","inputs":{"description":"A collection of arguments for invoking getRoleSubscription.\n","properties":{"notificationType":{"type":"string","description":"Type of the notification\n"},"roleType":{"type":"string","description":"Type of the role\n"}},"type":"object","required":["notificationType","roleType"]},"outputs":{"description":"A collection of values returned by getRoleSubscription.\n","properties":{"id":{"description":"The provider-assigned unique ID for this managed resource.","type":"string"},"notificationType":{"description":"Type of the notification\n","type":"string"},"roleType":{"description":"Type of the role\n","type":"string"},"status":{"description":"Status of subscription\n","type":"string"}},"required":["notificationType","roleType","status","id"],"type":"object"}},"okta:index/getSecurityEventsProvider:getSecurityEventsProvider":{"description":"Get information about a Security Events Provider instance for signal ingestion.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst example = okta.getSecurityEventsProvider({\n    id: \"\u003csecurity_events_provider_id\u003e\",\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\nexample = okta.get_security_events_provider(id=\"\u003csecurity_events_provider_id\u003e\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var example = Okta.GetSecurityEventsProvider.Invoke(new()\n    {\n        Id = \"\u003csecurity_events_provider_id\u003e\",\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := okta.LookupSecurityEventsProvider(ctx, \u0026okta.LookupSecurityEventsProviderArgs{\n\t\t\tId: \"\u003csecurity_events_provider_id\u003e\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.OktaFunctions;\nimport com.pulumi.okta.inputs.GetSecurityEventsProviderArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        final var example = OktaFunctions.getSecurityEventsProvider(GetSecurityEventsProviderArgs.builder()\n            .id(\"\u003csecurity_events_provider_id\u003e\")\n            .build());\n\n    }\n}\n```\n```yaml\nvariables:\n  example:\n    fn::invoke:\n      function: okta:getSecurityEventsProvider\n      arguments:\n        id: \u003csecurity_events_provider_id\u003e\n```\n\u003c!--End PulumiCodeChooser --\u003e\n","inputs":{"description":"A collection of arguments for invoking getSecurityEventsProvider.\n","properties":{"id":{"type":"string","description":"The unique identifier of this instance.\n"},"settings":{"$ref":"#/types/okta:index/getSecurityEventsProviderSettings:getSecurityEventsProviderSettings"}},"type":"object","required":["id"]},"outputs":{"description":"A collection of values returned by getSecurityEventsProvider.\n","properties":{"id":{"description":"The unique identifier of this instance.\n","type":"string"},"isEnabled":{"description":"Whether or not the Security Events Provider is enabled.\n","type":"string"},"name":{"description":"The name of the Security Events Provider instance.\n","type":"string"},"settings":{"$ref":"#/types/okta:index/getSecurityEventsProviderSettings:getSecurityEventsProviderSettings"},"status":{"description":"Indicates whether the Security Events Provider is active or not.\n","type":"string"},"type":{"description":"The application type of the Security Events Provider.\n","type":"string"}},"required":["id","isEnabled","name","status","type"],"type":"object"}},"okta:index/getTemplate:getTemplate":{"description":"Get a single Email Template for a Brand belonging to an Okta organization.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst test = okta.getBrands({});\nconst forgotPassword = test.then(test =\u003e okta.getTemplate({\n    brandId: test.brands?.[0]?.id,\n    name: \"ForgotPassword\",\n}));\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\ntest = okta.get_brands()\nforgot_password = okta.get_template(brand_id=test.brands[0].id,\n    name=\"ForgotPassword\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var test = Okta.GetBrands.Invoke();\n\n    var forgotPassword = Okta.GetTemplate.Invoke(new()\n    {\n        BrandId = test.Apply(getBrandsResult =\u003e getBrandsResult.Brands[0]?.Id),\n        Name = \"ForgotPassword\",\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttest, err := okta.GetBrands(ctx, map[string]interface{}{}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = okta.GetTemplate(ctx, \u0026okta.GetTemplateArgs{\n\t\t\tBrandId: test.Brands[0].Id,\n\t\t\tName:    \"ForgotPassword\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.OktaFunctions;\nimport com.pulumi.okta.inputs.GetTemplateArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        final var test = OktaFunctions.getBrands(%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference);\n\n        final var forgotPassword = OktaFunctions.getTemplate(GetTemplateArgs.builder()\n            .brandId(test.brands()[0].id())\n            .name(\"ForgotPassword\")\n            .build());\n\n    }\n}\n```\n```yaml\nvariables:\n  test:\n    fn::invoke:\n      function: okta:getBrands\n      arguments: {}\n  forgotPassword:\n    fn::invoke:\n      function: okta:getTemplate\n      arguments:\n        brandId: ${test.brands[0].id}\n        name: ForgotPassword\n```\n\u003c!--End PulumiCodeChooser --\u003e\n","inputs":{"description":"A collection of arguments for invoking getTemplate.\n","properties":{"brandId":{"type":"string","description":"Brand ID\n"},"name":{"type":"string","description":"The name of the email template\n"}},"type":"object","required":["brandId","name"]},"outputs":{"description":"A collection of values returned by getTemplate.\n","properties":{"brandId":{"description":"Brand ID\n","type":"string"},"id":{"description":"The provider-assigned unique ID for this managed resource.","type":"string"},"links":{"description":"Link relations for this object - JSON HAL - Discoverable resources related to the email template\n","type":"string"},"name":{"description":"The name of the email template\n","type":"string"}},"required":["brandId","links","name","id"],"type":"object"}},"okta:index/getTemplates:getTemplates":{"description":"Get the email templates belonging to a brand in an Okta organization.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst test = okta.getBrands({});\nconst testGetTemplates = test.then(test =\u003e okta.getTemplates({\n    brandId: test.brands?.[0]?.id,\n}));\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\ntest = okta.get_brands()\ntest_get_templates = okta.get_templates(brand_id=test.brands[0].id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var test = Okta.GetBrands.Invoke();\n\n    var testGetTemplates = Okta.GetTemplates.Invoke(new()\n    {\n        BrandId = test.Apply(getBrandsResult =\u003e getBrandsResult.Brands[0]?.Id),\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttest, err := okta.GetBrands(ctx, map[string]interface{}{}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = okta.GetTemplates(ctx, \u0026okta.GetTemplatesArgs{\n\t\t\tBrandId: test.Brands[0].Id,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.OktaFunctions;\nimport com.pulumi.okta.inputs.GetTemplatesArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        final var test = OktaFunctions.getBrands(%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference);\n\n        final var testGetTemplates = OktaFunctions.getTemplates(GetTemplatesArgs.builder()\n            .brandId(test.brands()[0].id())\n            .build());\n\n    }\n}\n```\n```yaml\nvariables:\n  test:\n    fn::invoke:\n      function: okta:getBrands\n      arguments: {}\n  testGetTemplates:\n    fn::invoke:\n      function: okta:getTemplates\n      arguments:\n        brandId: ${test.brands[0].id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n","inputs":{"description":"A collection of arguments for invoking getTemplates.\n","properties":{"brandId":{"type":"string","description":"Brand ID\n"}},"type":"object","required":["brandId"]},"outputs":{"description":"A collection of values returned by getTemplates.\n","properties":{"brandId":{"description":"Brand ID\n","type":"string"},"emailTemplates":{"description":"List of \u003cspan pulumi-lang-nodejs=\"`okta.getTemplate`\" pulumi-lang-dotnet=\"`okta.getTemplate`\" pulumi-lang-go=\"`getTemplate`\" pulumi-lang-python=\"`get_template`\" pulumi-lang-yaml=\"`okta.getTemplate`\" pulumi-lang-java=\"`okta.getTemplate`\"\u003e`okta.getTemplate`\u003c/span\u003e belonging to a brand in the organization\n","items":{"$ref":"#/types/okta:index/getTemplatesEmailTemplate:getTemplatesEmailTemplate"},"type":"array"},"id":{"description":"The provider-assigned unique ID for this managed resource.","type":"string"}},"required":["brandId","emailTemplates","id"],"type":"object"}},"okta:index/getTheme:getTheme":{"description":"Get a single Theme of a Brand of an Okta Organization.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst test = okta.getBrands({});\nconst testGetTheme = test.then(test =\u003e okta.getTheme({\n    brandId: test.brands?.[0]?.id,\n    themeId: testOktaThemes.themes[0].id,\n}));\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\ntest = okta.get_brands()\ntest_get_theme = okta.get_theme(brand_id=test.brands[0].id,\n    theme_id=test_okta_themes[\"themes\"][0][\"id\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var test = Okta.GetBrands.Invoke();\n\n    var testGetTheme = Okta.GetTheme.Invoke(new()\n    {\n        BrandId = test.Apply(getBrandsResult =\u003e getBrandsResult.Brands[0]?.Id),\n        ThemeId = testOktaThemes.Themes[0].Id,\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttest, err := okta.GetBrands(ctx, map[string]interface{}{}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = okta.LookupTheme(ctx, \u0026okta.LookupThemeArgs{\n\t\t\tBrandId: test.Brands[0].Id,\n\t\t\tThemeId: testOktaThemes.Themes[0].Id,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.OktaFunctions;\nimport com.pulumi.okta.inputs.GetThemeArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        final var test = OktaFunctions.getBrands(%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference);\n\n        final var testGetTheme = OktaFunctions.getTheme(GetThemeArgs.builder()\n            .brandId(test.brands()[0].id())\n            .themeId(testOktaThemes.themes()[0].id())\n            .build());\n\n    }\n}\n```\n```yaml\nvariables:\n  test:\n    fn::invoke:\n      function: okta:getBrands\n      arguments: {}\n  testGetTheme:\n    fn::invoke:\n      function: okta:getTheme\n      arguments:\n        brandId: ${test.brands[0].id}\n        themeId: ${testOktaThemes.themes[0].id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n","inputs":{"description":"A collection of arguments for invoking getTheme.\n","properties":{"brandId":{"type":"string","description":"Brand ID\n"},"themeId":{"type":"string","description":"Theme ID\n"}},"type":"object","required":["brandId","themeId"]},"outputs":{"description":"A collection of values returned by getTheme.\n","properties":{"backgroundImageUrl":{"description":"Background image URL\n","type":"string"},"brandId":{"description":"Brand ID\n","type":"string"},"emailTemplateTouchPointVariant":{"description":"Variant for email templates (`OKTA_DEFAULT`, `FULL_THEME`)\n","type":"string"},"endUserDashboardTouchPointVariant":{"description":"Variant for the Okta End-User Dashboard (`OKTA_DEFAULT`, `WHITE_LOGO_BACKGROUND`, `FULL_THEME`, `LOGO_ON_FULL_WHITE_BACKGROUND`)\n","type":"string"},"errorPageTouchPointVariant":{"description":"Variant for the error page (`OKTA_DEFAULT`, `BACKGROUND_SECONDARY_COLOR`, `BACKGROUND_IMAGE`)\n","type":"string"},"faviconUrl":{"description":"Favicon URL\n","type":"string"},"id":{"description":"The ID of the theme\n","type":"string"},"links":{"description":"Link relations for this object - JSON HAL - Discoverable resources related to the email template\n","type":"string"},"logoUrl":{"description":"Logo URL\n","type":"string"},"primaryColorContrastHex":{"description":"Primary color contrast hex code\n","type":"string"},"primaryColorHex":{"description":"Primary color hex code\n","type":"string"},"secondaryColorContrastHex":{"description":"Secondary color contrast hex code\n","type":"string"},"secondaryColorHex":{"description":"Secondary color hex code\n","type":"string"},"signInPageTouchPointVariant":{"description":"Variant for the Okta Sign-In Page (`OKTA_DEFAULT`, `BACKGROUND_SECONDARY_COLOR`, `BACKGROUND_IMAGE`)\n","type":"string"},"themeId":{"description":"Theme ID\n","type":"string"}},"required":["backgroundImageUrl","brandId","emailTemplateTouchPointVariant","endUserDashboardTouchPointVariant","errorPageTouchPointVariant","faviconUrl","id","links","logoUrl","primaryColorContrastHex","primaryColorHex","secondaryColorContrastHex","secondaryColorHex","signInPageTouchPointVariant","themeId"],"type":"object"}},"okta:index/getThemes:getThemes":{"description":"Get Themes of a Brand of an Okta Organization.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst test = okta.getBrands({});\nconst example = test.then(test =\u003e okta.getThemes({\n    brandId: test.brands?.[0]?.id,\n}));\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\ntest = okta.get_brands()\nexample = okta.get_themes(brand_id=test.brands[0].id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var test = Okta.GetBrands.Invoke();\n\n    var example = Okta.GetThemes.Invoke(new()\n    {\n        BrandId = test.Apply(getBrandsResult =\u003e getBrandsResult.Brands[0]?.Id),\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttest, err := okta.GetBrands(ctx, map[string]interface{}{}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = okta.GetThemes(ctx, \u0026okta.GetThemesArgs{\n\t\t\tBrandId: test.Brands[0].Id,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.OktaFunctions;\nimport com.pulumi.okta.inputs.GetThemesArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        final var test = OktaFunctions.getBrands(%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference);\n\n        final var example = OktaFunctions.getThemes(GetThemesArgs.builder()\n            .brandId(test.brands()[0].id())\n            .build());\n\n    }\n}\n```\n```yaml\nvariables:\n  test:\n    fn::invoke:\n      function: okta:getBrands\n      arguments: {}\n  example:\n    fn::invoke:\n      function: okta:getThemes\n      arguments:\n        brandId: ${test.brands[0].id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n","inputs":{"description":"A collection of arguments for invoking getThemes.\n","properties":{"brandId":{"type":"string","description":"Brand ID\n"}},"type":"object","required":["brandId"]},"outputs":{"description":"A collection of values returned by getThemes.\n","properties":{"brandId":{"description":"Brand ID\n","type":"string"},"id":{"description":"The provider-assigned unique ID for this managed resource.","type":"string"},"themes":{"description":"List of \u003cspan pulumi-lang-nodejs=\"`oktaThem`\" pulumi-lang-dotnet=\"`OktaThem`\" pulumi-lang-go=\"`oktaThem`\" pulumi-lang-python=\"`okta_them`\" pulumi-lang-yaml=\"`oktaThem`\" pulumi-lang-java=\"`oktaThem`\"\u003e`okta_them`\u003c/span\u003e belonging to the brand in the organization\n","items":{"$ref":"#/types/okta:index/getThemesTheme:getThemesTheme"},"type":"array"}},"required":["brandId","themes","id"],"type":"object"}},"okta:index/getTrustedOrigins:getTrustedOrigins":{"description":"Get List of Trusted Origins using filters.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst all = okta.getTrustedOrigins({});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\nall = okta.get_trusted_origins()\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var all = Okta.GetTrustedOrigins.Invoke();\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := okta.GetTrustedOrigins(ctx, \u0026okta.GetTrustedOriginsArgs{}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.OktaFunctions;\nimport com.pulumi.okta.inputs.GetTrustedOriginsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        final var all = OktaFunctions.getTrustedOrigins(GetTrustedOriginsArgs.builder()\n            .build());\n\n    }\n}\n```\n```yaml\nvariables:\n  all:\n    fn::invoke:\n      function: okta:getTrustedOrigins\n      arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n","inputs":{"description":"A collection of arguments for invoking getTrustedOrigins.\n","properties":{"filter":{"type":"string","description":"Filter criteria. Filter value will be URL-encoded by the provider\n"}},"type":"object"},"outputs":{"description":"A collection of values returned by getTrustedOrigins.\n","properties":{"filter":{"description":"Filter criteria. Filter value will be URL-encoded by the provider\n","type":"string"},"id":{"description":"The provider-assigned unique ID for this managed resource.","type":"string"},"trustedOrigins":{"items":{"$ref":"#/types/okta:index/getTrustedOriginsTrustedOrigin:getTrustedOriginsTrustedOrigin"},"type":"array"}},"required":["trustedOrigins","id"],"type":"object"}},"okta:index/getUiSchema:getUiSchema":{"description":"Use this data source to retrieve information about an Okta UI Schema.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst example = okta.getUiSchema({\n    id: \"ui_schema_id\",\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\nexample = okta.get_ui_schema(id=\"ui_schema_id\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var example = Okta.GetUiSchema.Invoke(new()\n    {\n        Id = \"ui_schema_id\",\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := okta.LookupUiSchema(ctx, \u0026okta.LookupUiSchemaArgs{\n\t\t\tId: \"ui_schema_id\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.OktaFunctions;\nimport com.pulumi.okta.inputs.GetUiSchemaArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        final var example = OktaFunctions.getUiSchema(GetUiSchemaArgs.builder()\n            .id(\"ui_schema_id\")\n            .build());\n\n    }\n}\n```\n```yaml\nvariables:\n  example:\n    fn::invoke:\n      function: okta:getUiSchema\n      arguments:\n        id: ui_schema_id\n```\n\u003c!--End PulumiCodeChooser --\u003e\n","inputs":{"description":"A collection of arguments for invoking getUiSchema.\n","properties":{"id":{"type":"string","description":"The ID property of an UI Schema.\n"},"uiSchema":{"$ref":"#/types/okta:index/getUiSchemaUiSchema:getUiSchemaUiSchema","description":"- (Object) Representation of a resource.\n"}},"type":"object","required":["id"]},"outputs":{"description":"A collection of values returned by getUiSchema.\n","properties":{"created":{"description":"Timestamp when the UI Schema was created. (ISO 86001).\n","type":"string"},"id":{"description":"The ID property of an UI Schema.\n","type":"string"},"lastUpdated":{"description":"Timestamp when the UI Schema was last modified (ISO 86001).\n","type":"string"},"uiSchema":{"$ref":"#/types/okta:index/getUiSchemaUiSchema:getUiSchemaUiSchema","description":"- (Object) Representation of a resource.\n"}},"required":["created","id","lastUpdated"],"type":"object"}},"okta:index/getUserSecurityQuestions:getUserSecurityQuestions":{"description":"## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst exampleUser = new okta.user.User(\"example\", {\n    firstName: \"John\",\n    lastName: \"Smith\",\n    login: \"john.smith@example.com\",\n    email: \"john.smith@example.com\",\n});\nconst example = okta.getUserSecurityQuestionsOutput({\n    userId: exampleUser.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\nexample_user = okta.user.User(\"example\",\n    first_name=\"John\",\n    last_name=\"Smith\",\n    login=\"john.smith@example.com\",\n    email=\"john.smith@example.com\")\nexample = okta.get_user_security_questions_output(user_id=example_user.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var exampleUser = new Okta.User.User(\"example\", new()\n    {\n        FirstName = \"John\",\n        LastName = \"Smith\",\n        Login = \"john.smith@example.com\",\n        Email = \"john.smith@example.com\",\n    });\n\n    var example = Okta.GetUserSecurityQuestions.Invoke(new()\n    {\n        UserId = exampleUser.Id,\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta\"\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta/user\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleUser, err := user.NewUser(ctx, \"example\", \u0026user.UserArgs{\n\t\t\tFirstName: pulumi.String(\"John\"),\n\t\t\tLastName:  pulumi.String(\"Smith\"),\n\t\t\tLogin:     pulumi.String(\"john.smith@example.com\"),\n\t\t\tEmail:     pulumi.String(\"john.smith@example.com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_ = okta.GetUserSecurityQuestionsOutput(ctx, okta.GetUserSecurityQuestionsOutputArgs{\n\t\t\tUserId: exampleUser.ID(),\n\t\t}, nil)\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.user.User;\nimport com.pulumi.okta.user.UserArgs;\nimport com.pulumi.okta.OktaFunctions;\nimport com.pulumi.okta.inputs.GetUserSecurityQuestionsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        var exampleUser = new User(\"exampleUser\", UserArgs.builder()\n            .firstName(\"John\")\n            .lastName(\"Smith\")\n            .login(\"john.smith@example.com\")\n            .email(\"john.smith@example.com\")\n            .build());\n\n        final var example = OktaFunctions.getUserSecurityQuestions(GetUserSecurityQuestionsArgs.builder()\n            .userId(exampleUser.id())\n            .build());\n\n    }\n}\n```\n```yaml\nresources:\n  exampleUser:\n    type: okta:user:User\n    name: example\n    properties:\n      firstName: John\n      lastName: Smith\n      login: john.smith@example.com\n      email: john.smith@example.com\nvariables:\n  example:\n    fn::invoke:\n      function: okta:getUserSecurityQuestions\n      arguments:\n        userId: ${exampleUser.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n","inputs":{"description":"A collection of arguments for invoking getUserSecurityQuestions.\n","properties":{"userId":{"type":"string","description":"ID of a Okta User\n"}},"type":"object","required":["userId"]},"outputs":{"description":"A collection of values returned by getUserSecurityQuestions.\n","properties":{"id":{"description":"The provider-assigned unique ID for this managed resource.","type":"string"},"questions":{"items":{"$ref":"#/types/okta:index/getUserSecurityQuestionsQuestion:getUserSecurityQuestionsQuestion"},"type":"array"},"userId":{"description":"ID of a Okta User\n","type":"string"}},"required":["questions","userId","id"],"type":"object"}},"okta:policy/getDefaultPolicy:getDefaultPolicy":{"description":"Use this data source to retrieve a default policy from Okta. This \nsame thing can be achieved using the \u003cspan pulumi-lang-nodejs=\"`okta.policy.getPolicy`\" pulumi-lang-dotnet=\"`okta.policy.getPolicy`\" pulumi-lang-go=\"`policy.getPolicy`\" pulumi-lang-python=\"`policy_get_policy`\" pulumi-lang-yaml=\"`okta.policy.getPolicy`\" pulumi-lang-java=\"`okta.policy.getPolicy`\"\u003e`okta.policy.getPolicy`\u003c/span\u003e with default \nnames, this is simply a shortcut.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst example = okta.policy.getDefaultPolicy({\n    type: \"PASSWORD\",\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\nexample = okta.policy.get_default_policy(type=\"PASSWORD\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var example = Okta.Policy.GetDefaultPolicy.Invoke(new()\n    {\n        Type = \"PASSWORD\",\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta/policy\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := policy.GetDefaultPolicy(ctx, \u0026policy.GetDefaultPolicyArgs{\n\t\t\tType: \"PASSWORD\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.policy.PolicyFunctions;\nimport com.pulumi.okta.policy.inputs.GetDefaultPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        final var example = PolicyFunctions.getDefaultPolicy(GetDefaultPolicyArgs.builder()\n            .type(\"PASSWORD\")\n            .build());\n\n    }\n}\n```\n```yaml\nvariables:\n  example:\n    fn::invoke:\n      function: okta:policy:getDefaultPolicy\n      arguments:\n        type: PASSWORD\n```\n\u003c!--End PulumiCodeChooser --\u003e\n","inputs":{"description":"A collection of arguments for invoking getDefaultPolicy.\n","properties":{"type":{"type":"string","description":"Policy type: OKTA*SIGN*ON, PASSWORD, MFA*ENROLL, or IDP*DISCOVERY\n"}},"type":"object","required":["type"]},"outputs":{"description":"A collection of values returned by getDefaultPolicy.\n","properties":{"id":{"description":"The provider-assigned unique ID for this managed resource.","type":"string"},"type":{"description":"Policy type: OKTA*SIGN*ON, PASSWORD, MFA*ENROLL, or IDP*DISCOVERY\n","type":"string"}},"required":["type","id"],"type":"object"}},"okta:policy/getPolicy:getPolicy":{"description":"Get a policy from Okta.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst example = okta.policy.getPolicy({\n    name: \"Password Policy Example\",\n    type: \"PASSWORD\",\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\nexample = okta.policy.get_policy(name=\"Password Policy Example\",\n    type=\"PASSWORD\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var example = Okta.Policy.GetPolicy.Invoke(new()\n    {\n        Name = \"Password Policy Example\",\n        Type = \"PASSWORD\",\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta/policy\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := policy.GetPolicy(ctx, \u0026policy.GetPolicyArgs{\n\t\t\tName: \"Password Policy Example\",\n\t\t\tType: \"PASSWORD\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.policy.PolicyFunctions;\nimport com.pulumi.okta.policy.inputs.GetPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        final var example = PolicyFunctions.getPolicy(GetPolicyArgs.builder()\n            .name(\"Password Policy Example\")\n            .type(\"PASSWORD\")\n            .build());\n\n    }\n}\n```\n```yaml\nvariables:\n  example:\n    fn::invoke:\n      function: okta:policy:getPolicy\n      arguments:\n        name: Password Policy Example\n        type: PASSWORD\n```\n\u003c!--End PulumiCodeChooser --\u003e\n","inputs":{"description":"A collection of arguments for invoking getPolicy.\n","properties":{"name":{"type":"string","description":"Name of the policy\n"},"type":{"type":"string","description":"Policy type, see https://developer.okta.com/docs/reference/api/policy/#policy-object\n"}},"type":"object","required":["name","type"]},"outputs":{"description":"A collection of values returned by getPolicy.\n","properties":{"id":{"description":"The provider-assigned unique ID for this managed resource.","type":"string"},"name":{"description":"Name of the policy\n","type":"string"},"status":{"description":"Status of the policy\n","type":"string"},"type":{"description":"Policy type, see https://developer.okta.com/docs/reference/api/policy/#policy-object\n","type":"string"}},"required":["name","status","type","id"],"type":"object"}},"okta:user/getUser:getUser":{"description":"Get a single users from Okta.\n\n","inputs":{"description":"A collection of arguments for invoking getUser.\n","properties":{"compoundSearchOperator":{"type":"string","description":"Search operator used when joining multiple search clauses\n"},"delayReadSeconds":{"type":"string","description":"Force delay of the user read by N seconds. Useful when eventual consistency of user information needs to be allowed for.\n"},"searches":{"type":"array","items":{"$ref":"#/types/okta:user/getUserSearch:getUserSearch"},"description":"Filter to find user/users. Each filter will be concatenated with the compound search operator. Please be aware profile properties must match what is in Okta, which is likely camel case. Expression is a free form expression filter https://developer.okta.com/docs/reference/core-okta-api/#filter . The set name/value/comparison properties will be ignored if expression is present\n"},"skipGroups":{"type":"boolean","description":"Do not populate user groups information (prevents additional API call)\n"},"skipRoles":{"type":"boolean","description":"Do not populate user roles information (prevents additional API call)\n"},"userId":{"type":"string","description":"Retrieve a single user based on their id\n"}},"type":"object"},"outputs":{"description":"A collection of values returned by getUser.\n","properties":{"adminRoles":{"items":{"type":"string"},"type":"array"},"city":{"type":"string"},"compoundSearchOperator":{"description":"Search operator used when joining multiple search clauses\n","type":"string"},"costCenter":{"type":"string"},"countryCode":{"type":"string"},"customProfileAttributes":{"type":"string"},"delayReadSeconds":{"description":"Force delay of the user read by N seconds. Useful when eventual consistency of user information needs to be allowed for.\n","type":"string"},"department":{"type":"string"},"displayName":{"type":"string"},"division":{"type":"string"},"email":{"type":"string"},"employeeNumber":{"type":"string"},"firstName":{"type":"string"},"groupMemberships":{"items":{"type":"string"},"type":"array"},"honorificPrefix":{"type":"string"},"honorificSuffix":{"type":"string"},"id":{"description":"The provider-assigned unique ID for this managed resource.","type":"string"},"lastName":{"type":"string"},"locale":{"type":"string"},"login":{"type":"string"},"manager":{"type":"string"},"managerId":{"type":"string"},"middleName":{"type":"string"},"mobilePhone":{"type":"string"},"nickName":{"type":"string"},"organization":{"type":"string"},"postalAddress":{"type":"string"},"preferredLanguage":{"type":"string"},"primaryPhone":{"type":"string"},"profileUrl":{"type":"string"},"realmId":{"description":"The Realm ID associated with the user.\n","type":"string"},"roles":{"items":{"type":"string"},"type":"array"},"searches":{"description":"Filter to find user/users. Each filter will be concatenated with the compound search operator. Please be aware profile properties must match what is in Okta, which is likely camel case. Expression is a free form expression filter https://developer.okta.com/docs/reference/core-okta-api/#filter . The set name/value/comparison properties will be ignored if expression is present\n","items":{"$ref":"#/types/okta:user/getUserSearch:getUserSearch"},"type":"array"},"secondEmail":{"type":"string"},"skipGroups":{"description":"Do not populate user groups information (prevents additional API call)\n","type":"boolean"},"skipRoles":{"description":"Do not populate user roles information (prevents additional API call)\n","type":"boolean"},"state":{"type":"string"},"status":{"type":"string"},"streetAddress":{"type":"string"},"timezone":{"type":"string"},"title":{"type":"string"},"userId":{"description":"Retrieve a single user based on their id\n","type":"string"},"userType":{"type":"string"},"zipCode":{"type":"string"}},"required":["adminRoles","city","costCenter","countryCode","customProfileAttributes","department","displayName","division","email","employeeNumber","firstName","groupMemberships","honorificPrefix","honorificSuffix","lastName","locale","login","manager","managerId","middleName","mobilePhone","nickName","organization","postalAddress","preferredLanguage","primaryPhone","profileUrl","realmId","roles","secondEmail","state","status","streetAddress","timezone","title","userType","zipCode","id"],"type":"object"}},"okta:user/getUserProfileMappingSource:getUserProfileMappingSource":{"description":"Get the base user Profile Mapping source or target from Okta.\n\n\u003e **NOTE:** If using this resource with OAuth2 scopes, this resource \nrequires `okta.profileMappings.read` scope.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst example = okta.user.getUserProfileMappingSource({});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\nexample = okta.user.get_user_profile_mapping_source()\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var example = Okta.User.GetUserProfileMappingSource.Invoke();\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta/user\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := user.GetUserProfileMappingSource(ctx, map[string]interface{}{}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.user.UserFunctions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        final var example = UserFunctions.getUserProfileMappingSource(%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference);\n\n    }\n}\n```\n```yaml\nvariables:\n  example:\n    fn::invoke:\n      function: okta:user:getUserProfileMappingSource\n      arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n","outputs":{"description":"A collection of values returned by getUserProfileMappingSource.\n","properties":{"id":{"description":"ID of the source\n","type":"string"},"name":{"description":"Name of source.\n","type":"string"},"type":{"description":"Type of source.\n","type":"string"}},"required":["id","name","type"],"type":"object"}},"okta:user/getUserType:getUserType":{"description":"Get a user type from Okta.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as okta from \"@pulumi/okta\";\n\nconst example = okta.user.getUserType({\n    name: \"example\",\n});\n```\n```python\nimport pulumi\nimport pulumi_okta as okta\n\nexample = okta.user.get_user_type(name=\"example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Okta = Pulumi.Okta;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n    var example = Okta.User.GetUserType.Invoke(new()\n    {\n        Name = \"example\",\n    });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-okta/sdk/v6/go/okta/user\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := user.LookupUserType(ctx, \u0026user.LookupUserTypeArgs{\n\t\t\tName: pulumi.StringRef(\"example\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.okta.user.UserFunctions;\nimport com.pulumi.okta.user.inputs.GetUserTypeArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n    public static void main(String[] args) {\n        Pulumi.run(App::stack);\n    }\n\n    public static void stack(Context ctx) {\n        final var example = UserFunctions.getUserType(GetUserTypeArgs.builder()\n            .name(\"example\")\n            .build());\n\n    }\n}\n```\n```yaml\nvariables:\n  example:\n    fn::invoke:\n      function: okta:user:getUserType\n      arguments:\n        name: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n","inputs":{"description":"A collection of arguments for invoking getUserType.\n","properties":{"id":{"type":"string","description":"ID of the user type to retrieve, conflicts with \u003cspan pulumi-lang-nodejs=\"`name`\" pulumi-lang-dotnet=\"`Name`\" pulumi-lang-go=\"`name`\" pulumi-lang-python=\"`name`\" pulumi-lang-yaml=\"`name`\" pulumi-lang-java=\"`name`\"\u003e`name`\u003c/span\u003e.\n"},"name":{"type":"string","description":"Name of user type to retrieve, conflicts with \u003cspan pulumi-lang-nodejs=\"`id`\" pulumi-lang-dotnet=\"`Id`\" pulumi-lang-go=\"`id`\" pulumi-lang-python=\"`id`\" pulumi-lang-yaml=\"`id`\" pulumi-lang-java=\"`id`\"\u003e`id`\u003c/span\u003e.\n"}},"type":"object"},"outputs":{"description":"A collection of values returned by getUserType.\n","properties":{"description":{"description":"Description of user type.\n","type":"string"},"displayName":{"description":"Display name of user type.\n","type":"string"},"id":{"description":"ID of the user type to retrieve, conflicts with \u003cspan pulumi-lang-nodejs=\"`name`\" pulumi-lang-dotnet=\"`Name`\" pulumi-lang-go=\"`name`\" pulumi-lang-python=\"`name`\" pulumi-lang-yaml=\"`name`\" pulumi-lang-java=\"`name`\"\u003e`name`\u003c/span\u003e.\n","type":"string"},"name":{"description":"Name of user type to retrieve, conflicts with \u003cspan pulumi-lang-nodejs=\"`id`\" pulumi-lang-dotnet=\"`Id`\" pulumi-lang-go=\"`id`\" pulumi-lang-python=\"`id`\" pulumi-lang-yaml=\"`id`\" pulumi-lang-java=\"`id`\"\u003e`id`\u003c/span\u003e.\n","type":"string"}},"required":["description","displayName"],"type":"object"}},"okta:user/getUsers:getUsers":{"description":"Get a list of users from Okta.\n\n","inputs":{"description":"A collection of arguments for invoking getUsers.\n","properties":{"compoundSearchOperator":{"type":"string","description":"Search operator used when joining multiple search clauses\n"},"delayReadSeconds":{"type":"string","description":"Force delay of the users read by N seconds. Useful when eventual consistency of users information needs to be allowed for.\n"},"groupId":{"type":"string","description":"Find users based on group membership using the id of the group.\n"},"includeGroups":{"type":"boolean","description":"Fetch group memberships for each user\n"},"includeRoles":{"type":"boolean","description":"Fetch user roles for each user\n"},"searches":{"type":"array","items":{"$ref":"#/types/okta:user/getUsersSearch:getUsersSearch"},"description":"Filter to find user/users. Each filter will be concatenated with the compound search operator. Please be aware profile properties must match what is in Okta, which is likely camel case. Expression is a free form expression filter https://developer.okta.com/docs/reference/core-okta-api/#filter . The set name/value/comparison properties will be ignored if expression is present\n"}},"type":"object"},"outputs":{"description":"A collection of values returned by getUsers.\n","properties":{"compoundSearchOperator":{"description":"Search operator used when joining multiple search clauses\n","type":"string"},"delayReadSeconds":{"description":"Force delay of the users read by N seconds. Useful when eventual consistency of users information needs to be allowed for.\n","type":"string"},"groupId":{"description":"Find users based on group membership using the id of the group.\n","type":"string"},"id":{"description":"The provider-assigned unique ID for this managed resource.","type":"string"},"includeGroups":{"description":"Fetch group memberships for each user\n","type":"boolean"},"includeRoles":{"description":"Fetch user roles for each user\n","type":"boolean"},"searches":{"description":"Filter to find user/users. Each filter will be concatenated with the compound search operator. Please be aware profile properties must match what is in Okta, which is likely camel case. Expression is a free form expression filter https://developer.okta.com/docs/reference/core-okta-api/#filter . The set name/value/comparison properties will be ignored if expression is present\n","items":{"$ref":"#/types/okta:user/getUsersSearch:getUsersSearch"},"type":"array"},"users":{"description":"collection of users retrieved from Okta.\n","items":{"$ref":"#/types/okta:user/getUsersUser:getUsersUser"},"type":"array"}},"required":["users","id"],"type":"object"}},"pulumi:providers:okta/terraformConfig":{"description":"This function returns a Terraform config object with terraform-namecased keys,to be used with the Terraform Module Provider.","inputs":{"properties":{"__self__":{"type":"ref","$ref":"#/provider"}},"type":"pulumi:providers:okta/terraformConfig","required":["__self__"]},"outputs":{"properties":{"result":{"additionalProperties":{"$ref":"pulumi.json#/Any"},"type":"object"}},"required":["result"],"type":"object"}}}}