saml

ballj/saml/keycloak

Terraform Module HCL KEYCLOAK

SAML module

Install

module "saml" {

source = "ballj/saml/keycloak"

version = "1.2.0"

}

plain text: /constructs/tfmod-ballj-saml-keycloak/install.txt

⭐ Source on GitHub 📦 Registry page

README

Terraform Keycloak SAML This terraform module creates an SAML client on keycloak. Useage `` module "saml" { source = "ballj/saml/keycloak" version = "~> 1.0" realm = "example.com" entity_id = "https://myapp.example.com/saml" name = "myapp" } ` Variables | Variable | Required | Default | Description | | ------------------------------------- | -------- | ------------ | ---------------------------------------------------------------- | | name | No | null | Display name of this client | | realm_id | Yes | N/A | Realm this client is attached to | | entity_id | No | N/A | SP Entity ID | | description | No | null | The description of this client in the GUI | | enabled | No | true | Allow clients to initiate a login | | login_theme | No | null | Client login theme | | include_authn_statement | No

Inputs (37)

Name	Type	Description	Default
realm	string	Realm this client is attached to	required
description	string	The description of this client in the GUI	`null`
sign_assertions	bool	SAML assertions will be signed by Keycloak using the realm's private key	`false`
force_post_binding	bool	Keycloak will always respond to an authentication request via the SAML POST Bind	`true`
valid_redirect_uris	list(string)	List of valid URIs a browser is permitted to redirect to after a successful logi	`null`
full_scope_allowed	bool	Allow to include all roles mappings in the access token	`false`
keys_filter_algorithm	list(string)	Keys will be filtered by algorithm	`[]`
sign_documents	bool	SAML document will be signed by Keycloak using the realm's private key	`true`
client_signature_required	bool	Keycloak will expect that documents originating from a client will be signed	`true`
force_name_id_format	bool	Ignore requested NameID subject format and used configured one	`false`
canonicalization_method	string	The Canonicalization Method for XML signatures	`"EXCLUSIVE"`
keys_filter_status	list(string)	Keys will be filtered by status	`[ "ACTIVE" ]`
user_property_protocol_mappers	list(any)	User-property protocol mappers to add to client	`[]`
enabled	bool	Allow clients to initiate a login or obtain access tokens	`true`
login_theme	string	Client login theme	`null`
front_channel_logout	bool	Client will require a browser redirect in order to perform a logout	`true`
signature_key_name	string	Value of the KeyName element within the signed SAML document	`"KEY_ID"`
base_url	string	Default URL to use when the auth server needs to redirect or link back to the cl	`null`
master_saml_processing_url	string	URL will be used for all SAML requests	`null`
signing_private_key	string	Key will be used to verify the documents or assertions from the client	`null`
entity_id	string	SP Entity ID	`""`

Outputs (2)

roles

realm_keys

Resources (5)

keycloak_generic_client_protocol_mapperkeycloak_group_roleskeycloak_rolekeycloak_saml_clientkeycloak_saml_user_property_protocol_mapper

Details

FrameworkTerraform Module

LanguageHCL

Version1.2.0

Cloud KEYCLOAK

★ Stars2

Forks0

Total downloads938

Inputs37

Outputs2

Resources5

Namespaceballj

Updated

Tools

⚖ Compare with another construct → 📋 View data schema