1. Packages
  2. Zitadel
  3. API Docs
  4. OrgIdpJwt
zitadel v0.2.0 published on Monday, Mar 24, 2025 by pulumiverse

zitadel.OrgIdpJwt

Explore with Pulumi AI

Resource representing a generic JWT IdP of the organization.

Example Usage

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Zitadel = Pulumiverse.Zitadel;

return await Deployment.RunAsync(() => 
{
    var @default = new Zitadel.OrgIdpJwt("default", new()
    {
        OrgId = defaultZitadelOrg.Id,
        Name = "jwtidp",
        StylingType = "STYLING_TYPE_UNSPECIFIED",
        JwtEndpoint = "https://jwtendpoint.com/jwt",
        Issuer = "https://google.com",
        KeysEndpoint = "https://jwtendpoint.com/keys",
        HeaderName = "x-auth-token",
        AutoRegister = false,
    });

});
Copy
package main

import (
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
	"github.com/pulumiverse/pulumi-zitadel/sdk/go/zitadel"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := zitadel.NewOrgIdpJwt(ctx, "default", &zitadel.OrgIdpJwtArgs{
			OrgId:        pulumi.Any(defaultZitadelOrg.Id),
			Name:         pulumi.String("jwtidp"),
			StylingType:  pulumi.String("STYLING_TYPE_UNSPECIFIED"),
			JwtEndpoint:  pulumi.String("https://jwtendpoint.com/jwt"),
			Issuer:       pulumi.String("https://google.com"),
			KeysEndpoint: pulumi.String("https://jwtendpoint.com/keys"),
			HeaderName:   pulumi.String("x-auth-token"),
			AutoRegister: pulumi.Bool(false),
		})
		if err != nil {
			return err
		}
		return nil
	})
}
Copy
package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.zitadel.OrgIdpJwt;
import com.pulumi.zitadel.OrgIdpJwtArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var default_ = new OrgIdpJwt("default", OrgIdpJwtArgs.builder()        
            .orgId(defaultZitadelOrg.id())
            .name("jwtidp")
            .stylingType("STYLING_TYPE_UNSPECIFIED")
            .jwtEndpoint("https://jwtendpoint.com/jwt")
            .issuer("https://google.com")
            .keysEndpoint("https://jwtendpoint.com/keys")
            .headerName("x-auth-token")
            .autoRegister(false)
            .build());

    }
}
Copy
import * as pulumi from "@pulumi/pulumi";
import * as zitadel from "@pulumiverse/zitadel";

const _default = new zitadel.OrgIdpJwt("default", {
    orgId: defaultZitadelOrg.id,
    name: "jwtidp",
    stylingType: "STYLING_TYPE_UNSPECIFIED",
    jwtEndpoint: "https://jwtendpoint.com/jwt",
    issuer: "https://google.com",
    keysEndpoint: "https://jwtendpoint.com/keys",
    headerName: "x-auth-token",
    autoRegister: false,
});
Copy
import pulumi
import pulumiverse_zitadel as zitadel

default = zitadel.OrgIdpJwt("default",
    org_id=default_zitadel_org["id"],
    name="jwtidp",
    styling_type="STYLING_TYPE_UNSPECIFIED",
    jwt_endpoint="https://jwtendpoint.com/jwt",
    issuer="https://google.com",
    keys_endpoint="https://jwtendpoint.com/keys",
    header_name="x-auth-token",
    auto_register=False)
Copy
resources:
  default:
    type: zitadel:OrgIdpJwt
    properties:
      orgId: ${defaultZitadelOrg.id}
      name: jwtidp
      stylingType: STYLING_TYPE_UNSPECIFIED
      jwtEndpoint: https://jwtendpoint.com/jwt
      issuer: https://google.com
      keysEndpoint: https://jwtendpoint.com/keys
      headerName: x-auth-token
      autoRegister: false
Copy

Create OrgIdpJwt Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

new OrgIdpJwt(name: string, args: OrgIdpJwtArgs, opts?: CustomResourceOptions);
@overload
def OrgIdpJwt(resource_name: str,
              args: OrgIdpJwtArgs,
              opts: Optional[ResourceOptions] = None)

@overload
def OrgIdpJwt(resource_name: str,
              opts: Optional[ResourceOptions] = None,
              auto_register: Optional[bool] = None,
              header_name: Optional[str] = None,
              issuer: Optional[str] = None,
              jwt_endpoint: Optional[str] = None,
              keys_endpoint: Optional[str] = None,
              styling_type: Optional[str] = None,
              name: Optional[str] = None,
              org_id: Optional[str] = None)
func NewOrgIdpJwt(ctx *Context, name string, args OrgIdpJwtArgs, opts ...ResourceOption) (*OrgIdpJwt, error)
public OrgIdpJwt(string name, OrgIdpJwtArgs args, CustomResourceOptions? opts = null)
public OrgIdpJwt(String name, OrgIdpJwtArgs args)
public OrgIdpJwt(String name, OrgIdpJwtArgs args, CustomResourceOptions options)
type: zitadel:OrgIdpJwt
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name This property is required. string
The unique name of the resource.
args This property is required. OrgIdpJwtArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
resource_name This property is required. str
The unique name of the resource.
args This property is required. OrgIdpJwtArgs
The arguments to resource properties.
opts ResourceOptions
Bag of options to control resource's behavior.
ctx Context
Context object for the current deployment.
name This property is required. string
The unique name of the resource.
args This property is required. OrgIdpJwtArgs
The arguments to resource properties.
opts ResourceOption
Bag of options to control resource's behavior.
name This property is required. string
The unique name of the resource.
args This property is required. OrgIdpJwtArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
name This property is required. String
The unique name of the resource.
args This property is required. OrgIdpJwtArgs
The arguments to resource properties.
options CustomResourceOptions
Bag of options to control resource's behavior.

Constructor example

The following reference example uses placeholder values for all input properties.

var orgIdpJwtResource = new Zitadel.OrgIdpJwt("orgIdpJwtResource", new()
{
    AutoRegister = false,
    HeaderName = "string",
    Issuer = "string",
    JwtEndpoint = "string",
    KeysEndpoint = "string",
    StylingType = "string",
    Name = "string",
    OrgId = "string",
});
Copy
example, err := zitadel.NewOrgIdpJwt(ctx, "orgIdpJwtResource", &zitadel.OrgIdpJwtArgs{
	AutoRegister: pulumi.Bool(false),
	HeaderName:   pulumi.String("string"),
	Issuer:       pulumi.String("string"),
	JwtEndpoint:  pulumi.String("string"),
	KeysEndpoint: pulumi.String("string"),
	StylingType:  pulumi.String("string"),
	Name:         pulumi.String("string"),
	OrgId:        pulumi.String("string"),
})
Copy
var orgIdpJwtResource = new OrgIdpJwt("orgIdpJwtResource", OrgIdpJwtArgs.builder()
    .autoRegister(false)
    .headerName("string")
    .issuer("string")
    .jwtEndpoint("string")
    .keysEndpoint("string")
    .stylingType("string")
    .name("string")
    .orgId("string")
    .build());
Copy
org_idp_jwt_resource = zitadel.OrgIdpJwt("orgIdpJwtResource",
    auto_register=False,
    header_name="string",
    issuer="string",
    jwt_endpoint="string",
    keys_endpoint="string",
    styling_type="string",
    name="string",
    org_id="string")
Copy
const orgIdpJwtResource = new zitadel.OrgIdpJwt("orgIdpJwtResource", {
    autoRegister: false,
    headerName: "string",
    issuer: "string",
    jwtEndpoint: "string",
    keysEndpoint: "string",
    stylingType: "string",
    name: "string",
    orgId: "string",
});
Copy
type: zitadel:OrgIdpJwt
properties:
    autoRegister: false
    headerName: string
    issuer: string
    jwtEndpoint: string
    keysEndpoint: string
    name: string
    orgId: string
    stylingType: string
Copy

OrgIdpJwt Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

The OrgIdpJwt resource accepts the following input properties:

AutoRegister This property is required. bool
auto register for users from this idp
HeaderName This property is required. string
the name of the header where the JWT is sent in, default is authorization
Issuer This property is required. string
the issuer of the jwt (for validation)
JwtEndpoint This property is required. string
the endpoint where the jwt can be extracted
KeysEndpoint This property is required. string
the endpoint to the key (JWK) which are used to sign the JWT with
StylingType This property is required. string
Some identity providers specify the styling of the button to their login, supported values: STYLINGTYPEUNSPECIFIED, STYLINGTYPEGOOGLE
Name string
Name of the IDP
OrgId Changes to this property will trigger replacement. string
ID of the organization
AutoRegister This property is required. bool
auto register for users from this idp
HeaderName This property is required. string
the name of the header where the JWT is sent in, default is authorization
Issuer This property is required. string
the issuer of the jwt (for validation)
JwtEndpoint This property is required. string
the endpoint where the jwt can be extracted
KeysEndpoint This property is required. string
the endpoint to the key (JWK) which are used to sign the JWT with
StylingType This property is required. string
Some identity providers specify the styling of the button to their login, supported values: STYLINGTYPEUNSPECIFIED, STYLINGTYPEGOOGLE
Name string
Name of the IDP
OrgId Changes to this property will trigger replacement. string
ID of the organization
autoRegister This property is required. Boolean
auto register for users from this idp
headerName This property is required. String
the name of the header where the JWT is sent in, default is authorization
issuer This property is required. String
the issuer of the jwt (for validation)
jwtEndpoint This property is required. String
the endpoint where the jwt can be extracted
keysEndpoint This property is required. String
the endpoint to the key (JWK) which are used to sign the JWT with
stylingType This property is required. String
Some identity providers specify the styling of the button to their login, supported values: STYLINGTYPEUNSPECIFIED, STYLINGTYPEGOOGLE
name String
Name of the IDP
orgId Changes to this property will trigger replacement. String
ID of the organization
autoRegister This property is required. boolean
auto register for users from this idp
headerName This property is required. string
the name of the header where the JWT is sent in, default is authorization
issuer This property is required. string
the issuer of the jwt (for validation)
jwtEndpoint This property is required. string
the endpoint where the jwt can be extracted
keysEndpoint This property is required. string
the endpoint to the key (JWK) which are used to sign the JWT with
stylingType This property is required. string
Some identity providers specify the styling of the button to their login, supported values: STYLINGTYPEUNSPECIFIED, STYLINGTYPEGOOGLE
name string
Name of the IDP
orgId Changes to this property will trigger replacement. string
ID of the organization
auto_register This property is required. bool
auto register for users from this idp
header_name This property is required. str
the name of the header where the JWT is sent in, default is authorization
issuer This property is required. str
the issuer of the jwt (for validation)
jwt_endpoint This property is required. str
the endpoint where the jwt can be extracted
keys_endpoint This property is required. str
the endpoint to the key (JWK) which are used to sign the JWT with
styling_type This property is required. str
Some identity providers specify the styling of the button to their login, supported values: STYLINGTYPEUNSPECIFIED, STYLINGTYPEGOOGLE
name str
Name of the IDP
org_id Changes to this property will trigger replacement. str
ID of the organization
autoRegister This property is required. Boolean
auto register for users from this idp
headerName This property is required. String
the name of the header where the JWT is sent in, default is authorization
issuer This property is required. String
the issuer of the jwt (for validation)
jwtEndpoint This property is required. String
the endpoint where the jwt can be extracted
keysEndpoint This property is required. String
the endpoint to the key (JWK) which are used to sign the JWT with
stylingType This property is required. String
Some identity providers specify the styling of the button to their login, supported values: STYLINGTYPEUNSPECIFIED, STYLINGTYPEGOOGLE
name String
Name of the IDP
orgId Changes to this property will trigger replacement. String
ID of the organization

Outputs

All input properties are implicitly available as output properties. Additionally, the OrgIdpJwt resource produces the following output properties:

Id string
The provider-assigned unique ID for this managed resource.
Id string
The provider-assigned unique ID for this managed resource.
id String
The provider-assigned unique ID for this managed resource.
id string
The provider-assigned unique ID for this managed resource.
id str
The provider-assigned unique ID for this managed resource.
id String
The provider-assigned unique ID for this managed resource.

Look up Existing OrgIdpJwt Resource

Get an existing OrgIdpJwt resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: OrgIdpJwtState, opts?: CustomResourceOptions): OrgIdpJwt
@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        auto_register: Optional[bool] = None,
        header_name: Optional[str] = None,
        issuer: Optional[str] = None,
        jwt_endpoint: Optional[str] = None,
        keys_endpoint: Optional[str] = None,
        name: Optional[str] = None,
        org_id: Optional[str] = None,
        styling_type: Optional[str] = None) -> OrgIdpJwt
func GetOrgIdpJwt(ctx *Context, name string, id IDInput, state *OrgIdpJwtState, opts ...ResourceOption) (*OrgIdpJwt, error)
public static OrgIdpJwt Get(string name, Input<string> id, OrgIdpJwtState? state, CustomResourceOptions? opts = null)
public static OrgIdpJwt get(String name, Output<String> id, OrgIdpJwtState state, CustomResourceOptions options)
resources:  _:    type: zitadel:OrgIdpJwt    get:      id: ${id}
name This property is required.
The unique name of the resulting resource.
id This property is required.
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
resource_name This property is required.
The unique name of the resulting resource.
id This property is required.
The unique provider ID of the resource to lookup.
name This property is required.
The unique name of the resulting resource.
id This property is required.
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name This property is required.
The unique name of the resulting resource.
id This property is required.
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name This property is required.
The unique name of the resulting resource.
id This property is required.
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
The following state arguments are supported:
AutoRegister bool
auto register for users from this idp
HeaderName string
the name of the header where the JWT is sent in, default is authorization
Issuer string
the issuer of the jwt (for validation)
JwtEndpoint string
the endpoint where the jwt can be extracted
KeysEndpoint string
the endpoint to the key (JWK) which are used to sign the JWT with
Name string
Name of the IDP
OrgId Changes to this property will trigger replacement. string
ID of the organization
StylingType string
Some identity providers specify the styling of the button to their login, supported values: STYLINGTYPEUNSPECIFIED, STYLINGTYPEGOOGLE
AutoRegister bool
auto register for users from this idp
HeaderName string
the name of the header where the JWT is sent in, default is authorization
Issuer string
the issuer of the jwt (for validation)
JwtEndpoint string
the endpoint where the jwt can be extracted
KeysEndpoint string
the endpoint to the key (JWK) which are used to sign the JWT with
Name string
Name of the IDP
OrgId Changes to this property will trigger replacement. string
ID of the organization
StylingType string
Some identity providers specify the styling of the button to their login, supported values: STYLINGTYPEUNSPECIFIED, STYLINGTYPEGOOGLE
autoRegister Boolean
auto register for users from this idp
headerName String
the name of the header where the JWT is sent in, default is authorization
issuer String
the issuer of the jwt (for validation)
jwtEndpoint String
the endpoint where the jwt can be extracted
keysEndpoint String
the endpoint to the key (JWK) which are used to sign the JWT with
name String
Name of the IDP
orgId Changes to this property will trigger replacement. String
ID of the organization
stylingType String
Some identity providers specify the styling of the button to their login, supported values: STYLINGTYPEUNSPECIFIED, STYLINGTYPEGOOGLE
autoRegister boolean
auto register for users from this idp
headerName string
the name of the header where the JWT is sent in, default is authorization
issuer string
the issuer of the jwt (for validation)
jwtEndpoint string
the endpoint where the jwt can be extracted
keysEndpoint string
the endpoint to the key (JWK) which are used to sign the JWT with
name string
Name of the IDP
orgId Changes to this property will trigger replacement. string
ID of the organization
stylingType string
Some identity providers specify the styling of the button to their login, supported values: STYLINGTYPEUNSPECIFIED, STYLINGTYPEGOOGLE
auto_register bool
auto register for users from this idp
header_name str
the name of the header where the JWT is sent in, default is authorization
issuer str
the issuer of the jwt (for validation)
jwt_endpoint str
the endpoint where the jwt can be extracted
keys_endpoint str
the endpoint to the key (JWK) which are used to sign the JWT with
name str
Name of the IDP
org_id Changes to this property will trigger replacement. str
ID of the organization
styling_type str
Some identity providers specify the styling of the button to their login, supported values: STYLINGTYPEUNSPECIFIED, STYLINGTYPEGOOGLE
autoRegister Boolean
auto register for users from this idp
headerName String
the name of the header where the JWT is sent in, default is authorization
issuer String
the issuer of the jwt (for validation)
jwtEndpoint String
the endpoint where the jwt can be extracted
keysEndpoint String
the endpoint to the key (JWK) which are used to sign the JWT with
name String
Name of the IDP
orgId Changes to this property will trigger replacement. String
ID of the organization
stylingType String
Some identity providers specify the styling of the button to their login, supported values: STYLINGTYPEUNSPECIFIED, STYLINGTYPEGOOGLE

Import

bash The resource can be imported using the ID format <id[:org_id]>, e.g.

 $ pulumi import zitadel:index/orgIdpJwt:OrgIdpJwt imported '123456789012345678:123456789012345678'
Copy

To learn more about importing existing cloud resources, see Importing resources.

Package Details

Repository
zitadel pulumiverse/pulumi-zitadel
License
Apache-2.0
Notes
This Pulumi package is based on the zitadel Terraform Provider.