Docs Home Pulumi IaC Pulumi ESC Pulumi Insights Pulumi Cloud Packages Tutorials
  1. Packages
  2. Zitadel
  3. API Docs
  4. OrgIdpLdap
zitadel v0.2.0 published on Monday, Mar 24, 2025 by pulumiverse
pulumiverse/pulumi-zitadel

zitadel.OrgIdpLdap

Explore with Pulumi AI

zitadel v0.2.0 published on Monday, Mar 24, 2025 by pulumiverse
pulumiverse/pulumi-zitadel

Resource representing an LDAP IdP on the organization.

Example Usage

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Zitadel = Pulumiverse.Zitadel;

return await Deployment.RunAsync(() => 
{
    var @default = new Zitadel.OrgIdpLdap("default", new()
    {
        OrgId = defaultZitadelOrg.Id,
        Name = "LDAP",
        Servers = new[]
        {
            "ldaps://my.primary.server:389",
            "ldaps://my.secondary.server:389",
        },
        StartTls = false,
        BaseDn = "dc=example,dc=com",
        BindDn = "cn=admin,dc=example,dc=com",
        BindPassword = "Password1!",
        UserBase = "dn",
        UserObjectClasses = new[]
        {
            "inetOrgPerson",
        },
        UserFilters = new[]
        {
            "uid",
            "email",
        },
        Timeout = "10s",
        IdAttribute = "uid",
        FirstNameAttribute = "firstname",
        LastNameAttribute = "lastname",
        IsLinkingAllowed = false,
        IsCreationAllowed = true,
        IsAutoCreation = false,
        IsAutoUpdate = true,
    });

});
Copy
package main

import (
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
	"github.com/pulumiverse/pulumi-zitadel/sdk/go/zitadel"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := zitadel.NewOrgIdpLdap(ctx, "default", &zitadel.OrgIdpLdapArgs{
			OrgId: pulumi.Any(defaultZitadelOrg.Id),
			Name:  pulumi.String("LDAP"),
			Servers: pulumi.StringArray{
				pulumi.String("ldaps://my.primary.server:389"),
				pulumi.String("ldaps://my.secondary.server:389"),
			},
			StartTls:     pulumi.Bool(false),
			BaseDn:       pulumi.String("dc=example,dc=com"),
			BindDn:       pulumi.String("cn=admin,dc=example,dc=com"),
			BindPassword: pulumi.String("Password1!"),
			UserBase:     pulumi.String("dn"),
			UserObjectClasses: pulumi.StringArray{
				pulumi.String("inetOrgPerson"),
			},
			UserFilters: pulumi.StringArray{
				pulumi.String("uid"),
				pulumi.String("email"),
			},
			Timeout:            pulumi.String("10s"),
			IdAttribute:        pulumi.String("uid"),
			FirstNameAttribute: pulumi.String("firstname"),
			LastNameAttribute:  pulumi.String("lastname"),
			IsLinkingAllowed:   pulumi.Bool(false),
			IsCreationAllowed:  pulumi.Bool(true),
			IsAutoCreation:     pulumi.Bool(false),
			IsAutoUpdate:       pulumi.Bool(true),
		})
		if err != nil {
			return err
		}
		return nil
	})
}
Copy
package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.zitadel.OrgIdpLdap;
import com.pulumi.zitadel.OrgIdpLdapArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var default_ = new OrgIdpLdap("default", OrgIdpLdapArgs.builder()        
            .orgId(defaultZitadelOrg.id())
            .name("LDAP")
            .servers(            
                "ldaps://my.primary.server:389",
                "ldaps://my.secondary.server:389")
            .startTls(false)
            .baseDn("dc=example,dc=com")
            .bindDn("cn=admin,dc=example,dc=com")
            .bindPassword("Password1!")
            .userBase("dn")
            .userObjectClasses("inetOrgPerson")
            .userFilters(            
                "uid",
                "email")
            .timeout("10s")
            .idAttribute("uid")
            .firstNameAttribute("firstname")
            .lastNameAttribute("lastname")
            .isLinkingAllowed(false)
            .isCreationAllowed(true)
            .isAutoCreation(false)
            .isAutoUpdate(true)
            .build());

    }
}
Copy
import * as pulumi from "@pulumi/pulumi";
import * as zitadel from "@pulumiverse/zitadel";

const _default = new zitadel.OrgIdpLdap("default", {
    orgId: defaultZitadelOrg.id,
    name: "LDAP",
    servers: [
        "ldaps://my.primary.server:389",
        "ldaps://my.secondary.server:389",
    ],
    startTls: false,
    baseDn: "dc=example,dc=com",
    bindDn: "cn=admin,dc=example,dc=com",
    bindPassword: "Password1!",
    userBase: "dn",
    userObjectClasses: ["inetOrgPerson"],
    userFilters: [
        "uid",
        "email",
    ],
    timeout: "10s",
    idAttribute: "uid",
    firstNameAttribute: "firstname",
    lastNameAttribute: "lastname",
    isLinkingAllowed: false,
    isCreationAllowed: true,
    isAutoCreation: false,
    isAutoUpdate: true,
});
Copy
import pulumi
import pulumiverse_zitadel as zitadel

default = zitadel.OrgIdpLdap("default",
    org_id=default_zitadel_org["id"],
    name="LDAP",
    servers=[
        "ldaps://my.primary.server:389",
        "ldaps://my.secondary.server:389",
    ],
    start_tls=False,
    base_dn="dc=example,dc=com",
    bind_dn="cn=admin,dc=example,dc=com",
    bind_password="Password1!",
    user_base="dn",
    user_object_classes=["inetOrgPerson"],
    user_filters=[
        "uid",
        "email",
    ],
    timeout="10s",
    id_attribute="uid",
    first_name_attribute="firstname",
    last_name_attribute="lastname",
    is_linking_allowed=False,
    is_creation_allowed=True,
    is_auto_creation=False,
    is_auto_update=True)
Copy
resources:
  default:
    type: zitadel:OrgIdpLdap
    properties:
      orgId: ${defaultZitadelOrg.id}
      name: LDAP
      servers:
        - ldaps://my.primary.server:389
        - ldaps://my.secondary.server:389
      startTls: false
      baseDn: dc=example,dc=com
      bindDn: cn=admin,dc=example,dc=com
      bindPassword: Password1!
      userBase: dn
      userObjectClasses:
        - inetOrgPerson
      userFilters:
        - uid
        - email
      timeout: 10s
      idAttribute: uid
      firstNameAttribute: firstname
      lastNameAttribute: lastname
      isLinkingAllowed: false
      isCreationAllowed: true
      isAutoCreation: false
      isAutoUpdate: true
Copy

Create OrgIdpLdap Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

new OrgIdpLdap(name: string, args: OrgIdpLdapArgs, opts?: CustomResourceOptions);
@overload
def OrgIdpLdap(resource_name: str,
               args: OrgIdpLdapArgs,
               opts: Optional[ResourceOptions] = None)

@overload
def OrgIdpLdap(resource_name: str,
               opts: Optional[ResourceOptions] = None,
               servers: Optional[Sequence[str]] = None,
               base_dn: Optional[str] = None,
               bind_dn: Optional[str] = None,
               bind_password: Optional[str] = None,
               user_object_classes: Optional[Sequence[str]] = None,
               user_filters: Optional[Sequence[str]] = None,
               user_base: Optional[str] = None,
               timeout: Optional[str] = None,
               start_tls: Optional[bool] = None,
               is_auto_creation: Optional[bool] = None,
               is_auto_update: Optional[bool] = None,
               is_creation_allowed: Optional[bool] = None,
               is_linking_allowed: Optional[bool] = None,
               name: Optional[str] = None,
               preferred_username_attribute: Optional[str] = None,
               nick_name_attribute: Optional[str] = None,
               org_id: Optional[str] = None,
               phone_attribute: Optional[str] = None,
               phone_verified_attribute: Optional[str] = None,
               preferred_language_attribute: Optional[str] = None,
               avatar_url_attribute: Optional[str] = None,
               profile_attribute: Optional[str] = None,
               last_name_attribute: Optional[str] = None,
               id_attribute: Optional[str] = None,
               first_name_attribute: Optional[str] = None,
               email_verified_attribute: Optional[str] = None,
               email_attribute: Optional[str] = None,
               display_name_attribute: Optional[str] = None)
func NewOrgIdpLdap(ctx *Context, name string, args OrgIdpLdapArgs, opts ...ResourceOption) (*OrgIdpLdap, error)
public OrgIdpLdap(string name, OrgIdpLdapArgs args, CustomResourceOptions? opts = null)
public OrgIdpLdap(String name, OrgIdpLdapArgs args)
public OrgIdpLdap(String name, OrgIdpLdapArgs args, CustomResourceOptions options)

type: zitadel:OrgIdpLdap
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name This property is required. string
The unique name of the resource.
args This property is required. OrgIdpLdapArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
resource_name This property is required. str
The unique name of the resource.
args This property is required. OrgIdpLdapArgs
The arguments to resource properties.
opts ResourceOptions
Bag of options to control resource's behavior.
ctx Context
Context object for the current deployment.
name This property is required. string
The unique name of the resource.
args This property is required. OrgIdpLdapArgs
The arguments to resource properties.
opts ResourceOption
Bag of options to control resource's behavior.
name This property is required. string
The unique name of the resource.
args This property is required. OrgIdpLdapArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
name This property is required. String
The unique name of the resource.
args This property is required. OrgIdpLdapArgs
The arguments to resource properties.
options CustomResourceOptions
Bag of options to control resource's behavior.

Constructor example

The following reference example uses placeholder values for all input properties.

var orgIdpLdapResource = new Zitadel.OrgIdpLdap("orgIdpLdapResource", new()
{
    Servers = new[]
    {
        "string",
    },
    BaseDn = "string",
    BindDn = "string",
    BindPassword = "string",
    UserObjectClasses = new[]
    {
        "string",
    },
    UserFilters = new[]
    {
        "string",
    },
    UserBase = "string",
    Timeout = "string",
    StartTls = false,
    IsAutoCreation = false,
    IsAutoUpdate = false,
    IsCreationAllowed = false,
    IsLinkingAllowed = false,
    Name = "string",
    PreferredUsernameAttribute = "string",
    NickNameAttribute = "string",
    OrgId = "string",
    PhoneAttribute = "string",
    PhoneVerifiedAttribute = "string",
    PreferredLanguageAttribute = "string",
    AvatarUrlAttribute = "string",
    ProfileAttribute = "string",
    LastNameAttribute = "string",
    IdAttribute = "string",
    FirstNameAttribute = "string",
    EmailVerifiedAttribute = "string",
    EmailAttribute = "string",
    DisplayNameAttribute = "string",
});
Copy
example, err := zitadel.NewOrgIdpLdap(ctx, "orgIdpLdapResource", &zitadel.OrgIdpLdapArgs{
	Servers: pulumi.StringArray{
		pulumi.String("string"),
	},
	BaseDn:       pulumi.String("string"),
	BindDn:       pulumi.String("string"),
	BindPassword: pulumi.String("string"),
	UserObjectClasses: pulumi.StringArray{
		pulumi.String("string"),
	},
	UserFilters: pulumi.StringArray{
		pulumi.String("string"),
	},
	UserBase:                   pulumi.String("string"),
	Timeout:                    pulumi.String("string"),
	StartTls:                   pulumi.Bool(false),
	IsAutoCreation:             pulumi.Bool(false),
	IsAutoUpdate:               pulumi.Bool(false),
	IsCreationAllowed:          pulumi.Bool(false),
	IsLinkingAllowed:           pulumi.Bool(false),
	Name:                       pulumi.String("string"),
	PreferredUsernameAttribute: pulumi.String("string"),
	NickNameAttribute:          pulumi.String("string"),
	OrgId:                      pulumi.String("string"),
	PhoneAttribute:             pulumi.String("string"),
	PhoneVerifiedAttribute:     pulumi.String("string"),
	PreferredLanguageAttribute: pulumi.String("string"),
	AvatarUrlAttribute:         pulumi.String("string"),
	ProfileAttribute:           pulumi.String("string"),
	LastNameAttribute:          pulumi.String("string"),
	IdAttribute:                pulumi.String("string"),
	FirstNameAttribute:         pulumi.String("string"),
	EmailVerifiedAttribute:     pulumi.String("string"),
	EmailAttribute:             pulumi.String("string"),
	DisplayNameAttribute:       pulumi.String("string"),
})
Copy
var orgIdpLdapResource = new OrgIdpLdap("orgIdpLdapResource", OrgIdpLdapArgs.builder()
    .servers("string")
    .baseDn("string")
    .bindDn("string")
    .bindPassword("string")
    .userObjectClasses("string")
    .userFilters("string")
    .userBase("string")
    .timeout("string")
    .startTls(false)
    .isAutoCreation(false)
    .isAutoUpdate(false)
    .isCreationAllowed(false)
    .isLinkingAllowed(false)
    .name("string")
    .preferredUsernameAttribute("string")
    .nickNameAttribute("string")
    .orgId("string")
    .phoneAttribute("string")
    .phoneVerifiedAttribute("string")
    .preferredLanguageAttribute("string")
    .avatarUrlAttribute("string")
    .profileAttribute("string")
    .lastNameAttribute("string")
    .idAttribute("string")
    .firstNameAttribute("string")
    .emailVerifiedAttribute("string")
    .emailAttribute("string")
    .displayNameAttribute("string")
    .build());
Copy
org_idp_ldap_resource = zitadel.OrgIdpLdap("orgIdpLdapResource",
    servers=["string"],
    base_dn="string",
    bind_dn="string",
    bind_password="string",
    user_object_classes=["string"],
    user_filters=["string"],
    user_base="string",
    timeout="string",
    start_tls=False,
    is_auto_creation=False,
    is_auto_update=False,
    is_creation_allowed=False,
    is_linking_allowed=False,
    name="string",
    preferred_username_attribute="string",
    nick_name_attribute="string",
    org_id="string",
    phone_attribute="string",
    phone_verified_attribute="string",
    preferred_language_attribute="string",
    avatar_url_attribute="string",
    profile_attribute="string",
    last_name_attribute="string",
    id_attribute="string",
    first_name_attribute="string",
    email_verified_attribute="string",
    email_attribute="string",
    display_name_attribute="string")
Copy
const orgIdpLdapResource = new zitadel.OrgIdpLdap("orgIdpLdapResource", {
    servers: ["string"],
    baseDn: "string",
    bindDn: "string",
    bindPassword: "string",
    userObjectClasses: ["string"],
    userFilters: ["string"],
    userBase: "string",
    timeout: "string",
    startTls: false,
    isAutoCreation: false,
    isAutoUpdate: false,
    isCreationAllowed: false,
    isLinkingAllowed: false,
    name: "string",
    preferredUsernameAttribute: "string",
    nickNameAttribute: "string",
    orgId: "string",
    phoneAttribute: "string",
    phoneVerifiedAttribute: "string",
    preferredLanguageAttribute: "string",
    avatarUrlAttribute: "string",
    profileAttribute: "string",
    lastNameAttribute: "string",
    idAttribute: "string",
    firstNameAttribute: "string",
    emailVerifiedAttribute: "string",
    emailAttribute: "string",
    displayNameAttribute: "string",
});
Copy
type: zitadel:OrgIdpLdap
properties:
    avatarUrlAttribute: string
    baseDn: string
    bindDn: string
    bindPassword: string
    displayNameAttribute: string
    emailAttribute: string
    emailVerifiedAttribute: string
    firstNameAttribute: string
    idAttribute: string
    isAutoCreation: false
    isAutoUpdate: false
    isCreationAllowed: false
    isLinkingAllowed: false
    lastNameAttribute: string
    name: string
    nickNameAttribute: string
    orgId: string
    phoneAttribute: string
    phoneVerifiedAttribute: string
    preferredLanguageAttribute: string
    preferredUsernameAttribute: string
    profileAttribute: string
    servers:
        - string
    startTls: false
    timeout: string
    userBase: string
    userFilters:
        - string
    userObjectClasses:
        - string
Copy

OrgIdpLdap Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

The OrgIdpLdap resource accepts the following input properties:

BaseDn This property is required. string
Base DN for LDAP connections
BindDn This property is required. string
Bind DN for LDAP connections
BindPassword This property is required. string
Bind password for LDAP connections
IsAutoCreation This property is required. bool
enable if a new account in ZITADEL should be created automatically on login with an external account
IsAutoUpdate This property is required. bool
enable if a the ZITADEL account fields should be updated automatically on each login
IsCreationAllowed This property is required. bool
enable if users should be able to create a new account in ZITADEL when using an external account
IsLinkingAllowed This property is required. bool
enable if users should be able to link an existing ZITADEL user with an external account
Servers This property is required. List<string>
Servers to try in order for establishing LDAP connections
StartTls This property is required. bool
Wether to use StartTLS for LDAP connections
Timeout This property is required. string
Timeout for LDAP connections
UserBase This property is required. string
User base for LDAP connections
UserFilters This property is required. List<string>
User filters for LDAP connections
UserObjectClasses This property is required. List<string>
User object classes for LDAP connections
AvatarUrlAttribute string
User attribute for the avatar url
DisplayNameAttribute string
User attribute for the display name
EmailAttribute string
User attribute for the email
EmailVerifiedAttribute string
User attribute for the email verified state
FirstNameAttribute string
User attribute for the first name
IdAttribute string
User attribute for the id
LastNameAttribute string
User attribute for the last name
Name string
Name of the IDP
NickNameAttribute string
User attribute for the nick name
OrgId Changes to this property will trigger replacement. string
ID of the organization
PhoneAttribute string
User attribute for the phone
PhoneVerifiedAttribute string
User attribute for the phone verified state
PreferredLanguageAttribute string
User attribute for the preferred language
PreferredUsernameAttribute string
User attribute for the preferred username
ProfileAttribute string
User attribute for the profile
BaseDn This property is required. string
Base DN for LDAP connections
BindDn This property is required. string
Bind DN for LDAP connections
BindPassword This property is required. string
Bind password for LDAP connections
IsAutoCreation This property is required. bool
enable if a new account in ZITADEL should be created automatically on login with an external account
IsAutoUpdate This property is required. bool
enable if a the ZITADEL account fields should be updated automatically on each login
IsCreationAllowed This property is required. bool
enable if users should be able to create a new account in ZITADEL when using an external account
IsLinkingAllowed This property is required. bool
enable if users should be able to link an existing ZITADEL user with an external account
Servers This property is required. []string
Servers to try in order for establishing LDAP connections
StartTls This property is required. bool
Wether to use StartTLS for LDAP connections
Timeout This property is required. string
Timeout for LDAP connections
UserBase This property is required. string
User base for LDAP connections
UserFilters This property is required. []string
User filters for LDAP connections
UserObjectClasses This property is required. []string
User object classes for LDAP connections
AvatarUrlAttribute string
User attribute for the avatar url
DisplayNameAttribute string
User attribute for the display name
EmailAttribute string
User attribute for the email
EmailVerifiedAttribute string
User attribute for the email verified state
FirstNameAttribute string
User attribute for the first name
IdAttribute string
User attribute for the id
LastNameAttribute string
User attribute for the last name
Name string
Name of the IDP
NickNameAttribute string
User attribute for the nick name
OrgId Changes to this property will trigger replacement. string
ID of the organization
PhoneAttribute string
User attribute for the phone
PhoneVerifiedAttribute string
User attribute for the phone verified state
PreferredLanguageAttribute string
User attribute for the preferred language
PreferredUsernameAttribute string
User attribute for the preferred username
ProfileAttribute string
User attribute for the profile
baseDn This property is required. String
Base DN for LDAP connections
bindDn This property is required. String
Bind DN for LDAP connections
bindPassword This property is required. String
Bind password for LDAP connections
isAutoCreation This property is required. Boolean
enable if a new account in ZITADEL should be created automatically on login with an external account
isAutoUpdate This property is required. Boolean
enable if a the ZITADEL account fields should be updated automatically on each login
isCreationAllowed This property is required. Boolean
enable if users should be able to create a new account in ZITADEL when using an external account
isLinkingAllowed This property is required. Boolean
enable if users should be able to link an existing ZITADEL user with an external account
servers This property is required. List<String>
Servers to try in order for establishing LDAP connections
startTls This property is required. Boolean
Wether to use StartTLS for LDAP connections
timeout This property is required. String
Timeout for LDAP connections
userBase This property is required. String
User base for LDAP connections
userFilters This property is required. List<String>
User filters for LDAP connections
userObjectClasses This property is required. List<String>
User object classes for LDAP connections
avatarUrlAttribute String
User attribute for the avatar url
displayNameAttribute String
User attribute for the display name
emailAttribute String
User attribute for the email
emailVerifiedAttribute String
User attribute for the email verified state
firstNameAttribute String
User attribute for the first name
idAttribute String
User attribute for the id
lastNameAttribute String
User attribute for the last name
name String
Name of the IDP
nickNameAttribute String
User attribute for the nick name
orgId Changes to this property will trigger replacement. String
ID of the organization
phoneAttribute String
User attribute for the phone
phoneVerifiedAttribute String
User attribute for the phone verified state
preferredLanguageAttribute String
User attribute for the preferred language
preferredUsernameAttribute String
User attribute for the preferred username
profileAttribute String
User attribute for the profile
baseDn This property is required. string
Base DN for LDAP connections
bindDn This property is required. string
Bind DN for LDAP connections
bindPassword This property is required. string
Bind password for LDAP connections
isAutoCreation This property is required. boolean
enable if a new account in ZITADEL should be created automatically on login with an external account
isAutoUpdate This property is required. boolean
enable if a the ZITADEL account fields should be updated automatically on each login
isCreationAllowed This property is required. boolean
enable if users should be able to create a new account in ZITADEL when using an external account
isLinkingAllowed This property is required. boolean
enable if users should be able to link an existing ZITADEL user with an external account
servers This property is required. string[]
Servers to try in order for establishing LDAP connections
startTls This property is required. boolean
Wether to use StartTLS for LDAP connections
timeout This property is required. string
Timeout for LDAP connections
userBase This property is required. string
User base for LDAP connections
userFilters This property is required. string[]
User filters for LDAP connections
userObjectClasses This property is required. string[]
User object classes for LDAP connections
avatarUrlAttribute string
User attribute for the avatar url
displayNameAttribute string
User attribute for the display name
emailAttribute string
User attribute for the email
emailVerifiedAttribute string
User attribute for the email verified state
firstNameAttribute string
User attribute for the first name
idAttribute string
User attribute for the id
lastNameAttribute string
User attribute for the last name
name string
Name of the IDP
nickNameAttribute string
User attribute for the nick name
orgId Changes to this property will trigger replacement. string
ID of the organization
phoneAttribute string
User attribute for the phone
phoneVerifiedAttribute string
User attribute for the phone verified state
preferredLanguageAttribute string
User attribute for the preferred language
preferredUsernameAttribute string
User attribute for the preferred username
profileAttribute string
User attribute for the profile
base_dn This property is required. str
Base DN for LDAP connections
bind_dn This property is required. str
Bind DN for LDAP connections
bind_password This property is required. str
Bind password for LDAP connections
is_auto_creation This property is required. bool
enable if a new account in ZITADEL should be created automatically on login with an external account
is_auto_update This property is required. bool
enable if a the ZITADEL account fields should be updated automatically on each login
is_creation_allowed This property is required. bool
enable if users should be able to create a new account in ZITADEL when using an external account
is_linking_allowed This property is required. bool
enable if users should be able to link an existing ZITADEL user with an external account
servers This property is required. Sequence[str]
Servers to try in order for establishing LDAP connections
start_tls This property is required. bool
Wether to use StartTLS for LDAP connections
timeout This property is required. str
Timeout for LDAP connections
user_base This property is required. str
User base for LDAP connections
user_filters This property is required. Sequence[str]
User filters for LDAP connections
user_object_classes This property is required. Sequence[str]
User object classes for LDAP connections
avatar_url_attribute str
User attribute for the avatar url
display_name_attribute str
User attribute for the display name
email_attribute str
User attribute for the email
email_verified_attribute str
User attribute for the email verified state
first_name_attribute str
User attribute for the first name
id_attribute str
User attribute for the id
last_name_attribute str
User attribute for the last name
name str
Name of the IDP
nick_name_attribute str
User attribute for the nick name
org_id Changes to this property will trigger replacement. str
ID of the organization
phone_attribute str
User attribute for the phone
phone_verified_attribute str
User attribute for the phone verified state
preferred_language_attribute str
User attribute for the preferred language
preferred_username_attribute str
User attribute for the preferred username
profile_attribute str
User attribute for the profile
baseDn This property is required. String
Base DN for LDAP connections
bindDn This property is required. String
Bind DN for LDAP connections
bindPassword This property is required. String
Bind password for LDAP connections
isAutoCreation This property is required. Boolean
enable if a new account in ZITADEL should be created automatically on login with an external account
isAutoUpdate This property is required. Boolean
enable if a the ZITADEL account fields should be updated automatically on each login
isCreationAllowed This property is required. Boolean
enable if users should be able to create a new account in ZITADEL when using an external account
isLinkingAllowed This property is required. Boolean
enable if users should be able to link an existing ZITADEL user with an external account
servers This property is required. List<String>
Servers to try in order for establishing LDAP connections
startTls This property is required. Boolean
Wether to use StartTLS for LDAP connections
timeout This property is required. String
Timeout for LDAP connections
userBase This property is required. String
User base for LDAP connections
userFilters This property is required. List<String>
User filters for LDAP connections
userObjectClasses This property is required. List<String>
User object classes for LDAP connections
avatarUrlAttribute String
User attribute for the avatar url
displayNameAttribute String
User attribute for the display name
emailAttribute String
User attribute for the email
emailVerifiedAttribute String
User attribute for the email verified state
firstNameAttribute String
User attribute for the first name
idAttribute String
User attribute for the id
lastNameAttribute String
User attribute for the last name
name String
Name of the IDP
nickNameAttribute String
User attribute for the nick name
orgId Changes to this property will trigger replacement. String
ID of the organization
phoneAttribute String
User attribute for the phone
phoneVerifiedAttribute String
User attribute for the phone verified state
preferredLanguageAttribute String
User attribute for the preferred language
preferredUsernameAttribute String
User attribute for the preferred username
profileAttribute String
User attribute for the profile

Outputs

All input properties are implicitly available as output properties. Additionally, the OrgIdpLdap resource produces the following output properties:

Id string
The provider-assigned unique ID for this managed resource.
Id string
The provider-assigned unique ID for this managed resource.
id String
The provider-assigned unique ID for this managed resource.
id string
The provider-assigned unique ID for this managed resource.
id str
The provider-assigned unique ID for this managed resource.
id String
The provider-assigned unique ID for this managed resource.

Look up Existing OrgIdpLdap Resource

Get an existing OrgIdpLdap resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: OrgIdpLdapState, opts?: CustomResourceOptions): OrgIdpLdap
@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        avatar_url_attribute: Optional[str] = None,
        base_dn: Optional[str] = None,
        bind_dn: Optional[str] = None,
        bind_password: Optional[str] = None,
        display_name_attribute: Optional[str] = None,
        email_attribute: Optional[str] = None,
        email_verified_attribute: Optional[str] = None,
        first_name_attribute: Optional[str] = None,
        id_attribute: Optional[str] = None,
        is_auto_creation: Optional[bool] = None,
        is_auto_update: Optional[bool] = None,
        is_creation_allowed: Optional[bool] = None,
        is_linking_allowed: Optional[bool] = None,
        last_name_attribute: Optional[str] = None,
        name: Optional[str] = None,
        nick_name_attribute: Optional[str] = None,
        org_id: Optional[str] = None,
        phone_attribute: Optional[str] = None,
        phone_verified_attribute: Optional[str] = None,
        preferred_language_attribute: Optional[str] = None,
        preferred_username_attribute: Optional[str] = None,
        profile_attribute: Optional[str] = None,
        servers: Optional[Sequence[str]] = None,
        start_tls: Optional[bool] = None,
        timeout: Optional[str] = None,
        user_base: Optional[str] = None,
        user_filters: Optional[Sequence[str]] = None,
        user_object_classes: Optional[Sequence[str]] = None) -> OrgIdpLdap
func GetOrgIdpLdap(ctx *Context, name string, id IDInput, state *OrgIdpLdapState, opts ...ResourceOption) (*OrgIdpLdap, error)
public static OrgIdpLdap Get(string name, Input<string> id, OrgIdpLdapState? state, CustomResourceOptions? opts = null)
public static OrgIdpLdap get(String name, Output<String> id, OrgIdpLdapState state, CustomResourceOptions options)
resources:  _:    type: zitadel:OrgIdpLdap    get:      id: ${id}
name This property is required.
The unique name of the resulting resource.
id This property is required.
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
resource_name This property is required.
The unique name of the resulting resource.
id This property is required.
The unique provider ID of the resource to lookup.
name This property is required.
The unique name of the resulting resource.
id This property is required.
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name This property is required.
The unique name of the resulting resource.
id This property is required.
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name This property is required.
The unique name of the resulting resource.
id This property is required.
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
The following state arguments are supported:
AvatarUrlAttribute string
User attribute for the avatar url
BaseDn string
Base DN for LDAP connections
BindDn string
Bind DN for LDAP connections
BindPassword string
Bind password for LDAP connections
DisplayNameAttribute string
User attribute for the display name
EmailAttribute string
User attribute for the email
EmailVerifiedAttribute string
User attribute for the email verified state
FirstNameAttribute string
User attribute for the first name
IdAttribute string
User attribute for the id
IsAutoCreation bool
enable if a new account in ZITADEL should be created automatically on login with an external account
IsAutoUpdate bool
enable if a the ZITADEL account fields should be updated automatically on each login
IsCreationAllowed bool
enable if users should be able to create a new account in ZITADEL when using an external account
IsLinkingAllowed bool
enable if users should be able to link an existing ZITADEL user with an external account
LastNameAttribute string
User attribute for the last name
Name string
Name of the IDP
NickNameAttribute string
User attribute for the nick name
OrgId Changes to this property will trigger replacement. string
ID of the organization
PhoneAttribute string
User attribute for the phone
PhoneVerifiedAttribute string
User attribute for the phone verified state
PreferredLanguageAttribute string
User attribute for the preferred language
PreferredUsernameAttribute string
User attribute for the preferred username
ProfileAttribute string
User attribute for the profile
Servers List<string>
Servers to try in order for establishing LDAP connections
StartTls bool
Wether to use StartTLS for LDAP connections
Timeout string
Timeout for LDAP connections
UserBase string
User base for LDAP connections
UserFilters List<string>
User filters for LDAP connections
UserObjectClasses List<string>
User object classes for LDAP connections
AvatarUrlAttribute string
User attribute for the avatar url
BaseDn string
Base DN for LDAP connections
BindDn string
Bind DN for LDAP connections
BindPassword string
Bind password for LDAP connections
DisplayNameAttribute string
User attribute for the display name
EmailAttribute string
User attribute for the email
EmailVerifiedAttribute string
User attribute for the email verified state
FirstNameAttribute string
User attribute for the first name
IdAttribute string
User attribute for the id
IsAutoCreation bool
enable if a new account in ZITADEL should be created automatically on login with an external account
IsAutoUpdate bool
enable if a the ZITADEL account fields should be updated automatically on each login
IsCreationAllowed bool
enable if users should be able to create a new account in ZITADEL when using an external account
IsLinkingAllowed bool
enable if users should be able to link an existing ZITADEL user with an external account
LastNameAttribute string
User attribute for the last name
Name string
Name of the IDP
NickNameAttribute string
User attribute for the nick name
OrgId Changes to this property will trigger replacement. string
ID of the organization
PhoneAttribute string
User attribute for the phone
PhoneVerifiedAttribute string
User attribute for the phone verified state
PreferredLanguageAttribute string
User attribute for the preferred language
PreferredUsernameAttribute string
User attribute for the preferred username
ProfileAttribute string
User attribute for the profile
Servers []string
Servers to try in order for establishing LDAP connections
StartTls bool
Wether to use StartTLS for LDAP connections
Timeout string
Timeout for LDAP connections
UserBase string
User base for LDAP connections
UserFilters []string
User filters for LDAP connections
UserObjectClasses []string
User object classes for LDAP connections
avatarUrlAttribute String
User attribute for the avatar url
baseDn String
Base DN for LDAP connections
bindDn String
Bind DN for LDAP connections
bindPassword String
Bind password for LDAP connections
displayNameAttribute String
User attribute for the display name
emailAttribute String
User attribute for the email
emailVerifiedAttribute String
User attribute for the email verified state
firstNameAttribute String
User attribute for the first name
idAttribute String
User attribute for the id
isAutoCreation Boolean
enable if a new account in ZITADEL should be created automatically on login with an external account
isAutoUpdate Boolean
enable if a the ZITADEL account fields should be updated automatically on each login
isCreationAllowed Boolean
enable if users should be able to create a new account in ZITADEL when using an external account
isLinkingAllowed Boolean
enable if users should be able to link an existing ZITADEL user with an external account
lastNameAttribute String
User attribute for the last name
name String
Name of the IDP
nickNameAttribute String
User attribute for the nick name
orgId Changes to this property will trigger replacement. String
ID of the organization
phoneAttribute String
User attribute for the phone
phoneVerifiedAttribute String
User attribute for the phone verified state
preferredLanguageAttribute String
User attribute for the preferred language
preferredUsernameAttribute String
User attribute for the preferred username
profileAttribute String
User attribute for the profile
servers List<String>
Servers to try in order for establishing LDAP connections
startTls Boolean
Wether to use StartTLS for LDAP connections
timeout String
Timeout for LDAP connections
userBase String
User base for LDAP connections
userFilters List<String>
User filters for LDAP connections
userObjectClasses List<String>
User object classes for LDAP connections
avatarUrlAttribute string
User attribute for the avatar url
baseDn string
Base DN for LDAP connections
bindDn string
Bind DN for LDAP connections
bindPassword string
Bind password for LDAP connections
displayNameAttribute string
User attribute for the display name
emailAttribute string
User attribute for the email
emailVerifiedAttribute string
User attribute for the email verified state
firstNameAttribute string
User attribute for the first name
idAttribute string
User attribute for the id
isAutoCreation boolean
enable if a new account in ZITADEL should be created automatically on login with an external account
isAutoUpdate boolean
enable if a the ZITADEL account fields should be updated automatically on each login
isCreationAllowed boolean
enable if users should be able to create a new account in ZITADEL when using an external account
isLinkingAllowed boolean
enable if users should be able to link an existing ZITADEL user with an external account
lastNameAttribute string
User attribute for the last name
name string
Name of the IDP
nickNameAttribute string
User attribute for the nick name
orgId Changes to this property will trigger replacement. string
ID of the organization
phoneAttribute string
User attribute for the phone
phoneVerifiedAttribute string
User attribute for the phone verified state
preferredLanguageAttribute string
User attribute for the preferred language
preferredUsernameAttribute string
User attribute for the preferred username
profileAttribute string
User attribute for the profile
servers string[]
Servers to try in order for establishing LDAP connections
startTls boolean
Wether to use StartTLS for LDAP connections
timeout string
Timeout for LDAP connections
userBase string
User base for LDAP connections
userFilters string[]
User filters for LDAP connections
userObjectClasses string[]
User object classes for LDAP connections
avatar_url_attribute str
User attribute for the avatar url
base_dn str
Base DN for LDAP connections
bind_dn str
Bind DN for LDAP connections
bind_password str
Bind password for LDAP connections
display_name_attribute str
User attribute for the display name
email_attribute str
User attribute for the email
email_verified_attribute str
User attribute for the email verified state
first_name_attribute str
User attribute for the first name
id_attribute str
User attribute for the id
is_auto_creation bool
enable if a new account in ZITADEL should be created automatically on login with an external account
is_auto_update bool
enable if a the ZITADEL account fields should be updated automatically on each login
is_creation_allowed bool
enable if users should be able to create a new account in ZITADEL when using an external account
is_linking_allowed bool
enable if users should be able to link an existing ZITADEL user with an external account
last_name_attribute str
User attribute for the last name
name str
Name of the IDP
nick_name_attribute str
User attribute for the nick name
org_id Changes to this property will trigger replacement. str
ID of the organization
phone_attribute str
User attribute for the phone
phone_verified_attribute str
User attribute for the phone verified state
preferred_language_attribute str
User attribute for the preferred language
preferred_username_attribute str
User attribute for the preferred username
profile_attribute str
User attribute for the profile
servers Sequence[str]
Servers to try in order for establishing LDAP connections
start_tls bool
Wether to use StartTLS for LDAP connections
timeout str
Timeout for LDAP connections
user_base str
User base for LDAP connections
user_filters Sequence[str]
User filters for LDAP connections
user_object_classes Sequence[str]
User object classes for LDAP connections
avatarUrlAttribute String
User attribute for the avatar url
baseDn String
Base DN for LDAP connections
bindDn String
Bind DN for LDAP connections
bindPassword String
Bind password for LDAP connections
displayNameAttribute String
User attribute for the display name
emailAttribute String
User attribute for the email
emailVerifiedAttribute String
User attribute for the email verified state
firstNameAttribute String
User attribute for the first name
idAttribute String
User attribute for the id
isAutoCreation Boolean
enable if a new account in ZITADEL should be created automatically on login with an external account
isAutoUpdate Boolean
enable if a the ZITADEL account fields should be updated automatically on each login
isCreationAllowed Boolean
enable if users should be able to create a new account in ZITADEL when using an external account
isLinkingAllowed Boolean
enable if users should be able to link an existing ZITADEL user with an external account
lastNameAttribute String
User attribute for the last name
name String
Name of the IDP
nickNameAttribute String
User attribute for the nick name
orgId Changes to this property will trigger replacement. String
ID of the organization
phoneAttribute String
User attribute for the phone
phoneVerifiedAttribute String
User attribute for the phone verified state
preferredLanguageAttribute String
User attribute for the preferred language
preferredUsernameAttribute String
User attribute for the preferred username
profileAttribute String
User attribute for the profile
servers List<String>
Servers to try in order for establishing LDAP connections
startTls Boolean
Wether to use StartTLS for LDAP connections
timeout String
Timeout for LDAP connections
userBase String
User base for LDAP connections
userFilters List<String>
User filters for LDAP connections
userObjectClasses List<String>
User object classes for LDAP connections

Import

bash The resource can be imported using the ID format <id[:org_id][:bind_password]>, e.g.

 $ pulumi import zitadel:index/orgIdpLdap:OrgIdpLdap imported '123456789012345678:123456789012345678:b1nd_p4ssw0rd'
Copy

To learn more about importing existing cloud resources, see Importing resources.

Package Details

Repository
zitadel pulumiverse/pulumi-zitadel
License
Apache-2.0
Notes
This Pulumi package is based on the zitadel Terraform Provider.
zitadel v0.2.0 published on Monday, Mar 24, 2025 by pulumiverse
pulumiverse/pulumi-zitadel