1. Packages
  2. Keycloak
  3. API Docs
  4. Realm
Keycloak v5.3.2 published on Friday, May 10, 2024 by Pulumi

keycloak.Realm

Explore with Pulumi AI

keycloak logo
Keycloak v5.3.2 published on Friday, May 10, 2024 by Pulumi

    Create Realm Resource

    Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

    Constructor syntax

    new Realm(name: string, args: RealmArgs, opts?: CustomResourceOptions);
    @overload
    def Realm(resource_name: str,
              args: RealmArgs,
              opts: Optional[ResourceOptions] = None)
    
    @overload
    def Realm(resource_name: str,
              opts: Optional[ResourceOptions] = None,
              realm: Optional[str] = None,
              access_code_lifespan: Optional[str] = None,
              access_code_lifespan_login: Optional[str] = None,
              access_code_lifespan_user_action: Optional[str] = None,
              access_token_lifespan: Optional[str] = None,
              access_token_lifespan_for_implicit_flow: Optional[str] = None,
              account_theme: Optional[str] = None,
              action_token_generated_by_admin_lifespan: Optional[str] = None,
              action_token_generated_by_user_lifespan: Optional[str] = None,
              admin_theme: Optional[str] = None,
              attributes: Optional[Mapping[str, Any]] = None,
              browser_flow: Optional[str] = None,
              client_authentication_flow: Optional[str] = None,
              client_session_idle_timeout: Optional[str] = None,
              client_session_max_lifespan: Optional[str] = None,
              default_default_client_scopes: Optional[Sequence[str]] = None,
              default_optional_client_scopes: Optional[Sequence[str]] = None,
              default_signature_algorithm: Optional[str] = None,
              direct_grant_flow: Optional[str] = None,
              display_name: Optional[str] = None,
              display_name_html: Optional[str] = None,
              docker_authentication_flow: Optional[str] = None,
              duplicate_emails_allowed: Optional[bool] = None,
              edit_username_allowed: Optional[bool] = None,
              email_theme: Optional[str] = None,
              enabled: Optional[bool] = None,
              internal_id: Optional[str] = None,
              internationalization: Optional[RealmInternationalizationArgs] = None,
              login_theme: Optional[str] = None,
              login_with_email_allowed: Optional[bool] = None,
              oauth2_device_code_lifespan: Optional[str] = None,
              oauth2_device_polling_interval: Optional[int] = None,
              offline_session_idle_timeout: Optional[str] = None,
              offline_session_max_lifespan: Optional[str] = None,
              offline_session_max_lifespan_enabled: Optional[bool] = None,
              otp_policy: Optional[RealmOtpPolicyArgs] = None,
              password_policy: Optional[str] = None,
              refresh_token_max_reuse: Optional[int] = None,
              registration_allowed: Optional[bool] = None,
              registration_email_as_username: Optional[bool] = None,
              registration_flow: Optional[str] = None,
              remember_me: Optional[bool] = None,
              reset_credentials_flow: Optional[str] = None,
              reset_password_allowed: Optional[bool] = None,
              revoke_refresh_token: Optional[bool] = None,
              security_defenses: Optional[RealmSecurityDefensesArgs] = None,
              smtp_server: Optional[RealmSmtpServerArgs] = None,
              ssl_required: Optional[str] = None,
              sso_session_idle_timeout: Optional[str] = None,
              sso_session_idle_timeout_remember_me: Optional[str] = None,
              sso_session_max_lifespan: Optional[str] = None,
              sso_session_max_lifespan_remember_me: Optional[str] = None,
              user_managed_access: Optional[bool] = None,
              verify_email: Optional[bool] = None,
              web_authn_passwordless_policy: Optional[RealmWebAuthnPasswordlessPolicyArgs] = None,
              web_authn_policy: Optional[RealmWebAuthnPolicyArgs] = None)
    func NewRealm(ctx *Context, name string, args RealmArgs, opts ...ResourceOption) (*Realm, error)
    public Realm(string name, RealmArgs args, CustomResourceOptions? opts = null)
    public Realm(String name, RealmArgs args)
    public Realm(String name, RealmArgs args, CustomResourceOptions options)
    
    type: keycloak:Realm
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    

    Parameters

    name string
    The unique name of the resource.
    args RealmArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args RealmArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args RealmArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args RealmArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args RealmArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    Constructor example

    The following reference example uses placeholder values for all input properties.

    var realmResource = new Keycloak.Realm("realmResource", new()
    {
        RealmName = "string",
        AccessCodeLifespan = "string",
        AccessCodeLifespanLogin = "string",
        AccessCodeLifespanUserAction = "string",
        AccessTokenLifespan = "string",
        AccessTokenLifespanForImplicitFlow = "string",
        AccountTheme = "string",
        ActionTokenGeneratedByAdminLifespan = "string",
        ActionTokenGeneratedByUserLifespan = "string",
        AdminTheme = "string",
        Attributes = 
        {
            { "string", "any" },
        },
        BrowserFlow = "string",
        ClientAuthenticationFlow = "string",
        ClientSessionIdleTimeout = "string",
        ClientSessionMaxLifespan = "string",
        DefaultDefaultClientScopes = new[]
        {
            "string",
        },
        DefaultOptionalClientScopes = new[]
        {
            "string",
        },
        DefaultSignatureAlgorithm = "string",
        DirectGrantFlow = "string",
        DisplayName = "string",
        DisplayNameHtml = "string",
        DockerAuthenticationFlow = "string",
        DuplicateEmailsAllowed = false,
        EditUsernameAllowed = false,
        EmailTheme = "string",
        Enabled = false,
        InternalId = "string",
        Internationalization = new Keycloak.Inputs.RealmInternationalizationArgs
        {
            DefaultLocale = "string",
            SupportedLocales = new[]
            {
                "string",
            },
        },
        LoginTheme = "string",
        LoginWithEmailAllowed = false,
        Oauth2DeviceCodeLifespan = "string",
        Oauth2DevicePollingInterval = 0,
        OfflineSessionIdleTimeout = "string",
        OfflineSessionMaxLifespan = "string",
        OfflineSessionMaxLifespanEnabled = false,
        OtpPolicy = new Keycloak.Inputs.RealmOtpPolicyArgs
        {
            Algorithm = "string",
            Digits = 0,
            InitialCounter = 0,
            LookAheadWindow = 0,
            Period = 0,
            Type = "string",
        },
        PasswordPolicy = "string",
        RefreshTokenMaxReuse = 0,
        RegistrationAllowed = false,
        RegistrationEmailAsUsername = false,
        RegistrationFlow = "string",
        RememberMe = false,
        ResetCredentialsFlow = "string",
        ResetPasswordAllowed = false,
        RevokeRefreshToken = false,
        SecurityDefenses = new Keycloak.Inputs.RealmSecurityDefensesArgs
        {
            BruteForceDetection = new Keycloak.Inputs.RealmSecurityDefensesBruteForceDetectionArgs
            {
                FailureResetTimeSeconds = 0,
                MaxFailureWaitSeconds = 0,
                MaxLoginFailures = 0,
                MinimumQuickLoginWaitSeconds = 0,
                PermanentLockout = false,
                QuickLoginCheckMilliSeconds = 0,
                WaitIncrementSeconds = 0,
            },
            Headers = new Keycloak.Inputs.RealmSecurityDefensesHeadersArgs
            {
                ContentSecurityPolicy = "string",
                ContentSecurityPolicyReportOnly = "string",
                ReferrerPolicy = "string",
                StrictTransportSecurity = "string",
                XContentTypeOptions = "string",
                XFrameOptions = "string",
                XRobotsTag = "string",
                XXssProtection = "string",
            },
        },
        SmtpServer = new Keycloak.Inputs.RealmSmtpServerArgs
        {
            From = "string",
            Host = "string",
            Auth = new Keycloak.Inputs.RealmSmtpServerAuthArgs
            {
                Password = "string",
                Username = "string",
            },
            EnvelopeFrom = "string",
            FromDisplayName = "string",
            Port = "string",
            ReplyTo = "string",
            ReplyToDisplayName = "string",
            Ssl = false,
            Starttls = false,
        },
        SslRequired = "string",
        SsoSessionIdleTimeout = "string",
        SsoSessionIdleTimeoutRememberMe = "string",
        SsoSessionMaxLifespan = "string",
        SsoSessionMaxLifespanRememberMe = "string",
        UserManagedAccess = false,
        VerifyEmail = false,
        WebAuthnPasswordlessPolicy = new Keycloak.Inputs.RealmWebAuthnPasswordlessPolicyArgs
        {
            AcceptableAaguids = new[]
            {
                "string",
            },
            AttestationConveyancePreference = "string",
            AuthenticatorAttachment = "string",
            AvoidSameAuthenticatorRegister = false,
            CreateTimeout = 0,
            RelyingPartyEntityName = "string",
            RelyingPartyId = "string",
            RequireResidentKey = "string",
            SignatureAlgorithms = new[]
            {
                "string",
            },
            UserVerificationRequirement = "string",
        },
        WebAuthnPolicy = new Keycloak.Inputs.RealmWebAuthnPolicyArgs
        {
            AcceptableAaguids = new[]
            {
                "string",
            },
            AttestationConveyancePreference = "string",
            AuthenticatorAttachment = "string",
            AvoidSameAuthenticatorRegister = false,
            CreateTimeout = 0,
            RelyingPartyEntityName = "string",
            RelyingPartyId = "string",
            RequireResidentKey = "string",
            SignatureAlgorithms = new[]
            {
                "string",
            },
            UserVerificationRequirement = "string",
        },
    });
    
    example, err := keycloak.NewRealm(ctx, "realmResource", &keycloak.RealmArgs{
    	Realm:                               pulumi.String("string"),
    	AccessCodeLifespan:                  pulumi.String("string"),
    	AccessCodeLifespanLogin:             pulumi.String("string"),
    	AccessCodeLifespanUserAction:        pulumi.String("string"),
    	AccessTokenLifespan:                 pulumi.String("string"),
    	AccessTokenLifespanForImplicitFlow:  pulumi.String("string"),
    	AccountTheme:                        pulumi.String("string"),
    	ActionTokenGeneratedByAdminLifespan: pulumi.String("string"),
    	ActionTokenGeneratedByUserLifespan:  pulumi.String("string"),
    	AdminTheme:                          pulumi.String("string"),
    	Attributes: pulumi.Map{
    		"string": pulumi.Any("any"),
    	},
    	BrowserFlow:              pulumi.String("string"),
    	ClientAuthenticationFlow: pulumi.String("string"),
    	ClientSessionIdleTimeout: pulumi.String("string"),
    	ClientSessionMaxLifespan: pulumi.String("string"),
    	DefaultDefaultClientScopes: pulumi.StringArray{
    		pulumi.String("string"),
    	},
    	DefaultOptionalClientScopes: pulumi.StringArray{
    		pulumi.String("string"),
    	},
    	DefaultSignatureAlgorithm: pulumi.String("string"),
    	DirectGrantFlow:           pulumi.String("string"),
    	DisplayName:               pulumi.String("string"),
    	DisplayNameHtml:           pulumi.String("string"),
    	DockerAuthenticationFlow:  pulumi.String("string"),
    	DuplicateEmailsAllowed:    pulumi.Bool(false),
    	EditUsernameAllowed:       pulumi.Bool(false),
    	EmailTheme:                pulumi.String("string"),
    	Enabled:                   pulumi.Bool(false),
    	InternalId:                pulumi.String("string"),
    	Internationalization: &keycloak.RealmInternationalizationArgs{
    		DefaultLocale: pulumi.String("string"),
    		SupportedLocales: pulumi.StringArray{
    			pulumi.String("string"),
    		},
    	},
    	LoginTheme:                       pulumi.String("string"),
    	LoginWithEmailAllowed:            pulumi.Bool(false),
    	Oauth2DeviceCodeLifespan:         pulumi.String("string"),
    	Oauth2DevicePollingInterval:      pulumi.Int(0),
    	OfflineSessionIdleTimeout:        pulumi.String("string"),
    	OfflineSessionMaxLifespan:        pulumi.String("string"),
    	OfflineSessionMaxLifespanEnabled: pulumi.Bool(false),
    	OtpPolicy: &keycloak.RealmOtpPolicyArgs{
    		Algorithm:       pulumi.String("string"),
    		Digits:          pulumi.Int(0),
    		InitialCounter:  pulumi.Int(0),
    		LookAheadWindow: pulumi.Int(0),
    		Period:          pulumi.Int(0),
    		Type:            pulumi.String("string"),
    	},
    	PasswordPolicy:              pulumi.String("string"),
    	RefreshTokenMaxReuse:        pulumi.Int(0),
    	RegistrationAllowed:         pulumi.Bool(false),
    	RegistrationEmailAsUsername: pulumi.Bool(false),
    	RegistrationFlow:            pulumi.String("string"),
    	RememberMe:                  pulumi.Bool(false),
    	ResetCredentialsFlow:        pulumi.String("string"),
    	ResetPasswordAllowed:        pulumi.Bool(false),
    	RevokeRefreshToken:          pulumi.Bool(false),
    	SecurityDefenses: &keycloak.RealmSecurityDefensesArgs{
    		BruteForceDetection: &keycloak.RealmSecurityDefensesBruteForceDetectionArgs{
    			FailureResetTimeSeconds:      pulumi.Int(0),
    			MaxFailureWaitSeconds:        pulumi.Int(0),
    			MaxLoginFailures:             pulumi.Int(0),
    			MinimumQuickLoginWaitSeconds: pulumi.Int(0),
    			PermanentLockout:             pulumi.Bool(false),
    			QuickLoginCheckMilliSeconds:  pulumi.Int(0),
    			WaitIncrementSeconds:         pulumi.Int(0),
    		},
    		Headers: &keycloak.RealmSecurityDefensesHeadersArgs{
    			ContentSecurityPolicy:           pulumi.String("string"),
    			ContentSecurityPolicyReportOnly: pulumi.String("string"),
    			ReferrerPolicy:                  pulumi.String("string"),
    			StrictTransportSecurity:         pulumi.String("string"),
    			XContentTypeOptions:             pulumi.String("string"),
    			XFrameOptions:                   pulumi.String("string"),
    			XRobotsTag:                      pulumi.String("string"),
    			XXssProtection:                  pulumi.String("string"),
    		},
    	},
    	SmtpServer: &keycloak.RealmSmtpServerArgs{
    		From: pulumi.String("string"),
    		Host: pulumi.String("string"),
    		Auth: &keycloak.RealmSmtpServerAuthArgs{
    			Password: pulumi.String("string"),
    			Username: pulumi.String("string"),
    		},
    		EnvelopeFrom:       pulumi.String("string"),
    		FromDisplayName:    pulumi.String("string"),
    		Port:               pulumi.String("string"),
    		ReplyTo:            pulumi.String("string"),
    		ReplyToDisplayName: pulumi.String("string"),
    		Ssl:                pulumi.Bool(false),
    		Starttls:           pulumi.Bool(false),
    	},
    	SslRequired:                     pulumi.String("string"),
    	SsoSessionIdleTimeout:           pulumi.String("string"),
    	SsoSessionIdleTimeoutRememberMe: pulumi.String("string"),
    	SsoSessionMaxLifespan:           pulumi.String("string"),
    	SsoSessionMaxLifespanRememberMe: pulumi.String("string"),
    	UserManagedAccess:               pulumi.Bool(false),
    	VerifyEmail:                     pulumi.Bool(false),
    	WebAuthnPasswordlessPolicy: &keycloak.RealmWebAuthnPasswordlessPolicyArgs{
    		AcceptableAaguids: pulumi.StringArray{
    			pulumi.String("string"),
    		},
    		AttestationConveyancePreference: pulumi.String("string"),
    		AuthenticatorAttachment:         pulumi.String("string"),
    		AvoidSameAuthenticatorRegister:  pulumi.Bool(false),
    		CreateTimeout:                   pulumi.Int(0),
    		RelyingPartyEntityName:          pulumi.String("string"),
    		RelyingPartyId:                  pulumi.String("string"),
    		RequireResidentKey:              pulumi.String("string"),
    		SignatureAlgorithms: pulumi.StringArray{
    			pulumi.String("string"),
    		},
    		UserVerificationRequirement: pulumi.String("string"),
    	},
    	WebAuthnPolicy: &keycloak.RealmWebAuthnPolicyArgs{
    		AcceptableAaguids: pulumi.StringArray{
    			pulumi.String("string"),
    		},
    		AttestationConveyancePreference: pulumi.String("string"),
    		AuthenticatorAttachment:         pulumi.String("string"),
    		AvoidSameAuthenticatorRegister:  pulumi.Bool(false),
    		CreateTimeout:                   pulumi.Int(0),
    		RelyingPartyEntityName:          pulumi.String("string"),
    		RelyingPartyId:                  pulumi.String("string"),
    		RequireResidentKey:              pulumi.String("string"),
    		SignatureAlgorithms: pulumi.StringArray{
    			pulumi.String("string"),
    		},
    		UserVerificationRequirement: pulumi.String("string"),
    	},
    })
    
    var realmResource = new Realm("realmResource", RealmArgs.builder()
        .realm("string")
        .accessCodeLifespan("string")
        .accessCodeLifespanLogin("string")
        .accessCodeLifespanUserAction("string")
        .accessTokenLifespan("string")
        .accessTokenLifespanForImplicitFlow("string")
        .accountTheme("string")
        .actionTokenGeneratedByAdminLifespan("string")
        .actionTokenGeneratedByUserLifespan("string")
        .adminTheme("string")
        .attributes(Map.of("string", "any"))
        .browserFlow("string")
        .clientAuthenticationFlow("string")
        .clientSessionIdleTimeout("string")
        .clientSessionMaxLifespan("string")
        .defaultDefaultClientScopes("string")
        .defaultOptionalClientScopes("string")
        .defaultSignatureAlgorithm("string")
        .directGrantFlow("string")
        .displayName("string")
        .displayNameHtml("string")
        .dockerAuthenticationFlow("string")
        .duplicateEmailsAllowed(false)
        .editUsernameAllowed(false)
        .emailTheme("string")
        .enabled(false)
        .internalId("string")
        .internationalization(RealmInternationalizationArgs.builder()
            .defaultLocale("string")
            .supportedLocales("string")
            .build())
        .loginTheme("string")
        .loginWithEmailAllowed(false)
        .oauth2DeviceCodeLifespan("string")
        .oauth2DevicePollingInterval(0)
        .offlineSessionIdleTimeout("string")
        .offlineSessionMaxLifespan("string")
        .offlineSessionMaxLifespanEnabled(false)
        .otpPolicy(RealmOtpPolicyArgs.builder()
            .algorithm("string")
            .digits(0)
            .initialCounter(0)
            .lookAheadWindow(0)
            .period(0)
            .type("string")
            .build())
        .passwordPolicy("string")
        .refreshTokenMaxReuse(0)
        .registrationAllowed(false)
        .registrationEmailAsUsername(false)
        .registrationFlow("string")
        .rememberMe(false)
        .resetCredentialsFlow("string")
        .resetPasswordAllowed(false)
        .revokeRefreshToken(false)
        .securityDefenses(RealmSecurityDefensesArgs.builder()
            .bruteForceDetection(RealmSecurityDefensesBruteForceDetectionArgs.builder()
                .failureResetTimeSeconds(0)
                .maxFailureWaitSeconds(0)
                .maxLoginFailures(0)
                .minimumQuickLoginWaitSeconds(0)
                .permanentLockout(false)
                .quickLoginCheckMilliSeconds(0)
                .waitIncrementSeconds(0)
                .build())
            .headers(RealmSecurityDefensesHeadersArgs.builder()
                .contentSecurityPolicy("string")
                .contentSecurityPolicyReportOnly("string")
                .referrerPolicy("string")
                .strictTransportSecurity("string")
                .xContentTypeOptions("string")
                .xFrameOptions("string")
                .xRobotsTag("string")
                .xXssProtection("string")
                .build())
            .build())
        .smtpServer(RealmSmtpServerArgs.builder()
            .from("string")
            .host("string")
            .auth(RealmSmtpServerAuthArgs.builder()
                .password("string")
                .username("string")
                .build())
            .envelopeFrom("string")
            .fromDisplayName("string")
            .port("string")
            .replyTo("string")
            .replyToDisplayName("string")
            .ssl(false)
            .starttls(false)
            .build())
        .sslRequired("string")
        .ssoSessionIdleTimeout("string")
        .ssoSessionIdleTimeoutRememberMe("string")
        .ssoSessionMaxLifespan("string")
        .ssoSessionMaxLifespanRememberMe("string")
        .userManagedAccess(false)
        .verifyEmail(false)
        .webAuthnPasswordlessPolicy(RealmWebAuthnPasswordlessPolicyArgs.builder()
            .acceptableAaguids("string")
            .attestationConveyancePreference("string")
            .authenticatorAttachment("string")
            .avoidSameAuthenticatorRegister(false)
            .createTimeout(0)
            .relyingPartyEntityName("string")
            .relyingPartyId("string")
            .requireResidentKey("string")
            .signatureAlgorithms("string")
            .userVerificationRequirement("string")
            .build())
        .webAuthnPolicy(RealmWebAuthnPolicyArgs.builder()
            .acceptableAaguids("string")
            .attestationConveyancePreference("string")
            .authenticatorAttachment("string")
            .avoidSameAuthenticatorRegister(false)
            .createTimeout(0)
            .relyingPartyEntityName("string")
            .relyingPartyId("string")
            .requireResidentKey("string")
            .signatureAlgorithms("string")
            .userVerificationRequirement("string")
            .build())
        .build());
    
    realm_resource = keycloak.Realm("realmResource",
        realm="string",
        access_code_lifespan="string",
        access_code_lifespan_login="string",
        access_code_lifespan_user_action="string",
        access_token_lifespan="string",
        access_token_lifespan_for_implicit_flow="string",
        account_theme="string",
        action_token_generated_by_admin_lifespan="string",
        action_token_generated_by_user_lifespan="string",
        admin_theme="string",
        attributes={
            "string": "any",
        },
        browser_flow="string",
        client_authentication_flow="string",
        client_session_idle_timeout="string",
        client_session_max_lifespan="string",
        default_default_client_scopes=["string"],
        default_optional_client_scopes=["string"],
        default_signature_algorithm="string",
        direct_grant_flow="string",
        display_name="string",
        display_name_html="string",
        docker_authentication_flow="string",
        duplicate_emails_allowed=False,
        edit_username_allowed=False,
        email_theme="string",
        enabled=False,
        internal_id="string",
        internationalization=keycloak.RealmInternationalizationArgs(
            default_locale="string",
            supported_locales=["string"],
        ),
        login_theme="string",
        login_with_email_allowed=False,
        oauth2_device_code_lifespan="string",
        oauth2_device_polling_interval=0,
        offline_session_idle_timeout="string",
        offline_session_max_lifespan="string",
        offline_session_max_lifespan_enabled=False,
        otp_policy=keycloak.RealmOtpPolicyArgs(
            algorithm="string",
            digits=0,
            initial_counter=0,
            look_ahead_window=0,
            period=0,
            type="string",
        ),
        password_policy="string",
        refresh_token_max_reuse=0,
        registration_allowed=False,
        registration_email_as_username=False,
        registration_flow="string",
        remember_me=False,
        reset_credentials_flow="string",
        reset_password_allowed=False,
        revoke_refresh_token=False,
        security_defenses=keycloak.RealmSecurityDefensesArgs(
            brute_force_detection=keycloak.RealmSecurityDefensesBruteForceDetectionArgs(
                failure_reset_time_seconds=0,
                max_failure_wait_seconds=0,
                max_login_failures=0,
                minimum_quick_login_wait_seconds=0,
                permanent_lockout=False,
                quick_login_check_milli_seconds=0,
                wait_increment_seconds=0,
            ),
            headers=keycloak.RealmSecurityDefensesHeadersArgs(
                content_security_policy="string",
                content_security_policy_report_only="string",
                referrer_policy="string",
                strict_transport_security="string",
                x_content_type_options="string",
                x_frame_options="string",
                x_robots_tag="string",
                x_xss_protection="string",
            ),
        ),
        smtp_server=keycloak.RealmSmtpServerArgs(
            from_="string",
            host="string",
            auth=keycloak.RealmSmtpServerAuthArgs(
                password="string",
                username="string",
            ),
            envelope_from="string",
            from_display_name="string",
            port="string",
            reply_to="string",
            reply_to_display_name="string",
            ssl=False,
            starttls=False,
        ),
        ssl_required="string",
        sso_session_idle_timeout="string",
        sso_session_idle_timeout_remember_me="string",
        sso_session_max_lifespan="string",
        sso_session_max_lifespan_remember_me="string",
        user_managed_access=False,
        verify_email=False,
        web_authn_passwordless_policy=keycloak.RealmWebAuthnPasswordlessPolicyArgs(
            acceptable_aaguids=["string"],
            attestation_conveyance_preference="string",
            authenticator_attachment="string",
            avoid_same_authenticator_register=False,
            create_timeout=0,
            relying_party_entity_name="string",
            relying_party_id="string",
            require_resident_key="string",
            signature_algorithms=["string"],
            user_verification_requirement="string",
        ),
        web_authn_policy=keycloak.RealmWebAuthnPolicyArgs(
            acceptable_aaguids=["string"],
            attestation_conveyance_preference="string",
            authenticator_attachment="string",
            avoid_same_authenticator_register=False,
            create_timeout=0,
            relying_party_entity_name="string",
            relying_party_id="string",
            require_resident_key="string",
            signature_algorithms=["string"],
            user_verification_requirement="string",
        ))
    
    const realmResource = new keycloak.Realm("realmResource", {
        realm: "string",
        accessCodeLifespan: "string",
        accessCodeLifespanLogin: "string",
        accessCodeLifespanUserAction: "string",
        accessTokenLifespan: "string",
        accessTokenLifespanForImplicitFlow: "string",
        accountTheme: "string",
        actionTokenGeneratedByAdminLifespan: "string",
        actionTokenGeneratedByUserLifespan: "string",
        adminTheme: "string",
        attributes: {
            string: "any",
        },
        browserFlow: "string",
        clientAuthenticationFlow: "string",
        clientSessionIdleTimeout: "string",
        clientSessionMaxLifespan: "string",
        defaultDefaultClientScopes: ["string"],
        defaultOptionalClientScopes: ["string"],
        defaultSignatureAlgorithm: "string",
        directGrantFlow: "string",
        displayName: "string",
        displayNameHtml: "string",
        dockerAuthenticationFlow: "string",
        duplicateEmailsAllowed: false,
        editUsernameAllowed: false,
        emailTheme: "string",
        enabled: false,
        internalId: "string",
        internationalization: {
            defaultLocale: "string",
            supportedLocales: ["string"],
        },
        loginTheme: "string",
        loginWithEmailAllowed: false,
        oauth2DeviceCodeLifespan: "string",
        oauth2DevicePollingInterval: 0,
        offlineSessionIdleTimeout: "string",
        offlineSessionMaxLifespan: "string",
        offlineSessionMaxLifespanEnabled: false,
        otpPolicy: {
            algorithm: "string",
            digits: 0,
            initialCounter: 0,
            lookAheadWindow: 0,
            period: 0,
            type: "string",
        },
        passwordPolicy: "string",
        refreshTokenMaxReuse: 0,
        registrationAllowed: false,
        registrationEmailAsUsername: false,
        registrationFlow: "string",
        rememberMe: false,
        resetCredentialsFlow: "string",
        resetPasswordAllowed: false,
        revokeRefreshToken: false,
        securityDefenses: {
            bruteForceDetection: {
                failureResetTimeSeconds: 0,
                maxFailureWaitSeconds: 0,
                maxLoginFailures: 0,
                minimumQuickLoginWaitSeconds: 0,
                permanentLockout: false,
                quickLoginCheckMilliSeconds: 0,
                waitIncrementSeconds: 0,
            },
            headers: {
                contentSecurityPolicy: "string",
                contentSecurityPolicyReportOnly: "string",
                referrerPolicy: "string",
                strictTransportSecurity: "string",
                xContentTypeOptions: "string",
                xFrameOptions: "string",
                xRobotsTag: "string",
                xXssProtection: "string",
            },
        },
        smtpServer: {
            from: "string",
            host: "string",
            auth: {
                password: "string",
                username: "string",
            },
            envelopeFrom: "string",
            fromDisplayName: "string",
            port: "string",
            replyTo: "string",
            replyToDisplayName: "string",
            ssl: false,
            starttls: false,
        },
        sslRequired: "string",
        ssoSessionIdleTimeout: "string",
        ssoSessionIdleTimeoutRememberMe: "string",
        ssoSessionMaxLifespan: "string",
        ssoSessionMaxLifespanRememberMe: "string",
        userManagedAccess: false,
        verifyEmail: false,
        webAuthnPasswordlessPolicy: {
            acceptableAaguids: ["string"],
            attestationConveyancePreference: "string",
            authenticatorAttachment: "string",
            avoidSameAuthenticatorRegister: false,
            createTimeout: 0,
            relyingPartyEntityName: "string",
            relyingPartyId: "string",
            requireResidentKey: "string",
            signatureAlgorithms: ["string"],
            userVerificationRequirement: "string",
        },
        webAuthnPolicy: {
            acceptableAaguids: ["string"],
            attestationConveyancePreference: "string",
            authenticatorAttachment: "string",
            avoidSameAuthenticatorRegister: false,
            createTimeout: 0,
            relyingPartyEntityName: "string",
            relyingPartyId: "string",
            requireResidentKey: "string",
            signatureAlgorithms: ["string"],
            userVerificationRequirement: "string",
        },
    });
    
    type: keycloak:Realm
    properties:
        accessCodeLifespan: string
        accessCodeLifespanLogin: string
        accessCodeLifespanUserAction: string
        accessTokenLifespan: string
        accessTokenLifespanForImplicitFlow: string
        accountTheme: string
        actionTokenGeneratedByAdminLifespan: string
        actionTokenGeneratedByUserLifespan: string
        adminTheme: string
        attributes:
            string: any
        browserFlow: string
        clientAuthenticationFlow: string
        clientSessionIdleTimeout: string
        clientSessionMaxLifespan: string
        defaultDefaultClientScopes:
            - string
        defaultOptionalClientScopes:
            - string
        defaultSignatureAlgorithm: string
        directGrantFlow: string
        displayName: string
        displayNameHtml: string
        dockerAuthenticationFlow: string
        duplicateEmailsAllowed: false
        editUsernameAllowed: false
        emailTheme: string
        enabled: false
        internalId: string
        internationalization:
            defaultLocale: string
            supportedLocales:
                - string
        loginTheme: string
        loginWithEmailAllowed: false
        oauth2DeviceCodeLifespan: string
        oauth2DevicePollingInterval: 0
        offlineSessionIdleTimeout: string
        offlineSessionMaxLifespan: string
        offlineSessionMaxLifespanEnabled: false
        otpPolicy:
            algorithm: string
            digits: 0
            initialCounter: 0
            lookAheadWindow: 0
            period: 0
            type: string
        passwordPolicy: string
        realm: string
        refreshTokenMaxReuse: 0
        registrationAllowed: false
        registrationEmailAsUsername: false
        registrationFlow: string
        rememberMe: false
        resetCredentialsFlow: string
        resetPasswordAllowed: false
        revokeRefreshToken: false
        securityDefenses:
            bruteForceDetection:
                failureResetTimeSeconds: 0
                maxFailureWaitSeconds: 0
                maxLoginFailures: 0
                minimumQuickLoginWaitSeconds: 0
                permanentLockout: false
                quickLoginCheckMilliSeconds: 0
                waitIncrementSeconds: 0
            headers:
                contentSecurityPolicy: string
                contentSecurityPolicyReportOnly: string
                referrerPolicy: string
                strictTransportSecurity: string
                xContentTypeOptions: string
                xFrameOptions: string
                xRobotsTag: string
                xXssProtection: string
        smtpServer:
            auth:
                password: string
                username: string
            envelopeFrom: string
            from: string
            fromDisplayName: string
            host: string
            port: string
            replyTo: string
            replyToDisplayName: string
            ssl: false
            starttls: false
        sslRequired: string
        ssoSessionIdleTimeout: string
        ssoSessionIdleTimeoutRememberMe: string
        ssoSessionMaxLifespan: string
        ssoSessionMaxLifespanRememberMe: string
        userManagedAccess: false
        verifyEmail: false
        webAuthnPasswordlessPolicy:
            acceptableAaguids:
                - string
            attestationConveyancePreference: string
            authenticatorAttachment: string
            avoidSameAuthenticatorRegister: false
            createTimeout: 0
            relyingPartyEntityName: string
            relyingPartyId: string
            requireResidentKey: string
            signatureAlgorithms:
                - string
            userVerificationRequirement: string
        webAuthnPolicy:
            acceptableAaguids:
                - string
            attestationConveyancePreference: string
            authenticatorAttachment: string
            avoidSameAuthenticatorRegister: false
            createTimeout: 0
            relyingPartyEntityName: string
            relyingPartyId: string
            requireResidentKey: string
            signatureAlgorithms:
                - string
            userVerificationRequirement: string
    

    Realm Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    The Realm resource accepts the following input properties:

    RealmName string
    AccessCodeLifespan string
    AccessCodeLifespanLogin string
    AccessCodeLifespanUserAction string
    AccessTokenLifespan string
    AccessTokenLifespanForImplicitFlow string
    AccountTheme string
    ActionTokenGeneratedByAdminLifespan string
    ActionTokenGeneratedByUserLifespan string
    AdminTheme string
    Attributes Dictionary<string, object>
    BrowserFlow string
    Which flow should be used for BrowserFlow
    ClientAuthenticationFlow string
    Which flow should be used for ClientAuthenticationFlow
    ClientSessionIdleTimeout string
    ClientSessionMaxLifespan string
    DefaultDefaultClientScopes List<string>
    DefaultOptionalClientScopes List<string>
    DefaultSignatureAlgorithm string
    DirectGrantFlow string
    Which flow should be used for DirectGrantFlow
    DisplayName string
    DisplayNameHtml string
    DockerAuthenticationFlow string
    Which flow should be used for DockerAuthenticationFlow
    DuplicateEmailsAllowed bool
    EditUsernameAllowed bool
    EmailTheme string
    Enabled bool
    InternalId string
    Internationalization RealmInternationalization
    LoginTheme string
    LoginWithEmailAllowed bool
    Oauth2DeviceCodeLifespan string
    Oauth2DevicePollingInterval int
    OfflineSessionIdleTimeout string
    OfflineSessionMaxLifespan string
    OfflineSessionMaxLifespanEnabled bool
    OtpPolicy RealmOtpPolicy
    PasswordPolicy string
    String that represents the passwordPolicies that are in place. Each policy is separated with " and ". Supported policies can be found in the server-info providers page. example: "upperCase(1) and length(8) and forceExpiredPasswordChange(365) and notUsername(undefined)"
    RefreshTokenMaxReuse int
    RegistrationAllowed bool
    RegistrationEmailAsUsername bool
    RegistrationFlow string
    Which flow should be used for RegistrationFlow
    RememberMe bool
    ResetCredentialsFlow string
    Which flow should be used for ResetCredentialsFlow
    ResetPasswordAllowed bool
    RevokeRefreshToken bool
    SecurityDefenses RealmSecurityDefenses
    SmtpServer RealmSmtpServer
    SslRequired string
    SSL Required: Values can be 'none', 'external' or 'all'.
    SsoSessionIdleTimeout string
    SsoSessionIdleTimeoutRememberMe string
    SsoSessionMaxLifespan string
    SsoSessionMaxLifespanRememberMe string
    UserManagedAccess bool
    VerifyEmail bool
    WebAuthnPasswordlessPolicy RealmWebAuthnPasswordlessPolicy
    WebAuthnPolicy RealmWebAuthnPolicy
    Realm string
    AccessCodeLifespan string
    AccessCodeLifespanLogin string
    AccessCodeLifespanUserAction string
    AccessTokenLifespan string
    AccessTokenLifespanForImplicitFlow string
    AccountTheme string
    ActionTokenGeneratedByAdminLifespan string
    ActionTokenGeneratedByUserLifespan string
    AdminTheme string
    Attributes map[string]interface{}
    BrowserFlow string
    Which flow should be used for BrowserFlow
    ClientAuthenticationFlow string
    Which flow should be used for ClientAuthenticationFlow
    ClientSessionIdleTimeout string
    ClientSessionMaxLifespan string
    DefaultDefaultClientScopes []string
    DefaultOptionalClientScopes []string
    DefaultSignatureAlgorithm string
    DirectGrantFlow string
    Which flow should be used for DirectGrantFlow
    DisplayName string
    DisplayNameHtml string
    DockerAuthenticationFlow string
    Which flow should be used for DockerAuthenticationFlow
    DuplicateEmailsAllowed bool
    EditUsernameAllowed bool
    EmailTheme string
    Enabled bool
    InternalId string
    Internationalization RealmInternationalizationArgs
    LoginTheme string
    LoginWithEmailAllowed bool
    Oauth2DeviceCodeLifespan string
    Oauth2DevicePollingInterval int
    OfflineSessionIdleTimeout string
    OfflineSessionMaxLifespan string
    OfflineSessionMaxLifespanEnabled bool
    OtpPolicy RealmOtpPolicyArgs
    PasswordPolicy string
    String that represents the passwordPolicies that are in place. Each policy is separated with " and ". Supported policies can be found in the server-info providers page. example: "upperCase(1) and length(8) and forceExpiredPasswordChange(365) and notUsername(undefined)"
    RefreshTokenMaxReuse int
    RegistrationAllowed bool
    RegistrationEmailAsUsername bool
    RegistrationFlow string
    Which flow should be used for RegistrationFlow
    RememberMe bool
    ResetCredentialsFlow string
    Which flow should be used for ResetCredentialsFlow
    ResetPasswordAllowed bool
    RevokeRefreshToken bool
    SecurityDefenses RealmSecurityDefensesArgs
    SmtpServer RealmSmtpServerArgs
    SslRequired string
    SSL Required: Values can be 'none', 'external' or 'all'.
    SsoSessionIdleTimeout string
    SsoSessionIdleTimeoutRememberMe string
    SsoSessionMaxLifespan string
    SsoSessionMaxLifespanRememberMe string
    UserManagedAccess bool
    VerifyEmail bool
    WebAuthnPasswordlessPolicy RealmWebAuthnPasswordlessPolicyArgs
    WebAuthnPolicy RealmWebAuthnPolicyArgs
    realm String
    accessCodeLifespan String
    accessCodeLifespanLogin String
    accessCodeLifespanUserAction String
    accessTokenLifespan String
    accessTokenLifespanForImplicitFlow String
    accountTheme String
    actionTokenGeneratedByAdminLifespan String
    actionTokenGeneratedByUserLifespan String
    adminTheme String
    attributes Map<String,Object>
    browserFlow String
    Which flow should be used for BrowserFlow
    clientAuthenticationFlow String
    Which flow should be used for ClientAuthenticationFlow
    clientSessionIdleTimeout String
    clientSessionMaxLifespan String
    defaultDefaultClientScopes List<String>
    defaultOptionalClientScopes List<String>
    defaultSignatureAlgorithm String
    directGrantFlow String
    Which flow should be used for DirectGrantFlow
    displayName String
    displayNameHtml String
    dockerAuthenticationFlow String
    Which flow should be used for DockerAuthenticationFlow
    duplicateEmailsAllowed Boolean
    editUsernameAllowed Boolean
    emailTheme String
    enabled Boolean
    internalId String
    internationalization RealmInternationalization
    loginTheme String
    loginWithEmailAllowed Boolean
    oauth2DeviceCodeLifespan String
    oauth2DevicePollingInterval Integer
    offlineSessionIdleTimeout String
    offlineSessionMaxLifespan String
    offlineSessionMaxLifespanEnabled Boolean
    otpPolicy RealmOtpPolicy
    passwordPolicy String
    String that represents the passwordPolicies that are in place. Each policy is separated with " and ". Supported policies can be found in the server-info providers page. example: "upperCase(1) and length(8) and forceExpiredPasswordChange(365) and notUsername(undefined)"
    refreshTokenMaxReuse Integer
    registrationAllowed Boolean
    registrationEmailAsUsername Boolean
    registrationFlow String
    Which flow should be used for RegistrationFlow
    rememberMe Boolean
    resetCredentialsFlow String
    Which flow should be used for ResetCredentialsFlow
    resetPasswordAllowed Boolean
    revokeRefreshToken Boolean
    securityDefenses RealmSecurityDefenses
    smtpServer RealmSmtpServer
    sslRequired String
    SSL Required: Values can be 'none', 'external' or 'all'.
    ssoSessionIdleTimeout String
    ssoSessionIdleTimeoutRememberMe String
    ssoSessionMaxLifespan String
    ssoSessionMaxLifespanRememberMe String
    userManagedAccess Boolean
    verifyEmail Boolean
    webAuthnPasswordlessPolicy RealmWebAuthnPasswordlessPolicy
    webAuthnPolicy RealmWebAuthnPolicy
    realm string
    accessCodeLifespan string
    accessCodeLifespanLogin string
    accessCodeLifespanUserAction string
    accessTokenLifespan string
    accessTokenLifespanForImplicitFlow string
    accountTheme string
    actionTokenGeneratedByAdminLifespan string
    actionTokenGeneratedByUserLifespan string
    adminTheme string
    attributes {[key: string]: any}
    browserFlow string
    Which flow should be used for BrowserFlow
    clientAuthenticationFlow string
    Which flow should be used for ClientAuthenticationFlow
    clientSessionIdleTimeout string
    clientSessionMaxLifespan string
    defaultDefaultClientScopes string[]
    defaultOptionalClientScopes string[]
    defaultSignatureAlgorithm string
    directGrantFlow string
    Which flow should be used for DirectGrantFlow
    displayName string
    displayNameHtml string
    dockerAuthenticationFlow string
    Which flow should be used for DockerAuthenticationFlow
    duplicateEmailsAllowed boolean
    editUsernameAllowed boolean
    emailTheme string
    enabled boolean
    internalId string
    internationalization RealmInternationalization
    loginTheme string
    loginWithEmailAllowed boolean
    oauth2DeviceCodeLifespan string
    oauth2DevicePollingInterval number
    offlineSessionIdleTimeout string
    offlineSessionMaxLifespan string
    offlineSessionMaxLifespanEnabled boolean
    otpPolicy RealmOtpPolicy
    passwordPolicy string
    String that represents the passwordPolicies that are in place. Each policy is separated with " and ". Supported policies can be found in the server-info providers page. example: "upperCase(1) and length(8) and forceExpiredPasswordChange(365) and notUsername(undefined)"
    refreshTokenMaxReuse number
    registrationAllowed boolean
    registrationEmailAsUsername boolean
    registrationFlow string
    Which flow should be used for RegistrationFlow
    rememberMe boolean
    resetCredentialsFlow string
    Which flow should be used for ResetCredentialsFlow
    resetPasswordAllowed boolean
    revokeRefreshToken boolean
    securityDefenses RealmSecurityDefenses
    smtpServer RealmSmtpServer
    sslRequired string
    SSL Required: Values can be 'none', 'external' or 'all'.
    ssoSessionIdleTimeout string
    ssoSessionIdleTimeoutRememberMe string
    ssoSessionMaxLifespan string
    ssoSessionMaxLifespanRememberMe string
    userManagedAccess boolean
    verifyEmail boolean
    webAuthnPasswordlessPolicy RealmWebAuthnPasswordlessPolicy
    webAuthnPolicy RealmWebAuthnPolicy
    realm str
    access_code_lifespan str
    access_code_lifespan_login str
    access_code_lifespan_user_action str
    access_token_lifespan str
    access_token_lifespan_for_implicit_flow str
    account_theme str
    action_token_generated_by_admin_lifespan str
    action_token_generated_by_user_lifespan str
    admin_theme str
    attributes Mapping[str, Any]
    browser_flow str
    Which flow should be used for BrowserFlow
    client_authentication_flow str
    Which flow should be used for ClientAuthenticationFlow
    client_session_idle_timeout str
    client_session_max_lifespan str
    default_default_client_scopes Sequence[str]
    default_optional_client_scopes Sequence[str]
    default_signature_algorithm str
    direct_grant_flow str
    Which flow should be used for DirectGrantFlow
    display_name str
    display_name_html str
    docker_authentication_flow str
    Which flow should be used for DockerAuthenticationFlow
    duplicate_emails_allowed bool
    edit_username_allowed bool
    email_theme str
    enabled bool
    internal_id str
    internationalization RealmInternationalizationArgs
    login_theme str
    login_with_email_allowed bool
    oauth2_device_code_lifespan str
    oauth2_device_polling_interval int
    offline_session_idle_timeout str
    offline_session_max_lifespan str
    offline_session_max_lifespan_enabled bool
    otp_policy RealmOtpPolicyArgs
    password_policy str
    String that represents the passwordPolicies that are in place. Each policy is separated with " and ". Supported policies can be found in the server-info providers page. example: "upperCase(1) and length(8) and forceExpiredPasswordChange(365) and notUsername(undefined)"
    refresh_token_max_reuse int
    registration_allowed bool
    registration_email_as_username bool
    registration_flow str
    Which flow should be used for RegistrationFlow
    remember_me bool
    reset_credentials_flow str
    Which flow should be used for ResetCredentialsFlow
    reset_password_allowed bool
    revoke_refresh_token bool
    security_defenses RealmSecurityDefensesArgs
    smtp_server RealmSmtpServerArgs
    ssl_required str
    SSL Required: Values can be 'none', 'external' or 'all'.
    sso_session_idle_timeout str
    sso_session_idle_timeout_remember_me str
    sso_session_max_lifespan str
    sso_session_max_lifespan_remember_me str
    user_managed_access bool
    verify_email bool
    web_authn_passwordless_policy RealmWebAuthnPasswordlessPolicyArgs
    web_authn_policy RealmWebAuthnPolicyArgs
    realm String
    accessCodeLifespan String
    accessCodeLifespanLogin String
    accessCodeLifespanUserAction String
    accessTokenLifespan String
    accessTokenLifespanForImplicitFlow String
    accountTheme String
    actionTokenGeneratedByAdminLifespan String
    actionTokenGeneratedByUserLifespan String
    adminTheme String
    attributes Map<Any>
    browserFlow String
    Which flow should be used for BrowserFlow
    clientAuthenticationFlow String
    Which flow should be used for ClientAuthenticationFlow
    clientSessionIdleTimeout String
    clientSessionMaxLifespan String
    defaultDefaultClientScopes List<String>
    defaultOptionalClientScopes List<String>
    defaultSignatureAlgorithm String
    directGrantFlow String
    Which flow should be used for DirectGrantFlow
    displayName String
    displayNameHtml String
    dockerAuthenticationFlow String
    Which flow should be used for DockerAuthenticationFlow
    duplicateEmailsAllowed Boolean
    editUsernameAllowed Boolean
    emailTheme String
    enabled Boolean
    internalId String
    internationalization Property Map
    loginTheme String
    loginWithEmailAllowed Boolean
    oauth2DeviceCodeLifespan String
    oauth2DevicePollingInterval Number
    offlineSessionIdleTimeout String
    offlineSessionMaxLifespan String
    offlineSessionMaxLifespanEnabled Boolean
    otpPolicy Property Map
    passwordPolicy String
    String that represents the passwordPolicies that are in place. Each policy is separated with " and ". Supported policies can be found in the server-info providers page. example: "upperCase(1) and length(8) and forceExpiredPasswordChange(365) and notUsername(undefined)"
    refreshTokenMaxReuse Number
    registrationAllowed Boolean
    registrationEmailAsUsername Boolean
    registrationFlow String
    Which flow should be used for RegistrationFlow
    rememberMe Boolean
    resetCredentialsFlow String
    Which flow should be used for ResetCredentialsFlow
    resetPasswordAllowed Boolean
    revokeRefreshToken Boolean
    securityDefenses Property Map
    smtpServer Property Map
    sslRequired String
    SSL Required: Values can be 'none', 'external' or 'all'.
    ssoSessionIdleTimeout String
    ssoSessionIdleTimeoutRememberMe String
    ssoSessionMaxLifespan String
    ssoSessionMaxLifespanRememberMe String
    userManagedAccess Boolean
    verifyEmail Boolean
    webAuthnPasswordlessPolicy Property Map
    webAuthnPolicy Property Map

    Outputs

    All input properties are implicitly available as output properties. Additionally, the Realm resource produces the following output properties:

    Id string
    The provider-assigned unique ID for this managed resource.
    Id string
    The provider-assigned unique ID for this managed resource.
    id String
    The provider-assigned unique ID for this managed resource.
    id string
    The provider-assigned unique ID for this managed resource.
    id str
    The provider-assigned unique ID for this managed resource.
    id String
    The provider-assigned unique ID for this managed resource.

    Look up Existing Realm Resource

    Get an existing Realm resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: RealmState, opts?: CustomResourceOptions): Realm
    @staticmethod
    def get(resource_name: str,
            id: str,
            opts: Optional[ResourceOptions] = None,
            access_code_lifespan: Optional[str] = None,
            access_code_lifespan_login: Optional[str] = None,
            access_code_lifespan_user_action: Optional[str] = None,
            access_token_lifespan: Optional[str] = None,
            access_token_lifespan_for_implicit_flow: Optional[str] = None,
            account_theme: Optional[str] = None,
            action_token_generated_by_admin_lifespan: Optional[str] = None,
            action_token_generated_by_user_lifespan: Optional[str] = None,
            admin_theme: Optional[str] = None,
            attributes: Optional[Mapping[str, Any]] = None,
            browser_flow: Optional[str] = None,
            client_authentication_flow: Optional[str] = None,
            client_session_idle_timeout: Optional[str] = None,
            client_session_max_lifespan: Optional[str] = None,
            default_default_client_scopes: Optional[Sequence[str]] = None,
            default_optional_client_scopes: Optional[Sequence[str]] = None,
            default_signature_algorithm: Optional[str] = None,
            direct_grant_flow: Optional[str] = None,
            display_name: Optional[str] = None,
            display_name_html: Optional[str] = None,
            docker_authentication_flow: Optional[str] = None,
            duplicate_emails_allowed: Optional[bool] = None,
            edit_username_allowed: Optional[bool] = None,
            email_theme: Optional[str] = None,
            enabled: Optional[bool] = None,
            internal_id: Optional[str] = None,
            internationalization: Optional[RealmInternationalizationArgs] = None,
            login_theme: Optional[str] = None,
            login_with_email_allowed: Optional[bool] = None,
            oauth2_device_code_lifespan: Optional[str] = None,
            oauth2_device_polling_interval: Optional[int] = None,
            offline_session_idle_timeout: Optional[str] = None,
            offline_session_max_lifespan: Optional[str] = None,
            offline_session_max_lifespan_enabled: Optional[bool] = None,
            otp_policy: Optional[RealmOtpPolicyArgs] = None,
            password_policy: Optional[str] = None,
            realm: Optional[str] = None,
            refresh_token_max_reuse: Optional[int] = None,
            registration_allowed: Optional[bool] = None,
            registration_email_as_username: Optional[bool] = None,
            registration_flow: Optional[str] = None,
            remember_me: Optional[bool] = None,
            reset_credentials_flow: Optional[str] = None,
            reset_password_allowed: Optional[bool] = None,
            revoke_refresh_token: Optional[bool] = None,
            security_defenses: Optional[RealmSecurityDefensesArgs] = None,
            smtp_server: Optional[RealmSmtpServerArgs] = None,
            ssl_required: Optional[str] = None,
            sso_session_idle_timeout: Optional[str] = None,
            sso_session_idle_timeout_remember_me: Optional[str] = None,
            sso_session_max_lifespan: Optional[str] = None,
            sso_session_max_lifespan_remember_me: Optional[str] = None,
            user_managed_access: Optional[bool] = None,
            verify_email: Optional[bool] = None,
            web_authn_passwordless_policy: Optional[RealmWebAuthnPasswordlessPolicyArgs] = None,
            web_authn_policy: Optional[RealmWebAuthnPolicyArgs] = None) -> Realm
    func GetRealm(ctx *Context, name string, id IDInput, state *RealmState, opts ...ResourceOption) (*Realm, error)
    public static Realm Get(string name, Input<string> id, RealmState? state, CustomResourceOptions? opts = null)
    public static Realm get(String name, Output<String> id, RealmState state, CustomResourceOptions options)
    Resource lookup is not supported in YAML
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    AccessCodeLifespan string
    AccessCodeLifespanLogin string
    AccessCodeLifespanUserAction string
    AccessTokenLifespan string
    AccessTokenLifespanForImplicitFlow string
    AccountTheme string
    ActionTokenGeneratedByAdminLifespan string
    ActionTokenGeneratedByUserLifespan string
    AdminTheme string
    Attributes Dictionary<string, object>
    BrowserFlow string
    Which flow should be used for BrowserFlow
    ClientAuthenticationFlow string
    Which flow should be used for ClientAuthenticationFlow
    ClientSessionIdleTimeout string
    ClientSessionMaxLifespan string
    DefaultDefaultClientScopes List<string>
    DefaultOptionalClientScopes List<string>
    DefaultSignatureAlgorithm string
    DirectGrantFlow string
    Which flow should be used for DirectGrantFlow
    DisplayName string
    DisplayNameHtml string
    DockerAuthenticationFlow string
    Which flow should be used for DockerAuthenticationFlow
    DuplicateEmailsAllowed bool
    EditUsernameAllowed bool
    EmailTheme string
    Enabled bool
    InternalId string
    Internationalization RealmInternationalization
    LoginTheme string
    LoginWithEmailAllowed bool
    Oauth2DeviceCodeLifespan string
    Oauth2DevicePollingInterval int
    OfflineSessionIdleTimeout string
    OfflineSessionMaxLifespan string
    OfflineSessionMaxLifespanEnabled bool
    OtpPolicy RealmOtpPolicy
    PasswordPolicy string
    String that represents the passwordPolicies that are in place. Each policy is separated with " and ". Supported policies can be found in the server-info providers page. example: "upperCase(1) and length(8) and forceExpiredPasswordChange(365) and notUsername(undefined)"
    RealmName string
    RefreshTokenMaxReuse int
    RegistrationAllowed bool
    RegistrationEmailAsUsername bool
    RegistrationFlow string
    Which flow should be used for RegistrationFlow
    RememberMe bool
    ResetCredentialsFlow string
    Which flow should be used for ResetCredentialsFlow
    ResetPasswordAllowed bool
    RevokeRefreshToken bool
    SecurityDefenses RealmSecurityDefenses
    SmtpServer RealmSmtpServer
    SslRequired string
    SSL Required: Values can be 'none', 'external' or 'all'.
    SsoSessionIdleTimeout string
    SsoSessionIdleTimeoutRememberMe string
    SsoSessionMaxLifespan string
    SsoSessionMaxLifespanRememberMe string
    UserManagedAccess bool
    VerifyEmail bool
    WebAuthnPasswordlessPolicy RealmWebAuthnPasswordlessPolicy
    WebAuthnPolicy RealmWebAuthnPolicy
    AccessCodeLifespan string
    AccessCodeLifespanLogin string
    AccessCodeLifespanUserAction string
    AccessTokenLifespan string
    AccessTokenLifespanForImplicitFlow string
    AccountTheme string
    ActionTokenGeneratedByAdminLifespan string
    ActionTokenGeneratedByUserLifespan string
    AdminTheme string
    Attributes map[string]interface{}
    BrowserFlow string
    Which flow should be used for BrowserFlow
    ClientAuthenticationFlow string
    Which flow should be used for ClientAuthenticationFlow
    ClientSessionIdleTimeout string
    ClientSessionMaxLifespan string
    DefaultDefaultClientScopes []string
    DefaultOptionalClientScopes []string
    DefaultSignatureAlgorithm string
    DirectGrantFlow string
    Which flow should be used for DirectGrantFlow
    DisplayName string
    DisplayNameHtml string
    DockerAuthenticationFlow string
    Which flow should be used for DockerAuthenticationFlow
    DuplicateEmailsAllowed bool
    EditUsernameAllowed bool
    EmailTheme string
    Enabled bool
    InternalId string
    Internationalization RealmInternationalizationArgs
    LoginTheme string
    LoginWithEmailAllowed bool
    Oauth2DeviceCodeLifespan string
    Oauth2DevicePollingInterval int
    OfflineSessionIdleTimeout string
    OfflineSessionMaxLifespan string
    OfflineSessionMaxLifespanEnabled bool
    OtpPolicy RealmOtpPolicyArgs
    PasswordPolicy string
    String that represents the passwordPolicies that are in place. Each policy is separated with " and ". Supported policies can be found in the server-info providers page. example: "upperCase(1) and length(8) and forceExpiredPasswordChange(365) and notUsername(undefined)"
    Realm string
    RefreshTokenMaxReuse int
    RegistrationAllowed bool
    RegistrationEmailAsUsername bool
    RegistrationFlow string
    Which flow should be used for RegistrationFlow
    RememberMe bool
    ResetCredentialsFlow string
    Which flow should be used for ResetCredentialsFlow
    ResetPasswordAllowed bool
    RevokeRefreshToken bool
    SecurityDefenses RealmSecurityDefensesArgs
    SmtpServer RealmSmtpServerArgs
    SslRequired string
    SSL Required: Values can be 'none', 'external' or 'all'.
    SsoSessionIdleTimeout string
    SsoSessionIdleTimeoutRememberMe string
    SsoSessionMaxLifespan string
    SsoSessionMaxLifespanRememberMe string
    UserManagedAccess bool
    VerifyEmail bool
    WebAuthnPasswordlessPolicy RealmWebAuthnPasswordlessPolicyArgs
    WebAuthnPolicy RealmWebAuthnPolicyArgs
    accessCodeLifespan String
    accessCodeLifespanLogin String
    accessCodeLifespanUserAction String
    accessTokenLifespan String
    accessTokenLifespanForImplicitFlow String
    accountTheme String
    actionTokenGeneratedByAdminLifespan String
    actionTokenGeneratedByUserLifespan String
    adminTheme String
    attributes Map<String,Object>
    browserFlow String
    Which flow should be used for BrowserFlow
    clientAuthenticationFlow String
    Which flow should be used for ClientAuthenticationFlow
    clientSessionIdleTimeout String
    clientSessionMaxLifespan String
    defaultDefaultClientScopes List<String>
    defaultOptionalClientScopes List<String>
    defaultSignatureAlgorithm String
    directGrantFlow String
    Which flow should be used for DirectGrantFlow
    displayName String
    displayNameHtml String
    dockerAuthenticationFlow String
    Which flow should be used for DockerAuthenticationFlow
    duplicateEmailsAllowed Boolean
    editUsernameAllowed Boolean
    emailTheme String
    enabled Boolean
    internalId String
    internationalization RealmInternationalization
    loginTheme String
    loginWithEmailAllowed Boolean
    oauth2DeviceCodeLifespan String
    oauth2DevicePollingInterval Integer
    offlineSessionIdleTimeout String
    offlineSessionMaxLifespan String
    offlineSessionMaxLifespanEnabled Boolean
    otpPolicy RealmOtpPolicy
    passwordPolicy String
    String that represents the passwordPolicies that are in place. Each policy is separated with " and ". Supported policies can be found in the server-info providers page. example: "upperCase(1) and length(8) and forceExpiredPasswordChange(365) and notUsername(undefined)"
    realm String
    refreshTokenMaxReuse Integer
    registrationAllowed Boolean
    registrationEmailAsUsername Boolean
    registrationFlow String
    Which flow should be used for RegistrationFlow
    rememberMe Boolean
    resetCredentialsFlow String
    Which flow should be used for ResetCredentialsFlow
    resetPasswordAllowed Boolean
    revokeRefreshToken Boolean
    securityDefenses RealmSecurityDefenses
    smtpServer RealmSmtpServer
    sslRequired String
    SSL Required: Values can be 'none', 'external' or 'all'.
    ssoSessionIdleTimeout String
    ssoSessionIdleTimeoutRememberMe String
    ssoSessionMaxLifespan String
    ssoSessionMaxLifespanRememberMe String
    userManagedAccess Boolean
    verifyEmail Boolean
    webAuthnPasswordlessPolicy RealmWebAuthnPasswordlessPolicy
    webAuthnPolicy RealmWebAuthnPolicy
    accessCodeLifespan string
    accessCodeLifespanLogin string
    accessCodeLifespanUserAction string
    accessTokenLifespan string
    accessTokenLifespanForImplicitFlow string
    accountTheme string
    actionTokenGeneratedByAdminLifespan string
    actionTokenGeneratedByUserLifespan string
    adminTheme string
    attributes {[key: string]: any}
    browserFlow string
    Which flow should be used for BrowserFlow
    clientAuthenticationFlow string
    Which flow should be used for ClientAuthenticationFlow
    clientSessionIdleTimeout string
    clientSessionMaxLifespan string
    defaultDefaultClientScopes string[]
    defaultOptionalClientScopes string[]
    defaultSignatureAlgorithm string
    directGrantFlow string
    Which flow should be used for DirectGrantFlow
    displayName string
    displayNameHtml string
    dockerAuthenticationFlow string
    Which flow should be used for DockerAuthenticationFlow
    duplicateEmailsAllowed boolean
    editUsernameAllowed boolean
    emailTheme string
    enabled boolean
    internalId string
    internationalization RealmInternationalization
    loginTheme string
    loginWithEmailAllowed boolean
    oauth2DeviceCodeLifespan string
    oauth2DevicePollingInterval number
    offlineSessionIdleTimeout string
    offlineSessionMaxLifespan string
    offlineSessionMaxLifespanEnabled boolean
    otpPolicy RealmOtpPolicy
    passwordPolicy string
    String that represents the passwordPolicies that are in place. Each policy is separated with " and ". Supported policies can be found in the server-info providers page. example: "upperCase(1) and length(8) and forceExpiredPasswordChange(365) and notUsername(undefined)"
    realm string
    refreshTokenMaxReuse number
    registrationAllowed boolean
    registrationEmailAsUsername boolean
    registrationFlow string
    Which flow should be used for RegistrationFlow
    rememberMe boolean
    resetCredentialsFlow string
    Which flow should be used for ResetCredentialsFlow
    resetPasswordAllowed boolean
    revokeRefreshToken boolean
    securityDefenses RealmSecurityDefenses
    smtpServer RealmSmtpServer
    sslRequired string
    SSL Required: Values can be 'none', 'external' or 'all'.
    ssoSessionIdleTimeout string
    ssoSessionIdleTimeoutRememberMe string
    ssoSessionMaxLifespan string
    ssoSessionMaxLifespanRememberMe string
    userManagedAccess boolean
    verifyEmail boolean
    webAuthnPasswordlessPolicy RealmWebAuthnPasswordlessPolicy
    webAuthnPolicy RealmWebAuthnPolicy
    access_code_lifespan str
    access_code_lifespan_login str
    access_code_lifespan_user_action str
    access_token_lifespan str
    access_token_lifespan_for_implicit_flow str
    account_theme str
    action_token_generated_by_admin_lifespan str
    action_token_generated_by_user_lifespan str
    admin_theme str
    attributes Mapping[str, Any]
    browser_flow str
    Which flow should be used for BrowserFlow
    client_authentication_flow str
    Which flow should be used for ClientAuthenticationFlow
    client_session_idle_timeout str
    client_session_max_lifespan str
    default_default_client_scopes Sequence[str]
    default_optional_client_scopes Sequence[str]
    default_signature_algorithm str
    direct_grant_flow str
    Which flow should be used for DirectGrantFlow
    display_name str
    display_name_html str
    docker_authentication_flow str
    Which flow should be used for DockerAuthenticationFlow
    duplicate_emails_allowed bool
    edit_username_allowed bool
    email_theme str
    enabled bool
    internal_id str
    internationalization RealmInternationalizationArgs
    login_theme str
    login_with_email_allowed bool
    oauth2_device_code_lifespan str
    oauth2_device_polling_interval int
    offline_session_idle_timeout str
    offline_session_max_lifespan str
    offline_session_max_lifespan_enabled bool
    otp_policy RealmOtpPolicyArgs
    password_policy str
    String that represents the passwordPolicies that are in place. Each policy is separated with " and ". Supported policies can be found in the server-info providers page. example: "upperCase(1) and length(8) and forceExpiredPasswordChange(365) and notUsername(undefined)"
    realm str
    refresh_token_max_reuse int
    registration_allowed bool
    registration_email_as_username bool
    registration_flow str
    Which flow should be used for RegistrationFlow
    remember_me bool
    reset_credentials_flow str
    Which flow should be used for ResetCredentialsFlow
    reset_password_allowed bool
    revoke_refresh_token bool
    security_defenses RealmSecurityDefensesArgs
    smtp_server RealmSmtpServerArgs
    ssl_required str
    SSL Required: Values can be 'none', 'external' or 'all'.
    sso_session_idle_timeout str
    sso_session_idle_timeout_remember_me str
    sso_session_max_lifespan str
    sso_session_max_lifespan_remember_me str
    user_managed_access bool
    verify_email bool
    web_authn_passwordless_policy RealmWebAuthnPasswordlessPolicyArgs
    web_authn_policy RealmWebAuthnPolicyArgs
    accessCodeLifespan String
    accessCodeLifespanLogin String
    accessCodeLifespanUserAction String
    accessTokenLifespan String
    accessTokenLifespanForImplicitFlow String
    accountTheme String
    actionTokenGeneratedByAdminLifespan String
    actionTokenGeneratedByUserLifespan String
    adminTheme String
    attributes Map<Any>
    browserFlow String
    Which flow should be used for BrowserFlow
    clientAuthenticationFlow String
    Which flow should be used for ClientAuthenticationFlow
    clientSessionIdleTimeout String
    clientSessionMaxLifespan String
    defaultDefaultClientScopes List<String>
    defaultOptionalClientScopes List<String>
    defaultSignatureAlgorithm String
    directGrantFlow String
    Which flow should be used for DirectGrantFlow
    displayName String
    displayNameHtml String
    dockerAuthenticationFlow String
    Which flow should be used for DockerAuthenticationFlow
    duplicateEmailsAllowed Boolean
    editUsernameAllowed Boolean
    emailTheme String
    enabled Boolean
    internalId String
    internationalization Property Map
    loginTheme String
    loginWithEmailAllowed Boolean
    oauth2DeviceCodeLifespan String
    oauth2DevicePollingInterval Number
    offlineSessionIdleTimeout String
    offlineSessionMaxLifespan String
    offlineSessionMaxLifespanEnabled Boolean
    otpPolicy Property Map
    passwordPolicy String
    String that represents the passwordPolicies that are in place. Each policy is separated with " and ". Supported policies can be found in the server-info providers page. example: "upperCase(1) and length(8) and forceExpiredPasswordChange(365) and notUsername(undefined)"
    realm String
    refreshTokenMaxReuse Number
    registrationAllowed Boolean
    registrationEmailAsUsername Boolean
    registrationFlow String
    Which flow should be used for RegistrationFlow
    rememberMe Boolean
    resetCredentialsFlow String
    Which flow should be used for ResetCredentialsFlow
    resetPasswordAllowed Boolean
    revokeRefreshToken Boolean
    securityDefenses Property Map
    smtpServer Property Map
    sslRequired String
    SSL Required: Values can be 'none', 'external' or 'all'.
    ssoSessionIdleTimeout String
    ssoSessionIdleTimeoutRememberMe String
    ssoSessionMaxLifespan String
    ssoSessionMaxLifespanRememberMe String
    userManagedAccess Boolean
    verifyEmail Boolean
    webAuthnPasswordlessPolicy Property Map
    webAuthnPolicy Property Map

    Supporting Types

    RealmInternationalization, RealmInternationalizationArgs

    DefaultLocale string
    SupportedLocales List<string>
    defaultLocale String
    supportedLocales List<String>
    defaultLocale String
    supportedLocales List<String>

    RealmOtpPolicy, RealmOtpPolicyArgs

    Algorithm string
    What hashing algorithm should be used to generate the OTP.
    Digits int
    InitialCounter int
    LookAheadWindow int
    Period int
    Type string
    OTP Type, totp for Time-Based One Time Password or hotp for counter base one time password
    Algorithm string
    What hashing algorithm should be used to generate the OTP.
    Digits int
    InitialCounter int
    LookAheadWindow int
    Period int
    Type string
    OTP Type, totp for Time-Based One Time Password or hotp for counter base one time password
    algorithm String
    What hashing algorithm should be used to generate the OTP.
    digits Integer
    initialCounter Integer
    lookAheadWindow Integer
    period Integer
    type String
    OTP Type, totp for Time-Based One Time Password or hotp for counter base one time password
    algorithm string
    What hashing algorithm should be used to generate the OTP.
    digits number
    initialCounter number
    lookAheadWindow number
    period number
    type string
    OTP Type, totp for Time-Based One Time Password or hotp for counter base one time password
    algorithm str
    What hashing algorithm should be used to generate the OTP.
    digits int
    initial_counter int
    look_ahead_window int
    period int
    type str
    OTP Type, totp for Time-Based One Time Password or hotp for counter base one time password
    algorithm String
    What hashing algorithm should be used to generate the OTP.
    digits Number
    initialCounter Number
    lookAheadWindow Number
    period Number
    type String
    OTP Type, totp for Time-Based One Time Password or hotp for counter base one time password

    RealmSecurityDefenses, RealmSecurityDefensesArgs

    RealmSecurityDefensesBruteForceDetection, RealmSecurityDefensesBruteForceDetectionArgs

    RealmSecurityDefensesHeaders, RealmSecurityDefensesHeadersArgs

    RealmSmtpServer, RealmSmtpServerArgs

    from String
    host String
    auth RealmSmtpServerAuth
    envelopeFrom String
    fromDisplayName String
    port String
    replyTo String
    replyToDisplayName String
    ssl Boolean
    starttls Boolean
    from string
    host string
    auth RealmSmtpServerAuth
    envelopeFrom string
    fromDisplayName string
    port string
    replyTo string
    replyToDisplayName string
    ssl boolean
    starttls boolean
    from String
    host String
    auth Property Map
    envelopeFrom String
    fromDisplayName String
    port String
    replyTo String
    replyToDisplayName String
    ssl Boolean
    starttls Boolean

    RealmSmtpServerAuth, RealmSmtpServerAuthArgs

    Password string
    Username string
    Password string
    Username string
    password String
    username String
    password string
    username string
    password String
    username String

    RealmWebAuthnPasswordlessPolicy, RealmWebAuthnPasswordlessPolicyArgs

    AcceptableAaguids List<string>
    AttestationConveyancePreference string
    Either none, indirect or direct
    AuthenticatorAttachment string
    Either platform or cross-platform
    AvoidSameAuthenticatorRegister bool
    CreateTimeout int
    RelyingPartyEntityName string
    RelyingPartyId string
    RequireResidentKey string
    Either Yes or No
    SignatureAlgorithms List<string>
    Keycloak lists ES256, ES384, ES512, RS256, RS384, RS512, RS1 at the time of writing
    UserVerificationRequirement string
    Either required, preferred or discouraged
    AcceptableAaguids []string
    AttestationConveyancePreference string
    Either none, indirect or direct
    AuthenticatorAttachment string
    Either platform or cross-platform
    AvoidSameAuthenticatorRegister bool
    CreateTimeout int
    RelyingPartyEntityName string
    RelyingPartyId string
    RequireResidentKey string
    Either Yes or No
    SignatureAlgorithms []string
    Keycloak lists ES256, ES384, ES512, RS256, RS384, RS512, RS1 at the time of writing
    UserVerificationRequirement string
    Either required, preferred or discouraged
    acceptableAaguids List<String>
    attestationConveyancePreference String
    Either none, indirect or direct
    authenticatorAttachment String
    Either platform or cross-platform
    avoidSameAuthenticatorRegister Boolean
    createTimeout Integer
    relyingPartyEntityName String
    relyingPartyId String
    requireResidentKey String
    Either Yes or No
    signatureAlgorithms List<String>
    Keycloak lists ES256, ES384, ES512, RS256, RS384, RS512, RS1 at the time of writing
    userVerificationRequirement String
    Either required, preferred or discouraged
    acceptableAaguids string[]
    attestationConveyancePreference string
    Either none, indirect or direct
    authenticatorAttachment string
    Either platform or cross-platform
    avoidSameAuthenticatorRegister boolean
    createTimeout number
    relyingPartyEntityName string
    relyingPartyId string
    requireResidentKey string
    Either Yes or No
    signatureAlgorithms string[]
    Keycloak lists ES256, ES384, ES512, RS256, RS384, RS512, RS1 at the time of writing
    userVerificationRequirement string
    Either required, preferred or discouraged
    acceptable_aaguids Sequence[str]
    attestation_conveyance_preference str
    Either none, indirect or direct
    authenticator_attachment str
    Either platform or cross-platform
    avoid_same_authenticator_register bool
    create_timeout int
    relying_party_entity_name str
    relying_party_id str
    require_resident_key str
    Either Yes or No
    signature_algorithms Sequence[str]
    Keycloak lists ES256, ES384, ES512, RS256, RS384, RS512, RS1 at the time of writing
    user_verification_requirement str
    Either required, preferred or discouraged
    acceptableAaguids List<String>
    attestationConveyancePreference String
    Either none, indirect or direct
    authenticatorAttachment String
    Either platform or cross-platform
    avoidSameAuthenticatorRegister Boolean
    createTimeout Number
    relyingPartyEntityName String
    relyingPartyId String
    requireResidentKey String
    Either Yes or No
    signatureAlgorithms List<String>
    Keycloak lists ES256, ES384, ES512, RS256, RS384, RS512, RS1 at the time of writing
    userVerificationRequirement String
    Either required, preferred or discouraged

    RealmWebAuthnPolicy, RealmWebAuthnPolicyArgs

    AcceptableAaguids List<string>
    AttestationConveyancePreference string
    Either none, indirect or direct
    AuthenticatorAttachment string
    Either platform or cross-platform
    AvoidSameAuthenticatorRegister bool
    CreateTimeout int
    RelyingPartyEntityName string
    RelyingPartyId string
    RequireResidentKey string
    Either Yes or No
    SignatureAlgorithms List<string>
    Keycloak lists ES256, ES384, ES512, RS256, RS384, RS512, RS1 at the time of writing
    UserVerificationRequirement string
    Either required, preferred or discouraged
    AcceptableAaguids []string
    AttestationConveyancePreference string
    Either none, indirect or direct
    AuthenticatorAttachment string
    Either platform or cross-platform
    AvoidSameAuthenticatorRegister bool
    CreateTimeout int
    RelyingPartyEntityName string
    RelyingPartyId string
    RequireResidentKey string
    Either Yes or No
    SignatureAlgorithms []string
    Keycloak lists ES256, ES384, ES512, RS256, RS384, RS512, RS1 at the time of writing
    UserVerificationRequirement string
    Either required, preferred or discouraged
    acceptableAaguids List<String>
    attestationConveyancePreference String
    Either none, indirect or direct
    authenticatorAttachment String
    Either platform or cross-platform
    avoidSameAuthenticatorRegister Boolean
    createTimeout Integer
    relyingPartyEntityName String
    relyingPartyId String
    requireResidentKey String
    Either Yes or No
    signatureAlgorithms List<String>
    Keycloak lists ES256, ES384, ES512, RS256, RS384, RS512, RS1 at the time of writing
    userVerificationRequirement String
    Either required, preferred or discouraged
    acceptableAaguids string[]
    attestationConveyancePreference string
    Either none, indirect or direct
    authenticatorAttachment string
    Either platform or cross-platform
    avoidSameAuthenticatorRegister boolean
    createTimeout number
    relyingPartyEntityName string
    relyingPartyId string
    requireResidentKey string
    Either Yes or No
    signatureAlgorithms string[]
    Keycloak lists ES256, ES384, ES512, RS256, RS384, RS512, RS1 at the time of writing
    userVerificationRequirement string
    Either required, preferred or discouraged
    acceptable_aaguids Sequence[str]
    attestation_conveyance_preference str
    Either none, indirect or direct
    authenticator_attachment str
    Either platform or cross-platform
    avoid_same_authenticator_register bool
    create_timeout int
    relying_party_entity_name str
    relying_party_id str
    require_resident_key str
    Either Yes or No
    signature_algorithms Sequence[str]
    Keycloak lists ES256, ES384, ES512, RS256, RS384, RS512, RS1 at the time of writing
    user_verification_requirement str
    Either required, preferred or discouraged
    acceptableAaguids List<String>
    attestationConveyancePreference String
    Either none, indirect or direct
    authenticatorAttachment String
    Either platform or cross-platform
    avoidSameAuthenticatorRegister Boolean
    createTimeout Number
    relyingPartyEntityName String
    relyingPartyId String
    requireResidentKey String
    Either Yes or No
    signatureAlgorithms List<String>
    Keycloak lists ES256, ES384, ES512, RS256, RS384, RS512, RS1 at the time of writing
    userVerificationRequirement String
    Either required, preferred or discouraged

    Package Details

    Repository
    Keycloak pulumi/pulumi-keycloak
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the keycloak Terraform Provider.
    keycloak logo
    Keycloak v5.3.2 published on Friday, May 10, 2024 by Pulumi