Skip to content

Commit

Permalink
DXCDT-644 Add support for SCIM APIs
Browse files Browse the repository at this point in the history
  • Loading branch information
acwest committed Jul 10, 2024
1 parent 8b89642 commit 75b13f2
Show file tree
Hide file tree
Showing 17 changed files with 5,712 additions and 2,036 deletions.
75 changes: 75 additions & 0 deletions docs/data-sources/connection_scim_configuration.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,75 @@
---
page_title: "Data Source: auth0_connection_scim_configuration"
description: |-
Data source to retrieve a SCIM configuration for an Auth0 connection by connection_id.
---

# Data Source: auth0_connection_scim_configuration

Data source to retrieve a SCIM configuration for an Auth0 connection by `connection_id`.

## Example Usage

```terraform
resource "auth0_connection" "my_enterprise_connection" {
name = "my-enterprise-connection"
display_name = "My Enterprise Connection"
strategy = "okta"
options {
client_id = "1234567"
client_secret = "1234567"
issuer = "https://example.okta.com"
jwks_uri = "https://example.okta.com/oauth2/v1/keys"
token_endpoint = "https://example.okta.com/oauth2/v1/token"
authorization_endpoint = "https://example.okta.com/oauth2/v1/authorize"
}
}
resource "auth0_connection_scim_configuration" "my_conn_scim_configuration" {
depends_on = [auth0_connection.my_enterprise_connection]
connection_id = auth0_connection.my_enterprise_connection.id
}
# A data source for an Auth0 Connection SCIM Configuration.
data "auth0_connection_scim_configuration" "my_conn_scim_configuration_data" {
depends_on = [auth0_connection_scim_configuration.my_conn_scim_configuration]
connection_id = auth0_connection_scim_configuration.my_conn_scim_configuration.id
}
```

<!-- schema generated by tfplugindocs -->
## Schema

### Required

- `connection_id` (String) ID of the connection for this SCIM configuration.

### Read-Only

- `connection_name` (String) Name of the connection for this SCIM configuration.
- `default_mapping` (Set of Object) Default mapping between Auth0 attributes and SCIM attributes for this connectiion. (see [below for nested schema](#nestedatt--default_mapping))
- `id` (String) The ID of this resource.
- `mapping` (Set of Object) Mapping between Auth0 attributes and SCIM attributes. (see [below for nested schema](#nestedatt--mapping))
- `strategy` (String) Schema of the connection for this SCIM configuration.
- `tenant_name` (String) Name of the tenant for this SCIM configuration.
- `user_id_attribute` (String) User ID attribute for generation unique of user ids.

<a id="nestedatt--default_mapping"></a>
### Nested Schema for `default_mapping`

Read-Only:

- `auth0` (String)
- `scim` (String)


<a id="nestedatt--mapping"></a>
### Nested Schema for `mapping`

Read-Only:

- `auth0` (String)
- `scim` (String)


114 changes: 114 additions & 0 deletions docs/resources/connection_scim_configuration.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,114 @@
---
page_title: "Resource: auth0_connection_scim_configuration"
description: |-
With this resource, you can configure SCIM(System for Cross-domain Identity Management) https://simplecloud.info/ support for SAML and OpenID Connect Enterprise connections.
---

# Resource: auth0_connection_scim_configuration

With this resource, you can configure [SCIM(System for Cross-domain Identity Management)](https://simplecloud.info/) support for `SAML` and `OpenID Connect` Enterprise connections.

## Example Usage

```terraform
resource "auth0_connection" "my_enterprise_connection" {
name = "my-enterprise-connection"
display_name = "My Enterprise Connection"
strategy = "okta"
options {
client_id = "1234567"
client_secret = "1234567"
issuer = "https://example.okta.com"
jwks_uri = "https://example.okta.com/oauth2/v1/keys"
token_endpoint = "https://example.okta.com/oauth2/v1/token"
authorization_endpoint = "https://example.okta.com/oauth2/v1/authorize"
}
}
resource "auth0_connection" "my_enterprise_connection_2" {
name = "my-enterprise-connection-2"
display_name = "My Enterprise Connection 2"
strategy = "okta"
options {
client_id = "1234567"
client_secret = "1234567"
issuer = "https://example.okta.com"
jwks_uri = "https://example.okta.com/oauth2/v1/keys"
token_endpoint = "https://example.okta.com/oauth2/v1/token"
authorization_endpoint = "https://example.okta.com/oauth2/v1/authorize"
}
}
# A resource for configuring an Auth0 Connection SCIM Configuration, using default values.
# Only one can be specified for a connection.
resource "auth0_connection_scim_configuration" "my_conn_scim_configuration_default" {
depends_on = [auth0_connection.my_enterprise_connection]
connection_id = auth0_connection.my_enterprise_connection.id
}
# A resource for configuring an Auth0 Connection SCIM Configuration, specifying `user_id_attribute` and `mapping`.
# Only one can be specified for a connection.
resource "auth0_connection_scim_configuration" "my_conn_scim_configuration" {
depends_on = [auth0_connection.my_enterprise_connection_2]
connection_id = auth0_connection.my_enterprise_connection_2.id
user_id_attribute = "attribute1"
mapping {
auth0 = "auth0_attribute1"
scim = "sacim_attribute1"
}
mapping {
auth0 = "auth0_attribute2"
scim = "sacim_attribute2"
}
}
```

<!-- schema generated by tfplugindocs -->
## Schema

### Required

- `connection_id` (String) ID of the connection for this SCIM configuration.

### Optional

- `mapping` (Block Set) Mapping between Auth0 attributes and SCIM attributes. If `user_id_attribute` is set, `mapping` must be set as well. (see [below for nested schema](#nestedblock--mapping))
- `user_id_attribute` (String) User ID attribute for generation unique of user ids. If `user_id_attribute` is set, `mapping` must be set as well. Defaults to `userName` for SAML connections and `externalId` for OIDC connections.

### Read-Only

- `connection_name` (String) Name of the connection for this SCIM configuration.
- `default_mapping` (Set of Object) Default mapping between Auth0 attributes and SCIM attributes for this connectiion. (see [below for nested schema](#nestedatt--default_mapping))
- `id` (String) The ID of this resource.
- `strategy` (String) Schema of the connection for this SCIM configuration.
- `tenant_name` (String) Name of the tenant for this SCIM configuration.

<a id="nestedblock--mapping"></a>
### Nested Schema for `mapping`

Required:

- `auth0` (String) The field location in the Auth0 schema.
- `scim` (String) The field location in the SCIM schema.


<a id="nestedatt--default_mapping"></a>
### Nested Schema for `default_mapping`

Read-Only:

- `auth0` (String)
- `scim` (String)

## Import

Import is supported using the following syntax:

```shell
# This resource can be imported by specifying the connection ID <connectionID>
#
# Example:
terraform import auth0_connection_scim_configuration.my_conn_scim_conf "con_XXXXX"
```
Original file line number Diff line number Diff line change
@@ -0,0 +1,26 @@
resource "auth0_connection" "my_enterprise_connection" {
name = "my-enterprise-connection"
display_name = "My Enterprise Connection"
strategy = "okta"

options {
client_id = "1234567"
client_secret = "1234567"
issuer = "https://example.okta.com"
jwks_uri = "https://example.okta.com/oauth2/v1/keys"
token_endpoint = "https://example.okta.com/oauth2/v1/token"
authorization_endpoint = "https://example.okta.com/oauth2/v1/authorize"
}
}

resource "auth0_connection_scim_configuration" "my_conn_scim_configuration" {
depends_on = [auth0_connection.my_enterprise_connection]
connection_id = auth0_connection.my_enterprise_connection.id
}

# A data source for an Auth0 Connection SCIM Configuration.
data "auth0_connection_scim_configuration" "my_conn_scim_configuration_data" {
depends_on = [auth0_connection_scim_configuration.my_conn_scim_configuration]
connection_id = auth0_connection_scim_configuration.my_conn_scim_configuration.id
}

Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
# This resource can be imported by specifying the connection ID <connectionID>
#
# Example:
terraform import auth0_connection_scim_configuration.my_conn_scim_conf "con_XXXXX"
52 changes: 52 additions & 0 deletions examples/resources/auth0_connection_scim_configuration/resource.tf
Original file line number Diff line number Diff line change
@@ -0,0 +1,52 @@
resource "auth0_connection" "my_enterprise_connection" {
name = "my-enterprise-connection"
display_name = "My Enterprise Connection"
strategy = "okta"

options {
client_id = "1234567"
client_secret = "1234567"
issuer = "https://example.okta.com"
jwks_uri = "https://example.okta.com/oauth2/v1/keys"
token_endpoint = "https://example.okta.com/oauth2/v1/token"
authorization_endpoint = "https://example.okta.com/oauth2/v1/authorize"
}
}

resource "auth0_connection" "my_enterprise_connection_2" {
name = "my-enterprise-connection-2"
display_name = "My Enterprise Connection 2"
strategy = "okta"

options {
client_id = "1234567"
client_secret = "1234567"
issuer = "https://example.okta.com"
jwks_uri = "https://example.okta.com/oauth2/v1/keys"
token_endpoint = "https://example.okta.com/oauth2/v1/token"
authorization_endpoint = "https://example.okta.com/oauth2/v1/authorize"
}
}

# A resource for configuring an Auth0 Connection SCIM Configuration, using default values.
# Only one can be specified for a connection.
resource "auth0_connection_scim_configuration" "my_conn_scim_configuration_default" {
depends_on = [auth0_connection.my_enterprise_connection]
connection_id = auth0_connection.my_enterprise_connection.id
}

# A resource for configuring an Auth0 Connection SCIM Configuration, specifying `user_id_attribute` and `mapping`.
# Only one can be specified for a connection.
resource "auth0_connection_scim_configuration" "my_conn_scim_configuration" {
depends_on = [auth0_connection.my_enterprise_connection_2]
connection_id = auth0_connection.my_enterprise_connection_2.id
user_id_attribute = "attribute1"
mapping {
auth0 = "auth0_attribute1"
scim = "sacim_attribute1"
}
mapping {
auth0 = "auth0_attribute2"
scim = "sacim_attribute2"
}
}
25 changes: 25 additions & 0 deletions internal/auth0/connection/data_source_scim.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,25 @@
package connection

import (
"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"

internalSchema "github.com/auth0/terraform-provider-auth0/internal/schema"
)

// NewSCIMConfigurationDataSource will return a new auth0_connection_scim_configuration data source.
func NewSCIMConfigurationDataSource() *schema.Resource {
return &schema.Resource{
ReadContext: readSCIMConfiguration,
Description: "Data source to retrieve a SCIM configuration for an Auth0 connection by `connection_id`.",
Schema: getSCIMDataSourceSchema(),
}
}

func getSCIMDataSourceSchema() map[string]*schema.Schema {
dataSourceSchema := internalSchema.TransformResourceToDataSource(getSCIMResourceSchema())
internalSchema.SetExistingAttributesAsRequired(dataSourceSchema, "connection_id")
dataSourceSchema["user_id_attribute"].Description = "User ID attribute for generation unique of user ids."
dataSourceSchema["mapping"].Description = "Mapping between Auth0 attributes and SCIM attributes."

return dataSourceSchema
}
Loading

0 comments on commit 75b13f2

Please sign in to comment.