identity_providers
Creates, updates, deletes, gets or lists an identity_providers resource.
Overview
| Name | identity_providers |
| Type | Resource |
| Id | cloudflare.zero_trust.identity_providers |
Fields
The following fields are returned by SELECT queries:
- get_by_account
- get_by_zone
- list_by_account
- list_by_zone
Get an Access identity provider response
| Name | Datatype | Description |
|---|---|---|
id | string | UUID. (example: f174e90a-fafe-4643-bbbc-4a0ed4fc8415) |
name | string | The name of the identity provider, shown to users on the login page. (example: Widget Corps IDP) |
config | object | The configuration parameters for the identity provider. To view the required parameters for a specific provider, refer to our developer documentation. |
scim_config | object | The configuration settings for enabling a System for Cross-Domain Identity Management (SCIM) with the identity provider. |
type | string | The type of identity provider. To determine the value for a specific provider, refer to our developer documentation. (onetimepin, azureAD, saml, centrify, facebook, github, google-apps, google, linkedin, oidc, okta, onelogin, pingone, yandex) (example: onetimepin) |
Get an Access identity provider response
| Name | Datatype | Description |
|---|---|---|
id | string | UUID. (example: f174e90a-fafe-4643-bbbc-4a0ed4fc8415) |
name | string | The name of the identity provider, shown to users on the login page. (example: Widget Corps IDP) |
config | object | The configuration parameters for the identity provider. To view the required parameters for a specific provider, refer to our developer documentation. |
scim_config | object | The configuration settings for enabling a System for Cross-Domain Identity Management (SCIM) with the identity provider. |
type | string | The type of identity provider. To determine the value for a specific provider, refer to our developer documentation. (onetimepin, azureAD, saml, centrify, facebook, github, google-apps, google, linkedin, oidc, okta, onelogin, pingone, yandex) (example: onetimepin) |
List Access identity providers response
| Name | Datatype | Description |
|---|---|---|
id | string | UUID. (example: f174e90a-fafe-4643-bbbc-4a0ed4fc8415) |
name | string | The name of the identity provider, shown to users on the login page. (example: Widget Corps IDP) |
config | object | The configuration parameters for the identity provider. To view the required parameters for a specific provider, refer to our developer documentation. |
scim_config | object | The configuration settings for enabling a System for Cross-Domain Identity Management (SCIM) with the identity provider. |
type | string | The type of identity provider. To determine the value for a specific provider, refer to our developer documentation. (onetimepin, azureAD, saml, centrify, facebook, github, google-apps, google, linkedin, oidc, okta, onelogin, pingone, yandex) (example: onetimepin) |
List Access identity providers response
| Name | Datatype | Description |
|---|---|---|
id | string | UUID. (example: f174e90a-fafe-4643-bbbc-4a0ed4fc8415) |
name | string | The name of the identity provider, shown to users on the login page. (example: Widget Corps IDP) |
config | object | The configuration parameters for the identity provider. To view the required parameters for a specific provider, refer to our developer documentation. |
scim_config | object | The configuration settings for enabling a System for Cross-Domain Identity Management (SCIM) with the identity provider. |
type | string | The type of identity provider. To determine the value for a specific provider, refer to our developer documentation. (onetimepin, azureAD, saml, centrify, facebook, github, google-apps, google, linkedin, oidc, okta, onelogin, pingone, yandex) (example: onetimepin) |
Methods
The following methods are available for this resource:
| Name | Accessible by | Required Params | Optional Params | Description |
|---|---|---|---|---|
get_by_account | select | identity_provider_id, account_id | Fetches a configured identity provider. | |
get_by_zone | select | identity_provider_id, zone_id | Fetches a configured identity provider. | |
list_by_account | select | account_id | scim_enabled, page, per_page | Lists all configured identity providers. |
list_by_zone | select | zone_id | scim_enabled, page, per_page | Lists all configured identity providers. |
create_by_account | insert | account_id, config, name, type | Adds a new identity provider to Access. | |
create_by_zone | insert | zone_id, config, name, type | Adds a new identity provider to Access. | |
update_by_account | replace | identity_provider_id, account_id, config, name, type | Updates a configured identity provider. | |
update_by_zone | replace | identity_provider_id, zone_id, config, name, type | Updates a configured identity provider. | |
delete_by_account | delete | identity_provider_id, account_id | Deletes an identity provider from Access. | |
delete_by_zone | delete | identity_provider_id, zone_id | Deletes an identity provider from Access. |
Parameters
Parameters can be passed in the WHERE clause of a query. Check the Methods section to see which parameters are required or optional for each operation.
| Name | Datatype | Description |
|---|---|---|
account_id | string | The Cloudflare account ID. |
identity_provider_id | string | |
zone_id | string | The Cloudflare zone ID. |
page | integer | |
per_page | integer | |
scim_enabled | string |
SELECT examples
- get_by_account
- get_by_zone
- list_by_account
- list_by_zone
Fetches a configured identity provider.
SELECT
id,
name,
config,
scim_config,
type
FROM cloudflare.zero_trust.identity_providers
WHERE identity_provider_id = '{{ identity_provider_id }}' -- required
AND account_id = '{{ account_id }}' -- required
;
Fetches a configured identity provider.
SELECT
id,
name,
config,
scim_config,
type
FROM cloudflare.zero_trust.identity_providers
WHERE identity_provider_id = '{{ identity_provider_id }}' -- required
AND zone_id = '{{ zone_id }}' -- required
;
Lists all configured identity providers.
SELECT
id,
name,
config,
scim_config,
type
FROM cloudflare.zero_trust.identity_providers
WHERE account_id = '{{ account_id }}' -- required
AND scim_enabled = '{{ scim_enabled }}'
AND page = '{{ page }}'
AND per_page = '{{ per_page }}'
;
Lists all configured identity providers.
SELECT
id,
name,
config,
scim_config,
type
FROM cloudflare.zero_trust.identity_providers
WHERE zone_id = '{{ zone_id }}' -- required
AND scim_enabled = '{{ scim_enabled }}'
AND page = '{{ page }}'
AND per_page = '{{ per_page }}'
;
INSERT examples
- create_by_account
- create_by_zone
- Manifest
Adds a new identity provider to Access.
INSERT INTO cloudflare.zero_trust.identity_providers (
config,
name,
scim_config,
type,
account_id
)
SELECT
'{{ config }}' /* required */,
'{{ name }}' /* required */,
'{{ scim_config }}',
'{{ type }}' /* required */,
'{{ account_id }}'
RETURNING
errors,
messages,
result,
success
;
Adds a new identity provider to Access.
INSERT INTO cloudflare.zero_trust.identity_providers (
config,
name,
scim_config,
type,
zone_id
)
SELECT
'{{ config }}' /* required */,
'{{ name }}' /* required */,
'{{ scim_config }}',
'{{ type }}' /* required */,
'{{ zone_id }}'
RETURNING
errors,
messages,
result,
success
;
# Description fields are for documentation purposes
- name: identity_providers
props:
- name: account_id
value: "{{ account_id }}"
description: Required parameter for the identity_providers resource.
- name: zone_id
value: "{{ zone_id }}"
description: Required parameter for the identity_providers resource.
- name: config
description: |
The configuration parameters for the identity provider. To view the required parameters for a specific provider, refer to our [developer documentation](https://developers.cloudflare.com/cloudflare-one/identity/idp-integration/).
value:
client_id: "{{ client_id }}"
client_secret: "{{ client_secret }}"
claims:
- "{{ claims }}"
email_claim_name: "{{ email_claim_name }}"
conditional_access_enabled: {{ conditional_access_enabled }}
directory_id: "{{ directory_id }}"
prompt: "{{ prompt }}"
support_groups: {{ support_groups }}
- name: name
value: "{{ name }}"
description: |
The name of the identity provider, shown to users on the login page.
- name: scim_config
description: |
The configuration settings for enabling a System for Cross-Domain Identity Management (SCIM) with the identity provider.
value:
enabled: {{ enabled }}
identity_update_behavior: "{{ identity_update_behavior }}"
scim_base_url: "{{ scim_base_url }}"
seat_deprovision: {{ seat_deprovision }}
secret: "{{ secret }}"
user_deprovision: {{ user_deprovision }}
- name: type
value: "{{ type }}"
description: |
The type of identity provider. To determine the value for a specific provider, refer to our [developer documentation](https://developers.cloudflare.com/cloudflare-one/identity/idp-integration/).
valid_values: ['onetimepin', 'azureAD', 'saml', 'centrify', 'facebook', 'github', 'google-apps', 'google', 'linkedin', 'oidc', 'okta', 'onelogin', 'pingone', 'yandex']
REPLACE examples
- update_by_account
- update_by_zone
Updates a configured identity provider.
REPLACE cloudflare.zero_trust.identity_providers
SET
config = '{{ config }}',
name = '{{ name }}',
scim_config = '{{ scim_config }}',
type = '{{ type }}'
WHERE
identity_provider_id = '{{ identity_provider_id }}' --required
AND account_id = '{{ account_id }}' --required
AND config = '{{ config }}' --required
AND name = '{{ name }}' --required
AND type = '{{ type }}' --required
RETURNING
errors,
messages,
result,
success;
Updates a configured identity provider.
REPLACE cloudflare.zero_trust.identity_providers
SET
config = '{{ config }}',
name = '{{ name }}',
scim_config = '{{ scim_config }}',
type = '{{ type }}'
WHERE
identity_provider_id = '{{ identity_provider_id }}' --required
AND zone_id = '{{ zone_id }}' --required
AND config = '{{ config }}' --required
AND name = '{{ name }}' --required
AND type = '{{ type }}' --required
RETURNING
errors,
messages,
result,
success;
DELETE examples
- delete_by_account
- delete_by_zone
Deletes an identity provider from Access.
DELETE FROM cloudflare.zero_trust.identity_providers
WHERE identity_provider_id = '{{ identity_provider_id }}' --required
AND account_id = '{{ account_id }}' --required
;
Deletes an identity provider from Access.
DELETE FROM cloudflare.zero_trust.identity_providers
WHERE identity_provider_id = '{{ identity_provider_id }}' --required
AND zone_id = '{{ zone_id }}' --required
;