{"name":"descope","displayName":"Descope","version":"0.3.4","description":"A Pulumi package for creating and managing descope cloud resources.","keywords":["descope","category/cloud"],"homepage":"https://www.descope.com","license":"Apache-2.0","attribution":"This Pulumi package is based on the [`descope` Terraform Provider](https://github.com/descope/terraform-provider-descope).","repository":"https://github.com/descope/pulumi-descope","logoUrl":"https://avatars3.githubusercontent.com/descope","pluginDownloadURL":"github://api.github.com/descope","publisher":"Descope","meta":{"moduleFormat":"(.*)(?:/[^/]*)"},"language":{"csharp":{"packageReferences":{"Pulumi":"3.*"},"compatibility":"tfbridge20","rootNamespace":"Descope.Pulumi","respectSchemaVersion":true},"go":{"importBasePath":"github.com/descope/pulumi-descope/sdk/go/descope","generateResourceContainerTypes":true,"generateExtraInputTypes":true,"respectSchemaVersion":true},"java":{"basePackage":"com.descope.pulumi","buildFiles":"","gradleNexusPublishPluginVersion":"","gradleTest":""},"nodejs":{"packageName":"@descope/pulumi-descope","packageDescription":"A Pulumi package for creating and managing descope cloud resources.","readme":"\u003e This provider is a derived work of the [Terraform Provider](https://github.com/descope/terraform-provider-descope)\n\u003e distributed under [MPL 2.0](https://www.mozilla.org/en-US/MPL/2.0/). If you encounter a bug or missing feature,\n\u003e first check the [`pulumi-descope` repo](https://github.com/descope/pulumi-descope/issues); however, if that doesn't turn up anything,\n\u003e please consult the source [`terraform-provider-descope` repo](https://github.com/descope/terraform-provider-descope/issues).","compatibility":"tfbridge20","disableUnionOutputTypes":true,"respectSchemaVersion":true},"python":{"packageName":"descope_pulumi","readme":"\u003e This provider is a derived work of the [Terraform Provider](https://github.com/descope/terraform-provider-descope)\n\u003e distributed under [MPL 2.0](https://www.mozilla.org/en-US/MPL/2.0/). If you encounter a bug or missing feature,\n\u003e first check the [`pulumi-descope` repo](https://github.com/descope/pulumi-descope/issues); however, if that doesn't turn up anything,\n\u003e please consult the source [`terraform-provider-descope` repo](https://github.com/descope/terraform-provider-descope/issues).","compatibility":"tfbridge20","respectSchemaVersion":true,"pyproject":{"enabled":true}}},"config":{"variables":{"baseUrl":{"type":"string","description":"An optional base URL for the Descope API"},"managementKey":{"type":"string","description":"A valid management key for your Descope company","secret":true},"projectId":{"type":"string","deprecationMessage":"The\u003cspan pulumi-lang-nodejs=\" projectId \" pulumi-lang-dotnet=\" ProjectId \" pulumi-lang-go=\" projectId \" pulumi-lang-python=\" project_id \" pulumi-lang-yaml=\" projectId \" pulumi-lang-java=\" projectId \"\u003e project_id \u003c/span\u003eattribute in the 'descope' provider block is no longer required and can be safely removed"}}},"types":{"descope:index/ProjectApplications:ProjectApplications":{"properties":{"oidcApplications":{"type":"array","items":{"$ref":"#/types/descope:index/ProjectApplicationsOidcApplication:ProjectApplicationsOidcApplication"},"description":"Applications using OpenID Connect (OIDC) for authentication.\n"},"samlApplications":{"type":"array","items":{"$ref":"#/types/descope:index/ProjectApplicationsSamlApplication:ProjectApplicationsSamlApplication"},"description":"Applications using SAML for authentication.\n"}},"type":"object","language":{"nodejs":{"requiredOutputs":["oidcApplications","samlApplications"]}}},"descope:index/ProjectApplicationsOidcApplication:ProjectApplicationsOidcApplication":{"properties":{"claims":{"type":"array","items":{"type":"string"},"description":"A list of supported claims. e.g. \u003cspan pulumi-lang-nodejs=\"`sub`\" pulumi-lang-dotnet=\"`Sub`\" pulumi-lang-go=\"`sub`\" pulumi-lang-python=\"`sub`\" pulumi-lang-yaml=\"`sub`\" pulumi-lang-java=\"`sub`\"\u003e`sub`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`email`\" pulumi-lang-dotnet=\"`Email`\" pulumi-lang-go=\"`email`\" pulumi-lang-python=\"`email`\" pulumi-lang-yaml=\"`email`\" pulumi-lang-java=\"`email`\"\u003e`email`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`exp`\" pulumi-lang-dotnet=\"`Exp`\" pulumi-lang-go=\"`exp`\" pulumi-lang-python=\"`exp`\" pulumi-lang-yaml=\"`exp`\" pulumi-lang-java=\"`exp`\"\u003e`exp`\u003c/span\u003e.\n"},"description":{"type":"string","description":"A description for the OIDC application.\n"},"disabled":{"type":"boolean","description":"Whether the application should be enabled or disabled.\n"},"forceAuthentication":{"type":"boolean","description":"This configuration overrides the default behavior of the SSO application and forces the user to authenticate via the Descope flow, regardless of the SP's request.\n"},"id":{"type":"string","description":"An optional identifier for the OIDC application.\n"},"loginPageUrl":{"type":"string","description":"The Flow Hosting URL. Read more about using this parameter with custom domain [here](https://docs.descope.com/sso-integrations/applications/saml-apps).\n"},"logo":{"type":"string","description":"A logo for the OIDC application. Should be a hosted image URL.\n"},"name":{"type":"string","description":"A name for the OIDC application.\n"}},"type":"object","required":["name"],"language":{"nodejs":{"requiredOutputs":["claims","description","disabled","forceAuthentication","id","loginPageUrl","logo","name"]}}},"descope:index/ProjectApplicationsSamlApplication:ProjectApplicationsSamlApplication":{"properties":{"acsAllowedCallbackUrls":{"type":"array","items":{"type":"string"},"description":"A list of allowed ACS callback URLS. This configuration is used when the default ACS URL value is unreachable. Supports wildcards.\n"},"attributeMappings":{"type":"array","items":{"$ref":"#/types/descope:index/ProjectApplicationsSamlApplicationAttributeMapping:ProjectApplicationsSamlApplicationAttributeMapping"},"description":"The `AttributeMapping` object. Read the description below.\n"},"defaultRelayState":{"type":"string","description":"The default relay state. When using IdP-initiated authentication, this value may be used as a URL to a resource in the Service Provider.\n"},"description":{"type":"string","description":"A description for the SAML application.\n"},"disabled":{"type":"boolean","description":"Whether the application should be enabled or disabled.\n"},"dynamicConfiguration":{"$ref":"#/types/descope:index/ProjectApplicationsSamlApplicationDynamicConfiguration:ProjectApplicationsSamlApplicationDynamicConfiguration","description":"The `DynamicConfiguration` object. Read the description below.\n"},"forceAuthentication":{"type":"boolean","description":"This configuration overrides the default behavior of the SSO application and forces the user to authenticate via the Descope flow, regardless of the SP's request.\n"},"id":{"type":"string","description":"An optional identifier for the SAML application.\n"},"loginPageUrl":{"type":"string","description":"The Flow Hosting URL. Read more about using this parameter with custom domain [here](https://docs.descope.com/sso-integrations/applications/saml-apps).\n"},"logo":{"type":"string","description":"A logo for the SAML application. Should be a hosted image URL.\n"},"manualConfiguration":{"$ref":"#/types/descope:index/ProjectApplicationsSamlApplicationManualConfiguration:ProjectApplicationsSamlApplicationManualConfiguration","description":"The `ManualConfiguration` object. Read the description below.\n"},"name":{"type":"string","description":"A name for the SAML application.\n"},"subjectNameIdFormat":{"type":"string","description":"The subject name id format. Choose one of \"\", \"urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified\", \"urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress\", \"urn:oasis:names:tc:SAML:2.0:nameid-format:persistent\", \"urn:oasis:names:tc:SAML:2.0:nameid-format:transient\". Read more about this configuration [here](https://docs.descope.com/sso-integrations/applications/saml-apps).\n"},"subjectNameIdType":{"type":"string","description":"The subject name id type. Choose one of \"\", \"email\", \"phone\". Read more about this configuration [here](https://docs.descope.com/sso-integrations/applications/saml-apps).\n"}},"type":"object","required":["name"],"language":{"nodejs":{"requiredOutputs":["acsAllowedCallbackUrls","attributeMappings","defaultRelayState","description","disabled","dynamicConfiguration","forceAuthentication","id","loginPageUrl","logo","manualConfiguration","name","subjectNameIdFormat","subjectNameIdType"]}}},"descope:index/ProjectApplicationsSamlApplicationAttributeMapping:ProjectApplicationsSamlApplicationAttributeMapping":{"properties":{"name":{"type":"string","description":"The name of the attribute.\n"},"value":{"type":"string","description":"The value of the attribute.\n"}},"type":"object","required":["name","value"]},"descope:index/ProjectApplicationsSamlApplicationDynamicConfiguration:ProjectApplicationsSamlApplicationDynamicConfiguration":{"properties":{"metadataUrl":{"type":"string","description":"The metadata URL when retrieving the connection details dynamically.\n"}},"type":"object","required":["metadataUrl"]},"descope:index/ProjectApplicationsSamlApplicationManualConfiguration:ProjectApplicationsSamlApplicationManualConfiguration":{"properties":{"acsUrl":{"type":"string","description":"Enter the `ACS URL` from the SP.\n"},"certificate":{"type":"string","description":"Enter the `Certificate` from the SP.\n"},"entityId":{"type":"string","description":"Enter the `Entity Id` from the SP.\n"}},"type":"object","required":["acsUrl","entityId"],"language":{"nodejs":{"requiredOutputs":["acsUrl","certificate","entityId"]}}},"descope:index/ProjectAttributes:ProjectAttributes":{"properties":{"tenants":{"type":"array","items":{"$ref":"#/types/descope:index/ProjectAttributesTenant:ProjectAttributesTenant"},"description":"A list of `TenantAttribute`. Read the description below.\n"},"users":{"type":"array","items":{"$ref":"#/types/descope:index/ProjectAttributesUser:ProjectAttributesUser"},"description":"A list of `UserAttribute`. Read the description below.\n"}},"type":"object","language":{"nodejs":{"requiredOutputs":["tenants","users"]}}},"descope:index/ProjectAttributesTenant:ProjectAttributesTenant":{"properties":{"authorization":{"$ref":"#/types/descope:index/ProjectAttributesTenantAuthorization:ProjectAttributesTenantAuthorization","description":"Determines the required permissions for this tenant.\n"},"id":{"type":"string","description":"An optional identifier for the attribute. This value is called `Machine Name` in the Descope console. If a value is not provided then an appropriate one will be created from the value of \u003cspan pulumi-lang-nodejs=\"`name`\" pulumi-lang-dotnet=\"`Name`\" pulumi-lang-go=\"`name`\" pulumi-lang-python=\"`name`\" pulumi-lang-yaml=\"`name`\" pulumi-lang-java=\"`name`\"\u003e`name`\u003c/span\u003e.\n"},"name":{"type":"string","description":"The name of the attribute. This value is called `Display Name` in the Descope console.\n"},"selectOptions":{"type":"array","items":{"type":"string"},"description":"When the attribute type is \"multiselect\". A list of options to choose from.\n"},"type":{"type":"string","description":"The type of the attribute. Choose one of \"string\", \"number\", \"boolean\", \"singleselect\", \"multiselect\", \"date\".\n"}},"type":"object","required":["name","type"],"language":{"nodejs":{"requiredOutputs":["authorization","id","name","selectOptions","type"]}}},"descope:index/ProjectAttributesTenantAuthorization:ProjectAttributesTenantAuthorization":{"properties":{"viewPermissions":{"type":"array","items":{"type":"string"},"description":"Determines the required permissions for this tenant.\n"}},"type":"object","language":{"nodejs":{"requiredOutputs":["viewPermissions"]}}},"descope:index/ProjectAttributesUser:ProjectAttributesUser":{"properties":{"id":{"type":"string","description":"An optional identifier for the attribute. This value is called `Machine Name` in the Descope console. If a value is not provided then an appropriate one will be created from the value of \u003cspan pulumi-lang-nodejs=\"`name`\" pulumi-lang-dotnet=\"`Name`\" pulumi-lang-go=\"`name`\" pulumi-lang-python=\"`name`\" pulumi-lang-yaml=\"`name`\" pulumi-lang-java=\"`name`\"\u003e`name`\u003c/span\u003e.\n"},"name":{"type":"string","description":"The name of the attribute. This value is called `Display Name` in the Descope console.\n"},"selectOptions":{"type":"array","items":{"type":"string"},"description":"When the attribute type is \"multiselect\". A list of options to choose from.\n"},"type":{"type":"string","description":"The type of the attribute. Choose one of \"string\", \"number\", \"boolean\", \"singleselect\", \"multiselect\", \"date\".\n"},"widgetAuthorization":{"$ref":"#/types/descope:index/ProjectAttributesUserWidgetAuthorization:ProjectAttributesUserWidgetAuthorization","description":"Determines the permissions users are required to have to access this attribute in the user management widget.\n"}},"type":"object","required":["name","type"],"language":{"nodejs":{"requiredOutputs":["id","name","selectOptions","type","widgetAuthorization"]}}},"descope:index/ProjectAttributesUserWidgetAuthorization:ProjectAttributesUserWidgetAuthorization":{"properties":{"editPermissions":{"type":"array","items":{"type":"string"},"description":"The permissions users are required to have to edit this attribute in the user management widget.\n"},"viewPermissions":{"type":"array","items":{"type":"string"},"description":"The permissions users are required to have to view this attribute in the user management widget.\n"}},"type":"object","language":{"nodejs":{"requiredOutputs":["editPermissions","viewPermissions"]}}},"descope:index/ProjectAuthentication:ProjectAuthentication":{"properties":{"embeddedLink":{"$ref":"#/types/descope:index/ProjectAuthenticationEmbeddedLink:ProjectAuthenticationEmbeddedLink","description":"Make the authentication experience smoother for the user by generating their initial token in a way that does not require the end user to initiate the process, requiring only verification.\n"},"enchantedLink":{"$ref":"#/types/descope:index/ProjectAuthenticationEnchantedLink:ProjectAuthenticationEnchantedLink","description":"An enhanced and more secure version of Magic Link, enabling users to start the authentication process on one device and execute the verification on another.\n"},"magicLink":{"$ref":"#/types/descope:index/ProjectAuthenticationMagicLink:ProjectAuthenticationMagicLink","description":"An authentication method where a user receives a unique link via email to log in.\n"},"oauth":{"$ref":"#/types/descope:index/ProjectAuthenticationOauth:ProjectAuthenticationOauth","description":"Authentication using Open Authorization, which allows users to authenticate with various external services.\n"},"otp":{"$ref":"#/types/descope:index/ProjectAuthenticationOtp:ProjectAuthenticationOtp","description":"A dynamically generated set of numbers, granting the user one-time access.\n"},"passkeys":{"$ref":"#/types/descope:index/ProjectAuthenticationPasskeys:ProjectAuthenticationPasskeys","description":"Device-based passwordless authentication, using fingerprint, face scan, and more.\n"},"password":{"$ref":"#/types/descope:index/ProjectAuthenticationPassword:ProjectAuthenticationPassword","description":"The classic username and password combination used for authentication.\n"},"sso":{"$ref":"#/types/descope:index/ProjectAuthenticationSso:ProjectAuthenticationSso","description":"Single Sign-On (SSO) authentication method that enables users to access multiple applications with a single set of credentials.\n"},"totp":{"$ref":"#/types/descope:index/ProjectAuthenticationTotp:ProjectAuthenticationTotp","description":"A one-time code generated for the user using a shared secret and time.\n"}},"type":"object","language":{"nodejs":{"requiredOutputs":["embeddedLink","enchantedLink","magicLink","oauth","otp","passkeys","password","sso","totp"]}}},"descope:index/ProjectAuthenticationEmbeddedLink:ProjectAuthenticationEmbeddedLink":{"properties":{"disabled":{"type":"boolean","description":"Setting this to \u003cspan pulumi-lang-nodejs=\"`true`\" pulumi-lang-dotnet=\"`True`\" pulumi-lang-go=\"`true`\" pulumi-lang-python=\"`true`\" pulumi-lang-yaml=\"`true`\" pulumi-lang-java=\"`true`\"\u003e`true`\u003c/span\u003e will disallow using this authentication method directly via API and SDK calls. Note that this does not affect authentication flows that are configured to use this authentication method.\n"},"expirationTime":{"type":"string","description":"How long the embedded link remains valid before it expires.\n"}},"type":"object","language":{"nodejs":{"requiredOutputs":["disabled","expirationTime"]}}},"descope:index/ProjectAuthenticationEnchantedLink:ProjectAuthenticationEnchantedLink":{"properties":{"disabled":{"type":"boolean","description":"Setting this to \u003cspan pulumi-lang-nodejs=\"`true`\" pulumi-lang-dotnet=\"`True`\" pulumi-lang-go=\"`true`\" pulumi-lang-python=\"`true`\" pulumi-lang-yaml=\"`true`\" pulumi-lang-java=\"`true`\"\u003e`true`\u003c/span\u003e will disallow using this authentication method directly via API and SDK calls. Note that this does not affect authentication flows that are configured to use this authentication method.\n"},"emailService":{"$ref":"#/types/descope:index/ProjectAuthenticationEnchantedLinkEmailService:ProjectAuthenticationEnchantedLinkEmailService","description":"Settings related to sending emails as part of the enchanted link authentication.\n"},"expirationTime":{"type":"string","description":"How long the enchanted link remains valid before it expires.\n"},"redirectUrl":{"type":"string","description":"The URL to redirect users to after they log in using the enchanted link.\n"}},"type":"object","language":{"nodejs":{"requiredOutputs":["disabled","emailService","expirationTime","redirectUrl"]}}},"descope:index/ProjectAuthenticationEnchantedLinkEmailService:ProjectAuthenticationEnchantedLinkEmailService":{"properties":{"connector":{"type":"string","description":"The name of the email connector to use for sending emails.\n"},"templates":{"type":"array","items":{"$ref":"#/types/descope:index/ProjectAuthenticationEnchantedLinkEmailServiceTemplate:ProjectAuthenticationEnchantedLinkEmailServiceTemplate"},"description":"A list of email templates for different authentication flows.\n"}},"type":"object","required":["connector"],"language":{"nodejs":{"requiredOutputs":["connector","templates"]}}},"descope:index/ProjectAuthenticationEnchantedLinkEmailServiceTemplate:ProjectAuthenticationEnchantedLinkEmailServiceTemplate":{"properties":{"active":{"type":"boolean","description":"Whether this email template is currently active and in use.\n"},"htmlBody":{"type":"string","description":"HTML content of the email message body, required if \u003cspan pulumi-lang-nodejs=\"`usePlainTextBody`\" pulumi-lang-dotnet=\"`UsePlainTextBody`\" pulumi-lang-go=\"`usePlainTextBody`\" pulumi-lang-python=\"`use_plain_text_body`\" pulumi-lang-yaml=\"`usePlainTextBody`\" pulumi-lang-java=\"`usePlainTextBody`\"\u003e`use_plain_text_body`\u003c/span\u003e isn't set.\n"},"id":{"type":"string"},"name":{"type":"string","description":"Unique name for this email template.\n"},"plainTextBody":{"type":"string","description":"Plain text version of the email message body, required if \u003cspan pulumi-lang-nodejs=\"`usePlainTextBody`\" pulumi-lang-dotnet=\"`UsePlainTextBody`\" pulumi-lang-go=\"`usePlainTextBody`\" pulumi-lang-python=\"`use_plain_text_body`\" pulumi-lang-yaml=\"`usePlainTextBody`\" pulumi-lang-java=\"`usePlainTextBody`\"\u003e`use_plain_text_body`\u003c/span\u003e is set to \u003cspan pulumi-lang-nodejs=\"`true`\" pulumi-lang-dotnet=\"`True`\" pulumi-lang-go=\"`true`\" pulumi-lang-python=\"`true`\" pulumi-lang-yaml=\"`true`\" pulumi-lang-java=\"`true`\"\u003e`true`\u003c/span\u003e.\n"},"subject":{"type":"string","description":"Subject line of the email message.\n"},"usePlainTextBody":{"type":"boolean","description":"Whether to use the plain text body instead of HTML for the email.\n"}},"type":"object","required":["name","subject"],"language":{"nodejs":{"requiredOutputs":["active","htmlBody","id","name","plainTextBody","subject","usePlainTextBody"]}}},"descope:index/ProjectAuthenticationMagicLink:ProjectAuthenticationMagicLink":{"properties":{"disabled":{"type":"boolean","description":"Setting this to \u003cspan pulumi-lang-nodejs=\"`true`\" pulumi-lang-dotnet=\"`True`\" pulumi-lang-go=\"`true`\" pulumi-lang-python=\"`true`\" pulumi-lang-yaml=\"`true`\" pulumi-lang-java=\"`true`\"\u003e`true`\u003c/span\u003e will disallow using this authentication method directly via API and SDK calls. Note that this does not affect authentication flows that are configured to use this authentication method.\n"},"emailService":{"$ref":"#/types/descope:index/ProjectAuthenticationMagicLinkEmailService:ProjectAuthenticationMagicLinkEmailService","description":"Settings related to sending emails as part of the magic link authentication.\n"},"expirationTime":{"type":"string","description":"How long the magic link remains valid before it expires.\n"},"redirectUrl":{"type":"string","description":"The URL to redirect users to after they log in using the magic link.\n"},"textService":{"$ref":"#/types/descope:index/ProjectAuthenticationMagicLinkTextService:ProjectAuthenticationMagicLinkTextService","description":"Settings related to sending SMS messages as part of the magic link authentication.\n"}},"type":"object","language":{"nodejs":{"requiredOutputs":["disabled","emailService","expirationTime","redirectUrl","textService"]}}},"descope:index/ProjectAuthenticationMagicLinkEmailService:ProjectAuthenticationMagicLinkEmailService":{"properties":{"connector":{"type":"string","description":"The name of the email connector to use for sending emails.\n"},"templates":{"type":"array","items":{"$ref":"#/types/descope:index/ProjectAuthenticationMagicLinkEmailServiceTemplate:ProjectAuthenticationMagicLinkEmailServiceTemplate"},"description":"A list of email templates for different authentication flows.\n"}},"type":"object","required":["connector"],"language":{"nodejs":{"requiredOutputs":["connector","templates"]}}},"descope:index/ProjectAuthenticationMagicLinkEmailServiceTemplate:ProjectAuthenticationMagicLinkEmailServiceTemplate":{"properties":{"active":{"type":"boolean","description":"Whether this email template is currently active and in use.\n"},"htmlBody":{"type":"string","description":"HTML content of the email message body, required if \u003cspan pulumi-lang-nodejs=\"`usePlainTextBody`\" pulumi-lang-dotnet=\"`UsePlainTextBody`\" pulumi-lang-go=\"`usePlainTextBody`\" pulumi-lang-python=\"`use_plain_text_body`\" pulumi-lang-yaml=\"`usePlainTextBody`\" pulumi-lang-java=\"`usePlainTextBody`\"\u003e`use_plain_text_body`\u003c/span\u003e isn't set.\n"},"id":{"type":"string"},"name":{"type":"string","description":"Unique name for this email template.\n"},"plainTextBody":{"type":"string","description":"Plain text version of the email message body, required if \u003cspan pulumi-lang-nodejs=\"`usePlainTextBody`\" pulumi-lang-dotnet=\"`UsePlainTextBody`\" pulumi-lang-go=\"`usePlainTextBody`\" pulumi-lang-python=\"`use_plain_text_body`\" pulumi-lang-yaml=\"`usePlainTextBody`\" pulumi-lang-java=\"`usePlainTextBody`\"\u003e`use_plain_text_body`\u003c/span\u003e is set to \u003cspan pulumi-lang-nodejs=\"`true`\" pulumi-lang-dotnet=\"`True`\" pulumi-lang-go=\"`true`\" pulumi-lang-python=\"`true`\" pulumi-lang-yaml=\"`true`\" pulumi-lang-java=\"`true`\"\u003e`true`\u003c/span\u003e.\n"},"subject":{"type":"string","description":"Subject line of the email message.\n"},"usePlainTextBody":{"type":"boolean","description":"Whether to use the plain text body instead of HTML for the email.\n"}},"type":"object","required":["name","subject"],"language":{"nodejs":{"requiredOutputs":["active","htmlBody","id","name","plainTextBody","subject","usePlainTextBody"]}}},"descope:index/ProjectAuthenticationMagicLinkTextService:ProjectAuthenticationMagicLinkTextService":{"properties":{"connector":{"type":"string","description":"The name of the SMS/text connector to use for sending text messages.\n"},"templates":{"type":"array","items":{"$ref":"#/types/descope:index/ProjectAuthenticationMagicLinkTextServiceTemplate:ProjectAuthenticationMagicLinkTextServiceTemplate"},"description":"A list of text message templates for different authentication flows.\n"}},"type":"object","required":["connector"],"language":{"nodejs":{"requiredOutputs":["connector","templates"]}}},"descope:index/ProjectAuthenticationMagicLinkTextServiceTemplate:ProjectAuthenticationMagicLinkTextServiceTemplate":{"properties":{"active":{"type":"boolean","description":"Whether this text template is currently active and in use.\n"},"body":{"type":"string","description":"The content of the text message.\n"},"id":{"type":"string"},"name":{"type":"string","description":"Unique name for this text template.\n"}},"type":"object","required":["body","name"],"language":{"nodejs":{"requiredOutputs":["active","body","id","name"]}}},"descope:index/ProjectAuthenticationOauth:ProjectAuthenticationOauth":{"properties":{"custom":{"type":"object","additionalProperties":{"$ref":"#/types/descope:index/ProjectAuthenticationOauthCustom:ProjectAuthenticationOauthCustom"},"description":"Custom OAuth providers configured for this project.\n"},"disabled":{"type":"boolean","description":"Setting this to \u003cspan pulumi-lang-nodejs=\"`true`\" pulumi-lang-dotnet=\"`True`\" pulumi-lang-go=\"`true`\" pulumi-lang-python=\"`true`\" pulumi-lang-yaml=\"`true`\" pulumi-lang-java=\"`true`\"\u003e`true`\u003c/span\u003e will disallow using this authentication method directly via API and SDK calls. Note that this does not affect authentication flows that are configured to use this authentication method.\n"},"system":{"$ref":"#/types/descope:index/ProjectAuthenticationOauthSystem:ProjectAuthenticationOauthSystem","description":"Custom configurations for builtin OAuth providers such as Apple, Google, GitHub, Facebook, etc.\n"}},"type":"object","language":{"nodejs":{"requiredOutputs":["custom","disabled","system"]}}},"descope:index/ProjectAuthenticationOauthCustom:ProjectAuthenticationOauthCustom":{"properties":{"allowedGrantTypes":{"type":"array","items":{"type":"string"},"description":"The type of grants (\u003cspan pulumi-lang-nodejs=\"`authorizationCode`\" pulumi-lang-dotnet=\"`AuthorizationCode`\" pulumi-lang-go=\"`authorizationCode`\" pulumi-lang-python=\"`authorization_code`\" pulumi-lang-yaml=\"`authorizationCode`\" pulumi-lang-java=\"`authorizationCode`\"\u003e`authorization_code`\u003c/span\u003e or \u003cspan pulumi-lang-nodejs=\"`implicit`\" pulumi-lang-dotnet=\"`Implicit`\" pulumi-lang-go=\"`implicit`\" pulumi-lang-python=\"`implicit`\" pulumi-lang-yaml=\"`implicit`\" pulumi-lang-java=\"`implicit`\"\u003e`implicit`\u003c/span\u003e) to allow when requesting access tokens from the OAuth provider.\n"},"appleKeyGenerator":{"$ref":"#/types/descope:index/ProjectAuthenticationOauthCustomAppleKeyGenerator:ProjectAuthenticationOauthCustomAppleKeyGenerator","description":"The apple key generator object describing how to create a dynamic apple client secret for applications.\n"},"authorizationEndpoint":{"type":"string","description":"The URL that users are redirected to for authorization with the OAuth provider.\n"},"callbackDomain":{"type":"string","description":"Use a custom domain in your OAuth verification screen.\n"},"claimMapping":{"type":"object","additionalProperties":{"type":"string"},"description":"Maps OAuth provider claims to Descope user attributes.\n"},"clientId":{"type":"string","description":"The client ID for the OAuth provider, used to identify the application to the provider.\n"},"clientSecret":{"type":"string","description":"The client secret for the OAuth provider, used to authenticate the application with the provider.\n","secret":true},"description":{"type":"string","description":"A brief description of the OAuth provider.\n"},"disableJitUpdates":{"type":"boolean","description":"By default the user attribute mapping configuration is used to update the user's attributes automatically during sign in. Disable this if you want this to happen only during user creation.\n"},"disabled":{"type":"boolean","description":"Setting this to \u003cspan pulumi-lang-nodejs=\"`true`\" pulumi-lang-dotnet=\"`True`\" pulumi-lang-go=\"`true`\" pulumi-lang-python=\"`true`\" pulumi-lang-yaml=\"`true`\" pulumi-lang-java=\"`true`\"\u003e`true`\u003c/span\u003e will disallow using this authentication method directly via API and SDK calls. Note that this does not affect authentication flows that are configured to use this authentication method.\n"},"issuer":{"type":"string","description":"The issuer identifier for the OAuth provider.\n"},"jwksEndpoint":{"type":"string","description":"The URL where the application can retrieve JSON Web Key Sets (JWKS) for the OAuth provider.\n"},"logo":{"type":"string","description":"The URL of the logo associated with the OAuth provider.\n"},"manageProviderTokens":{"type":"boolean","description":"Whether to enable provider token management for this OAuth provider.\n"},"mergeUserAccounts":{"type":"boolean","description":"Whether to merge existing user accounts with new ones created through OAuth authentication.\n"},"nativeAppleKeyGenerator":{"$ref":"#/types/descope:index/ProjectAuthenticationOauthCustomNativeAppleKeyGenerator:ProjectAuthenticationOauthCustomNativeAppleKeyGenerator","description":"The apple key generator object describing how to create a dynamic native apple client secret for mobile apps.\n"},"nativeClientId":{"type":"string","description":"The client ID for the OAuth provider, used for Sign in with Apple in mobile apps.\n"},"nativeClientSecret":{"type":"string","description":"The client secret for the OAuth provider, used for Sign in with Apple in mobile apps.\n","secret":true},"prompts":{"type":"array","items":{"type":"string"},"description":"Custom prompts or consent screens that users may see during OAuth authentication.\n"},"providerTokenManagement":{"$ref":"#/types/descope:index/ProjectAuthenticationOauthCustomProviderTokenManagement:ProjectAuthenticationOauthCustomProviderTokenManagement","description":"This attribute is deprecated, use the \u003cspan pulumi-lang-nodejs=\"`manageProviderTokens`\" pulumi-lang-dotnet=\"`ManageProviderTokens`\" pulumi-lang-go=\"`manageProviderTokens`\" pulumi-lang-python=\"`manage_provider_tokens`\" pulumi-lang-yaml=\"`manageProviderTokens`\" pulumi-lang-java=\"`manageProviderTokens`\"\u003e`manage_provider_tokens`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`callbackDomain`\" pulumi-lang-dotnet=\"`CallbackDomain`\" pulumi-lang-go=\"`callbackDomain`\" pulumi-lang-python=\"`callback_domain`\" pulumi-lang-yaml=\"`callbackDomain`\" pulumi-lang-java=\"`callbackDomain`\"\u003e`callback_domain`\u003c/span\u003e, and \u003cspan pulumi-lang-nodejs=\"`redirectUrl`\" pulumi-lang-dotnet=\"`RedirectUrl`\" pulumi-lang-go=\"`redirectUrl`\" pulumi-lang-python=\"`redirect_url`\" pulumi-lang-yaml=\"`redirectUrl`\" pulumi-lang-java=\"`redirectUrl`\"\u003e`redirect_url`\u003c/span\u003e fields instead.\n"},"redirectUrl":{"type":"string","description":"Users will be directed to this URL after authentication. If redirect URL is specified in the SDK/API call, it will override this value.\n"},"scopes":{"type":"array","items":{"type":"string"},"description":"Scopes of access that the application requests from the user's account on the OAuth provider.\n"},"tokenEndpoint":{"type":"string","description":"The URL where the application requests an access token from the OAuth provider.\n"},"useClientAssertion":{"type":"boolean","description":"Use private key JWT (client assertion) instead of client secret.\n"},"userInfoEndpoint":{"type":"string","description":"The URL where the application retrieves user information from the OAuth provider.\n"}},"type":"object","language":{"nodejs":{"requiredOutputs":["allowedGrantTypes","appleKeyGenerator","authorizationEndpoint","callbackDomain","claimMapping","clientId","clientSecret","description","disableJitUpdates","disabled","issuer","jwksEndpoint","logo","manageProviderTokens","mergeUserAccounts","nativeAppleKeyGenerator","nativeClientId","nativeClientSecret","prompts","providerTokenManagement","redirectUrl","scopes","tokenEndpoint","useClientAssertion","userInfoEndpoint"]}}},"descope:index/ProjectAuthenticationOauthCustomAppleKeyGenerator:ProjectAuthenticationOauthCustomAppleKeyGenerator":{"properties":{"keyId":{"type":"string","description":"The apple generator key id produced by Apple.\n"},"privateKey":{"type":"string","description":"The apple generator private key produced by Apple.\n","secret":true},"teamId":{"type":"string","description":"The apple generator team id assigned to the key by Apple.\n"}},"type":"object","required":["keyId","privateKey","teamId"]},"descope:index/ProjectAuthenticationOauthCustomNativeAppleKeyGenerator:ProjectAuthenticationOauthCustomNativeAppleKeyGenerator":{"properties":{"keyId":{"type":"string","description":"The apple generator key id produced by Apple.\n"},"privateKey":{"type":"string","description":"The apple generator private key produced by Apple.\n","secret":true},"teamId":{"type":"string","description":"The apple generator team id assigned to the key by Apple.\n"}},"type":"object","required":["keyId","privateKey","teamId"]},"descope:index/ProjectAuthenticationOauthCustomProviderTokenManagement:ProjectAuthenticationOauthCustomProviderTokenManagement":{"type":"object"},"descope:index/ProjectAuthenticationOauthSystem:ProjectAuthenticationOauthSystem":{"properties":{"apple":{"$ref":"#/types/descope:index/ProjectAuthenticationOauthSystemApple:ProjectAuthenticationOauthSystemApple","description":"Apple's OAuth provider, allowing users to authenticate with their Apple Account.\n"},"discord":{"$ref":"#/types/descope:index/ProjectAuthenticationOauthSystemDiscord:ProjectAuthenticationOauthSystemDiscord","description":"Discord's OAuth provider, allowing users to authenticate with their Discord account.\n"},"facebook":{"$ref":"#/types/descope:index/ProjectAuthenticationOauthSystemFacebook:ProjectAuthenticationOauthSystemFacebook","description":"Facebook's OAuth provider, allowing users to authenticate with their Facebook account.\n"},"github":{"$ref":"#/types/descope:index/ProjectAuthenticationOauthSystemGithub:ProjectAuthenticationOauthSystemGithub","description":"GitHub's OAuth provider, allowing users to authenticate with their GitHub account.\n"},"gitlab":{"$ref":"#/types/descope:index/ProjectAuthenticationOauthSystemGitlab:ProjectAuthenticationOauthSystemGitlab","description":"GitLab's OAuth provider, allowing users to authenticate with their GitLab account.\n"},"google":{"$ref":"#/types/descope:index/ProjectAuthenticationOauthSystemGoogle:ProjectAuthenticationOauthSystemGoogle","description":"Google's OAuth provider, allowing users to authenticate with their Google account.\n"},"linkedin":{"$ref":"#/types/descope:index/ProjectAuthenticationOauthSystemLinkedin:ProjectAuthenticationOauthSystemLinkedin","description":"LinkedIn's OAuth provider, allowing users to authenticate with their LinkedIn account.\n"},"microsoft":{"$ref":"#/types/descope:index/ProjectAuthenticationOauthSystemMicrosoft:ProjectAuthenticationOauthSystemMicrosoft","description":"Microsoft's OAuth provider, allowing users to authenticate with their Microsoft account.\n"},"slack":{"$ref":"#/types/descope:index/ProjectAuthenticationOauthSystemSlack:ProjectAuthenticationOauthSystemSlack","description":"Slack's OAuth provider, allowing users to authenticate with their Slack account.\n"}},"type":"object","language":{"nodejs":{"requiredOutputs":["apple","discord","facebook","github","gitlab","google","linkedin","microsoft","slack"]}}},"descope:index/ProjectAuthenticationOauthSystemApple:ProjectAuthenticationOauthSystemApple":{"properties":{"allowedGrantTypes":{"type":"array","items":{"type":"string"},"description":"The type of grants (\u003cspan pulumi-lang-nodejs=\"`authorizationCode`\" pulumi-lang-dotnet=\"`AuthorizationCode`\" pulumi-lang-go=\"`authorizationCode`\" pulumi-lang-python=\"`authorization_code`\" pulumi-lang-yaml=\"`authorizationCode`\" pulumi-lang-java=\"`authorizationCode`\"\u003e`authorization_code`\u003c/span\u003e or \u003cspan pulumi-lang-nodejs=\"`implicit`\" pulumi-lang-dotnet=\"`Implicit`\" pulumi-lang-go=\"`implicit`\" pulumi-lang-python=\"`implicit`\" pulumi-lang-yaml=\"`implicit`\" pulumi-lang-java=\"`implicit`\"\u003e`implicit`\u003c/span\u003e) to allow when requesting access tokens from the OAuth provider.\n"},"appleKeyGenerator":{"$ref":"#/types/descope:index/ProjectAuthenticationOauthSystemAppleAppleKeyGenerator:ProjectAuthenticationOauthSystemAppleAppleKeyGenerator","description":"The apple key generator object describing how to create a dynamic apple client secret for applications.\n"},"authorizationEndpoint":{"type":"string","description":"The URL that users are redirected to for authorization with the OAuth provider.\n"},"callbackDomain":{"type":"string","description":"Use a custom domain in your OAuth verification screen.\n"},"claimMapping":{"type":"object","additionalProperties":{"type":"string"},"description":"Maps OAuth provider claims to Descope user attributes.\n"},"clientId":{"type":"string","description":"The client ID for the OAuth provider, used to identify the application to the provider.\n"},"clientSecret":{"type":"string","description":"The client secret for the OAuth provider, used to authenticate the application with the provider.\n","secret":true},"description":{"type":"string","description":"A brief description of the OAuth provider.\n"},"disableJitUpdates":{"type":"boolean","description":"By default the user attribute mapping configuration is used to update the user's attributes automatically during sign in. Disable this if you want this to happen only during user creation.\n"},"disabled":{"type":"boolean","description":"Setting this to \u003cspan pulumi-lang-nodejs=\"`true`\" pulumi-lang-dotnet=\"`True`\" pulumi-lang-go=\"`true`\" pulumi-lang-python=\"`true`\" pulumi-lang-yaml=\"`true`\" pulumi-lang-java=\"`true`\"\u003e`true`\u003c/span\u003e will disallow using this authentication method directly via API and SDK calls. Note that this does not affect authentication flows that are configured to use this authentication method.\n"},"issuer":{"type":"string","description":"The issuer identifier for the OAuth provider.\n"},"jwksEndpoint":{"type":"string","description":"The URL where the application can retrieve JSON Web Key Sets (JWKS) for the OAuth provider.\n"},"logo":{"type":"string","description":"The URL of the logo associated with the OAuth provider.\n"},"manageProviderTokens":{"type":"boolean","description":"Whether to enable provider token management for this OAuth provider.\n"},"mergeUserAccounts":{"type":"boolean","description":"Whether to merge existing user accounts with new ones created through OAuth authentication.\n"},"nativeAppleKeyGenerator":{"$ref":"#/types/descope:index/ProjectAuthenticationOauthSystemAppleNativeAppleKeyGenerator:ProjectAuthenticationOauthSystemAppleNativeAppleKeyGenerator","description":"The apple key generator object describing how to create a dynamic native apple client secret for mobile apps.\n"},"nativeClientId":{"type":"string","description":"The client ID for the OAuth provider, used for Sign in with Apple in mobile apps.\n"},"nativeClientSecret":{"type":"string","description":"The client secret for the OAuth provider, used for Sign in with Apple in mobile apps.\n","secret":true},"prompts":{"type":"array","items":{"type":"string"},"description":"Custom prompts or consent screens that users may see during OAuth authentication.\n"},"providerTokenManagement":{"$ref":"#/types/descope:index/ProjectAuthenticationOauthSystemAppleProviderTokenManagement:ProjectAuthenticationOauthSystemAppleProviderTokenManagement","description":"This attribute is deprecated, use the \u003cspan pulumi-lang-nodejs=\"`manageProviderTokens`\" pulumi-lang-dotnet=\"`ManageProviderTokens`\" pulumi-lang-go=\"`manageProviderTokens`\" pulumi-lang-python=\"`manage_provider_tokens`\" pulumi-lang-yaml=\"`manageProviderTokens`\" pulumi-lang-java=\"`manageProviderTokens`\"\u003e`manage_provider_tokens`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`callbackDomain`\" pulumi-lang-dotnet=\"`CallbackDomain`\" pulumi-lang-go=\"`callbackDomain`\" pulumi-lang-python=\"`callback_domain`\" pulumi-lang-yaml=\"`callbackDomain`\" pulumi-lang-java=\"`callbackDomain`\"\u003e`callback_domain`\u003c/span\u003e, and \u003cspan pulumi-lang-nodejs=\"`redirectUrl`\" pulumi-lang-dotnet=\"`RedirectUrl`\" pulumi-lang-go=\"`redirectUrl`\" pulumi-lang-python=\"`redirect_url`\" pulumi-lang-yaml=\"`redirectUrl`\" pulumi-lang-java=\"`redirectUrl`\"\u003e`redirect_url`\u003c/span\u003e fields instead.\n"},"redirectUrl":{"type":"string","description":"Users will be directed to this URL after authentication. If redirect URL is specified in the SDK/API call, it will override this value.\n"},"scopes":{"type":"array","items":{"type":"string"},"description":"Scopes of access that the application requests from the user's account on the OAuth provider.\n"},"tokenEndpoint":{"type":"string","description":"The URL where the application requests an access token from the OAuth provider.\n"},"useClientAssertion":{"type":"boolean","description":"Use private key JWT (client assertion) instead of client secret.\n"},"userInfoEndpoint":{"type":"string","description":"The URL where the application retrieves user information from the OAuth provider.\n"}},"type":"object","language":{"nodejs":{"requiredOutputs":["allowedGrantTypes","appleKeyGenerator","authorizationEndpoint","callbackDomain","claimMapping","clientId","clientSecret","description","disableJitUpdates","disabled","issuer","jwksEndpoint","logo","manageProviderTokens","mergeUserAccounts","nativeAppleKeyGenerator","nativeClientId","nativeClientSecret","prompts","providerTokenManagement","redirectUrl","scopes","tokenEndpoint","useClientAssertion","userInfoEndpoint"]}}},"descope:index/ProjectAuthenticationOauthSystemAppleAppleKeyGenerator:ProjectAuthenticationOauthSystemAppleAppleKeyGenerator":{"properties":{"keyId":{"type":"string","description":"The apple generator key id produced by Apple.\n"},"privateKey":{"type":"string","description":"The apple generator private key produced by Apple.\n","secret":true},"teamId":{"type":"string","description":"The apple generator team id assigned to the key by Apple.\n"}},"type":"object","required":["keyId","privateKey","teamId"]},"descope:index/ProjectAuthenticationOauthSystemAppleNativeAppleKeyGenerator:ProjectAuthenticationOauthSystemAppleNativeAppleKeyGenerator":{"properties":{"keyId":{"type":"string","description":"The apple generator key id produced by Apple.\n"},"privateKey":{"type":"string","description":"The apple generator private key produced by Apple.\n","secret":true},"teamId":{"type":"string","description":"The apple generator team id assigned to the key by Apple.\n"}},"type":"object","required":["keyId","privateKey","teamId"]},"descope:index/ProjectAuthenticationOauthSystemAppleProviderTokenManagement:ProjectAuthenticationOauthSystemAppleProviderTokenManagement":{"type":"object"},"descope:index/ProjectAuthenticationOauthSystemDiscord:ProjectAuthenticationOauthSystemDiscord":{"properties":{"allowedGrantTypes":{"type":"array","items":{"type":"string"},"description":"The type of grants (\u003cspan pulumi-lang-nodejs=\"`authorizationCode`\" pulumi-lang-dotnet=\"`AuthorizationCode`\" pulumi-lang-go=\"`authorizationCode`\" pulumi-lang-python=\"`authorization_code`\" pulumi-lang-yaml=\"`authorizationCode`\" pulumi-lang-java=\"`authorizationCode`\"\u003e`authorization_code`\u003c/span\u003e or \u003cspan pulumi-lang-nodejs=\"`implicit`\" pulumi-lang-dotnet=\"`Implicit`\" pulumi-lang-go=\"`implicit`\" pulumi-lang-python=\"`implicit`\" pulumi-lang-yaml=\"`implicit`\" pulumi-lang-java=\"`implicit`\"\u003e`implicit`\u003c/span\u003e) to allow when requesting access tokens from the OAuth provider.\n"},"appleKeyGenerator":{"$ref":"#/types/descope:index/ProjectAuthenticationOauthSystemDiscordAppleKeyGenerator:ProjectAuthenticationOauthSystemDiscordAppleKeyGenerator","description":"The apple key generator object describing how to create a dynamic apple client secret for applications.\n"},"authorizationEndpoint":{"type":"string","description":"The URL that users are redirected to for authorization with the OAuth provider.\n"},"callbackDomain":{"type":"string","description":"Use a custom domain in your OAuth verification screen.\n"},"claimMapping":{"type":"object","additionalProperties":{"type":"string"},"description":"Maps OAuth provider claims to Descope user attributes.\n"},"clientId":{"type":"string","description":"The client ID for the OAuth provider, used to identify the application to the provider.\n"},"clientSecret":{"type":"string","description":"The client secret for the OAuth provider, used to authenticate the application with the provider.\n","secret":true},"description":{"type":"string","description":"A brief description of the OAuth provider.\n"},"disableJitUpdates":{"type":"boolean","description":"By default the user attribute mapping configuration is used to update the user's attributes automatically during sign in. Disable this if you want this to happen only during user creation.\n"},"disabled":{"type":"boolean","description":"Setting this to \u003cspan pulumi-lang-nodejs=\"`true`\" pulumi-lang-dotnet=\"`True`\" pulumi-lang-go=\"`true`\" pulumi-lang-python=\"`true`\" pulumi-lang-yaml=\"`true`\" pulumi-lang-java=\"`true`\"\u003e`true`\u003c/span\u003e will disallow using this authentication method directly via API and SDK calls. Note that this does not affect authentication flows that are configured to use this authentication method.\n"},"issuer":{"type":"string","description":"The issuer identifier for the OAuth provider.\n"},"jwksEndpoint":{"type":"string","description":"The URL where the application can retrieve JSON Web Key Sets (JWKS) for the OAuth provider.\n"},"logo":{"type":"string","description":"The URL of the logo associated with the OAuth provider.\n"},"manageProviderTokens":{"type":"boolean","description":"Whether to enable provider token management for this OAuth provider.\n"},"mergeUserAccounts":{"type":"boolean","description":"Whether to merge existing user accounts with new ones created through OAuth authentication.\n"},"nativeAppleKeyGenerator":{"$ref":"#/types/descope:index/ProjectAuthenticationOauthSystemDiscordNativeAppleKeyGenerator:ProjectAuthenticationOauthSystemDiscordNativeAppleKeyGenerator","description":"The apple key generator object describing how to create a dynamic native apple client secret for mobile apps.\n"},"nativeClientId":{"type":"string","description":"The client ID for the OAuth provider, used for Sign in with Apple in mobile apps.\n"},"nativeClientSecret":{"type":"string","description":"The client secret for the OAuth provider, used for Sign in with Apple in mobile apps.\n","secret":true},"prompts":{"type":"array","items":{"type":"string"},"description":"Custom prompts or consent screens that users may see during OAuth authentication.\n"},"providerTokenManagement":{"$ref":"#/types/descope:index/ProjectAuthenticationOauthSystemDiscordProviderTokenManagement:ProjectAuthenticationOauthSystemDiscordProviderTokenManagement","description":"This attribute is deprecated, use the \u003cspan pulumi-lang-nodejs=\"`manageProviderTokens`\" pulumi-lang-dotnet=\"`ManageProviderTokens`\" pulumi-lang-go=\"`manageProviderTokens`\" pulumi-lang-python=\"`manage_provider_tokens`\" pulumi-lang-yaml=\"`manageProviderTokens`\" pulumi-lang-java=\"`manageProviderTokens`\"\u003e`manage_provider_tokens`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`callbackDomain`\" pulumi-lang-dotnet=\"`CallbackDomain`\" pulumi-lang-go=\"`callbackDomain`\" pulumi-lang-python=\"`callback_domain`\" pulumi-lang-yaml=\"`callbackDomain`\" pulumi-lang-java=\"`callbackDomain`\"\u003e`callback_domain`\u003c/span\u003e, and \u003cspan pulumi-lang-nodejs=\"`redirectUrl`\" pulumi-lang-dotnet=\"`RedirectUrl`\" pulumi-lang-go=\"`redirectUrl`\" pulumi-lang-python=\"`redirect_url`\" pulumi-lang-yaml=\"`redirectUrl`\" pulumi-lang-java=\"`redirectUrl`\"\u003e`redirect_url`\u003c/span\u003e fields instead.\n"},"redirectUrl":{"type":"string","description":"Users will be directed to this URL after authentication. If redirect URL is specified in the SDK/API call, it will override this value.\n"},"scopes":{"type":"array","items":{"type":"string"},"description":"Scopes of access that the application requests from the user's account on the OAuth provider.\n"},"tokenEndpoint":{"type":"string","description":"The URL where the application requests an access token from the OAuth provider.\n"},"useClientAssertion":{"type":"boolean","description":"Use private key JWT (client assertion) instead of client secret.\n"},"userInfoEndpoint":{"type":"string","description":"The URL where the application retrieves user information from the OAuth provider.\n"}},"type":"object","language":{"nodejs":{"requiredOutputs":["allowedGrantTypes","appleKeyGenerator","authorizationEndpoint","callbackDomain","claimMapping","clientId","clientSecret","description","disableJitUpdates","disabled","issuer","jwksEndpoint","logo","manageProviderTokens","mergeUserAccounts","nativeAppleKeyGenerator","nativeClientId","nativeClientSecret","prompts","providerTokenManagement","redirectUrl","scopes","tokenEndpoint","useClientAssertion","userInfoEndpoint"]}}},"descope:index/ProjectAuthenticationOauthSystemDiscordAppleKeyGenerator:ProjectAuthenticationOauthSystemDiscordAppleKeyGenerator":{"properties":{"keyId":{"type":"string","description":"The apple generator key id produced by Apple.\n"},"privateKey":{"type":"string","description":"The apple generator private key produced by Apple.\n","secret":true},"teamId":{"type":"string","description":"The apple generator team id assigned to the key by Apple.\n"}},"type":"object","required":["keyId","privateKey","teamId"]},"descope:index/ProjectAuthenticationOauthSystemDiscordNativeAppleKeyGenerator:ProjectAuthenticationOauthSystemDiscordNativeAppleKeyGenerator":{"properties":{"keyId":{"type":"string","description":"The apple generator key id produced by Apple.\n"},"privateKey":{"type":"string","description":"The apple generator private key produced by Apple.\n","secret":true},"teamId":{"type":"string","description":"The apple generator team id assigned to the key by Apple.\n"}},"type":"object","required":["keyId","privateKey","teamId"]},"descope:index/ProjectAuthenticationOauthSystemDiscordProviderTokenManagement:ProjectAuthenticationOauthSystemDiscordProviderTokenManagement":{"type":"object"},"descope:index/ProjectAuthenticationOauthSystemFacebook:ProjectAuthenticationOauthSystemFacebook":{"properties":{"allowedGrantTypes":{"type":"array","items":{"type":"string"},"description":"The type of grants (\u003cspan pulumi-lang-nodejs=\"`authorizationCode`\" pulumi-lang-dotnet=\"`AuthorizationCode`\" pulumi-lang-go=\"`authorizationCode`\" pulumi-lang-python=\"`authorization_code`\" pulumi-lang-yaml=\"`authorizationCode`\" pulumi-lang-java=\"`authorizationCode`\"\u003e`authorization_code`\u003c/span\u003e or \u003cspan pulumi-lang-nodejs=\"`implicit`\" pulumi-lang-dotnet=\"`Implicit`\" pulumi-lang-go=\"`implicit`\" pulumi-lang-python=\"`implicit`\" pulumi-lang-yaml=\"`implicit`\" pulumi-lang-java=\"`implicit`\"\u003e`implicit`\u003c/span\u003e) to allow when requesting access tokens from the OAuth provider.\n"},"appleKeyGenerator":{"$ref":"#/types/descope:index/ProjectAuthenticationOauthSystemFacebookAppleKeyGenerator:ProjectAuthenticationOauthSystemFacebookAppleKeyGenerator","description":"The apple key generator object describing how to create a dynamic apple client secret for applications.\n"},"authorizationEndpoint":{"type":"string","description":"The URL that users are redirected to for authorization with the OAuth provider.\n"},"callbackDomain":{"type":"string","description":"Use a custom domain in your OAuth verification screen.\n"},"claimMapping":{"type":"object","additionalProperties":{"type":"string"},"description":"Maps OAuth provider claims to Descope user attributes.\n"},"clientId":{"type":"string","description":"The client ID for the OAuth provider, used to identify the application to the provider.\n"},"clientSecret":{"type":"string","description":"The client secret for the OAuth provider, used to authenticate the application with the provider.\n","secret":true},"description":{"type":"string","description":"A brief description of the OAuth provider.\n"},"disableJitUpdates":{"type":"boolean","description":"By default the user attribute mapping configuration is used to update the user's attributes automatically during sign in. Disable this if you want this to happen only during user creation.\n"},"disabled":{"type":"boolean","description":"Setting this to \u003cspan pulumi-lang-nodejs=\"`true`\" pulumi-lang-dotnet=\"`True`\" pulumi-lang-go=\"`true`\" pulumi-lang-python=\"`true`\" pulumi-lang-yaml=\"`true`\" pulumi-lang-java=\"`true`\"\u003e`true`\u003c/span\u003e will disallow using this authentication method directly via API and SDK calls. Note that this does not affect authentication flows that are configured to use this authentication method.\n"},"issuer":{"type":"string","description":"The issuer identifier for the OAuth provider.\n"},"jwksEndpoint":{"type":"string","description":"The URL where the application can retrieve JSON Web Key Sets (JWKS) for the OAuth provider.\n"},"logo":{"type":"string","description":"The URL of the logo associated with the OAuth provider.\n"},"manageProviderTokens":{"type":"boolean","description":"Whether to enable provider token management for this OAuth provider.\n"},"mergeUserAccounts":{"type":"boolean","description":"Whether to merge existing user accounts with new ones created through OAuth authentication.\n"},"nativeAppleKeyGenerator":{"$ref":"#/types/descope:index/ProjectAuthenticationOauthSystemFacebookNativeAppleKeyGenerator:ProjectAuthenticationOauthSystemFacebookNativeAppleKeyGenerator","description":"The apple key generator object describing how to create a dynamic native apple client secret for mobile apps.\n"},"nativeClientId":{"type":"string","description":"The client ID for the OAuth provider, used for Sign in with Apple in mobile apps.\n"},"nativeClientSecret":{"type":"string","description":"The client secret for the OAuth provider, used for Sign in with Apple in mobile apps.\n","secret":true},"prompts":{"type":"array","items":{"type":"string"},"description":"Custom prompts or consent screens that users may see during OAuth authentication.\n"},"providerTokenManagement":{"$ref":"#/types/descope:index/ProjectAuthenticationOauthSystemFacebookProviderTokenManagement:ProjectAuthenticationOauthSystemFacebookProviderTokenManagement","description":"This attribute is deprecated, use the \u003cspan pulumi-lang-nodejs=\"`manageProviderTokens`\" pulumi-lang-dotnet=\"`ManageProviderTokens`\" pulumi-lang-go=\"`manageProviderTokens`\" pulumi-lang-python=\"`manage_provider_tokens`\" pulumi-lang-yaml=\"`manageProviderTokens`\" pulumi-lang-java=\"`manageProviderTokens`\"\u003e`manage_provider_tokens`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`callbackDomain`\" pulumi-lang-dotnet=\"`CallbackDomain`\" pulumi-lang-go=\"`callbackDomain`\" pulumi-lang-python=\"`callback_domain`\" pulumi-lang-yaml=\"`callbackDomain`\" pulumi-lang-java=\"`callbackDomain`\"\u003e`callback_domain`\u003c/span\u003e, and \u003cspan pulumi-lang-nodejs=\"`redirectUrl`\" pulumi-lang-dotnet=\"`RedirectUrl`\" pulumi-lang-go=\"`redirectUrl`\" pulumi-lang-python=\"`redirect_url`\" pulumi-lang-yaml=\"`redirectUrl`\" pulumi-lang-java=\"`redirectUrl`\"\u003e`redirect_url`\u003c/span\u003e fields instead.\n"},"redirectUrl":{"type":"string","description":"Users will be directed to this URL after authentication. If redirect URL is specified in the SDK/API call, it will override this value.\n"},"scopes":{"type":"array","items":{"type":"string"},"description":"Scopes of access that the application requests from the user's account on the OAuth provider.\n"},"tokenEndpoint":{"type":"string","description":"The URL where the application requests an access token from the OAuth provider.\n"},"useClientAssertion":{"type":"boolean","description":"Use private key JWT (client assertion) instead of client secret.\n"},"userInfoEndpoint":{"type":"string","description":"The URL where the application retrieves user information from the OAuth provider.\n"}},"type":"object","language":{"nodejs":{"requiredOutputs":["allowedGrantTypes","appleKeyGenerator","authorizationEndpoint","callbackDomain","claimMapping","clientId","clientSecret","description","disableJitUpdates","disabled","issuer","jwksEndpoint","logo","manageProviderTokens","mergeUserAccounts","nativeAppleKeyGenerator","nativeClientId","nativeClientSecret","prompts","providerTokenManagement","redirectUrl","scopes","tokenEndpoint","useClientAssertion","userInfoEndpoint"]}}},"descope:index/ProjectAuthenticationOauthSystemFacebookAppleKeyGenerator:ProjectAuthenticationOauthSystemFacebookAppleKeyGenerator":{"properties":{"keyId":{"type":"string","description":"The apple generator key id produced by Apple.\n"},"privateKey":{"type":"string","description":"The apple generator private key produced by Apple.\n","secret":true},"teamId":{"type":"string","description":"The apple generator team id assigned to the key by Apple.\n"}},"type":"object","required":["keyId","privateKey","teamId"]},"descope:index/ProjectAuthenticationOauthSystemFacebookNativeAppleKeyGenerator:ProjectAuthenticationOauthSystemFacebookNativeAppleKeyGenerator":{"properties":{"keyId":{"type":"string","description":"The apple generator key id produced by Apple.\n"},"privateKey":{"type":"string","description":"The apple generator private key produced by Apple.\n","secret":true},"teamId":{"type":"string","description":"The apple generator team id assigned to the key by Apple.\n"}},"type":"object","required":["keyId","privateKey","teamId"]},"descope:index/ProjectAuthenticationOauthSystemFacebookProviderTokenManagement:ProjectAuthenticationOauthSystemFacebookProviderTokenManagement":{"type":"object"},"descope:index/ProjectAuthenticationOauthSystemGithub:ProjectAuthenticationOauthSystemGithub":{"properties":{"allowedGrantTypes":{"type":"array","items":{"type":"string"},"description":"The type of grants (\u003cspan pulumi-lang-nodejs=\"`authorizationCode`\" pulumi-lang-dotnet=\"`AuthorizationCode`\" pulumi-lang-go=\"`authorizationCode`\" pulumi-lang-python=\"`authorization_code`\" pulumi-lang-yaml=\"`authorizationCode`\" pulumi-lang-java=\"`authorizationCode`\"\u003e`authorization_code`\u003c/span\u003e or \u003cspan pulumi-lang-nodejs=\"`implicit`\" pulumi-lang-dotnet=\"`Implicit`\" pulumi-lang-go=\"`implicit`\" pulumi-lang-python=\"`implicit`\" pulumi-lang-yaml=\"`implicit`\" pulumi-lang-java=\"`implicit`\"\u003e`implicit`\u003c/span\u003e) to allow when requesting access tokens from the OAuth provider.\n"},"appleKeyGenerator":{"$ref":"#/types/descope:index/ProjectAuthenticationOauthSystemGithubAppleKeyGenerator:ProjectAuthenticationOauthSystemGithubAppleKeyGenerator","description":"The apple key generator object describing how to create a dynamic apple client secret for applications.\n"},"authorizationEndpoint":{"type":"string","description":"The URL that users are redirected to for authorization with the OAuth provider.\n"},"callbackDomain":{"type":"string","description":"Use a custom domain in your OAuth verification screen.\n"},"claimMapping":{"type":"object","additionalProperties":{"type":"string"},"description":"Maps OAuth provider claims to Descope user attributes.\n"},"clientId":{"type":"string","description":"The client ID for the OAuth provider, used to identify the application to the provider.\n"},"clientSecret":{"type":"string","description":"The client secret for the OAuth provider, used to authenticate the application with the provider.\n","secret":true},"description":{"type":"string","description":"A brief description of the OAuth provider.\n"},"disableJitUpdates":{"type":"boolean","description":"By default the user attribute mapping configuration is used to update the user's attributes automatically during sign in. Disable this if you want this to happen only during user creation.\n"},"disabled":{"type":"boolean","description":"Setting this to \u003cspan pulumi-lang-nodejs=\"`true`\" pulumi-lang-dotnet=\"`True`\" pulumi-lang-go=\"`true`\" pulumi-lang-python=\"`true`\" pulumi-lang-yaml=\"`true`\" pulumi-lang-java=\"`true`\"\u003e`true`\u003c/span\u003e will disallow using this authentication method directly via API and SDK calls. Note that this does not affect authentication flows that are configured to use this authentication method.\n"},"issuer":{"type":"string","description":"The issuer identifier for the OAuth provider.\n"},"jwksEndpoint":{"type":"string","description":"The URL where the application can retrieve JSON Web Key Sets (JWKS) for the OAuth provider.\n"},"logo":{"type":"string","description":"The URL of the logo associated with the OAuth provider.\n"},"manageProviderTokens":{"type":"boolean","description":"Whether to enable provider token management for this OAuth provider.\n"},"mergeUserAccounts":{"type":"boolean","description":"Whether to merge existing user accounts with new ones created through OAuth authentication.\n"},"nativeAppleKeyGenerator":{"$ref":"#/types/descope:index/ProjectAuthenticationOauthSystemGithubNativeAppleKeyGenerator:ProjectAuthenticationOauthSystemGithubNativeAppleKeyGenerator","description":"The apple key generator object describing how to create a dynamic native apple client secret for mobile apps.\n"},"nativeClientId":{"type":"string","description":"The client ID for the OAuth provider, used for Sign in with Apple in mobile apps.\n"},"nativeClientSecret":{"type":"string","description":"The client secret for the OAuth provider, used for Sign in with Apple in mobile apps.\n","secret":true},"prompts":{"type":"array","items":{"type":"string"},"description":"Custom prompts or consent screens that users may see during OAuth authentication.\n"},"providerTokenManagement":{"$ref":"#/types/descope:index/ProjectAuthenticationOauthSystemGithubProviderTokenManagement:ProjectAuthenticationOauthSystemGithubProviderTokenManagement","description":"This attribute is deprecated, use the \u003cspan pulumi-lang-nodejs=\"`manageProviderTokens`\" pulumi-lang-dotnet=\"`ManageProviderTokens`\" pulumi-lang-go=\"`manageProviderTokens`\" pulumi-lang-python=\"`manage_provider_tokens`\" pulumi-lang-yaml=\"`manageProviderTokens`\" pulumi-lang-java=\"`manageProviderTokens`\"\u003e`manage_provider_tokens`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`callbackDomain`\" pulumi-lang-dotnet=\"`CallbackDomain`\" pulumi-lang-go=\"`callbackDomain`\" pulumi-lang-python=\"`callback_domain`\" pulumi-lang-yaml=\"`callbackDomain`\" pulumi-lang-java=\"`callbackDomain`\"\u003e`callback_domain`\u003c/span\u003e, and \u003cspan pulumi-lang-nodejs=\"`redirectUrl`\" pulumi-lang-dotnet=\"`RedirectUrl`\" pulumi-lang-go=\"`redirectUrl`\" pulumi-lang-python=\"`redirect_url`\" pulumi-lang-yaml=\"`redirectUrl`\" pulumi-lang-java=\"`redirectUrl`\"\u003e`redirect_url`\u003c/span\u003e fields instead.\n"},"redirectUrl":{"type":"string","description":"Users will be directed to this URL after authentication. If redirect URL is specified in the SDK/API call, it will override this value.\n"},"scopes":{"type":"array","items":{"type":"string"},"description":"Scopes of access that the application requests from the user's account on the OAuth provider.\n"},"tokenEndpoint":{"type":"string","description":"The URL where the application requests an access token from the OAuth provider.\n"},"useClientAssertion":{"type":"boolean","description":"Use private key JWT (client assertion) instead of client secret.\n"},"userInfoEndpoint":{"type":"string","description":"The URL where the application retrieves user information from the OAuth provider.\n"}},"type":"object","language":{"nodejs":{"requiredOutputs":["allowedGrantTypes","appleKeyGenerator","authorizationEndpoint","callbackDomain","claimMapping","clientId","clientSecret","description","disableJitUpdates","disabled","issuer","jwksEndpoint","logo","manageProviderTokens","mergeUserAccounts","nativeAppleKeyGenerator","nativeClientId","nativeClientSecret","prompts","providerTokenManagement","redirectUrl","scopes","tokenEndpoint","useClientAssertion","userInfoEndpoint"]}}},"descope:index/ProjectAuthenticationOauthSystemGithubAppleKeyGenerator:ProjectAuthenticationOauthSystemGithubAppleKeyGenerator":{"properties":{"keyId":{"type":"string","description":"The apple generator key id produced by Apple.\n"},"privateKey":{"type":"string","description":"The apple generator private key produced by Apple.\n","secret":true},"teamId":{"type":"string","description":"The apple generator team id assigned to the key by Apple.\n"}},"type":"object","required":["keyId","privateKey","teamId"]},"descope:index/ProjectAuthenticationOauthSystemGithubNativeAppleKeyGenerator:ProjectAuthenticationOauthSystemGithubNativeAppleKeyGenerator":{"properties":{"keyId":{"type":"string","description":"The apple generator key id produced by Apple.\n"},"privateKey":{"type":"string","description":"The apple generator private key produced by Apple.\n","secret":true},"teamId":{"type":"string","description":"The apple generator team id assigned to the key by Apple.\n"}},"type":"object","required":["keyId","privateKey","teamId"]},"descope:index/ProjectAuthenticationOauthSystemGithubProviderTokenManagement:ProjectAuthenticationOauthSystemGithubProviderTokenManagement":{"type":"object"},"descope:index/ProjectAuthenticationOauthSystemGitlab:ProjectAuthenticationOauthSystemGitlab":{"properties":{"allowedGrantTypes":{"type":"array","items":{"type":"string"},"description":"The type of grants (\u003cspan pulumi-lang-nodejs=\"`authorizationCode`\" pulumi-lang-dotnet=\"`AuthorizationCode`\" pulumi-lang-go=\"`authorizationCode`\" pulumi-lang-python=\"`authorization_code`\" pulumi-lang-yaml=\"`authorizationCode`\" pulumi-lang-java=\"`authorizationCode`\"\u003e`authorization_code`\u003c/span\u003e or \u003cspan pulumi-lang-nodejs=\"`implicit`\" pulumi-lang-dotnet=\"`Implicit`\" pulumi-lang-go=\"`implicit`\" pulumi-lang-python=\"`implicit`\" pulumi-lang-yaml=\"`implicit`\" pulumi-lang-java=\"`implicit`\"\u003e`implicit`\u003c/span\u003e) to allow when requesting access tokens from the OAuth provider.\n"},"appleKeyGenerator":{"$ref":"#/types/descope:index/ProjectAuthenticationOauthSystemGitlabAppleKeyGenerator:ProjectAuthenticationOauthSystemGitlabAppleKeyGenerator","description":"The apple key generator object describing how to create a dynamic apple client secret for applications.\n"},"authorizationEndpoint":{"type":"string","description":"The URL that users are redirected to for authorization with the OAuth provider.\n"},"callbackDomain":{"type":"string","description":"Use a custom domain in your OAuth verification screen.\n"},"claimMapping":{"type":"object","additionalProperties":{"type":"string"},"description":"Maps OAuth provider claims to Descope user attributes.\n"},"clientId":{"type":"string","description":"The client ID for the OAuth provider, used to identify the application to the provider.\n"},"clientSecret":{"type":"string","description":"The client secret for the OAuth provider, used to authenticate the application with the provider.\n","secret":true},"description":{"type":"string","description":"A brief description of the OAuth provider.\n"},"disableJitUpdates":{"type":"boolean","description":"By default the user attribute mapping configuration is used to update the user's attributes automatically during sign in. Disable this if you want this to happen only during user creation.\n"},"disabled":{"type":"boolean","description":"Setting this to \u003cspan pulumi-lang-nodejs=\"`true`\" pulumi-lang-dotnet=\"`True`\" pulumi-lang-go=\"`true`\" pulumi-lang-python=\"`true`\" pulumi-lang-yaml=\"`true`\" pulumi-lang-java=\"`true`\"\u003e`true`\u003c/span\u003e will disallow using this authentication method directly via API and SDK calls. Note that this does not affect authentication flows that are configured to use this authentication method.\n"},"issuer":{"type":"string","description":"The issuer identifier for the OAuth provider.\n"},"jwksEndpoint":{"type":"string","description":"The URL where the application can retrieve JSON Web Key Sets (JWKS) for the OAuth provider.\n"},"logo":{"type":"string","description":"The URL of the logo associated with the OAuth provider.\n"},"manageProviderTokens":{"type":"boolean","description":"Whether to enable provider token management for this OAuth provider.\n"},"mergeUserAccounts":{"type":"boolean","description":"Whether to merge existing user accounts with new ones created through OAuth authentication.\n"},"nativeAppleKeyGenerator":{"$ref":"#/types/descope:index/ProjectAuthenticationOauthSystemGitlabNativeAppleKeyGenerator:ProjectAuthenticationOauthSystemGitlabNativeAppleKeyGenerator","description":"The apple key generator object describing how to create a dynamic native apple client secret for mobile apps.\n"},"nativeClientId":{"type":"string","description":"The client ID for the OAuth provider, used for Sign in with Apple in mobile apps.\n"},"nativeClientSecret":{"type":"string","description":"The client secret for the OAuth provider, used for Sign in with Apple in mobile apps.\n","secret":true},"prompts":{"type":"array","items":{"type":"string"},"description":"Custom prompts or consent screens that users may see during OAuth authentication.\n"},"providerTokenManagement":{"$ref":"#/types/descope:index/ProjectAuthenticationOauthSystemGitlabProviderTokenManagement:ProjectAuthenticationOauthSystemGitlabProviderTokenManagement","description":"This attribute is deprecated, use the \u003cspan pulumi-lang-nodejs=\"`manageProviderTokens`\" pulumi-lang-dotnet=\"`ManageProviderTokens`\" pulumi-lang-go=\"`manageProviderTokens`\" pulumi-lang-python=\"`manage_provider_tokens`\" pulumi-lang-yaml=\"`manageProviderTokens`\" pulumi-lang-java=\"`manageProviderTokens`\"\u003e`manage_provider_tokens`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`callbackDomain`\" pulumi-lang-dotnet=\"`CallbackDomain`\" pulumi-lang-go=\"`callbackDomain`\" pulumi-lang-python=\"`callback_domain`\" pulumi-lang-yaml=\"`callbackDomain`\" pulumi-lang-java=\"`callbackDomain`\"\u003e`callback_domain`\u003c/span\u003e, and \u003cspan pulumi-lang-nodejs=\"`redirectUrl`\" pulumi-lang-dotnet=\"`RedirectUrl`\" pulumi-lang-go=\"`redirectUrl`\" pulumi-lang-python=\"`redirect_url`\" pulumi-lang-yaml=\"`redirectUrl`\" pulumi-lang-java=\"`redirectUrl`\"\u003e`redirect_url`\u003c/span\u003e fields instead.\n"},"redirectUrl":{"type":"string","description":"Users will be directed to this URL after authentication. If redirect URL is specified in the SDK/API call, it will override this value.\n"},"scopes":{"type":"array","items":{"type":"string"},"description":"Scopes of access that the application requests from the user's account on the OAuth provider.\n"},"tokenEndpoint":{"type":"string","description":"The URL where the application requests an access token from the OAuth provider.\n"},"useClientAssertion":{"type":"boolean","description":"Use private key JWT (client assertion) instead of client secret.\n"},"userInfoEndpoint":{"type":"string","description":"The URL where the application retrieves user information from the OAuth provider.\n"}},"type":"object","language":{"nodejs":{"requiredOutputs":["allowedGrantTypes","appleKeyGenerator","authorizationEndpoint","callbackDomain","claimMapping","clientId","clientSecret","description","disableJitUpdates","disabled","issuer","jwksEndpoint","logo","manageProviderTokens","mergeUserAccounts","nativeAppleKeyGenerator","nativeClientId","nativeClientSecret","prompts","providerTokenManagement","redirectUrl","scopes","tokenEndpoint","useClientAssertion","userInfoEndpoint"]}}},"descope:index/ProjectAuthenticationOauthSystemGitlabAppleKeyGenerator:ProjectAuthenticationOauthSystemGitlabAppleKeyGenerator":{"properties":{"keyId":{"type":"string","description":"The apple generator key id produced by Apple.\n"},"privateKey":{"type":"string","description":"The apple generator private key produced by Apple.\n","secret":true},"teamId":{"type":"string","description":"The apple generator team id assigned to the key by Apple.\n"}},"type":"object","required":["keyId","privateKey","teamId"]},"descope:index/ProjectAuthenticationOauthSystemGitlabNativeAppleKeyGenerator:ProjectAuthenticationOauthSystemGitlabNativeAppleKeyGenerator":{"properties":{"keyId":{"type":"string","description":"The apple generator key id produced by Apple.\n"},"privateKey":{"type":"string","description":"The apple generator private key produced by Apple.\n","secret":true},"teamId":{"type":"string","description":"The apple generator team id assigned to the key by Apple.\n"}},"type":"object","required":["keyId","privateKey","teamId"]},"descope:index/ProjectAuthenticationOauthSystemGitlabProviderTokenManagement:ProjectAuthenticationOauthSystemGitlabProviderTokenManagement":{"type":"object"},"descope:index/ProjectAuthenticationOauthSystemGoogle:ProjectAuthenticationOauthSystemGoogle":{"properties":{"allowedGrantTypes":{"type":"array","items":{"type":"string"},"description":"The type of grants (\u003cspan pulumi-lang-nodejs=\"`authorizationCode`\" pulumi-lang-dotnet=\"`AuthorizationCode`\" pulumi-lang-go=\"`authorizationCode`\" pulumi-lang-python=\"`authorization_code`\" pulumi-lang-yaml=\"`authorizationCode`\" pulumi-lang-java=\"`authorizationCode`\"\u003e`authorization_code`\u003c/span\u003e or \u003cspan pulumi-lang-nodejs=\"`implicit`\" pulumi-lang-dotnet=\"`Implicit`\" pulumi-lang-go=\"`implicit`\" pulumi-lang-python=\"`implicit`\" pulumi-lang-yaml=\"`implicit`\" pulumi-lang-java=\"`implicit`\"\u003e`implicit`\u003c/span\u003e) to allow when requesting access tokens from the OAuth provider.\n"},"appleKeyGenerator":{"$ref":"#/types/descope:index/ProjectAuthenticationOauthSystemGoogleAppleKeyGenerator:ProjectAuthenticationOauthSystemGoogleAppleKeyGenerator","description":"The apple key generator object describing how to create a dynamic apple client secret for applications.\n"},"authorizationEndpoint":{"type":"string","description":"The URL that users are redirected to for authorization with the OAuth provider.\n"},"callbackDomain":{"type":"string","description":"Use a custom domain in your OAuth verification screen.\n"},"claimMapping":{"type":"object","additionalProperties":{"type":"string"},"description":"Maps OAuth provider claims to Descope user attributes.\n"},"clientId":{"type":"string","description":"The client ID for the OAuth provider, used to identify the application to the provider.\n"},"clientSecret":{"type":"string","description":"The client secret for the OAuth provider, used to authenticate the application with the provider.\n","secret":true},"description":{"type":"string","description":"A brief description of the OAuth provider.\n"},"disableJitUpdates":{"type":"boolean","description":"By default the user attribute mapping configuration is used to update the user's attributes automatically during sign in. Disable this if you want this to happen only during user creation.\n"},"disabled":{"type":"boolean","description":"Setting this to \u003cspan pulumi-lang-nodejs=\"`true`\" pulumi-lang-dotnet=\"`True`\" pulumi-lang-go=\"`true`\" pulumi-lang-python=\"`true`\" pulumi-lang-yaml=\"`true`\" pulumi-lang-java=\"`true`\"\u003e`true`\u003c/span\u003e will disallow using this authentication method directly via API and SDK calls. Note that this does not affect authentication flows that are configured to use this authentication method.\n"},"issuer":{"type":"string","description":"The issuer identifier for the OAuth provider.\n"},"jwksEndpoint":{"type":"string","description":"The URL where the application can retrieve JSON Web Key Sets (JWKS) for the OAuth provider.\n"},"logo":{"type":"string","description":"The URL of the logo associated with the OAuth provider.\n"},"manageProviderTokens":{"type":"boolean","description":"Whether to enable provider token management for this OAuth provider.\n"},"mergeUserAccounts":{"type":"boolean","description":"Whether to merge existing user accounts with new ones created through OAuth authentication.\n"},"nativeAppleKeyGenerator":{"$ref":"#/types/descope:index/ProjectAuthenticationOauthSystemGoogleNativeAppleKeyGenerator:ProjectAuthenticationOauthSystemGoogleNativeAppleKeyGenerator","description":"The apple key generator object describing how to create a dynamic native apple client secret for mobile apps.\n"},"nativeClientId":{"type":"string","description":"The client ID for the OAuth provider, used for Sign in with Apple in mobile apps.\n"},"nativeClientSecret":{"type":"string","description":"The client secret for the OAuth provider, used for Sign in with Apple in mobile apps.\n","secret":true},"prompts":{"type":"array","items":{"type":"string"},"description":"Custom prompts or consent screens that users may see during OAuth authentication.\n"},"providerTokenManagement":{"$ref":"#/types/descope:index/ProjectAuthenticationOauthSystemGoogleProviderTokenManagement:ProjectAuthenticationOauthSystemGoogleProviderTokenManagement","description":"This attribute is deprecated, use the \u003cspan pulumi-lang-nodejs=\"`manageProviderTokens`\" pulumi-lang-dotnet=\"`ManageProviderTokens`\" pulumi-lang-go=\"`manageProviderTokens`\" pulumi-lang-python=\"`manage_provider_tokens`\" pulumi-lang-yaml=\"`manageProviderTokens`\" pulumi-lang-java=\"`manageProviderTokens`\"\u003e`manage_provider_tokens`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`callbackDomain`\" pulumi-lang-dotnet=\"`CallbackDomain`\" pulumi-lang-go=\"`callbackDomain`\" pulumi-lang-python=\"`callback_domain`\" pulumi-lang-yaml=\"`callbackDomain`\" pulumi-lang-java=\"`callbackDomain`\"\u003e`callback_domain`\u003c/span\u003e, and \u003cspan pulumi-lang-nodejs=\"`redirectUrl`\" pulumi-lang-dotnet=\"`RedirectUrl`\" pulumi-lang-go=\"`redirectUrl`\" pulumi-lang-python=\"`redirect_url`\" pulumi-lang-yaml=\"`redirectUrl`\" pulumi-lang-java=\"`redirectUrl`\"\u003e`redirect_url`\u003c/span\u003e fields instead.\n"},"redirectUrl":{"type":"string","description":"Users will be directed to this URL after authentication. If redirect URL is specified in the SDK/API call, it will override this value.\n"},"scopes":{"type":"array","items":{"type":"string"},"description":"Scopes of access that the application requests from the user's account on the OAuth provider.\n"},"tokenEndpoint":{"type":"string","description":"The URL where the application requests an access token from the OAuth provider.\n"},"useClientAssertion":{"type":"boolean","description":"Use private key JWT (client assertion) instead of client secret.\n"},"userInfoEndpoint":{"type":"string","description":"The URL where the application retrieves user information from the OAuth provider.\n"}},"type":"object","language":{"nodejs":{"requiredOutputs":["allowedGrantTypes","appleKeyGenerator","authorizationEndpoint","callbackDomain","claimMapping","clientId","clientSecret","description","disableJitUpdates","disabled","issuer","jwksEndpoint","logo","manageProviderTokens","mergeUserAccounts","nativeAppleKeyGenerator","nativeClientId","nativeClientSecret","prompts","providerTokenManagement","redirectUrl","scopes","tokenEndpoint","useClientAssertion","userInfoEndpoint"]}}},"descope:index/ProjectAuthenticationOauthSystemGoogleAppleKeyGenerator:ProjectAuthenticationOauthSystemGoogleAppleKeyGenerator":{"properties":{"keyId":{"type":"string","description":"The apple generator key id produced by Apple.\n"},"privateKey":{"type":"string","description":"The apple generator private key produced by Apple.\n","secret":true},"teamId":{"type":"string","description":"The apple generator team id assigned to the key by Apple.\n"}},"type":"object","required":["keyId","privateKey","teamId"]},"descope:index/ProjectAuthenticationOauthSystemGoogleNativeAppleKeyGenerator:ProjectAuthenticationOauthSystemGoogleNativeAppleKeyGenerator":{"properties":{"keyId":{"type":"string","description":"The apple generator key id produced by Apple.\n"},"privateKey":{"type":"string","description":"The apple generator private key produced by Apple.\n","secret":true},"teamId":{"type":"string","description":"The apple generator team id assigned to the key by Apple.\n"}},"type":"object","required":["keyId","privateKey","teamId"]},"descope:index/ProjectAuthenticationOauthSystemGoogleProviderTokenManagement:ProjectAuthenticationOauthSystemGoogleProviderTokenManagement":{"type":"object"},"descope:index/ProjectAuthenticationOauthSystemLinkedin:ProjectAuthenticationOauthSystemLinkedin":{"properties":{"allowedGrantTypes":{"type":"array","items":{"type":"string"},"description":"The type of grants (\u003cspan pulumi-lang-nodejs=\"`authorizationCode`\" pulumi-lang-dotnet=\"`AuthorizationCode`\" pulumi-lang-go=\"`authorizationCode`\" pulumi-lang-python=\"`authorization_code`\" pulumi-lang-yaml=\"`authorizationCode`\" pulumi-lang-java=\"`authorizationCode`\"\u003e`authorization_code`\u003c/span\u003e or \u003cspan pulumi-lang-nodejs=\"`implicit`\" pulumi-lang-dotnet=\"`Implicit`\" pulumi-lang-go=\"`implicit`\" pulumi-lang-python=\"`implicit`\" pulumi-lang-yaml=\"`implicit`\" pulumi-lang-java=\"`implicit`\"\u003e`implicit`\u003c/span\u003e) to allow when requesting access tokens from the OAuth provider.\n"},"appleKeyGenerator":{"$ref":"#/types/descope:index/ProjectAuthenticationOauthSystemLinkedinAppleKeyGenerator:ProjectAuthenticationOauthSystemLinkedinAppleKeyGenerator","description":"The apple key generator object describing how to create a dynamic apple client secret for applications.\n"},"authorizationEndpoint":{"type":"string","description":"The URL that users are redirected to for authorization with the OAuth provider.\n"},"callbackDomain":{"type":"string","description":"Use a custom domain in your OAuth verification screen.\n"},"claimMapping":{"type":"object","additionalProperties":{"type":"string"},"description":"Maps OAuth provider claims to Descope user attributes.\n"},"clientId":{"type":"string","description":"The client ID for the OAuth provider, used to identify the application to the provider.\n"},"clientSecret":{"type":"string","description":"The client secret for the OAuth provider, used to authenticate the application with the provider.\n","secret":true},"description":{"type":"string","description":"A brief description of the OAuth provider.\n"},"disableJitUpdates":{"type":"boolean","description":"By default the user attribute mapping configuration is used to update the user's attributes automatically during sign in. Disable this if you want this to happen only during user creation.\n"},"disabled":{"type":"boolean","description":"Setting this to \u003cspan pulumi-lang-nodejs=\"`true`\" pulumi-lang-dotnet=\"`True`\" pulumi-lang-go=\"`true`\" pulumi-lang-python=\"`true`\" pulumi-lang-yaml=\"`true`\" pulumi-lang-java=\"`true`\"\u003e`true`\u003c/span\u003e will disallow using this authentication method directly via API and SDK calls. Note that this does not affect authentication flows that are configured to use this authentication method.\n"},"issuer":{"type":"string","description":"The issuer identifier for the OAuth provider.\n"},"jwksEndpoint":{"type":"string","description":"The URL where the application can retrieve JSON Web Key Sets (JWKS) for the OAuth provider.\n"},"logo":{"type":"string","description":"The URL of the logo associated with the OAuth provider.\n"},"manageProviderTokens":{"type":"boolean","description":"Whether to enable provider token management for this OAuth provider.\n"},"mergeUserAccounts":{"type":"boolean","description":"Whether to merge existing user accounts with new ones created through OAuth authentication.\n"},"nativeAppleKeyGenerator":{"$ref":"#/types/descope:index/ProjectAuthenticationOauthSystemLinkedinNativeAppleKeyGenerator:ProjectAuthenticationOauthSystemLinkedinNativeAppleKeyGenerator","description":"The apple key generator object describing how to create a dynamic native apple client secret for mobile apps.\n"},"nativeClientId":{"type":"string","description":"The client ID for the OAuth provider, used for Sign in with Apple in mobile apps.\n"},"nativeClientSecret":{"type":"string","description":"The client secret for the OAuth provider, used for Sign in with Apple in mobile apps.\n","secret":true},"prompts":{"type":"array","items":{"type":"string"},"description":"Custom prompts or consent screens that users may see during OAuth authentication.\n"},"providerTokenManagement":{"$ref":"#/types/descope:index/ProjectAuthenticationOauthSystemLinkedinProviderTokenManagement:ProjectAuthenticationOauthSystemLinkedinProviderTokenManagement","description":"This attribute is deprecated, use the \u003cspan pulumi-lang-nodejs=\"`manageProviderTokens`\" pulumi-lang-dotnet=\"`ManageProviderTokens`\" pulumi-lang-go=\"`manageProviderTokens`\" pulumi-lang-python=\"`manage_provider_tokens`\" pulumi-lang-yaml=\"`manageProviderTokens`\" pulumi-lang-java=\"`manageProviderTokens`\"\u003e`manage_provider_tokens`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`callbackDomain`\" pulumi-lang-dotnet=\"`CallbackDomain`\" pulumi-lang-go=\"`callbackDomain`\" pulumi-lang-python=\"`callback_domain`\" pulumi-lang-yaml=\"`callbackDomain`\" pulumi-lang-java=\"`callbackDomain`\"\u003e`callback_domain`\u003c/span\u003e, and \u003cspan pulumi-lang-nodejs=\"`redirectUrl`\" pulumi-lang-dotnet=\"`RedirectUrl`\" pulumi-lang-go=\"`redirectUrl`\" pulumi-lang-python=\"`redirect_url`\" pulumi-lang-yaml=\"`redirectUrl`\" pulumi-lang-java=\"`redirectUrl`\"\u003e`redirect_url`\u003c/span\u003e fields instead.\n"},"redirectUrl":{"type":"string","description":"Users will be directed to this URL after authentication. If redirect URL is specified in the SDK/API call, it will override this value.\n"},"scopes":{"type":"array","items":{"type":"string"},"description":"Scopes of access that the application requests from the user's account on the OAuth provider.\n"},"tokenEndpoint":{"type":"string","description":"The URL where the application requests an access token from the OAuth provider.\n"},"useClientAssertion":{"type":"boolean","description":"Use private key JWT (client assertion) instead of client secret.\n"},"userInfoEndpoint":{"type":"string","description":"The URL where the application retrieves user information from the OAuth provider.\n"}},"type":"object","language":{"nodejs":{"requiredOutputs":["allowedGrantTypes","appleKeyGenerator","authorizationEndpoint","callbackDomain","claimMapping","clientId","clientSecret","description","disableJitUpdates","disabled","issuer","jwksEndpoint","logo","manageProviderTokens","mergeUserAccounts","nativeAppleKeyGenerator","nativeClientId","nativeClientSecret","prompts","providerTokenManagement","redirectUrl","scopes","tokenEndpoint","useClientAssertion","userInfoEndpoint"]}}},"descope:index/ProjectAuthenticationOauthSystemLinkedinAppleKeyGenerator:ProjectAuthenticationOauthSystemLinkedinAppleKeyGenerator":{"properties":{"keyId":{"type":"string","description":"The apple generator key id produced by Apple.\n"},"privateKey":{"type":"string","description":"The apple generator private key produced by Apple.\n","secret":true},"teamId":{"type":"string","description":"The apple generator team id assigned to the key by Apple.\n"}},"type":"object","required":["keyId","privateKey","teamId"]},"descope:index/ProjectAuthenticationOauthSystemLinkedinNativeAppleKeyGenerator:ProjectAuthenticationOauthSystemLinkedinNativeAppleKeyGenerator":{"properties":{"keyId":{"type":"string","description":"The apple generator key id produced by Apple.\n"},"privateKey":{"type":"string","description":"The apple generator private key produced by Apple.\n","secret":true},"teamId":{"type":"string","description":"The apple generator team id assigned to the key by Apple.\n"}},"type":"object","required":["keyId","privateKey","teamId"]},"descope:index/ProjectAuthenticationOauthSystemLinkedinProviderTokenManagement:ProjectAuthenticationOauthSystemLinkedinProviderTokenManagement":{"type":"object"},"descope:index/ProjectAuthenticationOauthSystemMicrosoft:ProjectAuthenticationOauthSystemMicrosoft":{"properties":{"allowedGrantTypes":{"type":"array","items":{"type":"string"},"description":"The type of grants (\u003cspan pulumi-lang-nodejs=\"`authorizationCode`\" pulumi-lang-dotnet=\"`AuthorizationCode`\" pulumi-lang-go=\"`authorizationCode`\" pulumi-lang-python=\"`authorization_code`\" pulumi-lang-yaml=\"`authorizationCode`\" pulumi-lang-java=\"`authorizationCode`\"\u003e`authorization_code`\u003c/span\u003e or \u003cspan pulumi-lang-nodejs=\"`implicit`\" pulumi-lang-dotnet=\"`Implicit`\" pulumi-lang-go=\"`implicit`\" pulumi-lang-python=\"`implicit`\" pulumi-lang-yaml=\"`implicit`\" pulumi-lang-java=\"`implicit`\"\u003e`implicit`\u003c/span\u003e) to allow when requesting access tokens from the OAuth provider.\n"},"appleKeyGenerator":{"$ref":"#/types/descope:index/ProjectAuthenticationOauthSystemMicrosoftAppleKeyGenerator:ProjectAuthenticationOauthSystemMicrosoftAppleKeyGenerator","description":"The apple key generator object describing how to create a dynamic apple client secret for applications.\n"},"authorizationEndpoint":{"type":"string","description":"The URL that users are redirected to for authorization with the OAuth provider.\n"},"callbackDomain":{"type":"string","description":"Use a custom domain in your OAuth verification screen.\n"},"claimMapping":{"type":"object","additionalProperties":{"type":"string"},"description":"Maps OAuth provider claims to Descope user attributes.\n"},"clientId":{"type":"string","description":"The client ID for the OAuth provider, used to identify the application to the provider.\n"},"clientSecret":{"type":"string","description":"The client secret for the OAuth provider, used to authenticate the application with the provider.\n","secret":true},"description":{"type":"string","description":"A brief description of the OAuth provider.\n"},"disableJitUpdates":{"type":"boolean","description":"By default the user attribute mapping configuration is used to update the user's attributes automatically during sign in. Disable this if you want this to happen only during user creation.\n"},"disabled":{"type":"boolean","description":"Setting this to \u003cspan pulumi-lang-nodejs=\"`true`\" pulumi-lang-dotnet=\"`True`\" pulumi-lang-go=\"`true`\" pulumi-lang-python=\"`true`\" pulumi-lang-yaml=\"`true`\" pulumi-lang-java=\"`true`\"\u003e`true`\u003c/span\u003e will disallow using this authentication method directly via API and SDK calls. Note that this does not affect authentication flows that are configured to use this authentication method.\n"},"issuer":{"type":"string","description":"The issuer identifier for the OAuth provider.\n"},"jwksEndpoint":{"type":"string","description":"The URL where the application can retrieve JSON Web Key Sets (JWKS) for the OAuth provider.\n"},"logo":{"type":"string","description":"The URL of the logo associated with the OAuth provider.\n"},"manageProviderTokens":{"type":"boolean","description":"Whether to enable provider token management for this OAuth provider.\n"},"mergeUserAccounts":{"type":"boolean","description":"Whether to merge existing user accounts with new ones created through OAuth authentication.\n"},"nativeAppleKeyGenerator":{"$ref":"#/types/descope:index/ProjectAuthenticationOauthSystemMicrosoftNativeAppleKeyGenerator:ProjectAuthenticationOauthSystemMicrosoftNativeAppleKeyGenerator","description":"The apple key generator object describing how to create a dynamic native apple client secret for mobile apps.\n"},"nativeClientId":{"type":"string","description":"The client ID for the OAuth provider, used for Sign in with Apple in mobile apps.\n"},"nativeClientSecret":{"type":"string","description":"The client secret for the OAuth provider, used for Sign in with Apple in mobile apps.\n","secret":true},"prompts":{"type":"array","items":{"type":"string"},"description":"Custom prompts or consent screens that users may see during OAuth authentication.\n"},"providerTokenManagement":{"$ref":"#/types/descope:index/ProjectAuthenticationOauthSystemMicrosoftProviderTokenManagement:ProjectAuthenticationOauthSystemMicrosoftProviderTokenManagement","description":"This attribute is deprecated, use the \u003cspan pulumi-lang-nodejs=\"`manageProviderTokens`\" pulumi-lang-dotnet=\"`ManageProviderTokens`\" pulumi-lang-go=\"`manageProviderTokens`\" pulumi-lang-python=\"`manage_provider_tokens`\" pulumi-lang-yaml=\"`manageProviderTokens`\" pulumi-lang-java=\"`manageProviderTokens`\"\u003e`manage_provider_tokens`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`callbackDomain`\" pulumi-lang-dotnet=\"`CallbackDomain`\" pulumi-lang-go=\"`callbackDomain`\" pulumi-lang-python=\"`callback_domain`\" pulumi-lang-yaml=\"`callbackDomain`\" pulumi-lang-java=\"`callbackDomain`\"\u003e`callback_domain`\u003c/span\u003e, and \u003cspan pulumi-lang-nodejs=\"`redirectUrl`\" pulumi-lang-dotnet=\"`RedirectUrl`\" pulumi-lang-go=\"`redirectUrl`\" pulumi-lang-python=\"`redirect_url`\" pulumi-lang-yaml=\"`redirectUrl`\" pulumi-lang-java=\"`redirectUrl`\"\u003e`redirect_url`\u003c/span\u003e fields instead.\n"},"redirectUrl":{"type":"string","description":"Users will be directed to this URL after authentication. If redirect URL is specified in the SDK/API call, it will override this value.\n"},"scopes":{"type":"array","items":{"type":"string"},"description":"Scopes of access that the application requests from the user's account on the OAuth provider.\n"},"tokenEndpoint":{"type":"string","description":"The URL where the application requests an access token from the OAuth provider.\n"},"useClientAssertion":{"type":"boolean","description":"Use private key JWT (client assertion) instead of client secret.\n"},"userInfoEndpoint":{"type":"string","description":"The URL where the application retrieves user information from the OAuth provider.\n"}},"type":"object","language":{"nodejs":{"requiredOutputs":["allowedGrantTypes","appleKeyGenerator","authorizationEndpoint","callbackDomain","claimMapping","clientId","clientSecret","description","disableJitUpdates","disabled","issuer","jwksEndpoint","logo","manageProviderTokens","mergeUserAccounts","nativeAppleKeyGenerator","nativeClientId","nativeClientSecret","prompts","providerTokenManagement","redirectUrl","scopes","tokenEndpoint","useClientAssertion","userInfoEndpoint"]}}},"descope:index/ProjectAuthenticationOauthSystemMicrosoftAppleKeyGenerator:ProjectAuthenticationOauthSystemMicrosoftAppleKeyGenerator":{"properties":{"keyId":{"type":"string","description":"The apple generator key id produced by Apple.\n"},"privateKey":{"type":"string","description":"The apple generator private key produced by Apple.\n","secret":true},"teamId":{"type":"string","description":"The apple generator team id assigned to the key by Apple.\n"}},"type":"object","required":["keyId","privateKey","teamId"]},"descope:index/ProjectAuthenticationOauthSystemMicrosoftNativeAppleKeyGenerator:ProjectAuthenticationOauthSystemMicrosoftNativeAppleKeyGenerator":{"properties":{"keyId":{"type":"string","description":"The apple generator key id produced by Apple.\n"},"privateKey":{"type":"string","description":"The apple generator private key produced by Apple.\n","secret":true},"teamId":{"type":"string","description":"The apple generator team id assigned to the key by Apple.\n"}},"type":"object","required":["keyId","privateKey","teamId"]},"descope:index/ProjectAuthenticationOauthSystemMicrosoftProviderTokenManagement:ProjectAuthenticationOauthSystemMicrosoftProviderTokenManagement":{"type":"object"},"descope:index/ProjectAuthenticationOauthSystemSlack:ProjectAuthenticationOauthSystemSlack":{"properties":{"allowedGrantTypes":{"type":"array","items":{"type":"string"},"description":"The type of grants (\u003cspan pulumi-lang-nodejs=\"`authorizationCode`\" pulumi-lang-dotnet=\"`AuthorizationCode`\" pulumi-lang-go=\"`authorizationCode`\" pulumi-lang-python=\"`authorization_code`\" pulumi-lang-yaml=\"`authorizationCode`\" pulumi-lang-java=\"`authorizationCode`\"\u003e`authorization_code`\u003c/span\u003e or \u003cspan pulumi-lang-nodejs=\"`implicit`\" pulumi-lang-dotnet=\"`Implicit`\" pulumi-lang-go=\"`implicit`\" pulumi-lang-python=\"`implicit`\" pulumi-lang-yaml=\"`implicit`\" pulumi-lang-java=\"`implicit`\"\u003e`implicit`\u003c/span\u003e) to allow when requesting access tokens from the OAuth provider.\n"},"appleKeyGenerator":{"$ref":"#/types/descope:index/ProjectAuthenticationOauthSystemSlackAppleKeyGenerator:ProjectAuthenticationOauthSystemSlackAppleKeyGenerator","description":"The apple key generator object describing how to create a dynamic apple client secret for applications.\n"},"authorizationEndpoint":{"type":"string","description":"The URL that users are redirected to for authorization with the OAuth provider.\n"},"callbackDomain":{"type":"string","description":"Use a custom domain in your OAuth verification screen.\n"},"claimMapping":{"type":"object","additionalProperties":{"type":"string"},"description":"Maps OAuth provider claims to Descope user attributes.\n"},"clientId":{"type":"string","description":"The client ID for the OAuth provider, used to identify the application to the provider.\n"},"clientSecret":{"type":"string","description":"The client secret for the OAuth provider, used to authenticate the application with the provider.\n","secret":true},"description":{"type":"string","description":"A brief description of the OAuth provider.\n"},"disableJitUpdates":{"type":"boolean","description":"By default the user attribute mapping configuration is used to update the user's attributes automatically during sign in. Disable this if you want this to happen only during user creation.\n"},"disabled":{"type":"boolean","description":"Setting this to \u003cspan pulumi-lang-nodejs=\"`true`\" pulumi-lang-dotnet=\"`True`\" pulumi-lang-go=\"`true`\" pulumi-lang-python=\"`true`\" pulumi-lang-yaml=\"`true`\" pulumi-lang-java=\"`true`\"\u003e`true`\u003c/span\u003e will disallow using this authentication method directly via API and SDK calls. Note that this does not affect authentication flows that are configured to use this authentication method.\n"},"issuer":{"type":"string","description":"The issuer identifier for the OAuth provider.\n"},"jwksEndpoint":{"type":"string","description":"The URL where the application can retrieve JSON Web Key Sets (JWKS) for the OAuth provider.\n"},"logo":{"type":"string","description":"The URL of the logo associated with the OAuth provider.\n"},"manageProviderTokens":{"type":"boolean","description":"Whether to enable provider token management for this OAuth provider.\n"},"mergeUserAccounts":{"type":"boolean","description":"Whether to merge existing user accounts with new ones created through OAuth authentication.\n"},"nativeAppleKeyGenerator":{"$ref":"#/types/descope:index/ProjectAuthenticationOauthSystemSlackNativeAppleKeyGenerator:ProjectAuthenticationOauthSystemSlackNativeAppleKeyGenerator","description":"The apple key generator object describing how to create a dynamic native apple client secret for mobile apps.\n"},"nativeClientId":{"type":"string","description":"The client ID for the OAuth provider, used for Sign in with Apple in mobile apps.\n"},"nativeClientSecret":{"type":"string","description":"The client secret for the OAuth provider, used for Sign in with Apple in mobile apps.\n","secret":true},"prompts":{"type":"array","items":{"type":"string"},"description":"Custom prompts or consent screens that users may see during OAuth authentication.\n"},"providerTokenManagement":{"$ref":"#/types/descope:index/ProjectAuthenticationOauthSystemSlackProviderTokenManagement:ProjectAuthenticationOauthSystemSlackProviderTokenManagement","description":"This attribute is deprecated, use the \u003cspan pulumi-lang-nodejs=\"`manageProviderTokens`\" pulumi-lang-dotnet=\"`ManageProviderTokens`\" pulumi-lang-go=\"`manageProviderTokens`\" pulumi-lang-python=\"`manage_provider_tokens`\" pulumi-lang-yaml=\"`manageProviderTokens`\" pulumi-lang-java=\"`manageProviderTokens`\"\u003e`manage_provider_tokens`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`callbackDomain`\" pulumi-lang-dotnet=\"`CallbackDomain`\" pulumi-lang-go=\"`callbackDomain`\" pulumi-lang-python=\"`callback_domain`\" pulumi-lang-yaml=\"`callbackDomain`\" pulumi-lang-java=\"`callbackDomain`\"\u003e`callback_domain`\u003c/span\u003e, and \u003cspan pulumi-lang-nodejs=\"`redirectUrl`\" pulumi-lang-dotnet=\"`RedirectUrl`\" pulumi-lang-go=\"`redirectUrl`\" pulumi-lang-python=\"`redirect_url`\" pulumi-lang-yaml=\"`redirectUrl`\" pulumi-lang-java=\"`redirectUrl`\"\u003e`redirect_url`\u003c/span\u003e fields instead.\n"},"redirectUrl":{"type":"string","description":"Users will be directed to this URL after authentication. If redirect URL is specified in the SDK/API call, it will override this value.\n"},"scopes":{"type":"array","items":{"type":"string"},"description":"Scopes of access that the application requests from the user's account on the OAuth provider.\n"},"tokenEndpoint":{"type":"string","description":"The URL where the application requests an access token from the OAuth provider.\n"},"useClientAssertion":{"type":"boolean","description":"Use private key JWT (client assertion) instead of client secret.\n"},"userInfoEndpoint":{"type":"string","description":"The URL where the application retrieves user information from the OAuth provider.\n"}},"type":"object","language":{"nodejs":{"requiredOutputs":["allowedGrantTypes","appleKeyGenerator","authorizationEndpoint","callbackDomain","claimMapping","clientId","clientSecret","description","disableJitUpdates","disabled","issuer","jwksEndpoint","logo","manageProviderTokens","mergeUserAccounts","nativeAppleKeyGenerator","nativeClientId","nativeClientSecret","prompts","providerTokenManagement","redirectUrl","scopes","tokenEndpoint","useClientAssertion","userInfoEndpoint"]}}},"descope:index/ProjectAuthenticationOauthSystemSlackAppleKeyGenerator:ProjectAuthenticationOauthSystemSlackAppleKeyGenerator":{"properties":{"keyId":{"type":"string","description":"The apple generator key id produced by Apple.\n"},"privateKey":{"type":"string","description":"The apple generator private key produced by Apple.\n","secret":true},"teamId":{"type":"string","description":"The apple generator team id assigned to the key by Apple.\n"}},"type":"object","required":["keyId","privateKey","teamId"]},"descope:index/ProjectAuthenticationOauthSystemSlackNativeAppleKeyGenerator:ProjectAuthenticationOauthSystemSlackNativeAppleKeyGenerator":{"properties":{"keyId":{"type":"string","description":"The apple generator key id produced by Apple.\n"},"privateKey":{"type":"string","description":"The apple generator private key produced by Apple.\n","secret":true},"teamId":{"type":"string","description":"The apple generator team id assigned to the key by Apple.\n"}},"type":"object","required":["keyId","privateKey","teamId"]},"descope:index/ProjectAuthenticationOauthSystemSlackProviderTokenManagement:ProjectAuthenticationOauthSystemSlackProviderTokenManagement":{"type":"object"},"descope:index/ProjectAuthenticationOtp:ProjectAuthenticationOtp":{"properties":{"disabled":{"type":"boolean","description":"Setting this to \u003cspan pulumi-lang-nodejs=\"`true`\" pulumi-lang-dotnet=\"`True`\" pulumi-lang-go=\"`true`\" pulumi-lang-python=\"`true`\" pulumi-lang-yaml=\"`true`\" pulumi-lang-java=\"`true`\"\u003e`true`\u003c/span\u003e will disallow using this authentication method directly via API and SDK calls. Note that this does not affect authentication flows that are configured to use this authentication method.\n"},"domain":{"type":"string","description":"The domain to embed in OTP messages.\n"},"emailService":{"$ref":"#/types/descope:index/ProjectAuthenticationOtpEmailService:ProjectAuthenticationOtpEmailService","description":"Settings related to sending emails with OTP codes.\n"},"expirationTime":{"type":"string","description":"The amount of time that an OTP code will be valid for.\n"},"textService":{"$ref":"#/types/descope:index/ProjectAuthenticationOtpTextService:ProjectAuthenticationOtpTextService","description":"Settings related to sending SMS messages with OTP codes.\n"},"voiceService":{"$ref":"#/types/descope:index/ProjectAuthenticationOtpVoiceService:ProjectAuthenticationOtpVoiceService","description":"Settings related to voice calls with OTP codes.\n"}},"type":"object","language":{"nodejs":{"requiredOutputs":["disabled","domain","emailService","expirationTime","textService","voiceService"]}}},"descope:index/ProjectAuthenticationOtpEmailService:ProjectAuthenticationOtpEmailService":{"properties":{"connector":{"type":"string","description":"The name of the email connector to use for sending emails.\n"},"templates":{"type":"array","items":{"$ref":"#/types/descope:index/ProjectAuthenticationOtpEmailServiceTemplate:ProjectAuthenticationOtpEmailServiceTemplate"},"description":"A list of email templates for different authentication flows.\n"}},"type":"object","required":["connector"],"language":{"nodejs":{"requiredOutputs":["connector","templates"]}}},"descope:index/ProjectAuthenticationOtpEmailServiceTemplate:ProjectAuthenticationOtpEmailServiceTemplate":{"properties":{"active":{"type":"boolean","description":"Whether this email template is currently active and in use.\n"},"htmlBody":{"type":"string","description":"HTML content of the email message body, required if \u003cspan pulumi-lang-nodejs=\"`usePlainTextBody`\" pulumi-lang-dotnet=\"`UsePlainTextBody`\" pulumi-lang-go=\"`usePlainTextBody`\" pulumi-lang-python=\"`use_plain_text_body`\" pulumi-lang-yaml=\"`usePlainTextBody`\" pulumi-lang-java=\"`usePlainTextBody`\"\u003e`use_plain_text_body`\u003c/span\u003e isn't set.\n"},"id":{"type":"string"},"name":{"type":"string","description":"Unique name for this email template.\n"},"plainTextBody":{"type":"string","description":"Plain text version of the email message body, required if \u003cspan pulumi-lang-nodejs=\"`usePlainTextBody`\" pulumi-lang-dotnet=\"`UsePlainTextBody`\" pulumi-lang-go=\"`usePlainTextBody`\" pulumi-lang-python=\"`use_plain_text_body`\" pulumi-lang-yaml=\"`usePlainTextBody`\" pulumi-lang-java=\"`usePlainTextBody`\"\u003e`use_plain_text_body`\u003c/span\u003e is set to \u003cspan pulumi-lang-nodejs=\"`true`\" pulumi-lang-dotnet=\"`True`\" pulumi-lang-go=\"`true`\" pulumi-lang-python=\"`true`\" pulumi-lang-yaml=\"`true`\" pulumi-lang-java=\"`true`\"\u003e`true`\u003c/span\u003e.\n"},"subject":{"type":"string","description":"Subject line of the email message.\n"},"usePlainTextBody":{"type":"boolean","description":"Whether to use the plain text body instead of HTML for the email.\n"}},"type":"object","required":["name","subject"],"language":{"nodejs":{"requiredOutputs":["active","htmlBody","id","name","plainTextBody","subject","usePlainTextBody"]}}},"descope:index/ProjectAuthenticationOtpTextService:ProjectAuthenticationOtpTextService":{"properties":{"connector":{"type":"string","description":"The name of the SMS/text connector to use for sending text messages.\n"},"templates":{"type":"array","items":{"$ref":"#/types/descope:index/ProjectAuthenticationOtpTextServiceTemplate:ProjectAuthenticationOtpTextServiceTemplate"},"description":"A list of text message templates for different authentication flows.\n"}},"type":"object","required":["connector"],"language":{"nodejs":{"requiredOutputs":["connector","templates"]}}},"descope:index/ProjectAuthenticationOtpTextServiceTemplate:ProjectAuthenticationOtpTextServiceTemplate":{"properties":{"active":{"type":"boolean","description":"Whether this text template is currently active and in use.\n"},"body":{"type":"string","description":"The content of the text message.\n"},"id":{"type":"string"},"name":{"type":"string","description":"Unique name for this text template.\n"}},"type":"object","required":["body","name"],"language":{"nodejs":{"requiredOutputs":["active","body","id","name"]}}},"descope:index/ProjectAuthenticationOtpVoiceService:ProjectAuthenticationOtpVoiceService":{"properties":{"connector":{"type":"string","description":"The name of the voice connector to use for making voice calls.\n"},"templates":{"type":"array","items":{"$ref":"#/types/descope:index/ProjectAuthenticationOtpVoiceServiceTemplate:ProjectAuthenticationOtpVoiceServiceTemplate"},"description":"A list of voice message templates for different purposes.\n"}},"type":"object","required":["connector"],"language":{"nodejs":{"requiredOutputs":["connector","templates"]}}},"descope:index/ProjectAuthenticationOtpVoiceServiceTemplate:ProjectAuthenticationOtpVoiceServiceTemplate":{"properties":{"active":{"type":"boolean","description":"Whether this voice template is currently active and in use.\n"},"body":{"type":"string","description":"The content of the voice message that will be spoken.\n"},"id":{"type":"string"},"name":{"type":"string","description":"Unique name for this voice template.\n"}},"type":"object","required":["body","name"],"language":{"nodejs":{"requiredOutputs":["active","body","id","name"]}}},"descope:index/ProjectAuthenticationPasskeys:ProjectAuthenticationPasskeys":{"properties":{"disabled":{"type":"boolean","description":"Setting this to \u003cspan pulumi-lang-nodejs=\"`true`\" pulumi-lang-dotnet=\"`True`\" pulumi-lang-go=\"`true`\" pulumi-lang-python=\"`true`\" pulumi-lang-yaml=\"`true`\" pulumi-lang-java=\"`true`\"\u003e`true`\u003c/span\u003e will disallow using this authentication method directly via API and SDK calls. Note that this does not affect authentication flows that are configured to use this authentication method.\n"},"topLevelDomain":{"type":"string","description":"Passkeys will be usable in the following domain and all its subdomains.\n"}},"type":"object","language":{"nodejs":{"requiredOutputs":["disabled","topLevelDomain"]}}},"descope:index/ProjectAuthenticationPassword:ProjectAuthenticationPassword":{"properties":{"disabled":{"type":"boolean","description":"Setting this to \u003cspan pulumi-lang-nodejs=\"`true`\" pulumi-lang-dotnet=\"`True`\" pulumi-lang-go=\"`true`\" pulumi-lang-python=\"`true`\" pulumi-lang-yaml=\"`true`\" pulumi-lang-java=\"`true`\"\u003e`true`\u003c/span\u003e will disallow using this authentication method directly via API and SDK calls. Note that this does not affect authentication flows that are configured to use this authentication method.\n"},"emailService":{"$ref":"#/types/descope:index/ProjectAuthenticationPasswordEmailService:ProjectAuthenticationPasswordEmailService","description":"Settings related to sending password reset emails as part of the password feature.\n"},"expiration":{"type":"boolean","description":"Whether users are required to change their password periodically.\n"},"expirationWeeks":{"type":"integer","description":"The number of weeks after which a user's password expires and they need to replace it.\n"},"lock":{"type":"boolean","description":"Whether the user account should be locked after a specified number of failed login attempts.\n"},"lockAttempts":{"type":"integer","description":"The number of failed login attempts allowed before an account is locked.\n"},"lowercase":{"type":"boolean","description":"Whether passwords must contain at least one lowercase letter.\n"},"maskErrors":{"type":"boolean","description":"Prevents information about user accounts from being revealed in error messages, e.g., whether a user already exists.\n"},"minLength":{"type":"integer","description":"The minimum length of the password that users are required to use. The maximum length is always \u003cspan pulumi-lang-nodejs=\"`64`\" pulumi-lang-dotnet=\"`64`\" pulumi-lang-go=\"`64`\" pulumi-lang-python=\"`64`\" pulumi-lang-yaml=\"`64`\" pulumi-lang-java=\"`64`\"\u003e`64`\u003c/span\u003e.\n"},"nonAlphanumeric":{"type":"boolean","description":"Whether passwords must contain at least one non-alphanumeric character (e.g. `!`, `@`, `#`).\n"},"number":{"type":"boolean","description":"Whether passwords must contain at least one number.\n"},"reuse":{"type":"boolean","description":"Whether to forbid password reuse when users change their password.\n"},"reuseAmount":{"type":"integer","description":"The number of previous passwords whose hashes are kept to prevent users from reusing old passwords.\n"},"temporaryLock":{"type":"boolean","description":"Whether the user account should be temporarily locked after a specified number of failed login attempts.\n"},"temporaryLockAttempts":{"type":"integer","description":"The number of failed login attempts allowed before an account is temporarily locked.\n"},"temporaryLockDuration":{"type":"string","description":"The amount of time before the user can sign in again after the account is temporarily locked.\n"},"uppercase":{"type":"boolean","description":"Whether passwords must contain at least one uppercase letter.\n"}},"type":"object","language":{"nodejs":{"requiredOutputs":["disabled","emailService","expiration","expirationWeeks","lock","lockAttempts","lowercase","maskErrors","minLength","nonAlphanumeric","number","reuse","reuseAmount","temporaryLock","temporaryLockAttempts","temporaryLockDuration","uppercase"]}}},"descope:index/ProjectAuthenticationPasswordEmailService:ProjectAuthenticationPasswordEmailService":{"properties":{"connector":{"type":"string","description":"The name of the email connector to use for sending emails.\n"},"templates":{"type":"array","items":{"$ref":"#/types/descope:index/ProjectAuthenticationPasswordEmailServiceTemplate:ProjectAuthenticationPasswordEmailServiceTemplate"},"description":"A list of email templates for different authentication flows.\n"}},"type":"object","required":["connector"],"language":{"nodejs":{"requiredOutputs":["connector","templates"]}}},"descope:index/ProjectAuthenticationPasswordEmailServiceTemplate:ProjectAuthenticationPasswordEmailServiceTemplate":{"properties":{"active":{"type":"boolean","description":"Whether this email template is currently active and in use.\n"},"htmlBody":{"type":"string","description":"HTML content of the email message body, required if \u003cspan pulumi-lang-nodejs=\"`usePlainTextBody`\" pulumi-lang-dotnet=\"`UsePlainTextBody`\" pulumi-lang-go=\"`usePlainTextBody`\" pulumi-lang-python=\"`use_plain_text_body`\" pulumi-lang-yaml=\"`usePlainTextBody`\" pulumi-lang-java=\"`usePlainTextBody`\"\u003e`use_plain_text_body`\u003c/span\u003e isn't set.\n"},"id":{"type":"string"},"name":{"type":"string","description":"Unique name for this email template.\n"},"plainTextBody":{"type":"string","description":"Plain text version of the email message body, required if \u003cspan pulumi-lang-nodejs=\"`usePlainTextBody`\" pulumi-lang-dotnet=\"`UsePlainTextBody`\" pulumi-lang-go=\"`usePlainTextBody`\" pulumi-lang-python=\"`use_plain_text_body`\" pulumi-lang-yaml=\"`usePlainTextBody`\" pulumi-lang-java=\"`usePlainTextBody`\"\u003e`use_plain_text_body`\u003c/span\u003e is set to \u003cspan pulumi-lang-nodejs=\"`true`\" pulumi-lang-dotnet=\"`True`\" pulumi-lang-go=\"`true`\" pulumi-lang-python=\"`true`\" pulumi-lang-yaml=\"`true`\" pulumi-lang-java=\"`true`\"\u003e`true`\u003c/span\u003e.\n"},"subject":{"type":"string","description":"Subject line of the email message.\n"},"usePlainTextBody":{"type":"boolean","description":"Whether to use the plain text body instead of HTML for the email.\n"}},"type":"object","required":["name","subject"],"language":{"nodejs":{"requiredOutputs":["active","htmlBody","id","name","plainTextBody","subject","usePlainTextBody"]}}},"descope:index/ProjectAuthenticationSso:ProjectAuthenticationSso":{"properties":{"allowDuplicateDomains":{"type":"boolean","description":"Whether to allow duplicate SSO domains across tenants.\n"},"allowOverrideRoles":{"type":"boolean","description":"Whether to allow overriding user's roles with SSO related roles.\n"},"disabled":{"type":"boolean","description":"Setting this to \u003cspan pulumi-lang-nodejs=\"`true`\" pulumi-lang-dotnet=\"`True`\" pulumi-lang-go=\"`true`\" pulumi-lang-python=\"`true`\" pulumi-lang-yaml=\"`true`\" pulumi-lang-java=\"`true`\"\u003e`true`\u003c/span\u003e will disallow using this authentication method directly via API and SDK calls. Note that this does not affect authentication flows that are configured to use this authentication method.\n"},"mergeUsers":{"type":"boolean","description":"Whether to merge existing user accounts with new ones created through SSO authentication.\n"},"redirectUrl":{"type":"string","description":"The URL the end user is redirected to after a successful authentication. If one is specified in tenant level settings or SDK/API call, they will override this value.\n"},"ssoSuiteSettings":{"$ref":"#/types/descope:index/ProjectAuthenticationSsoSsoSuiteSettings:ProjectAuthenticationSsoSsoSuiteSettings","description":"Configuration block for the SSO Suite.\n"}},"type":"object","language":{"nodejs":{"requiredOutputs":["allowDuplicateDomains","allowOverrideRoles","disabled","mergeUsers","redirectUrl","ssoSuiteSettings"]}}},"descope:index/ProjectAuthenticationSsoSsoSuiteSettings:ProjectAuthenticationSsoSsoSuiteSettings":{"properties":{"forceDomainVerification":{"type":"boolean","description":"Setting this to \u003cspan pulumi-lang-nodejs=\"`true`\" pulumi-lang-dotnet=\"`True`\" pulumi-lang-go=\"`true`\" pulumi-lang-python=\"`true`\" pulumi-lang-yaml=\"`true`\" pulumi-lang-java=\"`true`\"\u003e`true`\u003c/span\u003e will allow only verified domains to be used.\n"},"hideDomains":{"type":"boolean","description":"Setting this to \u003cspan pulumi-lang-nodejs=\"`true`\" pulumi-lang-dotnet=\"`True`\" pulumi-lang-go=\"`true`\" pulumi-lang-python=\"`true`\" pulumi-lang-yaml=\"`true`\" pulumi-lang-java=\"`true`\"\u003e`true`\u003c/span\u003e will hide the domains configuration section in the SSO Suite interface.\n"},"hideGroupsMapping":{"type":"boolean","description":"Setting this to \u003cspan pulumi-lang-nodejs=\"`true`\" pulumi-lang-dotnet=\"`True`\" pulumi-lang-go=\"`true`\" pulumi-lang-python=\"`true`\" pulumi-lang-yaml=\"`true`\" pulumi-lang-java=\"`true`\"\u003e`true`\u003c/span\u003e will hide the groups mapping configuration section in the SSO Suite interface.\n"},"hideOidc":{"type":"boolean","description":"Setting this to \u003cspan pulumi-lang-nodejs=\"`true`\" pulumi-lang-dotnet=\"`True`\" pulumi-lang-go=\"`true`\" pulumi-lang-python=\"`true`\" pulumi-lang-yaml=\"`true`\" pulumi-lang-java=\"`true`\"\u003e`true`\u003c/span\u003e will hide the OIDC configuration option.\n"},"hideSaml":{"type":"boolean","description":"Setting this to \u003cspan pulumi-lang-nodejs=\"`true`\" pulumi-lang-dotnet=\"`True`\" pulumi-lang-go=\"`true`\" pulumi-lang-python=\"`true`\" pulumi-lang-yaml=\"`true`\" pulumi-lang-java=\"`true`\"\u003e`true`\u003c/span\u003e will hide the SAML configuration option.\n"},"hideScim":{"type":"boolean","description":"Setting this to \u003cspan pulumi-lang-nodejs=\"`true`\" pulumi-lang-dotnet=\"`True`\" pulumi-lang-go=\"`true`\" pulumi-lang-python=\"`true`\" pulumi-lang-yaml=\"`true`\" pulumi-lang-java=\"`true`\"\u003e`true`\u003c/span\u003e will hide the SCIM configuration in the SSO Suite interface.\n"},"styleId":{"type":"string","description":"Specifies the style ID to apply in the SSO Suite. Ensure a style with this ID exists in the console for it to be used.\n"}},"type":"object","language":{"nodejs":{"requiredOutputs":["forceDomainVerification","hideDomains","hideGroupsMapping","hideOidc","hideSaml","hideScim","styleId"]}}},"descope:index/ProjectAuthenticationTotp:ProjectAuthenticationTotp":{"properties":{"disabled":{"type":"boolean","description":"Setting this to \u003cspan pulumi-lang-nodejs=\"`true`\" pulumi-lang-dotnet=\"`True`\" pulumi-lang-go=\"`true`\" pulumi-lang-python=\"`true`\" pulumi-lang-yaml=\"`true`\" pulumi-lang-java=\"`true`\"\u003e`true`\u003c/span\u003e will disallow using this authentication method directly via API and SDK calls. Note that this does not affect authentication flows that are configured to use this authentication method.\n"},"serviceLabel":{"type":"string","description":"The template for the service issuer label (issuer) shown in the authenticator app.\n"}},"type":"object","language":{"nodejs":{"requiredOutputs":["disabled","serviceLabel"]}}},"descope:index/ProjectAuthorization:ProjectAuthorization":{"properties":{"permissions":{"type":"array","items":{"$ref":"#/types/descope:index/ProjectAuthorizationPermission:ProjectAuthorizationPermission"},"description":"A list of `Permission` objects.\n"},"roles":{"type":"array","items":{"$ref":"#/types/descope:index/ProjectAuthorizationRole:ProjectAuthorizationRole"},"description":"A list of `Role` objects.\n"}},"type":"object","language":{"nodejs":{"requiredOutputs":["permissions","roles"]}}},"descope:index/ProjectAuthorizationPermission:ProjectAuthorizationPermission":{"properties":{"description":{"type":"string","description":"A description for the permission.\n"},"id":{"type":"string"},"name":{"type":"string","description":"A name for the permission.\n"}},"type":"object","required":["name"],"language":{"nodejs":{"requiredOutputs":["description","id","name"]}}},"descope:index/ProjectAuthorizationRole:ProjectAuthorizationRole":{"properties":{"default":{"type":"boolean","description":"Whether this role should automatically be assigned to users that are created without any roles.\n"},"description":{"type":"string","description":"A description for the role.\n"},"id":{"type":"string"},"key":{"type":"string"},"name":{"type":"string","description":"A name for the role.\n"},"permissions":{"type":"array","items":{"type":"string"},"description":"A list of permissions by name to be included in the role.\n"},"private":{"type":"boolean","description":"Whether this role should not be displayed to tenant admins.\n"}},"type":"object","required":["name"],"language":{"nodejs":{"requiredOutputs":["default","description","id","key","name","permissions","private"]}}},"descope:index/ProjectConnectors:ProjectConnectors":{"properties":{"abuseipdbs":{"type":"array","items":{"$ref":"#/types/descope:index/ProjectConnectorsAbuseipdb:ProjectConnectorsAbuseipdb"},"description":"Utilize IP threat intelligence to block malicious login attempts with the AbuseIPDB connector.\n"},"amplitudes":{"type":"array","items":{"$ref":"#/types/descope:index/ProjectConnectorsAmplitude:ProjectConnectorsAmplitude"},"description":"Track user activity and traits at any point in your user journey with the Amplitude connector.\n"},"auditWebhooks":{"type":"array","items":{"$ref":"#/types/descope:index/ProjectConnectorsAuditWebhook:ProjectConnectorsAuditWebhook"},"description":"Send audit events to a custom webhook.\n"},"awsS3s":{"type":"array","items":{"$ref":"#/types/descope:index/ProjectConnectorsAwsS3:ProjectConnectorsAwsS3"},"description":"Stream authentication audit logs with the Amazon S3 connector.\n"},"awsTranslates":{"type":"array","items":{"$ref":"#/types/descope:index/ProjectConnectorsAwsTranslate:ProjectConnectorsAwsTranslate"},"description":"Localize the language of your login and user journey screens with the Amazon Translate connector.\n"},"bitsights":{"type":"array","items":{"$ref":"#/types/descope:index/ProjectConnectorsBitsight:ProjectConnectorsBitsight"},"description":"Utilize threat intelligence to block malicious login attempts or check leaks with the Bitsight Threat Intelligence connector.\n"},"datadogs":{"type":"array","items":{"$ref":"#/types/descope:index/ProjectConnectorsDatadog:ProjectConnectorsDatadog"},"description":"Stream authentication audit logs with the Datadog connector.\n"},"devrevGrows":{"type":"array","items":{"$ref":"#/types/descope:index/ProjectConnectorsDevrevGrow:ProjectConnectorsDevrevGrow"},"description":"DevRev Grow is a Growth CRM that brings salespeople, product marketers, and PMs onto an AI-native platform to follow the journey of a visitor to a lead, to a contact, and then to a user - to create a champion, not a churned user.\n"},"docebos":{"type":"array","items":{"$ref":"#/types/descope:index/ProjectConnectorsDocebo:ProjectConnectorsDocebo"},"description":"Get user information from Docebo in your Descope user journeys with the Docebo connector.\n"},"eightByEightVibers":{"type":"array","items":{"$ref":"#/types/descope:index/ProjectConnectorsEightByEightViber:ProjectConnectorsEightByEightViber"},"description":"Send Viber messages to the user.\n"},"eightByEightWhatsapps":{"type":"array","items":{"$ref":"#/types/descope:index/ProjectConnectorsEightByEightWhatsapp:ProjectConnectorsEightByEightWhatsapp"},"description":"Send WhatsApp messages to the user.\n"},"elephants":{"type":"array","items":{"$ref":"#/types/descope:index/ProjectConnectorsElephant:ProjectConnectorsElephant"},"description":"Use this connector to obtain an identity trust score.\n"},"externalTokenHttps":{"type":"array","items":{"$ref":"#/types/descope:index/ProjectConnectorsExternalTokenHttp:ProjectConnectorsExternalTokenHttp"},"description":"A generic HTTP token connector.\n"},"fingerprintDescopes":{"type":"array","items":{"$ref":"#/types/descope:index/ProjectConnectorsFingerprintDescope:ProjectConnectorsFingerprintDescope"},"description":"Descope Fingerprint capabilities for fraud detection and risk assessment.\n"},"fingerprints":{"type":"array","items":{"$ref":"#/types/descope:index/ProjectConnectorsFingerprint:ProjectConnectorsFingerprint"},"description":"Prevent fraud by adding device intelligence with the Fingerprint connector.\n"},"firebaseAdmins":{"type":"array","items":{"$ref":"#/types/descope:index/ProjectConnectorsFirebaseAdmin:ProjectConnectorsFirebaseAdmin"},"description":"Firebase connector enables you to utilize Firebase's APIs to generate a Firebase user token for a given Descope user.\n"},"forters":{"type":"array","items":{"$ref":"#/types/descope:index/ProjectConnectorsForter:ProjectConnectorsForter"},"description":"Leverage ML-based risk scores for fraud prevention with the Forter connector.\n"},"genericEmailGateways":{"type":"array","items":{"$ref":"#/types/descope:index/ProjectConnectorsGenericEmailGateway:ProjectConnectorsGenericEmailGateway"},"description":"Send emails using a generic Email gateway.\n"},"genericSmsGateways":{"type":"array","items":{"$ref":"#/types/descope:index/ProjectConnectorsGenericSmsGateway:ProjectConnectorsGenericSmsGateway"},"description":"Send messages using a generic SMS gateway.\n"},"googleCloudLoggings":{"type":"array","items":{"$ref":"#/types/descope:index/ProjectConnectorsGoogleCloudLogging:ProjectConnectorsGoogleCloudLogging"},"description":"Stream logs and audit events with the Google Cloud Logging connector.\n"},"googleCloudTranslations":{"type":"array","items":{"$ref":"#/types/descope:index/ProjectConnectorsGoogleCloudTranslation:ProjectConnectorsGoogleCloudTranslation"},"description":"Localize the language of your login and user journey screens with the Google Cloud Translation connector.\n"},"googleMapsPlaces":{"type":"array","items":{"$ref":"#/types/descope:index/ProjectConnectorsGoogleMapsPlace:ProjectConnectorsGoogleMapsPlace"},"description":"Get address autocompletions from Place Autocomplete Data API.\n"},"hibps":{"type":"array","items":{"$ref":"#/types/descope:index/ProjectConnectorsHibp:ProjectConnectorsHibp"},"description":"Check if passwords have been previously exposed in data breaches with the Have I Been Pwned connector.\n"},"https":{"type":"array","items":{"$ref":"#/types/descope:index/ProjectConnectorsHttp:ProjectConnectorsHttp"},"description":"A general purpose HTTP client\n"},"hubspots":{"type":"array","items":{"$ref":"#/types/descope:index/ProjectConnectorsHubspot:ProjectConnectorsHubspot"},"description":"Orchestrate customer identity information from your Descope user journey with the HubSpot connector.\n"},"incodes":{"type":"array","items":{"$ref":"#/types/descope:index/ProjectConnectorsIncode:ProjectConnectorsIncode"},"description":"Use the Incode connection to run identity verification processes like document checks or facial recognition.\n"},"intercoms":{"type":"array","items":{"$ref":"#/types/descope:index/ProjectConnectorsIntercom:ProjectConnectorsIntercom"},"description":"Orchestrate customer identity information from your Descope user journey with the Intercom connector.\n"},"lokalises":{"type":"array","items":{"$ref":"#/types/descope:index/ProjectConnectorsLokalise:ProjectConnectorsLokalise"},"description":"Localize the language of your login and user journey screens with the Lokalise connector.\n"},"mparticles":{"type":"array","items":{"$ref":"#/types/descope:index/ProjectConnectorsMparticle:ProjectConnectorsMparticle"},"description":"Track and send user event data (e.g. page views, purchases, etc.) across connected tools using the mParticle connector.\n"},"newrelics":{"type":"array","items":{"$ref":"#/types/descope:index/ProjectConnectorsNewrelic:ProjectConnectorsNewrelic"},"description":"Stream authentication audit logs with the New Relic connector.\n"},"radars":{"type":"array","items":{"$ref":"#/types/descope:index/ProjectConnectorsRadar:ProjectConnectorsRadar"},"description":"Get address autocompletions from Radar Autocomplete API.\n"},"recaptchaEnterprises":{"type":"array","items":{"$ref":"#/types/descope:index/ProjectConnectorsRecaptchaEnterprise:ProjectConnectorsRecaptchaEnterprise"},"description":"Mitigate fraud using advanced risk analysis and add adaptive MFA with the reCAPTCHA Enterprise connector.\n"},"recaptchas":{"type":"array","items":{"$ref":"#/types/descope:index/ProjectConnectorsRecaptcha:ProjectConnectorsRecaptcha"},"description":"Prevent bot attacks on your login pages with the reCAPTCHA v3 connector.\n"},"rekognitions":{"type":"array","items":{"$ref":"#/types/descope:index/ProjectConnectorsRekognition:ProjectConnectorsRekognition"},"description":"Add image recognition capabilities for identity verification and fraud prevention with the Amazon Rekognition connector.\n"},"salesforceMarketingClouds":{"type":"array","items":{"$ref":"#/types/descope:index/ProjectConnectorsSalesforceMarketingCloud:ProjectConnectorsSalesforceMarketingCloud"},"description":"Send transactional messages with the Salesforce Marketing Cloud connector.\n"},"salesforces":{"type":"array","items":{"$ref":"#/types/descope:index/ProjectConnectorsSalesforce:ProjectConnectorsSalesforce"},"description":"Run SQL queries to retrieve user roles, profiles, account status, and more with the Salesforce connector.\n"},"sardines":{"type":"array","items":{"$ref":"#/types/descope:index/ProjectConnectorsSardine:ProjectConnectorsSardine"},"description":"Evaluate customer risk using Sardine\n"},"segments":{"type":"array","items":{"$ref":"#/types/descope:index/ProjectConnectorsSegment:ProjectConnectorsSegment"},"description":"Orchestrate customer identity traits and signals from your Descope user journey with the Segment connector.\n"},"sendgrids":{"type":"array","items":{"$ref":"#/types/descope:index/ProjectConnectorsSendgrid:ProjectConnectorsSendgrid"},"description":"SendGrid is a cloud-based SMTP provider that allows you to send emails without having to maintain email servers.\n"},"ses":{"type":"array","items":{"$ref":"#/types/descope:index/ProjectConnectorsSe:ProjectConnectorsSe"},"description":"Amazon Simple Email Service (SES) for sending emails through AWS infrastructure.\n"},"slacks":{"type":"array","items":{"$ref":"#/types/descope:index/ProjectConnectorsSlack:ProjectConnectorsSlack"},"description":"Send updates to your team on Slack.\n"},"smartlings":{"type":"array","items":{"$ref":"#/types/descope:index/ProjectConnectorsSmartling:ProjectConnectorsSmartling"},"description":"Localize the language of your login and user journey screens with the Smartling connector.\n"},"smtps":{"type":"array","items":{"$ref":"#/types/descope:index/ProjectConnectorsSmtp:ProjectConnectorsSmtp"},"description":"Simple Mail Transfer Protocol (SMTP) server for sending emails.\n"},"sns":{"type":"array","items":{"$ref":"#/types/descope:index/ProjectConnectorsSn:ProjectConnectorsSn"},"description":"Amazon Simple Notification Service (SNS) for sending SMS messages through AWS.\n"},"sumologics":{"type":"array","items":{"$ref":"#/types/descope:index/ProjectConnectorsSumologic:ProjectConnectorsSumologic"},"description":"Stream logs and audit events with the Sumo Logic connector.\n"},"supabases":{"type":"array","items":{"$ref":"#/types/descope:index/ProjectConnectorsSupabase:ProjectConnectorsSupabase"},"description":"Generate external tokens for user authentication in Supabase projects.\n"},"telesigns":{"type":"array","items":{"$ref":"#/types/descope:index/ProjectConnectorsTelesign:ProjectConnectorsTelesign"},"description":"Verify phone numbers and leverage granular risk scores for adaptive MFA with the Telesign Intelligence connector.\n"},"traceables":{"type":"array","items":{"$ref":"#/types/descope:index/ProjectConnectorsTraceable:ProjectConnectorsTraceable"},"description":"Identify and respond to fraudulent login activity with the Traceable Digital Fraud Prevention connector.\n"},"turnstiles":{"type":"array","items":{"$ref":"#/types/descope:index/ProjectConnectorsTurnstile:ProjectConnectorsTurnstile"},"description":"Prevent bot attacks on your login pages with the Turnstile connector.\n"},"twilioCores":{"type":"array","items":{"$ref":"#/types/descope:index/ProjectConnectorsTwilioCore:ProjectConnectorsTwilioCore"},"description":"Twilio is a cloud-based communication provider of communication tools for making and receiving phone calls, sending and receiving text messages, and performing other communication functions.\n"},"twilioVerifies":{"type":"array","items":{"$ref":"#/types/descope:index/ProjectConnectorsTwilioVerify:ProjectConnectorsTwilioVerify"},"description":"Twilio Verify is an OTP service that can be used via text messages, instant messaging platforms, voice and e-mail. Choose this connector only if you are a Twilio Verify customer.\n"}},"type":"object","language":{"nodejs":{"requiredOutputs":["abuseipdbs","amplitudes","auditWebhooks","awsS3s","awsTranslates","bitsights","datadogs","devrevGrows","docebos","eightByEightVibers","eightByEightWhatsapps","elephants","externalTokenHttps","fingerprintDescopes","fingerprints","firebaseAdmins","forters","genericEmailGateways","genericSmsGateways","googleCloudLoggings","googleCloudTranslations","googleMapsPlaces","hibps","https","hubspots","incodes","intercoms","lokalises","mparticles","newrelics","radars","recaptchaEnterprises","recaptchas","rekognitions","salesforceMarketingClouds","salesforces","sardines","segments","sendgrids","ses","slacks","smartlings","smtps","sns","sumologics","supabases","telesigns","traceables","turnstiles","twilioCores","twilioVerifies"]}}},"descope:index/ProjectConnectorsAbuseipdb:ProjectConnectorsAbuseipdb":{"properties":{"apiKey":{"type":"string","description":"The unique AbuseIPDB API key.\n","secret":true},"description":{"type":"string","description":"A description of what your connector is used for.\n"},"id":{"type":"string"},"name":{"type":"string","description":"A custom name for your connector.\n"}},"type":"object","required":["apiKey","name"],"language":{"nodejs":{"requiredOutputs":["apiKey","description","id","name"]}}},"descope:index/ProjectConnectorsAmplitude:ProjectConnectorsAmplitude":{"properties":{"apiKey":{"type":"string","description":"The Amplitude API Key generated for the Descope service.\n","secret":true},"description":{"type":"string","description":"A description of what your connector is used for.\n"},"id":{"type":"string"},"name":{"type":"string","description":"A custom name for your connector.\n"},"serverUrl":{"type":"string","description":"The server URL of the Amplitude API, when using different api or a custom domain in Amplitude.\n"},"serverZone":{"type":"string","description":"`EU` or `US`. Sets the Amplitude server zone. Set this to `EU` for Amplitude projects created in `EU` data center. Default is `US`.\n"}},"type":"object","required":["apiKey","name"],"language":{"nodejs":{"requiredOutputs":["apiKey","description","id","name","serverUrl","serverZone"]}}},"descope:index/ProjectConnectorsAuditWebhook:ProjectConnectorsAuditWebhook":{"properties":{"auditFilters":{"type":"array","items":{"$ref":"#/types/descope:index/ProjectConnectorsAuditWebhookAuditFilter:ProjectConnectorsAuditWebhookAuditFilter"},"description":"Specify which events will be sent to the external audit service (including tenant selection).\n"},"authentication":{"$ref":"#/types/descope:index/ProjectConnectorsAuditWebhookAuthentication:ProjectConnectorsAuditWebhookAuthentication","description":"Authentication Information\n"},"baseUrl":{"type":"string","description":"The base URL to fetch\n"},"description":{"type":"string","description":"A description of what your connector is used for.\n"},"headers":{"type":"object","additionalProperties":{"type":"string"},"description":"The headers to send with the request\n"},"hmacSecret":{"type":"string","description":"HMAC is a method for message signing with a symmetrical key. This secret will be used to sign the payload, and the resulting signature will be sent in the `x-descope-webhook-s256` header. The receiving service should use this secret to verify the integrity and authenticity of the payload by checking the provided signature\n","secret":true},"id":{"type":"string"},"insecure":{"type":"boolean","description":"Will ignore certificate errors raised by the client\n"},"name":{"type":"string","description":"A custom name for your connector.\n"}},"type":"object","required":["baseUrl","name"],"language":{"nodejs":{"requiredOutputs":["auditFilters","authentication","baseUrl","description","headers","hmacSecret","id","insecure","name"]}}},"descope:index/ProjectConnectorsAuditWebhookAuditFilter:ProjectConnectorsAuditWebhookAuditFilter":{"properties":{"key":{"type":"string","description":"The field name to filter on (either 'actions' or 'tenants').\n"},"operator":{"type":"string","description":"The filter operation to apply ('includes' or 'excludes').\n"},"values":{"type":"array","items":{"type":"string"},"description":"The list of values to match against for the filter.\n"}},"type":"object","required":["key","operator","values"]},"descope:index/ProjectConnectorsAuditWebhookAuthentication:ProjectConnectorsAuditWebhookAuthentication":{"properties":{"apiKey":{"$ref":"#/types/descope:index/ProjectConnectorsAuditWebhookAuthenticationApiKey:ProjectConnectorsAuditWebhookAuthenticationApiKey","description":"API key authentication configuration.\n"},"basic":{"$ref":"#/types/descope:index/ProjectConnectorsAuditWebhookAuthenticationBasic:ProjectConnectorsAuditWebhookAuthenticationBasic","description":"Basic authentication credentials (username and password).\n"},"bearerToken":{"type":"string","description":"Bearer token for HTTP authentication.\n","secret":true}},"type":"object","language":{"nodejs":{"requiredOutputs":["apiKey","basic","bearerToken"]}}},"descope:index/ProjectConnectorsAuditWebhookAuthenticationApiKey:ProjectConnectorsAuditWebhookAuthenticationApiKey":{"properties":{"key":{"type":"string","description":"The API key.\n"},"token":{"type":"string","description":"The API secret.\n","secret":true}},"type":"object","required":["key","token"]},"descope:index/ProjectConnectorsAuditWebhookAuthenticationBasic:ProjectConnectorsAuditWebhookAuthenticationBasic":{"properties":{"password":{"type":"string","description":"Password for basic HTTP authentication.\n","secret":true},"username":{"type":"string","description":"Username for basic HTTP authentication.\n"}},"type":"object","required":["password","username"]},"descope:index/ProjectConnectorsAwsS3:ProjectConnectorsAwsS3":{"properties":{"accessKeyId":{"type":"string","description":"The unique AWS access key ID.\n","secret":true},"auditEnabled":{"type":"boolean","description":"Whether to enable streaming of audit events.\n"},"auditFilters":{"type":"array","items":{"$ref":"#/types/descope:index/ProjectConnectorsAwsS3AuditFilter:ProjectConnectorsAwsS3AuditFilter"},"description":"Specify which events will be sent to the external audit service (including tenant selection).\n"},"authType":{"type":"string","description":"The authentication type to use.\n"},"bucket":{"type":"string","description":"The AWS S3 bucket. This bucket should already exist for the connector to work.\n"},"description":{"type":"string","description":"A description of what your connector is used for.\n"},"externalId":{"type":"string","description":"The external ID to use when assuming the role.\n"},"id":{"type":"string"},"name":{"type":"string","description":"A custom name for your connector.\n"},"region":{"type":"string","description":"The AWS S3 region, e.g. `us-east-1`.\n"},"roleArn":{"type":"string","description":"The Amazon Resource Name (ARN) of the role to assume.\n"},"secretAccessKey":{"type":"string","description":"The secret AWS access key.\n","secret":true},"troubleshootLogEnabled":{"type":"boolean","description":"Whether to send troubleshooting events.\n"}},"type":"object","required":["bucket","name","region"],"language":{"nodejs":{"requiredOutputs":["accessKeyId","auditEnabled","auditFilters","authType","bucket","description","externalId","id","name","region","roleArn","secretAccessKey","troubleshootLogEnabled"]}}},"descope:index/ProjectConnectorsAwsS3AuditFilter:ProjectConnectorsAwsS3AuditFilter":{"properties":{"key":{"type":"string","description":"The field name to filter on (either 'actions' or 'tenants').\n"},"operator":{"type":"string","description":"The filter operation to apply ('includes' or 'excludes').\n"},"values":{"type":"array","items":{"type":"string"},"description":"The list of values to match against for the filter.\n"}},"type":"object","required":["key","operator","values"]},"descope:index/ProjectConnectorsAwsTranslate:ProjectConnectorsAwsTranslate":{"properties":{"accessKeyId":{"type":"string","description":"AWS access key ID.\n"},"description":{"type":"string","description":"A description of what your connector is used for.\n"},"id":{"type":"string"},"name":{"type":"string","description":"A custom name for your connector.\n"},"region":{"type":"string","description":"The AWS region to which this client will send requests. (e.g. us-east-1.)\n"},"secretAccessKey":{"type":"string","description":"AWS secret access key.\n","secret":true},"sessionToken":{"type":"string","description":"(Optional) A security or session token to use with these credentials. Usually present for temporary credentials.\n","secret":true}},"type":"object","required":["accessKeyId","name","region","secretAccessKey"],"language":{"nodejs":{"requiredOutputs":["accessKeyId","description","id","name","region","secretAccessKey","sessionToken"]}}},"descope:index/ProjectConnectorsBitsight:ProjectConnectorsBitsight":{"properties":{"clientId":{"type":"string","description":"API Client ID issued when you create the credentials in Bitsight Threat Intelligence.\n"},"clientSecret":{"type":"string","description":"Client secret issued when you create the credentials in Bitsight Threat Intelligence.\n","secret":true},"description":{"type":"string","description":"A description of what your connector is used for.\n"},"id":{"type":"string"},"name":{"type":"string","description":"A custom name for your connector.\n"}},"type":"object","required":["clientId","clientSecret","name"],"language":{"nodejs":{"requiredOutputs":["clientId","clientSecret","description","id","name"]}}},"descope:index/ProjectConnectorsDatadog:ProjectConnectorsDatadog":{"properties":{"apiKey":{"type":"string","description":"The unique Datadog organization key.\n","secret":true},"auditEnabled":{"type":"boolean","description":"Whether to enable streaming of audit events.\n"},"auditFilters":{"type":"array","items":{"$ref":"#/types/descope:index/ProjectConnectorsDatadogAuditFilter:ProjectConnectorsDatadogAuditFilter"},"description":"Specify which events will be sent to the external audit service (including tenant selection).\n"},"description":{"type":"string","description":"A description of what your connector is used for.\n"},"id":{"type":"string"},"maskPii":{"type":"boolean","description":"Whether to mask personally identifiable information in the logs.\n"},"name":{"type":"string","description":"A custom name for your connector.\n"},"site":{"type":"string","description":"The Datadog site to send logs to. Default is `datadoghq.com`. European, free tier and other customers should set their site accordingly.\n"},"troubleshootLogEnabled":{"type":"boolean","description":"Whether to send troubleshooting events.\n"}},"type":"object","required":["apiKey","name"],"language":{"nodejs":{"requiredOutputs":["apiKey","auditEnabled","auditFilters","description","id","maskPii","name","site","troubleshootLogEnabled"]}}},"descope:index/ProjectConnectorsDatadogAuditFilter:ProjectConnectorsDatadogAuditFilter":{"properties":{"key":{"type":"string","description":"The field name to filter on (either 'actions' or 'tenants').\n"},"operator":{"type":"string","description":"The filter operation to apply ('includes' or 'excludes').\n"},"values":{"type":"array","items":{"type":"string"},"description":"The list of values to match against for the filter.\n"}},"type":"object","required":["key","operator","values"]},"descope:index/ProjectConnectorsDevrevGrow:ProjectConnectorsDevrevGrow":{"properties":{"apiKey":{"type":"string","description":"Authentication to DevRev APIs requires a personal access token (PAT).\n","secret":true},"description":{"type":"string","description":"A description of what your connector is used for.\n"},"id":{"type":"string"},"name":{"type":"string","description":"A custom name for your connector.\n"}},"type":"object","required":["apiKey","name"],"language":{"nodejs":{"requiredOutputs":["apiKey","description","id","name"]}}},"descope:index/ProjectConnectorsDocebo:ProjectConnectorsDocebo":{"properties":{"baseUrl":{"type":"string","description":"The Docebo api base url.\n"},"clientId":{"type":"string","description":"The Docebo OAuth 2.0 app client ID.\n"},"clientSecret":{"type":"string","description":"The Docebo OAuth 2.0 app client secret.\n","secret":true},"description":{"type":"string","description":"A description of what your connector is used for.\n"},"id":{"type":"string"},"name":{"type":"string","description":"A custom name for your connector.\n"},"password":{"type":"string","description":"The Docebo user's password.\n","secret":true},"username":{"type":"string","description":"The Docebo username.\n"}},"type":"object","required":["baseUrl","clientId","clientSecret","name","password","username"],"language":{"nodejs":{"requiredOutputs":["baseUrl","clientId","clientSecret","description","id","name","password","username"]}}},"descope:index/ProjectConnectorsEightByEightViber:ProjectConnectorsEightByEightViber":{"properties":{"apiKey":{"type":"string","description":"The 8x8 API key for authentication.\n"},"country":{"type":"string","description":"The country code or region where your Viber messaging service is configured.\n"},"description":{"type":"string","description":"A description of what your connector is used for.\n"},"id":{"type":"string"},"name":{"type":"string","description":"A custom name for your connector.\n"},"subAccountId":{"type":"string","description":"The 8x8 sub-account ID is required for the Messaging API.\n"},"useStaticIps":{"type":"boolean","description":"Whether the connector should send all requests from specific static IPs.\n"}},"type":"object","required":["apiKey","name","subAccountId"],"language":{"nodejs":{"requiredOutputs":["apiKey","country","description","id","name","subAccountId","useStaticIps"]}}},"descope:index/ProjectConnectorsEightByEightWhatsapp:ProjectConnectorsEightByEightWhatsapp":{"properties":{"apiKey":{"type":"string","description":"The 8x8 API key for authentication.\n"},"country":{"type":"string","description":"The country code or region where your Viber messaging service is configured.\n"},"description":{"type":"string","description":"A description of what your connector is used for.\n"},"id":{"type":"string"},"name":{"type":"string","description":"A custom name for your connector.\n"},"subAccountId":{"type":"string","description":"The 8x8 sub-account ID is required for the Messaging API.\n"},"templateId":{"type":"string","description":"The ID of a WhatsApp message template.\n"},"useStaticIps":{"type":"boolean","description":"Whether the connector should send all requests from specific static IPs.\n"}},"type":"object","required":["apiKey","name","subAccountId","templateId"],"language":{"nodejs":{"requiredOutputs":["apiKey","country","description","id","name","subAccountId","templateId","useStaticIps"]}}},"descope:index/ProjectConnectorsElephant:ProjectConnectorsElephant":{"properties":{"accessKey":{"type":"string","description":"The Elephant access key.\n","secret":true},"description":{"type":"string","description":"A description of what your connector is used for.\n"},"id":{"type":"string"},"name":{"type":"string","description":"A custom name for your connector.\n"}},"type":"object","required":["accessKey","name"],"language":{"nodejs":{"requiredOutputs":["accessKey","description","id","name"]}}},"descope:index/ProjectConnectorsExternalTokenHttp:ProjectConnectorsExternalTokenHttp":{"properties":{"authentication":{"$ref":"#/types/descope:index/ProjectConnectorsExternalTokenHttpAuthentication:ProjectConnectorsExternalTokenHttpAuthentication","description":"Authentication Information\n"},"description":{"type":"string","description":"A description of what your connector is used for.\n"},"endpoint":{"type":"string","description":"The endpoint to get the token from (Using POST method). Descope will send the user information in the body of the request, and should return a JSON response with a 'token' string field.\n"},"headers":{"type":"object","additionalProperties":{"type":"string"},"description":"The headers to send with the request\n"},"hmacSecret":{"type":"string","description":"HMAC is a method for message signing with a symmetrical key. This secret will be used to sign the base64 encoded payload, and the resulting signature will be sent in the `x-descope-webhook-s256` header. The receiving service should use this secret to verify the integrity and authenticity of the payload by checking the provided signature\n","secret":true},"id":{"type":"string"},"insecure":{"type":"boolean","description":"Will ignore certificate errors raised by the client\n"},"name":{"type":"string","description":"A custom name for your connector.\n"},"useStaticIps":{"type":"boolean","description":"Whether the connector should send all requests from specific static IPs.\n"}},"type":"object","required":["endpoint","name"],"language":{"nodejs":{"requiredOutputs":["authentication","description","endpoint","headers","hmacSecret","id","insecure","name","useStaticIps"]}}},"descope:index/ProjectConnectorsExternalTokenHttpAuthentication:ProjectConnectorsExternalTokenHttpAuthentication":{"properties":{"apiKey":{"$ref":"#/types/descope:index/ProjectConnectorsExternalTokenHttpAuthenticationApiKey:ProjectConnectorsExternalTokenHttpAuthenticationApiKey","description":"API key authentication configuration.\n"},"basic":{"$ref":"#/types/descope:index/ProjectConnectorsExternalTokenHttpAuthenticationBasic:ProjectConnectorsExternalTokenHttpAuthenticationBasic","description":"Basic authentication credentials (username and password).\n"},"bearerToken":{"type":"string","description":"Bearer token for HTTP authentication.\n","secret":true}},"type":"object","language":{"nodejs":{"requiredOutputs":["apiKey","basic","bearerToken"]}}},"descope:index/ProjectConnectorsExternalTokenHttpAuthenticationApiKey:ProjectConnectorsExternalTokenHttpAuthenticationApiKey":{"properties":{"key":{"type":"string","description":"The API key.\n"},"token":{"type":"string","description":"The API secret.\n","secret":true}},"type":"object","required":["key","token"]},"descope:index/ProjectConnectorsExternalTokenHttpAuthenticationBasic:ProjectConnectorsExternalTokenHttpAuthenticationBasic":{"properties":{"password":{"type":"string","description":"Password for basic HTTP authentication.\n","secret":true},"username":{"type":"string","description":"Username for basic HTTP authentication.\n"}},"type":"object","required":["password","username"]},"descope:index/ProjectConnectorsFingerprint:ProjectConnectorsFingerprint":{"properties":{"cloudflareEndpointUrl":{"type":"string","description":"The Cloudflare integration Endpoint URL.\n"},"cloudflareScriptUrl":{"type":"string","description":"The Cloudflare integration Script URL.\n"},"description":{"type":"string","description":"A description of what your connector is used for.\n"},"id":{"type":"string"},"name":{"type":"string","description":"A custom name for your connector.\n"},"publicApiKey":{"type":"string","description":"The Fingerprint public API key.\n"},"secretApiKey":{"type":"string","description":"The Fingerprint secret API key.\n","secret":true},"useCloudflareIntegration":{"type":"boolean","description":"Enable to configure the relevant Cloudflare integration parameters if Cloudflare integration is set in your Fingerprint account.\n"}},"type":"object","required":["name","publicApiKey","secretApiKey"],"language":{"nodejs":{"requiredOutputs":["cloudflareEndpointUrl","cloudflareScriptUrl","description","id","name","publicApiKey","secretApiKey","useCloudflareIntegration"]}}},"descope:index/ProjectConnectorsFingerprintDescope:ProjectConnectorsFingerprintDescope":{"properties":{"customDomain":{"type":"string","description":"The custom domain to fetch\n"},"description":{"type":"string","description":"A description of what your connector is used for.\n"},"id":{"type":"string"},"name":{"type":"string","description":"A custom name for your connector.\n"}},"type":"object","required":["name"],"language":{"nodejs":{"requiredOutputs":["customDomain","description","id","name"]}}},"descope:index/ProjectConnectorsFirebaseAdmin:ProjectConnectorsFirebaseAdmin":{"properties":{"description":{"type":"string","description":"A description of what your connector is used for.\n"},"id":{"type":"string"},"name":{"type":"string","description":"A custom name for your connector.\n"},"serviceAccount":{"type":"string","description":"The Firebase service account JSON.\n","secret":true}},"type":"object","required":["name","serviceAccount"],"language":{"nodejs":{"requiredOutputs":["description","id","name","serviceAccount"]}}},"descope:index/ProjectConnectorsForter:ProjectConnectorsForter":{"properties":{"apiVersion":{"type":"string","description":"The Forter API version.\n"},"description":{"type":"string","description":"A description of what your connector is used for.\n"},"id":{"type":"string"},"name":{"type":"string","description":"A custom name for your connector.\n"},"overrideIpAddress":{"type":"string","description":"Override the user IP address.\n"},"overrideUserEmail":{"type":"string","description":"Override the user email.\n"},"overrides":{"type":"boolean","description":"Override the user's IP address or email so that Forter can provide a specific decision or recommendation. Contact the Forter team for further details. Note: Overriding the user IP address or email is intended for testing purpose and should not be utilized in production environments.\n"},"secretKey":{"type":"string","description":"The Forter secret key.\n","secret":true},"siteId":{"type":"string","description":"The Forter site ID.\n"}},"type":"object","required":["name","secretKey","siteId"],"language":{"nodejs":{"requiredOutputs":["apiVersion","description","id","name","overrideIpAddress","overrideUserEmail","overrides","secretKey","siteId"]}}},"descope:index/ProjectConnectorsGenericEmailGateway:ProjectConnectorsGenericEmailGateway":{"properties":{"authentication":{"$ref":"#/types/descope:index/ProjectConnectorsGenericEmailGatewayAuthentication:ProjectConnectorsGenericEmailGatewayAuthentication","description":"Authentication Information\n"},"description":{"type":"string","description":"A description of what your connector is used for.\n"},"headers":{"type":"object","additionalProperties":{"type":"string"},"description":"The headers to send with the request\n"},"hmacSecret":{"type":"string","description":"HMAC is a method for message signing with a symmetrical key. This secret will be used to sign the base64 encoded payload, and the resulting signature will be sent in the `x-descope-webhook-s256` header. The receiving service should use this secret to verify the integrity and authenticity of the payload by checking the provided signature\n","secret":true},"id":{"type":"string"},"insecure":{"type":"boolean","description":"Will ignore certificate errors raised by the client\n"},"name":{"type":"string","description":"A custom name for your connector.\n"},"postUrl":{"type":"string","description":"The URL of the post email request\n"},"sender":{"type":"string","description":"The sender address\n"},"useStaticIps":{"type":"boolean","description":"Whether the connector should send all requests from specific static IPs.\n"}},"type":"object","required":["name","postUrl"],"language":{"nodejs":{"requiredOutputs":["authentication","description","headers","hmacSecret","id","insecure","name","postUrl","sender","useStaticIps"]}}},"descope:index/ProjectConnectorsGenericEmailGatewayAuthentication:ProjectConnectorsGenericEmailGatewayAuthentication":{"properties":{"apiKey":{"$ref":"#/types/descope:index/ProjectConnectorsGenericEmailGatewayAuthenticationApiKey:ProjectConnectorsGenericEmailGatewayAuthenticationApiKey","description":"API key authentication configuration.\n"},"basic":{"$ref":"#/types/descope:index/ProjectConnectorsGenericEmailGatewayAuthenticationBasic:ProjectConnectorsGenericEmailGatewayAuthenticationBasic","description":"Basic authentication credentials (username and password).\n"},"bearerToken":{"type":"string","description":"Bearer token for HTTP authentication.\n","secret":true}},"type":"object","language":{"nodejs":{"requiredOutputs":["apiKey","basic","bearerToken"]}}},"descope:index/ProjectConnectorsGenericEmailGatewayAuthenticationApiKey:ProjectConnectorsGenericEmailGatewayAuthenticationApiKey":{"properties":{"key":{"type":"string","description":"The API key.\n"},"token":{"type":"string","description":"The API secret.\n","secret":true}},"type":"object","required":["key","token"]},"descope:index/ProjectConnectorsGenericEmailGatewayAuthenticationBasic:ProjectConnectorsGenericEmailGatewayAuthenticationBasic":{"properties":{"password":{"type":"string","description":"Password for basic HTTP authentication.\n","secret":true},"username":{"type":"string","description":"Username for basic HTTP authentication.\n"}},"type":"object","required":["password","username"]},"descope:index/ProjectConnectorsGenericSmsGateway:ProjectConnectorsGenericSmsGateway":{"properties":{"authentication":{"$ref":"#/types/descope:index/ProjectConnectorsGenericSmsGatewayAuthentication:ProjectConnectorsGenericSmsGatewayAuthentication","description":"Authentication Information\n"},"description":{"type":"string","description":"A description of what your connector is used for.\n"},"headers":{"type":"object","additionalProperties":{"type":"string"},"description":"The headers to send with the request\n"},"hmacSecret":{"type":"string","description":"HMAC is a method for message signing with a symmetrical key. This secret will be used to sign the base64 encoded payload, and the resulting signature will be sent in the `x-descope-webhook-s256` header. The receiving service should use this secret to verify the integrity and authenticity of the payload by checking the provided signature\n","secret":true},"id":{"type":"string"},"insecure":{"type":"boolean","description":"Will ignore certificate errors raised by the client\n"},"name":{"type":"string","description":"A custom name for your connector.\n"},"postUrl":{"type":"string","description":"The URL of the post message request\n"},"sender":{"type":"string","description":"The sender number\n"},"useStaticIps":{"type":"boolean","description":"Whether the connector should send all requests from specific static IPs.\n"}},"type":"object","required":["name","postUrl"],"language":{"nodejs":{"requiredOutputs":["authentication","description","headers","hmacSecret","id","insecure","name","postUrl","sender","useStaticIps"]}}},"descope:index/ProjectConnectorsGenericSmsGatewayAuthentication:ProjectConnectorsGenericSmsGatewayAuthentication":{"properties":{"apiKey":{"$ref":"#/types/descope:index/ProjectConnectorsGenericSmsGatewayAuthenticationApiKey:ProjectConnectorsGenericSmsGatewayAuthenticationApiKey","description":"API key authentication configuration.\n"},"basic":{"$ref":"#/types/descope:index/ProjectConnectorsGenericSmsGatewayAuthenticationBasic:ProjectConnectorsGenericSmsGatewayAuthenticationBasic","description":"Basic authentication credentials (username and password).\n"},"bearerToken":{"type":"string","description":"Bearer token for HTTP authentication.\n","secret":true}},"type":"object","language":{"nodejs":{"requiredOutputs":["apiKey","basic","bearerToken"]}}},"descope:index/ProjectConnectorsGenericSmsGatewayAuthenticationApiKey:ProjectConnectorsGenericSmsGatewayAuthenticationApiKey":{"properties":{"key":{"type":"string","description":"The API key.\n"},"token":{"type":"string","description":"The API secret.\n","secret":true}},"type":"object","required":["key","token"]},"descope:index/ProjectConnectorsGenericSmsGatewayAuthenticationBasic:ProjectConnectorsGenericSmsGatewayAuthenticationBasic":{"properties":{"password":{"type":"string","description":"Password for basic HTTP authentication.\n","secret":true},"username":{"type":"string","description":"Username for basic HTTP authentication.\n"}},"type":"object","required":["password","username"]},"descope:index/ProjectConnectorsGoogleCloudLogging:ProjectConnectorsGoogleCloudLogging":{"properties":{"auditEnabled":{"type":"boolean","description":"Whether to enable streaming of audit events.\n"},"auditFilters":{"type":"array","items":{"$ref":"#/types/descope:index/ProjectConnectorsGoogleCloudLoggingAuditFilter:ProjectConnectorsGoogleCloudLoggingAuditFilter"},"description":"Specify which events will be sent to the external audit service (including tenant selection).\n"},"description":{"type":"string","description":"A description of what your connector is used for.\n"},"id":{"type":"string"},"name":{"type":"string","description":"A custom name for your connector.\n"},"serviceAccountKey":{"type":"string","description":"A Service Account Key JSON file created from a service account on your Google Cloud project. This file is used to authenticate and authorize the connector to access Google Cloud Logging. The service account this key belongs to must have the appropriate permissions to write logs.\n","secret":true},"troubleshootLogEnabled":{"type":"boolean","description":"Whether to send troubleshooting events.\n"}},"type":"object","required":["name","serviceAccountKey"],"language":{"nodejs":{"requiredOutputs":["auditEnabled","auditFilters","description","id","name","serviceAccountKey","troubleshootLogEnabled"]}}},"descope:index/ProjectConnectorsGoogleCloudLoggingAuditFilter:ProjectConnectorsGoogleCloudLoggingAuditFilter":{"properties":{"key":{"type":"string","description":"The field name to filter on (either 'actions' or 'tenants').\n"},"operator":{"type":"string","description":"The filter operation to apply ('includes' or 'excludes').\n"},"values":{"type":"array","items":{"type":"string"},"description":"The list of values to match against for the filter.\n"}},"type":"object","required":["key","operator","values"]},"descope:index/ProjectConnectorsGoogleCloudTranslation:ProjectConnectorsGoogleCloudTranslation":{"properties":{"description":{"type":"string","description":"A description of what your connector is used for.\n"},"id":{"type":"string"},"name":{"type":"string","description":"A custom name for your connector.\n"},"projectId":{"type":"string","description":"The Google Cloud project ID where the Google Cloud Translation is managed.\n"},"serviceAccountJson":{"type":"string","description":"Service Account JSON associated with the current project.\n","secret":true}},"type":"object","required":["name","projectId","serviceAccountJson"],"language":{"nodejs":{"requiredOutputs":["description","id","name","projectId","serviceAccountJson"]}}},"descope:index/ProjectConnectorsGoogleMapsPlace:ProjectConnectorsGoogleMapsPlace":{"properties":{"addressTypes":{"type":"string","description":"The address types to return.\n"},"description":{"type":"string","description":"A description of what your connector is used for.\n"},"id":{"type":"string"},"language":{"type":"string","description":"The language in which to return results.\n"},"name":{"type":"string","description":"A custom name for your connector.\n"},"publicApiKey":{"type":"string","description":"The Google Maps Places public API key.\n"},"region":{"type":"string","description":"The region code, specified as a CLDR two-character region code.\n"}},"type":"object","required":["name","publicApiKey"],"language":{"nodejs":{"requiredOutputs":["addressTypes","description","id","language","name","publicApiKey","region"]}}},"descope:index/ProjectConnectorsHibp:ProjectConnectorsHibp":{"properties":{"description":{"type":"string","description":"A description of what your connector is used for.\n"},"id":{"type":"string"},"name":{"type":"string","description":"A custom name for your connector.\n"}},"type":"object","required":["name"],"language":{"nodejs":{"requiredOutputs":["description","id","name"]}}},"descope:index/ProjectConnectorsHttp:ProjectConnectorsHttp":{"properties":{"authentication":{"$ref":"#/types/descope:index/ProjectConnectorsHttpAuthentication:ProjectConnectorsHttpAuthentication","description":"Authentication Information\n"},"baseUrl":{"type":"string","description":"The base URL to fetch\n"},"description":{"type":"string","description":"A description of what your connector is used for.\n"},"headers":{"type":"object","additionalProperties":{"type":"string"},"description":"The headers to send with the request\n"},"hmacSecret":{"type":"string","description":"HMAC is a method for message signing with a symmetrical key. This secret will be used to sign the base64 encoded payload, and the resulting signature will be sent in the `x-descope-webhook-s256` header. The receiving service should use this secret to verify the integrity and authenticity of the payload by checking the provided signature\n","secret":true},"id":{"type":"string"},"includeHeadersInContext":{"type":"boolean","description":"The connector response context will also include the headers. The context will have a \"body\" attribute and a \"headers\" attribute. See more details in the help guide\n"},"insecure":{"type":"boolean","description":"Will ignore certificate errors raised by the client\n"},"name":{"type":"string","description":"A custom name for your connector.\n"},"useStaticIps":{"type":"boolean","description":"Whether the connector should send all requests from specific static IPs.\n"}},"type":"object","required":["baseUrl","name"],"language":{"nodejs":{"requiredOutputs":["authentication","baseUrl","description","headers","hmacSecret","id","includeHeadersInContext","insecure","name","useStaticIps"]}}},"descope:index/ProjectConnectorsHttpAuthentication:ProjectConnectorsHttpAuthentication":{"properties":{"apiKey":{"$ref":"#/types/descope:index/ProjectConnectorsHttpAuthenticationApiKey:ProjectConnectorsHttpAuthenticationApiKey","description":"API key authentication configuration.\n"},"basic":{"$ref":"#/types/descope:index/ProjectConnectorsHttpAuthenticationBasic:ProjectConnectorsHttpAuthenticationBasic","description":"Basic authentication credentials (username and password).\n"},"bearerToken":{"type":"string","description":"Bearer token for HTTP authentication.\n","secret":true}},"type":"object","language":{"nodejs":{"requiredOutputs":["apiKey","basic","bearerToken"]}}},"descope:index/ProjectConnectorsHttpAuthenticationApiKey:ProjectConnectorsHttpAuthenticationApiKey":{"properties":{"key":{"type":"string","description":"The API key.\n"},"token":{"type":"string","description":"The API secret.\n","secret":true}},"type":"object","required":["key","token"]},"descope:index/ProjectConnectorsHttpAuthenticationBasic:ProjectConnectorsHttpAuthenticationBasic":{"properties":{"password":{"type":"string","description":"Password for basic HTTP authentication.\n","secret":true},"username":{"type":"string","description":"Username for basic HTTP authentication.\n"}},"type":"object","required":["password","username"]},"descope:index/ProjectConnectorsHubspot:ProjectConnectorsHubspot":{"properties":{"accessToken":{"type":"string","description":"The HubSpot private API access token generated for the Descope service.\n","secret":true},"baseUrl":{"type":"string","description":"The base URL of the HubSpot API, when using a custom domain in HubSpot, default value is https://api.hubapi.com .\n"},"description":{"type":"string","description":"A description of what your connector is used for.\n"},"id":{"type":"string"},"name":{"type":"string","description":"A custom name for your connector.\n"},"useStaticIps":{"type":"boolean","description":"Whether the connector should send all requests from specific static IPs.\n"}},"type":"object","required":["accessToken","name"],"language":{"nodejs":{"requiredOutputs":["accessToken","baseUrl","description","id","name","useStaticIps"]}}},"descope:index/ProjectConnectorsIncode:ProjectConnectorsIncode":{"properties":{"apiKey":{"type":"string","description":"Your InCode API key.\n","secret":true},"apiUrl":{"type":"string","description":"The base URL of the Incode API\n"},"description":{"type":"string","description":"A description of what your connector is used for.\n"},"flowId":{"type":"string","description":"Your wanted InCode's flow ID.\n"},"id":{"type":"string"},"name":{"type":"string","description":"A custom name for your connector.\n"}},"type":"object","required":["apiKey","apiUrl","flowId","name"],"language":{"nodejs":{"requiredOutputs":["apiKey","apiUrl","description","flowId","id","name"]}}},"descope:index/ProjectConnectorsIntercom:ProjectConnectorsIntercom":{"properties":{"description":{"type":"string","description":"A description of what your connector is used for.\n"},"id":{"type":"string"},"name":{"type":"string","description":"A custom name for your connector.\n"},"region":{"type":"string","description":"Regional Hosting - US, EU, or AU. default: US\n"},"token":{"type":"string","description":"The Intercom access token.\n","secret":true}},"type":"object","required":["name","token"],"language":{"nodejs":{"requiredOutputs":["description","id","name","region","token"]}}},"descope:index/ProjectConnectorsLokalise:ProjectConnectorsLokalise":{"properties":{"apiToken":{"type":"string","description":"Lokalise API token.\n","secret":true},"cardId":{"type":"string","description":"(Optional) The ID of the payment card to use for translation orders. If not provided, the team credit will be used.\n"},"description":{"type":"string","description":"A description of what your connector is used for.\n"},"id":{"type":"string"},"name":{"type":"string","description":"A custom name for your connector.\n"},"projectId":{"type":"string","description":"Lokalise project ID.\n"},"teamId":{"type":"string","description":"Lokalise team ID. If not provided, the oldest available team will be used.\n"},"translationProvider":{"type":"string","description":"The translation provider to use ('gengo', 'google', 'lokalise', 'deepl'), default is 'deepl'.\n"}},"type":"object","required":["apiToken","name","projectId"],"language":{"nodejs":{"requiredOutputs":["apiToken","cardId","description","id","name","projectId","teamId","translationProvider"]}}},"descope:index/ProjectConnectorsMparticle:ProjectConnectorsMparticle":{"properties":{"apiKey":{"type":"string","description":"The mParticle Server to Server Key generated for the Descope service.\n","secret":true},"apiSecret":{"type":"string","description":"The mParticle Server to Server Secret generated for the Descope service.\n","secret":true},"baseUrl":{"type":"string","description":"The base URL of the mParticle API, when using a custom domain in mParticle. default value is https://s2s.mparticle.com/\n"},"defaultEnvironment":{"type":"string","description":"The default environment of which connector send data to, either “production” or “development“. default value: production. This field can be overridden per event (see at flows).\n"},"description":{"type":"string","description":"A description of what your connector is used for.\n"},"id":{"type":"string"},"name":{"type":"string","description":"A custom name for your connector.\n"},"useStaticIps":{"type":"boolean","description":"Whether the connector should send all requests from specific static IPs.\n"}},"type":"object","required":["apiKey","apiSecret","name"],"language":{"nodejs":{"requiredOutputs":["apiKey","apiSecret","baseUrl","defaultEnvironment","description","id","name","useStaticIps"]}}},"descope:index/ProjectConnectorsNewrelic:ProjectConnectorsNewrelic":{"properties":{"apiKey":{"type":"string","description":"Ingest License Key of the account you want to report data to.\n","secret":true},"auditEnabled":{"type":"boolean","description":"Whether to enable streaming of audit events.\n"},"auditFilters":{"type":"array","items":{"$ref":"#/types/descope:index/ProjectConnectorsNewrelicAuditFilter:ProjectConnectorsNewrelicAuditFilter"},"description":"Specify which events will be sent to the external audit service (including tenant selection).\n"},"dataCenter":{"type":"string","description":"The New Relic data center the account belongs to. Possible values are: `US`, `EU`, `FedRAMP`. Default is `US`.\n"},"description":{"type":"string","description":"A description of what your connector is used for.\n"},"id":{"type":"string"},"logsPrefix":{"type":"string","description":"Specify a custom prefix for all log fields. The default prefix is `descope.`.\n"},"name":{"type":"string","description":"A custom name for your connector.\n"},"overrideLogsPrefix":{"type":"boolean","description":"Enable this option to use a custom prefix for log fields.\n"},"troubleshootLogEnabled":{"type":"boolean","description":"Whether to send troubleshooting events.\n"}},"type":"object","required":["apiKey","name"],"language":{"nodejs":{"requiredOutputs":["apiKey","auditEnabled","auditFilters","dataCenter","description","id","logsPrefix","name","overrideLogsPrefix","troubleshootLogEnabled"]}}},"descope:index/ProjectConnectorsNewrelicAuditFilter:ProjectConnectorsNewrelicAuditFilter":{"properties":{"key":{"type":"string","description":"The field name to filter on (either 'actions' or 'tenants').\n"},"operator":{"type":"string","description":"The filter operation to apply ('includes' or 'excludes').\n"},"values":{"type":"array","items":{"type":"string"},"description":"The list of values to match against for the filter.\n"}},"type":"object","required":["key","operator","values"]},"descope:index/ProjectConnectorsRadar:ProjectConnectorsRadar":{"properties":{"addressTypes":{"type":"string","description":"The address types to return.\n"},"description":{"type":"string","description":"A description of what your connector is used for.\n"},"id":{"type":"string"},"language":{"type":"string","description":"The language in which to return results.\n"},"limit":{"type":"number","description":"The maximum number of results to return.\n"},"name":{"type":"string","description":"A custom name for your connector.\n"},"publicApiKey":{"type":"string","description":"The Radar publishable API key.\n"},"region":{"type":"string","description":"The region code, specified as a two-letter ISO 3166 code.\n"}},"type":"object","required":["name","publicApiKey"],"language":{"nodejs":{"requiredOutputs":["addressTypes","description","id","language","limit","name","publicApiKey","region"]}}},"descope:index/ProjectConnectorsRecaptcha:ProjectConnectorsRecaptcha":{"properties":{"assessmentScore":{"type":"number","description":"When configured, the Recaptcha action will return the score without assessing the request. The score ranges between 0 and 1, where 1 is a human interaction and 0 is a bot.\n"},"description":{"type":"string","description":"A description of what your connector is used for.\n"},"id":{"type":"string"},"name":{"type":"string","description":"A custom name for your connector.\n"},"overrideAssessment":{"type":"boolean","description":"Override the default assessment model. Note: Overriding assessment is intended for automated testing and should not be utilized in production environments.\n"},"secretKey":{"type":"string","description":"The secret key authorizes communication between Descope backend and the reCAPTCHA server to verify the user's response.\n","secret":true},"siteKey":{"type":"string","description":"The site key is used to invoke reCAPTCHA service on your site or mobile application.\n"}},"type":"object","required":["name","secretKey","siteKey"],"language":{"nodejs":{"requiredOutputs":["assessmentScore","description","id","name","overrideAssessment","secretKey","siteKey"]}}},"descope:index/ProjectConnectorsRecaptchaEnterprise:ProjectConnectorsRecaptchaEnterprise":{"properties":{"apiKey":{"type":"string","description":"API key associated with the current project.\n","secret":true},"assessmentScore":{"type":"number","description":"When configured, the Recaptcha action will return the score without assessing the request. The score ranges between 0 and 1, where 1 is a human interaction and 0 is a bot.\n"},"baseUrl":{"type":"string","description":"Apply a custom url to the reCAPTCHA Enterprise scripts. This is useful when attempting to use reCAPTCHA globally. Defaults to https://www.google.com\n"},"botThreshold":{"type":"number","description":"The bot threshold is used to determine whether the request is a bot or a human. The score ranges between 0 and 1, where 1 is a human interaction and 0 is a bot. If the score is below this threshold, the request is considered a bot.\n"},"description":{"type":"string","description":"A description of what your connector is used for.\n"},"id":{"type":"string"},"name":{"type":"string","description":"A custom name for your connector.\n"},"overrideAssessment":{"type":"boolean","description":"Override the default assessment model. Note: Overriding assessment is intended for automated testing and should not be utilized in production environments.\n"},"projectId":{"type":"string","description":"The Google Cloud project ID where the reCAPTCHA Enterprise is managed.\n"},"siteKey":{"type":"string","description":"The site key is used to invoke reCAPTCHA Enterprise service on your site or mobile application.\n"}},"type":"object","required":["apiKey","name","projectId","siteKey"],"language":{"nodejs":{"requiredOutputs":["apiKey","assessmentScore","baseUrl","botThreshold","description","id","name","overrideAssessment","projectId","siteKey"]}}},"descope:index/ProjectConnectorsRekognition:ProjectConnectorsRekognition":{"properties":{"accessKeyId":{"type":"string","description":"The AWS access key ID\n"},"collectionId":{"type":"string","description":"The collection to store registered users in. Should match `[a-zA-Z0-9_.-]+` pattern. Changing this will cause losing existing users.\n"},"description":{"type":"string","description":"A description of what your connector is used for.\n"},"id":{"type":"string"},"name":{"type":"string","description":"A custom name for your connector.\n"},"secretAccessKey":{"type":"string","description":"The AWS secret access key\n","secret":true}},"type":"object","required":["accessKeyId","collectionId","name","secretAccessKey"],"language":{"nodejs":{"requiredOutputs":["accessKeyId","collectionId","description","id","name","secretAccessKey"]}}},"descope:index/ProjectConnectorsSalesforce:ProjectConnectorsSalesforce":{"properties":{"baseUrl":{"type":"string","description":"The Salesforce API base URL.\n"},"clientId":{"type":"string","description":"The consumer key of the connected app.\n"},"clientSecret":{"type":"string","description":"The consumer secret of the connected app.\n","secret":true},"description":{"type":"string","description":"A description of what your connector is used for.\n"},"id":{"type":"string"},"name":{"type":"string","description":"A custom name for your connector.\n"},"version":{"type":"string","description":"REST API Version.\n"}},"type":"object","required":["baseUrl","clientId","clientSecret","name","version"],"language":{"nodejs":{"requiredOutputs":["baseUrl","clientId","clientSecret","description","id","name","version"]}}},"descope:index/ProjectConnectorsSalesforceMarketingCloud:ProjectConnectorsSalesforceMarketingCloud":{"properties":{"accountId":{"type":"string","description":"Account identifier, or MID, of the target business unit.\n"},"clientId":{"type":"string","description":"Client ID issued when you create the API integration in Installed Packages.\n"},"clientSecret":{"type":"string","description":"Client secret issued when you create the API integration in Installed Packages.\n","secret":true},"description":{"type":"string","description":"A description of what your connector is used for.\n"},"id":{"type":"string"},"name":{"type":"string","description":"A custom name for your connector.\n"},"scope":{"type":"string","description":"Space-separated list of data-access permissions for your connector.\n"},"subdomain":{"type":"string","description":"The Salesforce Marketing Cloud endpoint subdomain.\n"}},"type":"object","required":["clientId","clientSecret","name","subdomain"],"language":{"nodejs":{"requiredOutputs":["accountId","clientId","clientSecret","description","id","name","scope","subdomain"]}}},"descope:index/ProjectConnectorsSardine:ProjectConnectorsSardine":{"properties":{"baseUrl":{"type":"string","description":"The base URL for the Sardine API, e.g.: https://api.sandbox.sardine.ai, https://api.sardine.ai, https://api.eu.sardine.ai.\n"},"clientId":{"type":"string","description":"The Sardine Client ID.\n"},"clientSecret":{"type":"string","description":"The Sardine Client Secret.\n","secret":true},"description":{"type":"string","description":"A description of what your connector is used for.\n"},"id":{"type":"string"},"name":{"type":"string","description":"A custom name for your connector.\n"}},"type":"object","required":["baseUrl","clientId","clientSecret","name"],"language":{"nodejs":{"requiredOutputs":["baseUrl","clientId","clientSecret","description","id","name"]}}},"descope:index/ProjectConnectorsSe:ProjectConnectorsSe":{"properties":{"accessKeyId":{"type":"string","description":"AWS Access key ID.\n","secret":true},"authType":{"type":"string","description":"The authentication type to use.\n"},"description":{"type":"string","description":"A description of what your connector is used for.\n"},"endpoint":{"type":"string","description":"An optional endpoint URL (hostname only or fully qualified URI).\n"},"externalId":{"type":"string","description":"The external ID to use when assuming the role.\n"},"id":{"type":"string"},"name":{"type":"string","description":"A custom name for your connector.\n"},"region":{"type":"string","description":"AWS region to send requests to (e.g. `us-west-2`).\n"},"roleArn":{"type":"string","description":"The Amazon Resource Name (ARN) of the role to assume.\n"},"secret":{"type":"string","description":"AWS Secret Access Key.\n","secret":true},"sender":{"$ref":"#/types/descope:index/ProjectConnectorsSeSender:ProjectConnectorsSeSender","description":"The sender details that should be displayed in the email message.\n"}},"type":"object","required":["name","region","sender"],"language":{"nodejs":{"requiredOutputs":["accessKeyId","authType","description","endpoint","externalId","id","name","region","roleArn","secret","sender"]}}},"descope:index/ProjectConnectorsSeSender:ProjectConnectorsSeSender":{"properties":{"email":{"type":"string","description":"The email address that will appear as the sender of the email.\n"},"name":{"type":"string","description":"The display name that will appear as the sender of the email.\n"}},"type":"object","required":["email"],"language":{"nodejs":{"requiredOutputs":["email","name"]}}},"descope:index/ProjectConnectorsSegment:ProjectConnectorsSegment":{"properties":{"description":{"type":"string","description":"A description of what your connector is used for.\n"},"host":{"type":"string","description":"The base URL of the Segment API, when using a custom domain in Segment.\n"},"id":{"type":"string"},"name":{"type":"string","description":"A custom name for your connector.\n"},"writeKey":{"type":"string","description":"The Segment Write Key generated for the Descope service.\n","secret":true}},"type":"object","required":["name","writeKey"],"language":{"nodejs":{"requiredOutputs":["description","host","id","name","writeKey"]}}},"descope:index/ProjectConnectorsSendgrid:ProjectConnectorsSendgrid":{"properties":{"authentication":{"$ref":"#/types/descope:index/ProjectConnectorsSendgridAuthentication:ProjectConnectorsSendgridAuthentication","description":"SendGrid API authentication configuration.\n"},"description":{"type":"string","description":"A description of what your connector is used for.\n"},"id":{"type":"string"},"name":{"type":"string","description":"A custom name for your connector.\n"},"sender":{"$ref":"#/types/descope:index/ProjectConnectorsSendgridSender:ProjectConnectorsSendgridSender","description":"The sender details that should be displayed in the email message.\n"}},"type":"object","required":["authentication","name","sender"],"language":{"nodejs":{"requiredOutputs":["authentication","description","id","name","sender"]}}},"descope:index/ProjectConnectorsSendgridAuthentication:ProjectConnectorsSendgridAuthentication":{"properties":{"apiKey":{"type":"string","description":"SendGrid API key for authentication.\n","secret":true}},"type":"object","required":["apiKey"]},"descope:index/ProjectConnectorsSendgridSender:ProjectConnectorsSendgridSender":{"properties":{"email":{"type":"string","description":"The email address that will appear as the sender of the email.\n"},"name":{"type":"string","description":"The display name that will appear as the sender of the email.\n"}},"type":"object","required":["email"],"language":{"nodejs":{"requiredOutputs":["email","name"]}}},"descope:index/ProjectConnectorsSlack:ProjectConnectorsSlack":{"properties":{"description":{"type":"string","description":"A description of what your connector is used for.\n"},"id":{"type":"string"},"name":{"type":"string","description":"A custom name for your connector.\n"},"token":{"type":"string","description":"The OAuth token for Slack's Bot User, used to authenticate API requests.\n","secret":true}},"type":"object","required":["name","token"],"language":{"nodejs":{"requiredOutputs":["description","id","name","token"]}}},"descope:index/ProjectConnectorsSmartling:ProjectConnectorsSmartling":{"properties":{"accountUid":{"type":"string","description":"The account UID for the Smartling account.\n"},"description":{"type":"string","description":"A description of what your connector is used for.\n"},"id":{"type":"string"},"name":{"type":"string","description":"A custom name for your connector.\n"},"userIdentifier":{"type":"string","description":"The user identifier for the Smartling account.\n"},"userSecret":{"type":"string","description":"The user secret for the Smartling account.\n","secret":true}},"type":"object","required":["accountUid","name","userIdentifier","userSecret"],"language":{"nodejs":{"requiredOutputs":["accountUid","description","id","name","userIdentifier","userSecret"]}}},"descope:index/ProjectConnectorsSmtp:ProjectConnectorsSmtp":{"properties":{"authentication":{"$ref":"#/types/descope:index/ProjectConnectorsSmtpAuthentication:ProjectConnectorsSmtpAuthentication","description":"SMTP server authentication credentials and method.\n"},"description":{"type":"string","description":"A description of what your connector is used for.\n"},"id":{"type":"string"},"name":{"type":"string","description":"A custom name for your connector.\n"},"sender":{"$ref":"#/types/descope:index/ProjectConnectorsSmtpSender:ProjectConnectorsSmtpSender","description":"The sender details that should be displayed in the email message.\n"},"server":{"$ref":"#/types/descope:index/ProjectConnectorsSmtpServer:ProjectConnectorsSmtpServer","description":"SMTP server connection details including hostname and port.\n"},"useStaticIps":{"type":"boolean","description":"Whether the connector should send all requests from specific static IPs.\n"}},"type":"object","required":["authentication","name","sender","server"],"language":{"nodejs":{"requiredOutputs":["authentication","description","id","name","sender","server","useStaticIps"]}}},"descope:index/ProjectConnectorsSmtpAuthentication:ProjectConnectorsSmtpAuthentication":{"properties":{"method":{"type":"string","description":"SMTP authentication method (\u003cspan pulumi-lang-nodejs=\"`plain`\" pulumi-lang-dotnet=\"`Plain`\" pulumi-lang-go=\"`plain`\" pulumi-lang-python=\"`plain`\" pulumi-lang-yaml=\"`plain`\" pulumi-lang-java=\"`plain`\"\u003e`plain`\u003c/span\u003e or \u003cspan pulumi-lang-nodejs=\"`login`\" pulumi-lang-dotnet=\"`Login`\" pulumi-lang-go=\"`login`\" pulumi-lang-python=\"`login`\" pulumi-lang-yaml=\"`login`\" pulumi-lang-java=\"`login`\"\u003e`login`\u003c/span\u003e).\n"},"password":{"type":"string","description":"Password for SMTP server authentication.\n","secret":true},"username":{"type":"string","description":"Username for SMTP server authentication.\n"}},"type":"object","required":["password","username"],"language":{"nodejs":{"requiredOutputs":["method","password","username"]}}},"descope:index/ProjectConnectorsSmtpSender:ProjectConnectorsSmtpSender":{"properties":{"email":{"type":"string","description":"The email address that will appear as the sender of the email.\n"},"name":{"type":"string","description":"The display name that will appear as the sender of the email.\n"}},"type":"object","required":["email"],"language":{"nodejs":{"requiredOutputs":["email","name"]}}},"descope:index/ProjectConnectorsSmtpServer:ProjectConnectorsSmtpServer":{"properties":{"host":{"type":"string","description":"The hostname or IP address of the SMTP server.\n"},"port":{"type":"integer","description":"The port number to connect to on the SMTP server.\n"}},"type":"object","required":["host"],"language":{"nodejs":{"requiredOutputs":["host","port"]}}},"descope:index/ProjectConnectorsSn:ProjectConnectorsSn":{"properties":{"accessKeyId":{"type":"string","description":"AWS Access key ID.\n","secret":true},"description":{"type":"string","description":"A description of what your connector is used for.\n"},"endpoint":{"type":"string","description":"An optional endpoint URL (hostname only or fully qualified URI).\n"},"entityId":{"type":"string","description":"The entity ID or principal entity (PE) ID for sending text messages to recipients in India.\n"},"id":{"type":"string"},"name":{"type":"string","description":"A custom name for your connector.\n"},"organizationNumber":{"type":"string","description":"Use the \u003cspan pulumi-lang-nodejs=\"`originationNumber`\" pulumi-lang-dotnet=\"`OriginationNumber`\" pulumi-lang-go=\"`originationNumber`\" pulumi-lang-python=\"`origination_number`\" pulumi-lang-yaml=\"`originationNumber`\" pulumi-lang-java=\"`originationNumber`\"\u003e`origination_number`\u003c/span\u003e attribute instead.\n","deprecationMessage":"The\u003cspan pulumi-lang-nodejs=\" organizationNumber \" pulumi-lang-dotnet=\" OrganizationNumber \" pulumi-lang-go=\" organizationNumber \" pulumi-lang-python=\" organization_number \" pulumi-lang-yaml=\" organizationNumber \" pulumi-lang-java=\" organizationNumber \"\u003e organization_number \u003c/span\u003eattribute has been renamed, set the\u003cspan pulumi-lang-nodejs=\" originationNumber \" pulumi-lang-dotnet=\" OriginationNumber \" pulumi-lang-go=\" originationNumber \" pulumi-lang-python=\" origination_number \" pulumi-lang-yaml=\" originationNumber \" pulumi-lang-java=\" originationNumber \"\u003e origination_number \u003c/span\u003eattribute instead. This attribute will be removed in a future version of the provider."},"originationNumber":{"type":"string","description":"An optional phone number from which the text messages are going to be sent. Make sure it is registered properly in your server.\n"},"region":{"type":"string","description":"AWS region to send requests to (e.g. `us-west-2`).\n"},"secret":{"type":"string","description":"AWS Secret Access Key.\n","secret":true},"senderId":{"type":"string","description":"The name of the sender from which the text message is going to be sent (see SNS documentation regarding acceptable IDs and supported regions/countries).\n"},"templateId":{"type":"string","description":"The template for sending text messages to recipients in India. The template ID must be associated with the sender ID.\n"}},"type":"object","required":["accessKeyId","name","region","secret"],"language":{"nodejs":{"requiredOutputs":["accessKeyId","description","endpoint","entityId","id","name","organizationNumber","originationNumber","region","secret","senderId","templateId"]}}},"descope:index/ProjectConnectorsSumologic:ProjectConnectorsSumologic":{"properties":{"auditEnabled":{"type":"boolean","description":"Whether to enable streaming of audit events.\n"},"auditFilters":{"type":"array","items":{"$ref":"#/types/descope:index/ProjectConnectorsSumologicAuditFilter:ProjectConnectorsSumologicAuditFilter"},"description":"Specify which events will be sent to the external audit service (including tenant selection).\n"},"description":{"type":"string","description":"A description of what your connector is used for.\n"},"httpSourceUrl":{"type":"string","description":"The URL associated with an HTTP Hosted collector\n","secret":true},"id":{"type":"string"},"name":{"type":"string","description":"A custom name for your connector.\n"},"troubleshootLogEnabled":{"type":"boolean","description":"Whether to send troubleshooting events.\n"}},"type":"object","required":["httpSourceUrl","name"],"language":{"nodejs":{"requiredOutputs":["auditEnabled","auditFilters","description","httpSourceUrl","id","name","troubleshootLogEnabled"]}}},"descope:index/ProjectConnectorsSumologicAuditFilter:ProjectConnectorsSumologicAuditFilter":{"properties":{"key":{"type":"string","description":"The field name to filter on (either 'actions' or 'tenants').\n"},"operator":{"type":"string","description":"The filter operation to apply ('includes' or 'excludes').\n"},"values":{"type":"array","items":{"type":"string"},"description":"The list of values to match against for the filter.\n"}},"type":"object","required":["key","operator","values"]},"descope:index/ProjectConnectorsSupabase:ProjectConnectorsSupabase":{"properties":{"authType":{"type":"string","description":"The authentication type to use.\n"},"createUsers":{"type":"boolean","description":"Enable to automatically create users in Supabase when generating tokens. Will only create a new user if one does not already exist. When disabled, only JWT tokens will be generated, WITHOUT user creation.\n"},"customClaimsMapping":{"type":"object","additionalProperties":{"type":"string"},"description":"A mapping of Descope user fields or JWT claims to Supabase custom claims\n"},"description":{"type":"string","description":"A description of what your connector is used for.\n"},"expirationTime":{"type":"number","description":"The duration in minutes for which the token is valid.\n"},"id":{"type":"string"},"name":{"type":"string","description":"A custom name for your connector.\n"},"privateKey":{"type":"string","description":"The private key in JWK format used to sign the JWT. You can generate a key using tools like `npx supabase gen signing-key --algorithm ES256`. Make sure to use the ES256 algorithm.\n","secret":true},"projectBaseUrl":{"type":"string","description":"Your Supabase Project's API base URL, e.g.: https://\\n\\n.supabase.co.\n"},"serviceRoleApiKey":{"type":"string","description":"The service role API key for your Supabase project, required to create users.\n","secret":true},"signingSecret":{"type":"string","description":"The signing secret for your Supabase project.\n","secret":true}},"type":"object","required":["name"],"language":{"nodejs":{"requiredOutputs":["authType","createUsers","customClaimsMapping","description","expirationTime","id","name","privateKey","projectBaseUrl","serviceRoleApiKey","signingSecret"]}}},"descope:index/ProjectConnectorsTelesign:ProjectConnectorsTelesign":{"properties":{"apiKey":{"type":"string","description":"The unique Telesign API key\n","secret":true},"customerId":{"type":"string","description":"The unique Telesign account Customer ID\n"},"description":{"type":"string","description":"A description of what your connector is used for.\n"},"id":{"type":"string"},"name":{"type":"string","description":"A custom name for your connector.\n"}},"type":"object","required":["apiKey","customerId","name"],"language":{"nodejs":{"requiredOutputs":["apiKey","customerId","description","id","name"]}}},"descope:index/ProjectConnectorsTraceable:ProjectConnectorsTraceable":{"properties":{"description":{"type":"string","description":"A description of what your connector is used for.\n"},"euRegion":{"type":"boolean","description":"EU(Europe) Region deployment of Traceable platform.\n"},"id":{"type":"string"},"name":{"type":"string","description":"A custom name for your connector.\n"},"secretKey":{"type":"string","description":"The Traceable secret key.\n","secret":true}},"type":"object","required":["name","secretKey"],"language":{"nodejs":{"requiredOutputs":["description","euRegion","id","name","secretKey"]}}},"descope:index/ProjectConnectorsTurnstile:ProjectConnectorsTurnstile":{"properties":{"description":{"type":"string","description":"A description of what your connector is used for.\n"},"id":{"type":"string"},"name":{"type":"string","description":"A custom name for your connector.\n"},"secretKey":{"type":"string","description":"The secret key authorizes communication between Descope backend and the Turnstile server to verify the user's response.\n","secret":true},"siteKey":{"type":"string","description":"The site key is used to invoke Turnstile service on your site or mobile application.\n"}},"type":"object","required":["name","secretKey","siteKey"],"language":{"nodejs":{"requiredOutputs":["description","id","name","secretKey","siteKey"]}}},"descope:index/ProjectConnectorsTwilioCore:ProjectConnectorsTwilioCore":{"properties":{"accountSid":{"type":"string","description":"Twilio Account SID from your Twilio Console.\n"},"authentication":{"$ref":"#/types/descope:index/ProjectConnectorsTwilioCoreAuthentication:ProjectConnectorsTwilioCoreAuthentication","description":"Twilio authentication credentials (either auth token or API key/secret).\n"},"description":{"type":"string","description":"A description of what your connector is used for.\n"},"id":{"type":"string"},"name":{"type":"string","description":"A custom name for your connector.\n"},"senders":{"$ref":"#/types/descope:index/ProjectConnectorsTwilioCoreSenders:ProjectConnectorsTwilioCoreSenders","description":"Configuration for SMS and voice message senders.\n"}},"type":"object","required":["accountSid","authentication","name","senders"],"language":{"nodejs":{"requiredOutputs":["accountSid","authentication","description","id","name","senders"]}}},"descope:index/ProjectConnectorsTwilioCoreAuthentication:ProjectConnectorsTwilioCoreAuthentication":{"properties":{"apiKey":{"type":"string","description":"Twilio API Key for authentication (used with API Secret).\n","secret":true},"apiSecret":{"type":"string","description":"Twilio API Secret for authentication (used with API Key).\n","secret":true},"authToken":{"type":"string","description":"Twilio Auth Token for authentication.\n","secret":true}},"type":"object","language":{"nodejs":{"requiredOutputs":["apiKey","apiSecret","authToken"]}}},"descope:index/ProjectConnectorsTwilioCoreSenders:ProjectConnectorsTwilioCoreSenders":{"properties":{"sms":{"$ref":"#/types/descope:index/ProjectConnectorsTwilioCoreSendersSms:ProjectConnectorsTwilioCoreSendersSms","description":"SMS sender configuration using either a phone number or messaging service.\n"},"voice":{"$ref":"#/types/descope:index/ProjectConnectorsTwilioCoreSendersVoice:ProjectConnectorsTwilioCoreSendersVoice","description":"Voice call sender configuration.\n"}},"type":"object","required":["sms"],"language":{"nodejs":{"requiredOutputs":["sms","voice"]}}},"descope:index/ProjectConnectorsTwilioCoreSendersSms:ProjectConnectorsTwilioCoreSendersSms":{"properties":{"messagingServiceSid":{"type":"string","description":"Twilio Messaging Service SID for sending SMS messages.\n"},"phoneNumber":{"type":"string","description":"Twilio phone number for sending SMS messages.\n"}},"type":"object","language":{"nodejs":{"requiredOutputs":["messagingServiceSid","phoneNumber"]}}},"descope:index/ProjectConnectorsTwilioCoreSendersVoice:ProjectConnectorsTwilioCoreSendersVoice":{"properties":{"phoneNumber":{"type":"string","description":"Twilio phone number for making voice calls.\n"}},"type":"object","required":["phoneNumber"]},"descope:index/ProjectConnectorsTwilioVerify:ProjectConnectorsTwilioVerify":{"properties":{"accountSid":{"type":"string","description":"Twilio Account SID from your Twilio Console.\n"},"authentication":{"$ref":"#/types/descope:index/ProjectConnectorsTwilioVerifyAuthentication:ProjectConnectorsTwilioVerifyAuthentication","description":"Twilio authentication credentials (either auth token or API key/secret).\n"},"description":{"type":"string","description":"A description of what your connector is used for.\n"},"id":{"type":"string"},"name":{"type":"string","description":"A custom name for your connector.\n"},"sender":{"type":"string","description":"Optional sender identifier for verification messages.\n"},"serviceSid":{"type":"string","description":"Twilio Verify Service SID for verification services.\n"}},"type":"object","required":["accountSid","authentication","name","serviceSid"],"language":{"nodejs":{"requiredOutputs":["accountSid","authentication","description","id","name","sender","serviceSid"]}}},"descope:index/ProjectConnectorsTwilioVerifyAuthentication:ProjectConnectorsTwilioVerifyAuthentication":{"properties":{"apiKey":{"type":"string","description":"Twilio API Key for authentication (used with API Secret).\n","secret":true},"apiSecret":{"type":"string","description":"Twilio API Secret for authentication (used with API Key).\n","secret":true},"authToken":{"type":"string","description":"Twilio Auth Token for authentication.\n","secret":true}},"type":"object","language":{"nodejs":{"requiredOutputs":["apiKey","apiSecret","authToken"]}}},"descope:index/ProjectFlows:ProjectFlows":{"properties":{"data":{"type":"string","description":"The JSON data defining the authentication flow configuration, including metadata, screens, contents, and references.\n"}},"type":"object","required":["data"]},"descope:index/ProjectInviteSettings:ProjectInviteSettings":{"properties":{"addMagiclinkToken":{"type":"boolean","description":"Whether to include a magic link token in invitation messages.\n"},"emailService":{"$ref":"#/types/descope:index/ProjectInviteSettingsEmailService:ProjectInviteSettingsEmailService","description":"Settings related to sending invitation emails.\n"},"expireInvitedUsers":{"type":"boolean","description":"Expire the user account if the invitation is not accepted within the expiration time.\n"},"inviteExpiration":{"type":"string","description":"The expiry time for the invitation, meant to be used together with \u003cspan pulumi-lang-nodejs=\"`expireInvitedUsers`\" pulumi-lang-dotnet=\"`ExpireInvitedUsers`\" pulumi-lang-go=\"`expireInvitedUsers`\" pulumi-lang-python=\"`expire_invited_users`\" pulumi-lang-yaml=\"`expireInvitedUsers`\" pulumi-lang-java=\"`expireInvitedUsers`\"\u003e`expire_invited_users`\u003c/span\u003e and/or \u003cspan pulumi-lang-nodejs=\"`addMagiclinkToken`\" pulumi-lang-dotnet=\"`AddMagiclinkToken`\" pulumi-lang-go=\"`addMagiclinkToken`\" pulumi-lang-python=\"`add_magiclink_token`\" pulumi-lang-yaml=\"`addMagiclinkToken`\" pulumi-lang-java=\"`addMagiclinkToken`\"\u003e`add_magiclink_token`\u003c/span\u003e. Use values such as \"2 weeks\", \"4 days\", etc. The minimum value is \"1 hour\".\n"},"inviteUrl":{"type":"string","description":"Custom URL to include in the message sent to invited users.\n"},"requireInvitation":{"type":"boolean","description":"Whether users must be invited before they can sign up to the project.\n"},"sendEmail":{"type":"boolean","description":"Whether to send invitation emails to users.\n"},"sendText":{"type":"boolean","description":"Whether to send invitation SMS messages to users.\n"}},"type":"object","language":{"nodejs":{"requiredOutputs":["addMagiclinkToken","emailService","expireInvitedUsers","inviteExpiration","inviteUrl","requireInvitation","sendEmail","sendText"]}}},"descope:index/ProjectInviteSettingsEmailService:ProjectInviteSettingsEmailService":{"properties":{"connector":{"type":"string","description":"The name of the email connector to use for sending emails.\n"},"templates":{"type":"array","items":{"$ref":"#/types/descope:index/ProjectInviteSettingsEmailServiceTemplate:ProjectInviteSettingsEmailServiceTemplate"},"description":"A list of email templates for different authentication flows.\n"}},"type":"object","required":["connector"],"language":{"nodejs":{"requiredOutputs":["connector","templates"]}}},"descope:index/ProjectInviteSettingsEmailServiceTemplate:ProjectInviteSettingsEmailServiceTemplate":{"properties":{"active":{"type":"boolean","description":"Whether this email template is currently active and in use.\n"},"htmlBody":{"type":"string","description":"HTML content of the email message body, required if \u003cspan pulumi-lang-nodejs=\"`usePlainTextBody`\" pulumi-lang-dotnet=\"`UsePlainTextBody`\" pulumi-lang-go=\"`usePlainTextBody`\" pulumi-lang-python=\"`use_plain_text_body`\" pulumi-lang-yaml=\"`usePlainTextBody`\" pulumi-lang-java=\"`usePlainTextBody`\"\u003e`use_plain_text_body`\u003c/span\u003e isn't set.\n"},"id":{"type":"string"},"name":{"type":"string","description":"Unique name for this email template.\n"},"plainTextBody":{"type":"string","description":"Plain text version of the email message body, required if \u003cspan pulumi-lang-nodejs=\"`usePlainTextBody`\" pulumi-lang-dotnet=\"`UsePlainTextBody`\" pulumi-lang-go=\"`usePlainTextBody`\" pulumi-lang-python=\"`use_plain_text_body`\" pulumi-lang-yaml=\"`usePlainTextBody`\" pulumi-lang-java=\"`usePlainTextBody`\"\u003e`use_plain_text_body`\u003c/span\u003e is set to \u003cspan pulumi-lang-nodejs=\"`true`\" pulumi-lang-dotnet=\"`True`\" pulumi-lang-go=\"`true`\" pulumi-lang-python=\"`true`\" pulumi-lang-yaml=\"`true`\" pulumi-lang-java=\"`true`\"\u003e`true`\u003c/span\u003e.\n"},"subject":{"type":"string","description":"Subject line of the email message.\n"},"usePlainTextBody":{"type":"boolean","description":"Whether to use the plain text body instead of HTML for the email.\n"}},"type":"object","required":["name","subject"],"language":{"nodejs":{"requiredOutputs":["active","htmlBody","id","name","plainTextBody","subject","usePlainTextBody"]}}},"descope:index/ProjectJwtTemplates:ProjectJwtTemplates":{"properties":{"accessKeyTemplates":{"type":"array","items":{"$ref":"#/types/descope:index/ProjectJwtTemplatesAccessKeyTemplate:ProjectJwtTemplatesAccessKeyTemplate"},"description":"A list of `Access Key` type JWT Templates.\n"},"userTemplates":{"type":"array","items":{"$ref":"#/types/descope:index/ProjectJwtTemplatesUserTemplate:ProjectJwtTemplatesUserTemplate"},"description":"A list of `User` type JWT Templates.\n"}},"type":"object","language":{"nodejs":{"requiredOutputs":["accessKeyTemplates","userTemplates"]}}},"descope:index/ProjectJwtTemplatesAccessKeyTemplate:ProjectJwtTemplatesAccessKeyTemplate":{"properties":{"authSchema":{"type":"string","description":"The authorization claims format - \u003cspan pulumi-lang-nodejs=\"`default`\" pulumi-lang-dotnet=\"`Default`\" pulumi-lang-go=\"`default`\" pulumi-lang-python=\"`default`\" pulumi-lang-yaml=\"`default`\" pulumi-lang-java=\"`default`\"\u003e`default`\u003c/span\u003e, `tenantOnly` or \u003cspan pulumi-lang-nodejs=\"`none`\" pulumi-lang-dotnet=\"`None`\" pulumi-lang-go=\"`none`\" pulumi-lang-python=\"`none`\" pulumi-lang-yaml=\"`none`\" pulumi-lang-java=\"`none`\"\u003e`none`\u003c/span\u003e. Read more about schema types [here](https://docs.descope.com/project-settings/jwt-templates).\n"},"autoTenantClaim":{"type":"boolean","description":"When a user is associated with a single tenant, the tenant will be set as the user's active tenant, using the \u003cspan pulumi-lang-nodejs=\"`dct`\" pulumi-lang-dotnet=\"`Dct`\" pulumi-lang-go=\"`dct`\" pulumi-lang-python=\"`dct`\" pulumi-lang-yaml=\"`dct`\" pulumi-lang-java=\"`dct`\"\u003e`dct`\u003c/span\u003e (Descope Current Tenant) claim in their JWT.\n"},"conformanceIssuer":{"type":"boolean","description":"Whether to use OIDC conformance for the JWT issuer field.\n"},"description":{"type":"string","description":"Description of the JWT Template.\n"},"emptyClaimPolicy":{"type":"string","description":"Policy for empty claims - \u003cspan pulumi-lang-nodejs=\"`none`\" pulumi-lang-dotnet=\"`None`\" pulumi-lang-go=\"`none`\" pulumi-lang-python=\"`none`\" pulumi-lang-yaml=\"`none`\" pulumi-lang-java=\"`none`\"\u003e`none`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`nil`\" pulumi-lang-dotnet=\"`Nil`\" pulumi-lang-go=\"`nil`\" pulumi-lang-python=\"`nil`\" pulumi-lang-yaml=\"`nil`\" pulumi-lang-java=\"`nil`\"\u003e`nil`\u003c/span\u003e or \u003cspan pulumi-lang-nodejs=\"`delete`\" pulumi-lang-dotnet=\"`Delete`\" pulumi-lang-go=\"`delete`\" pulumi-lang-python=\"`delete`\" pulumi-lang-yaml=\"`delete`\" pulumi-lang-java=\"`delete`\"\u003e`delete`\u003c/span\u003e.\n"},"enforceIssuer":{"type":"boolean","description":"Whether to enforce that the JWT issuer matches the project configuration.\n"},"id":{"type":"string"},"name":{"type":"string","description":"Name of the JWT Template.\n"},"template":{"type":"string","description":"The JSON template defining the structure and claims of the JWT token. This is expected to be a valid JSON object given as a \u003cspan pulumi-lang-nodejs=\"`string`\" pulumi-lang-dotnet=\"`String`\" pulumi-lang-go=\"`string`\" pulumi-lang-python=\"`string`\" pulumi-lang-yaml=\"`string`\" pulumi-lang-java=\"`string`\"\u003e`string`\u003c/span\u003e value.\n"}},"type":"object","required":["name","template"],"language":{"nodejs":{"requiredOutputs":["authSchema","autoTenantClaim","conformanceIssuer","description","emptyClaimPolicy","enforceIssuer","id","name","template"]}}},"descope:index/ProjectJwtTemplatesUserTemplate:ProjectJwtTemplatesUserTemplate":{"properties":{"authSchema":{"type":"string","description":"The authorization claims format - \u003cspan pulumi-lang-nodejs=\"`default`\" pulumi-lang-dotnet=\"`Default`\" pulumi-lang-go=\"`default`\" pulumi-lang-python=\"`default`\" pulumi-lang-yaml=\"`default`\" pulumi-lang-java=\"`default`\"\u003e`default`\u003c/span\u003e, `tenantOnly` or \u003cspan pulumi-lang-nodejs=\"`none`\" pulumi-lang-dotnet=\"`None`\" pulumi-lang-go=\"`none`\" pulumi-lang-python=\"`none`\" pulumi-lang-yaml=\"`none`\" pulumi-lang-java=\"`none`\"\u003e`none`\u003c/span\u003e. Read more about schema types [here](https://docs.descope.com/project-settings/jwt-templates).\n"},"autoTenantClaim":{"type":"boolean","description":"When a user is associated with a single tenant, the tenant will be set as the user's active tenant, using the \u003cspan pulumi-lang-nodejs=\"`dct`\" pulumi-lang-dotnet=\"`Dct`\" pulumi-lang-go=\"`dct`\" pulumi-lang-python=\"`dct`\" pulumi-lang-yaml=\"`dct`\" pulumi-lang-java=\"`dct`\"\u003e`dct`\u003c/span\u003e (Descope Current Tenant) claim in their JWT.\n"},"conformanceIssuer":{"type":"boolean","description":"Whether to use OIDC conformance for the JWT issuer field.\n"},"description":{"type":"string","description":"Description of the JWT Template.\n"},"emptyClaimPolicy":{"type":"string","description":"Policy for empty claims - \u003cspan pulumi-lang-nodejs=\"`none`\" pulumi-lang-dotnet=\"`None`\" pulumi-lang-go=\"`none`\" pulumi-lang-python=\"`none`\" pulumi-lang-yaml=\"`none`\" pulumi-lang-java=\"`none`\"\u003e`none`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`nil`\" pulumi-lang-dotnet=\"`Nil`\" pulumi-lang-go=\"`nil`\" pulumi-lang-python=\"`nil`\" pulumi-lang-yaml=\"`nil`\" pulumi-lang-java=\"`nil`\"\u003e`nil`\u003c/span\u003e or \u003cspan pulumi-lang-nodejs=\"`delete`\" pulumi-lang-dotnet=\"`Delete`\" pulumi-lang-go=\"`delete`\" pulumi-lang-python=\"`delete`\" pulumi-lang-yaml=\"`delete`\" pulumi-lang-java=\"`delete`\"\u003e`delete`\u003c/span\u003e.\n"},"enforceIssuer":{"type":"boolean","description":"Whether to enforce that the JWT issuer matches the project configuration.\n"},"id":{"type":"string"},"name":{"type":"string","description":"Name of the JWT Template.\n"},"template":{"type":"string","description":"The JSON template defining the structure and claims of the JWT token. This is expected to be a valid JSON object given as a \u003cspan pulumi-lang-nodejs=\"`string`\" pulumi-lang-dotnet=\"`String`\" pulumi-lang-go=\"`string`\" pulumi-lang-python=\"`string`\" pulumi-lang-yaml=\"`string`\" pulumi-lang-java=\"`string`\"\u003e`string`\u003c/span\u003e value.\n"}},"type":"object","required":["name","template"],"language":{"nodejs":{"requiredOutputs":["authSchema","autoTenantClaim","conformanceIssuer","description","emptyClaimPolicy","enforceIssuer","id","name","template"]}}},"descope:index/ProjectList:ProjectList":{"properties":{"data":{"type":"string","description":"The JSON data for the list. The format depends on the \u003cspan pulumi-lang-nodejs=\"`type`\" pulumi-lang-dotnet=\"`Type`\" pulumi-lang-go=\"`type`\" pulumi-lang-python=\"`type`\" pulumi-lang-yaml=\"`type`\" pulumi-lang-java=\"`type`\"\u003e`type`\u003c/span\u003e: - For `\"texts\"` and `\"ips\"` types: Must be a JSON array of strings (e.g., `[\"item1\", \"item2\"]`) - For `\"ips\"` type: Each string must be a valid IP address or CIDR range - For `\"json\"` type: Must be a JSON object (e.g., `{\"key\": \"value\"}`)\n"},"description":{"type":"string","description":"An optional description for the list. Defaults to an empty string if not provided.\n"},"id":{"type":"string"},"name":{"type":"string","description":"The name of the list. Maximum length is 100 characters.\n"},"type":{"type":"string","description":"The type of list. Must be one of: - `\"texts\"` - A list of text strings - `\"ips\"` - A list of IP addresses or CIDR ranges - `\"json\"` - A JSON object\n"}},"type":"object","required":["data","name","type"],"language":{"nodejs":{"requiredOutputs":["data","description","id","name","type"]}}},"descope:index/ProjectProjectSettings:ProjectProjectSettings":{"properties":{"accessKeyJwtTemplate":{"type":"string","description":"Name of the access key JWT Template.\n"},"accessKeySessionTokenExpiration":{"type":"string","description":"The expiry time for access key session tokens. Use values such as \"10 minutes\", \"4 hours\", etc. The value needs to be at least 3 minutes and can't be longer than 4 weeks.\n"},"appUrl":{"type":"string","description":"The URL which your application resides on.\n"},"approvedDomains":{"type":"array","items":{"type":"string"},"description":"The list of approved domains that are allowed for redirect and verification URLs for different authentication methods.\n"},"customDomain":{"type":"string","description":"A custom CNAME that's configured to point to `cname.descope.com`. Read more about custom domains and cookie policy [here](https://docs.descope.com/how-to-deploy-to-production/custom-domain).\n"},"defaultNoSsoApps":{"type":"boolean","description":"Define whether a user created with no federated apps, will have access to all apps, or will not have access to any app.\n"},"enableInactivity":{"type":"boolean","description":"Use `True` to enable session inactivity. To read more about session inactivity click [here](https://docs.descope.com/project-settings#session-inactivity).\n"},"inactivityTime":{"type":"string","description":"The session inactivity time. Use values such as \"15 minutes\", \"1 hour\", etc. The minimum value is \"10 minutes\".\n"},"refreshTokenCookieDomain":{"type":"string","description":"The domain name for refresh token cookies. To read more about custom domain and cookie policy click [here](https://docs.descope.com/how-to-deploy-to-production/custom-domain).\n"},"refreshTokenCookiePolicy":{"type":"string","description":"Use \u003cspan pulumi-lang-nodejs=\"`strict`\" pulumi-lang-dotnet=\"`Strict`\" pulumi-lang-go=\"`strict`\" pulumi-lang-python=\"`strict`\" pulumi-lang-yaml=\"`strict`\" pulumi-lang-java=\"`strict`\"\u003e`strict`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`lax`\" pulumi-lang-dotnet=\"`Lax`\" pulumi-lang-go=\"`lax`\" pulumi-lang-python=\"`lax`\" pulumi-lang-yaml=\"`lax`\" pulumi-lang-java=\"`lax`\"\u003e`lax`\u003c/span\u003e or \u003cspan pulumi-lang-nodejs=\"`none`\" pulumi-lang-dotnet=\"`None`\" pulumi-lang-go=\"`none`\" pulumi-lang-python=\"`none`\" pulumi-lang-yaml=\"`none`\" pulumi-lang-java=\"`none`\"\u003e`none`\u003c/span\u003e. Read more about custom domains and cookie policy [here](https://docs.descope.com/how-to-deploy-to-production/custom-domain).\n"},"refreshTokenExpiration":{"type":"string","description":"The expiry time for the refresh token, after which the user must log in again. Use values such as \"4 weeks\", \"14 days\", etc. The minimum value is \"3 minutes\".\n"},"refreshTokenResponseMethod":{"type":"string","description":"Configure how refresh tokens are managed by the Descope SDKs. Must be either \u003cspan pulumi-lang-nodejs=\"`responseBody`\" pulumi-lang-dotnet=\"`ResponseBody`\" pulumi-lang-go=\"`responseBody`\" pulumi-lang-python=\"`response_body`\" pulumi-lang-yaml=\"`responseBody`\" pulumi-lang-java=\"`responseBody`\"\u003e`response_body`\u003c/span\u003e or \u003cspan pulumi-lang-nodejs=\"`cookies`\" pulumi-lang-dotnet=\"`Cookies`\" pulumi-lang-go=\"`cookies`\" pulumi-lang-python=\"`cookies`\" pulumi-lang-yaml=\"`cookies`\" pulumi-lang-java=\"`cookies`\"\u003e`cookies`\u003c/span\u003e. The default value is \u003cspan pulumi-lang-nodejs=\"`responseBody`\" pulumi-lang-dotnet=\"`ResponseBody`\" pulumi-lang-go=\"`responseBody`\" pulumi-lang-python=\"`response_body`\" pulumi-lang-yaml=\"`responseBody`\" pulumi-lang-java=\"`responseBody`\"\u003e`response_body`\u003c/span\u003e.\n"},"refreshTokenRotation":{"type":"boolean","description":"Every time the user refreshes their session token via their refresh token, the refresh token itself is also updated to a new one.\n"},"sessionMigration":{"$ref":"#/types/descope:index/ProjectProjectSettingsSessionMigration:ProjectProjectSettingsSessionMigration","description":"Configure seamless migration of existing user sessions from another vendor to Descope.\n"},"sessionTokenCookieDomain":{"type":"string","description":"The domain name for session token cookies. To read more about custom domain and cookie policy click [here](https://docs.descope.com/how-to-deploy-to-production/custom-domain).\n"},"sessionTokenCookiePolicy":{"type":"string","description":"Use \u003cspan pulumi-lang-nodejs=\"`strict`\" pulumi-lang-dotnet=\"`Strict`\" pulumi-lang-go=\"`strict`\" pulumi-lang-python=\"`strict`\" pulumi-lang-yaml=\"`strict`\" pulumi-lang-java=\"`strict`\"\u003e`strict`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`lax`\" pulumi-lang-dotnet=\"`Lax`\" pulumi-lang-go=\"`lax`\" pulumi-lang-python=\"`lax`\" pulumi-lang-yaml=\"`lax`\" pulumi-lang-java=\"`lax`\"\u003e`lax`\u003c/span\u003e or \u003cspan pulumi-lang-nodejs=\"`none`\" pulumi-lang-dotnet=\"`None`\" pulumi-lang-go=\"`none`\" pulumi-lang-python=\"`none`\" pulumi-lang-yaml=\"`none`\" pulumi-lang-java=\"`none`\"\u003e`none`\u003c/span\u003e. Read more about custom domains and cookie policy [here](https://docs.descope.com/how-to-deploy-to-production/custom-domain).\n"},"sessionTokenExpiration":{"type":"string","description":"The expiry time of the session token, used for accessing the application's resources. The value needs to be at least 3 minutes and can't be longer than the refresh token expiration.\n"},"sessionTokenResponseMethod":{"type":"string","description":"Configure how sessions tokens are managed by the Descope SDKs. Must be either \u003cspan pulumi-lang-nodejs=\"`responseBody`\" pulumi-lang-dotnet=\"`ResponseBody`\" pulumi-lang-go=\"`responseBody`\" pulumi-lang-python=\"`response_body`\" pulumi-lang-yaml=\"`responseBody`\" pulumi-lang-java=\"`responseBody`\"\u003e`response_body`\u003c/span\u003e or \u003cspan pulumi-lang-nodejs=\"`cookies`\" pulumi-lang-dotnet=\"`Cookies`\" pulumi-lang-go=\"`cookies`\" pulumi-lang-python=\"`cookies`\" pulumi-lang-yaml=\"`cookies`\" pulumi-lang-java=\"`cookies`\"\u003e`cookies`\u003c/span\u003e. The default value is \u003cspan pulumi-lang-nodejs=\"`responseBody`\" pulumi-lang-dotnet=\"`ResponseBody`\" pulumi-lang-go=\"`responseBody`\" pulumi-lang-python=\"`response_body`\" pulumi-lang-yaml=\"`responseBody`\" pulumi-lang-java=\"`responseBody`\"\u003e`response_body`\u003c/span\u003e.\n"},"stepUpTokenExpiration":{"type":"string","description":"The expiry time for the step up token, after which it will not be valid and the user will automatically go back to the session token.\n"},"testUsersLoginidRegexp":{"type":"string","description":"Define a regular expression so that whenever a user is created with a matching login ID it will automatically be marked as a test user.\n"},"testUsersStaticOtp":{"type":"string","description":"A 6 digit static OTP code for use with test users.\n"},"testUsersVerifierRegexp":{"type":"string","description":"The pattern of the verifiers that will be used for testing.\n"},"trustedDeviceTokenExpiration":{"type":"string","description":"The expiry time for the trusted device token. The minimum value is \"3 minutes\".\n"},"userJwtTemplate":{"type":"string","description":"Name of the user JWT Template.\n"}},"type":"object","language":{"nodejs":{"requiredOutputs":["accessKeyJwtTemplate","accessKeySessionTokenExpiration","appUrl","approvedDomains","customDomain","defaultNoSsoApps","enableInactivity","inactivityTime","refreshTokenCookieDomain","refreshTokenCookiePolicy","refreshTokenExpiration","refreshTokenResponseMethod","refreshTokenRotation","sessionMigration","sessionTokenCookieDomain","sessionTokenCookiePolicy","sessionTokenExpiration","sessionTokenResponseMethod","stepUpTokenExpiration","testUsersLoginidRegexp","testUsersStaticOtp","testUsersVerifierRegexp","trustedDeviceTokenExpiration","userJwtTemplate"]}}},"descope:index/ProjectProjectSettingsSessionMigration:ProjectProjectSettingsSessionMigration":{"properties":{"audience":{"type":"string","description":"The audience value if needed by the vendor.\n"},"clientId":{"type":"string","description":"The unique client ID for the vendor.\n"},"domain":{"type":"string","description":"The domain value if needed by the vendor.\n"},"issuer":{"type":"string","description":"An issuer URL if needed by the vendor.\n"},"loginidMatchedAttributes":{"type":"array","items":{"type":"string"},"description":"A set of attributes from the vendor's user that should be used to match with the Descope user's login ID.\n"},"vendor":{"type":"string","description":"The name of the vendor the sessions are migrated from, in all lowercase.\n"}},"type":"object","language":{"nodejs":{"requiredOutputs":["audience","clientId","domain","issuer","loginidMatchedAttributes","vendor"]}}},"descope:index/ProjectStyles:ProjectStyles":{"properties":{"data":{"type":"string","description":"The JSON data defining the visual styling and theme configuration used for authentication, widgets, etc.\n"}},"type":"object","required":["data"]},"descope:index/ProjectWidgets:ProjectWidgets":{"properties":{"data":{"type":"string","description":"The JSON data defining the widget. This will usually be exported as a `.json` file from the Descope console, and set in the `.tf` file using the `data = file(\"...\")` syntax.\n"}},"type":"object","required":["data"]}},"provider":{"description":"The provider type for the descope package. By default, resources use package-wide configuration\nsettings, however an explicit `Provider` instance may be created and passed during resource\nconstruction to achieve fine-grained programmatic control over provider settings. See the\n[documentation](https://www.pulumi.com/docs/reference/programming-model/#providers) for more information.\n","properties":{"baseUrl":{"type":"string","description":"An optional base URL for the Descope API"},"managementKey":{"type":"string","description":"A valid management key for your Descope company","secret":true},"projectId":{"type":"string","deprecationMessage":"The\u003cspan pulumi-lang-nodejs=\" projectId \" pulumi-lang-dotnet=\" ProjectId \" pulumi-lang-go=\" projectId \" pulumi-lang-python=\" project_id \" pulumi-lang-yaml=\" projectId \" pulumi-lang-java=\" projectId \"\u003e project_id \u003c/span\u003eattribute in the 'descope' provider block is no longer required and can be safely removed"}},"inputProperties":{"baseUrl":{"type":"string","description":"An optional base URL for the Descope API"},"managementKey":{"type":"string","description":"A valid management key for your Descope company","secret":true},"projectId":{"type":"string","deprecationMessage":"The\u003cspan pulumi-lang-nodejs=\" projectId \" pulumi-lang-dotnet=\" ProjectId \" pulumi-lang-go=\" projectId \" pulumi-lang-python=\" project_id \" pulumi-lang-yaml=\" projectId \" pulumi-lang-java=\" projectId \"\u003e project_id \u003c/span\u003eattribute in the 'descope' provider block is no longer required and can be safely removed"}},"methods":{"terraformConfig":"pulumi:providers:descope/terraformConfig"}},"resources":{"descope:index/project:Project":{"properties":{"applications":{"$ref":"#/types/descope:index/ProjectApplications:ProjectApplications","description":"Applications that are registered with the project.\n"},"attributes":{"$ref":"#/types/descope:index/ProjectAttributes:ProjectAttributes","description":"Custom attributes that can be attached to users and tenants.\n"},"authentication":{"$ref":"#/types/descope:index/ProjectAuthentication:ProjectAuthentication","description":"Settings for each authentication method.\n"},"authorization":{"$ref":"#/types/descope:index/ProjectAuthorization:ProjectAuthorization","description":"Define Role-Based Access Control (RBAC) for your users by creating roles and permissions.\n"},"connectors":{"$ref":"#/types/descope:index/ProjectConnectors:ProjectConnectors","description":"Enrich your flows by interacting with third party services.\n"},"environment":{"type":"string","description":"This can be set to \u003cspan pulumi-lang-nodejs=\"`production`\" pulumi-lang-dotnet=\"`Production`\" pulumi-lang-go=\"`production`\" pulumi-lang-python=\"`production`\" pulumi-lang-yaml=\"`production`\" pulumi-lang-java=\"`production`\"\u003e`production`\u003c/span\u003e to mark production projects, otherwise this should be left unset for development or staging projects.\n"},"flows":{"type":"object","additionalProperties":{"$ref":"#/types/descope:index/ProjectFlows:ProjectFlows"},"description":"Custom authentication flows to use in this project.\n"},"inviteSettings":{"$ref":"#/types/descope:index/ProjectInviteSettings:ProjectInviteSettings","description":"User invitation settings and behavior.\n"},"jwtTemplates":{"$ref":"#/types/descope:index/ProjectJwtTemplates:ProjectJwtTemplates","description":"Defines templates for JSON Web Tokens (JWT) used for authentication.\n"},"lists":{"type":"array","items":{"$ref":"#/types/descope:index/ProjectList:ProjectList"},"description":"Lists that can be used for various purposes in the project, such as IP allowlists, text lists, or custom JSON data.\n"},"name":{"type":"string","description":"The name of the Descope project.\n"},"projectSettings":{"$ref":"#/types/descope:index/ProjectProjectSettings:ProjectProjectSettings","description":"General settings for the Descope project.\n"},"styles":{"$ref":"#/types/descope:index/ProjectStyles:ProjectStyles","description":"Custom styles that can be applied to the project's authentication flows.\n"},"tags":{"type":"array","items":{"type":"string"},"description":"Descriptive tags for your Descope project. Each tag must be no more than 50 characters long.\n"},"widgets":{"type":"object","additionalProperties":{"$ref":"#/types/descope:index/ProjectWidgets:ProjectWidgets"},"description":"Embeddable components designed to facilitate the delegation of operations to tenant admins and end users.\n"}},"required":["applications","attributes","authentication","authorization","connectors","environment","flows","inviteSettings","jwtTemplates","lists","name","projectSettings","styles","tags","widgets"],"inputProperties":{"applications":{"$ref":"#/types/descope:index/ProjectApplications:ProjectApplications","description":"Applications that are registered with the project.\n"},"attributes":{"$ref":"#/types/descope:index/ProjectAttributes:ProjectAttributes","description":"Custom attributes that can be attached to users and tenants.\n"},"authentication":{"$ref":"#/types/descope:index/ProjectAuthentication:ProjectAuthentication","description":"Settings for each authentication method.\n"},"authorization":{"$ref":"#/types/descope:index/ProjectAuthorization:ProjectAuthorization","description":"Define Role-Based Access Control (RBAC) for your users by creating roles and permissions.\n"},"connectors":{"$ref":"#/types/descope:index/ProjectConnectors:ProjectConnectors","description":"Enrich your flows by interacting with third party services.\n"},"environment":{"type":"string","description":"This can be set to \u003cspan pulumi-lang-nodejs=\"`production`\" pulumi-lang-dotnet=\"`Production`\" pulumi-lang-go=\"`production`\" pulumi-lang-python=\"`production`\" pulumi-lang-yaml=\"`production`\" pulumi-lang-java=\"`production`\"\u003e`production`\u003c/span\u003e to mark production projects, otherwise this should be left unset for development or staging projects.\n"},"flows":{"type":"object","additionalProperties":{"$ref":"#/types/descope:index/ProjectFlows:ProjectFlows"},"description":"Custom authentication flows to use in this project.\n"},"inviteSettings":{"$ref":"#/types/descope:index/ProjectInviteSettings:ProjectInviteSettings","description":"User invitation settings and behavior.\n"},"jwtTemplates":{"$ref":"#/types/descope:index/ProjectJwtTemplates:ProjectJwtTemplates","description":"Defines templates for JSON Web Tokens (JWT) used for authentication.\n"},"lists":{"type":"array","items":{"$ref":"#/types/descope:index/ProjectList:ProjectList"},"description":"Lists that can be used for various purposes in the project, such as IP allowlists, text lists, or custom JSON data.\n"},"name":{"type":"string","description":"The name of the Descope project.\n"},"projectSettings":{"$ref":"#/types/descope:index/ProjectProjectSettings:ProjectProjectSettings","description":"General settings for the Descope project.\n"},"styles":{"$ref":"#/types/descope:index/ProjectStyles:ProjectStyles","description":"Custom styles that can be applied to the project's authentication flows.\n"},"tags":{"type":"array","items":{"type":"string"},"description":"Descriptive tags for your Descope project. Each tag must be no more than 50 characters long.\n"},"widgets":{"type":"object","additionalProperties":{"$ref":"#/types/descope:index/ProjectWidgets:ProjectWidgets"},"description":"Embeddable components designed to facilitate the delegation of operations to tenant admins and end users.\n"}},"stateInputs":{"description":"Input properties used for looking up and filtering Project resources.\n","properties":{"applications":{"$ref":"#/types/descope:index/ProjectApplications:ProjectApplications","description":"Applications that are registered with the project.\n"},"attributes":{"$ref":"#/types/descope:index/ProjectAttributes:ProjectAttributes","description":"Custom attributes that can be attached to users and tenants.\n"},"authentication":{"$ref":"#/types/descope:index/ProjectAuthentication:ProjectAuthentication","description":"Settings for each authentication method.\n"},"authorization":{"$ref":"#/types/descope:index/ProjectAuthorization:ProjectAuthorization","description":"Define Role-Based Access Control (RBAC) for your users by creating roles and permissions.\n"},"connectors":{"$ref":"#/types/descope:index/ProjectConnectors:ProjectConnectors","description":"Enrich your flows by interacting with third party services.\n"},"environment":{"type":"string","description":"This can be set to \u003cspan pulumi-lang-nodejs=\"`production`\" pulumi-lang-dotnet=\"`Production`\" pulumi-lang-go=\"`production`\" pulumi-lang-python=\"`production`\" pulumi-lang-yaml=\"`production`\" pulumi-lang-java=\"`production`\"\u003e`production`\u003c/span\u003e to mark production projects, otherwise this should be left unset for development or staging projects.\n"},"flows":{"type":"object","additionalProperties":{"$ref":"#/types/descope:index/ProjectFlows:ProjectFlows"},"description":"Custom authentication flows to use in this project.\n"},"inviteSettings":{"$ref":"#/types/descope:index/ProjectInviteSettings:ProjectInviteSettings","description":"User invitation settings and behavior.\n"},"jwtTemplates":{"$ref":"#/types/descope:index/ProjectJwtTemplates:ProjectJwtTemplates","description":"Defines templates for JSON Web Tokens (JWT) used for authentication.\n"},"lists":{"type":"array","items":{"$ref":"#/types/descope:index/ProjectList:ProjectList"},"description":"Lists that can be used for various purposes in the project, such as IP allowlists, text lists, or custom JSON data.\n"},"name":{"type":"string","description":"The name of the Descope project.\n"},"projectSettings":{"$ref":"#/types/descope:index/ProjectProjectSettings:ProjectProjectSettings","description":"General settings for the Descope project.\n"},"styles":{"$ref":"#/types/descope:index/ProjectStyles:ProjectStyles","description":"Custom styles that can be applied to the project's authentication flows.\n"},"tags":{"type":"array","items":{"type":"string"},"description":"Descriptive tags for your Descope project. Each tag must be no more than 50 characters long.\n"},"widgets":{"type":"object","additionalProperties":{"$ref":"#/types/descope:index/ProjectWidgets:ProjectWidgets"},"description":"Embeddable components designed to facilitate the delegation of operations to tenant admins and end users.\n"}},"type":"object"}}},"functions":{"pulumi:providers:descope/terraformConfig":{"description":"This function returns a Terraform config object with terraform-namecased keys,to be used with the Terraform Module Provider.","inputs":{"properties":{"__self__":{"type":"ref","$ref":"#/provider"}},"type":"pulumi:providers:descope/terraformConfig","required":["__self__"]},"outputs":{"properties":{"result":{"additionalProperties":{"$ref":"pulumi.json#/Any"},"type":"object"}},"required":["result"],"type":"object"}}}}