» cloudflare_access_identity_provider

Provides a Cloudflare Access Identity Provider resource. Identity Providers are used as an authentication or authorisation source within Access.

» Example Usage

# one time pin
resource "cloudflare_access_identity_provider" "pin_login" {
  account_id = "1d5fdc9e88c8a8c4518b068cd94331fe"
  name       = "PIN login"
  type       = "onetimepin"
}

# oauth
resource "cloudflare_access_identity_provider" "github_oauth" {
  account_id = "1d5fdc9e88c8a8c4518b068cd94331fe"
  name       = "GitHub OAuth"
  type       = "github"
  config {
    client_id     = "example"
    client_secret = "secret_key"
  }
}

# saml
resource "cloudflare_access_identity_provider" "jumpcloud_saml" {
  account_id = "1d5fdc9e88c8a8c4518b068cd94331fe"
  name       = "JumpCloud SAML"
  type       = "saml"
  config {
    issuer_url = "jumpcloud"
    sso_target_url = "https://sso.myexample.jumpcloud.com/saml2/cloudflareaccess"
    attributes = [ "email", "username" ]
    sign_request = false
    idp_public_cert = "MIIDpDCCAoygAwIBAgIGAV2ka+55MA0GCSqGSIb3DQEBCwUAMIGSMQswCQ...GF/Q2/MHadws97cZg\nuTnQyuOqPuHbnN83d/2l1NSYKCbHt24o"
  }
}

Please refer to the developers.cloudflare.com Access documentation for full reference on what is available and how to configure your provider.

» Argument Reference

The following arguments are supported:

  • account - (Required) The account ID the provider should be associated with.
  • name - (Required) Friendly name of the Access Identity Provider configuration.
  • type - (Required) The provider type to use. Must be one of: "centrify", "facebook", "google-apps", "oidc", "github", "google", "saml", "linkedin", "azureAD", "okta", "onetimepin", "onelogin", "yandex".
  • config - (Optional) Provider configuration from the developer documentation.

» Attributes Reference

The following additional attributes are exported:

  • id - ID of the Access Identity Provider
  • name - Friendly name of the Access Identity Provider configuration.
  • type - The provider type to use.
  • config - Access Identity Provider configuration.

» Import

Access Identity Providers can be imported using a composite ID formed of account ID and Access Identity Provider ID.

$ terraform import cloudflare_access_identity_provider.my_idp cb029e245cfdd66dc8d2e570d5dd3322/e00e1c13-e350-44fe-96c5-fb75c954871c