Skip to main content

akeyless_api/models/
create_auth_method_oidc.rs

1/*
2 * Akeyless API
3 *
4 * The purpose of this application is to provide access to Akeyless API.
5 *
6 * The version of the OpenAPI document: 3.0
7 * Contact: support@akeyless.io
8 * Generated by: https://openapi-generator.tech
9 */
10
11use crate::models;
12use serde::{Deserialize, Serialize};
13
14/// CreateAuthMethodOidc : createAuthMethodOIDC is a command that creates a new auth method that will be available to authenticate using OIDC. [Deprecated: Use auth-method-create-oidc command]
15#[derive(Clone, Default, Debug, PartialEq, Serialize, Deserialize)]
16pub struct CreateAuthMethodOidc {
17    /// Access expiration date in Unix timestamp (select 0 for access without expiry date)
18    #[serde(rename = "access-expires", skip_serializing_if = "Option::is_none")]
19    pub access_expires: Option<i64>,
20    /// limit the auth method usage for specific client types [cli,ui,gateway-admin,sdk,mobile,extension]
21    #[serde(rename = "allowed-client-type", skip_serializing_if = "Option::is_none")]
22    pub allowed_client_type: Option<Vec<String>>,
23    /// Allowed redirect URIs after the authentication
24    #[serde(rename = "allowed-redirect-uri", skip_serializing_if = "Option::is_none")]
25    pub allowed_redirect_uri: Option<Vec<String>>,
26    /// Audience claim to be used as part of the authentication flow. In case set, it must match the one configured on the Identity Provider's Application
27    #[serde(rename = "audience", skip_serializing_if = "Option::is_none")]
28    pub audience: Option<String>,
29    /// Subclaims to include in audit logs, e.g \"--audit-logs-claims email --audit-logs-claims username\"
30    #[serde(rename = "audit-logs-claims", skip_serializing_if = "Option::is_none")]
31    pub audit_logs_claims: Option<Vec<String>>,
32    /// A CIDR whitelist with the IPs that the access is restricted to
33    #[serde(rename = "bound-ips", skip_serializing_if = "Option::is_none")]
34    pub bound_ips: Option<Vec<String>>,
35    /// Client ID
36    #[serde(rename = "client-id", skip_serializing_if = "Option::is_none")]
37    pub client_id: Option<String>,
38    /// Client Secret
39    #[serde(rename = "client-secret", skip_serializing_if = "Option::is_none")]
40    pub client_secret: Option<String>,
41    /// Protection from accidental deletion of this object [true/false]
42    #[serde(rename = "delete_protection", skip_serializing_if = "Option::is_none")]
43    pub delete_protection: Option<String>,
44    /// Auth Method description
45    #[serde(rename = "description", skip_serializing_if = "Option::is_none")]
46    pub description: Option<String>,
47    /// How many days before the expiration of the auth method would you like to be notified.
48    #[serde(rename = "expiration-event-in", skip_serializing_if = "Option::is_none")]
49    pub expiration_event_in: Option<Vec<String>>,
50    /// if true: enforce role-association must include sub claims
51    #[serde(rename = "force-sub-claims", skip_serializing_if = "Option::is_none")]
52    pub force_sub_claims: Option<bool>,
53    /// A CIDR whitelist with the GW IPs that the access is restricted to
54    #[serde(rename = "gw-bound-ips", skip_serializing_if = "Option::is_none")]
55    pub gw_bound_ips: Option<Vec<String>>,
56    /// Issuer URL
57    #[serde(rename = "issuer", skip_serializing_if = "Option::is_none")]
58    pub issuer: Option<String>,
59    /// Set output format to JSON
60    #[serde(rename = "json", skip_serializing_if = "Option::is_none")]
61    pub json: Option<bool>,
62    /// Jwt TTL
63    #[serde(rename = "jwt-ttl", skip_serializing_if = "Option::is_none")]
64    pub jwt_ttl: Option<i64>,
65    /// Auth Method name
66    #[serde(rename = "name")]
67    pub name: String,
68    /// Choose the relevant product type for the auth method [sm, sra, pm, dp, ca]
69    #[serde(rename = "product-type", skip_serializing_if = "Option::is_none")]
70    pub product_type: Option<Vec<String>>,
71    /// RequiredScopes is a list of required scopes that the oidc method will request from the oidc provider and the user must approve
72    #[serde(rename = "required-scopes", skip_serializing_if = "Option::is_none")]
73    pub required_scopes: Option<Vec<String>>,
74    /// RequiredScopesPrefix is a a prefix to add to all required-scopes when requesting them from the oidc server (for example, azures' Application ID URI)
75    #[serde(rename = "required-scopes-prefix", skip_serializing_if = "Option::is_none")]
76    pub required_scopes_prefix: Option<String>,
77    /// A list of additional sub claims delimiters (relevant only for SAML, OIDC, OAuth2/JWT)
78    #[serde(rename = "subclaims-delimiters", skip_serializing_if = "Option::is_none")]
79    pub subclaims_delimiters: Option<Vec<String>>,
80    /// Authentication token (see `/auth` and `/configure`)
81    #[serde(rename = "token", skip_serializing_if = "Option::is_none")]
82    pub token: Option<String>,
83    /// The universal identity token, Required only for universal_identity authentication
84    #[serde(rename = "uid-token", skip_serializing_if = "Option::is_none")]
85    pub uid_token: Option<String>,
86    /// A unique identifier (ID) value should be configured for OIDC, OAuth2, LDAP and SAML authentication method types and is usually a value such as the email, username, or upn for example. Whenever a user logs in with a token, these authentication types issue a \"sub claim\" that contains details uniquely identifying that user. This sub claim includes a key containing the ID value that you configured, and is used to distinguish between different users from within the same organization.
87    #[serde(rename = "unique-identifier")]
88    pub unique_identifier: String,
89}
90
91impl CreateAuthMethodOidc {
92    /// createAuthMethodOIDC is a command that creates a new auth method that will be available to authenticate using OIDC. [Deprecated: Use auth-method-create-oidc command]
93    pub fn new(name: String, unique_identifier: String) -> CreateAuthMethodOidc {
94        CreateAuthMethodOidc {
95            access_expires: None,
96            allowed_client_type: None,
97            allowed_redirect_uri: None,
98            audience: None,
99            audit_logs_claims: None,
100            bound_ips: None,
101            client_id: None,
102            client_secret: None,
103            delete_protection: None,
104            description: None,
105            expiration_event_in: None,
106            force_sub_claims: None,
107            gw_bound_ips: None,
108            issuer: None,
109            json: None,
110            jwt_ttl: None,
111            name,
112            product_type: None,
113            required_scopes: None,
114            required_scopes_prefix: None,
115            subclaims_delimiters: None,
116            token: None,
117            uid_token: None,
118            unique_identifier,
119        }
120    }
121}
122