| Name | Type | Description | Notes |
|---|---|---|---|
| enabled | bool | Enable/Disable OIDC authentication for the server | [optional] |
| identifier | string | Relying Party Identifier (provided by OpenID Provider) | [optional] |
| secret | string | (Write-Only) Relying Party Secret (provided by OpenID Provider) | [optional] |
| scopes | string[] | Array of scopes to request. | [optional] |
| issuer | string | OpenID Provider Issuer | [optional] |
| audience | string | OpenID Provider Audience | [optional] |
| authorization_endpoint | string | OpenID Provider Authorization Url | [optional] |
| token_endpoint | string | OpenID Provider Token Url | [optional] |
| userinfo_endpoint | string | OpenID Provider User Information Url | [optional] |
| user_attribute_map_email | string | Name of user record attributes used to indicate email address field | [optional] |
| user_attribute_map_first_name | string | Name of user record attributes used to indicate first name | [optional] |
| user_attribute_map_last_name | string | Name of user record attributes used to indicate last name | [optional] |
| new_user_migration_types | string | Merge first-time oidc login to existing user account by email addresses. When a user logs in for the first time via oidc this option will connect this user into their existing account by finding the account with a matching email address by testing the given types of credentials for existing users. Otherwise a new user account will be created for the user. This list (if provided) must be a comma separated list of string like 'email,ldap,google' | [optional] |
| alternate_email_login_allowed | bool | Allow alternate email-based login via '/login/email' for admins and for specified users with the 'login_special_email' permission. This option is useful as a fallback during ldap setup, if ldap config problems occur later, or if you need to support some users who are not in your ldap directory. Looker email/password logins are always disabled for regular users when ldap is enabled. | [optional] |
| test_slug | string | Slug to identify configurations that are created in order to run a OIDC config test | [optional] |
| modified_at | string | When this config was last modified | [optional] |
| modified_by | string | User id of user who last modified this config | [optional] |
| default_new_user_roles | \Looker\Model\Role[] | (Read-only) Roles that will be applied to new users the first time they login via OIDC | [optional] |
| default_new_user_groups | \Looker\Model\Group[] | (Read-only) Groups that will be applied to new users the first time they login via OIDC | [optional] |
| default_new_user_role_ids | int[] | (Write-Only) Array of ids of roles that will be applied to new users the first time they login via OIDC | [optional] |
| default_new_user_group_ids | int[] | (Write-Only) Array of ids of groups that will be applied to new users the first time they login via OIDC | [optional] |
| set_roles_from_groups | bool | Set user roles in Looker based on groups from OIDC | [optional] |
| groups_attribute | string | Name of user record attributes used to indicate groups. Used when 'groups_finder_type' is set to 'grouped_attribute_values' | [optional] |
| groups | \Looker\Model\OIDCGroupRead[] | (Read-only) Array of mappings between OIDC Groups and Looker Roles | [optional] |
| groups_with_role_ids | \Looker\Model\OIDCGroupWrite[] | (Read/Write) Array of mappings between OIDC Groups and arrays of Looker Role ids | [optional] |
| auth_requires_role | bool | Users will not be allowed to login at all unless a role for them is found in OIDC if set to true | [optional] |
| user_attributes | \Looker\Model\OIDCUserAttributeRead[] | (Read-only) Array of mappings between OIDC User Attributes and Looker User Attributes | [optional] |
| user_attributes_with_ids | \Looker\Model\OIDCUserAttributeWrite[] | (Read/Write) Array of mappings between OIDC User Attributes and arrays of Looker User Attribute ids | [optional] |
| url | string | Link to get this item | [optional] |
| can | map[string,bool] | Operations the current user is able to perform on this object | [optional] |
This repository has been archived by the owner on Jul 8, 2020. It is now read-only.