fortimanager 1.14.0, Apr 15 25

fortimanager 1.14.0 published on Tuesday, Apr 15, 2025 by fortinetdev

fortinetdev/terraform-provider-fortimanager

fortimanager.ObjectAuthenticationScheme

Explore with Pulumi AI

fortimanager 1.14.0 published on Tuesday, Apr 15, 2025 by fortinetdev

fortinetdev/terraform-provider-fortimanager

import * as pulumi from "@pulumi/pulumi";
import * as fortimanager from "@pulumi/fortimanager";

const trname = new fortimanager.ObjectAuthenticationScheme("trname", {
    fssoGuest: "enable",
    methods: ["basic"],
    requireTfa: "disable",
});

import pulumi
import pulumi_fortimanager as fortimanager

trname = fortimanager.ObjectAuthenticationScheme("trname",
    fsso_guest="enable",
    methods=["basic"],
    require_tfa="disable")

package main

import (
	"github.com/pulumi/pulumi-terraform-provider/sdks/go/fortimanager/fortimanager"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := fortimanager.NewObjectAuthenticationScheme(ctx, "trname", &fortimanager.ObjectAuthenticationSchemeArgs{
			FssoGuest: pulumi.String("enable"),
			Methods: pulumi.StringArray{
				pulumi.String("basic"),
			},
			RequireTfa: pulumi.String("disable"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Fortimanager = Pulumi.Fortimanager;

return await Deployment.RunAsync(() => 
{
    var trname = new Fortimanager.ObjectAuthenticationScheme("trname", new()
    {
        FssoGuest = "enable",
        Methods = new[]
        {
            "basic",
        },
        RequireTfa = "disable",
    });

});

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.fortimanager.ObjectAuthenticationScheme;
import com.pulumi.fortimanager.ObjectAuthenticationSchemeArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var trname = new ObjectAuthenticationScheme("trname", ObjectAuthenticationSchemeArgs.builder()
            .fssoGuest("enable")
            .methods("basic")
            .requireTfa("disable")
            .build());

    }
}

resources:
  trname:
    type: fortimanager:ObjectAuthenticationScheme
    properties:
      fssoGuest: enable
      methods:
        - basic
      requireTfa: disable

Create ObjectAuthenticationScheme Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

TypeScript
Python
Go
C#
Java
YAML

new ObjectAuthenticationScheme(name: string, args?: ObjectAuthenticationSchemeArgs, opts?: CustomResourceOptions);

@overload
def ObjectAuthenticationScheme(resource_name: str,
                               args: Optional[ObjectAuthenticationSchemeArgs] = None,
                               opts: Optional[ResourceOptions] = None)

@overload
def ObjectAuthenticationScheme(resource_name: str,
                               opts: Optional[ResourceOptions] = None,
                               adom: Optional[str] = None,
                               domain_controller: Optional[str] = None,
                               ems_device_owner: Optional[str] = None,
                               external_idps: Optional[Sequence[str]] = None,
                               fsso_agent_for_ntlm: Optional[str] = None,
                               fsso_guest: Optional[str] = None,
                               kerberos_keytab: Optional[str] = None,
                               methods: Optional[Sequence[str]] = None,
                               name: Optional[str] = None,
                               negotiate_ntlm: Optional[str] = None,
                               object_authentication_scheme_id: Optional[str] = None,
                               require_tfa: Optional[str] = None,
                               saml_server: Optional[str] = None,
                               saml_timeout: Optional[float] = None,
                               scopetype: Optional[str] = None,
                               ssh_ca: Optional[str] = None,
                               user_cert: Optional[str] = None,
                               user_databases: Optional[Sequence[str]] = None)

func NewObjectAuthenticationScheme(ctx *Context, name string, args *ObjectAuthenticationSchemeArgs, opts ...ResourceOption) (*ObjectAuthenticationScheme, error)

public ObjectAuthenticationScheme(string name, ObjectAuthenticationSchemeArgs? args = null, CustomResourceOptions? opts = null)

public ObjectAuthenticationScheme(String name, ObjectAuthenticationSchemeArgs args)
public ObjectAuthenticationScheme(String name, ObjectAuthenticationSchemeArgs args, CustomResourceOptions options)

type: fortimanager:ObjectAuthenticationScheme
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name string: The unique name of the resource.
args ObjectAuthenticationSchemeArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args ObjectAuthenticationSchemeArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args ObjectAuthenticationSchemeArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args ObjectAuthenticationSchemeArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args ObjectAuthenticationSchemeArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

Constructor example

The following reference example uses placeholder values for all input properties.

TypeScript
Python
Go
C#
Java
YAML

var objectAuthenticationSchemeResource = new Fortimanager.ObjectAuthenticationScheme("objectAuthenticationSchemeResource", new()
{
    Adom = "string",
    DomainController = "string",
    EmsDeviceOwner = "string",
    ExternalIdps = new[]
    {
        "string",
    },
    FssoAgentForNtlm = "string",
    FssoGuest = "string",
    KerberosKeytab = "string",
    Methods = new[]
    {
        "string",
    },
    Name = "string",
    NegotiateNtlm = "string",
    ObjectAuthenticationSchemeId = "string",
    RequireTfa = "string",
    SamlServer = "string",
    SamlTimeout = 0,
    Scopetype = "string",
    SshCa = "string",
    UserCert = "string",
    UserDatabases = new[]
    {
        "string",
    },
});

example, err := fortimanager.NewObjectAuthenticationScheme(ctx, "objectAuthenticationSchemeResource", &fortimanager.ObjectAuthenticationSchemeArgs{
Adom: pulumi.String("string"),
DomainController: pulumi.String("string"),
EmsDeviceOwner: pulumi.String("string"),
ExternalIdps: pulumi.StringArray{
pulumi.String("string"),
},
FssoAgentForNtlm: pulumi.String("string"),
FssoGuest: pulumi.String("string"),
KerberosKeytab: pulumi.String("string"),
Methods: pulumi.StringArray{
pulumi.String("string"),
},
Name: pulumi.String("string"),
NegotiateNtlm: pulumi.String("string"),
ObjectAuthenticationSchemeId: pulumi.String("string"),
RequireTfa: pulumi.String("string"),
SamlServer: pulumi.String("string"),
SamlTimeout: pulumi.Float64(0),
Scopetype: pulumi.String("string"),
SshCa: pulumi.String("string"),
UserCert: pulumi.String("string"),
UserDatabases: pulumi.StringArray{
pulumi.String("string"),
},
})

var objectAuthenticationSchemeResource = new ObjectAuthenticationScheme("objectAuthenticationSchemeResource", ObjectAuthenticationSchemeArgs.builder()
    .adom("string")
    .domainController("string")
    .emsDeviceOwner("string")
    .externalIdps("string")
    .fssoAgentForNtlm("string")
    .fssoGuest("string")
    .kerberosKeytab("string")
    .methods("string")
    .name("string")
    .negotiateNtlm("string")
    .objectAuthenticationSchemeId("string")
    .requireTfa("string")
    .samlServer("string")
    .samlTimeout(0)
    .scopetype("string")
    .sshCa("string")
    .userCert("string")
    .userDatabases("string")
    .build());

object_authentication_scheme_resource = fortimanager.ObjectAuthenticationScheme("objectAuthenticationSchemeResource",
    adom="string",
    domain_controller="string",
    ems_device_owner="string",
    external_idps=["string"],
    fsso_agent_for_ntlm="string",
    fsso_guest="string",
    kerberos_keytab="string",
    methods=["string"],
    name="string",
    negotiate_ntlm="string",
    object_authentication_scheme_id="string",
    require_tfa="string",
    saml_server="string",
    saml_timeout=0,
    scopetype="string",
    ssh_ca="string",
    user_cert="string",
    user_databases=["string"])

const objectAuthenticationSchemeResource = new fortimanager.ObjectAuthenticationScheme("objectAuthenticationSchemeResource", {
    adom: "string",
    domainController: "string",
    emsDeviceOwner: "string",
    externalIdps: ["string"],
    fssoAgentForNtlm: "string",
    fssoGuest: "string",
    kerberosKeytab: "string",
    methods: ["string"],
    name: "string",
    negotiateNtlm: "string",
    objectAuthenticationSchemeId: "string",
    requireTfa: "string",
    samlServer: "string",
    samlTimeout: 0,
    scopetype: "string",
    sshCa: "string",
    userCert: "string",
    userDatabases: ["string"],
});

type: fortimanager:ObjectAuthenticationScheme
properties:
    adom: string
    domainController: string
    emsDeviceOwner: string
    externalIdps:
        - string
    fssoAgentForNtlm: string
    fssoGuest: string
    kerberosKeytab: string
    methods:
        - string
    name: string
    negotiateNtlm: string
    objectAuthenticationSchemeId: string
    requireTfa: string
    samlServer: string
    samlTimeout: 0
    scopetype: string
    sshCa: string
    userCert: string
    userDatabases:
        - string

ObjectAuthenticationScheme Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

The ObjectAuthenticationScheme resource accepts the following input properties:

Adom string: Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
DomainController string: Domain controller setting.
EmsDeviceOwner string: Enable/disable SSH public-key authentication with device owner (default = disable). Valid values: disable, enable.
ExternalIdps List<string>: External identity provider configuration.
FssoAgentForNtlm string: FSSO agent to use for NTLM authentication.
FssoGuest string: Enable/disable user fsso-guest authentication (default = disable). Valid values: disable, enable.
KerberosKeytab string: Kerberos keytab setting.
Methods List<string>: Authentication methods (default = basic). Valid values: ntlm, basic, digest, form, negotiate, fsso, rsso, ssh-publickey.
Name string: Authentication scheme name.
NegotiateNtlm string: Enable/disable negotiate authentication for NTLM (default = disable). Valid values: disable, enable.
ObjectAuthenticationSchemeId string: an identifier for the resource with format {{name}}.
RequireTfa string: Enable/disable two-factor authentication (default = disable). Valid values: disable, enable.
SamlServer string: SAML configuration.
SamlTimeout double: SAML authentication timeout in seconds.
Scopetype string: The scope of application of the resource. Valid values: inherit, adom, global. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
SshCa string: SSH CA name.
UserCert string: Enable/disable authentication with user certificate (default = disable). Valid values: disable, enable.
UserDatabases List<string>: Authentication server to contain user information; "local" (default) or "123" (for LDAP).

Adom string: Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
DomainController string: Domain controller setting.
EmsDeviceOwner string: Enable/disable SSH public-key authentication with device owner (default = disable). Valid values: disable, enable.
ExternalIdps []string: External identity provider configuration.
FssoAgentForNtlm string: FSSO agent to use for NTLM authentication.
FssoGuest string: Enable/disable user fsso-guest authentication (default = disable). Valid values: disable, enable.
KerberosKeytab string: Kerberos keytab setting.
Methods []string: Authentication methods (default = basic). Valid values: ntlm, basic, digest, form, negotiate, fsso, rsso, ssh-publickey.
Name string: Authentication scheme name.
NegotiateNtlm string: Enable/disable negotiate authentication for NTLM (default = disable). Valid values: disable, enable.
ObjectAuthenticationSchemeId string: an identifier for the resource with format {{name}}.
RequireTfa string: Enable/disable two-factor authentication (default = disable). Valid values: disable, enable.
SamlServer string: SAML configuration.
SamlTimeout float64: SAML authentication timeout in seconds.
Scopetype string: The scope of application of the resource. Valid values: inherit, adom, global. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
SshCa string: SSH CA name.
UserCert string: Enable/disable authentication with user certificate (default = disable). Valid values: disable, enable.
UserDatabases []string: Authentication server to contain user information; "local" (default) or "123" (for LDAP).

adom String: Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
domainController String: Domain controller setting.
emsDeviceOwner String: Enable/disable SSH public-key authentication with device owner (default = disable). Valid values: disable, enable.
externalIdps List<String>: External identity provider configuration.
fssoAgentForNtlm String: FSSO agent to use for NTLM authentication.
fssoGuest String: Enable/disable user fsso-guest authentication (default = disable). Valid values: disable, enable.
kerberosKeytab String: Kerberos keytab setting.
methods List<String>: Authentication methods (default = basic). Valid values: ntlm, basic, digest, form, negotiate, fsso, rsso, ssh-publickey.
name String: Authentication scheme name.
negotiateNtlm String: Enable/disable negotiate authentication for NTLM (default = disable). Valid values: disable, enable.
objectAuthenticationSchemeId String: an identifier for the resource with format {{name}}.
requireTfa String: Enable/disable two-factor authentication (default = disable). Valid values: disable, enable.
samlServer String: SAML configuration.
samlTimeout Double: SAML authentication timeout in seconds.
scopetype String: The scope of application of the resource. Valid values: inherit, adom, global. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
sshCa String: SSH CA name.
userCert String: Enable/disable authentication with user certificate (default = disable). Valid values: disable, enable.
userDatabases List<String>: Authentication server to contain user information; "local" (default) or "123" (for LDAP).

adom string: Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
domainController string: Domain controller setting.
emsDeviceOwner string: Enable/disable SSH public-key authentication with device owner (default = disable). Valid values: disable, enable.
externalIdps string[]: External identity provider configuration.
fssoAgentForNtlm string: FSSO agent to use for NTLM authentication.
fssoGuest string: Enable/disable user fsso-guest authentication (default = disable). Valid values: disable, enable.
kerberosKeytab string: Kerberos keytab setting.
methods string[]: Authentication methods (default = basic). Valid values: ntlm, basic, digest, form, negotiate, fsso, rsso, ssh-publickey.
name string: Authentication scheme name.
negotiateNtlm string: Enable/disable negotiate authentication for NTLM (default = disable). Valid values: disable, enable.
objectAuthenticationSchemeId string: an identifier for the resource with format {{name}}.
requireTfa string: Enable/disable two-factor authentication (default = disable). Valid values: disable, enable.
samlServer string: SAML configuration.
samlTimeout number: SAML authentication timeout in seconds.
scopetype string: The scope of application of the resource. Valid values: inherit, adom, global. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
sshCa string: SSH CA name.
userCert string: Enable/disable authentication with user certificate (default = disable). Valid values: disable, enable.
userDatabases string[]: Authentication server to contain user information; "local" (default) or "123" (for LDAP).

adom str: Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
domain_controller str: Domain controller setting.
ems_device_owner str: Enable/disable SSH public-key authentication with device owner (default = disable). Valid values: disable, enable.
external_idps Sequence[str]: External identity provider configuration.
fsso_agent_for_ntlm str: FSSO agent to use for NTLM authentication.
fsso_guest str: Enable/disable user fsso-guest authentication (default = disable). Valid values: disable, enable.
kerberos_keytab str: Kerberos keytab setting.
methods Sequence[str]: Authentication methods (default = basic). Valid values: ntlm, basic, digest, form, negotiate, fsso, rsso, ssh-publickey.
name str: Authentication scheme name.
negotiate_ntlm str: Enable/disable negotiate authentication for NTLM (default = disable). Valid values: disable, enable.
object_authentication_scheme_id str: an identifier for the resource with format {{name}}.
require_tfa str: Enable/disable two-factor authentication (default = disable). Valid values: disable, enable.
saml_server str: SAML configuration.
saml_timeout float: SAML authentication timeout in seconds.
scopetype str: The scope of application of the resource. Valid values: inherit, adom, global. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
ssh_ca str: SSH CA name.
user_cert str: Enable/disable authentication with user certificate (default = disable). Valid values: disable, enable.
user_databases Sequence[str]: Authentication server to contain user information; "local" (default) or "123" (for LDAP).

adom String: Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
domainController String: Domain controller setting.
emsDeviceOwner String: Enable/disable SSH public-key authentication with device owner (default = disable). Valid values: disable, enable.
externalIdps List<String>: External identity provider configuration.
fssoAgentForNtlm String: FSSO agent to use for NTLM authentication.
fssoGuest String: Enable/disable user fsso-guest authentication (default = disable). Valid values: disable, enable.
kerberosKeytab String: Kerberos keytab setting.
methods List<String>: Authentication methods (default = basic). Valid values: ntlm, basic, digest, form, negotiate, fsso, rsso, ssh-publickey.
name String: Authentication scheme name.
negotiateNtlm String: Enable/disable negotiate authentication for NTLM (default = disable). Valid values: disable, enable.
objectAuthenticationSchemeId String: an identifier for the resource with format {{name}}.
requireTfa String: Enable/disable two-factor authentication (default = disable). Valid values: disable, enable.
samlServer String: SAML configuration.
samlTimeout Number: SAML authentication timeout in seconds.
scopetype String: The scope of application of the resource. Valid values: inherit, adom, global. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
sshCa String: SSH CA name.
userCert String: Enable/disable authentication with user certificate (default = disable). Valid values: disable, enable.
userDatabases List<String>: Authentication server to contain user information; "local" (default) or "123" (for LDAP).

Outputs

All input properties are implicitly available as output properties. Additionally, the ObjectAuthenticationScheme resource produces the following output properties:

Id string: The provider-assigned unique ID for this managed resource.

Id string: The provider-assigned unique ID for this managed resource.

id String: The provider-assigned unique ID for this managed resource.

id string: The provider-assigned unique ID for this managed resource.

id str: The provider-assigned unique ID for this managed resource.

id String: The provider-assigned unique ID for this managed resource.

Look up Existing ObjectAuthenticationScheme Resource

Get an existing ObjectAuthenticationScheme resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

TypeScript
Python
Go
C#
Java
YAML

public static get(name: string, id: Input<ID>, state?: ObjectAuthenticationSchemeState, opts?: CustomResourceOptions): ObjectAuthenticationScheme

@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        adom: Optional[str] = None,
        domain_controller: Optional[str] = None,
        ems_device_owner: Optional[str] = None,
        external_idps: Optional[Sequence[str]] = None,
        fsso_agent_for_ntlm: Optional[str] = None,
        fsso_guest: Optional[str] = None,
        kerberos_keytab: Optional[str] = None,
        methods: Optional[Sequence[str]] = None,
        name: Optional[str] = None,
        negotiate_ntlm: Optional[str] = None,
        object_authentication_scheme_id: Optional[str] = None,
        require_tfa: Optional[str] = None,
        saml_server: Optional[str] = None,
        saml_timeout: Optional[float] = None,
        scopetype: Optional[str] = None,
        ssh_ca: Optional[str] = None,
        user_cert: Optional[str] = None,
        user_databases: Optional[Sequence[str]] = None) -> ObjectAuthenticationScheme

func GetObjectAuthenticationScheme(ctx *Context, name string, id IDInput, state *ObjectAuthenticationSchemeState, opts ...ResourceOption) (*ObjectAuthenticationScheme, error)

public static ObjectAuthenticationScheme Get(string name, Input<string> id, ObjectAuthenticationSchemeState? state, CustomResourceOptions? opts = null)

public static ObjectAuthenticationScheme get(String name, Output<String> id, ObjectAuthenticationSchemeState state, CustomResourceOptions options)

resources:  _:    type: fortimanager:ObjectAuthenticationScheme    get:      id: ${id}

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

Adom string: Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
DomainController string: Domain controller setting.
EmsDeviceOwner string: Enable/disable SSH public-key authentication with device owner (default = disable). Valid values: disable, enable.
ExternalIdps List<string>: External identity provider configuration.
FssoAgentForNtlm string: FSSO agent to use for NTLM authentication.
FssoGuest string: Enable/disable user fsso-guest authentication (default = disable). Valid values: disable, enable.
KerberosKeytab string: Kerberos keytab setting.
Methods List<string>: Authentication methods (default = basic). Valid values: ntlm, basic, digest, form, negotiate, fsso, rsso, ssh-publickey.
Name string: Authentication scheme name.
NegotiateNtlm string: Enable/disable negotiate authentication for NTLM (default = disable). Valid values: disable, enable.
ObjectAuthenticationSchemeId string: an identifier for the resource with format {{name}}.
RequireTfa string: Enable/disable two-factor authentication (default = disable). Valid values: disable, enable.
SamlServer string: SAML configuration.
SamlTimeout double: SAML authentication timeout in seconds.
Scopetype string: The scope of application of the resource. Valid values: inherit, adom, global. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
SshCa string: SSH CA name.
UserCert string: Enable/disable authentication with user certificate (default = disable). Valid values: disable, enable.
UserDatabases List<string>: Authentication server to contain user information; "local" (default) or "123" (for LDAP).

Adom string: Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
DomainController string: Domain controller setting.
EmsDeviceOwner string: Enable/disable SSH public-key authentication with device owner (default = disable). Valid values: disable, enable.
ExternalIdps []string: External identity provider configuration.
FssoAgentForNtlm string: FSSO agent to use for NTLM authentication.
FssoGuest string: Enable/disable user fsso-guest authentication (default = disable). Valid values: disable, enable.
KerberosKeytab string: Kerberos keytab setting.
Methods []string: Authentication methods (default = basic). Valid values: ntlm, basic, digest, form, negotiate, fsso, rsso, ssh-publickey.
Name string: Authentication scheme name.
NegotiateNtlm string: Enable/disable negotiate authentication for NTLM (default = disable). Valid values: disable, enable.
ObjectAuthenticationSchemeId string: an identifier for the resource with format {{name}}.
RequireTfa string: Enable/disable two-factor authentication (default = disable). Valid values: disable, enable.
SamlServer string: SAML configuration.
SamlTimeout float64: SAML authentication timeout in seconds.
Scopetype string: The scope of application of the resource. Valid values: inherit, adom, global. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
SshCa string: SSH CA name.
UserCert string: Enable/disable authentication with user certificate (default = disable). Valid values: disable, enable.
UserDatabases []string: Authentication server to contain user information; "local" (default) or "123" (for LDAP).

adom String: Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
domainController String: Domain controller setting.
emsDeviceOwner String: Enable/disable SSH public-key authentication with device owner (default = disable). Valid values: disable, enable.
externalIdps List<String>: External identity provider configuration.
fssoAgentForNtlm String: FSSO agent to use for NTLM authentication.
fssoGuest String: Enable/disable user fsso-guest authentication (default = disable). Valid values: disable, enable.
kerberosKeytab String: Kerberos keytab setting.
methods List<String>: Authentication methods (default = basic). Valid values: ntlm, basic, digest, form, negotiate, fsso, rsso, ssh-publickey.
name String: Authentication scheme name.
negotiateNtlm String: Enable/disable negotiate authentication for NTLM (default = disable). Valid values: disable, enable.
objectAuthenticationSchemeId String: an identifier for the resource with format {{name}}.
requireTfa String: Enable/disable two-factor authentication (default = disable). Valid values: disable, enable.
samlServer String: SAML configuration.
samlTimeout Double: SAML authentication timeout in seconds.
scopetype String: The scope of application of the resource. Valid values: inherit, adom, global. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
sshCa String: SSH CA name.
userCert String: Enable/disable authentication with user certificate (default = disable). Valid values: disable, enable.
userDatabases List<String>: Authentication server to contain user information; "local" (default) or "123" (for LDAP).

adom string: Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
domainController string: Domain controller setting.
emsDeviceOwner string: Enable/disable SSH public-key authentication with device owner (default = disable). Valid values: disable, enable.
externalIdps string[]: External identity provider configuration.
fssoAgentForNtlm string: FSSO agent to use for NTLM authentication.
fssoGuest string: Enable/disable user fsso-guest authentication (default = disable). Valid values: disable, enable.
kerberosKeytab string: Kerberos keytab setting.
methods string[]: Authentication methods (default = basic). Valid values: ntlm, basic, digest, form, negotiate, fsso, rsso, ssh-publickey.
name string: Authentication scheme name.
negotiateNtlm string: Enable/disable negotiate authentication for NTLM (default = disable). Valid values: disable, enable.
objectAuthenticationSchemeId string: an identifier for the resource with format {{name}}.
requireTfa string: Enable/disable two-factor authentication (default = disable). Valid values: disable, enable.
samlServer string: SAML configuration.
samlTimeout number: SAML authentication timeout in seconds.
scopetype string: The scope of application of the resource. Valid values: inherit, adom, global. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
sshCa string: SSH CA name.
userCert string: Enable/disable authentication with user certificate (default = disable). Valid values: disable, enable.
userDatabases string[]: Authentication server to contain user information; "local" (default) or "123" (for LDAP).

adom str: Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
domain_controller str: Domain controller setting.
ems_device_owner str: Enable/disable SSH public-key authentication with device owner (default = disable). Valid values: disable, enable.
external_idps Sequence[str]: External identity provider configuration.
fsso_agent_for_ntlm str: FSSO agent to use for NTLM authentication.
fsso_guest str: Enable/disable user fsso-guest authentication (default = disable). Valid values: disable, enable.
kerberos_keytab str: Kerberos keytab setting.
methods Sequence[str]: Authentication methods (default = basic). Valid values: ntlm, basic, digest, form, negotiate, fsso, rsso, ssh-publickey.
name str: Authentication scheme name.
negotiate_ntlm str: Enable/disable negotiate authentication for NTLM (default = disable). Valid values: disable, enable.
object_authentication_scheme_id str: an identifier for the resource with format {{name}}.
require_tfa str: Enable/disable two-factor authentication (default = disable). Valid values: disable, enable.
saml_server str: SAML configuration.
saml_timeout float: SAML authentication timeout in seconds.
scopetype str: The scope of application of the resource. Valid values: inherit, adom, global. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
ssh_ca str: SSH CA name.
user_cert str: Enable/disable authentication with user certificate (default = disable). Valid values: disable, enable.
user_databases Sequence[str]: Authentication server to contain user information; "local" (default) or "123" (for LDAP).

adom String: Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
domainController String: Domain controller setting.
emsDeviceOwner String: Enable/disable SSH public-key authentication with device owner (default = disable). Valid values: disable, enable.
externalIdps List<String>: External identity provider configuration.
fssoAgentForNtlm String: FSSO agent to use for NTLM authentication.
fssoGuest String: Enable/disable user fsso-guest authentication (default = disable). Valid values: disable, enable.
kerberosKeytab String: Kerberos keytab setting.
methods List<String>: Authentication methods (default = basic). Valid values: ntlm, basic, digest, form, negotiate, fsso, rsso, ssh-publickey.
name String: Authentication scheme name.
negotiateNtlm String: Enable/disable negotiate authentication for NTLM (default = disable). Valid values: disable, enable.
objectAuthenticationSchemeId String: an identifier for the resource with format {{name}}.
requireTfa String: Enable/disable two-factor authentication (default = disable). Valid values: disable, enable.
samlServer String: SAML configuration.
samlTimeout Number: SAML authentication timeout in seconds.
scopetype String: The scope of application of the resource. Valid values: inherit, adom, global. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
sshCa String: SSH CA name.
userCert String: Enable/disable authentication with user certificate (default = disable). Valid values: disable, enable.
userDatabases List<String>: Authentication server to contain user information; "local" (default) or "123" (for LDAP).

Import

ObjectAuthentication Scheme can be imported using any of these accepted formats:

$ export “FORTIMANAGER_IMPORT_TABLE”=“true”

$ pulumi import fortimanager:index/objectAuthenticationScheme:ObjectAuthenticationScheme labelname {{name}}

$ unset “FORTIMANAGER_IMPORT_TABLE”

-> Hint: The scopetype and adom for import will directly inherit the scopetype and adom configuration of the provider.

To learn more about importing existing cloud resources, see Importing resources.

Package Details

Repository: fortimanager fortinetdev/terraform-provider-fortimanager
License
Notes: This Pulumi package is based on the fortimanager Terraform Provider.

fortimanager 1.14.0 published on Tuesday, Apr 15, 2025 by fortinetdev

fortinetdev/terraform-provider-fortimanager

fortimanager.ObjectAuthenticationScheme

On this page

On this page

Example Usage

Create ObjectAuthenticationScheme Resource

Constructor syntax

Parameters

Constructor example

ObjectAuthenticationScheme Resource Properties

Inputs

Outputs

Look up Existing ObjectAuthenticationScheme Resource

Import

Package Details

On this page

On this page