You are viewing an outdated version of provider-azuread.Go to Latest
upbound/provider-azuread@v1.4.0
Application
applications.azuread.upbound.io
Application
upbound/provider-azuread@v1.4.0applications.azuread.upbound.io

Application is the Schema for the Applications API.

Type

CRD

Group

applications.azuread.upbound.io

Version

apiVersion: applications.azuread.upbound.io/v1beta1

kind: Application

API Documentation
apiVersion
string
kind
string
metadata
object
spec
object
object

ApplicationSpec defines the desired state of Application

forProvider
requiredobject
requiredobject

No description provided.

api
array
array

An api block as documented below, which configures API related settings for this application.

array

A set of application IDs (client IDs), used for bundling consent if you have a solution that contains two parts: a client app and a custom web API app. Used for bundling consent if you have a solution that contains two parts: a client app and a custom web API app

array

One or more oauth2_permission_scope blocks as documented below, to describe delegated permissions exposed by the web API represented by this application. One or more oauth2_permission_scope blocks to describe delegated permissions exposed by the web API represented by this application

appRole
array
array

A collection of app_role blocks as documented below. For more information see official documentation on Application Roles.

array

Specifies whether this app role definition can be assigned to users and groups by setting to User, or to other applications (that are accessing this application in a standalone scenario) by setting to Application, or to both. Specifies whether this app role definition can be assigned to users and groups by setting to User, or to other applications (that are accessing this application in a standalone scenario) by setting to Application, or to both

enabled
boolean
id
string
value
string
array

A feature_tags block as described below. Cannot be used together with the tags property. Block of features to configure for this application using tags

enterprise
boolean
gallery
boolean
hide
boolean
array

Configures the groups claim issued in a user or OAuth 2.0 access token that the app expects. Possible values are None, SecurityGroup, DirectoryRole, ApplicationGroup or All. Configures the groups claim issued in a user or OAuth 2.0 access token that the app expects

array

A set of user-defined URI(s) that uniquely identify an application within its Azure AD tenant, or within a verified custom domain if the application is multi-tenant. The user-defined URI(s) that uniquely identify an application within its Azure AD tenant, or within a verified custom domain if the application is multi-tenant

logoImage
string
notes
string
array

An optional_claims block as documented below.

array

One or more access_token blocks as documented below.

array

List of additional properties of the claim. If a property exists in this list, it modifies the behaviour of the optional claim. Possible values are: cloud_displayname, dns_domain_and_sam_account_name, emit_as_roles, include_externally_authenticated_upn_without_hash, include_externally_authenticated_upn, max_size_limit, netbios_domain_and_sam_account_name, on_premise_security_identifier, sam_account_name, and use_guid. List of additional properties of the claim. If a property exists in this list, it modifies the behaviour of the optional claim

essential
boolean
name
string
source
string
idToken
array
array

One or more id_token blocks as documented below.

array

List of additional properties of the claim. If a property exists in this list, it modifies the behaviour of the optional claim. Possible values are: cloud_displayname, dns_domain_and_sam_account_name, emit_as_roles, include_externally_authenticated_upn_without_hash, include_externally_authenticated_upn, max_size_limit, netbios_domain_and_sam_account_name, on_premise_security_identifier, sam_account_name, and use_guid. List of additional properties of the claim. If a property exists in this list, it modifies the behaviour of the optional claim

essential
boolean
name
string
source
string
array

One or more saml2_token blocks as documented below.

array

List of additional properties of the claim. If a property exists in this list, it modifies the behaviour of the optional claim. Possible values are: cloud_displayname, dns_domain_and_sam_account_name, emit_as_roles, include_externally_authenticated_upn_without_hash, include_externally_authenticated_upn, max_size_limit, netbios_domain_and_sam_account_name, on_premise_security_identifier, sam_account_name, and use_guid. List of additional properties of the claim. If a property exists in this list, it modifies the behaviour of the optional claim

essential
boolean
name
string
source
string
owners
array
array

A set of object IDs of principals that will be granted ownership of the application. Supported object types are users or service principals. By default, no owners are assigned. A list of object IDs of principals that will be granted ownership of the application

array

A public_client block as documented below, which configures non-web app or non-web API application settings, for example mobile or other public clients such as an installed application running on a desktop device.

array

A set of URLs where user tokens are sent for sign-in, or the redirect URIs where OAuth 2.0 authorization codes and access tokens are sent. Must be a valid https or ms-appx-web URL. The URLs where user tokens are sent for sign-in, or the redirect URIs where OAuth 2.0 authorization codes and access tokens are sent

array

A collection of required_resource_access blocks as documented below.

array

A collection of resource_access blocks as documented below, describing OAuth2.0 permission scopes and app roles that the application requires from the specified resource.

id
string
type
string
array

A single_page_application block as documented below, which configures single-page application (SPA) related settings for this application.

array

A set of URLs where user tokens are sent for sign-in, or the redirect URIs where OAuth 2.0 authorization codes and access tokens are sent. Must be a valid https URL. The URLs where user tokens are sent for sign-in, or the redirect URIs where OAuth 2.0 authorization codes and access tokens are sent

tags
array
array

A set of tags to apply to the application for configuring specific behaviours of the application and linked service principals. Note that these are not provided for use by practitioners. Cannot be used together with the feature_tags block. A set of tags to apply to the application

web
array
array

A web block as documented below, which configures web related settings for this application.

array

An implicit_grant block as documented above.

logoutUrl
string
array

A set of URLs where user tokens are sent for sign-in, or the redirect URIs where OAuth 2.0 authorization codes and access tokens are sent. Must be a valid http URL or a URN. The URLs where user tokens are sent for sign-in, or the redirect URIs where OAuth 2.0 authorization codes and access tokens are sent

object

THIS IS A BETA FIELD. It will be honored unless the Management Policies feature flag is disabled. InitProvider holds the same fields as ForProvider, with the exception of Identifier and other resource reference fields. The fields that are in InitProvider are merged into ForProvider when the resource is created. The same fields are also added to the terraform ignore_changes hook, to avoid updating them after creation. This is useful for fields that are required on creation, but we do not desire to update them after creation, for example because of an external controller is managing them, like an autoscaler.

api
array
array

An api block as documented below, which configures API related settings for this application.

array

A set of application IDs (client IDs), used for bundling consent if you have a solution that contains two parts: a client app and a custom web API app. Used for bundling consent if you have a solution that contains two parts: a client app and a custom web API app

array

One or more oauth2_permission_scope blocks as documented below, to describe delegated permissions exposed by the web API represented by this application. One or more oauth2_permission_scope blocks to describe delegated permissions exposed by the web API represented by this application

appRole
array
array

A collection of app_role blocks as documented below. For more information see official documentation on Application Roles.

array

Specifies whether this app role definition can be assigned to users and groups by setting to User, or to other applications (that are accessing this application in a standalone scenario) by setting to Application, or to both. Specifies whether this app role definition can be assigned to users and groups by setting to User, or to other applications (that are accessing this application in a standalone scenario) by setting to Application, or to both

enabled
boolean
id
string
value
string
array

A feature_tags block as described below. Cannot be used together with the tags property. Block of features to configure for this application using tags

enterprise
boolean
gallery
boolean
hide
boolean
array

Configures the groups claim issued in a user or OAuth 2.0 access token that the app expects. Possible values are None, SecurityGroup, DirectoryRole, ApplicationGroup or All. Configures the groups claim issued in a user or OAuth 2.0 access token that the app expects

array

A set of user-defined URI(s) that uniquely identify an application within its Azure AD tenant, or within a verified custom domain if the application is multi-tenant. The user-defined URI(s) that uniquely identify an application within its Azure AD tenant, or within a verified custom domain if the application is multi-tenant

logoImage
string
notes
string
array

An optional_claims block as documented below.

array

One or more access_token blocks as documented below.

array

List of additional properties of the claim. If a property exists in this list, it modifies the behaviour of the optional claim. Possible values are: cloud_displayname, dns_domain_and_sam_account_name, emit_as_roles, include_externally_authenticated_upn_without_hash, include_externally_authenticated_upn, max_size_limit, netbios_domain_and_sam_account_name, on_premise_security_identifier, sam_account_name, and use_guid. List of additional properties of the claim. If a property exists in this list, it modifies the behaviour of the optional claim

essential
boolean
name
string
source
string
idToken
array
array

One or more id_token blocks as documented below.

array

List of additional properties of the claim. If a property exists in this list, it modifies the behaviour of the optional claim. Possible values are: cloud_displayname, dns_domain_and_sam_account_name, emit_as_roles, include_externally_authenticated_upn_without_hash, include_externally_authenticated_upn, max_size_limit, netbios_domain_and_sam_account_name, on_premise_security_identifier, sam_account_name, and use_guid. List of additional properties of the claim. If a property exists in this list, it modifies the behaviour of the optional claim

essential
boolean
name
string
source
string
array

One or more saml2_token blocks as documented below.

array

List of additional properties of the claim. If a property exists in this list, it modifies the behaviour of the optional claim. Possible values are: cloud_displayname, dns_domain_and_sam_account_name, emit_as_roles, include_externally_authenticated_upn_without_hash, include_externally_authenticated_upn, max_size_limit, netbios_domain_and_sam_account_name, on_premise_security_identifier, sam_account_name, and use_guid. List of additional properties of the claim. If a property exists in this list, it modifies the behaviour of the optional claim

essential
boolean
name
string
source
string
owners
array
array

A set of object IDs of principals that will be granted ownership of the application. Supported object types are users or service principals. By default, no owners are assigned. A list of object IDs of principals that will be granted ownership of the application

array

A public_client block as documented below, which configures non-web app or non-web API application settings, for example mobile or other public clients such as an installed application running on a desktop device.

array

A set of URLs where user tokens are sent for sign-in, or the redirect URIs where OAuth 2.0 authorization codes and access tokens are sent. Must be a valid https or ms-appx-web URL. The URLs where user tokens are sent for sign-in, or the redirect URIs where OAuth 2.0 authorization codes and access tokens are sent

array

A collection of required_resource_access blocks as documented below.

array

A collection of resource_access blocks as documented below, describing OAuth2.0 permission scopes and app roles that the application requires from the specified resource.

id
string
type
string
array

A single_page_application block as documented below, which configures single-page application (SPA) related settings for this application.

array

A set of URLs where user tokens are sent for sign-in, or the redirect URIs where OAuth 2.0 authorization codes and access tokens are sent. Must be a valid https URL. The URLs where user tokens are sent for sign-in, or the redirect URIs where OAuth 2.0 authorization codes and access tokens are sent

tags
array
array

A set of tags to apply to the application for configuring specific behaviours of the application and linked service principals. Note that these are not provided for use by practitioners. Cannot be used together with the feature_tags block. A set of tags to apply to the application

web
array
array

A web block as documented below, which configures web related settings for this application.

array

An implicit_grant block as documented above.

logoutUrl
string
array

A set of URLs where user tokens are sent for sign-in, or the redirect URIs where OAuth 2.0 authorization codes and access tokens are sent. Must be a valid http URL or a URN. The URLs where user tokens are sent for sign-in, or the redirect URIs where OAuth 2.0 authorization codes and access tokens are sent

array

THIS IS A BETA FIELD. It is on by default but can be opted out through a Crossplane feature flag. ManagementPolicies specify the array of actions Crossplane is allowed to take on the managed and external resources. This field is planned to replace the DeletionPolicy field in a future release. Currently, both could be set independently and non-default values would be honored if the feature flag is enabled. If both are custom, the DeletionPolicy field will be ignored. See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 and this one: https://github.com/crossplane/crossplane/blob/444267e84783136daa93568b364a5f01228cacbe/design/one-pager-ignore-changes.md

object

ProviderConfigReference specifies how the provider that will be used to create, observe, update, and delete this managed resource should be configured.

name
requiredstring
policy
object
object

Policies for referencing.

resolve
string
object

PublishConnectionDetailsTo specifies the connection secret config which contains a name, metadata and a reference to secret store config to which any connection details for this managed resource should be written. Connection details frequently include the endpoint, username, and password required to connect to the managed resource.

configRef
object
object

SecretStoreConfigRef specifies which secret store config should be used for this ConnectionSecret.

name
requiredstring
policy
object
object

Policies for referencing.

resolve
string
metadata
object
object

Metadata is the metadata for connection secret.

labels
object
type
string
name
requiredstring
object

WriteConnectionSecretToReference specifies the namespace and name of a Secret to which any connection details for this managed resource should be written. Connection details frequently include the endpoint, username, and password required to connect to the managed resource. This field is planned to be replaced in a future release in favor of PublishConnectionDetailsTo. Currently, both could be set independently and connection details would be published to both without affecting each other.

name
requiredstring
namespace
requiredstring
status
object
object

ApplicationStatus defines the observed state of Application.

object

No description provided.

api
array
array

An api block as documented below, which configures API related settings for this application.

array

A set of application IDs (client IDs), used for bundling consent if you have a solution that contains two parts: a client app and a custom web API app. Used for bundling consent if you have a solution that contains two parts: a client app and a custom web API app

array

One or more oauth2_permission_scope blocks as documented below, to describe delegated permissions exposed by the web API represented by this application. One or more oauth2_permission_scope blocks to describe delegated permissions exposed by the web API represented by this application

appRole
array
array

A collection of app_role blocks as documented below. For more information see official documentation on Application Roles.

array

Specifies whether this app role definition can be assigned to users and groups by setting to User, or to other applications (that are accessing this application in a standalone scenario) by setting to Application, or to both. Specifies whether this app role definition can be assigned to users and groups by setting to User, or to other applications (that are accessing this application in a standalone scenario) by setting to Application, or to both

enabled
boolean
id
string
value
string
clientId
string
array

A feature_tags block as described below. Cannot be used together with the tags property. Block of features to configure for this application using tags

enterprise
boolean
gallery
boolean
hide
boolean
array

Configures the groups claim issued in a user or OAuth 2.0 access token that the app expects. Possible values are None, SecurityGroup, DirectoryRole, ApplicationGroup or All. Configures the groups claim issued in a user or OAuth 2.0 access token that the app expects

id
string
array

A set of user-defined URI(s) that uniquely identify an application within its Azure AD tenant, or within a verified custom domain if the application is multi-tenant. The user-defined URI(s) that uniquely identify an application within its Azure AD tenant, or within a verified custom domain if the application is multi-tenant

logoImage
string
logoUrl
string
notes
string
objectId
string
array

An optional_claims block as documented below.

array

One or more access_token blocks as documented below.

array

List of additional properties of the claim. If a property exists in this list, it modifies the behaviour of the optional claim. Possible values are: cloud_displayname, dns_domain_and_sam_account_name, emit_as_roles, include_externally_authenticated_upn_without_hash, include_externally_authenticated_upn, max_size_limit, netbios_domain_and_sam_account_name, on_premise_security_identifier, sam_account_name, and use_guid. List of additional properties of the claim. If a property exists in this list, it modifies the behaviour of the optional claim

essential
boolean
name
string
source
string
idToken
array
array

One or more id_token blocks as documented below.

array

List of additional properties of the claim. If a property exists in this list, it modifies the behaviour of the optional claim. Possible values are: cloud_displayname, dns_domain_and_sam_account_name, emit_as_roles, include_externally_authenticated_upn_without_hash, include_externally_authenticated_upn, max_size_limit, netbios_domain_and_sam_account_name, on_premise_security_identifier, sam_account_name, and use_guid. List of additional properties of the claim. If a property exists in this list, it modifies the behaviour of the optional claim

essential
boolean
name
string
source
string
array

One or more saml2_token blocks as documented below.

array

List of additional properties of the claim. If a property exists in this list, it modifies the behaviour of the optional claim. Possible values are: cloud_displayname, dns_domain_and_sam_account_name, emit_as_roles, include_externally_authenticated_upn_without_hash, include_externally_authenticated_upn, max_size_limit, netbios_domain_and_sam_account_name, on_premise_security_identifier, sam_account_name, and use_guid. List of additional properties of the claim. If a property exists in this list, it modifies the behaviour of the optional claim

essential
boolean
name
string
source
string
owners
array
array

A set of object IDs of principals that will be granted ownership of the application. Supported object types are users or service principals. By default, no owners are assigned. A list of object IDs of principals that will be granted ownership of the application

array

A public_client block as documented below, which configures non-web app or non-web API application settings, for example mobile or other public clients such as an installed application running on a desktop device.

array

A set of URLs where user tokens are sent for sign-in, or the redirect URIs where OAuth 2.0 authorization codes and access tokens are sent. Must be a valid https or ms-appx-web URL. The URLs where user tokens are sent for sign-in, or the redirect URIs where OAuth 2.0 authorization codes and access tokens are sent

array

A collection of required_resource_access blocks as documented below.

array

A collection of resource_access blocks as documented below, describing OAuth2.0 permission scopes and app roles that the application requires from the specified resource.

id
string
type
string
array

A single_page_application block as documented below, which configures single-page application (SPA) related settings for this application.

array

A set of URLs where user tokens are sent for sign-in, or the redirect URIs where OAuth 2.0 authorization codes and access tokens are sent. Must be a valid https URL. The URLs where user tokens are sent for sign-in, or the redirect URIs where OAuth 2.0 authorization codes and access tokens are sent

tags
array
array

A set of tags to apply to the application for configuring specific behaviours of the application and linked service principals. Note that these are not provided for use by practitioners. Cannot be used together with the feature_tags block. A set of tags to apply to the application

web
array
array

A web block as documented below, which configures web related settings for this application.

array

An implicit_grant block as documented above.

logoutUrl
string
array

A set of URLs where user tokens are sent for sign-in, or the redirect URIs where OAuth 2.0 authorization codes and access tokens are sent. Must be a valid http URL or a URN. The URLs where user tokens are sent for sign-in, or the redirect URIs where OAuth 2.0 authorization codes and access tokens are sent

array

Conditions of the resource.

lastTransitionTime
requiredstring
message
string
reason
requiredstring
status
requiredstring
type
requiredstring
Discover the building blocks for your internal cloud platform.
© 2024 Upbound, Inc.
Solutions