import * as pulumi from "@pulumi/pulumi";
/**
 * ## Example Usage
 *
 * ```typescript
 * import * as pulumi from "@pulumi/pulumi";
 * import * as authentik from "@osmit-gmbh/pulumi-authentik";
 *
 * // Create an OAuth2 Provider
 * const name = new authentik.ProviderOauth2("name", {
 *     name: "grafana",
 *     clientId: "grafana",
 *     allowedRedirectUris: [{
 *         matching_mode: "strict",
 *         url: "http://localhost",
 *     }],
 * });
 * const nameApplication = new authentik.Application("name", {
 *     name: "test app",
 *     slug: "test-app",
 *     protocolProvider: name.id,
 * });
 * ```
 */
export declare class ProviderOauth2 extends pulumi.CustomResource {
    /**
     * Get an existing ProviderOauth2 resource's state with the given name, ID, and optional extra
     * properties used to qualify the lookup.
     *
     * @param name The _unique_ name of the resulting resource.
     * @param id The _unique_ provider ID of the resource to lookup.
     * @param state Any extra arguments used during the lookup.
     * @param opts Optional settings to control the behavior of the CustomResource.
     */
    static get(name: string, id: pulumi.Input<pulumi.ID>, state?: ProviderOauth2State, opts?: pulumi.CustomResourceOptions): ProviderOauth2;
    /**
     * Returns true if the given object is an instance of ProviderOauth2.  This is designed to work even
     * when multiple copies of the Pulumi SDK have been loaded into the same process.
     */
    static isInstance(obj: any): obj is ProviderOauth2;
    readonly accessCodeValidity: pulumi.Output<string | undefined>;
    readonly accessTokenValidity: pulumi.Output<string | undefined>;
    readonly allowedRedirectUris: pulumi.Output<{
        [key: string]: string;
    }[] | undefined>;
    readonly authenticationFlow: pulumi.Output<string | undefined>;
    readonly authorizationFlow: pulumi.Output<string>;
    readonly clientId: pulumi.Output<string>;
    readonly clientSecret: pulumi.Output<string>;
    /**
     * Allowed values: - `confidential` - `public`
     */
    readonly clientType: pulumi.Output<string | undefined>;
    readonly encryptionKey: pulumi.Output<string | undefined>;
    readonly includeClaimsInIdToken: pulumi.Output<boolean | undefined>;
    readonly invalidationFlow: pulumi.Output<string>;
    /**
     * Allowed values: - `global` - `perProvider`
     */
    readonly issuerMode: pulumi.Output<string | undefined>;
    /**
     * JWTs issued by keys configured in any of the selected sources can be used to authenticate on behalf of this provider.
     */
    readonly jwksSources: pulumi.Output<string[] | undefined>;
    readonly name: pulumi.Output<string>;
    readonly propertyMappings: pulumi.Output<string[] | undefined>;
    readonly refreshTokenValidity: pulumi.Output<string | undefined>;
    readonly signingKey: pulumi.Output<string | undefined>;
    /**
     * Allowed values: - `hashedUserId` - `userId` - `userUuid` - `userUsername` - `userEmail` - `userUpn`
     */
    readonly subMode: pulumi.Output<string | undefined>;
    /**
     * Create a ProviderOauth2 resource with the given unique name, arguments, and options.
     *
     * @param name The _unique_ name of the resource.
     * @param args The arguments to use to populate this resource's properties.
     * @param opts A bag of options that control this resource's behavior.
     */
    constructor(name: string, args: ProviderOauth2Args, opts?: pulumi.CustomResourceOptions);
}
/**
 * Input properties used for looking up and filtering ProviderOauth2 resources.
 */
export interface ProviderOauth2State {
    accessCodeValidity?: pulumi.Input<string>;
    accessTokenValidity?: pulumi.Input<string>;
    allowedRedirectUris?: pulumi.Input<pulumi.Input<{
        [key: string]: pulumi.Input<string>;
    }>[]>;
    authenticationFlow?: pulumi.Input<string>;
    authorizationFlow?: pulumi.Input<string>;
    clientId?: pulumi.Input<string>;
    clientSecret?: pulumi.Input<string>;
    /**
     * Allowed values: - `confidential` - `public`
     */
    clientType?: pulumi.Input<string>;
    encryptionKey?: pulumi.Input<string>;
    includeClaimsInIdToken?: pulumi.Input<boolean>;
    invalidationFlow?: pulumi.Input<string>;
    /**
     * Allowed values: - `global` - `perProvider`
     */
    issuerMode?: pulumi.Input<string>;
    /**
     * JWTs issued by keys configured in any of the selected sources can be used to authenticate on behalf of this provider.
     */
    jwksSources?: pulumi.Input<pulumi.Input<string>[]>;
    name?: pulumi.Input<string>;
    propertyMappings?: pulumi.Input<pulumi.Input<string>[]>;
    refreshTokenValidity?: pulumi.Input<string>;
    signingKey?: pulumi.Input<string>;
    /**
     * Allowed values: - `hashedUserId` - `userId` - `userUuid` - `userUsername` - `userEmail` - `userUpn`
     */
    subMode?: pulumi.Input<string>;
}
/**
 * The set of arguments for constructing a ProviderOauth2 resource.
 */
export interface ProviderOauth2Args {
    accessCodeValidity?: pulumi.Input<string>;
    accessTokenValidity?: pulumi.Input<string>;
    allowedRedirectUris?: pulumi.Input<pulumi.Input<{
        [key: string]: pulumi.Input<string>;
    }>[]>;
    authenticationFlow?: pulumi.Input<string>;
    authorizationFlow: pulumi.Input<string>;
    clientId: pulumi.Input<string>;
    clientSecret?: pulumi.Input<string>;
    /**
     * Allowed values: - `confidential` - `public`
     */
    clientType?: pulumi.Input<string>;
    encryptionKey?: pulumi.Input<string>;
    includeClaimsInIdToken?: pulumi.Input<boolean>;
    invalidationFlow: pulumi.Input<string>;
    /**
     * Allowed values: - `global` - `perProvider`
     */
    issuerMode?: pulumi.Input<string>;
    /**
     * JWTs issued by keys configured in any of the selected sources can be used to authenticate on behalf of this provider.
     */
    jwksSources?: pulumi.Input<pulumi.Input<string>[]>;
    name?: pulumi.Input<string>;
    propertyMappings?: pulumi.Input<pulumi.Input<string>[]>;
    refreshTokenValidity?: pulumi.Input<string>;
    signingKey?: pulumi.Input<string>;
    /**
     * Allowed values: - `hashedUserId` - `userId` - `userUuid` - `userUsername` - `userEmail` - `userUpn`
     */
    subMode?: pulumi.Input<string>;
}
