import * as pulumi from "@pulumi/pulumi";
/**
 * ## Example Usage
 *
 * ```typescript
 * import * as pulumi from "@pulumi/pulumi";
 * import * as authentik from "@osmit-gmbh/pulumi-authentik";
 * import * as authentik from "@pulumi/authentik";
 *
 * // Create a SAML Source
 * const default-source-pre-authentication = authentik.getFlow({
 *     slug: "default-source-pre-authentication",
 * });
 * const default-source-authentication = authentik.getFlow({
 *     slug: "default-source-authentication",
 * });
 * const default-source-enrollment = authentik.getFlow({
 *     slug: "default-source-enrollment",
 * });
 * const name = new authentik.SourceSaml("name", {
 *     name: "test-source",
 *     slug: "test-source",
 *     authenticationFlow: default_source_authentication.then(default_source_authentication => default_source_authentication.id),
 *     enrollmentFlow: default_source_enrollment.then(default_source_enrollment => default_source_enrollment.id),
 *     preAuthenticationFlow: default_source_pre_authentication.then(default_source_pre_authentication => default_source_pre_authentication.id),
 *     ssoUrl: "http://localhost",
 * });
 * ```
 */
export declare class SourceSaml extends pulumi.CustomResource {
    /**
     * Get an existing SourceSaml resource's state with the given name, ID, and optional extra
     * properties used to qualify the lookup.
     *
     * @param name The _unique_ name of the resulting resource.
     * @param id The _unique_ provider ID of the resource to lookup.
     * @param state Any extra arguments used during the lookup.
     * @param opts Optional settings to control the behavior of the CustomResource.
     */
    static get(name: string, id: pulumi.Input<pulumi.ID>, state?: SourceSamlState, opts?: pulumi.CustomResourceOptions): SourceSaml;
    /**
     * Returns true if the given object is an instance of SourceSaml.  This is designed to work even
     * when multiple copies of the Pulumi SDK have been loaded into the same process.
     */
    static isInstance(obj: any): obj is SourceSaml;
    readonly allowIdpInitiated: pulumi.Output<boolean | undefined>;
    readonly authenticationFlow: pulumi.Output<string | undefined>;
    /**
     * Allowed values: - `REDIRECT` - `POST` - `POST_AUTO`
     */
    readonly bindingType: pulumi.Output<string | undefined>;
    /**
     * Allowed values: - `http://www.w3.org/2000/09/xmldsig#sha1` - `http://www.w3.org/2001/04/xmlenc#sha256` -
     * `http://www.w3.org/2001/04/xmldsig-more#sha384` - `http://www.w3.org/2001/04/xmlenc#sha512`
     */
    readonly digestAlgorithm: pulumi.Output<string | undefined>;
    readonly enabled: pulumi.Output<boolean | undefined>;
    readonly encryptionKp: pulumi.Output<string | undefined>;
    readonly enrollmentFlow: pulumi.Output<string | undefined>;
    /**
     * Allowed values: - `identifier` - `nameLink` - `nameDeny`
     */
    readonly groupMatchingMode: pulumi.Output<string | undefined>;
    readonly issuer: pulumi.Output<string | undefined>;
    /**
     * SAML Metadata
     */
    readonly metadata: pulumi.Output<string>;
    readonly name: pulumi.Output<string>;
    /**
     * Allowed values: - `urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress` -
     * `urn:oasis:names:tc:SAML:2.0:nameid-format:persistent` - `urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName` -
     * `urn:oasis:names:tc:SAML:2.0:nameid-format:WindowsDomainQualifiedName` -
     * `urn:oasis:names:tc:SAML:2.0:nameid-format:transient`
     */
    readonly nameIdPolicy: pulumi.Output<string | undefined>;
    /**
     * Allowed values: - `all` - `any`
     */
    readonly policyEngineMode: pulumi.Output<string | undefined>;
    readonly preAuthenticationFlow: pulumi.Output<string>;
    /**
     * Allowed values: - `http://www.w3.org/2000/09/xmldsig#rsa-sha1` - `http://www.w3.org/2001/04/xmldsig-more#rsa-sha256` -
     * `http://www.w3.org/2001/04/xmldsig-more#rsa-sha384` - `http://www.w3.org/2001/04/xmldsig-more#rsa-sha512` -
     * `http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1` - `http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256` -
     * `http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha384` - `http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha512` -
     * `http://www.w3.org/2000/09/xmldsig#dsa-sha1`
     */
    readonly signatureAlgorithm: pulumi.Output<string | undefined>;
    readonly signingKp: pulumi.Output<string | undefined>;
    readonly sloUrl: pulumi.Output<string | undefined>;
    readonly slug: pulumi.Output<string>;
    readonly ssoUrl: pulumi.Output<string>;
    readonly temporaryUserDeleteAfter: pulumi.Output<string | undefined>;
    /**
     * Allowed values: - `identifier` - `emailLink` - `emailDeny` - `usernameLink` - `usernameDeny`
     */
    readonly userMatchingMode: pulumi.Output<string | undefined>;
    readonly userPathTemplate: pulumi.Output<string | undefined>;
    readonly uuid: pulumi.Output<string>;
    /**
     * Create a SourceSaml resource with the given unique name, arguments, and options.
     *
     * @param name The _unique_ name of the resource.
     * @param args The arguments to use to populate this resource's properties.
     * @param opts A bag of options that control this resource's behavior.
     */
    constructor(name: string, args: SourceSamlArgs, opts?: pulumi.CustomResourceOptions);
}
/**
 * Input properties used for looking up and filtering SourceSaml resources.
 */
export interface SourceSamlState {
    allowIdpInitiated?: pulumi.Input<boolean>;
    authenticationFlow?: pulumi.Input<string>;
    /**
     * Allowed values: - `REDIRECT` - `POST` - `POST_AUTO`
     */
    bindingType?: pulumi.Input<string>;
    /**
     * Allowed values: - `http://www.w3.org/2000/09/xmldsig#sha1` - `http://www.w3.org/2001/04/xmlenc#sha256` -
     * `http://www.w3.org/2001/04/xmldsig-more#sha384` - `http://www.w3.org/2001/04/xmlenc#sha512`
     */
    digestAlgorithm?: pulumi.Input<string>;
    enabled?: pulumi.Input<boolean>;
    encryptionKp?: pulumi.Input<string>;
    enrollmentFlow?: pulumi.Input<string>;
    /**
     * Allowed values: - `identifier` - `nameLink` - `nameDeny`
     */
    groupMatchingMode?: pulumi.Input<string>;
    issuer?: pulumi.Input<string>;
    /**
     * SAML Metadata
     */
    metadata?: pulumi.Input<string>;
    name?: pulumi.Input<string>;
    /**
     * Allowed values: - `urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress` -
     * `urn:oasis:names:tc:SAML:2.0:nameid-format:persistent` - `urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName` -
     * `urn:oasis:names:tc:SAML:2.0:nameid-format:WindowsDomainQualifiedName` -
     * `urn:oasis:names:tc:SAML:2.0:nameid-format:transient`
     */
    nameIdPolicy?: pulumi.Input<string>;
    /**
     * Allowed values: - `all` - `any`
     */
    policyEngineMode?: pulumi.Input<string>;
    preAuthenticationFlow?: pulumi.Input<string>;
    /**
     * Allowed values: - `http://www.w3.org/2000/09/xmldsig#rsa-sha1` - `http://www.w3.org/2001/04/xmldsig-more#rsa-sha256` -
     * `http://www.w3.org/2001/04/xmldsig-more#rsa-sha384` - `http://www.w3.org/2001/04/xmldsig-more#rsa-sha512` -
     * `http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1` - `http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256` -
     * `http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha384` - `http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha512` -
     * `http://www.w3.org/2000/09/xmldsig#dsa-sha1`
     */
    signatureAlgorithm?: pulumi.Input<string>;
    signingKp?: pulumi.Input<string>;
    sloUrl?: pulumi.Input<string>;
    slug?: pulumi.Input<string>;
    ssoUrl?: pulumi.Input<string>;
    temporaryUserDeleteAfter?: pulumi.Input<string>;
    /**
     * Allowed values: - `identifier` - `emailLink` - `emailDeny` - `usernameLink` - `usernameDeny`
     */
    userMatchingMode?: pulumi.Input<string>;
    userPathTemplate?: pulumi.Input<string>;
    uuid?: pulumi.Input<string>;
}
/**
 * The set of arguments for constructing a SourceSaml resource.
 */
export interface SourceSamlArgs {
    allowIdpInitiated?: pulumi.Input<boolean>;
    authenticationFlow?: pulumi.Input<string>;
    /**
     * Allowed values: - `REDIRECT` - `POST` - `POST_AUTO`
     */
    bindingType?: pulumi.Input<string>;
    /**
     * Allowed values: - `http://www.w3.org/2000/09/xmldsig#sha1` - `http://www.w3.org/2001/04/xmlenc#sha256` -
     * `http://www.w3.org/2001/04/xmldsig-more#sha384` - `http://www.w3.org/2001/04/xmlenc#sha512`
     */
    digestAlgorithm?: pulumi.Input<string>;
    enabled?: pulumi.Input<boolean>;
    encryptionKp?: pulumi.Input<string>;
    enrollmentFlow?: pulumi.Input<string>;
    /**
     * Allowed values: - `identifier` - `nameLink` - `nameDeny`
     */
    groupMatchingMode?: pulumi.Input<string>;
    issuer?: pulumi.Input<string>;
    name?: pulumi.Input<string>;
    /**
     * Allowed values: - `urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress` -
     * `urn:oasis:names:tc:SAML:2.0:nameid-format:persistent` - `urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName` -
     * `urn:oasis:names:tc:SAML:2.0:nameid-format:WindowsDomainQualifiedName` -
     * `urn:oasis:names:tc:SAML:2.0:nameid-format:transient`
     */
    nameIdPolicy?: pulumi.Input<string>;
    /**
     * Allowed values: - `all` - `any`
     */
    policyEngineMode?: pulumi.Input<string>;
    preAuthenticationFlow: pulumi.Input<string>;
    /**
     * Allowed values: - `http://www.w3.org/2000/09/xmldsig#rsa-sha1` - `http://www.w3.org/2001/04/xmldsig-more#rsa-sha256` -
     * `http://www.w3.org/2001/04/xmldsig-more#rsa-sha384` - `http://www.w3.org/2001/04/xmldsig-more#rsa-sha512` -
     * `http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1` - `http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256` -
     * `http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha384` - `http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha512` -
     * `http://www.w3.org/2000/09/xmldsig#dsa-sha1`
     */
    signatureAlgorithm?: pulumi.Input<string>;
    signingKp?: pulumi.Input<string>;
    sloUrl?: pulumi.Input<string>;
    slug: pulumi.Input<string>;
    ssoUrl: pulumi.Input<string>;
    temporaryUserDeleteAfter?: pulumi.Input<string>;
    /**
     * Allowed values: - `identifier` - `emailLink` - `emailDeny` - `usernameLink` - `usernameDeny`
     */
    userMatchingMode?: pulumi.Input<string>;
    userPathTemplate?: pulumi.Input<string>;
    uuid?: pulumi.Input<string>;
}
