import * as pulumi from "@pulumi/pulumi"; /** * Manages an application registration within Azure Active Directory. * * For a more comprehensive alternative, please see the azuread.Application resource. Please note that this resource should not be used together with the `azuread.Application` resource when managing the same application. * * ## API Permissions * * The following API permissions are required in order to use this resource. * * When authenticated with a service principal, this resource requires one of the following application roles: `Application.ReadWrite.OwnedBy` or `Application.ReadWrite.All` * * When authenticated with a user principal, this resource may require one of the following directory roles: `Application Administrator` or `Global Administrator` * * ## Example Usage * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as azuread from "@pulumi/azuread"; * * const example = new azuread.ApplicationRegistration("example", { * displayName: "Example Application", * description: "My example application", * signInAudience: "AzureADMyOrg", * homepageUrl: "https://app.example.com/", * logoutUrl: "https://app.example.com/logout", * marketingUrl: "https://example.com/", * privacyStatementUrl: "https://example.com/privacy", * supportUrl: "https://support.example.com/", * termsOfServiceUrl: "https://example.com/terms", * }); * ``` * * ## Import * * Application Registrations can be imported using the object ID of the application, in the following format. * * ```sh * $ pulumi import azuread:index/applicationRegistration:ApplicationRegistration example /applications/00000000-0000-0000-0000-000000000000 * ``` */ export declare class ApplicationRegistration extends pulumi.CustomResource { /** * Get an existing ApplicationRegistration resource's state with the given name, ID, and optional extra * properties used to qualify the lookup. * * @param name The _unique_ name of the resulting resource. * @param id The _unique_ provider ID of the resource to lookup. * @param state Any extra arguments used during the lookup. * @param opts Optional settings to control the behavior of the CustomResource. */ static get(name: string, id: pulumi.Input, state?: ApplicationRegistrationState, opts?: pulumi.CustomResourceOptions): ApplicationRegistration; /** * Returns true if the given object is an instance of ApplicationRegistration. This is designed to work even * when multiple copies of the Pulumi SDK have been loaded into the same process. */ static isInstance(obj: any): obj is ApplicationRegistration; /** * The Client ID for the application, which is globally unique. */ readonly clientId: pulumi.Output; /** * A description of the application, as shown to end users. */ readonly description: pulumi.Output; /** * Whether Microsoft has disabled the registered application. If the application is disabled, this will be a string indicating the status/reason, e.g. `DisabledDueToViolationOfServicesAgreement` */ readonly disabledByMicrosoft: pulumi.Output; /** * The display name for the application. */ readonly displayName: pulumi.Output; /** * Configures the `groups` claim issued in a user or OAuth access token that the app expects. Possible values are `None`, `SecurityGroup`, `DirectoryRole`, `ApplicationGroup` or `All`. */ readonly groupMembershipClaims: pulumi.Output; /** * Home page or landing page of the application. */ readonly homepageUrl: pulumi.Output; /** * Whether this web application can request an access token using OAuth implicit flow. */ readonly implicitAccessTokenIssuanceEnabled: pulumi.Output; /** * Whether this web application can request an ID token using OAuth implicit flow. */ readonly implicitIdTokenIssuanceEnabled: pulumi.Output; /** * The URL that will be used by Microsoft's authorization service to sign out a user using front-channel, back-channel or SAML logout protocols. */ readonly logoutUrl: pulumi.Output; /** * URL of the marketing page for the application. */ readonly marketingUrl: pulumi.Output; /** * User-specified notes relevant for the management of the application. */ readonly notes: pulumi.Output; /** * The object ID of the application within the tenant. */ readonly objectId: pulumi.Output; /** * URL of the privacy statement for the application. */ readonly privacyStatementUrl: pulumi.Output; /** * The verified publisher domain for the application. */ readonly publisherDomain: pulumi.Output; /** * The access token version expected by this resource. Must be one of `1` or `2`, and must be `2` when `signInAudience` is either `AzureADandPersonalMicrosoftAccount` or `PersonalMicrosoftAccount` Defaults to `2`. */ readonly requestedAccessTokenVersion: pulumi.Output; /** * References application context information from a Service or Asset Management database. */ readonly serviceManagementReference: pulumi.Output; /** * The Microsoft account types that are supported for the current application. Must be one of `AzureADMyOrg`, `AzureADMultipleOrgs`, `AzureADandPersonalMicrosoftAccount` or `PersonalMicrosoftAccount`. Defaults to `AzureADMyOrg`. */ readonly signInAudience: pulumi.Output; /** * URL of the support page for the application. */ readonly supportUrl: pulumi.Output; /** * URL of the terms of service statement for the application. */ readonly termsOfServiceUrl: pulumi.Output; /** * Create a ApplicationRegistration resource with the given unique name, arguments, and options. * * @param name The _unique_ name of the resource. * @param args The arguments to use to populate this resource's properties. * @param opts A bag of options that control this resource's behavior. */ constructor(name: string, args: ApplicationRegistrationArgs, opts?: pulumi.CustomResourceOptions); } /** * Input properties used for looking up and filtering ApplicationRegistration resources. */ export interface ApplicationRegistrationState { /** * The Client ID for the application, which is globally unique. */ clientId?: pulumi.Input; /** * A description of the application, as shown to end users. */ description?: pulumi.Input; /** * Whether Microsoft has disabled the registered application. If the application is disabled, this will be a string indicating the status/reason, e.g. `DisabledDueToViolationOfServicesAgreement` */ disabledByMicrosoft?: pulumi.Input; /** * The display name for the application. */ displayName?: pulumi.Input; /** * Configures the `groups` claim issued in a user or OAuth access token that the app expects. Possible values are `None`, `SecurityGroup`, `DirectoryRole`, `ApplicationGroup` or `All`. */ groupMembershipClaims?: pulumi.Input[]>; /** * Home page or landing page of the application. */ homepageUrl?: pulumi.Input; /** * Whether this web application can request an access token using OAuth implicit flow. */ implicitAccessTokenIssuanceEnabled?: pulumi.Input; /** * Whether this web application can request an ID token using OAuth implicit flow. */ implicitIdTokenIssuanceEnabled?: pulumi.Input; /** * The URL that will be used by Microsoft's authorization service to sign out a user using front-channel, back-channel or SAML logout protocols. */ logoutUrl?: pulumi.Input; /** * URL of the marketing page for the application. */ marketingUrl?: pulumi.Input; /** * User-specified notes relevant for the management of the application. */ notes?: pulumi.Input; /** * The object ID of the application within the tenant. */ objectId?: pulumi.Input; /** * URL of the privacy statement for the application. */ privacyStatementUrl?: pulumi.Input; /** * The verified publisher domain for the application. */ publisherDomain?: pulumi.Input; /** * The access token version expected by this resource. Must be one of `1` or `2`, and must be `2` when `signInAudience` is either `AzureADandPersonalMicrosoftAccount` or `PersonalMicrosoftAccount` Defaults to `2`. */ requestedAccessTokenVersion?: pulumi.Input; /** * References application context information from a Service or Asset Management database. */ serviceManagementReference?: pulumi.Input; /** * The Microsoft account types that are supported for the current application. Must be one of `AzureADMyOrg`, `AzureADMultipleOrgs`, `AzureADandPersonalMicrosoftAccount` or `PersonalMicrosoftAccount`. Defaults to `AzureADMyOrg`. */ signInAudience?: pulumi.Input; /** * URL of the support page for the application. */ supportUrl?: pulumi.Input; /** * URL of the terms of service statement for the application. */ termsOfServiceUrl?: pulumi.Input; } /** * The set of arguments for constructing a ApplicationRegistration resource. */ export interface ApplicationRegistrationArgs { /** * A description of the application, as shown to end users. */ description?: pulumi.Input; /** * The display name for the application. */ displayName: pulumi.Input; /** * Configures the `groups` claim issued in a user or OAuth access token that the app expects. Possible values are `None`, `SecurityGroup`, `DirectoryRole`, `ApplicationGroup` or `All`. */ groupMembershipClaims?: pulumi.Input[]>; /** * Home page or landing page of the application. */ homepageUrl?: pulumi.Input; /** * Whether this web application can request an access token using OAuth implicit flow. */ implicitAccessTokenIssuanceEnabled?: pulumi.Input; /** * Whether this web application can request an ID token using OAuth implicit flow. */ implicitIdTokenIssuanceEnabled?: pulumi.Input; /** * The URL that will be used by Microsoft's authorization service to sign out a user using front-channel, back-channel or SAML logout protocols. */ logoutUrl?: pulumi.Input; /** * URL of the marketing page for the application. */ marketingUrl?: pulumi.Input; /** * User-specified notes relevant for the management of the application. */ notes?: pulumi.Input; /** * URL of the privacy statement for the application. */ privacyStatementUrl?: pulumi.Input; /** * The access token version expected by this resource. Must be one of `1` or `2`, and must be `2` when `signInAudience` is either `AzureADandPersonalMicrosoftAccount` or `PersonalMicrosoftAccount` Defaults to `2`. */ requestedAccessTokenVersion?: pulumi.Input; /** * References application context information from a Service or Asset Management database. */ serviceManagementReference?: pulumi.Input; /** * The Microsoft account types that are supported for the current application. Must be one of `AzureADMyOrg`, `AzureADMultipleOrgs`, `AzureADandPersonalMicrosoftAccount` or `PersonalMicrosoftAccount`. Defaults to `AzureADMyOrg`. */ signInAudience?: pulumi.Input; /** * URL of the support page for the application. */ supportUrl?: pulumi.Input; /** * URL of the terms of service statement for the application. */ termsOfServiceUrl?: pulumi.Input; }