import * as pulumi from "@pulumi/pulumi";
import * as inputs from "./types/input";
import * as outputs from "./types/output";
/**
 * Provides a [Sumologic SAML Configuration](https://help.sumologic.com/Manage/Security/SAML/01-Set-Up-SAML-for-Single-Sign-On).
 *
 * ## Example Usage
 *
 * ```typescript
 * import * as pulumi from "@pulumi/pulumi";
 * import * as sumologic from "@pulumi/sumologic";
 *
 * const exampleSamlConfiguration = new sumologic.SamlConfiguration("exampleSamlConfiguration", {
 *     spInitiatedLoginPath: "",
 *     configurationName: "SumoLogic",
 *     issuer: "http://www.okta.com/abxcseyuiwelflkdjh",
 *     spInitiatedLoginEnabled: false,
 *     authnRequestUrl: "",
 *     x509cert1: "string",
 *     x509cert2: "",
 *     x509cert3: "",
 *     onDemandProvisioningEnabled: {
 *         firstNameAttribute: "firstName",
 *         lastNameAttribute: "lastName",
 *         onDemandProvisioningRoles: ["Administrator"],
 *     },
 *     rolesAttribute: "Administrator",
 *     logoutEnabled: false,
 *     logoutUrl: "",
 *     emailAttribute: "",
 *     debugMode: false,
 *     signAuthnRequest: false,
 *     disableRequestedAuthnContext: false,
 *     isRedirectBinding: false,
 * });
 * ```
 *
 * ## Attributes reference
 *
 * The following attributes are exported:
 *
 * - `id` - Unique identifier for the SAML Configuration.
 * - `certificate` - Authentication Request Signing Certificate for the user.
 * - `assertionConsumerUrl` - The URL on Sumo Logic where the IdP will redirect to with its authentication response.
 * - `entityId` - A unique identifier that is the intended audience of the SAML assertion.
 *
 * ## Import
 *
 * SAML Configuration can be imported using the SAML configuration id, e.g.:
 *
 * hcl
 *
 * ```sh
 * $ pulumi import sumologic:index/samlConfiguration:SamlConfiguration example 00000000454A5979
 * ```
 *
 * [1]: https://help.sumologic.com/Manage/Security/SAML/01-Set-Up-SAML-for-Single-Sign-On
 */
export declare class SamlConfiguration extends pulumi.CustomResource {
    /**
     * Get an existing SamlConfiguration resource's state with the given name, ID, and optional extra
     * properties used to qualify the lookup.
     *
     * @param name The _unique_ name of the resulting resource.
     * @param id The _unique_ provider ID of the resource to lookup.
     * @param state Any extra arguments used during the lookup.
     * @param opts Optional settings to control the behavior of the CustomResource.
     */
    static get(name: string, id: pulumi.Input<pulumi.ID>, state?: SamlConfigurationState, opts?: pulumi.CustomResourceOptions): SamlConfiguration;
    /**
     * Returns true if the given object is an instance of SamlConfiguration.  This is designed to work even
     * when multiple copies of the Pulumi SDK have been loaded into the same process.
     */
    static isInstance(obj: any): obj is SamlConfiguration;
    readonly assertionConsumerUrl: pulumi.Output<string>;
    /**
     * The URL that the identity provider has assigned for Sumo Logic to submit SAML authentication requests to the identity provider. Defaults to "".
     */
    readonly authnRequestUrl: pulumi.Output<string | undefined>;
    readonly certificate: pulumi.Output<string>;
    /**
     * Name of the SSO policy or another name used to describe the policy internally.
     */
    readonly configurationName: pulumi.Output<string>;
    /**
     * True if additional details are included when a user fails to sign in. Defaults to false.
     */
    readonly debugMode: pulumi.Output<boolean | undefined>;
    /**
     * True if Sumo Logic will include the RequestedAuthnContext element of the SAML AuthnRequests it sends to the identity provider. Defaults to false.
     */
    readonly disableRequestedAuthnContext: pulumi.Output<boolean | undefined>;
    /**
     * The email address of the new user account. Defaults to "".
     */
    readonly emailAttribute: pulumi.Output<string | undefined>;
    readonly entityId: pulumi.Output<string>;
    /**
     * True if the SAML binding is of HTTP Redirect type. Defaults to false.
     */
    readonly isRedirectBinding: pulumi.Output<boolean | undefined>;
    /**
     * The unique URL assigned to the organization by the SAML Identity Provider.
     */
    readonly issuer: pulumi.Output<string>;
    /**
     * True if users are redirected to a URL after signing out of Sumo Logic. Defaults to false.
     */
    readonly logoutEnabled: pulumi.Output<boolean | undefined>;
    /**
     * The URL that users will be redirected to after signing out of Sumo Logic. Defaults to "".
     */
    readonly logoutUrl: pulumi.Output<string | undefined>;
    /**
     * The configuration for on-demand provisioning. See onDemandProvisioningEnabled schema for details.
     */
    readonly onDemandProvisioningEnabled: pulumi.Output<outputs.SamlConfigurationOnDemandProvisioningEnabled | undefined>;
    /**
     * The role that Sumo Logic will assign to users when they sign in. Defaults to "".
     */
    readonly rolesAttribute: pulumi.Output<string | undefined>;
    /**
     * True if Sumo Logic will send signed Authn requests to the identity provider. Defaults to false.
     */
    readonly signAuthnRequest: pulumi.Output<boolean | undefined>;
    /**
     * True if Sumo Logic redirects users to your identity provider with a SAML AuthnRequest when signing in. Defaults to false.
     */
    readonly spInitiatedLoginEnabled: pulumi.Output<boolean | undefined>;
    /**
     * The identifier used to generate a unique URL for user login. Defaults to "".
     */
    readonly spInitiatedLoginPath: pulumi.Output<string | undefined>;
    /**
     * The certificate is used to verify the signature in SAML assertions.
     */
    readonly x509cert1: pulumi.Output<string>;
    /**
     * The backup certificate used to verify the signature in SAML assertions when x509cert1 expires. Defaults to "".
     */
    readonly x509cert2: pulumi.Output<string | undefined>;
    /**
     * The backup certificate used to verify the signature in SAML assertions when x509cert1 expires and x509cert2 is empty. Defaults to "".
     */
    readonly x509cert3: pulumi.Output<string | undefined>;
    /**
     * Create a SamlConfiguration resource with the given unique name, arguments, and options.
     *
     * @param name The _unique_ name of the resource.
     * @param args The arguments to use to populate this resource's properties.
     * @param opts A bag of options that control this resource's behavior.
     */
    constructor(name: string, args: SamlConfigurationArgs, opts?: pulumi.CustomResourceOptions);
}
/**
 * Input properties used for looking up and filtering SamlConfiguration resources.
 */
export interface SamlConfigurationState {
    assertionConsumerUrl?: pulumi.Input<string>;
    /**
     * The URL that the identity provider has assigned for Sumo Logic to submit SAML authentication requests to the identity provider. Defaults to "".
     */
    authnRequestUrl?: pulumi.Input<string>;
    certificate?: pulumi.Input<string>;
    /**
     * Name of the SSO policy or another name used to describe the policy internally.
     */
    configurationName?: pulumi.Input<string>;
    /**
     * True if additional details are included when a user fails to sign in. Defaults to false.
     */
    debugMode?: pulumi.Input<boolean>;
    /**
     * True if Sumo Logic will include the RequestedAuthnContext element of the SAML AuthnRequests it sends to the identity provider. Defaults to false.
     */
    disableRequestedAuthnContext?: pulumi.Input<boolean>;
    /**
     * The email address of the new user account. Defaults to "".
     */
    emailAttribute?: pulumi.Input<string>;
    entityId?: pulumi.Input<string>;
    /**
     * True if the SAML binding is of HTTP Redirect type. Defaults to false.
     */
    isRedirectBinding?: pulumi.Input<boolean>;
    /**
     * The unique URL assigned to the organization by the SAML Identity Provider.
     */
    issuer?: pulumi.Input<string>;
    /**
     * True if users are redirected to a URL after signing out of Sumo Logic. Defaults to false.
     */
    logoutEnabled?: pulumi.Input<boolean>;
    /**
     * The URL that users will be redirected to after signing out of Sumo Logic. Defaults to "".
     */
    logoutUrl?: pulumi.Input<string>;
    /**
     * The configuration for on-demand provisioning. See onDemandProvisioningEnabled schema for details.
     */
    onDemandProvisioningEnabled?: pulumi.Input<inputs.SamlConfigurationOnDemandProvisioningEnabled>;
    /**
     * The role that Sumo Logic will assign to users when they sign in. Defaults to "".
     */
    rolesAttribute?: pulumi.Input<string>;
    /**
     * True if Sumo Logic will send signed Authn requests to the identity provider. Defaults to false.
     */
    signAuthnRequest?: pulumi.Input<boolean>;
    /**
     * True if Sumo Logic redirects users to your identity provider with a SAML AuthnRequest when signing in. Defaults to false.
     */
    spInitiatedLoginEnabled?: pulumi.Input<boolean>;
    /**
     * The identifier used to generate a unique URL for user login. Defaults to "".
     */
    spInitiatedLoginPath?: pulumi.Input<string>;
    /**
     * The certificate is used to verify the signature in SAML assertions.
     */
    x509cert1?: pulumi.Input<string>;
    /**
     * The backup certificate used to verify the signature in SAML assertions when x509cert1 expires. Defaults to "".
     */
    x509cert2?: pulumi.Input<string>;
    /**
     * The backup certificate used to verify the signature in SAML assertions when x509cert1 expires and x509cert2 is empty. Defaults to "".
     */
    x509cert3?: pulumi.Input<string>;
}
/**
 * The set of arguments for constructing a SamlConfiguration resource.
 */
export interface SamlConfigurationArgs {
    /**
     * The URL that the identity provider has assigned for Sumo Logic to submit SAML authentication requests to the identity provider. Defaults to "".
     */
    authnRequestUrl?: pulumi.Input<string>;
    /**
     * Name of the SSO policy or another name used to describe the policy internally.
     */
    configurationName: pulumi.Input<string>;
    /**
     * True if additional details are included when a user fails to sign in. Defaults to false.
     */
    debugMode?: pulumi.Input<boolean>;
    /**
     * True if Sumo Logic will include the RequestedAuthnContext element of the SAML AuthnRequests it sends to the identity provider. Defaults to false.
     */
    disableRequestedAuthnContext?: pulumi.Input<boolean>;
    /**
     * The email address of the new user account. Defaults to "".
     */
    emailAttribute?: pulumi.Input<string>;
    /**
     * True if the SAML binding is of HTTP Redirect type. Defaults to false.
     */
    isRedirectBinding?: pulumi.Input<boolean>;
    /**
     * The unique URL assigned to the organization by the SAML Identity Provider.
     */
    issuer: pulumi.Input<string>;
    /**
     * True if users are redirected to a URL after signing out of Sumo Logic. Defaults to false.
     */
    logoutEnabled?: pulumi.Input<boolean>;
    /**
     * The URL that users will be redirected to after signing out of Sumo Logic. Defaults to "".
     */
    logoutUrl?: pulumi.Input<string>;
    /**
     * The configuration for on-demand provisioning. See onDemandProvisioningEnabled schema for details.
     */
    onDemandProvisioningEnabled?: pulumi.Input<inputs.SamlConfigurationOnDemandProvisioningEnabled>;
    /**
     * The role that Sumo Logic will assign to users when they sign in. Defaults to "".
     */
    rolesAttribute?: pulumi.Input<string>;
    /**
     * True if Sumo Logic will send signed Authn requests to the identity provider. Defaults to false.
     */
    signAuthnRequest?: pulumi.Input<boolean>;
    /**
     * True if Sumo Logic redirects users to your identity provider with a SAML AuthnRequest when signing in. Defaults to false.
     */
    spInitiatedLoginEnabled?: pulumi.Input<boolean>;
    /**
     * The identifier used to generate a unique URL for user login. Defaults to "".
     */
    spInitiatedLoginPath?: pulumi.Input<string>;
    /**
     * The certificate is used to verify the signature in SAML assertions.
     */
    x509cert1: pulumi.Input<string>;
    /**
     * The backup certificate used to verify the signature in SAML assertions when x509cert1 expires. Defaults to "".
     */
    x509cert2?: pulumi.Input<string>;
    /**
     * The backup certificate used to verify the signature in SAML assertions when x509cert1 expires and x509cert2 is empty. Defaults to "".
     */
    x509cert3?: pulumi.Input<string>;
}
