From eb83fc95ef1508590bc6543ad095864d435448f8 Mon Sep 17 00:00:00 2001 From: Stefan Benz <46600784+stebenz@users.noreply.github.com> Date: Mon, 16 Dec 2024 19:14:25 +0100 Subject: [PATCH 1/5] fix: add auto linking to idps --- docs/data-sources/idp_azure_ad.md | 1 + docs/data-sources/idp_github.md | 1 + docs/data-sources/idp_github_es.md | 1 + docs/data-sources/idp_gitlab.md | 1 + docs/data-sources/idp_gitlab_self_hosted.md | 1 + docs/data-sources/idp_google.md | 1 + docs/data-sources/idp_ldap.md | 1 + docs/data-sources/idp_oauth.md | 1 + docs/data-sources/idp_saml.md | 1 + docs/resources/idp_azure_ad.md | 4 +++- docs/resources/idp_github.md | 2 ++ docs/resources/idp_github_es.md | 2 ++ docs/resources/idp_gitlab.md | 2 ++ docs/resources/idp_gitlab_self_hosted.md | 2 ++ docs/resources/idp_google.md | 2 ++ docs/resources/idp_ldap.md | 2 ++ docs/resources/idp_oauth.md | 2 ++ docs/resources/idp_saml.md | 2 ++ examples/provider/resources/idp_azure_ad.tf | 3 ++- examples/provider/resources/idp_github.tf | 1 + examples/provider/resources/idp_github_es.tf | 1 + examples/provider/resources/idp_gitlab.tf | 1 + .../resources/idp_gitlab_self_hosted.tf | 1 + examples/provider/resources/idp_google.tf | 1 + examples/provider/resources/idp_ldap.tf | 1 + examples/provider/resources/idp_oauth.tf | 1 + examples/provider/resources/idp_saml.tf | 1 + zitadel/idp_azure_ad/datasource.go | 1 + zitadel/idp_azure_ad/funcs.go | 1 + zitadel/idp_azure_ad/resource.go | 1 + zitadel/idp_github/datasource.go | 1 + zitadel/idp_github/funcs.go | 1 + zitadel/idp_github/resource.go | 1 + zitadel/idp_github_es/datasource.go | 1 + zitadel/idp_github_es/funcs.go | 1 + zitadel/idp_github_es/resource.go | 1 + zitadel/idp_gitlab/datasource.go | 1 + zitadel/idp_gitlab/funcs.go | 1 + zitadel/idp_gitlab/resource.go | 1 + zitadel/idp_gitlab_self_hosted/datasource.go | 1 + zitadel/idp_gitlab_self_hosted/funcs.go | 1 + zitadel/idp_gitlab_self_hosted/resource.go | 1 + zitadel/idp_google/datasource.go | 1 + zitadel/idp_google/funcs.go | 1 + zitadel/idp_google/resource.go | 1 + zitadel/idp_ldap/datasource.go | 1 + zitadel/idp_ldap/funcs.go | 1 + zitadel/idp_ldap/resource.go | 1 + zitadel/idp_oauth/datasource.go | 1 + zitadel/idp_oauth/funcs.go | 1 + zitadel/idp_oauth/resource.go | 1 + zitadel/idp_saml/datasource.go | 1 + zitadel/idp_saml/funcs.go | 1 + zitadel/idp_saml/resource.go | 1 + zitadel/idp_utils/funcs.go | 9 +++++++ zitadel/idp_utils/schema.go | 24 ++++++++++++++++++- 56 files changed, 97 insertions(+), 3 deletions(-) diff --git a/docs/data-sources/idp_azure_ad.md b/docs/data-sources/idp_azure_ad.md index fdc9be01..616a3e59 100644 --- a/docs/data-sources/idp_azure_ad.md +++ b/docs/data-sources/idp_azure_ad.md @@ -26,6 +26,7 @@ data "zitadel_idp_azure_ad" "default" { ### Read-Only +- `auto_linking` (String) Enable if users should get prompted to link an existing ZITADEL user to an external account if the selected attribute matches, supported values: AUTO_LINKING_OPTION_UNSPECIFIED, AUTO_LINKING_OPTION_USERNAME, AUTO_LINKING_OPTION_EMAIL - `client_id` (String) client id generated by the identity provider - `client_secret` (String, Sensitive) client secret generated by the identity provider - `email_verified` (Boolean) automatically mark emails as verified diff --git a/docs/data-sources/idp_github.md b/docs/data-sources/idp_github.md index 567699cf..6e17f199 100644 --- a/docs/data-sources/idp_github.md +++ b/docs/data-sources/idp_github.md @@ -26,6 +26,7 @@ data "zitadel_idp_github" "default" { ### Read-Only +- `auto_linking` (String) Enable if users should get prompted to link an existing ZITADEL user to an external account if the selected attribute matches, supported values: AUTO_LINKING_OPTION_UNSPECIFIED, AUTO_LINKING_OPTION_USERNAME, AUTO_LINKING_OPTION_EMAIL - `client_id` (String) client id generated by the identity provider - `client_secret` (String, Sensitive) client secret generated by the identity provider - `is_auto_creation` (Boolean) enabled if a new account in ZITADEL are created automatically on login with an external account diff --git a/docs/data-sources/idp_github_es.md b/docs/data-sources/idp_github_es.md index 9eb79692..dca27a31 100644 --- a/docs/data-sources/idp_github_es.md +++ b/docs/data-sources/idp_github_es.md @@ -27,6 +27,7 @@ data "zitadel_idp_github_es" "default" { ### Read-Only - `authorization_endpoint` (String) the providers authorization endpoint +- `auto_linking` (String) Enable if users should get prompted to link an existing ZITADEL user to an external account if the selected attribute matches, supported values: AUTO_LINKING_OPTION_UNSPECIFIED, AUTO_LINKING_OPTION_USERNAME, AUTO_LINKING_OPTION_EMAIL - `client_id` (String) client id generated by the identity provider - `client_secret` (String, Sensitive) client secret generated by the identity provider - `is_auto_creation` (Boolean) enabled if a new account in ZITADEL are created automatically on login with an external account diff --git a/docs/data-sources/idp_gitlab.md b/docs/data-sources/idp_gitlab.md index 4b2cb92f..b6930e7d 100644 --- a/docs/data-sources/idp_gitlab.md +++ b/docs/data-sources/idp_gitlab.md @@ -26,6 +26,7 @@ data "zitadel_idp_gitlab" "default" { ### Read-Only +- `auto_linking` (String) Enable if users should get prompted to link an existing ZITADEL user to an external account if the selected attribute matches, supported values: AUTO_LINKING_OPTION_UNSPECIFIED, AUTO_LINKING_OPTION_USERNAME, AUTO_LINKING_OPTION_EMAIL - `client_id` (String) client id generated by the identity provider - `client_secret` (String, Sensitive) client secret generated by the identity provider - `is_auto_creation` (Boolean) enabled if a new account in ZITADEL are created automatically on login with an external account diff --git a/docs/data-sources/idp_gitlab_self_hosted.md b/docs/data-sources/idp_gitlab_self_hosted.md index 62b94782..90b16368 100644 --- a/docs/data-sources/idp_gitlab_self_hosted.md +++ b/docs/data-sources/idp_gitlab_self_hosted.md @@ -26,6 +26,7 @@ data "zitadel_idp_gitlab_self_hosted" "default" { ### Read-Only +- `auto_linking` (String) Enable if users should get prompted to link an existing ZITADEL user to an external account if the selected attribute matches, supported values: AUTO_LINKING_OPTION_UNSPECIFIED, AUTO_LINKING_OPTION_USERNAME, AUTO_LINKING_OPTION_EMAIL - `client_id` (String) client id generated by the identity provider - `client_secret` (String, Sensitive) client secret generated by the identity provider - `is_auto_creation` (Boolean) enabled if a new account in ZITADEL are created automatically on login with an external account diff --git a/docs/data-sources/idp_google.md b/docs/data-sources/idp_google.md index 4d7c1676..6d05d599 100644 --- a/docs/data-sources/idp_google.md +++ b/docs/data-sources/idp_google.md @@ -26,6 +26,7 @@ data "zitadel_idp_google" "default" { ### Read-Only +- `auto_linking` (String) Enable if users should get prompted to link an existing ZITADEL user to an external account if the selected attribute matches, supported values: AUTO_LINKING_OPTION_UNSPECIFIED, AUTO_LINKING_OPTION_USERNAME, AUTO_LINKING_OPTION_EMAIL - `client_id` (String) client id generated by the identity provider - `client_secret` (String, Sensitive) client secret generated by the identity provider - `is_auto_creation` (Boolean) enabled if a new account in ZITADEL are created automatically on login with an external account diff --git a/docs/data-sources/idp_ldap.md b/docs/data-sources/idp_ldap.md index 34aace90..59b5cd0d 100644 --- a/docs/data-sources/idp_ldap.md +++ b/docs/data-sources/idp_ldap.md @@ -26,6 +26,7 @@ data "zitadel_idp_ldap" "default" { ### Read-Only +- `auto_linking` (String) Enable if users should get prompted to link an existing ZITADEL user to an external account if the selected attribute matches, supported values: AUTO_LINKING_OPTION_UNSPECIFIED, AUTO_LINKING_OPTION_USERNAME, AUTO_LINKING_OPTION_EMAIL - `avatar_url_attribute` (String) User attribute for the avatar url - `base_dn` (String) Base DN for LDAP connections - `bind_dn` (String) Bind DN for LDAP connections diff --git a/docs/data-sources/idp_oauth.md b/docs/data-sources/idp_oauth.md index a58da98a..6133e391 100644 --- a/docs/data-sources/idp_oauth.md +++ b/docs/data-sources/idp_oauth.md @@ -27,6 +27,7 @@ data "zitadel_idp_oauth" "default" { ### Read-Only - `authorization_endpoint` (String) The authorization endpoint +- `auto_linking` (String) Enable if users should get prompted to link an existing ZITADEL user to an external account if the selected attribute matches, supported values: AUTO_LINKING_OPTION_UNSPECIFIED, AUTO_LINKING_OPTION_USERNAME, AUTO_LINKING_OPTION_EMAIL - `client_id` (String) client id generated by the identity provider - `client_secret` (String, Sensitive) client secret generated by the identity provider - `id_attribute` (String) The id attribute diff --git a/docs/data-sources/idp_saml.md b/docs/data-sources/idp_saml.md index f8b2866d..0eceffdc 100644 --- a/docs/data-sources/idp_saml.md +++ b/docs/data-sources/idp_saml.md @@ -26,6 +26,7 @@ data "zitadel_idp_saml" "default" { ### Read-Only +- `auto_linking` (String) Enable if users should get prompted to link an existing ZITADEL user to an external account if the selected attribute matches, supported values: AUTO_LINKING_OPTION_UNSPECIFIED, AUTO_LINKING_OPTION_USERNAME, AUTO_LINKING_OPTION_EMAIL - `binding` (String) The binding - `is_auto_creation` (Boolean) enabled if a new account in ZITADEL are created automatically on login with an external account - `is_auto_update` (Boolean) enabled if a the ZITADEL account fields are updated automatically on each login diff --git a/docs/resources/idp_azure_ad.md b/docs/resources/idp_azure_ad.md index 2143d357..419b16f4 100644 --- a/docs/resources/idp_azure_ad.md +++ b/docs/resources/idp_azure_ad.md @@ -16,13 +16,14 @@ resource "zitadel_idp_azure_ad" "default" { name = "Azure AD" client_id = "9065bfc8-a08a..." client_secret = "H2n***" - scopes = ["openid", "profile", "email", "User.Read"] + scopes = ["openid", "profile", "email", "User.Read"] tenant_type = "AZURE_AD_TENANT_TYPE_ORGANISATIONS" email_verified = true is_linking_allowed = false is_creation_allowed = true is_auto_creation = false is_auto_update = true + auto_linking = "AUTO_LINKING_OPTION_USERNAME" } ``` @@ -31,6 +32,7 @@ resource "zitadel_idp_azure_ad" "default" { ### Required +- `auto_linking` (String) Enable if users should get prompted to link an existing ZITADEL user to an external account if the selected attribute matches, supported values: AUTO_LINKING_OPTION_UNSPECIFIED, AUTO_LINKING_OPTION_USERNAME, AUTO_LINKING_OPTION_EMAIL - `client_id` (String) client id generated by the identity provider - `client_secret` (String, Sensitive) client secret generated by the identity provider - `email_verified` (Boolean) automatically mark emails as verified diff --git a/docs/resources/idp_github.md b/docs/resources/idp_github.md index 16df65d3..64837924 100644 --- a/docs/resources/idp_github.md +++ b/docs/resources/idp_github.md @@ -21,6 +21,7 @@ resource "zitadel_idp_github" "default" { is_creation_allowed = true is_auto_creation = false is_auto_update = true + auto_linking = "AUTO_LINKING_OPTION_USERNAME" } ``` @@ -29,6 +30,7 @@ resource "zitadel_idp_github" "default" { ### Required +- `auto_linking` (String) Enable if users should get prompted to link an existing ZITADEL user to an external account if the selected attribute matches, supported values: AUTO_LINKING_OPTION_UNSPECIFIED, AUTO_LINKING_OPTION_USERNAME, AUTO_LINKING_OPTION_EMAIL - `client_id` (String) client id generated by the identity provider - `client_secret` (String, Sensitive) client secret generated by the identity provider - `is_auto_creation` (Boolean) enable if a new account in ZITADEL should be created automatically on login with an external account diff --git a/docs/resources/idp_github_es.md b/docs/resources/idp_github_es.md index 73710040..9d7b6f44 100644 --- a/docs/resources/idp_github_es.md +++ b/docs/resources/idp_github_es.md @@ -24,6 +24,7 @@ resource "zitadel_idp_github_es" "default" { is_creation_allowed = true is_auto_creation = false is_auto_update = true + auto_linking = "AUTO_LINKING_OPTION_USERNAME" } ``` @@ -33,6 +34,7 @@ resource "zitadel_idp_github_es" "default" { ### Required - `authorization_endpoint` (String) the providers authorization endpoint +- `auto_linking` (String) Enable if users should get prompted to link an existing ZITADEL user to an external account if the selected attribute matches, supported values: AUTO_LINKING_OPTION_UNSPECIFIED, AUTO_LINKING_OPTION_USERNAME, AUTO_LINKING_OPTION_EMAIL - `client_id` (String) client id generated by the identity provider - `client_secret` (String, Sensitive) client secret generated by the identity provider - `is_auto_creation` (Boolean) enable if a new account in ZITADEL should be created automatically on login with an external account diff --git a/docs/resources/idp_gitlab.md b/docs/resources/idp_gitlab.md index e18f7318..5c6c09a3 100644 --- a/docs/resources/idp_gitlab.md +++ b/docs/resources/idp_gitlab.md @@ -21,6 +21,7 @@ resource "zitadel_idp_gitlab" "default" { is_creation_allowed = true is_auto_creation = false is_auto_update = true + auto_linking = "AUTO_LINKING_OPTION_USERNAME" } ``` @@ -29,6 +30,7 @@ resource "zitadel_idp_gitlab" "default" { ### Required +- `auto_linking` (String) Enable if users should get prompted to link an existing ZITADEL user to an external account if the selected attribute matches, supported values: AUTO_LINKING_OPTION_UNSPECIFIED, AUTO_LINKING_OPTION_USERNAME, AUTO_LINKING_OPTION_EMAIL - `client_id` (String) client id generated by the identity provider - `client_secret` (String, Sensitive) client secret generated by the identity provider - `is_auto_creation` (Boolean) enable if a new account in ZITADEL should be created automatically on login with an external account diff --git a/docs/resources/idp_gitlab_self_hosted.md b/docs/resources/idp_gitlab_self_hosted.md index c3242a70..dd3bd4f4 100644 --- a/docs/resources/idp_gitlab_self_hosted.md +++ b/docs/resources/idp_gitlab_self_hosted.md @@ -22,6 +22,7 @@ resource "zitadel_idp_gitlab_self_hosted" "default" { is_creation_allowed = true is_auto_creation = false is_auto_update = true + auto_linking = "AUTO_LINKING_OPTION_USERNAME" } ``` @@ -30,6 +31,7 @@ resource "zitadel_idp_gitlab_self_hosted" "default" { ### Required +- `auto_linking` (String) Enable if users should get prompted to link an existing ZITADEL user to an external account if the selected attribute matches, supported values: AUTO_LINKING_OPTION_UNSPECIFIED, AUTO_LINKING_OPTION_USERNAME, AUTO_LINKING_OPTION_EMAIL - `client_id` (String) client id generated by the identity provider - `client_secret` (String, Sensitive) client secret generated by the identity provider - `is_auto_creation` (Boolean) enable if a new account in ZITADEL should be created automatically on login with an external account diff --git a/docs/resources/idp_google.md b/docs/resources/idp_google.md index 1a7f987c..b23f8299 100644 --- a/docs/resources/idp_google.md +++ b/docs/resources/idp_google.md @@ -21,6 +21,7 @@ resource "zitadel_idp_google" "default" { is_creation_allowed = true is_auto_creation = false is_auto_update = true + auto_linking = "AUTO_LINKING_OPTION_USERNAME" } ``` @@ -29,6 +30,7 @@ resource "zitadel_idp_google" "default" { ### Required +- `auto_linking` (String) Enable if users should get prompted to link an existing ZITADEL user to an external account if the selected attribute matches, supported values: AUTO_LINKING_OPTION_UNSPECIFIED, AUTO_LINKING_OPTION_USERNAME, AUTO_LINKING_OPTION_EMAIL - `client_id` (String) client id generated by the identity provider - `client_secret` (String, Sensitive) client secret generated by the identity provider - `is_auto_creation` (Boolean) enable if a new account in ZITADEL should be created automatically on login with an external account diff --git a/docs/resources/idp_ldap.md b/docs/resources/idp_ldap.md index 1dce73bf..d3edaf74 100644 --- a/docs/resources/idp_ldap.md +++ b/docs/resources/idp_ldap.md @@ -30,6 +30,7 @@ resource "zitadel_idp_ldap" "default" { is_creation_allowed = true is_auto_creation = false is_auto_update = true + auto_linking = "AUTO_LINKING_OPTION_USERNAME" } ``` @@ -38,6 +39,7 @@ resource "zitadel_idp_ldap" "default" { ### Required +- `auto_linking` (String) Enable if users should get prompted to link an existing ZITADEL user to an external account if the selected attribute matches, supported values: AUTO_LINKING_OPTION_UNSPECIFIED, AUTO_LINKING_OPTION_USERNAME, AUTO_LINKING_OPTION_EMAIL - `base_dn` (String) Base DN for LDAP connections - `bind_dn` (String) Bind DN for LDAP connections - `bind_password` (String, Sensitive) Bind password for LDAP connections diff --git a/docs/resources/idp_oauth.md b/docs/resources/idp_oauth.md index 403284a4..f6894b8d 100644 --- a/docs/resources/idp_oauth.md +++ b/docs/resources/idp_oauth.md @@ -25,6 +25,7 @@ resource "zitadel_idp_oauth" "default" { is_creation_allowed = true is_auto_creation = false is_auto_update = true + auto_linking = "AUTO_LINKING_OPTION_USERNAME" } ``` @@ -34,6 +35,7 @@ resource "zitadel_idp_oauth" "default" { ### Required - `authorization_endpoint` (String) The authorization endpoint +- `auto_linking` (String) Enable if users should get prompted to link an existing ZITADEL user to an external account if the selected attribute matches, supported values: AUTO_LINKING_OPTION_UNSPECIFIED, AUTO_LINKING_OPTION_USERNAME, AUTO_LINKING_OPTION_EMAIL - `client_id` (String) client id generated by the identity provider - `client_secret` (String, Sensitive) client secret generated by the identity provider - `id_attribute` (String) The id attribute diff --git a/docs/resources/idp_saml.md b/docs/resources/idp_saml.md index 01eacfb7..7f218059 100644 --- a/docs/resources/idp_saml.md +++ b/docs/resources/idp_saml.md @@ -20,6 +20,7 @@ resource "zitadel_idp_saml" "default" { is_creation_allowed = true is_auto_creation = false is_auto_update = true + auto_linking = "AUTO_LINKING_OPTION_USERNAME" metadata_xml = < @@ -60,6 +61,7 @@ EOM ### Required +- `auto_linking` (String) Enable if users should get prompted to link an existing ZITADEL user to an external account if the selected attribute matches, supported values: AUTO_LINKING_OPTION_UNSPECIFIED, AUTO_LINKING_OPTION_USERNAME, AUTO_LINKING_OPTION_EMAIL - `is_auto_creation` (Boolean) enable if a new account in ZITADEL should be created automatically on login with an external account - `is_auto_update` (Boolean) enable if a the ZITADEL account fields should be updated automatically on each login - `is_creation_allowed` (Boolean) enable if users should be able to create a new account in ZITADEL when using an external account diff --git a/examples/provider/resources/idp_azure_ad.tf b/examples/provider/resources/idp_azure_ad.tf index b6f87a57..5052d316 100644 --- a/examples/provider/resources/idp_azure_ad.tf +++ b/examples/provider/resources/idp_azure_ad.tf @@ -2,11 +2,12 @@ resource "zitadel_idp_azure_ad" "default" { name = "Azure AD" client_id = "9065bfc8-a08a..." client_secret = "H2n***" - scopes = ["openid", "profile", "email", "User.Read"] + scopes = ["openid", "profile", "email", "User.Read"] tenant_type = "AZURE_AD_TENANT_TYPE_ORGANISATIONS" email_verified = true is_linking_allowed = false is_creation_allowed = true is_auto_creation = false is_auto_update = true + auto_linking = "AUTO_LINKING_OPTION_USERNAME" } diff --git a/examples/provider/resources/idp_github.tf b/examples/provider/resources/idp_github.tf index bbe729f9..0c25dd61 100644 --- a/examples/provider/resources/idp_github.tf +++ b/examples/provider/resources/idp_github.tf @@ -7,4 +7,5 @@ resource "zitadel_idp_github" "default" { is_creation_allowed = true is_auto_creation = false is_auto_update = true + auto_linking = "AUTO_LINKING_OPTION_USERNAME" } diff --git a/examples/provider/resources/idp_github_es.tf b/examples/provider/resources/idp_github_es.tf index f7f985cf..37d971e2 100644 --- a/examples/provider/resources/idp_github_es.tf +++ b/examples/provider/resources/idp_github_es.tf @@ -10,4 +10,5 @@ resource "zitadel_idp_github_es" "default" { is_creation_allowed = true is_auto_creation = false is_auto_update = true + auto_linking = "AUTO_LINKING_OPTION_USERNAME" } diff --git a/examples/provider/resources/idp_gitlab.tf b/examples/provider/resources/idp_gitlab.tf index 1440fe71..fcdce531 100644 --- a/examples/provider/resources/idp_gitlab.tf +++ b/examples/provider/resources/idp_gitlab.tf @@ -7,4 +7,5 @@ resource "zitadel_idp_gitlab" "default" { is_creation_allowed = true is_auto_creation = false is_auto_update = true + auto_linking = "AUTO_LINKING_OPTION_USERNAME" } diff --git a/examples/provider/resources/idp_gitlab_self_hosted.tf b/examples/provider/resources/idp_gitlab_self_hosted.tf index 3914506c..2d235505 100644 --- a/examples/provider/resources/idp_gitlab_self_hosted.tf +++ b/examples/provider/resources/idp_gitlab_self_hosted.tf @@ -8,4 +8,5 @@ resource "zitadel_idp_gitlab_self_hosted" "default" { is_creation_allowed = true is_auto_creation = false is_auto_update = true + auto_linking = "AUTO_LINKING_OPTION_USERNAME" } diff --git a/examples/provider/resources/idp_google.tf b/examples/provider/resources/idp_google.tf index 2f009cec..db06ffbb 100644 --- a/examples/provider/resources/idp_google.tf +++ b/examples/provider/resources/idp_google.tf @@ -7,4 +7,5 @@ resource "zitadel_idp_google" "default" { is_creation_allowed = true is_auto_creation = false is_auto_update = true + auto_linking = "AUTO_LINKING_OPTION_USERNAME" } diff --git a/examples/provider/resources/idp_ldap.tf b/examples/provider/resources/idp_ldap.tf index ce3156f5..8b7ad24f 100644 --- a/examples/provider/resources/idp_ldap.tf +++ b/examples/provider/resources/idp_ldap.tf @@ -16,6 +16,7 @@ resource "zitadel_idp_ldap" "default" { is_creation_allowed = true is_auto_creation = false is_auto_update = true + auto_linking = "AUTO_LINKING_OPTION_USERNAME" } diff --git a/examples/provider/resources/idp_oauth.tf b/examples/provider/resources/idp_oauth.tf index 32b15f5c..3b5ea249 100644 --- a/examples/provider/resources/idp_oauth.tf +++ b/examples/provider/resources/idp_oauth.tf @@ -11,4 +11,5 @@ resource "zitadel_idp_oauth" "default" { is_creation_allowed = true is_auto_creation = false is_auto_update = true + auto_linking = "AUTO_LINKING_OPTION_USERNAME" } diff --git a/examples/provider/resources/idp_saml.tf b/examples/provider/resources/idp_saml.tf index afafb636..f5fc7e95 100644 --- a/examples/provider/resources/idp_saml.tf +++ b/examples/provider/resources/idp_saml.tf @@ -6,6 +6,7 @@ resource "zitadel_idp_saml" "default" { is_creation_allowed = true is_auto_creation = false is_auto_update = true + auto_linking = "AUTO_LINKING_OPTION_USERNAME" metadata_xml = < diff --git a/zitadel/idp_azure_ad/datasource.go b/zitadel/idp_azure_ad/datasource.go index 859f3139..2e2388a5 100644 --- a/zitadel/idp_azure_ad/datasource.go +++ b/zitadel/idp_azure_ad/datasource.go @@ -19,6 +19,7 @@ func GetDatasource() *schema.Resource { idp_utils.IsCreationAllowedVar: idp_utils.IsCreationAllowedDataSourceField, idp_utils.IsAutoCreationVar: idp_utils.IsAutoCreationDataSourceField, idp_utils.IsAutoUpdateVar: idp_utils.IsAutoUpdateDataSourceField, + idp_utils.AutoLinkingVar: idp_utils.AutoLinkingDataSourceField, TenantTypeVar: TenantTypeDataSourceField, TenantIDVar: TenantIDDataSourceField, EmailVerifiedVar: EmailVerifiedDataSourceField, diff --git a/zitadel/idp_azure_ad/funcs.go b/zitadel/idp_azure_ad/funcs.go index ffbd63a7..f14c5ae8 100644 --- a/zitadel/idp_azure_ad/funcs.go +++ b/zitadel/idp_azure_ad/funcs.go @@ -102,6 +102,7 @@ func read(ctx context.Context, d *schema.ResourceData, m interface{}) diag.Diagn idp_utils.IsCreationAllowedVar: generalCfg.GetIsCreationAllowed(), idp_utils.IsAutoCreationVar: generalCfg.GetIsAutoCreation(), idp_utils.IsAutoUpdateVar: generalCfg.GetIsAutoUpdate(), + idp_utils.AutoLinkingVar: idp_utils.AutoLinkingString(generalCfg.GetAutoLinking()), EmailVerifiedVar: specificCfg.GetEmailVerified(), TenantIDVar: tenantID, } diff --git a/zitadel/idp_azure_ad/resource.go b/zitadel/idp_azure_ad/resource.go index 50c1a601..4b126bcd 100644 --- a/zitadel/idp_azure_ad/resource.go +++ b/zitadel/idp_azure_ad/resource.go @@ -19,6 +19,7 @@ func GetResource() *schema.Resource { idp_utils.IsCreationAllowedVar: idp_utils.IsCreationAllowedResourceField, idp_utils.IsAutoCreationVar: idp_utils.IsAutoCreationResourceField, idp_utils.IsAutoUpdateVar: idp_utils.IsAutoUpdateResourceField, + idp_utils.AutoLinkingVar: idp_utils.AutoLinkingResourceField, TenantTypeVar: TenantTypeResourceField, TenantIDVar: TenantIDResourceField, EmailVerifiedVar: EmailVerifiedResourceField, diff --git a/zitadel/idp_github/datasource.go b/zitadel/idp_github/datasource.go index e55f3a20..042bd86a 100644 --- a/zitadel/idp_github/datasource.go +++ b/zitadel/idp_github/datasource.go @@ -19,6 +19,7 @@ func GetDatasource() *schema.Resource { idp_utils.IsCreationAllowedVar: idp_utils.IsCreationAllowedDataSourceField, idp_utils.IsAutoCreationVar: idp_utils.IsAutoCreationDataSourceField, idp_utils.IsAutoUpdateVar: idp_utils.IsAutoUpdateDataSourceField, + idp_utils.AutoLinkingVar: idp_utils.AutoLinkingDataSourceField, }, ReadContext: read, } diff --git a/zitadel/idp_github/funcs.go b/zitadel/idp_github/funcs.go index 2b705f1d..f63ccc7c 100644 --- a/zitadel/idp_github/funcs.go +++ b/zitadel/idp_github/funcs.go @@ -87,6 +87,7 @@ func read(ctx context.Context, d *schema.ResourceData, m interface{}) diag.Diagn idp_utils.IsCreationAllowedVar: generalCfg.GetIsCreationAllowed(), idp_utils.IsAutoCreationVar: generalCfg.GetIsAutoCreation(), idp_utils.IsAutoUpdateVar: generalCfg.GetIsAutoUpdate(), + idp_utils.AutoLinkingVar: idp_utils.AutoLinkingString(generalCfg.GetAutoLinking()), } for k, v := range set { if err := d.Set(k, v); err != nil { diff --git a/zitadel/idp_github/resource.go b/zitadel/idp_github/resource.go index 25dfb558..16512e87 100644 --- a/zitadel/idp_github/resource.go +++ b/zitadel/idp_github/resource.go @@ -19,6 +19,7 @@ func GetResource() *schema.Resource { idp_utils.IsCreationAllowedVar: idp_utils.IsCreationAllowedResourceField, idp_utils.IsAutoCreationVar: idp_utils.IsAutoCreationResourceField, idp_utils.IsAutoUpdateVar: idp_utils.IsAutoUpdateResourceField, + idp_utils.AutoLinkingVar: idp_utils.AutoLinkingResourceField, }, ReadContext: read, UpdateContext: update, diff --git a/zitadel/idp_github_es/datasource.go b/zitadel/idp_github_es/datasource.go index 647c15e1..f5a2cd40 100644 --- a/zitadel/idp_github_es/datasource.go +++ b/zitadel/idp_github_es/datasource.go @@ -19,6 +19,7 @@ func GetDatasource() *schema.Resource { idp_utils.IsCreationAllowedVar: idp_utils.IsCreationAllowedDataSourceField, idp_utils.IsAutoCreationVar: idp_utils.IsAutoCreationDataSourceField, idp_utils.IsAutoUpdateVar: idp_utils.IsAutoUpdateDataSourceField, + idp_utils.AutoLinkingVar: idp_utils.AutoLinkingDataSourceField, AuthorizationEndpointVar: AuthorizationEndpointDataSourceField, TokenEndpointVar: TokenEndpointDataSourceField, UserEndpointVar: UserEndpointDataSourceField, diff --git a/zitadel/idp_github_es/funcs.go b/zitadel/idp_github_es/funcs.go index f0e2f18a..f830b9f3 100644 --- a/zitadel/idp_github_es/funcs.go +++ b/zitadel/idp_github_es/funcs.go @@ -93,6 +93,7 @@ func read(ctx context.Context, d *schema.ResourceData, m interface{}) diag.Diagn idp_utils.IsCreationAllowedVar: generalCfg.GetIsCreationAllowed(), idp_utils.IsAutoCreationVar: generalCfg.GetIsAutoCreation(), idp_utils.IsAutoUpdateVar: generalCfg.GetIsAutoUpdate(), + idp_utils.AutoLinkingVar: idp_utils.AutoLinkingString(generalCfg.GetAutoLinking()), AuthorizationEndpointVar: specificCfg.GetAuthorizationEndpoint(), TokenEndpointVar: specificCfg.GetTokenEndpoint(), UserEndpointVar: specificCfg.GetUserEndpoint(), diff --git a/zitadel/idp_github_es/resource.go b/zitadel/idp_github_es/resource.go index b2a28cdb..dedf82c0 100644 --- a/zitadel/idp_github_es/resource.go +++ b/zitadel/idp_github_es/resource.go @@ -19,6 +19,7 @@ func GetResource() *schema.Resource { idp_utils.IsCreationAllowedVar: idp_utils.IsCreationAllowedResourceField, idp_utils.IsAutoCreationVar: idp_utils.IsAutoCreationResourceField, idp_utils.IsAutoUpdateVar: idp_utils.IsAutoUpdateResourceField, + idp_utils.AutoLinkingVar: idp_utils.AutoLinkingResourceField, AuthorizationEndpointVar: AuthorizationEndpointResourceField, TokenEndpointVar: TokenEndpointResourceField, UserEndpointVar: UserEndpointResourceField, diff --git a/zitadel/idp_gitlab/datasource.go b/zitadel/idp_gitlab/datasource.go index 1d50c34e..7dc67f41 100644 --- a/zitadel/idp_gitlab/datasource.go +++ b/zitadel/idp_gitlab/datasource.go @@ -19,6 +19,7 @@ func GetDatasource() *schema.Resource { idp_utils.IsCreationAllowedVar: idp_utils.IsCreationAllowedDataSourceField, idp_utils.IsAutoCreationVar: idp_utils.IsAutoCreationDataSourceField, idp_utils.IsAutoUpdateVar: idp_utils.IsAutoUpdateDataSourceField, + idp_utils.AutoLinkingVar: idp_utils.AutoLinkingDataSourceField, }, ReadContext: read, } diff --git a/zitadel/idp_gitlab/funcs.go b/zitadel/idp_gitlab/funcs.go index 4c5649d5..c1e75a8e 100644 --- a/zitadel/idp_gitlab/funcs.go +++ b/zitadel/idp_gitlab/funcs.go @@ -87,6 +87,7 @@ func read(ctx context.Context, d *schema.ResourceData, m interface{}) diag.Diagn idp_utils.IsCreationAllowedVar: generalCfg.GetIsCreationAllowed(), idp_utils.IsAutoCreationVar: generalCfg.GetIsAutoCreation(), idp_utils.IsAutoUpdateVar: generalCfg.GetIsAutoUpdate(), + idp_utils.AutoLinkingVar: idp_utils.AutoLinkingString(generalCfg.GetAutoLinking()), } for k, v := range set { if err := d.Set(k, v); err != nil { diff --git a/zitadel/idp_gitlab/resource.go b/zitadel/idp_gitlab/resource.go index b6a2100c..24ead925 100644 --- a/zitadel/idp_gitlab/resource.go +++ b/zitadel/idp_gitlab/resource.go @@ -19,6 +19,7 @@ func GetResource() *schema.Resource { idp_utils.IsCreationAllowedVar: idp_utils.IsCreationAllowedResourceField, idp_utils.IsAutoCreationVar: idp_utils.IsAutoCreationResourceField, idp_utils.IsAutoUpdateVar: idp_utils.IsAutoUpdateResourceField, + idp_utils.AutoLinkingVar: idp_utils.AutoLinkingResourceField, }, ReadContext: read, UpdateContext: update, diff --git a/zitadel/idp_gitlab_self_hosted/datasource.go b/zitadel/idp_gitlab_self_hosted/datasource.go index d72bf4f9..2537a50b 100644 --- a/zitadel/idp_gitlab_self_hosted/datasource.go +++ b/zitadel/idp_gitlab_self_hosted/datasource.go @@ -19,6 +19,7 @@ func GetDatasource() *schema.Resource { idp_utils.IsCreationAllowedVar: idp_utils.IsCreationAllowedDataSourceField, idp_utils.IsAutoCreationVar: idp_utils.IsAutoCreationDataSourceField, idp_utils.IsAutoUpdateVar: idp_utils.IsAutoUpdateDataSourceField, + idp_utils.AutoLinkingVar: idp_utils.AutoLinkingDataSourceField, IssuerVar: IssuerDataSourceField, }, ReadContext: read, diff --git a/zitadel/idp_gitlab_self_hosted/funcs.go b/zitadel/idp_gitlab_self_hosted/funcs.go index 1bc21742..188f7aee 100644 --- a/zitadel/idp_gitlab_self_hosted/funcs.go +++ b/zitadel/idp_gitlab_self_hosted/funcs.go @@ -89,6 +89,7 @@ func read(ctx context.Context, d *schema.ResourceData, m interface{}) diag.Diagn idp_utils.IsCreationAllowedVar: generalCfg.GetIsCreationAllowed(), idp_utils.IsAutoCreationVar: generalCfg.GetIsAutoCreation(), idp_utils.IsAutoUpdateVar: generalCfg.GetIsAutoUpdate(), + idp_utils.AutoLinkingVar: idp_utils.AutoLinkingString(generalCfg.GetAutoLinking()), IssuerVar: specificCfg.GetIssuer(), } for k, v := range set { diff --git a/zitadel/idp_gitlab_self_hosted/resource.go b/zitadel/idp_gitlab_self_hosted/resource.go index 3473c7cd..a340d879 100644 --- a/zitadel/idp_gitlab_self_hosted/resource.go +++ b/zitadel/idp_gitlab_self_hosted/resource.go @@ -19,6 +19,7 @@ func GetResource() *schema.Resource { idp_utils.IsCreationAllowedVar: idp_utils.IsCreationAllowedResourceField, idp_utils.IsAutoCreationVar: idp_utils.IsAutoCreationResourceField, idp_utils.IsAutoUpdateVar: idp_utils.IsAutoUpdateResourceField, + idp_utils.AutoLinkingVar: idp_utils.AutoLinkingResourceField, IssuerVar: IssuerResourceField, }, ReadContext: read, diff --git a/zitadel/idp_google/datasource.go b/zitadel/idp_google/datasource.go index 1d305d68..69e310ec 100644 --- a/zitadel/idp_google/datasource.go +++ b/zitadel/idp_google/datasource.go @@ -19,6 +19,7 @@ func GetDatasource() *schema.Resource { idp_utils.IsCreationAllowedVar: idp_utils.IsCreationAllowedDataSourceField, idp_utils.IsAutoCreationVar: idp_utils.IsAutoCreationDataSourceField, idp_utils.IsAutoUpdateVar: idp_utils.IsAutoUpdateDataSourceField, + idp_utils.AutoLinkingVar: idp_utils.AutoLinkingDataSourceField, }, ReadContext: read, } diff --git a/zitadel/idp_google/funcs.go b/zitadel/idp_google/funcs.go index 71833c83..c3821a03 100644 --- a/zitadel/idp_google/funcs.go +++ b/zitadel/idp_google/funcs.go @@ -87,6 +87,7 @@ func read(ctx context.Context, d *schema.ResourceData, m interface{}) diag.Diagn idp_utils.IsCreationAllowedVar: generalCfg.GetIsCreationAllowed(), idp_utils.IsAutoCreationVar: generalCfg.GetIsAutoCreation(), idp_utils.IsAutoUpdateVar: generalCfg.GetIsAutoUpdate(), + idp_utils.AutoLinkingVar: idp_utils.AutoLinkingString(generalCfg.GetAutoLinking()), } for k, v := range set { if err := d.Set(k, v); err != nil { diff --git a/zitadel/idp_google/resource.go b/zitadel/idp_google/resource.go index c7bb5581..b9282e93 100644 --- a/zitadel/idp_google/resource.go +++ b/zitadel/idp_google/resource.go @@ -19,6 +19,7 @@ func GetResource() *schema.Resource { idp_utils.IsCreationAllowedVar: idp_utils.IsCreationAllowedResourceField, idp_utils.IsAutoCreationVar: idp_utils.IsAutoCreationResourceField, idp_utils.IsAutoUpdateVar: idp_utils.IsAutoUpdateResourceField, + idp_utils.AutoLinkingVar: idp_utils.AutoLinkingResourceField, }, ReadContext: read, UpdateContext: update, diff --git a/zitadel/idp_ldap/datasource.go b/zitadel/idp_ldap/datasource.go index 5a472126..fcbef3f7 100644 --- a/zitadel/idp_ldap/datasource.go +++ b/zitadel/idp_ldap/datasource.go @@ -16,6 +16,7 @@ func GetDatasource() *schema.Resource { idp_utils.IsCreationAllowedVar: idp_utils.IsCreationAllowedDataSourceField, idp_utils.IsAutoCreationVar: idp_utils.IsAutoCreationDataSourceField, idp_utils.IsAutoUpdateVar: idp_utils.IsAutoUpdateDataSourceField, + idp_utils.AutoLinkingVar: idp_utils.AutoLinkingDataSourceField, ServersVar: ServersDataSourceField, StartTLSVar: StartTLSDataSourceField, diff --git a/zitadel/idp_ldap/funcs.go b/zitadel/idp_ldap/funcs.go index a38feee4..ee4989cb 100644 --- a/zitadel/idp_ldap/funcs.go +++ b/zitadel/idp_ldap/funcs.go @@ -143,6 +143,7 @@ func read(ctx context.Context, d *schema.ResourceData, m interface{}) diag.Diagn idp_utils.IsCreationAllowedVar: generalCfg.GetIsCreationAllowed(), idp_utils.IsAutoCreationVar: generalCfg.GetIsAutoCreation(), idp_utils.IsAutoUpdateVar: generalCfg.GetIsAutoUpdate(), + idp_utils.AutoLinkingVar: idp_utils.AutoLinkingString(generalCfg.GetAutoLinking()), ServersVar: specificCfg.GetServers(), StartTLSVar: specificCfg.GetStartTls(), diff --git a/zitadel/idp_ldap/resource.go b/zitadel/idp_ldap/resource.go index f40daa0d..0cf3d7ca 100644 --- a/zitadel/idp_ldap/resource.go +++ b/zitadel/idp_ldap/resource.go @@ -16,6 +16,7 @@ func GetResource() *schema.Resource { idp_utils.IsCreationAllowedVar: idp_utils.IsCreationAllowedResourceField, idp_utils.IsAutoCreationVar: idp_utils.IsAutoCreationResourceField, idp_utils.IsAutoUpdateVar: idp_utils.IsAutoUpdateResourceField, + idp_utils.AutoLinkingVar: idp_utils.AutoLinkingResourceField, ServersVar: ServersResourceField, StartTLSVar: StartTLSResourceField, diff --git a/zitadel/idp_oauth/datasource.go b/zitadel/idp_oauth/datasource.go index 8de2d938..e98a38ce 100644 --- a/zitadel/idp_oauth/datasource.go +++ b/zitadel/idp_oauth/datasource.go @@ -23,6 +23,7 @@ func GetDatasource() *schema.Resource { idp_utils.IsCreationAllowedVar: idp_utils.IsCreationAllowedDataSourceField, idp_utils.IsAutoCreationVar: idp_utils.IsAutoCreationDataSourceField, idp_utils.IsAutoUpdateVar: idp_utils.IsAutoUpdateDataSourceField, + idp_utils.AutoLinkingVar: idp_utils.AutoLinkingDataSourceField, }, ReadContext: read, } diff --git a/zitadel/idp_oauth/funcs.go b/zitadel/idp_oauth/funcs.go index 2a1516e5..f5ae1673 100644 --- a/zitadel/idp_oauth/funcs.go +++ b/zitadel/idp_oauth/funcs.go @@ -99,6 +99,7 @@ func read(ctx context.Context, d *schema.ResourceData, m interface{}) diag.Diagn idp_utils.IsCreationAllowedVar: generalCfg.GetIsCreationAllowed(), idp_utils.IsAutoCreationVar: generalCfg.GetIsAutoCreation(), idp_utils.IsAutoUpdateVar: generalCfg.GetIsAutoUpdate(), + idp_utils.AutoLinkingVar: idp_utils.AutoLinkingString(generalCfg.GetAutoLinking()), } for k, v := range set { if err := d.Set(k, v); err != nil { diff --git a/zitadel/idp_oauth/resource.go b/zitadel/idp_oauth/resource.go index 1d4cab6d..d84f0bd0 100644 --- a/zitadel/idp_oauth/resource.go +++ b/zitadel/idp_oauth/resource.go @@ -23,6 +23,7 @@ func GetResource() *schema.Resource { idp_utils.IsCreationAllowedVar: idp_utils.IsCreationAllowedResourceField, idp_utils.IsAutoCreationVar: idp_utils.IsAutoCreationResourceField, idp_utils.IsAutoUpdateVar: idp_utils.IsAutoUpdateResourceField, + idp_utils.AutoLinkingVar: idp_utils.AutoLinkingResourceField, }, ReadContext: read, UpdateContext: update, diff --git a/zitadel/idp_saml/datasource.go b/zitadel/idp_saml/datasource.go index f2edb1b1..4d21567c 100644 --- a/zitadel/idp_saml/datasource.go +++ b/zitadel/idp_saml/datasource.go @@ -19,6 +19,7 @@ func GetDatasource() *schema.Resource { idp_utils.IsCreationAllowedVar: idp_utils.IsCreationAllowedDataSourceField, idp_utils.IsAutoCreationVar: idp_utils.IsAutoCreationDataSourceField, idp_utils.IsAutoUpdateVar: idp_utils.IsAutoUpdateDataSourceField, + idp_utils.AutoLinkingVar: idp_utils.AutoLinkingDataSourceField, }, ReadContext: read, } diff --git a/zitadel/idp_saml/funcs.go b/zitadel/idp_saml/funcs.go index 00dcbb21..c10bc089 100644 --- a/zitadel/idp_saml/funcs.go +++ b/zitadel/idp_saml/funcs.go @@ -88,6 +88,7 @@ func read(ctx context.Context, d *schema.ResourceData, m interface{}) diag.Diagn idp_utils.IsCreationAllowedVar: generalCfg.GetIsCreationAllowed(), idp_utils.IsAutoCreationVar: generalCfg.GetIsAutoCreation(), idp_utils.IsAutoUpdateVar: generalCfg.GetIsAutoUpdate(), + idp_utils.AutoLinkingVar: idp_utils.AutoLinkingString(generalCfg.GetAutoLinking()), } for k, v := range set { if err := d.Set(k, v); err != nil { diff --git a/zitadel/idp_saml/resource.go b/zitadel/idp_saml/resource.go index 434e7750..9cf999fb 100644 --- a/zitadel/idp_saml/resource.go +++ b/zitadel/idp_saml/resource.go @@ -19,6 +19,7 @@ func GetResource() *schema.Resource { idp_utils.IsCreationAllowedVar: idp_utils.IsCreationAllowedResourceField, idp_utils.IsAutoCreationVar: idp_utils.IsAutoCreationResourceField, idp_utils.IsAutoUpdateVar: idp_utils.IsAutoUpdateResourceField, + idp_utils.AutoLinkingVar: idp_utils.AutoLinkingResourceField, }, ReadContext: read, UpdateContext: update, diff --git a/zitadel/idp_utils/funcs.go b/zitadel/idp_utils/funcs.go index 619cad7a..81f14d38 100644 --- a/zitadel/idp_utils/funcs.go +++ b/zitadel/idp_utils/funcs.go @@ -39,12 +39,21 @@ func ScopesValue(d *schema.ResourceData) []string { return helper.GetOkSetToStringSlice(d, ScopesVar) } +func AutoLinkingValue(d *schema.ResourceData, attributeVar string) idp.AutoLinkingOption { + return idp.AutoLinkingOption(idp.AutoLinkingOption_value[StringValue(d, attributeVar)]) +} + +func AutoLinkingString(value idp.AutoLinkingOption) string { + return idp.AutoLinkingOption_name[int32(value)] +} + func ProviderOptionsValue(d *schema.ResourceData) *idp.Options { return &idp.Options{ IsLinkingAllowed: BoolValue(d, IsLinkingAllowedVar), IsCreationAllowed: BoolValue(d, IsCreationAllowedVar), IsAutoUpdate: BoolValue(d, IsAutoUpdateVar), IsAutoCreation: BoolValue(d, IsAutoCreationVar), + AutoLinking: AutoLinkingValue(d, AutoLinkingVar), } } diff --git a/zitadel/idp_utils/schema.go b/zitadel/idp_utils/schema.go index 9be0294b..6273639d 100644 --- a/zitadel/idp_utils/schema.go +++ b/zitadel/idp_utils/schema.go @@ -1,6 +1,13 @@ package idp_utils -import "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" +import ( + "github.com/hashicorp/go-cty/cty" + "github.com/hashicorp/terraform-plugin-sdk/v2/diag" + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" + "github.com/zitadel/zitadel-go/v3/pkg/client/zitadel/idp" + + "github.com/zitadel/terraform-provider-zitadel/v2/zitadel/helper" +) const ( IdpIDVar = "id" @@ -12,6 +19,7 @@ const ( IsCreationAllowedVar = "is_creation_allowed" IsAutoCreationVar = "is_auto_creation" IsAutoUpdateVar = "is_auto_update" + AutoLinkingVar = "auto_linking" ) var ( @@ -108,4 +116,18 @@ var ( Computed: true, Description: "enabled if a the ZITADEL account fields are updated automatically on each login", } + AutoLinkingResourceField = &schema.Schema{ + Type: schema.TypeString, + Required: true, + Description: "Enable if users should get prompted to link an existing ZITADEL user to an external account if the selected attribute matches" + helper.DescriptionEnumValuesList(idp.AutoLinkingOption_name), + ValidateDiagFunc: func(value interface{}, path cty.Path) diag.Diagnostics { + return helper.EnumValueValidation(AutoLinkingVar, value, idp.AutoLinkingOption_value) + }, + Default: idp.AutoLinkingOption_name[0], + } + AutoLinkingDataSourceField = &schema.Schema{ + Type: schema.TypeString, + Computed: true, + Description: "Enable if users should get prompted to link an existing ZITADEL user to an external account if the selected attribute matches" + helper.DescriptionEnumValuesList(idp.AutoLinkingOption_name), + } ) From 83907f4cb24dd155a10de610d7bbb9e6b78cd1fe Mon Sep 17 00:00:00 2001 From: Stefan Benz <46600784+stebenz@users.noreply.github.com> Date: Tue, 17 Dec 2024 11:03:10 +0100 Subject: [PATCH 2/5] fix: add auto linking to org idps --- docs/data-sources/org_idp_azure_ad.md | 1 + docs/data-sources/org_idp_github.md | 1 + docs/data-sources/org_idp_github_es.md | 1 + docs/data-sources/org_idp_gitlab.md | 1 + docs/data-sources/org_idp_gitlab_self_hosted.md | 1 + docs/data-sources/org_idp_google.md | 1 + docs/data-sources/org_idp_ldap.md | 1 + docs/data-sources/org_idp_oauth.md | 1 + docs/data-sources/org_idp_saml.md | 1 + docs/data-sources/org_oidc_idp.md | 1 + docs/resources/org_idp_azure_ad.md | 4 +++- docs/resources/org_idp_github.md | 2 ++ docs/resources/org_idp_github_es.md | 2 ++ docs/resources/org_idp_gitlab.md | 2 ++ docs/resources/org_idp_gitlab_self_hosted.md | 2 ++ docs/resources/org_idp_google.md | 2 ++ docs/resources/org_idp_ldap.md | 2 ++ docs/resources/org_idp_oauth.md | 2 ++ docs/resources/org_idp_oidc.md | 2 ++ docs/resources/org_idp_saml.md | 2 ++ examples/provider/resources/org_idp_azure_ad.tf | 3 ++- examples/provider/resources/org_idp_github.tf | 1 + examples/provider/resources/org_idp_github_es.tf | 1 + examples/provider/resources/org_idp_gitlab.tf | 1 + examples/provider/resources/org_idp_gitlab_self_hosted.tf | 1 + examples/provider/resources/org_idp_google.tf | 1 + examples/provider/resources/org_idp_ldap.tf | 1 + examples/provider/resources/org_idp_oauth.tf | 1 + examples/provider/resources/org_idp_oidc.tf | 1 + examples/provider/resources/org_idp_saml.tf | 1 + zitadel/org_idp_azure_ad/datasource.go | 1 + zitadel/org_idp_azure_ad/funcs.go | 1 + zitadel/org_idp_azure_ad/resource.go | 1 + zitadel/org_idp_github/datasource.go | 1 + zitadel/org_idp_github/funcs.go | 1 + zitadel/org_idp_github/resource.go | 1 + zitadel/org_idp_github_es/datasource.go | 1 + zitadel/org_idp_github_es/funcs.go | 1 + zitadel/org_idp_github_es/resource.go | 1 + zitadel/org_idp_gitlab/datasource.go | 1 + zitadel/org_idp_gitlab/funcs.go | 1 + zitadel/org_idp_gitlab/resource.go | 1 + zitadel/org_idp_gitlab_self_hosted/datasource.go | 1 + zitadel/org_idp_gitlab_self_hosted/funcs.go | 1 + zitadel/org_idp_gitlab_self_hosted/resource.go | 1 + zitadel/org_idp_google/datasource.go | 1 + zitadel/org_idp_google/funcs.go | 1 + zitadel/org_idp_google/resource.go | 1 + zitadel/org_idp_ldap/datasource.go | 1 + zitadel/org_idp_ldap/funcs.go | 1 + zitadel/org_idp_ldap/resource.go | 1 + zitadel/org_idp_oauth/datasource.go | 1 + zitadel/org_idp_oauth/funcs.go | 1 + zitadel/org_idp_oauth/resource.go | 1 + zitadel/org_idp_oidc/datasource.go | 1 + zitadel/org_idp_oidc/funcs.go | 1 + zitadel/org_idp_oidc/resource.go | 1 + zitadel/org_idp_saml/datasource.go | 1 + zitadel/org_idp_saml/funcs.go | 1 + zitadel/org_idp_saml/resource.go | 1 + 60 files changed, 72 insertions(+), 2 deletions(-) diff --git a/docs/data-sources/org_idp_azure_ad.md b/docs/data-sources/org_idp_azure_ad.md index 407ac8d5..d6b4ae4d 100644 --- a/docs/data-sources/org_idp_azure_ad.md +++ b/docs/data-sources/org_idp_azure_ad.md @@ -31,6 +31,7 @@ data "zitadel_org_idp_azure_ad" "default" { ### Read-Only +- `auto_linking` (String) Enable if users should get prompted to link an existing ZITADEL user to an external account if the selected attribute matches, supported values: AUTO_LINKING_OPTION_UNSPECIFIED, AUTO_LINKING_OPTION_USERNAME, AUTO_LINKING_OPTION_EMAIL - `client_id` (String) client id generated by the identity provider - `client_secret` (String, Sensitive) client secret generated by the identity provider - `email_verified` (Boolean) automatically mark emails as verified diff --git a/docs/data-sources/org_idp_github.md b/docs/data-sources/org_idp_github.md index b2348903..0c93bfb1 100644 --- a/docs/data-sources/org_idp_github.md +++ b/docs/data-sources/org_idp_github.md @@ -31,6 +31,7 @@ data "zitadel_org_idp_github" "default" { ### Read-Only +- `auto_linking` (String) Enable if users should get prompted to link an existing ZITADEL user to an external account if the selected attribute matches, supported values: AUTO_LINKING_OPTION_UNSPECIFIED, AUTO_LINKING_OPTION_USERNAME, AUTO_LINKING_OPTION_EMAIL - `client_id` (String) client id generated by the identity provider - `client_secret` (String, Sensitive) client secret generated by the identity provider - `is_auto_creation` (Boolean) enabled if a new account in ZITADEL are created automatically on login with an external account diff --git a/docs/data-sources/org_idp_github_es.md b/docs/data-sources/org_idp_github_es.md index b2f1dfa1..8ba57678 100644 --- a/docs/data-sources/org_idp_github_es.md +++ b/docs/data-sources/org_idp_github_es.md @@ -32,6 +32,7 @@ data "zitadel_org_idp_github_es" "default" { ### Read-Only - `authorization_endpoint` (String) the providers authorization endpoint +- `auto_linking` (String) Enable if users should get prompted to link an existing ZITADEL user to an external account if the selected attribute matches, supported values: AUTO_LINKING_OPTION_UNSPECIFIED, AUTO_LINKING_OPTION_USERNAME, AUTO_LINKING_OPTION_EMAIL - `client_id` (String) client id generated by the identity provider - `client_secret` (String, Sensitive) client secret generated by the identity provider - `is_auto_creation` (Boolean) enabled if a new account in ZITADEL are created automatically on login with an external account diff --git a/docs/data-sources/org_idp_gitlab.md b/docs/data-sources/org_idp_gitlab.md index e2c0153b..427316d5 100644 --- a/docs/data-sources/org_idp_gitlab.md +++ b/docs/data-sources/org_idp_gitlab.md @@ -31,6 +31,7 @@ data "zitadel_org_idp_gitlab" "default" { ### Read-Only +- `auto_linking` (String) Enable if users should get prompted to link an existing ZITADEL user to an external account if the selected attribute matches, supported values: AUTO_LINKING_OPTION_UNSPECIFIED, AUTO_LINKING_OPTION_USERNAME, AUTO_LINKING_OPTION_EMAIL - `client_id` (String) client id generated by the identity provider - `client_secret` (String, Sensitive) client secret generated by the identity provider - `is_auto_creation` (Boolean) enabled if a new account in ZITADEL are created automatically on login with an external account diff --git a/docs/data-sources/org_idp_gitlab_self_hosted.md b/docs/data-sources/org_idp_gitlab_self_hosted.md index 3853afeb..7f8e6fde 100644 --- a/docs/data-sources/org_idp_gitlab_self_hosted.md +++ b/docs/data-sources/org_idp_gitlab_self_hosted.md @@ -31,6 +31,7 @@ data "zitadel_org_idp_gitlab_self_hosted" "default" { ### Read-Only +- `auto_linking` (String) Enable if users should get prompted to link an existing ZITADEL user to an external account if the selected attribute matches, supported values: AUTO_LINKING_OPTION_UNSPECIFIED, AUTO_LINKING_OPTION_USERNAME, AUTO_LINKING_OPTION_EMAIL - `client_id` (String) client id generated by the identity provider - `client_secret` (String, Sensitive) client secret generated by the identity provider - `is_auto_creation` (Boolean) enabled if a new account in ZITADEL are created automatically on login with an external account diff --git a/docs/data-sources/org_idp_google.md b/docs/data-sources/org_idp_google.md index 24f31e35..8832aaac 100644 --- a/docs/data-sources/org_idp_google.md +++ b/docs/data-sources/org_idp_google.md @@ -31,6 +31,7 @@ data "zitadel_org_idp_google" "default" { ### Read-Only +- `auto_linking` (String) Enable if users should get prompted to link an existing ZITADEL user to an external account if the selected attribute matches, supported values: AUTO_LINKING_OPTION_UNSPECIFIED, AUTO_LINKING_OPTION_USERNAME, AUTO_LINKING_OPTION_EMAIL - `client_id` (String) client id generated by the identity provider - `client_secret` (String, Sensitive) client secret generated by the identity provider - `is_auto_creation` (Boolean) enabled if a new account in ZITADEL are created automatically on login with an external account diff --git a/docs/data-sources/org_idp_ldap.md b/docs/data-sources/org_idp_ldap.md index b9c23273..5821a557 100644 --- a/docs/data-sources/org_idp_ldap.md +++ b/docs/data-sources/org_idp_ldap.md @@ -31,6 +31,7 @@ data "zitadel_org_idp_ldap" "default" { ### Read-Only +- `auto_linking` (String) Enable if users should get prompted to link an existing ZITADEL user to an external account if the selected attribute matches, supported values: AUTO_LINKING_OPTION_UNSPECIFIED, AUTO_LINKING_OPTION_USERNAME, AUTO_LINKING_OPTION_EMAIL - `avatar_url_attribute` (String) User attribute for the avatar url - `base_dn` (String) Base DN for LDAP connections - `bind_dn` (String) Bind DN for LDAP connections diff --git a/docs/data-sources/org_idp_oauth.md b/docs/data-sources/org_idp_oauth.md index 51bc12b3..a72e474f 100644 --- a/docs/data-sources/org_idp_oauth.md +++ b/docs/data-sources/org_idp_oauth.md @@ -32,6 +32,7 @@ data "zitadel_org_idp_oauth" "default" { ### Read-Only - `authorization_endpoint` (String) The authorization endpoint +- `auto_linking` (String) Enable if users should get prompted to link an existing ZITADEL user to an external account if the selected attribute matches, supported values: AUTO_LINKING_OPTION_UNSPECIFIED, AUTO_LINKING_OPTION_USERNAME, AUTO_LINKING_OPTION_EMAIL - `client_id` (String) client id generated by the identity provider - `client_secret` (String, Sensitive) client secret generated by the identity provider - `id_attribute` (String) The id attribute diff --git a/docs/data-sources/org_idp_saml.md b/docs/data-sources/org_idp_saml.md index 5562f478..3a547e2e 100644 --- a/docs/data-sources/org_idp_saml.md +++ b/docs/data-sources/org_idp_saml.md @@ -31,6 +31,7 @@ data "zitadel_org_idp_saml" "default" { ### Read-Only +- `auto_linking` (String) Enable if users should get prompted to link an existing ZITADEL user to an external account if the selected attribute matches, supported values: AUTO_LINKING_OPTION_UNSPECIFIED, AUTO_LINKING_OPTION_USERNAME, AUTO_LINKING_OPTION_EMAIL - `binding` (String) The binding - `is_auto_creation` (Boolean) enabled if a new account in ZITADEL are created automatically on login with an external account - `is_auto_update` (Boolean) enabled if a the ZITADEL account fields are updated automatically on each login diff --git a/docs/data-sources/org_oidc_idp.md b/docs/data-sources/org_oidc_idp.md index 1cfd6e33..89c4b3ae 100644 --- a/docs/data-sources/org_oidc_idp.md +++ b/docs/data-sources/org_oidc_idp.md @@ -35,6 +35,7 @@ output "org_oidc_idp" { ### Read-Only +- `auto_linking` (String) Enable if users should get prompted to link an existing ZITADEL user to an external account if the selected attribute matches, supported values: AUTO_LINKING_OPTION_UNSPECIFIED, AUTO_LINKING_OPTION_USERNAME, AUTO_LINKING_OPTION_EMAIL - `client_id` (String) client id generated by the identity provider - `client_secret` (String, Sensitive) client secret generated by the identity provider - `is_auto_creation` (Boolean) enabled if a new account in ZITADEL are created automatically on login with an external account diff --git a/docs/resources/org_idp_azure_ad.md b/docs/resources/org_idp_azure_ad.md index 0ebf9e47..53de1c83 100644 --- a/docs/resources/org_idp_azure_ad.md +++ b/docs/resources/org_idp_azure_ad.md @@ -17,13 +17,14 @@ resource "zitadel_org_idp_azure_ad" "default" { name = "Azure AD" client_id = "9065bfc8-a08a..." client_secret = "H2n***" - scopes = ["openid", "profile", "email", "User.Read"] + scopes = ["openid", "profile", "email", "User.Read"] tenant_type = "AZURE_AD_TENANT_TYPE_ORGANISATIONS" email_verified = true is_linking_allowed = false is_creation_allowed = true is_auto_creation = false is_auto_update = true + auto_linking = "AUTO_LINKING_OPTION_USERNAME" } ``` @@ -32,6 +33,7 @@ resource "zitadel_org_idp_azure_ad" "default" { ### Required +- `auto_linking` (String) Enable if users should get prompted to link an existing ZITADEL user to an external account if the selected attribute matches, supported values: AUTO_LINKING_OPTION_UNSPECIFIED, AUTO_LINKING_OPTION_USERNAME, AUTO_LINKING_OPTION_EMAIL - `client_id` (String) client id generated by the identity provider - `client_secret` (String, Sensitive) client secret generated by the identity provider - `email_verified` (Boolean) automatically mark emails as verified diff --git a/docs/resources/org_idp_github.md b/docs/resources/org_idp_github.md index 1e24f703..ca289375 100644 --- a/docs/resources/org_idp_github.md +++ b/docs/resources/org_idp_github.md @@ -22,6 +22,7 @@ resource "zitadel_org_idp_github" "default" { is_creation_allowed = true is_auto_creation = false is_auto_update = true + auto_linking = "AUTO_LINKING_OPTION_USERNAME" } ``` @@ -30,6 +31,7 @@ resource "zitadel_org_idp_github" "default" { ### Required +- `auto_linking` (String) Enable if users should get prompted to link an existing ZITADEL user to an external account if the selected attribute matches, supported values: AUTO_LINKING_OPTION_UNSPECIFIED, AUTO_LINKING_OPTION_USERNAME, AUTO_LINKING_OPTION_EMAIL - `client_id` (String) client id generated by the identity provider - `client_secret` (String, Sensitive) client secret generated by the identity provider - `is_auto_creation` (Boolean) enable if a new account in ZITADEL should be created automatically on login with an external account diff --git a/docs/resources/org_idp_github_es.md b/docs/resources/org_idp_github_es.md index 53473540..c3476ac8 100644 --- a/docs/resources/org_idp_github_es.md +++ b/docs/resources/org_idp_github_es.md @@ -25,6 +25,7 @@ resource "zitadel_org_idp_github_es" "default" { is_creation_allowed = true is_auto_creation = false is_auto_update = true + auto_linking = "AUTO_LINKING_OPTION_USERNAME" } ``` @@ -34,6 +35,7 @@ resource "zitadel_org_idp_github_es" "default" { ### Required - `authorization_endpoint` (String) the providers authorization endpoint +- `auto_linking` (String) Enable if users should get prompted to link an existing ZITADEL user to an external account if the selected attribute matches, supported values: AUTO_LINKING_OPTION_UNSPECIFIED, AUTO_LINKING_OPTION_USERNAME, AUTO_LINKING_OPTION_EMAIL - `client_id` (String) client id generated by the identity provider - `client_secret` (String, Sensitive) client secret generated by the identity provider - `is_auto_creation` (Boolean) enable if a new account in ZITADEL should be created automatically on login with an external account diff --git a/docs/resources/org_idp_gitlab.md b/docs/resources/org_idp_gitlab.md index 9f1aa4ce..888db4f9 100644 --- a/docs/resources/org_idp_gitlab.md +++ b/docs/resources/org_idp_gitlab.md @@ -22,6 +22,7 @@ resource "zitadel_org_idp_gitlab" "default" { is_creation_allowed = true is_auto_creation = false is_auto_update = true + auto_linking = "AUTO_LINKING_OPTION_USERNAME" } ``` @@ -30,6 +31,7 @@ resource "zitadel_org_idp_gitlab" "default" { ### Required +- `auto_linking` (String) Enable if users should get prompted to link an existing ZITADEL user to an external account if the selected attribute matches, supported values: AUTO_LINKING_OPTION_UNSPECIFIED, AUTO_LINKING_OPTION_USERNAME, AUTO_LINKING_OPTION_EMAIL - `client_id` (String) client id generated by the identity provider - `client_secret` (String, Sensitive) client secret generated by the identity provider - `is_auto_creation` (Boolean) enable if a new account in ZITADEL should be created automatically on login with an external account diff --git a/docs/resources/org_idp_gitlab_self_hosted.md b/docs/resources/org_idp_gitlab_self_hosted.md index 3af62891..ee146979 100644 --- a/docs/resources/org_idp_gitlab_self_hosted.md +++ b/docs/resources/org_idp_gitlab_self_hosted.md @@ -23,6 +23,7 @@ resource "zitadel_org_idp_gitlab_self_hosted" "default" { is_creation_allowed = true is_auto_creation = false is_auto_update = true + auto_linking = "AUTO_LINKING_OPTION_USERNAME" } ``` @@ -31,6 +32,7 @@ resource "zitadel_org_idp_gitlab_self_hosted" "default" { ### Required +- `auto_linking` (String) Enable if users should get prompted to link an existing ZITADEL user to an external account if the selected attribute matches, supported values: AUTO_LINKING_OPTION_UNSPECIFIED, AUTO_LINKING_OPTION_USERNAME, AUTO_LINKING_OPTION_EMAIL - `client_id` (String) client id generated by the identity provider - `client_secret` (String, Sensitive) client secret generated by the identity provider - `is_auto_creation` (Boolean) enable if a new account in ZITADEL should be created automatically on login with an external account diff --git a/docs/resources/org_idp_google.md b/docs/resources/org_idp_google.md index a46a102c..e3c7c512 100644 --- a/docs/resources/org_idp_google.md +++ b/docs/resources/org_idp_google.md @@ -22,6 +22,7 @@ resource "zitadel_org_idp_google" "default" { is_creation_allowed = true is_auto_creation = false is_auto_update = true + auto_linking = "AUTO_LINKING_OPTION_USERNAME" } ``` @@ -30,6 +31,7 @@ resource "zitadel_org_idp_google" "default" { ### Required +- `auto_linking` (String) Enable if users should get prompted to link an existing ZITADEL user to an external account if the selected attribute matches, supported values: AUTO_LINKING_OPTION_UNSPECIFIED, AUTO_LINKING_OPTION_USERNAME, AUTO_LINKING_OPTION_EMAIL - `client_id` (String) client id generated by the identity provider - `client_secret` (String, Sensitive) client secret generated by the identity provider - `is_auto_creation` (Boolean) enable if a new account in ZITADEL should be created automatically on login with an external account diff --git a/docs/resources/org_idp_ldap.md b/docs/resources/org_idp_ldap.md index 36019a24..eedc9eb6 100644 --- a/docs/resources/org_idp_ldap.md +++ b/docs/resources/org_idp_ldap.md @@ -31,6 +31,7 @@ resource "zitadel_org_idp_ldap" "default" { is_creation_allowed = true is_auto_creation = false is_auto_update = true + auto_linking = "AUTO_LINKING_OPTION_USERNAME" } ``` @@ -39,6 +40,7 @@ resource "zitadel_org_idp_ldap" "default" { ### Required +- `auto_linking` (String) Enable if users should get prompted to link an existing ZITADEL user to an external account if the selected attribute matches, supported values: AUTO_LINKING_OPTION_UNSPECIFIED, AUTO_LINKING_OPTION_USERNAME, AUTO_LINKING_OPTION_EMAIL - `base_dn` (String) Base DN for LDAP connections - `bind_dn` (String) Bind DN for LDAP connections - `bind_password` (String, Sensitive) Bind password for LDAP connections diff --git a/docs/resources/org_idp_oauth.md b/docs/resources/org_idp_oauth.md index ef590fc9..2d925b4f 100644 --- a/docs/resources/org_idp_oauth.md +++ b/docs/resources/org_idp_oauth.md @@ -26,6 +26,7 @@ resource "zitadel_org_idp_oauth" "default" { is_creation_allowed = true is_auto_creation = false is_auto_update = true + auto_linking = "AUTO_LINKING_OPTION_USERNAME" } ``` @@ -35,6 +36,7 @@ resource "zitadel_org_idp_oauth" "default" { ### Required - `authorization_endpoint` (String) The authorization endpoint +- `auto_linking` (String) Enable if users should get prompted to link an existing ZITADEL user to an external account if the selected attribute matches, supported values: AUTO_LINKING_OPTION_UNSPECIFIED, AUTO_LINKING_OPTION_USERNAME, AUTO_LINKING_OPTION_EMAIL - `client_id` (String) client id generated by the identity provider - `client_secret` (String, Sensitive) client secret generated by the identity provider - `id_attribute` (String) The id attribute diff --git a/docs/resources/org_idp_oidc.md b/docs/resources/org_idp_oidc.md index 8829620a..d2eafcd0 100644 --- a/docs/resources/org_idp_oidc.md +++ b/docs/resources/org_idp_oidc.md @@ -24,6 +24,7 @@ resource "zitadel_org_idp_oidc" "default" { is_auto_creation = false is_auto_update = true is_id_token_mapping = true + auto_linking = "AUTO_LINKING_OPTION_USERNAME" } ``` @@ -32,6 +33,7 @@ resource "zitadel_org_idp_oidc" "default" { ### Required +- `auto_linking` (String) Enable if users should get prompted to link an existing ZITADEL user to an external account if the selected attribute matches, supported values: AUTO_LINKING_OPTION_UNSPECIFIED, AUTO_LINKING_OPTION_USERNAME, AUTO_LINKING_OPTION_EMAIL - `client_id` (String) client id generated by the identity provider - `client_secret` (String, Sensitive) client secret generated by the identity provider - `is_auto_creation` (Boolean) enable if a new account in ZITADEL should be created automatically on login with an external account diff --git a/docs/resources/org_idp_saml.md b/docs/resources/org_idp_saml.md index 9b7e0fc9..e6d6000a 100644 --- a/docs/resources/org_idp_saml.md +++ b/docs/resources/org_idp_saml.md @@ -21,6 +21,7 @@ resource "zitadel_org_idp_saml" "default" { is_creation_allowed = true is_auto_creation = false is_auto_update = true + auto_linking = "AUTO_LINKING_OPTION_USERNAME" metadata_xml = < @@ -61,6 +62,7 @@ EOM ### Required +- `auto_linking` (String) Enable if users should get prompted to link an existing ZITADEL user to an external account if the selected attribute matches, supported values: AUTO_LINKING_OPTION_UNSPECIFIED, AUTO_LINKING_OPTION_USERNAME, AUTO_LINKING_OPTION_EMAIL - `is_auto_creation` (Boolean) enable if a new account in ZITADEL should be created automatically on login with an external account - `is_auto_update` (Boolean) enable if a the ZITADEL account fields should be updated automatically on each login - `is_creation_allowed` (Boolean) enable if users should be able to create a new account in ZITADEL when using an external account diff --git a/examples/provider/resources/org_idp_azure_ad.tf b/examples/provider/resources/org_idp_azure_ad.tf index f6666dbc..fc6d7e7f 100644 --- a/examples/provider/resources/org_idp_azure_ad.tf +++ b/examples/provider/resources/org_idp_azure_ad.tf @@ -3,11 +3,12 @@ resource "zitadel_org_idp_azure_ad" "default" { name = "Azure AD" client_id = "9065bfc8-a08a..." client_secret = "H2n***" - scopes = ["openid", "profile", "email", "User.Read"] + scopes = ["openid", "profile", "email", "User.Read"] tenant_type = "AZURE_AD_TENANT_TYPE_ORGANISATIONS" email_verified = true is_linking_allowed = false is_creation_allowed = true is_auto_creation = false is_auto_update = true + auto_linking = "AUTO_LINKING_OPTION_USERNAME" } diff --git a/examples/provider/resources/org_idp_github.tf b/examples/provider/resources/org_idp_github.tf index 1261247f..ba6127e3 100644 --- a/examples/provider/resources/org_idp_github.tf +++ b/examples/provider/resources/org_idp_github.tf @@ -8,4 +8,5 @@ resource "zitadel_org_idp_github" "default" { is_creation_allowed = true is_auto_creation = false is_auto_update = true + auto_linking = "AUTO_LINKING_OPTION_USERNAME" } diff --git a/examples/provider/resources/org_idp_github_es.tf b/examples/provider/resources/org_idp_github_es.tf index 2243681d..2f0f16c4 100644 --- a/examples/provider/resources/org_idp_github_es.tf +++ b/examples/provider/resources/org_idp_github_es.tf @@ -11,4 +11,5 @@ resource "zitadel_org_idp_github_es" "default" { is_creation_allowed = true is_auto_creation = false is_auto_update = true + auto_linking = "AUTO_LINKING_OPTION_USERNAME" } diff --git a/examples/provider/resources/org_idp_gitlab.tf b/examples/provider/resources/org_idp_gitlab.tf index 4f4dcfa8..2f75ddb0 100644 --- a/examples/provider/resources/org_idp_gitlab.tf +++ b/examples/provider/resources/org_idp_gitlab.tf @@ -8,4 +8,5 @@ resource "zitadel_org_idp_gitlab" "default" { is_creation_allowed = true is_auto_creation = false is_auto_update = true + auto_linking = "AUTO_LINKING_OPTION_USERNAME" } diff --git a/examples/provider/resources/org_idp_gitlab_self_hosted.tf b/examples/provider/resources/org_idp_gitlab_self_hosted.tf index fc64307e..43072ea0 100644 --- a/examples/provider/resources/org_idp_gitlab_self_hosted.tf +++ b/examples/provider/resources/org_idp_gitlab_self_hosted.tf @@ -9,4 +9,5 @@ resource "zitadel_org_idp_gitlab_self_hosted" "default" { is_creation_allowed = true is_auto_creation = false is_auto_update = true + auto_linking = "AUTO_LINKING_OPTION_USERNAME" } diff --git a/examples/provider/resources/org_idp_google.tf b/examples/provider/resources/org_idp_google.tf index 1d01eec1..a34ded7c 100644 --- a/examples/provider/resources/org_idp_google.tf +++ b/examples/provider/resources/org_idp_google.tf @@ -8,4 +8,5 @@ resource "zitadel_org_idp_google" "default" { is_creation_allowed = true is_auto_creation = false is_auto_update = true + auto_linking = "AUTO_LINKING_OPTION_USERNAME" } diff --git a/examples/provider/resources/org_idp_ldap.tf b/examples/provider/resources/org_idp_ldap.tf index b9bc16c9..04a2348c 100644 --- a/examples/provider/resources/org_idp_ldap.tf +++ b/examples/provider/resources/org_idp_ldap.tf @@ -17,6 +17,7 @@ resource "zitadel_org_idp_ldap" "default" { is_creation_allowed = true is_auto_creation = false is_auto_update = true + auto_linking = "AUTO_LINKING_OPTION_USERNAME" } diff --git a/examples/provider/resources/org_idp_oauth.tf b/examples/provider/resources/org_idp_oauth.tf index 889db766..7460f97c 100644 --- a/examples/provider/resources/org_idp_oauth.tf +++ b/examples/provider/resources/org_idp_oauth.tf @@ -12,4 +12,5 @@ resource "zitadel_org_idp_oauth" "default" { is_creation_allowed = true is_auto_creation = false is_auto_update = true + auto_linking = "AUTO_LINKING_OPTION_USERNAME" } diff --git a/examples/provider/resources/org_idp_oidc.tf b/examples/provider/resources/org_idp_oidc.tf index ebdb19af..bcf97199 100644 --- a/examples/provider/resources/org_idp_oidc.tf +++ b/examples/provider/resources/org_idp_oidc.tf @@ -10,4 +10,5 @@ resource "zitadel_org_idp_oidc" "default" { is_auto_creation = false is_auto_update = true is_id_token_mapping = true + auto_linking = "AUTO_LINKING_OPTION_USERNAME" } diff --git a/examples/provider/resources/org_idp_saml.tf b/examples/provider/resources/org_idp_saml.tf index 026cc6e5..a53ea570 100644 --- a/examples/provider/resources/org_idp_saml.tf +++ b/examples/provider/resources/org_idp_saml.tf @@ -7,6 +7,7 @@ resource "zitadel_org_idp_saml" "default" { is_creation_allowed = true is_auto_creation = false is_auto_update = true + auto_linking = "AUTO_LINKING_OPTION_USERNAME" metadata_xml = < diff --git a/zitadel/org_idp_azure_ad/datasource.go b/zitadel/org_idp_azure_ad/datasource.go index eb3ccb21..c3cceeee 100644 --- a/zitadel/org_idp_azure_ad/datasource.go +++ b/zitadel/org_idp_azure_ad/datasource.go @@ -22,6 +22,7 @@ func GetDatasource() *schema.Resource { idp_utils.IsCreationAllowedVar: idp_utils.IsCreationAllowedDataSourceField, idp_utils.IsAutoCreationVar: idp_utils.IsAutoCreationDataSourceField, idp_utils.IsAutoUpdateVar: idp_utils.IsAutoUpdateDataSourceField, + idp_utils.AutoLinkingVar: idp_utils.AutoLinkingDataSourceField, idp_azure_ad.TenantTypeVar: idp_azure_ad.TenantTypeDataSourceField, idp_azure_ad.TenantIDVar: idp_azure_ad.TenantIDDataSourceField, idp_azure_ad.EmailVerifiedVar: idp_azure_ad.EmailVerifiedDataSourceField, diff --git a/zitadel/org_idp_azure_ad/funcs.go b/zitadel/org_idp_azure_ad/funcs.go index 7769429b..82e81477 100644 --- a/zitadel/org_idp_azure_ad/funcs.go +++ b/zitadel/org_idp_azure_ad/funcs.go @@ -103,6 +103,7 @@ func read(ctx context.Context, d *schema.ResourceData, m interface{}) diag.Diagn idp_utils.IsCreationAllowedVar: generalCfg.GetIsCreationAllowed(), idp_utils.IsAutoCreationVar: generalCfg.GetIsAutoCreation(), idp_utils.IsAutoUpdateVar: generalCfg.GetIsAutoUpdate(), + idp_utils.AutoLinkingVar: idp_utils.AutoLinkingString(generalCfg.GetAutoLinking()), idp_azure_ad.EmailVerifiedVar: specificCfg.GetEmailVerified(), idp_azure_ad.TenantIDVar: tenantID, } diff --git a/zitadel/org_idp_azure_ad/resource.go b/zitadel/org_idp_azure_ad/resource.go index e991c808..310db1b9 100644 --- a/zitadel/org_idp_azure_ad/resource.go +++ b/zitadel/org_idp_azure_ad/resource.go @@ -22,6 +22,7 @@ func GetResource() *schema.Resource { idp_utils.IsCreationAllowedVar: idp_utils.IsCreationAllowedResourceField, idp_utils.IsAutoCreationVar: idp_utils.IsAutoCreationResourceField, idp_utils.IsAutoUpdateVar: idp_utils.IsAutoUpdateResourceField, + idp_utils.AutoLinkingVar: idp_utils.AutoLinkingResourceField, idp_azure_ad.TenantTypeVar: idp_azure_ad.TenantTypeResourceField, idp_azure_ad.TenantIDVar: idp_azure_ad.TenantIDResourceField, idp_azure_ad.EmailVerifiedVar: idp_azure_ad.EmailVerifiedResourceField, diff --git a/zitadel/org_idp_github/datasource.go b/zitadel/org_idp_github/datasource.go index c65319dc..4a542b2c 100644 --- a/zitadel/org_idp_github/datasource.go +++ b/zitadel/org_idp_github/datasource.go @@ -21,6 +21,7 @@ func GetDatasource() *schema.Resource { idp_utils.IsCreationAllowedVar: idp_utils.IsCreationAllowedDataSourceField, idp_utils.IsAutoCreationVar: idp_utils.IsAutoCreationDataSourceField, idp_utils.IsAutoUpdateVar: idp_utils.IsAutoUpdateDataSourceField, + idp_utils.AutoLinkingVar: idp_utils.AutoLinkingDataSourceField, }, ReadContext: read, } diff --git a/zitadel/org_idp_github/funcs.go b/zitadel/org_idp_github/funcs.go index 4bf5452d..c9c9ab11 100644 --- a/zitadel/org_idp_github/funcs.go +++ b/zitadel/org_idp_github/funcs.go @@ -88,6 +88,7 @@ func read(ctx context.Context, d *schema.ResourceData, m interface{}) diag.Diagn idp_utils.IsCreationAllowedVar: generalCfg.GetIsCreationAllowed(), idp_utils.IsAutoCreationVar: generalCfg.GetIsAutoCreation(), idp_utils.IsAutoUpdateVar: generalCfg.GetIsAutoUpdate(), + idp_utils.AutoLinkingVar: idp_utils.AutoLinkingString(generalCfg.GetAutoLinking()), } for k, v := range set { if err := d.Set(k, v); err != nil { diff --git a/zitadel/org_idp_github/resource.go b/zitadel/org_idp_github/resource.go index a4366746..df148eea 100644 --- a/zitadel/org_idp_github/resource.go +++ b/zitadel/org_idp_github/resource.go @@ -21,6 +21,7 @@ func GetResource() *schema.Resource { idp_utils.IsCreationAllowedVar: idp_utils.IsCreationAllowedResourceField, idp_utils.IsAutoCreationVar: idp_utils.IsAutoCreationResourceField, idp_utils.IsAutoUpdateVar: idp_utils.IsAutoUpdateResourceField, + idp_utils.AutoLinkingVar: idp_utils.AutoLinkingResourceField, }, ReadContext: read, UpdateContext: update, diff --git a/zitadel/org_idp_github_es/datasource.go b/zitadel/org_idp_github_es/datasource.go index ba513643..72c6d443 100644 --- a/zitadel/org_idp_github_es/datasource.go +++ b/zitadel/org_idp_github_es/datasource.go @@ -22,6 +22,7 @@ func GetDatasource() *schema.Resource { idp_utils.IsCreationAllowedVar: idp_utils.IsCreationAllowedDataSourceField, idp_utils.IsAutoCreationVar: idp_utils.IsAutoCreationDataSourceField, idp_utils.IsAutoUpdateVar: idp_utils.IsAutoUpdateDataSourceField, + idp_utils.AutoLinkingVar: idp_utils.AutoLinkingDataSourceField, idp_github_es.AuthorizationEndpointVar: idp_github_es.AuthorizationEndpointDataSourceField, idp_github_es.TokenEndpointVar: idp_github_es.TokenEndpointDataSourceField, idp_github_es.UserEndpointVar: idp_github_es.UserEndpointDataSourceField, diff --git a/zitadel/org_idp_github_es/funcs.go b/zitadel/org_idp_github_es/funcs.go index ba44f817..d4bb1784 100644 --- a/zitadel/org_idp_github_es/funcs.go +++ b/zitadel/org_idp_github_es/funcs.go @@ -95,6 +95,7 @@ func read(ctx context.Context, d *schema.ResourceData, m interface{}) diag.Diagn idp_utils.IsCreationAllowedVar: generalCfg.GetIsCreationAllowed(), idp_utils.IsAutoCreationVar: generalCfg.GetIsAutoCreation(), idp_utils.IsAutoUpdateVar: generalCfg.GetIsAutoUpdate(), + idp_utils.AutoLinkingVar: idp_utils.AutoLinkingString(generalCfg.GetAutoLinking()), idp_github_es.AuthorizationEndpointVar: specificCfg.GetAuthorizationEndpoint(), idp_github_es.TokenEndpointVar: specificCfg.GetTokenEndpoint(), idp_github_es.UserEndpointVar: specificCfg.GetUserEndpoint(), diff --git a/zitadel/org_idp_github_es/resource.go b/zitadel/org_idp_github_es/resource.go index 4afe74c3..b66a4d01 100644 --- a/zitadel/org_idp_github_es/resource.go +++ b/zitadel/org_idp_github_es/resource.go @@ -22,6 +22,7 @@ func GetResource() *schema.Resource { idp_utils.IsCreationAllowedVar: idp_utils.IsCreationAllowedResourceField, idp_utils.IsAutoCreationVar: idp_utils.IsAutoCreationResourceField, idp_utils.IsAutoUpdateVar: idp_utils.IsAutoUpdateResourceField, + idp_utils.AutoLinkingVar: idp_utils.AutoLinkingResourceField, idp_github_es.AuthorizationEndpointVar: idp_github_es.AuthorizationEndpointResourceField, idp_github_es.TokenEndpointVar: idp_github_es.TokenEndpointResourceField, idp_github_es.UserEndpointVar: idp_github_es.UserEndpointResourceField, diff --git a/zitadel/org_idp_gitlab/datasource.go b/zitadel/org_idp_gitlab/datasource.go index b88eb3ac..e7c3e7b3 100644 --- a/zitadel/org_idp_gitlab/datasource.go +++ b/zitadel/org_idp_gitlab/datasource.go @@ -21,6 +21,7 @@ func GetDatasource() *schema.Resource { idp_utils.IsCreationAllowedVar: idp_utils.IsCreationAllowedDataSourceField, idp_utils.IsAutoCreationVar: idp_utils.IsAutoCreationDataSourceField, idp_utils.IsAutoUpdateVar: idp_utils.IsAutoUpdateDataSourceField, + idp_utils.AutoLinkingVar: idp_utils.AutoLinkingDataSourceField, }, ReadContext: read, } diff --git a/zitadel/org_idp_gitlab/funcs.go b/zitadel/org_idp_gitlab/funcs.go index 1493459f..d6ef7a50 100644 --- a/zitadel/org_idp_gitlab/funcs.go +++ b/zitadel/org_idp_gitlab/funcs.go @@ -88,6 +88,7 @@ func read(ctx context.Context, d *schema.ResourceData, m interface{}) diag.Diagn idp_utils.IsCreationAllowedVar: generalCfg.GetIsCreationAllowed(), idp_utils.IsAutoCreationVar: generalCfg.GetIsAutoCreation(), idp_utils.IsAutoUpdateVar: generalCfg.GetIsAutoUpdate(), + idp_utils.AutoLinkingVar: idp_utils.AutoLinkingString(generalCfg.GetAutoLinking()), } for k, v := range set { if err := d.Set(k, v); err != nil { diff --git a/zitadel/org_idp_gitlab/resource.go b/zitadel/org_idp_gitlab/resource.go index 5b1aeda4..908c8469 100644 --- a/zitadel/org_idp_gitlab/resource.go +++ b/zitadel/org_idp_gitlab/resource.go @@ -21,6 +21,7 @@ func GetResource() *schema.Resource { idp_utils.IsCreationAllowedVar: idp_utils.IsCreationAllowedResourceField, idp_utils.IsAutoCreationVar: idp_utils.IsAutoCreationResourceField, idp_utils.IsAutoUpdateVar: idp_utils.IsAutoUpdateResourceField, + idp_utils.AutoLinkingVar: idp_utils.AutoLinkingResourceField, }, ReadContext: read, UpdateContext: update, diff --git a/zitadel/org_idp_gitlab_self_hosted/datasource.go b/zitadel/org_idp_gitlab_self_hosted/datasource.go index 97949202..cdd2c6ff 100644 --- a/zitadel/org_idp_gitlab_self_hosted/datasource.go +++ b/zitadel/org_idp_gitlab_self_hosted/datasource.go @@ -22,6 +22,7 @@ func GetDatasource() *schema.Resource { idp_utils.IsCreationAllowedVar: idp_utils.IsCreationAllowedDataSourceField, idp_utils.IsAutoCreationVar: idp_utils.IsAutoCreationDataSourceField, idp_utils.IsAutoUpdateVar: idp_utils.IsAutoUpdateDataSourceField, + idp_utils.AutoLinkingVar: idp_utils.AutoLinkingDataSourceField, idp_gitlab_self_hosted.IssuerVar: idp_gitlab_self_hosted.IssuerDataSourceField, }, ReadContext: read, diff --git a/zitadel/org_idp_gitlab_self_hosted/funcs.go b/zitadel/org_idp_gitlab_self_hosted/funcs.go index 14730dfd..25462603 100644 --- a/zitadel/org_idp_gitlab_self_hosted/funcs.go +++ b/zitadel/org_idp_gitlab_self_hosted/funcs.go @@ -91,6 +91,7 @@ func read(ctx context.Context, d *schema.ResourceData, m interface{}) diag.Diagn idp_utils.IsCreationAllowedVar: generalCfg.GetIsCreationAllowed(), idp_utils.IsAutoCreationVar: generalCfg.GetIsAutoCreation(), idp_utils.IsAutoUpdateVar: generalCfg.GetIsAutoUpdate(), + idp_utils.AutoLinkingVar: idp_utils.AutoLinkingString(generalCfg.GetAutoLinking()), idp_gitlab_self_hosted.IssuerVar: specificCfg.GetIssuer(), } for k, v := range set { diff --git a/zitadel/org_idp_gitlab_self_hosted/resource.go b/zitadel/org_idp_gitlab_self_hosted/resource.go index 2afab49f..2e17aa5a 100644 --- a/zitadel/org_idp_gitlab_self_hosted/resource.go +++ b/zitadel/org_idp_gitlab_self_hosted/resource.go @@ -22,6 +22,7 @@ func GetResource() *schema.Resource { idp_utils.IsCreationAllowedVar: idp_utils.IsCreationAllowedResourceField, idp_utils.IsAutoCreationVar: idp_utils.IsAutoCreationResourceField, idp_utils.IsAutoUpdateVar: idp_utils.IsAutoUpdateResourceField, + idp_utils.AutoLinkingVar: idp_utils.AutoLinkingResourceField, idp_gitlab_self_hosted.IssuerVar: idp_gitlab_self_hosted.IssuerResourceField, }, ReadContext: read, diff --git a/zitadel/org_idp_google/datasource.go b/zitadel/org_idp_google/datasource.go index 5c6310f5..41a45fb7 100644 --- a/zitadel/org_idp_google/datasource.go +++ b/zitadel/org_idp_google/datasource.go @@ -21,6 +21,7 @@ func GetDatasource() *schema.Resource { idp_utils.IsCreationAllowedVar: idp_utils.IsCreationAllowedDataSourceField, idp_utils.IsAutoCreationVar: idp_utils.IsAutoCreationDataSourceField, idp_utils.IsAutoUpdateVar: idp_utils.IsAutoUpdateDataSourceField, + idp_utils.AutoLinkingVar: idp_utils.AutoLinkingDataSourceField, }, ReadContext: read, } diff --git a/zitadel/org_idp_google/funcs.go b/zitadel/org_idp_google/funcs.go index 17dbfe07..1975102b 100644 --- a/zitadel/org_idp_google/funcs.go +++ b/zitadel/org_idp_google/funcs.go @@ -88,6 +88,7 @@ func read(ctx context.Context, d *schema.ResourceData, m interface{}) diag.Diagn idp_utils.IsCreationAllowedVar: generalCfg.GetIsCreationAllowed(), idp_utils.IsAutoCreationVar: generalCfg.GetIsAutoCreation(), idp_utils.IsAutoUpdateVar: generalCfg.GetIsAutoUpdate(), + idp_utils.AutoLinkingVar: idp_utils.AutoLinkingString(generalCfg.GetAutoLinking()), } for k, v := range set { if err := d.Set(k, v); err != nil { diff --git a/zitadel/org_idp_google/resource.go b/zitadel/org_idp_google/resource.go index 2f912517..85e28501 100644 --- a/zitadel/org_idp_google/resource.go +++ b/zitadel/org_idp_google/resource.go @@ -21,6 +21,7 @@ func GetResource() *schema.Resource { idp_utils.IsCreationAllowedVar: idp_utils.IsCreationAllowedResourceField, idp_utils.IsAutoCreationVar: idp_utils.IsAutoCreationResourceField, idp_utils.IsAutoUpdateVar: idp_utils.IsAutoUpdateResourceField, + idp_utils.AutoLinkingVar: idp_utils.AutoLinkingResourceField, }, ReadContext: read, UpdateContext: update, diff --git a/zitadel/org_idp_ldap/datasource.go b/zitadel/org_idp_ldap/datasource.go index b48b7fdb..93e739b9 100644 --- a/zitadel/org_idp_ldap/datasource.go +++ b/zitadel/org_idp_ldap/datasource.go @@ -19,6 +19,7 @@ func GetDatasource() *schema.Resource { idp_utils.IsCreationAllowedVar: idp_utils.IsCreationAllowedDataSourceField, idp_utils.IsAutoCreationVar: idp_utils.IsAutoCreationDataSourceField, idp_utils.IsAutoUpdateVar: idp_utils.IsAutoUpdateDataSourceField, + idp_utils.AutoLinkingVar: idp_utils.AutoLinkingDataSourceField, idp_ldap.ServersVar: idp_ldap.ServersDataSourceField, idp_ldap.StartTLSVar: idp_ldap.StartTLSDataSourceField, diff --git a/zitadel/org_idp_ldap/funcs.go b/zitadel/org_idp_ldap/funcs.go index 47ffbc2c..2d7a0aa4 100644 --- a/zitadel/org_idp_ldap/funcs.go +++ b/zitadel/org_idp_ldap/funcs.go @@ -144,6 +144,7 @@ func read(ctx context.Context, d *schema.ResourceData, m interface{}) diag.Diagn idp_utils.IsCreationAllowedVar: generalCfg.GetIsCreationAllowed(), idp_utils.IsAutoCreationVar: generalCfg.GetIsAutoCreation(), idp_utils.IsAutoUpdateVar: generalCfg.GetIsAutoUpdate(), + idp_utils.AutoLinkingVar: idp_utils.AutoLinkingString(generalCfg.GetAutoLinking()), idp_ldap.ServersVar: specificCfg.GetServers(), idp_ldap.StartTLSVar: specificCfg.GetStartTls(), diff --git a/zitadel/org_idp_ldap/resource.go b/zitadel/org_idp_ldap/resource.go index 57596508..54a75f7b 100644 --- a/zitadel/org_idp_ldap/resource.go +++ b/zitadel/org_idp_ldap/resource.go @@ -19,6 +19,7 @@ func GetResource() *schema.Resource { idp_utils.IsCreationAllowedVar: idp_utils.IsCreationAllowedResourceField, idp_utils.IsAutoCreationVar: idp_utils.IsAutoCreationResourceField, idp_utils.IsAutoUpdateVar: idp_utils.IsAutoUpdateResourceField, + idp_utils.AutoLinkingVar: idp_utils.AutoLinkingResourceField, idp_ldap.ServersVar: idp_ldap.ServersResourceField, idp_ldap.StartTLSVar: idp_ldap.StartTLSResourceField, diff --git a/zitadel/org_idp_oauth/datasource.go b/zitadel/org_idp_oauth/datasource.go index 7edacd51..eba5e249 100644 --- a/zitadel/org_idp_oauth/datasource.go +++ b/zitadel/org_idp_oauth/datasource.go @@ -26,6 +26,7 @@ func GetDatasource() *schema.Resource { idp_utils.IsCreationAllowedVar: idp_utils.IsCreationAllowedDataSourceField, idp_utils.IsAutoCreationVar: idp_utils.IsAutoCreationDataSourceField, idp_utils.IsAutoUpdateVar: idp_utils.IsAutoUpdateDataSourceField, + idp_utils.AutoLinkingVar: idp_utils.AutoLinkingDataSourceField, }, ReadContext: read, } diff --git a/zitadel/org_idp_oauth/funcs.go b/zitadel/org_idp_oauth/funcs.go index 20fb30e6..e1b69c8e 100644 --- a/zitadel/org_idp_oauth/funcs.go +++ b/zitadel/org_idp_oauth/funcs.go @@ -101,6 +101,7 @@ func read(ctx context.Context, d *schema.ResourceData, m interface{}) diag.Diagn idp_utils.IsCreationAllowedVar: generalCfg.GetIsCreationAllowed(), idp_utils.IsAutoCreationVar: generalCfg.GetIsAutoCreation(), idp_utils.IsAutoUpdateVar: generalCfg.GetIsAutoUpdate(), + idp_utils.AutoLinkingVar: idp_utils.AutoLinkingString(generalCfg.GetAutoLinking()), } for k, v := range set { if err := d.Set(k, v); err != nil { diff --git a/zitadel/org_idp_oauth/resource.go b/zitadel/org_idp_oauth/resource.go index 6850c1dc..f88fc32e 100644 --- a/zitadel/org_idp_oauth/resource.go +++ b/zitadel/org_idp_oauth/resource.go @@ -26,6 +26,7 @@ func GetResource() *schema.Resource { idp_utils.IsCreationAllowedVar: idp_utils.IsCreationAllowedResourceField, idp_utils.IsAutoCreationVar: idp_utils.IsAutoCreationResourceField, idp_utils.IsAutoUpdateVar: idp_utils.IsAutoUpdateResourceField, + idp_utils.AutoLinkingVar: idp_utils.AutoLinkingResourceField, }, ReadContext: read, UpdateContext: update, diff --git a/zitadel/org_idp_oidc/datasource.go b/zitadel/org_idp_oidc/datasource.go index 89a35dc8..033e569e 100644 --- a/zitadel/org_idp_oidc/datasource.go +++ b/zitadel/org_idp_oidc/datasource.go @@ -21,6 +21,7 @@ func GetDatasource() *schema.Resource { idp_utils.IsCreationAllowedVar: idp_utils.IsCreationAllowedDataSourceField, idp_utils.IsAutoCreationVar: idp_utils.IsAutoCreationDataSourceField, idp_utils.IsAutoUpdateVar: idp_utils.IsAutoUpdateDataSourceField, + idp_utils.AutoLinkingVar: idp_utils.AutoLinkingDataSourceField, IssuerVar: IssuerDatasourceField, IsIdTokenMappingVar: IsIdTokenMappingDatasourceField, }, diff --git a/zitadel/org_idp_oidc/funcs.go b/zitadel/org_idp_oidc/funcs.go index f5222ce8..2fd8817b 100644 --- a/zitadel/org_idp_oidc/funcs.go +++ b/zitadel/org_idp_oidc/funcs.go @@ -92,6 +92,7 @@ func read(ctx context.Context, d *schema.ResourceData, m interface{}) diag.Diagn idp_utils.IsCreationAllowedVar: generalCfg.GetIsCreationAllowed(), idp_utils.IsAutoCreationVar: generalCfg.GetIsAutoCreation(), idp_utils.IsAutoUpdateVar: generalCfg.GetIsAutoUpdate(), + idp_utils.AutoLinkingVar: idp_utils.AutoLinkingString(generalCfg.GetAutoLinking()), IssuerVar: specificCfg.GetIssuer(), IsIdTokenMappingVar: specificCfg.GetIsIdTokenMapping(), } diff --git a/zitadel/org_idp_oidc/resource.go b/zitadel/org_idp_oidc/resource.go index e199313f..2ce5aeed 100644 --- a/zitadel/org_idp_oidc/resource.go +++ b/zitadel/org_idp_oidc/resource.go @@ -21,6 +21,7 @@ func GetResource() *schema.Resource { idp_utils.IsCreationAllowedVar: idp_utils.IsCreationAllowedResourceField, idp_utils.IsAutoCreationVar: idp_utils.IsAutoCreationResourceField, idp_utils.IsAutoUpdateVar: idp_utils.IsAutoUpdateResourceField, + idp_utils.AutoLinkingVar: idp_utils.AutoLinkingResourceField, IssuerVar: IssuerResourceField, IsIdTokenMappingVar: IsIdTokenMappingResourceField, }, diff --git a/zitadel/org_idp_saml/datasource.go b/zitadel/org_idp_saml/datasource.go index c3f06f27..fa2d9697 100644 --- a/zitadel/org_idp_saml/datasource.go +++ b/zitadel/org_idp_saml/datasource.go @@ -22,6 +22,7 @@ func GetDatasource() *schema.Resource { idp_utils.IsCreationAllowedVar: idp_utils.IsCreationAllowedDataSourceField, idp_utils.IsAutoCreationVar: idp_utils.IsAutoCreationDataSourceField, idp_utils.IsAutoUpdateVar: idp_utils.IsAutoUpdateDataSourceField, + idp_utils.AutoLinkingVar: idp_utils.AutoLinkingDataSourceField, }, ReadContext: read, } diff --git a/zitadel/org_idp_saml/funcs.go b/zitadel/org_idp_saml/funcs.go index 653ce312..7faf871c 100644 --- a/zitadel/org_idp_saml/funcs.go +++ b/zitadel/org_idp_saml/funcs.go @@ -90,6 +90,7 @@ func read(ctx context.Context, d *schema.ResourceData, m interface{}) diag.Diagn idp_utils.IsCreationAllowedVar: generalCfg.GetIsCreationAllowed(), idp_utils.IsAutoCreationVar: generalCfg.GetIsAutoCreation(), idp_utils.IsAutoUpdateVar: generalCfg.GetIsAutoUpdate(), + idp_utils.AutoLinkingVar: idp_utils.AutoLinkingString(generalCfg.GetAutoLinking()), } for k, v := range set { if err := d.Set(k, v); err != nil { diff --git a/zitadel/org_idp_saml/resource.go b/zitadel/org_idp_saml/resource.go index 10f5acfa..eea6b06c 100644 --- a/zitadel/org_idp_saml/resource.go +++ b/zitadel/org_idp_saml/resource.go @@ -22,6 +22,7 @@ func GetResource() *schema.Resource { idp_utils.IsCreationAllowedVar: idp_utils.IsCreationAllowedResourceField, idp_utils.IsAutoCreationVar: idp_utils.IsAutoCreationResourceField, idp_utils.IsAutoUpdateVar: idp_utils.IsAutoUpdateResourceField, + idp_utils.AutoLinkingVar: idp_utils.AutoLinkingResourceField, }, ReadContext: read, UpdateContext: update, From 25fb1cd01e93ae9cb566a71e54b2b15f8d8b07ac Mon Sep 17 00:00:00 2001 From: Stefan Benz <46600784+stebenz@users.noreply.github.com> Date: Tue, 17 Dec 2024 11:10:22 +0100 Subject: [PATCH 3/5] docs: formatting --- docs/resources/idp_azure_ad.md | 2 +- docs/resources/idp_github_es.md | 2 +- docs/resources/idp_ldap.md | 2 +- docs/resources/idp_oauth.md | 2 +- docs/resources/org_idp_azure_ad.md | 2 +- docs/resources/org_idp_github_es.md | 2 +- docs/resources/org_idp_ldap.md | 2 +- docs/resources/org_idp_oauth.md | 2 +- examples/provider/resources/idp_azure_ad.tf | 2 +- examples/provider/resources/idp_github_es.tf | 2 +- examples/provider/resources/idp_ldap.tf | 2 +- examples/provider/resources/idp_oauth.tf | 2 +- examples/provider/resources/org_idp_azure_ad.tf | 2 +- examples/provider/resources/org_idp_github_es.tf | 2 +- examples/provider/resources/org_idp_ldap.tf | 2 +- examples/provider/resources/org_idp_oauth.tf | 2 +- 16 files changed, 16 insertions(+), 16 deletions(-) diff --git a/docs/resources/idp_azure_ad.md b/docs/resources/idp_azure_ad.md index 419b16f4..4b0b976c 100644 --- a/docs/resources/idp_azure_ad.md +++ b/docs/resources/idp_azure_ad.md @@ -16,7 +16,7 @@ resource "zitadel_idp_azure_ad" "default" { name = "Azure AD" client_id = "9065bfc8-a08a..." client_secret = "H2n***" - scopes = ["openid", "profile", "email", "User.Read"] + scopes = ["openid", "profile", "email", "User.Read"] tenant_type = "AZURE_AD_TENANT_TYPE_ORGANISATIONS" email_verified = true is_linking_allowed = false diff --git a/docs/resources/idp_github_es.md b/docs/resources/idp_github_es.md index 9d7b6f44..1d2964ff 100644 --- a/docs/resources/idp_github_es.md +++ b/docs/resources/idp_github_es.md @@ -24,7 +24,7 @@ resource "zitadel_idp_github_es" "default" { is_creation_allowed = true is_auto_creation = false is_auto_update = true - auto_linking = "AUTO_LINKING_OPTION_USERNAME" + auto_linking = "AUTO_LINKING_OPTION_USERNAME" } ``` diff --git a/docs/resources/idp_ldap.md b/docs/resources/idp_ldap.md index d3edaf74..55072f2e 100644 --- a/docs/resources/idp_ldap.md +++ b/docs/resources/idp_ldap.md @@ -30,7 +30,7 @@ resource "zitadel_idp_ldap" "default" { is_creation_allowed = true is_auto_creation = false is_auto_update = true - auto_linking = "AUTO_LINKING_OPTION_USERNAME" + auto_linking = "AUTO_LINKING_OPTION_USERNAME" } ``` diff --git a/docs/resources/idp_oauth.md b/docs/resources/idp_oauth.md index f6894b8d..069d2fae 100644 --- a/docs/resources/idp_oauth.md +++ b/docs/resources/idp_oauth.md @@ -25,7 +25,7 @@ resource "zitadel_idp_oauth" "default" { is_creation_allowed = true is_auto_creation = false is_auto_update = true - auto_linking = "AUTO_LINKING_OPTION_USERNAME" + auto_linking = "AUTO_LINKING_OPTION_USERNAME" } ``` diff --git a/docs/resources/org_idp_azure_ad.md b/docs/resources/org_idp_azure_ad.md index 53de1c83..b44e6def 100644 --- a/docs/resources/org_idp_azure_ad.md +++ b/docs/resources/org_idp_azure_ad.md @@ -17,7 +17,7 @@ resource "zitadel_org_idp_azure_ad" "default" { name = "Azure AD" client_id = "9065bfc8-a08a..." client_secret = "H2n***" - scopes = ["openid", "profile", "email", "User.Read"] + scopes = ["openid", "profile", "email", "User.Read"] tenant_type = "AZURE_AD_TENANT_TYPE_ORGANISATIONS" email_verified = true is_linking_allowed = false diff --git a/docs/resources/org_idp_github_es.md b/docs/resources/org_idp_github_es.md index c3476ac8..34772a24 100644 --- a/docs/resources/org_idp_github_es.md +++ b/docs/resources/org_idp_github_es.md @@ -25,7 +25,7 @@ resource "zitadel_org_idp_github_es" "default" { is_creation_allowed = true is_auto_creation = false is_auto_update = true - auto_linking = "AUTO_LINKING_OPTION_USERNAME" + auto_linking = "AUTO_LINKING_OPTION_USERNAME" } ``` diff --git a/docs/resources/org_idp_ldap.md b/docs/resources/org_idp_ldap.md index eedc9eb6..3b78b27d 100644 --- a/docs/resources/org_idp_ldap.md +++ b/docs/resources/org_idp_ldap.md @@ -31,7 +31,7 @@ resource "zitadel_org_idp_ldap" "default" { is_creation_allowed = true is_auto_creation = false is_auto_update = true - auto_linking = "AUTO_LINKING_OPTION_USERNAME" + auto_linking = "AUTO_LINKING_OPTION_USERNAME" } ``` diff --git a/docs/resources/org_idp_oauth.md b/docs/resources/org_idp_oauth.md index 2d925b4f..297f2286 100644 --- a/docs/resources/org_idp_oauth.md +++ b/docs/resources/org_idp_oauth.md @@ -26,7 +26,7 @@ resource "zitadel_org_idp_oauth" "default" { is_creation_allowed = true is_auto_creation = false is_auto_update = true - auto_linking = "AUTO_LINKING_OPTION_USERNAME" + auto_linking = "AUTO_LINKING_OPTION_USERNAME" } ``` diff --git a/examples/provider/resources/idp_azure_ad.tf b/examples/provider/resources/idp_azure_ad.tf index 5052d316..72747010 100644 --- a/examples/provider/resources/idp_azure_ad.tf +++ b/examples/provider/resources/idp_azure_ad.tf @@ -2,7 +2,7 @@ resource "zitadel_idp_azure_ad" "default" { name = "Azure AD" client_id = "9065bfc8-a08a..." client_secret = "H2n***" - scopes = ["openid", "profile", "email", "User.Read"] + scopes = ["openid", "profile", "email", "User.Read"] tenant_type = "AZURE_AD_TENANT_TYPE_ORGANISATIONS" email_verified = true is_linking_allowed = false diff --git a/examples/provider/resources/idp_github_es.tf b/examples/provider/resources/idp_github_es.tf index 37d971e2..ebb17b9b 100644 --- a/examples/provider/resources/idp_github_es.tf +++ b/examples/provider/resources/idp_github_es.tf @@ -10,5 +10,5 @@ resource "zitadel_idp_github_es" "default" { is_creation_allowed = true is_auto_creation = false is_auto_update = true - auto_linking = "AUTO_LINKING_OPTION_USERNAME" + auto_linking = "AUTO_LINKING_OPTION_USERNAME" } diff --git a/examples/provider/resources/idp_ldap.tf b/examples/provider/resources/idp_ldap.tf index 8b7ad24f..373b8246 100644 --- a/examples/provider/resources/idp_ldap.tf +++ b/examples/provider/resources/idp_ldap.tf @@ -16,7 +16,7 @@ resource "zitadel_idp_ldap" "default" { is_creation_allowed = true is_auto_creation = false is_auto_update = true - auto_linking = "AUTO_LINKING_OPTION_USERNAME" + auto_linking = "AUTO_LINKING_OPTION_USERNAME" } diff --git a/examples/provider/resources/idp_oauth.tf b/examples/provider/resources/idp_oauth.tf index 3b5ea249..c21281db 100644 --- a/examples/provider/resources/idp_oauth.tf +++ b/examples/provider/resources/idp_oauth.tf @@ -11,5 +11,5 @@ resource "zitadel_idp_oauth" "default" { is_creation_allowed = true is_auto_creation = false is_auto_update = true - auto_linking = "AUTO_LINKING_OPTION_USERNAME" + auto_linking = "AUTO_LINKING_OPTION_USERNAME" } diff --git a/examples/provider/resources/org_idp_azure_ad.tf b/examples/provider/resources/org_idp_azure_ad.tf index fc6d7e7f..a2ec59a8 100644 --- a/examples/provider/resources/org_idp_azure_ad.tf +++ b/examples/provider/resources/org_idp_azure_ad.tf @@ -3,7 +3,7 @@ resource "zitadel_org_idp_azure_ad" "default" { name = "Azure AD" client_id = "9065bfc8-a08a..." client_secret = "H2n***" - scopes = ["openid", "profile", "email", "User.Read"] + scopes = ["openid", "profile", "email", "User.Read"] tenant_type = "AZURE_AD_TENANT_TYPE_ORGANISATIONS" email_verified = true is_linking_allowed = false diff --git a/examples/provider/resources/org_idp_github_es.tf b/examples/provider/resources/org_idp_github_es.tf index 2f0f16c4..6028ee0c 100644 --- a/examples/provider/resources/org_idp_github_es.tf +++ b/examples/provider/resources/org_idp_github_es.tf @@ -11,5 +11,5 @@ resource "zitadel_org_idp_github_es" "default" { is_creation_allowed = true is_auto_creation = false is_auto_update = true - auto_linking = "AUTO_LINKING_OPTION_USERNAME" + auto_linking = "AUTO_LINKING_OPTION_USERNAME" } diff --git a/examples/provider/resources/org_idp_ldap.tf b/examples/provider/resources/org_idp_ldap.tf index 04a2348c..37f047d1 100644 --- a/examples/provider/resources/org_idp_ldap.tf +++ b/examples/provider/resources/org_idp_ldap.tf @@ -17,7 +17,7 @@ resource "zitadel_org_idp_ldap" "default" { is_creation_allowed = true is_auto_creation = false is_auto_update = true - auto_linking = "AUTO_LINKING_OPTION_USERNAME" + auto_linking = "AUTO_LINKING_OPTION_USERNAME" } diff --git a/examples/provider/resources/org_idp_oauth.tf b/examples/provider/resources/org_idp_oauth.tf index 7460f97c..be0df88c 100644 --- a/examples/provider/resources/org_idp_oauth.tf +++ b/examples/provider/resources/org_idp_oauth.tf @@ -12,5 +12,5 @@ resource "zitadel_org_idp_oauth" "default" { is_creation_allowed = true is_auto_creation = false is_auto_update = true - auto_linking = "AUTO_LINKING_OPTION_USERNAME" + auto_linking = "AUTO_LINKING_OPTION_USERNAME" } From def0d360614d3509daea8acf3cdb7064b83a403a Mon Sep 17 00:00:00 2001 From: Stefan Benz <46600784+stebenz@users.noreply.github.com> Date: Thu, 19 Dec 2024 15:25:48 +0100 Subject: [PATCH 4/5] fix: remove required --- zitadel/idp_utils/schema.go | 1 - 1 file changed, 1 deletion(-) diff --git a/zitadel/idp_utils/schema.go b/zitadel/idp_utils/schema.go index 6273639d..d340420d 100644 --- a/zitadel/idp_utils/schema.go +++ b/zitadel/idp_utils/schema.go @@ -118,7 +118,6 @@ var ( } AutoLinkingResourceField = &schema.Schema{ Type: schema.TypeString, - Required: true, Description: "Enable if users should get prompted to link an existing ZITADEL user to an external account if the selected attribute matches" + helper.DescriptionEnumValuesList(idp.AutoLinkingOption_name), ValidateDiagFunc: func(value interface{}, path cty.Path) diag.Diagnostics { return helper.EnumValueValidation(AutoLinkingVar, value, idp.AutoLinkingOption_value) From 71095ff6238175285b4ce13c091bf0a5837e7d1b Mon Sep 17 00:00:00 2001 From: Stefan Benz <46600784+stebenz@users.noreply.github.com> Date: Thu, 19 Dec 2024 15:34:20 +0100 Subject: [PATCH 5/5] fix: remove required --- zitadel/idp_utils/schema.go | 1 + 1 file changed, 1 insertion(+) diff --git a/zitadel/idp_utils/schema.go b/zitadel/idp_utils/schema.go index d340420d..ab2a3e21 100644 --- a/zitadel/idp_utils/schema.go +++ b/zitadel/idp_utils/schema.go @@ -118,6 +118,7 @@ var ( } AutoLinkingResourceField = &schema.Schema{ Type: schema.TypeString, + Optional: true, Description: "Enable if users should get prompted to link an existing ZITADEL user to an external account if the selected attribute matches" + helper.DescriptionEnumValuesList(idp.AutoLinkingOption_name), ValidateDiagFunc: func(value interface{}, path cty.Path) diag.Diagnostics { return helper.EnumValueValidation(AutoLinkingVar, value, idp.AutoLinkingOption_value)