Google Cloud v8.23.0, Mar 24 25

Google Cloud v8.23.0 published on Monday, Mar 24, 2025 by Pulumi

gcp.iam.OauthClient

Explore with Pulumi AI

Google Cloud v8.23.0 published on Monday, Mar 24, 2025 by Pulumi

pulumi/pulumi-gcp

Example Usage

Iam Oauth Client Full

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const example = new gcp.iam.OauthClient("example", {
    oauthClientId: "example-client-id",
    displayName: "Display Name of OAuth client",
    description: "A sample OAuth client",
    location: "global",
    disabled: false,
    allowedGrantTypes: ["AUTHORIZATION_CODE_GRANT"],
    allowedRedirectUris: ["https://www.example.com"],
    allowedScopes: ["https://www.googleapis.com/auth/cloud-platform"],
    clientType: "CONFIDENTIAL_CLIENT",
});

import pulumi
import pulumi_gcp as gcp

example = gcp.iam.OauthClient("example",
    oauth_client_id="example-client-id",
    display_name="Display Name of OAuth client",
    description="A sample OAuth client",
    location="global",
    disabled=False,
    allowed_grant_types=["AUTHORIZATION_CODE_GRANT"],
    allowed_redirect_uris=["https://www.example.com"],
    allowed_scopes=["https://www.googleapis.com/auth/cloud-platform"],
    client_type="CONFIDENTIAL_CLIENT")

package main

import (
	"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/iam"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := iam.NewOauthClient(ctx, "example", &iam.OauthClientArgs{
			OauthClientId: pulumi.String("example-client-id"),
			DisplayName:   pulumi.String("Display Name of OAuth client"),
			Description:   pulumi.String("A sample OAuth client"),
			Location:      pulumi.String("global"),
			Disabled:      pulumi.Bool(false),
			AllowedGrantTypes: pulumi.StringArray{
				pulumi.String("AUTHORIZATION_CODE_GRANT"),
			},
			AllowedRedirectUris: pulumi.StringArray{
				pulumi.String("https://www.example.com"),
			},
			AllowedScopes: pulumi.StringArray{
				pulumi.String("https://www.googleapis.com/auth/cloud-platform"),
			},
			ClientType: pulumi.String("CONFIDENTIAL_CLIENT"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Gcp = Pulumi.Gcp;

return await Deployment.RunAsync(() => 
{
    var example = new Gcp.Iam.OauthClient("example", new()
    {
        OauthClientId = "example-client-id",
        DisplayName = "Display Name of OAuth client",
        Description = "A sample OAuth client",
        Location = "global",
        Disabled = false,
        AllowedGrantTypes = new[]
        {
            "AUTHORIZATION_CODE_GRANT",
        },
        AllowedRedirectUris = new[]
        {
            "https://www.example.com",
        },
        AllowedScopes = new[]
        {
            "https://www.googleapis.com/auth/cloud-platform",
        },
        ClientType = "CONFIDENTIAL_CLIENT",
    });

});

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.iam.OauthClient;
import com.pulumi.gcp.iam.OauthClientArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var example = new OauthClient("example", OauthClientArgs.builder()
            .oauthClientId("example-client-id")
            .displayName("Display Name of OAuth client")
            .description("A sample OAuth client")
            .location("global")
            .disabled(false)
            .allowedGrantTypes("AUTHORIZATION_CODE_GRANT")
            .allowedRedirectUris("https://www.example.com")
            .allowedScopes("https://www.googleapis.com/auth/cloud-platform")
            .clientType("CONFIDENTIAL_CLIENT")
            .build());

    }
}

resources:
  example:
    type: gcp:iam:OauthClient
    properties:
      oauthClientId: example-client-id
      displayName: Display Name of OAuth client
      description: A sample OAuth client
      location: global
      disabled: false
      allowedGrantTypes:
        - AUTHORIZATION_CODE_GRANT
      allowedRedirectUris:
        - https://www.example.com
      allowedScopes:
        - https://www.googleapis.com/auth/cloud-platform
      clientType: CONFIDENTIAL_CLIENT

Create OauthClient Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

new OauthClient(name: string, args: OauthClientArgs, opts?: CustomResourceOptions);

@overload
def OauthClient(resource_name: str,
                args: OauthClientArgs,
                opts: Optional[ResourceOptions] = None)

@overload
def OauthClient(resource_name: str,
                opts: Optional[ResourceOptions] = None,
                allowed_grant_types: Optional[Sequence[str]] = None,
                allowed_redirect_uris: Optional[Sequence[str]] = None,
                allowed_scopes: Optional[Sequence[str]] = None,
                location: Optional[str] = None,
                oauth_client_id: Optional[str] = None,
                client_type: Optional[str] = None,
                description: Optional[str] = None,
                disabled: Optional[bool] = None,
                display_name: Optional[str] = None,
                project: Optional[str] = None)

func NewOauthClient(ctx *Context, name string, args OauthClientArgs, opts ...ResourceOption) (*OauthClient, error)

public OauthClient(string name, OauthClientArgs args, CustomResourceOptions? opts = null)

public OauthClient(String name, OauthClientArgs args)
public OauthClient(String name, OauthClientArgs args, CustomResourceOptions options)

type: gcp:iam:OauthClient
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name string: The unique name of the resource.
args OauthClientArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args OauthClientArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args OauthClientArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args OauthClientArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args OauthClientArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

Constructor example

The following reference example uses placeholder values for all input properties.

var oauthClientResource = new Gcp.Iam.OauthClient("oauthClientResource", new()
{
    AllowedGrantTypes = new[]
    {
        "string",
    },
    AllowedRedirectUris = new[]
    {
        "string",
    },
    AllowedScopes = new[]
    {
        "string",
    },
    Location = "string",
    OauthClientId = "string",
    ClientType = "string",
    Description = "string",
    Disabled = false,
    DisplayName = "string",
    Project = "string",
});

example, err := iam.NewOauthClient(ctx, "oauthClientResource", &iam.OauthClientArgs{
	AllowedGrantTypes: pulumi.StringArray{
		pulumi.String("string"),
	},
	AllowedRedirectUris: pulumi.StringArray{
		pulumi.String("string"),
	},
	AllowedScopes: pulumi.StringArray{
		pulumi.String("string"),
	},
	Location:      pulumi.String("string"),
	OauthClientId: pulumi.String("string"),
	ClientType:    pulumi.String("string"),
	Description:   pulumi.String("string"),
	Disabled:      pulumi.Bool(false),
	DisplayName:   pulumi.String("string"),
	Project:       pulumi.String("string"),
})

var oauthClientResource = new OauthClient("oauthClientResource", OauthClientArgs.builder()
    .allowedGrantTypes("string")
    .allowedRedirectUris("string")
    .allowedScopes("string")
    .location("string")
    .oauthClientId("string")
    .clientType("string")
    .description("string")
    .disabled(false)
    .displayName("string")
    .project("string")
    .build());

oauth_client_resource = gcp.iam.OauthClient("oauthClientResource",
    allowed_grant_types=["string"],
    allowed_redirect_uris=["string"],
    allowed_scopes=["string"],
    location="string",
    oauth_client_id="string",
    client_type="string",
    description="string",
    disabled=False,
    display_name="string",
    project="string")

const oauthClientResource = new gcp.iam.OauthClient("oauthClientResource", {
    allowedGrantTypes: ["string"],
    allowedRedirectUris: ["string"],
    allowedScopes: ["string"],
    location: "string",
    oauthClientId: "string",
    clientType: "string",
    description: "string",
    disabled: false,
    displayName: "string",
    project: "string",
});

type: gcp:iam:OauthClient
properties:
    allowedGrantTypes:
        - string
    allowedRedirectUris:
        - string
    allowedScopes:
        - string
    clientType: string
    description: string
    disabled: false
    displayName: string
    location: string
    oauthClientId: string
    project: string

OauthClient Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

The OauthClient resource accepts the following input properties:

AllowedGrantTypes List<string>

Required. The list of OAuth grant types is allowed for the OauthClient.

AllowedRedirectUris List<string>

Required. The list of redirect uris that is allowed to redirect back when authorization process is completed.

AllowedScopes List<string>

Required. The list of scopes that the OauthClient is allowed to request during OAuth flows. The following scopes are supported:

https://www.googleapis.com/auth/cloud-platform: See, edit, configure, and delete your Google Cloud data and see the email address for your Google Account.

Location string

Resource ID segment making up resource name. It identifies the resource within its parent collection as described in https://google.aip.dev/122.

OauthClientId string

Required. The ID to use for the OauthClient, which becomes the final component of the resource name. This value should be a string of 6 to 63 lowercase letters, digits, or hyphens. It must start with a letter, and cannot have a trailing hyphen. The prefix gcp- is reserved for use by Google, and may not be specified.

ClientType string

Immutable. The type of OauthClient. Either public or private. For private clients, the client secret can be managed using the dedicated OauthClientCredential resource. Possible values: CLIENT_TYPE_UNSPECIFIED PUBLIC_CLIENT CONFIDENTIAL_CLIENT

Description string

A user-specified description of the OauthClient. Cannot exceed 256 characters.

Disabled bool

Whether the OauthClient is disabled. You cannot use a disabled OAuth client.

DisplayName string

A user-specified display name of the OauthClient. Cannot exceed 32 characters.

Project string

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

AllowedGrantTypes []string

Required. The list of OAuth grant types is allowed for the OauthClient.

AllowedRedirectUris []string

Required. The list of redirect uris that is allowed to redirect back when authorization process is completed.

AllowedScopes []string

Required. The list of scopes that the OauthClient is allowed to request during OAuth flows. The following scopes are supported:

https://www.googleapis.com/auth/cloud-platform: See, edit, configure, and delete your Google Cloud data and see the email address for your Google Account.

Location string

Resource ID segment making up resource name. It identifies the resource within its parent collection as described in https://google.aip.dev/122.

OauthClientId string

ClientType string

Description string

A user-specified description of the OauthClient. Cannot exceed 256 characters.

Disabled bool

Whether the OauthClient is disabled. You cannot use a disabled OAuth client.

DisplayName string

A user-specified display name of the OauthClient. Cannot exceed 32 characters.

Project string

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

allowedGrantTypes List<String>

Required. The list of OAuth grant types is allowed for the OauthClient.

allowedRedirectUris List<String>

Required. The list of redirect uris that is allowed to redirect back when authorization process is completed.

allowedScopes List<String>

Required. The list of scopes that the OauthClient is allowed to request during OAuth flows. The following scopes are supported:

https://www.googleapis.com/auth/cloud-platform: See, edit, configure, and delete your Google Cloud data and see the email address for your Google Account.

location String

Resource ID segment making up resource name. It identifies the resource within its parent collection as described in https://google.aip.dev/122.

oauthClientId String

clientType String

description String

A user-specified description of the OauthClient. Cannot exceed 256 characters.

disabled Boolean

Whether the OauthClient is disabled. You cannot use a disabled OAuth client.

displayName String

A user-specified display name of the OauthClient. Cannot exceed 32 characters.

project String

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

allowedGrantTypes string[]

Required. The list of OAuth grant types is allowed for the OauthClient.

allowedRedirectUris string[]

Required. The list of redirect uris that is allowed to redirect back when authorization process is completed.

allowedScopes string[]

Required. The list of scopes that the OauthClient is allowed to request during OAuth flows. The following scopes are supported:

https://www.googleapis.com/auth/cloud-platform: See, edit, configure, and delete your Google Cloud data and see the email address for your Google Account.

location string

Resource ID segment making up resource name. It identifies the resource within its parent collection as described in https://google.aip.dev/122.

oauthClientId string

clientType string

description string

A user-specified description of the OauthClient. Cannot exceed 256 characters.

disabled boolean

Whether the OauthClient is disabled. You cannot use a disabled OAuth client.

displayName string

A user-specified display name of the OauthClient. Cannot exceed 32 characters.

project string

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

allowed_grant_types Sequence[str]

Required. The list of OAuth grant types is allowed for the OauthClient.

allowed_redirect_uris Sequence[str]

Required. The list of redirect uris that is allowed to redirect back when authorization process is completed.

allowed_scopes Sequence[str]

Required. The list of scopes that the OauthClient is allowed to request during OAuth flows. The following scopes are supported:

https://www.googleapis.com/auth/cloud-platform: See, edit, configure, and delete your Google Cloud data and see the email address for your Google Account.

location str

Resource ID segment making up resource name. It identifies the resource within its parent collection as described in https://google.aip.dev/122.

oauth_client_id str

client_type str

description str

A user-specified description of the OauthClient. Cannot exceed 256 characters.

disabled bool

Whether the OauthClient is disabled. You cannot use a disabled OAuth client.

display_name str

A user-specified display name of the OauthClient. Cannot exceed 32 characters.

project str

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

allowedGrantTypes List<String>

Required. The list of OAuth grant types is allowed for the OauthClient.

allowedRedirectUris List<String>

Required. The list of redirect uris that is allowed to redirect back when authorization process is completed.

allowedScopes List<String>

Required. The list of scopes that the OauthClient is allowed to request during OAuth flows. The following scopes are supported:

https://www.googleapis.com/auth/cloud-platform: See, edit, configure, and delete your Google Cloud data and see the email address for your Google Account.

location String

Resource ID segment making up resource name. It identifies the resource within its parent collection as described in https://google.aip.dev/122.

oauthClientId String

clientType String

description String

A user-specified description of the OauthClient. Cannot exceed 256 characters.

disabled Boolean

Whether the OauthClient is disabled. You cannot use a disabled OAuth client.

displayName String

A user-specified display name of the OauthClient. Cannot exceed 32 characters.

project String

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

Outputs

All input properties are implicitly available as output properties. Additionally, the OauthClient resource produces the following output properties:

ClientId string: Output only. The system-generated OauthClient id.
ExpireTime string: Time after which the OauthClient will be permanently purged and cannot be recovered.
Id string: The provider-assigned unique ID for this managed resource.
Name string: Immutable. Identifier. The resource name of the OauthClient. Format:projects/{project}/locations/{location}/oauthClients/{oauth_client}.
State string: The state of the OauthClient. Possible values: STATE_UNSPECIFIED ACTIVE DELETED

ClientId string: Output only. The system-generated OauthClient id.
ExpireTime string: Time after which the OauthClient will be permanently purged and cannot be recovered.
Id string: The provider-assigned unique ID for this managed resource.
Name string: Immutable. Identifier. The resource name of the OauthClient. Format:projects/{project}/locations/{location}/oauthClients/{oauth_client}.
State string: The state of the OauthClient. Possible values: STATE_UNSPECIFIED ACTIVE DELETED

clientId String: Output only. The system-generated OauthClient id.
expireTime String: Time after which the OauthClient will be permanently purged and cannot be recovered.
id String: The provider-assigned unique ID for this managed resource.
name String: Immutable. Identifier. The resource name of the OauthClient. Format:projects/{project}/locations/{location}/oauthClients/{oauth_client}.
state String: The state of the OauthClient. Possible values: STATE_UNSPECIFIED ACTIVE DELETED

clientId string: Output only. The system-generated OauthClient id.
expireTime string: Time after which the OauthClient will be permanently purged and cannot be recovered.
id string: The provider-assigned unique ID for this managed resource.
name string: Immutable. Identifier. The resource name of the OauthClient. Format:projects/{project}/locations/{location}/oauthClients/{oauth_client}.
state string: The state of the OauthClient. Possible values: STATE_UNSPECIFIED ACTIVE DELETED

client_id str: Output only. The system-generated OauthClient id.
expire_time str: Time after which the OauthClient will be permanently purged and cannot be recovered.
id str: The provider-assigned unique ID for this managed resource.
name str: Immutable. Identifier. The resource name of the OauthClient. Format:projects/{project}/locations/{location}/oauthClients/{oauth_client}.
state str: The state of the OauthClient. Possible values: STATE_UNSPECIFIED ACTIVE DELETED

clientId String: Output only. The system-generated OauthClient id.
expireTime String: Time after which the OauthClient will be permanently purged and cannot be recovered.
id String: The provider-assigned unique ID for this managed resource.
name String: Immutable. Identifier. The resource name of the OauthClient. Format:projects/{project}/locations/{location}/oauthClients/{oauth_client}.
state String: The state of the OauthClient. Possible values: STATE_UNSPECIFIED ACTIVE DELETED

Look up Existing OauthClient Resource

Get an existing OauthClient resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: OauthClientState, opts?: CustomResourceOptions): OauthClient

@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        allowed_grant_types: Optional[Sequence[str]] = None,
        allowed_redirect_uris: Optional[Sequence[str]] = None,
        allowed_scopes: Optional[Sequence[str]] = None,
        client_id: Optional[str] = None,
        client_type: Optional[str] = None,
        description: Optional[str] = None,
        disabled: Optional[bool] = None,
        display_name: Optional[str] = None,
        expire_time: Optional[str] = None,
        location: Optional[str] = None,
        name: Optional[str] = None,
        oauth_client_id: Optional[str] = None,
        project: Optional[str] = None,
        state: Optional[str] = None) -> OauthClient

func GetOauthClient(ctx *Context, name string, id IDInput, state *OauthClientState, opts ...ResourceOption) (*OauthClient, error)

public static OauthClient Get(string name, Input<string> id, OauthClientState? state, CustomResourceOptions? opts = null)

public static OauthClient get(String name, Output<String> id, OauthClientState state, CustomResourceOptions options)

resources:  _:    type: gcp:iam:OauthClient    get:      id: ${id}

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

AllowedGrantTypes List<string>

Required. The list of OAuth grant types is allowed for the OauthClient.

AllowedRedirectUris List<string>

Required. The list of redirect uris that is allowed to redirect back when authorization process is completed.

AllowedScopes List<string>

Required. The list of scopes that the OauthClient is allowed to request during OAuth flows. The following scopes are supported:

https://www.googleapis.com/auth/cloud-platform: See, edit, configure, and delete your Google Cloud data and see the email address for your Google Account.

ClientId string

Output only. The system-generated OauthClient id.

ClientType string

Description string

A user-specified description of the OauthClient. Cannot exceed 256 characters.

Disabled bool

Whether the OauthClient is disabled. You cannot use a disabled OAuth client.

DisplayName string

A user-specified display name of the OauthClient. Cannot exceed 32 characters.

ExpireTime string

Time after which the OauthClient will be permanently purged and cannot be recovered.

Location string

Resource ID segment making up resource name. It identifies the resource within its parent collection as described in https://google.aip.dev/122.

Name string

Immutable. Identifier. The resource name of the OauthClient. Format:projects/{project}/locations/{location}/oauthClients/{oauth_client}.

OauthClientId string

Project string

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

State string

The state of the OauthClient. Possible values: STATE_UNSPECIFIED ACTIVE DELETED

AllowedGrantTypes []string

Required. The list of OAuth grant types is allowed for the OauthClient.

AllowedRedirectUris []string

Required. The list of redirect uris that is allowed to redirect back when authorization process is completed.

AllowedScopes []string

Required. The list of scopes that the OauthClient is allowed to request during OAuth flows. The following scopes are supported:

https://www.googleapis.com/auth/cloud-platform: See, edit, configure, and delete your Google Cloud data and see the email address for your Google Account.

ClientId string

Output only. The system-generated OauthClient id.

ClientType string

Description string

A user-specified description of the OauthClient. Cannot exceed 256 characters.

Disabled bool

Whether the OauthClient is disabled. You cannot use a disabled OAuth client.

DisplayName string

A user-specified display name of the OauthClient. Cannot exceed 32 characters.

ExpireTime string

Time after which the OauthClient will be permanently purged and cannot be recovered.

Location string

Resource ID segment making up resource name. It identifies the resource within its parent collection as described in https://google.aip.dev/122.

Name string

Immutable. Identifier. The resource name of the OauthClient. Format:projects/{project}/locations/{location}/oauthClients/{oauth_client}.

OauthClientId string

Project string

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

State string

The state of the OauthClient. Possible values: STATE_UNSPECIFIED ACTIVE DELETED

allowedGrantTypes List<String>

Required. The list of OAuth grant types is allowed for the OauthClient.

allowedRedirectUris List<String>

Required. The list of redirect uris that is allowed to redirect back when authorization process is completed.

allowedScopes List<String>

Required. The list of scopes that the OauthClient is allowed to request during OAuth flows. The following scopes are supported:

https://www.googleapis.com/auth/cloud-platform: See, edit, configure, and delete your Google Cloud data and see the email address for your Google Account.

clientId String

Output only. The system-generated OauthClient id.

clientType String

description String

A user-specified description of the OauthClient. Cannot exceed 256 characters.

disabled Boolean

Whether the OauthClient is disabled. You cannot use a disabled OAuth client.

displayName String

A user-specified display name of the OauthClient. Cannot exceed 32 characters.

expireTime String

Time after which the OauthClient will be permanently purged and cannot be recovered.

location String

Resource ID segment making up resource name. It identifies the resource within its parent collection as described in https://google.aip.dev/122.

name String

Immutable. Identifier. The resource name of the OauthClient. Format:projects/{project}/locations/{location}/oauthClients/{oauth_client}.

oauthClientId String

project String

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

state String

The state of the OauthClient. Possible values: STATE_UNSPECIFIED ACTIVE DELETED

allowedGrantTypes string[]

Required. The list of OAuth grant types is allowed for the OauthClient.

allowedRedirectUris string[]

Required. The list of redirect uris that is allowed to redirect back when authorization process is completed.

allowedScopes string[]

Required. The list of scopes that the OauthClient is allowed to request during OAuth flows. The following scopes are supported:

https://www.googleapis.com/auth/cloud-platform: See, edit, configure, and delete your Google Cloud data and see the email address for your Google Account.

clientId string

Output only. The system-generated OauthClient id.

clientType string

description string

A user-specified description of the OauthClient. Cannot exceed 256 characters.

disabled boolean

Whether the OauthClient is disabled. You cannot use a disabled OAuth client.

displayName string

A user-specified display name of the OauthClient. Cannot exceed 32 characters.

expireTime string

Time after which the OauthClient will be permanently purged and cannot be recovered.

location string

Resource ID segment making up resource name. It identifies the resource within its parent collection as described in https://google.aip.dev/122.

name string

Immutable. Identifier. The resource name of the OauthClient. Format:projects/{project}/locations/{location}/oauthClients/{oauth_client}.

oauthClientId string

project string

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

state string

The state of the OauthClient. Possible values: STATE_UNSPECIFIED ACTIVE DELETED

allowed_grant_types Sequence[str]

Required. The list of OAuth grant types is allowed for the OauthClient.

allowed_redirect_uris Sequence[str]

Required. The list of redirect uris that is allowed to redirect back when authorization process is completed.

allowed_scopes Sequence[str]

Required. The list of scopes that the OauthClient is allowed to request during OAuth flows. The following scopes are supported:

https://www.googleapis.com/auth/cloud-platform: See, edit, configure, and delete your Google Cloud data and see the email address for your Google Account.

client_id str

Output only. The system-generated OauthClient id.

client_type str

description str

A user-specified description of the OauthClient. Cannot exceed 256 characters.

disabled bool

Whether the OauthClient is disabled. You cannot use a disabled OAuth client.

display_name str

A user-specified display name of the OauthClient. Cannot exceed 32 characters.

expire_time str

Time after which the OauthClient will be permanently purged and cannot be recovered.

location str

Resource ID segment making up resource name. It identifies the resource within its parent collection as described in https://google.aip.dev/122.

name str

Immutable. Identifier. The resource name of the OauthClient. Format:projects/{project}/locations/{location}/oauthClients/{oauth_client}.

oauth_client_id str

project str

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

state str

The state of the OauthClient. Possible values: STATE_UNSPECIFIED ACTIVE DELETED

allowedGrantTypes List<String>

Required. The list of OAuth grant types is allowed for the OauthClient.

allowedRedirectUris List<String>

Required. The list of redirect uris that is allowed to redirect back when authorization process is completed.

allowedScopes List<String>

Required. The list of scopes that the OauthClient is allowed to request during OAuth flows. The following scopes are supported:

https://www.googleapis.com/auth/cloud-platform: See, edit, configure, and delete your Google Cloud data and see the email address for your Google Account.

clientId String

Output only. The system-generated OauthClient id.

clientType String

description String

A user-specified description of the OauthClient. Cannot exceed 256 characters.

disabled Boolean

Whether the OauthClient is disabled. You cannot use a disabled OAuth client.

displayName String

A user-specified display name of the OauthClient. Cannot exceed 32 characters.

expireTime String

Time after which the OauthClient will be permanently purged and cannot be recovered.

location String

Resource ID segment making up resource name. It identifies the resource within its parent collection as described in https://google.aip.dev/122.

name String

Immutable. Identifier. The resource name of the OauthClient. Format:projects/{project}/locations/{location}/oauthClients/{oauth_client}.

oauthClientId String

project String

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

state String

The state of the OauthClient. Possible values: STATE_UNSPECIFIED ACTIVE DELETED

Import

OauthClient can be imported using any of these accepted formats:

projects/{{project}}/locations/{{location}}/oauthClients/{{oauth_client_id}}
{{project}}/{{location}}/{{oauth_client_id}}
{{location}}/{{oauth_client_id}}

When using the pulumi import command, OauthClient can be imported using one of the formats above. For example:

$ pulumi import gcp:iam/oauthClient:OauthClient default projects/{{project}}/locations/{{location}}/oauthClients/{{oauth_client_id}}

$ pulumi import gcp:iam/oauthClient:OauthClient default {{project}}/{{location}}/{{oauth_client_id}}

$ pulumi import gcp:iam/oauthClient:OauthClient default {{location}}/{{oauth_client_id}}

To learn more about importing existing cloud resources, see Importing resources.

Package Details

Repository: Google Cloud (GCP) Classic pulumi/pulumi-gcp
License: Apache-2.0
Notes: This Pulumi package is based on the google-beta Terraform Provider.

Google Cloud v8.23.0 published on Monday, Mar 24, 2025 by Pulumi

pulumi/pulumi-gcp

gcp.iam.OauthClient

On this page

On this page

Example Usage

Iam Oauth Client Full

Create OauthClient Resource

Constructor syntax

Parameters

Constructor example

OauthClient Resource Properties

Inputs

Outputs

Look up Existing OauthClient Resource

Import

Package Details

On this page

On this page