konnect 2.4.1, Mar 13 25

konnect 2.4.1 published on Thursday, Mar 13, 2025 by kong

konnect.getGatewayPluginUpstreamOauth

Explore with Pulumi AI

konnect 2.4.1 published on Thursday, Mar 13, 2025 by kong

Using getGatewayPluginUpstreamOauth

Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.

function getGatewayPluginUpstreamOauth(args: GetGatewayPluginUpstreamOauthArgs, opts?: InvokeOptions): Promise<GetGatewayPluginUpstreamOauthResult>
function getGatewayPluginUpstreamOauthOutput(args: GetGatewayPluginUpstreamOauthOutputArgs, opts?: InvokeOptions): Output<GetGatewayPluginUpstreamOauthResult>

def get_gateway_plugin_upstream_oauth(control_plane_id: Optional[str] = None,
                                      opts: Optional[InvokeOptions] = None) -> GetGatewayPluginUpstreamOauthResult
def get_gateway_plugin_upstream_oauth_output(control_plane_id: Optional[pulumi.Input[str]] = None,
                                      opts: Optional[InvokeOptions] = None) -> Output[GetGatewayPluginUpstreamOauthResult]

func LookupGatewayPluginUpstreamOauth(ctx *Context, args *LookupGatewayPluginUpstreamOauthArgs, opts ...InvokeOption) (*LookupGatewayPluginUpstreamOauthResult, error)
func LookupGatewayPluginUpstreamOauthOutput(ctx *Context, args *LookupGatewayPluginUpstreamOauthOutputArgs, opts ...InvokeOption) LookupGatewayPluginUpstreamOauthResultOutput

> Note: This function is named LookupGatewayPluginUpstreamOauth in the Go SDK.

public static class GetGatewayPluginUpstreamOauth 
{
    public static Task<GetGatewayPluginUpstreamOauthResult> InvokeAsync(GetGatewayPluginUpstreamOauthArgs args, InvokeOptions? opts = null)
    public static Output<GetGatewayPluginUpstreamOauthResult> Invoke(GetGatewayPluginUpstreamOauthInvokeArgs args, InvokeOptions? opts = null)
}

public static CompletableFuture<GetGatewayPluginUpstreamOauthResult> getGatewayPluginUpstreamOauth(GetGatewayPluginUpstreamOauthArgs args, InvokeOptions options)
public static Output<GetGatewayPluginUpstreamOauthResult> getGatewayPluginUpstreamOauth(GetGatewayPluginUpstreamOauthArgs args, InvokeOptions options)

fn::invoke:
  function: konnect:index/getGatewayPluginUpstreamOauth:getGatewayPluginUpstreamOauth
  arguments:
    # arguments dictionary

The following arguments are supported:

ControlPlaneId string

ControlPlaneId string

controlPlaneId String

controlPlaneId string

control_plane_id str

controlPlaneId String

getGatewayPluginUpstreamOauth Result

The following output properties are available:

Config GetGatewayPluginUpstreamOauthConfig
Consumer GetGatewayPluginUpstreamOauthConsumer
ConsumerGroup GetGatewayPluginUpstreamOauthConsumerGroup
ControlPlaneId string
CreatedAt double
Enabled bool
Id string
InstanceName string
Ordering GetGatewayPluginUpstreamOauthOrdering
Protocols List<string>
Route GetGatewayPluginUpstreamOauthRoute
Service GetGatewayPluginUpstreamOauthService
Tags List<string>
UpdatedAt double

config GetGatewayPluginUpstreamOauthConfig
consumer GetGatewayPluginUpstreamOauthConsumer
consumerGroup GetGatewayPluginUpstreamOauthConsumerGroup
controlPlaneId String
createdAt Double
enabled Boolean
id String
instanceName String
ordering GetGatewayPluginUpstreamOauthOrdering
protocols List<String>
route GetGatewayPluginUpstreamOauthRoute
service GetGatewayPluginUpstreamOauthService
tags List<String>
updatedAt Double

config Property Map
consumer Property Map
consumerGroup Property Map
controlPlaneId String
createdAt Number
enabled Boolean
id String
instanceName String
ordering Property Map
protocols List<String>
route Property Map
service Property Map
tags List<String>
updatedAt Number

Supporting Types

GetGatewayPluginUpstreamOauthConfig

Behavior GetGatewayPluginUpstreamOauthConfigBehavior
Cache GetGatewayPluginUpstreamOauthConfigCache
Client GetGatewayPluginUpstreamOauthConfigClient
Oauth GetGatewayPluginUpstreamOauthConfigOauth

Behavior GetGatewayPluginUpstreamOauthConfigBehavior
Cache GetGatewayPluginUpstreamOauthConfigCache
Client GetGatewayPluginUpstreamOauthConfigClient
Oauth GetGatewayPluginUpstreamOauthConfigOauth

behavior GetGatewayPluginUpstreamOauthConfigBehavior
cache GetGatewayPluginUpstreamOauthConfigCache
client GetGatewayPluginUpstreamOauthConfigClient
oauth GetGatewayPluginUpstreamOauthConfigOauth

behavior GetGatewayPluginUpstreamOauthConfigBehavior
cache GetGatewayPluginUpstreamOauthConfigCache
client GetGatewayPluginUpstreamOauthConfigClient
oauth GetGatewayPluginUpstreamOauthConfigOauth

behavior GetGatewayPluginUpstreamOauthConfigBehavior
cache GetGatewayPluginUpstreamOauthConfigCache
client GetGatewayPluginUpstreamOauthConfigClient
oauth GetGatewayPluginUpstreamOauthConfigOauth

behavior Property Map
cache Property Map
client Property Map
oauth Property Map

GetGatewayPluginUpstreamOauthConfigBehavior

IdpErrorResponseBodyTemplate string: The template to use to create the body of the response to return to the consumer if Kong fails to obtain a token from the IdP.
IdpErrorResponseContentType string: The Content-Type of the response to return to the consumer if Kong fails to obtain a token from the IdP.
IdpErrorResponseMessage string: The message to embed in the body of the response to return to the consumer if Kong fails to obtain a token from the IdP.
IdpErrorResponseStatusCode double: The response code to return to the consumer if Kong fails to obtain a token from the IdP.
PurgeTokenOnUpstreamStatusCodes List<double>: An array of status codes which will force an access token to be purged when returned by the upstream. An empty array will disable this functionality.
UpstreamAccessTokenHeaderName string: The name of the header used to send the access token (obtained from the IdP) to the upstream service.

IdpErrorResponseBodyTemplate string: The template to use to create the body of the response to return to the consumer if Kong fails to obtain a token from the IdP.
IdpErrorResponseContentType string: The Content-Type of the response to return to the consumer if Kong fails to obtain a token from the IdP.
IdpErrorResponseMessage string: The message to embed in the body of the response to return to the consumer if Kong fails to obtain a token from the IdP.
IdpErrorResponseStatusCode float64: The response code to return to the consumer if Kong fails to obtain a token from the IdP.
PurgeTokenOnUpstreamStatusCodes []float64: An array of status codes which will force an access token to be purged when returned by the upstream. An empty array will disable this functionality.
UpstreamAccessTokenHeaderName string: The name of the header used to send the access token (obtained from the IdP) to the upstream service.

idpErrorResponseBodyTemplate String: The template to use to create the body of the response to return to the consumer if Kong fails to obtain a token from the IdP.
idpErrorResponseContentType String: The Content-Type of the response to return to the consumer if Kong fails to obtain a token from the IdP.
idpErrorResponseMessage String: The message to embed in the body of the response to return to the consumer if Kong fails to obtain a token from the IdP.
idpErrorResponseStatusCode Double: The response code to return to the consumer if Kong fails to obtain a token from the IdP.
purgeTokenOnUpstreamStatusCodes List<Double>: An array of status codes which will force an access token to be purged when returned by the upstream. An empty array will disable this functionality.
upstreamAccessTokenHeaderName String: The name of the header used to send the access token (obtained from the IdP) to the upstream service.

idpErrorResponseBodyTemplate string: The template to use to create the body of the response to return to the consumer if Kong fails to obtain a token from the IdP.
idpErrorResponseContentType string: The Content-Type of the response to return to the consumer if Kong fails to obtain a token from the IdP.
idpErrorResponseMessage string: The message to embed in the body of the response to return to the consumer if Kong fails to obtain a token from the IdP.
idpErrorResponseStatusCode number: The response code to return to the consumer if Kong fails to obtain a token from the IdP.
purgeTokenOnUpstreamStatusCodes number[]: An array of status codes which will force an access token to be purged when returned by the upstream. An empty array will disable this functionality.
upstreamAccessTokenHeaderName string: The name of the header used to send the access token (obtained from the IdP) to the upstream service.

idp_error_response_body_template str: The template to use to create the body of the response to return to the consumer if Kong fails to obtain a token from the IdP.
idp_error_response_content_type str: The Content-Type of the response to return to the consumer if Kong fails to obtain a token from the IdP.
idp_error_response_message str: The message to embed in the body of the response to return to the consumer if Kong fails to obtain a token from the IdP.
idp_error_response_status_code float: The response code to return to the consumer if Kong fails to obtain a token from the IdP.
purge_token_on_upstream_status_codes Sequence[float]: An array of status codes which will force an access token to be purged when returned by the upstream. An empty array will disable this functionality.
upstream_access_token_header_name str: The name of the header used to send the access token (obtained from the IdP) to the upstream service.

idpErrorResponseBodyTemplate String: The template to use to create the body of the response to return to the consumer if Kong fails to obtain a token from the IdP.
idpErrorResponseContentType String: The Content-Type of the response to return to the consumer if Kong fails to obtain a token from the IdP.
idpErrorResponseMessage String: The message to embed in the body of the response to return to the consumer if Kong fails to obtain a token from the IdP.
idpErrorResponseStatusCode Number: The response code to return to the consumer if Kong fails to obtain a token from the IdP.
purgeTokenOnUpstreamStatusCodes List<Number>: An array of status codes which will force an access token to be purged when returned by the upstream. An empty array will disable this functionality.
upstreamAccessTokenHeaderName String: The name of the header used to send the access token (obtained from the IdP) to the upstream service.

GetGatewayPluginUpstreamOauthConfigCache

DefaultTtl double: The lifetime of a token without an explicit expires_in value.
EagerlyExpire double: The number of seconds to eagerly expire a cached token. By default, a cached token expires 5 seconds before its lifetime as defined in expires_in.
Memory GetGatewayPluginUpstreamOauthConfigCacheMemory
Redis GetGatewayPluginUpstreamOauthConfigCacheRedis
Strategy string: The method Kong should use to cache tokens issued by the IdP.

DefaultTtl float64: The lifetime of a token without an explicit expires_in value.
EagerlyExpire float64: The number of seconds to eagerly expire a cached token. By default, a cached token expires 5 seconds before its lifetime as defined in expires_in.
Memory GetGatewayPluginUpstreamOauthConfigCacheMemory
Redis GetGatewayPluginUpstreamOauthConfigCacheRedis
Strategy string: The method Kong should use to cache tokens issued by the IdP.

defaultTtl Double: The lifetime of a token without an explicit expires_in value.
eagerlyExpire Double: The number of seconds to eagerly expire a cached token. By default, a cached token expires 5 seconds before its lifetime as defined in expires_in.
memory GetGatewayPluginUpstreamOauthConfigCacheMemory
redis GetGatewayPluginUpstreamOauthConfigCacheRedis
strategy String: The method Kong should use to cache tokens issued by the IdP.

defaultTtl number: The lifetime of a token without an explicit expires_in value.
eagerlyExpire number: The number of seconds to eagerly expire a cached token. By default, a cached token expires 5 seconds before its lifetime as defined in expires_in.
memory GetGatewayPluginUpstreamOauthConfigCacheMemory
redis GetGatewayPluginUpstreamOauthConfigCacheRedis
strategy string: The method Kong should use to cache tokens issued by the IdP.

default_ttl float: The lifetime of a token without an explicit expires_in value.
eagerly_expire float: The number of seconds to eagerly expire a cached token. By default, a cached token expires 5 seconds before its lifetime as defined in expires_in.
memory GetGatewayPluginUpstreamOauthConfigCacheMemory
redis GetGatewayPluginUpstreamOauthConfigCacheRedis
strategy str: The method Kong should use to cache tokens issued by the IdP.

defaultTtl Number: The lifetime of a token without an explicit expires_in value.
eagerlyExpire Number: The number of seconds to eagerly expire a cached token. By default, a cached token expires 5 seconds before its lifetime as defined in expires_in.
memory Property Map
redis Property Map
strategy String: The method Kong should use to cache tokens issued by the IdP.

GetGatewayPluginUpstreamOauthConfigCacheMemory

DictionaryName string: The shared dictionary used by the plugin to cache tokens if config.cache.strategy is set to memory.

DictionaryName string: The shared dictionary used by the plugin to cache tokens if config.cache.strategy is set to memory.

dictionaryName String: The shared dictionary used by the plugin to cache tokens if config.cache.strategy is set to memory.

dictionaryName string: The shared dictionary used by the plugin to cache tokens if config.cache.strategy is set to memory.

dictionary_name str: The shared dictionary used by the plugin to cache tokens if config.cache.strategy is set to memory.

dictionaryName String: The shared dictionary used by the plugin to cache tokens if config.cache.strategy is set to memory.

GetGatewayPluginUpstreamOauthConfigCacheRedis

ClusterMaxRedirections double: Maximum retry attempts for redirection.
ClusterNodes List<GetGatewayPluginUpstreamOauthConfigCacheRedisClusterNode>: Cluster addresses to use for Redis connections when the redis strategy is defined. Defining this field implies using a Redis Cluster. The minimum length of the array is 1 element.
ConnectTimeout double: An integer representing a timeout in milliseconds. Must be between 0 and 2^31-2.
ConnectionIsProxied bool: If the connection to Redis is proxied (e.g. Envoy), set it true. Set the host and port to point to the proxy address.
Database double: Database to use for the Redis connection when using the redis strategy
Host string: A string representing a host name, such as example.com.
KeepaliveBacklog double: Limits the total number of opened connections for a pool. If the connection pool is full, connection queues above the limit go into the backlog queue. If the backlog queue is full, subsequent connect operations fail and return nil. Queued operations (subject to set timeouts) resume once the number of connections in the pool is less than keepalive_pool_size. If latency is high or throughput is low, try increasing this value. Empirically, this value is larger than keepalive_pool_size.
KeepalivePoolSize double: The size limit for every cosocket connection pool associated with every remote server, per worker process. If neither keepalive_pool_size nor keepalive_backlog is specified, no pool is created. If keepalive_pool_size isn't specified but keepalive_backlog is specified, then the pool uses the default value. Try to increase (e.g. 512) this value if latency is high or throughput is low.
Password string: Password to use for Redis connections. If undefined, no AUTH commands are sent to Redis.
Port double: An integer representing a port number between 0 and 65535, inclusive.
ReadTimeout double: An integer representing a timeout in milliseconds. Must be between 0 and 2^31-2.
SendTimeout double: An integer representing a timeout in milliseconds. Must be between 0 and 2^31-2.
SentinelMaster string: Sentinel master to use for Redis connections. Defining this value implies using Redis Sentinel.
SentinelNodes List<GetGatewayPluginUpstreamOauthConfigCacheRedisSentinelNode>: Sentinel node addresses to use for Redis connections when the redis strategy is defined. Defining this field implies using a Redis Sentinel. The minimum length of the array is 1 element.
SentinelPassword string: Sentinel password to authenticate with a Redis Sentinel instance. If undefined, no AUTH commands are sent to Redis Sentinels.
SentinelRole string: Sentinel role to use for Redis connections when the redis strategy is defined. Defining this value implies using Redis Sentinel.
SentinelUsername string: Sentinel username to authenticate with a Redis Sentinel instance. If undefined, ACL authentication won't be performed. This requires Redis v6.2.0+.
ServerName string: A string representing an SNI (server name indication) value for TLS.
Ssl bool: If set to true, uses SSL to connect to Redis.
SslVerify bool: If set to true, verifies the validity of the server SSL certificate. If setting this parameter, also configure lua_ssl_trusted_certificate in kong.conf to specify the CA (or server) certificate used by your Redis server. You may also need to configure lua_ssl_verify_depth accordingly.
Username string: Username to use for Redis connections. If undefined, ACL authentication won't be performed. This requires Redis v6.0.0+. To be compatible with Redis v5.x.y, you can set it to default.

ClusterMaxRedirections float64: Maximum retry attempts for redirection.
ClusterNodes []GetGatewayPluginUpstreamOauthConfigCacheRedisClusterNode: Cluster addresses to use for Redis connections when the redis strategy is defined. Defining this field implies using a Redis Cluster. The minimum length of the array is 1 element.
ConnectTimeout float64: An integer representing a timeout in milliseconds. Must be between 0 and 2^31-2.
ConnectionIsProxied bool: If the connection to Redis is proxied (e.g. Envoy), set it true. Set the host and port to point to the proxy address.
Database float64: Database to use for the Redis connection when using the redis strategy
Host string: A string representing a host name, such as example.com.
KeepaliveBacklog float64: Limits the total number of opened connections for a pool. If the connection pool is full, connection queues above the limit go into the backlog queue. If the backlog queue is full, subsequent connect operations fail and return nil. Queued operations (subject to set timeouts) resume once the number of connections in the pool is less than keepalive_pool_size. If latency is high or throughput is low, try increasing this value. Empirically, this value is larger than keepalive_pool_size.
KeepalivePoolSize float64: The size limit for every cosocket connection pool associated with every remote server, per worker process. If neither keepalive_pool_size nor keepalive_backlog is specified, no pool is created. If keepalive_pool_size isn't specified but keepalive_backlog is specified, then the pool uses the default value. Try to increase (e.g. 512) this value if latency is high or throughput is low.
Password string: Password to use for Redis connections. If undefined, no AUTH commands are sent to Redis.
Port float64: An integer representing a port number between 0 and 65535, inclusive.
ReadTimeout float64: An integer representing a timeout in milliseconds. Must be between 0 and 2^31-2.
SendTimeout float64: An integer representing a timeout in milliseconds. Must be between 0 and 2^31-2.
SentinelMaster string: Sentinel master to use for Redis connections. Defining this value implies using Redis Sentinel.
SentinelNodes []GetGatewayPluginUpstreamOauthConfigCacheRedisSentinelNode: Sentinel node addresses to use for Redis connections when the redis strategy is defined. Defining this field implies using a Redis Sentinel. The minimum length of the array is 1 element.
SentinelPassword string: Sentinel password to authenticate with a Redis Sentinel instance. If undefined, no AUTH commands are sent to Redis Sentinels.
SentinelRole string: Sentinel role to use for Redis connections when the redis strategy is defined. Defining this value implies using Redis Sentinel.
SentinelUsername string: Sentinel username to authenticate with a Redis Sentinel instance. If undefined, ACL authentication won't be performed. This requires Redis v6.2.0+.
ServerName string: A string representing an SNI (server name indication) value for TLS.
Ssl bool: If set to true, uses SSL to connect to Redis.
SslVerify bool: If set to true, verifies the validity of the server SSL certificate. If setting this parameter, also configure lua_ssl_trusted_certificate in kong.conf to specify the CA (or server) certificate used by your Redis server. You may also need to configure lua_ssl_verify_depth accordingly.
Username string: Username to use for Redis connections. If undefined, ACL authentication won't be performed. This requires Redis v6.0.0+. To be compatible with Redis v5.x.y, you can set it to default.

clusterMaxRedirections Double: Maximum retry attempts for redirection.
clusterNodes List<GetGatewayPluginUpstreamOauthConfigCacheRedisClusterNode>: Cluster addresses to use for Redis connections when the redis strategy is defined. Defining this field implies using a Redis Cluster. The minimum length of the array is 1 element.
connectTimeout Double: An integer representing a timeout in milliseconds. Must be between 0 and 2^31-2.
connectionIsProxied Boolean: If the connection to Redis is proxied (e.g. Envoy), set it true. Set the host and port to point to the proxy address.
database Double: Database to use for the Redis connection when using the redis strategy
host String: A string representing a host name, such as example.com.
keepaliveBacklog Double: Limits the total number of opened connections for a pool. If the connection pool is full, connection queues above the limit go into the backlog queue. If the backlog queue is full, subsequent connect operations fail and return nil. Queued operations (subject to set timeouts) resume once the number of connections in the pool is less than keepalive_pool_size. If latency is high or throughput is low, try increasing this value. Empirically, this value is larger than keepalive_pool_size.
keepalivePoolSize Double: The size limit for every cosocket connection pool associated with every remote server, per worker process. If neither keepalive_pool_size nor keepalive_backlog is specified, no pool is created. If keepalive_pool_size isn't specified but keepalive_backlog is specified, then the pool uses the default value. Try to increase (e.g. 512) this value if latency is high or throughput is low.
password String: Password to use for Redis connections. If undefined, no AUTH commands are sent to Redis.
port Double: An integer representing a port number between 0 and 65535, inclusive.
readTimeout Double: An integer representing a timeout in milliseconds. Must be between 0 and 2^31-2.
sendTimeout Double: An integer representing a timeout in milliseconds. Must be between 0 and 2^31-2.
sentinelMaster String: Sentinel master to use for Redis connections. Defining this value implies using Redis Sentinel.
sentinelNodes List<GetGatewayPluginUpstreamOauthConfigCacheRedisSentinelNode>: Sentinel node addresses to use for Redis connections when the redis strategy is defined. Defining this field implies using a Redis Sentinel. The minimum length of the array is 1 element.
sentinelPassword String: Sentinel password to authenticate with a Redis Sentinel instance. If undefined, no AUTH commands are sent to Redis Sentinels.
sentinelRole String: Sentinel role to use for Redis connections when the redis strategy is defined. Defining this value implies using Redis Sentinel.
sentinelUsername String: Sentinel username to authenticate with a Redis Sentinel instance. If undefined, ACL authentication won't be performed. This requires Redis v6.2.0+.
serverName String: A string representing an SNI (server name indication) value for TLS.
ssl Boolean: If set to true, uses SSL to connect to Redis.
sslVerify Boolean: If set to true, verifies the validity of the server SSL certificate. If setting this parameter, also configure lua_ssl_trusted_certificate in kong.conf to specify the CA (or server) certificate used by your Redis server. You may also need to configure lua_ssl_verify_depth accordingly.
username String: Username to use for Redis connections. If undefined, ACL authentication won't be performed. This requires Redis v6.0.0+. To be compatible with Redis v5.x.y, you can set it to default.

clusterMaxRedirections number: Maximum retry attempts for redirection.
clusterNodes GetGatewayPluginUpstreamOauthConfigCacheRedisClusterNode[]: Cluster addresses to use for Redis connections when the redis strategy is defined. Defining this field implies using a Redis Cluster. The minimum length of the array is 1 element.
connectTimeout number: An integer representing a timeout in milliseconds. Must be between 0 and 2^31-2.
connectionIsProxied boolean: If the connection to Redis is proxied (e.g. Envoy), set it true. Set the host and port to point to the proxy address.
database number: Database to use for the Redis connection when using the redis strategy
host string: A string representing a host name, such as example.com.
keepaliveBacklog number: Limits the total number of opened connections for a pool. If the connection pool is full, connection queues above the limit go into the backlog queue. If the backlog queue is full, subsequent connect operations fail and return nil. Queued operations (subject to set timeouts) resume once the number of connections in the pool is less than keepalive_pool_size. If latency is high or throughput is low, try increasing this value. Empirically, this value is larger than keepalive_pool_size.
keepalivePoolSize number: The size limit for every cosocket connection pool associated with every remote server, per worker process. If neither keepalive_pool_size nor keepalive_backlog is specified, no pool is created. If keepalive_pool_size isn't specified but keepalive_backlog is specified, then the pool uses the default value. Try to increase (e.g. 512) this value if latency is high or throughput is low.
password string: Password to use for Redis connections. If undefined, no AUTH commands are sent to Redis.
port number: An integer representing a port number between 0 and 65535, inclusive.
readTimeout number: An integer representing a timeout in milliseconds. Must be between 0 and 2^31-2.
sendTimeout number: An integer representing a timeout in milliseconds. Must be between 0 and 2^31-2.
sentinelMaster string: Sentinel master to use for Redis connections. Defining this value implies using Redis Sentinel.
sentinelNodes GetGatewayPluginUpstreamOauthConfigCacheRedisSentinelNode[]: Sentinel node addresses to use for Redis connections when the redis strategy is defined. Defining this field implies using a Redis Sentinel. The minimum length of the array is 1 element.
sentinelPassword string: Sentinel password to authenticate with a Redis Sentinel instance. If undefined, no AUTH commands are sent to Redis Sentinels.
sentinelRole string: Sentinel role to use for Redis connections when the redis strategy is defined. Defining this value implies using Redis Sentinel.
sentinelUsername string: Sentinel username to authenticate with a Redis Sentinel instance. If undefined, ACL authentication won't be performed. This requires Redis v6.2.0+.
serverName string: A string representing an SNI (server name indication) value for TLS.
ssl boolean: If set to true, uses SSL to connect to Redis.
sslVerify boolean: If set to true, verifies the validity of the server SSL certificate. If setting this parameter, also configure lua_ssl_trusted_certificate in kong.conf to specify the CA (or server) certificate used by your Redis server. You may also need to configure lua_ssl_verify_depth accordingly.
username string: Username to use for Redis connections. If undefined, ACL authentication won't be performed. This requires Redis v6.0.0+. To be compatible with Redis v5.x.y, you can set it to default.

cluster_max_redirections float: Maximum retry attempts for redirection.
cluster_nodes Sequence[GetGatewayPluginUpstreamOauthConfigCacheRedisClusterNode]: Cluster addresses to use for Redis connections when the redis strategy is defined. Defining this field implies using a Redis Cluster. The minimum length of the array is 1 element.
connect_timeout float: An integer representing a timeout in milliseconds. Must be between 0 and 2^31-2.
connection_is_proxied bool: If the connection to Redis is proxied (e.g. Envoy), set it true. Set the host and port to point to the proxy address.
database float: Database to use for the Redis connection when using the redis strategy
host str: A string representing a host name, such as example.com.
keepalive_backlog float: Limits the total number of opened connections for a pool. If the connection pool is full, connection queues above the limit go into the backlog queue. If the backlog queue is full, subsequent connect operations fail and return nil. Queued operations (subject to set timeouts) resume once the number of connections in the pool is less than keepalive_pool_size. If latency is high or throughput is low, try increasing this value. Empirically, this value is larger than keepalive_pool_size.
keepalive_pool_size float: The size limit for every cosocket connection pool associated with every remote server, per worker process. If neither keepalive_pool_size nor keepalive_backlog is specified, no pool is created. If keepalive_pool_size isn't specified but keepalive_backlog is specified, then the pool uses the default value. Try to increase (e.g. 512) this value if latency is high or throughput is low.
password str: Password to use for Redis connections. If undefined, no AUTH commands are sent to Redis.
port float: An integer representing a port number between 0 and 65535, inclusive.
read_timeout float: An integer representing a timeout in milliseconds. Must be between 0 and 2^31-2.
send_timeout float: An integer representing a timeout in milliseconds. Must be between 0 and 2^31-2.
sentinel_master str: Sentinel master to use for Redis connections. Defining this value implies using Redis Sentinel.
sentinel_nodes Sequence[GetGatewayPluginUpstreamOauthConfigCacheRedisSentinelNode]: Sentinel node addresses to use for Redis connections when the redis strategy is defined. Defining this field implies using a Redis Sentinel. The minimum length of the array is 1 element.
sentinel_password str: Sentinel password to authenticate with a Redis Sentinel instance. If undefined, no AUTH commands are sent to Redis Sentinels.
sentinel_role str: Sentinel role to use for Redis connections when the redis strategy is defined. Defining this value implies using Redis Sentinel.
sentinel_username str: Sentinel username to authenticate with a Redis Sentinel instance. If undefined, ACL authentication won't be performed. This requires Redis v6.2.0+.
server_name str: A string representing an SNI (server name indication) value for TLS.
ssl bool: If set to true, uses SSL to connect to Redis.
ssl_verify bool: If set to true, verifies the validity of the server SSL certificate. If setting this parameter, also configure lua_ssl_trusted_certificate in kong.conf to specify the CA (or server) certificate used by your Redis server. You may also need to configure lua_ssl_verify_depth accordingly.
username str: Username to use for Redis connections. If undefined, ACL authentication won't be performed. This requires Redis v6.0.0+. To be compatible with Redis v5.x.y, you can set it to default.

clusterMaxRedirections Number: Maximum retry attempts for redirection.
clusterNodes List<Property Map>: Cluster addresses to use for Redis connections when the redis strategy is defined. Defining this field implies using a Redis Cluster. The minimum length of the array is 1 element.
connectTimeout Number: An integer representing a timeout in milliseconds. Must be between 0 and 2^31-2.
connectionIsProxied Boolean: If the connection to Redis is proxied (e.g. Envoy), set it true. Set the host and port to point to the proxy address.
database Number: Database to use for the Redis connection when using the redis strategy
host String: A string representing a host name, such as example.com.
keepaliveBacklog Number: Limits the total number of opened connections for a pool. If the connection pool is full, connection queues above the limit go into the backlog queue. If the backlog queue is full, subsequent connect operations fail and return nil. Queued operations (subject to set timeouts) resume once the number of connections in the pool is less than keepalive_pool_size. If latency is high or throughput is low, try increasing this value. Empirically, this value is larger than keepalive_pool_size.
keepalivePoolSize Number: The size limit for every cosocket connection pool associated with every remote server, per worker process. If neither keepalive_pool_size nor keepalive_backlog is specified, no pool is created. If keepalive_pool_size isn't specified but keepalive_backlog is specified, then the pool uses the default value. Try to increase (e.g. 512) this value if latency is high or throughput is low.
password String: Password to use for Redis connections. If undefined, no AUTH commands are sent to Redis.
port Number: An integer representing a port number between 0 and 65535, inclusive.
readTimeout Number: An integer representing a timeout in milliseconds. Must be between 0 and 2^31-2.
sendTimeout Number: An integer representing a timeout in milliseconds. Must be between 0 and 2^31-2.
sentinelMaster String: Sentinel master to use for Redis connections. Defining this value implies using Redis Sentinel.
sentinelNodes List<Property Map>: Sentinel node addresses to use for Redis connections when the redis strategy is defined. Defining this field implies using a Redis Sentinel. The minimum length of the array is 1 element.
sentinelPassword String: Sentinel password to authenticate with a Redis Sentinel instance. If undefined, no AUTH commands are sent to Redis Sentinels.
sentinelRole String: Sentinel role to use for Redis connections when the redis strategy is defined. Defining this value implies using Redis Sentinel.
sentinelUsername String: Sentinel username to authenticate with a Redis Sentinel instance. If undefined, ACL authentication won't be performed. This requires Redis v6.2.0+.
serverName String: A string representing an SNI (server name indication) value for TLS.
ssl Boolean: If set to true, uses SSL to connect to Redis.
sslVerify Boolean: If set to true, verifies the validity of the server SSL certificate. If setting this parameter, also configure lua_ssl_trusted_certificate in kong.conf to specify the CA (or server) certificate used by your Redis server. You may also need to configure lua_ssl_verify_depth accordingly.
username String: Username to use for Redis connections. If undefined, ACL authentication won't be performed. This requires Redis v6.0.0+. To be compatible with Redis v5.x.y, you can set it to default.

GetGatewayPluginUpstreamOauthConfigCacheRedisClusterNode

Ip string: A string representing a host name, such as example.com.
Port double: An integer representing a port number between 0 and 65535, inclusive.

Ip string: A string representing a host name, such as example.com.
Port float64: An integer representing a port number between 0 and 65535, inclusive.

ip String: A string representing a host name, such as example.com.
port Double: An integer representing a port number between 0 and 65535, inclusive.

ip string: A string representing a host name, such as example.com.
port number: An integer representing a port number between 0 and 65535, inclusive.

ip str: A string representing a host name, such as example.com.
port float: An integer representing a port number between 0 and 65535, inclusive.

ip String: A string representing a host name, such as example.com.
port Number: An integer representing a port number between 0 and 65535, inclusive.

GetGatewayPluginUpstreamOauthConfigCacheRedisSentinelNode

Host string: A string representing a host name, such as example.com.
Port double: An integer representing a port number between 0 and 65535, inclusive.

Host string: A string representing a host name, such as example.com.
Port float64: An integer representing a port number between 0 and 65535, inclusive.

host String: A string representing a host name, such as example.com.
port Double: An integer representing a port number between 0 and 65535, inclusive.

host string: A string representing a host name, such as example.com.
port number: An integer representing a port number between 0 and 65535, inclusive.

host str: A string representing a host name, such as example.com.
port float: An integer representing a port number between 0 and 65535, inclusive.

host String: A string representing a host name, such as example.com.
port Number: An integer representing a port number between 0 and 65535, inclusive.

GetGatewayPluginUpstreamOauthConfigClient

AuthMethod string: The authentication method used in client requests to the IdP. Supported values are: client_secret_basic to send client_id and client_secret in the Authorization: Basic header, client_secret_post to send client_id and client_secret as part of the request body, or client_secret_jwt to send a JWT signed with the client_secret using the client assertion as part of the body.
ClientSecretJwtAlg string: The algorithm to use with JWT when using client_secret_jwt authentication.
HttpProxy string: The proxy to use when making HTTP requests to the IdP.
HttpProxyAuthorization string: The Proxy-Authorization header value to be used with http_proxy.
HttpVersion double: The HTTP version used for requests made by this plugin. Supported values: 1.1 for HTTP 1.1 and 1.0 for HTTP 1.0.
HttpsProxy string: The proxy to use when making HTTPS requests to the IdP.
HttpsProxyAuthorization string: The Proxy-Authorization header value to be used with https_proxy.
KeepAlive bool: Whether to use keepalive connections to the IdP.
NoProxy string: A comma-separated list of hosts that should not be proxied.
SslVerify bool: Whether to verify the certificate presented by the IdP when using HTTPS.
Timeout double: Network I/O timeout for requests to the IdP in milliseconds.

AuthMethod string: The authentication method used in client requests to the IdP. Supported values are: client_secret_basic to send client_id and client_secret in the Authorization: Basic header, client_secret_post to send client_id and client_secret as part of the request body, or client_secret_jwt to send a JWT signed with the client_secret using the client assertion as part of the body.
ClientSecretJwtAlg string: The algorithm to use with JWT when using client_secret_jwt authentication.
HttpProxy string: The proxy to use when making HTTP requests to the IdP.
HttpProxyAuthorization string: The Proxy-Authorization header value to be used with http_proxy.
HttpVersion float64: The HTTP version used for requests made by this plugin. Supported values: 1.1 for HTTP 1.1 and 1.0 for HTTP 1.0.
HttpsProxy string: The proxy to use when making HTTPS requests to the IdP.
HttpsProxyAuthorization string: The Proxy-Authorization header value to be used with https_proxy.
KeepAlive bool: Whether to use keepalive connections to the IdP.
NoProxy string: A comma-separated list of hosts that should not be proxied.
SslVerify bool: Whether to verify the certificate presented by the IdP when using HTTPS.
Timeout float64: Network I/O timeout for requests to the IdP in milliseconds.

authMethod String: The authentication method used in client requests to the IdP. Supported values are: client_secret_basic to send client_id and client_secret in the Authorization: Basic header, client_secret_post to send client_id and client_secret as part of the request body, or client_secret_jwt to send a JWT signed with the client_secret using the client assertion as part of the body.
clientSecretJwtAlg String: The algorithm to use with JWT when using client_secret_jwt authentication.
httpProxy String: The proxy to use when making HTTP requests to the IdP.
httpProxyAuthorization String: The Proxy-Authorization header value to be used with http_proxy.
httpVersion Double: The HTTP version used for requests made by this plugin. Supported values: 1.1 for HTTP 1.1 and 1.0 for HTTP 1.0.
httpsProxy String: The proxy to use when making HTTPS requests to the IdP.
httpsProxyAuthorization String: The Proxy-Authorization header value to be used with https_proxy.
keepAlive Boolean: Whether to use keepalive connections to the IdP.
noProxy String: A comma-separated list of hosts that should not be proxied.
sslVerify Boolean: Whether to verify the certificate presented by the IdP when using HTTPS.
timeout Double: Network I/O timeout for requests to the IdP in milliseconds.

authMethod string: The authentication method used in client requests to the IdP. Supported values are: client_secret_basic to send client_id and client_secret in the Authorization: Basic header, client_secret_post to send client_id and client_secret as part of the request body, or client_secret_jwt to send a JWT signed with the client_secret using the client assertion as part of the body.
clientSecretJwtAlg string: The algorithm to use with JWT when using client_secret_jwt authentication.
httpProxy string: The proxy to use when making HTTP requests to the IdP.
httpProxyAuthorization string: The Proxy-Authorization header value to be used with http_proxy.
httpVersion number: The HTTP version used for requests made by this plugin. Supported values: 1.1 for HTTP 1.1 and 1.0 for HTTP 1.0.
httpsProxy string: The proxy to use when making HTTPS requests to the IdP.
httpsProxyAuthorization string: The Proxy-Authorization header value to be used with https_proxy.
keepAlive boolean: Whether to use keepalive connections to the IdP.
noProxy string: A comma-separated list of hosts that should not be proxied.
sslVerify boolean: Whether to verify the certificate presented by the IdP when using HTTPS.
timeout number: Network I/O timeout for requests to the IdP in milliseconds.

auth_method str: The authentication method used in client requests to the IdP. Supported values are: client_secret_basic to send client_id and client_secret in the Authorization: Basic header, client_secret_post to send client_id and client_secret as part of the request body, or client_secret_jwt to send a JWT signed with the client_secret using the client assertion as part of the body.
client_secret_jwt_alg str: The algorithm to use with JWT when using client_secret_jwt authentication.
http_proxy str: The proxy to use when making HTTP requests to the IdP.
http_proxy_authorization str: The Proxy-Authorization header value to be used with http_proxy.
http_version float: The HTTP version used for requests made by this plugin. Supported values: 1.1 for HTTP 1.1 and 1.0 for HTTP 1.0.
https_proxy str: The proxy to use when making HTTPS requests to the IdP.
https_proxy_authorization str: The Proxy-Authorization header value to be used with https_proxy.
keep_alive bool: Whether to use keepalive connections to the IdP.
no_proxy str: A comma-separated list of hosts that should not be proxied.
ssl_verify bool: Whether to verify the certificate presented by the IdP when using HTTPS.
timeout float: Network I/O timeout for requests to the IdP in milliseconds.

authMethod String: The authentication method used in client requests to the IdP. Supported values are: client_secret_basic to send client_id and client_secret in the Authorization: Basic header, client_secret_post to send client_id and client_secret as part of the request body, or client_secret_jwt to send a JWT signed with the client_secret using the client assertion as part of the body.
clientSecretJwtAlg String: The algorithm to use with JWT when using client_secret_jwt authentication.
httpProxy String: The proxy to use when making HTTP requests to the IdP.
httpProxyAuthorization String: The Proxy-Authorization header value to be used with http_proxy.
httpVersion Number: The HTTP version used for requests made by this plugin. Supported values: 1.1 for HTTP 1.1 and 1.0 for HTTP 1.0.
httpsProxy String: The proxy to use when making HTTPS requests to the IdP.
httpsProxyAuthorization String: The Proxy-Authorization header value to be used with https_proxy.
keepAlive Boolean: Whether to use keepalive connections to the IdP.
noProxy String: A comma-separated list of hosts that should not be proxied.
sslVerify Boolean: Whether to verify the certificate presented by the IdP when using HTTPS.
timeout Number: Network I/O timeout for requests to the IdP in milliseconds.

GetGatewayPluginUpstreamOauthConfigOauth

Audiences List<string>: List of audiences passed to the IdP when obtaining a new token.
ClientId string: The client ID for the application registration in the IdP.
ClientSecret string: The client secret for the application registration in the IdP.
GrantType string: The OAuth grant type to be used.
Password string: The password to use if config.oauth.grant_type is set to password.
Scopes List<string>: List of scopes to request from the IdP when obtaining a new token.
TokenEndpoint string: The token endpoint URI.
TokenHeaders Dictionary<string, string>: Extra headers to be passed in the token endpoint request.
TokenPostArgs Dictionary<string, string>: Extra post arguments to be passed in the token endpoint request.
Username string: The username to use if config.oauth.grant_type is set to password.

Audiences []string: List of audiences passed to the IdP when obtaining a new token.
ClientId string: The client ID for the application registration in the IdP.
ClientSecret string: The client secret for the application registration in the IdP.
GrantType string: The OAuth grant type to be used.
Password string: The password to use if config.oauth.grant_type is set to password.
Scopes []string: List of scopes to request from the IdP when obtaining a new token.
TokenEndpoint string: The token endpoint URI.
TokenHeaders map[string]string: Extra headers to be passed in the token endpoint request.
TokenPostArgs map[string]string: Extra post arguments to be passed in the token endpoint request.
Username string: The username to use if config.oauth.grant_type is set to password.

audiences List<String>: List of audiences passed to the IdP when obtaining a new token.
clientId String: The client ID for the application registration in the IdP.
clientSecret String: The client secret for the application registration in the IdP.
grantType String: The OAuth grant type to be used.
password String: The password to use if config.oauth.grant_type is set to password.
scopes List<String>: List of scopes to request from the IdP when obtaining a new token.
tokenEndpoint String: The token endpoint URI.
tokenHeaders Map<String,String>: Extra headers to be passed in the token endpoint request.
tokenPostArgs Map<String,String>: Extra post arguments to be passed in the token endpoint request.
username String: The username to use if config.oauth.grant_type is set to password.

audiences string[]: List of audiences passed to the IdP when obtaining a new token.
clientId string: The client ID for the application registration in the IdP.
clientSecret string: The client secret for the application registration in the IdP.
grantType string: The OAuth grant type to be used.
password string: The password to use if config.oauth.grant_type is set to password.
scopes string[]: List of scopes to request from the IdP when obtaining a new token.
tokenEndpoint string: The token endpoint URI.
tokenHeaders {[key: string]: string}: Extra headers to be passed in the token endpoint request.
tokenPostArgs {[key: string]: string}: Extra post arguments to be passed in the token endpoint request.
username string: The username to use if config.oauth.grant_type is set to password.

audiences Sequence[str]: List of audiences passed to the IdP when obtaining a new token.
client_id str: The client ID for the application registration in the IdP.
client_secret str: The client secret for the application registration in the IdP.
grant_type str: The OAuth grant type to be used.
password str: The password to use if config.oauth.grant_type is set to password.
scopes Sequence[str]: List of scopes to request from the IdP when obtaining a new token.
token_endpoint str: The token endpoint URI.
token_headers Mapping[str, str]: Extra headers to be passed in the token endpoint request.
token_post_args Mapping[str, str]: Extra post arguments to be passed in the token endpoint request.
username str: The username to use if config.oauth.grant_type is set to password.

audiences List<String>: List of audiences passed to the IdP when obtaining a new token.
clientId String: The client ID for the application registration in the IdP.
clientSecret String: The client secret for the application registration in the IdP.
grantType String: The OAuth grant type to be used.
password String: The password to use if config.oauth.grant_type is set to password.
scopes List<String>: List of scopes to request from the IdP when obtaining a new token.
tokenEndpoint String: The token endpoint URI.
tokenHeaders Map<String>: Extra headers to be passed in the token endpoint request.
tokenPostArgs Map<String>: Extra post arguments to be passed in the token endpoint request.
username String: The username to use if config.oauth.grant_type is set to password.

GetGatewayPluginUpstreamOauthConsumer

Id string

Id string

id String

id string

id str

id String

GetGatewayPluginUpstreamOauthConsumerGroup

Id string

Id string

id String

id string

id str

id String

GetGatewayPluginUpstreamOauthOrdering

After GetGatewayPluginUpstreamOauthOrderingAfter
Before GetGatewayPluginUpstreamOauthOrderingBefore

After GetGatewayPluginUpstreamOauthOrderingAfter
Before GetGatewayPluginUpstreamOauthOrderingBefore

after GetGatewayPluginUpstreamOauthOrderingAfter
before GetGatewayPluginUpstreamOauthOrderingBefore

after GetGatewayPluginUpstreamOauthOrderingAfter
before GetGatewayPluginUpstreamOauthOrderingBefore

after GetGatewayPluginUpstreamOauthOrderingAfter
before GetGatewayPluginUpstreamOauthOrderingBefore

after Property Map
before Property Map

GetGatewayPluginUpstreamOauthOrderingAfter

Accesses List<string>

Accesses []string

accesses List<String>

accesses string[]

accesses Sequence[str]

accesses List<String>

GetGatewayPluginUpstreamOauthOrderingBefore

Accesses List<string>

Accesses []string

accesses List<String>

accesses string[]

accesses Sequence[str]

accesses List<String>

GetGatewayPluginUpstreamOauthRoute

Id string

Id string

id String

id string

id str

id String

GetGatewayPluginUpstreamOauthService

Id string

Id string

id String

id string

id str

id String

Package Details

Repository: konnect kong/terraform-provider-konnect
License
Notes: This Pulumi package is based on the konnect Terraform Provider.

konnect 2.4.1 published on Thursday, Mar 13, 2025 by kong

kong/terraform-provider-konnect

konnect.getGatewayPluginUpstreamOauth

On this page

On this page

Using getGatewayPluginUpstreamOauth

getGatewayPluginUpstreamOauth Result

Supporting Types

GetGatewayPluginUpstreamOauthConfig

GetGatewayPluginUpstreamOauthConfigBehavior

GetGatewayPluginUpstreamOauthConfigCache

GetGatewayPluginUpstreamOauthConfigCacheMemory

GetGatewayPluginUpstreamOauthConfigCacheRedis

GetGatewayPluginUpstreamOauthConfigCacheRedisClusterNode

GetGatewayPluginUpstreamOauthConfigCacheRedisSentinelNode

GetGatewayPluginUpstreamOauthConfigClient

GetGatewayPluginUpstreamOauthConfigOauth

GetGatewayPluginUpstreamOauthConsumer

GetGatewayPluginUpstreamOauthConsumerGroup

GetGatewayPluginUpstreamOauthOrdering

GetGatewayPluginUpstreamOauthOrderingAfter

GetGatewayPluginUpstreamOauthOrderingBefore

GetGatewayPluginUpstreamOauthRoute

GetGatewayPluginUpstreamOauthService

Package Details

On this page

On this page