fukuops/tofu/modules/authentik-oidc/vars.tf

variable "app_name" {
  description = "App name"
  type        = string
}

variable "app_slug" {
  description = "App slug, a human-readable URL identifier, e.g.: Google -> google"
  type        = string
}

variable "client_id" {
  description = "Client ID"
  type        = string
}

variable "client_secret" {
  description = "Client secret"
  type        = string
}

variable "client_type" {
  type    = string
  default = "confidential"

  validation {
    condition     = contains(["confidential", "public"], var.client_type)
    error_message = "client_type must be 'confidential' or 'public'"
  }
}

variable "app_access_group_id" {
  description = "ID of a group which will have access to the app"
  type        = string
}

variable "redirect_uris" {
  description = "List of URIs allowed to redirect to"
  type        = list(string)
}

variable "sub_mode" {
  type    = string
  default = "user_username"

  validation {
    condition     = contains(["user_id", "user_username", "hashed_user_id"], var.sub_mode)
    error_message = "sub_mode must be 'user_id', 'user_username' or 'hashed_user_id'"
  }
}

variable "oidc_signing_key" {
  type        = string
  description = "Signing key"
  default     = "c4ff5edf-3cad-4093-9326-44fea088e670"
}

variable "open_in_new_tab" {
  type        = bool
  description = "Open apps in a new tab"
  default     = true
}

variable "app_icon" {
  type    = string
  default = ""
}

variable "app_description" {
  type    = string
  default = ""
}

variable "app_publisher" {
  type    = string
  default = ""
}

variable "app_url" {
  type    = string
  default = ""
}

variable "access_code_validity" {
  type    = string
  default = "minutes=1"
}

variable "access_token_validity" {
  type    = string
  default = "minutes=10"
}

variable "extra_property_mappings" {
  type    = list(string)
  default = []
}