# CRD validation schema generated by solo-kit. DO NOT EDIT. apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: name: authconfigs.enterprise.gloo.solo.io spec: group: enterprise.gloo.solo.io names: categories: - solo-io - gloo-gateway kind: AuthConfig listKind: AuthConfigList plural: authconfigs shortNames: - ac - gac singular: authconfig scope: Namespaced versions: - name: v1 schema: openAPIV3Schema: properties: spec: properties: booleanExpr: nullable: true type: string configs: items: properties: apiKeyAuth: properties: aerospikeApikeyStorage: properties: allowInsecure: type: boolean batchSize: format: int32 type: integer certPath: type: string commitAll: maximum: 4294967295 minimum: 0 type: integer commitMaster: maximum: 4294967295 minimum: 0 type: integer hostname: type: string keyPath: type: string labelSelector: additionalProperties: type: string type: object namespace: type: string nodeTlsName: type: string port: format: int32 type: integer readModeAp: properties: readModeApAll: maximum: 4294967295 minimum: 0 type: integer readModeApOne: maximum: 4294967295 minimum: 0 type: integer type: object readModeSc: properties: readModeScAllowUnavailable: maximum: 4294967295 minimum: 0 type: integer readModeScLinearize: maximum: 4294967295 minimum: 0 type: integer readModeScReplica: maximum: 4294967295 minimum: 0 type: integer readModeScSession: maximum: 4294967295 minimum: 0 type: integer type: object rootCaPath: type: string set: type: string tlsCurveGroups: items: properties: curveP256: maximum: 4294967295 minimum: 0 type: integer curveP384: maximum: 4294967295 minimum: 0 type: integer curveP521: maximum: 4294967295 minimum: 0 type: integer x25519: maximum: 4294967295 minimum: 0 type: integer type: object type: array tlsVersion: type: string type: object apiKeySecretRefs: items: properties: name: type: string namespace: type: string type: object type: array digest: properties: algorithm: type: string x-kubernetes-int-or-string: true type: object headerName: type: string headersFromMetadata: additionalProperties: properties: name: type: string required: type: boolean type: object type: object headersFromMetadataEntry: additionalProperties: properties: name: type: string required: type: boolean type: object type: object hmac: properties: algorithm: type: string x-kubernetes-int-or-string: true sharedSecretRef: properties: name: type: string namespace: type: string type: object type: object k8sSecretApikeyStorage: properties: apiKeySecretRefs: items: properties: name: type: string namespace: type: string type: object type: array labelSelector: additionalProperties: type: string type: object type: object labelSelector: additionalProperties: type: string type: object match: properties: headers: items: properties: name: type: string type: object type: array type: object skipMetadataValidation: type: boolean type: object basicAuth: properties: apr: properties: users: additionalProperties: properties: hashedPassword: type: string salt: type: string type: object type: object type: object encryption: properties: apr: type: object sha1: type: object type: object realm: type: string userList: properties: users: additionalProperties: properties: hashedPassword: type: string salt: type: string type: object type: object type: object type: object hmacAuth: properties: parametersInHeaders: type: object secretRefs: properties: secretRefs: items: properties: name: type: string namespace: type: string type: object type: array required: - secretRefs type: object required: - secretRefs type: object jwt: maxProperties: 0 type: object ldap: properties: address: type: string allowedGroups: items: type: string type: array disableGroupChecking: type: boolean groupLookupSettings: properties: checkGroupsWithServiceAccount: type: boolean credentialsSecretRef: properties: name: type: string namespace: type: string type: object type: object membershipAttributeName: type: string pool: properties: initialSize: maximum: 4294967295 minimum: 0 nullable: true type: integer maxSize: maximum: 4294967295 minimum: 0 nullable: true type: integer type: object searchFilter: type: string userDnTemplate: type: string required: - address type: object name: nullable: true type: string oauth: properties: appUrl: type: string authEndpointQueryParams: additionalProperties: type: string type: object callbackPath: type: string clientId: type: string clientSecretRef: properties: name: type: string namespace: type: string type: object issuerUrl: type: string scopes: items: type: string type: array required: - appUrl type: object oauth2: properties: accessTokenValidation: properties: azure: properties: claimsCachingOptions: properties: db: format: int32 type: integer host: type: string poolSize: format: int32 type: integer socketType: type: string x-kubernetes-int-or-string: true tlsCertMountPath: type: string type: object clientId: type: string clientSecret: properties: name: type: string namespace: type: string type: object tenantId: type: string type: object cacheTimeout: type: string claimsToHeaders: items: properties: append: type: boolean claim: type: string header: type: string type: object type: array default: type: object dynamicMetadataFromClaims: additionalProperties: type: string type: object introspection: properties: clientId: type: string clientSecretRef: properties: name: type: string namespace: type: string type: object disableClientSecret: nullable: true type: boolean introspectionUrl: type: string userIdAttributeName: type: string required: - introspectionUrl type: object introspectionUrl: type: string jwt: properties: issuer: type: string localJwks: properties: inlineString: type: string required: - inlineString type: object remoteJwks: properties: refreshInterval: type: string url: type: string required: - url type: object type: object requiredScopes: properties: scope: items: type: string type: array type: object userinfoUrl: type: string type: object oauth2: properties: afterLogoutUrl: type: string appUrl: type: string authEndpoint: type: string authEndpointQueryParams: additionalProperties: type: string type: object callbackPath: type: string clientId: type: string clientSecretRef: properties: name: type: string namespace: type: string type: object disableClientSecret: nullable: true type: boolean logoutPath: type: string revocationEndpoint: type: string scopes: items: type: string type: array session: properties: cipherConfig: properties: keyRef: properties: name: type: string namespace: type: string type: object type: object cookie: properties: allowRefreshing: nullable: true type: boolean keyPrefix: type: string targetDomain: type: string type: object cookieOptions: properties: domain: type: string httpOnly: nullable: true type: boolean maxAge: maximum: 4294967295 minimum: 0 nullable: true type: integer notSecure: type: boolean path: nullable: true type: string sameSite: type: string x-kubernetes-int-or-string: true type: object failOnFetchFailure: type: boolean redis: properties: allowRefreshing: nullable: true type: boolean cookieName: type: string headerName: type: string keyPrefix: type: string options: properties: db: format: int32 type: integer host: type: string poolSize: format: int32 type: integer socketType: type: string x-kubernetes-int-or-string: true tlsCertMountPath: type: string type: object preExpiryBuffer: type: string targetDomain: type: string type: object type: object tokenEndpoint: type: string tokenEndpointQueryParams: additionalProperties: type: string type: object required: - clientId - appUrl - callbackPath - authEndpoint - tokenEndpoint type: object oidcAuthorizationCode: properties: accessToken: properties: claimsToHeaders: items: properties: append: type: boolean claim: type: string header: type: string type: object type: array type: object afterLogoutUrl: type: string appUrl: type: string authEndpointQueryParams: additionalProperties: type: string type: object autoMapFromMetadata: properties: namespace: type: string type: object azure: properties: claimsCachingOptions: properties: db: format: int32 type: integer host: type: string poolSize: format: int32 type: integer socketType: type: string x-kubernetes-int-or-string: true tlsCertMountPath: type: string type: object clientId: type: string clientSecret: properties: name: type: string namespace: type: string type: object tenantId: type: string type: object callbackPath: type: string clientAuthentication: properties: clientSecret: properties: clientSecretRef: properties: name: type: string namespace: type: string type: object disableClientSecret: nullable: true type: boolean type: object privateKeyJwt: properties: signingKeyRef: properties: name: type: string namespace: type: string type: object validFor: type: string required: - signingKeyRef type: object type: object clientId: type: string clientSecretRef: properties: name: type: string namespace: type: string type: object default: type: object disableClientSecret: nullable: true type: boolean discoveryOverride: properties: authEndpoint: type: string authMethods: items: type: string type: array claims: items: type: string type: array endSessionEndpoint: type: string idTokenAlgs: items: type: string type: array jwksUri: type: string responseTypes: items: type: string type: array revocationEndpoint: type: string scopes: items: type: string type: array subjects: items: type: string type: array tokenEndpoint: type: string type: object discoveryPollInterval: type: string dynamicMetadataFromClaims: additionalProperties: type: string type: object endSessionProperties: properties: methodType: type: string x-kubernetes-int-or-string: true type: object frontChannelLogout: properties: path: type: string type: object headers: properties: accessTokenHeader: type: string idTokenHeader: type: string useBearerSchemaForAuthorization: nullable: true type: boolean type: object identityToken: properties: claimsToHeaders: items: properties: append: type: boolean claim: type: string header: type: string type: object type: array type: object issuerUrl: type: string jwksCacheRefreshPolicy: properties: always: maxProperties: 0 type: object maxIdpReqPerPollingInterval: maximum: 4294967295 minimum: 0 type: integer never: maxProperties: 0 type: object type: object logoutPath: type: string parseCallbackPathAsRegex: type: boolean scopes: items: type: string type: array session: properties: cipherConfig: properties: keyRef: properties: name: type: string namespace: type: string type: object type: object cookie: properties: allowRefreshing: nullable: true type: boolean keyPrefix: type: string targetDomain: type: string type: object cookieOptions: properties: domain: type: string httpOnly: nullable: true type: boolean maxAge: maximum: 4294967295 minimum: 0 nullable: true type: integer notSecure: type: boolean path: nullable: true type: string sameSite: type: string x-kubernetes-int-or-string: true type: object failOnFetchFailure: type: boolean redis: properties: allowRefreshing: nullable: true type: boolean cookieName: type: string headerName: type: string keyPrefix: type: string options: properties: db: format: int32 type: integer host: type: string poolSize: format: int32 type: integer socketType: type: string x-kubernetes-int-or-string: true tlsCertMountPath: type: string type: object preExpiryBuffer: type: string targetDomain: type: string type: object type: object sessionIdHeaderName: type: string tokenEndpointQueryParams: additionalProperties: type: string type: object required: - clientId - issuerUrl - appUrl - callbackPath type: object type: object opaAuth: properties: modules: items: properties: name: type: string namespace: type: string type: object type: array options: properties: fastInputConversion: type: boolean returnDecisionReason: type: boolean type: object query: type: string required: - query type: object opaServerAuth: properties: options: properties: fastInputConversion: type: boolean returnDecisionReason: type: boolean type: object package: type: string ruleName: type: string serverAddr: type: string required: - package type: object passThroughAuth: properties: config: type: object x-kubernetes-preserve-unknown-fields: true failureModeAllow: type: boolean grpc: properties: address: type: string connectionTimeout: type: string retryPolicy: properties: numRetries: maximum: 4294967295 minimum: 0 nullable: true type: integer retryBackOff: properties: baseInterval: type: string maxInterval: type: string type: object type: object tlsConfig: properties: secretRef: properties: name: type: string namespace: type: string type: object sslParams: properties: maximumProtocolVersion: type: string x-kubernetes-int-or-string: true minimumProtocolVersion: type: string x-kubernetes-int-or-string: true type: object type: object required: - address type: object http: properties: connectionTimeout: type: string request: properties: allowedHeaders: items: type: string type: array headersToAdd: additionalProperties: type: string type: object passThroughBody: type: boolean passThroughFilterMetadata: type: boolean passThroughState: type: boolean type: object response: properties: allowedClientHeadersOnDenied: items: type: string type: array allowedUpstreamHeaders: items: type: string type: array allowedUpstreamHeadersToOverwrite: items: type: string type: array readStateFromResponse: type: boolean type: object tlsConfig: properties: secretRef: properties: name: type: string namespace: type: string type: object sslParams: properties: maximumProtocolVersion: type: string x-kubernetes-int-or-string: true minimumProtocolVersion: type: string x-kubernetes-int-or-string: true type: object type: object url: type: string required: - url type: object type: object pluginAuth: properties: config: type: object x-kubernetes-preserve-unknown-fields: true exportedSymbolName: type: string name: type: string pluginFileName: type: string required: - config type: object portalAuth: properties: apiKeyHeader: type: string cacheDuration: type: string redisOptions: properties: db: format: int32 type: integer host: type: string poolSize: format: int32 type: integer socketType: type: string x-kubernetes-int-or-string: true tlsCertMountPath: type: string type: object requestTimeout: type: string url: type: string type: object type: object type: array failOnRedirect: type: boolean namespacedStatuses: properties: statuses: additionalProperties: type: object x-kubernetes-preserve-unknown-fields: true type: object type: object required: - configs type: object status: default: {} properties: statuses: default: {} type: object x-kubernetes-preserve-unknown-fields: true type: object x-kubernetes-preserve-unknown-fields: true type: object served: true storage: true status: acceptedNames: kind: "" plural: "" conditions: [] storedVersions: []