| Name | Type | Description | Notes |
|---|---|---|---|
| allowed_cors | list[str] | a list of allowed cors domains if used for browser authentication | [optional] |
| bound_common_names | list[str] | A list of names. At least one must exist in the Common Name. Supports globbing. | [optional] |
| bound_dns_sans | list[str] | A list of DNS names. At least one must exist in the SANs. Supports globbing. | [optional] |
| bound_email_sans | list[str] | A list of Email Addresses. At least one must exist in the SANs. Supports globbing. | [optional] |
| bound_extensions | list[str] | A list of extensions formatted as "oid:value". Expects the extension value to be some type of ASN1 encoded string. All values must match. Supports globbing on "value". | [optional] |
| bound_organizational_units | list[str] | A list of Organizational Units names. At least one must exist in the OU field. | [optional] |
| bound_uri_sans | list[str] | A list of URIs. At least one must exist in the SANs. Supports globbing. | [optional] |
| certificate | str | Base64 encdoed PEM certificate | [optional] |
| require_crl_dp | bool | RequireCrlDp indicates whether CRL distribution points are required on the leaf client certificate, and whether CRL validation must be enforced during authentication. | [optional] |
| revoked_cert_ids | list[str] | A list of revoked cert ids | [optional] |
| unique_identifier | str | A unique identifier to distinguish different users | [optional] |