Oracle Cloud Infrastructure v2.17.0 published on Friday, Nov 15, 2024 by Pulumi
oci.Identity.getDomainsApp
Explore with Pulumi AI
This data source provides details about a specific App resource in Oracle Cloud Infrastructure Identity Domains service.
Get an App
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as oci from "@pulumi/oci";
const testApp = oci.Identity.getDomainsApp({
appId: testAppOciIdentityDomainsApp.id,
idcsEndpoint: testDomain.url,
attributeSets: ["all"],
attributes: "",
authorization: appAuthorization,
resourceTypeSchemaVersion: appResourceTypeSchemaVersion,
});
import pulumi
import pulumi_oci as oci
test_app = oci.Identity.get_domains_app(app_id=test_app_oci_identity_domains_app["id"],
idcs_endpoint=test_domain["url"],
attribute_sets=["all"],
attributes="",
authorization=app_authorization,
resource_type_schema_version=app_resource_type_schema_version)
package main
import (
"github.com/pulumi/pulumi-oci/sdk/v2/go/oci/Identity"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := Identity.GetDomainsApp(ctx, &identity.GetDomainsAppArgs{
AppId: testAppOciIdentityDomainsApp.Id,
IdcsEndpoint: testDomain.Url,
AttributeSets: []string{
"all",
},
Attributes: pulumi.StringRef(""),
Authorization: pulumi.StringRef(appAuthorization),
ResourceTypeSchemaVersion: pulumi.StringRef(appResourceTypeSchemaVersion),
}, nil)
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Oci = Pulumi.Oci;
return await Deployment.RunAsync(() =>
{
var testApp = Oci.Identity.GetDomainsApp.Invoke(new()
{
AppId = testAppOciIdentityDomainsApp.Id,
IdcsEndpoint = testDomain.Url,
AttributeSets = new[]
{
"all",
},
Attributes = "",
Authorization = appAuthorization,
ResourceTypeSchemaVersion = appResourceTypeSchemaVersion,
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.oci.Identity.IdentityFunctions;
import com.pulumi.oci.Identity.inputs.GetDomainsAppArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var testApp = IdentityFunctions.getDomainsApp(GetDomainsAppArgs.builder()
.appId(testAppOciIdentityDomainsApp.id())
.idcsEndpoint(testDomain.url())
.attributeSets("all")
.attributes("")
.authorization(appAuthorization)
.resourceTypeSchemaVersion(appResourceTypeSchemaVersion)
.build());
}
}
variables:
testApp:
fn::invoke:
Function: oci:Identity:getDomainsApp
Arguments:
appId: ${testAppOciIdentityDomainsApp.id}
idcsEndpoint: ${testDomain.url}
attributeSets:
- all
attributes:
authorization: ${appAuthorization}
resourceTypeSchemaVersion: ${appResourceTypeSchemaVersion}
Using getDomainsApp
Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.
function getDomainsApp(args: GetDomainsAppArgs, opts?: InvokeOptions): Promise<GetDomainsAppResult>
function getDomainsAppOutput(args: GetDomainsAppOutputArgs, opts?: InvokeOptions): Output<GetDomainsAppResult>
def get_domains_app(app_id: Optional[str] = None,
attribute_sets: Optional[Sequence[str]] = None,
attributes: Optional[str] = None,
authorization: Optional[str] = None,
idcs_endpoint: Optional[str] = None,
resource_type_schema_version: Optional[str] = None,
opts: Optional[InvokeOptions] = None) -> GetDomainsAppResult
def get_domains_app_output(app_id: Optional[pulumi.Input[str]] = None,
attribute_sets: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
attributes: Optional[pulumi.Input[str]] = None,
authorization: Optional[pulumi.Input[str]] = None,
idcs_endpoint: Optional[pulumi.Input[str]] = None,
resource_type_schema_version: Optional[pulumi.Input[str]] = None,
opts: Optional[InvokeOptions] = None) -> Output[GetDomainsAppResult]
func GetDomainsApp(ctx *Context, args *GetDomainsAppArgs, opts ...InvokeOption) (*GetDomainsAppResult, error)
func GetDomainsAppOutput(ctx *Context, args *GetDomainsAppOutputArgs, opts ...InvokeOption) GetDomainsAppResultOutput
> Note: This function is named GetDomainsApp
in the Go SDK.
public static class GetDomainsApp
{
public static Task<GetDomainsAppResult> InvokeAsync(GetDomainsAppArgs args, InvokeOptions? opts = null)
public static Output<GetDomainsAppResult> Invoke(GetDomainsAppInvokeArgs args, InvokeOptions? opts = null)
}
public static CompletableFuture<GetDomainsAppResult> getDomainsApp(GetDomainsAppArgs args, InvokeOptions options)
// Output-based functions aren't available in Java yet
fn::invoke:
function: oci:Identity/getDomainsApp:getDomainsApp
arguments:
# arguments dictionary
The following arguments are supported:
- App
Id string - ID of the resource
- Idcs
Endpoint string - The basic endpoint for the identity domain
- Attribute
Sets List<string> - A multi-valued list of strings indicating the return type of attribute definition. The specified set of attributes can be fetched by the return type of the attribute. One or more values can be given together to fetch more than one group of attributes. If 'attributes' query parameter is also available, union of the two is fetched. Valid values - all, always, never, request, default. Values are case-insensitive.
- Attributes string
- A comma-delimited string that specifies the names of resource attributes that should be returned in the response. By default, a response that contains resource attributes contains only attributes that are defined in the schema for that resource type as returned=always or returned=default. An attribute that is defined as returned=request is returned in a response only if the request specifies its name in the value of this query parameter. If a request specifies this query parameter, the response contains the attributes that this query parameter specifies, as well as any attribute that is defined as returned=always.
- string
- The Authorization field value consists of credentials containing the authentication information of the user agent for the realm of the resource being requested.
- Resource
Type stringSchema Version - An endpoint-specific schema version number to use in the Request. Allowed version values are Earliest Version or Latest Version as specified in each REST API endpoint description, or any sequential number inbetween. All schema attributes/body parameters are a part of version 1. After version 1, any attributes added or deprecated will be tagged with the version that they were added to or deprecated in. If no version is provided, the latest schema version is returned.
- App
Id string - ID of the resource
- Idcs
Endpoint string - The basic endpoint for the identity domain
- Attribute
Sets []string - A multi-valued list of strings indicating the return type of attribute definition. The specified set of attributes can be fetched by the return type of the attribute. One or more values can be given together to fetch more than one group of attributes. If 'attributes' query parameter is also available, union of the two is fetched. Valid values - all, always, never, request, default. Values are case-insensitive.
- Attributes string
- A comma-delimited string that specifies the names of resource attributes that should be returned in the response. By default, a response that contains resource attributes contains only attributes that are defined in the schema for that resource type as returned=always or returned=default. An attribute that is defined as returned=request is returned in a response only if the request specifies its name in the value of this query parameter. If a request specifies this query parameter, the response contains the attributes that this query parameter specifies, as well as any attribute that is defined as returned=always.
- string
- The Authorization field value consists of credentials containing the authentication information of the user agent for the realm of the resource being requested.
- Resource
Type stringSchema Version - An endpoint-specific schema version number to use in the Request. Allowed version values are Earliest Version or Latest Version as specified in each REST API endpoint description, or any sequential number inbetween. All schema attributes/body parameters are a part of version 1. After version 1, any attributes added or deprecated will be tagged with the version that they were added to or deprecated in. If no version is provided, the latest schema version is returned.
- app
Id String - ID of the resource
- idcs
Endpoint String - The basic endpoint for the identity domain
- attribute
Sets List<String> - A multi-valued list of strings indicating the return type of attribute definition. The specified set of attributes can be fetched by the return type of the attribute. One or more values can be given together to fetch more than one group of attributes. If 'attributes' query parameter is also available, union of the two is fetched. Valid values - all, always, never, request, default. Values are case-insensitive.
- attributes String
- A comma-delimited string that specifies the names of resource attributes that should be returned in the response. By default, a response that contains resource attributes contains only attributes that are defined in the schema for that resource type as returned=always or returned=default. An attribute that is defined as returned=request is returned in a response only if the request specifies its name in the value of this query parameter. If a request specifies this query parameter, the response contains the attributes that this query parameter specifies, as well as any attribute that is defined as returned=always.
- String
- The Authorization field value consists of credentials containing the authentication information of the user agent for the realm of the resource being requested.
- resource
Type StringSchema Version - An endpoint-specific schema version number to use in the Request. Allowed version values are Earliest Version or Latest Version as specified in each REST API endpoint description, or any sequential number inbetween. All schema attributes/body parameters are a part of version 1. After version 1, any attributes added or deprecated will be tagged with the version that they were added to or deprecated in. If no version is provided, the latest schema version is returned.
- app
Id string - ID of the resource
- idcs
Endpoint string - The basic endpoint for the identity domain
- attribute
Sets string[] - A multi-valued list of strings indicating the return type of attribute definition. The specified set of attributes can be fetched by the return type of the attribute. One or more values can be given together to fetch more than one group of attributes. If 'attributes' query parameter is also available, union of the two is fetched. Valid values - all, always, never, request, default. Values are case-insensitive.
- attributes string
- A comma-delimited string that specifies the names of resource attributes that should be returned in the response. By default, a response that contains resource attributes contains only attributes that are defined in the schema for that resource type as returned=always or returned=default. An attribute that is defined as returned=request is returned in a response only if the request specifies its name in the value of this query parameter. If a request specifies this query parameter, the response contains the attributes that this query parameter specifies, as well as any attribute that is defined as returned=always.
- string
- The Authorization field value consists of credentials containing the authentication information of the user agent for the realm of the resource being requested.
- resource
Type stringSchema Version - An endpoint-specific schema version number to use in the Request. Allowed version values are Earliest Version or Latest Version as specified in each REST API endpoint description, or any sequential number inbetween. All schema attributes/body parameters are a part of version 1. After version 1, any attributes added or deprecated will be tagged with the version that they were added to or deprecated in. If no version is provided, the latest schema version is returned.
- app_
id str - ID of the resource
- idcs_
endpoint str - The basic endpoint for the identity domain
- attribute_
sets Sequence[str] - A multi-valued list of strings indicating the return type of attribute definition. The specified set of attributes can be fetched by the return type of the attribute. One or more values can be given together to fetch more than one group of attributes. If 'attributes' query parameter is also available, union of the two is fetched. Valid values - all, always, never, request, default. Values are case-insensitive.
- attributes str
- A comma-delimited string that specifies the names of resource attributes that should be returned in the response. By default, a response that contains resource attributes contains only attributes that are defined in the schema for that resource type as returned=always or returned=default. An attribute that is defined as returned=request is returned in a response only if the request specifies its name in the value of this query parameter. If a request specifies this query parameter, the response contains the attributes that this query parameter specifies, as well as any attribute that is defined as returned=always.
- str
- The Authorization field value consists of credentials containing the authentication information of the user agent for the realm of the resource being requested.
- resource_
type_ strschema_ version - An endpoint-specific schema version number to use in the Request. Allowed version values are Earliest Version or Latest Version as specified in each REST API endpoint description, or any sequential number inbetween. All schema attributes/body parameters are a part of version 1. After version 1, any attributes added or deprecated will be tagged with the version that they were added to or deprecated in. If no version is provided, the latest schema version is returned.
- app
Id String - ID of the resource
- idcs
Endpoint String - The basic endpoint for the identity domain
- attribute
Sets List<String> - A multi-valued list of strings indicating the return type of attribute definition. The specified set of attributes can be fetched by the return type of the attribute. One or more values can be given together to fetch more than one group of attributes. If 'attributes' query parameter is also available, union of the two is fetched. Valid values - all, always, never, request, default. Values are case-insensitive.
- attributes String
- A comma-delimited string that specifies the names of resource attributes that should be returned in the response. By default, a response that contains resource attributes contains only attributes that are defined in the schema for that resource type as returned=always or returned=default. An attribute that is defined as returned=request is returned in a response only if the request specifies its name in the value of this query parameter. If a request specifies this query parameter, the response contains the attributes that this query parameter specifies, as well as any attribute that is defined as returned=always.
- String
- The Authorization field value consists of credentials containing the authentication information of the user agent for the realm of the resource being requested.
- resource
Type StringSchema Version - An endpoint-specific schema version number to use in the Request. Allowed version values are Earliest Version or Latest Version as specified in each REST API endpoint description, or any sequential number inbetween. All schema attributes/body parameters are a part of version 1. After version 1, any attributes added or deprecated will be tagged with the version that they were added to or deprecated in. If no version is provided, the latest schema version is returned.
getDomainsApp Result
The following output properties are available:
- Access
Token intExpiry - Access token expiry
- Accounts
List<Get
Domains App Account> - Accounts of App
- Active bool
- If true, this App is able to participate in runtime services, such as automatic-login, OAuth, and SAML. If false, all runtime services are disabled for this App, and only administrative operations can be performed.
- Admin
Roles List<GetDomains App Admin Role> - A list of AppRoles defined by this UnmanagedApp. Membership in each of these AppRoles confers administrative privilege within this App.
- Alias
Apps List<GetDomains App Alias App> - Each value of this internal attribute refers to an Oracle Public Cloud infrastructure App on which this App depends.
- All
Url boolSchemes Allowed - If true, indicates that the system should allow all URL-schemes within each value of the 'redirectUris' attribute. Also indicates that the system should not attempt to confirm that each value of the 'redirectUris' attribute is a valid URI. In particular, the system should not confirm that the domain component of the URI is a top-level domain and the system should not confirm that the hostname portion is a valid system that is reachable over the network.
- Allow
Access boolControl - If true, any managed App that is based on this template is checked for access control that is, access to this app is subject to successful authorization at SSO service, viz. app grants to start with.
- Allow
Offline bool - If true, indicates that the Refresh Token is allowed when this App acts as an OAuth Resource.
- Allowed
Grants List<string> - List of grant-types that this App is allowed to use when it acts as an OAuthClient.
- Allowed
Operations List<string> - OPTIONAL. Required only when this App acts as an OAuthClient. Supported values are 'introspect' and 'onBehalfOfUser'. The value 'introspect' allows the client to look inside the access-token. The value 'onBehalfOfUser' overrides how the client's privileges are combined with the privileges of the Subject User. Ordinarily, authorization calculates the set of effective privileges as the intersection of the client's privileges and the user's privileges. The value 'onBehalfOf' indicates that authorization should ignore the privileges of the client and use only the user's privileges to calculate the effective privileges.
- Allowed
Scopes List<GetDomains App Allowed Scope> - A list of scopes (exposed by this App or by other Apps) that this App is allowed to access when it acts as an OAuthClient.
- List<Get
Domains App Allowed Tag> - A list of tags, acting as an OAuthClient, this App is allowed to access.
- App
Icon string - Application icon.
- App
Id string - The id of the App that defines this AppRole, which is granted to this App. The App that defines the AppRole acts as the producer; the App to which the AppRole is granted acts as a consumer.
- App
Signon List<GetPolicies Domains App App Signon Policy> - App Sign-on Policy.
- App
Thumbnail string - Application thumbnail.
- Apps
Network List<GetPerimeters Domains App Apps Network Perimeter> - Network Perimeter
- As
Opc List<GetServices Domains App As Opc Service> - OPCService facet of the application.
- Attr
Rendering List<GetMetadatas Domains App Attr Rendering Metadata> - Label for the attribute to be shown in the UI.
- Audience string
- The base URI for all of the scopes defined in this App. The value of 'audience' is combined with the 'value' of each scope to form an 'fqs' or fully qualified scope.
- Based
On List<GetTemplates Domains App Based On Template> - Application template on which the application is based.
- Bypass
Consent bool - If true, indicates that consent should be skipped for all scopes
- Callback
Service stringUrl - Callback Service URL
- Certificates
List<Get
Domains App Certificate> - Each value of this attribute represent a certificate that this App uses when it acts as an OAuthClient.
- Client
Ip stringChecking - Network Perimeters checking mode
- Client
Secret string - This value is the credential of this App, which this App supplies as a password when this App authenticates to the Oracle Public Cloud infrastructure. This value is also the client secret of this App when it acts as an OAuthClient.
- Client
Type string - Specifies the type of access that this App has when it acts as an OAuthClient.
- Cloud
Control List<GetProperties Domains App Cloud Control Property> - A collection of arbitrary properties that scope the privileges of a cloud-control App.
- Compartment
Ocid string - Oracle Cloud Infrastructure Compartment Id (ocid) in which the resource lives.
- Contact
Email stringAddress - Contact Email Address
- Delegated
Service List<string>Names - Service Names allow to use Oracle Cloud Infrastructure signature for client authentication instead of client credentials
- Delete
In boolProgress - A boolean flag indicating this resource in the process of being deleted. Usually set to true when synchronous deletion of the resource would take too long.
- Description string
- The description of the AppRole.
- Disable
Kmsi boolToken Authentication - Indicates whether the application is allowed to be access using kmsi token.
- Display
Name string - Display name of the flatfile bundle configuration property. This attribute maps to "displayName" attribute in "ConfigurationProperty" in ICF.
- Domain
Ocid string - Oracle Cloud Infrastructure Domain Id (ocid) in which the resource lives.
- Editable
Attributes List<GetDomains App Editable Attribute> - App attributes editable by subject
- Error
Page stringUrl - This attribute specifies the URL of the page to which an application will redirect an end-user in case of error.
- Granted
App List<GetRoles Domains App Granted App Role> - A list of AppRoles that are granted to this App (and that are defined by other Apps). Within the Oracle Public Cloud infrastructure, this allows AppID-based association. Such an association allows this App to act as a consumer and thus to access resources of another App that acts as a producer.
- Grants
List<Get
Domains App Grant> - Grants assigned to the app
- Hashed
Client stringSecret - Hashed Client Secret. This hash-value is used to verify the 'clientSecret' credential of this App
- Home
Page stringUrl - Home Page URL
- Icon string
- URL of application icon.
- Id string
- Unique identifier for the SCIM Resource as defined by the Service Provider. Each representation of the Resource MUST include a non-empty id value. This identifier MUST be unique across the Service Provider's entire set of Resources. It MUST be a stable, non-reassignable identifier that does not change when the same Resource is returned in subsequent requests. The value of the id attribute is always issued by the Service Provider and MUST never be specified by the Service Consumer. bulkId: is a reserved keyword and MUST NOT be used in the unique identifier.
- Id
Token stringEnc Algo - Encryption Alogrithm to use for encrypting ID token.
- Idcs
Created List<GetBies Domains App Idcs Created By> - The User or App who created the Resource
- Idcs
Endpoint string - Idcs
Last List<GetModified Bies Domains App Idcs Last Modified By> - The User or App who modified the Resource
- Idcs
Last stringUpgraded In Release - The release number when the resource was upgraded.
- Idcs
Prevented List<string>Operations - Each value of this attribute specifies an operation that only an internal client may perform on this particular resource.
- Identity
Providers List<GetDomains App Identity Provider> - A list of IdentityProvider assigned to app. A user trying to access this app will be automatically redirected to configured IdP during the authentication phase, before being able to access App.
- Idp
Policies List<GetDomains App Idp Policy> - IDP Policy.
- Infrastructure bool
- If true, this App is an internal infrastructure App.
- Is
Alias boolApp - If true, this App is an AliasApp and it cannot be granted to an end-user directly.
- Is
Database boolService - If true, this application acts as database service Application
- Is
Enterprise boolApp - If true, this app acts as Enterprise app with Authentication and URL Authz policy.
- Is
Form boolFill - If true, this application acts as FormFill Application
- Is
Kerberos boolRealm - If true, indicates that this App supports Kerberos Authentication
- Is
Login boolTarget - If true, this App allows runtime services to log end users into this App automatically.
- Is
Managed boolApp - If true, indicates that access to this App requires an account. That is, in order to log in to the App, a User must use an application-specific identity that is maintained in the remote identity-repository of that App.
- Is
Mobile boolTarget - If true, indicates that the App should be visible in each end-user's mobile application.
- Is
Multicloud boolService App - If true, indicates the app is used for multicloud service integration.
- Is
Oauth boolClient - If true, this application acts as an OAuth Client
- Is
Oauth boolResource - If true, indicates that this application acts as an OAuth Resource.
- Is
Obligation boolCapable - This flag indicates if the App is capable of validating obligations with the token for allowing access to the App.
- Is
Opc boolService - If true, this application is an Oracle Public Cloud service-instance.
- Is
Radius boolApp - If true, this application acts as an Radius App
- Is
Saml boolService Provider - If true, then this App acts as a SAML Service Provider.
- Is
Unmanaged boolApp - If true, indicates that this application accepts an Oracle Cloud Identity Service User as a login-identity (does not require an account) and relies for authorization on the User's memberships in AppRoles.
- Is
Web boolTier Policy - If true, the webtier policy is active
- Landing
Page stringUrl - The URL of the landing page for this App, which is the first page that an end user should see if runtime services log that end user in to this App automatically.
- Linking
Callback stringUrl - This attribute specifies the callback URL for the social linking operation.
- Login
Mechanism string - The protocol that runtime services will use to log end users in to this App automatically. If 'OIDC', then runtime services use the OpenID Connect protocol. If 'SAML', then runtime services use Security Assertion Markup Language protocol.
- Login
Page stringUrl - This attribute specifies the URL of the page that the App uses when an end-user signs in to that App.
- Logout
Page stringUrl - This attribute specifies the URL of the page that the App uses when an end-user signs out.
- Logout
Uri string - OAuth will use this URI to logout if this App wants to participate in SSO, and if this App's session gets cleared as part of global logout. Note: This attribute is used only if this App acts as an OAuthClient.
- Metas
List<Get
Domains App Meta> - A complex attribute that contains resource metadata. All sub-attributes are OPTIONAL.
- Meter
As boolOpc Service - Indicates whether the application is billed as an OPCService. If true, customer is not billed for runtime operations of the app.
- Migrated bool
- If true, this App was migrated from an earlier version of Oracle Public Cloud infrastructure (and may therefore require special handling from runtime services such as OAuth or SAML). If false, this App requires no special handling from runtime services.
- Name string
- The attribute represents the name of the attribute that will be used in the Security Assertion Markup Language (SAML) assertion
- Ocid string
- Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.
- Post
Logout List<string>Redirect Uris - Each value of this attribute is the URI of a landing page within this App. It is used only when this App, acting as an OAuthClient, initiates the logout flow and wants to be redirected back to one of its landing pages.
- Privacy
Policy stringUrl - Privacy Policy URL
- Product
Logo stringUrl - Application Logo URL
- Product
Name string - Product Name
- Protectable
Secondary List<GetAudiences Domains App Protectable Secondary Audience> - A list of secondary audiences--additional URIs to be added automatically to any OAuth token that allows access to this App. Note: This attribute is used mainly for backward compatibility in certain Oracle Public Cloud Apps.
- Radius
Policies List<GetDomains App Radius Policy> - RADIUS Policy assigned to this application.
- Ready
To boolUpgrade - If true, this App requires an upgrade and mandates attention from application administrator. The flag is used by UI to indicate this app is ready to upgrade.
- Redirect
Uris List<string> - OPTIONAL. Each value is a URI within this App. This attribute is required when this App acts as an OAuthClient and is involved in three-legged flows (authorization-code flows).
- Refresh
Token intExpiry - Expiry-time in seconds for a Refresh Token. Any token that allows access to this App, once refreshed, will expire after the specified duration.
- Saml
Service List<GetProviders Domains App Saml Service Provider> - An attribute that refers to the SAML Service Provider that runtime services will use to log an end user in to this App automatically. Note that this will be used only if the loginMechanism is 'SAML'.
- Schemas List<string>
- REQUIRED. The schemas attribute is an array of Strings which allows introspection of the supported schema version for a SCIM representation as well any schema extensions supported by that representation. Each String value must be a unique URI. This specification defines URIs for User, Group, and a standard "enterprise" extension. All representations of SCIM schema MUST include a non-zero value array with value(s) of the URIs supported by that representation. Duplicate values MUST NOT be included. Value order is not specified and MUST not impact behavior.
- Scopes
List<Get
Domains App Scope> - Scopes defined by this App. Used when this App acts as an OAuth Resource.
- Secondary
Audiences List<string> - A list of secondary audiences--additional URIs to be added automatically to any OAuth token that allows access to this App. Note: This attribute is used mainly for backward compatibility in certain Oracle Public Cloud Apps.
- Service
Params List<GetDomains App Service Param> - Custom attribute that is required to compute other attribute values during app creation.
- Service
Type stringUrn - This Uniform Resource Name (URN) value identifies the type of Oracle Public Cloud service of which this app is an instance.
- Service
Type stringVersion - This value specifies the version of the Oracle Public Cloud service of which this App is an instance
- Show
In boolMy Apps - If true, this app will be displayed in the MyApps page of each end-user who has access to the App.
- Signon
Policies List<GetDomains App Signon Policy> - Sign-on Policy.
- List<Get
Domains App Tag> - A list of tags on this resource.
- Tenancy
Ocid string - Oracle Cloud Infrastructure Tenant Id (ocid) in which the resource lives.
- Terms
Of stringService Url - Terms of Service URL
- Terms
Of List<GetUses Domains App Terms Of Use> - Terms Of Use.
- Trust
Policies List<GetDomains App Trust Policy> - Trust Policies.
- Trust
Scope string - Indicates the scope of trust for this App when acting as an OAuthClient. A value of 'Explicit' indicates that the App is allowed to access only the scopes of OAuthResources that are explicitly specified as 'allowedScopes'. A value of 'Account' indicates that the App is allowed implicitly to access any scope of any OAuthResource within the same Oracle Cloud Account. A value of 'Tags' indicates that the App is allowed to access any scope of any OAuthResource with a matching tag within the same Oracle Cloud Account. A value of 'Default' indicates that the Tenant default trust scope configured in the Tenant Settings is used.
- List<Get
Domains App Urnietfparamsscimschemasoracleidcsextension Oci Tag> - Oracle Cloud Infrastructure Tags.
- Urnietfparamsscimschemasoracleidcsextensiondbcs
Apps List<GetDomains App Urnietfparamsscimschemasoracleidcsextensiondbcs App> - This extension provides attributes for database service facet of an App
- Urnietfparamsscimschemasoracleidcsextensionenterprise
App List<GetApps Domains App Urnietfparamsscimschemasoracleidcsextensionenterprise App App> - This extension defines the Enterprise App related attributes.
- Urnietfparamsscimschemasoracleidcsextensionform
Fill List<GetApp Apps Domains App Urnietfparamsscimschemasoracleidcsextensionform Fill App App> - This extension provides attributes for Form-Fill facet of App
- Urnietfparamsscimschemasoracleidcsextensionform
Fill List<GetApp Template App Templates Domains App Urnietfparamsscimschemasoracleidcsextensionform Fill App Template App Template> - This extension provides attributes for Form-Fill facet of AppTemplate
- Urnietfparamsscimschemasoracleidcsextensionkerberos
Realm List<GetApps Domains App Urnietfparamsscimschemasoracleidcsextensionkerberos Realm App> - Kerberos Realm
- Urnietfparamsscimschemasoracleidcsextensionmanagedapp
Apps List<GetDomains App Urnietfparamsscimschemasoracleidcsextensionmanagedapp App> - Managed App
- Urnietfparamsscimschemasoracleidcsextensionmulticloud
Service List<GetApp Apps Domains App Urnietfparamsscimschemasoracleidcsextensionmulticloud Service App App> - This extension defines attributes specific to Apps that represent instances of Multicloud Service App
- Urnietfparamsscimschemasoracleidcsextensionopc
Service List<GetApps Domains App Urnietfparamsscimschemasoracleidcsextensionopc Service App> - This extension defines attributes specific to Apps that represent instances of an Oracle Public Cloud (OPC) service.
- Urnietfparamsscimschemasoracleidcsextensionradius
App List<GetApps Domains App Urnietfparamsscimschemasoracleidcsextensionradius App App> - This extension defines attributes specific to Apps that represent instances of Radius App.
- Urnietfparamsscimschemasoracleidcsextensionrequestable
Apps List<GetDomains App Urnietfparamsscimschemasoracleidcsextensionrequestable App> - Requestable App
- Urnietfparamsscimschemasoracleidcsextensionsaml
Service List<GetProvider Apps Domains App Urnietfparamsscimschemasoracleidcsextensionsaml Service Provider App> - This extension defines attributes related to the Service Providers configuration.
- Urnietfparamsscimschemasoracleidcsextensionweb
Tier List<GetPolicy Apps Domains App Urnietfparamsscimschemasoracleidcsextensionweb Tier Policy App> - WebTier Policy
- User
Roles List<GetDomains App User Role> - A list of AppRoles defined by this UnmanagedApp. Membership in each of these AppRoles confers end-user privilege within this App.
- Attribute
Sets List<string> - Attributes string
- string
- Resource
Type stringSchema Version
- Access
Token intExpiry - Access token expiry
- Accounts
[]Get
Domains App Account - Accounts of App
- Active bool
- If true, this App is able to participate in runtime services, such as automatic-login, OAuth, and SAML. If false, all runtime services are disabled for this App, and only administrative operations can be performed.
- Admin
Roles []GetDomains App Admin Role - A list of AppRoles defined by this UnmanagedApp. Membership in each of these AppRoles confers administrative privilege within this App.
- Alias
Apps []GetDomains App Alias App - Each value of this internal attribute refers to an Oracle Public Cloud infrastructure App on which this App depends.
- All
Url boolSchemes Allowed - If true, indicates that the system should allow all URL-schemes within each value of the 'redirectUris' attribute. Also indicates that the system should not attempt to confirm that each value of the 'redirectUris' attribute is a valid URI. In particular, the system should not confirm that the domain component of the URI is a top-level domain and the system should not confirm that the hostname portion is a valid system that is reachable over the network.
- Allow
Access boolControl - If true, any managed App that is based on this template is checked for access control that is, access to this app is subject to successful authorization at SSO service, viz. app grants to start with.
- Allow
Offline bool - If true, indicates that the Refresh Token is allowed when this App acts as an OAuth Resource.
- Allowed
Grants []string - List of grant-types that this App is allowed to use when it acts as an OAuthClient.
- Allowed
Operations []string - OPTIONAL. Required only when this App acts as an OAuthClient. Supported values are 'introspect' and 'onBehalfOfUser'. The value 'introspect' allows the client to look inside the access-token. The value 'onBehalfOfUser' overrides how the client's privileges are combined with the privileges of the Subject User. Ordinarily, authorization calculates the set of effective privileges as the intersection of the client's privileges and the user's privileges. The value 'onBehalfOf' indicates that authorization should ignore the privileges of the client and use only the user's privileges to calculate the effective privileges.
- Allowed
Scopes []GetDomains App Allowed Scope - A list of scopes (exposed by this App or by other Apps) that this App is allowed to access when it acts as an OAuthClient.
- []Get
Domains App Allowed Tag - A list of tags, acting as an OAuthClient, this App is allowed to access.
- App
Icon string - Application icon.
- App
Id string - The id of the App that defines this AppRole, which is granted to this App. The App that defines the AppRole acts as the producer; the App to which the AppRole is granted acts as a consumer.
- App
Signon []GetPolicies Domains App App Signon Policy - App Sign-on Policy.
- App
Thumbnail string - Application thumbnail.
- Apps
Network []GetPerimeters Domains App Apps Network Perimeter - Network Perimeter
- As
Opc []GetServices Domains App As Opc Service - OPCService facet of the application.
- Attr
Rendering []GetMetadatas Domains App Attr Rendering Metadata - Label for the attribute to be shown in the UI.
- Audience string
- The base URI for all of the scopes defined in this App. The value of 'audience' is combined with the 'value' of each scope to form an 'fqs' or fully qualified scope.
- Based
On []GetTemplates Domains App Based On Template - Application template on which the application is based.
- Bypass
Consent bool - If true, indicates that consent should be skipped for all scopes
- Callback
Service stringUrl - Callback Service URL
- Certificates
[]Get
Domains App Certificate - Each value of this attribute represent a certificate that this App uses when it acts as an OAuthClient.
- Client
Ip stringChecking - Network Perimeters checking mode
- Client
Secret string - This value is the credential of this App, which this App supplies as a password when this App authenticates to the Oracle Public Cloud infrastructure. This value is also the client secret of this App when it acts as an OAuthClient.
- Client
Type string - Specifies the type of access that this App has when it acts as an OAuthClient.
- Cloud
Control []GetProperties Domains App Cloud Control Property - A collection of arbitrary properties that scope the privileges of a cloud-control App.
- Compartment
Ocid string - Oracle Cloud Infrastructure Compartment Id (ocid) in which the resource lives.
- Contact
Email stringAddress - Contact Email Address
- Delegated
Service []stringNames - Service Names allow to use Oracle Cloud Infrastructure signature for client authentication instead of client credentials
- Delete
In boolProgress - A boolean flag indicating this resource in the process of being deleted. Usually set to true when synchronous deletion of the resource would take too long.
- Description string
- The description of the AppRole.
- Disable
Kmsi boolToken Authentication - Indicates whether the application is allowed to be access using kmsi token.
- Display
Name string - Display name of the flatfile bundle configuration property. This attribute maps to "displayName" attribute in "ConfigurationProperty" in ICF.
- Domain
Ocid string - Oracle Cloud Infrastructure Domain Id (ocid) in which the resource lives.
- Editable
Attributes []GetDomains App Editable Attribute - App attributes editable by subject
- Error
Page stringUrl - This attribute specifies the URL of the page to which an application will redirect an end-user in case of error.
- Granted
App []GetRoles Domains App Granted App Role - A list of AppRoles that are granted to this App (and that are defined by other Apps). Within the Oracle Public Cloud infrastructure, this allows AppID-based association. Such an association allows this App to act as a consumer and thus to access resources of another App that acts as a producer.
- Grants
[]Get
Domains App Grant - Grants assigned to the app
- Hashed
Client stringSecret - Hashed Client Secret. This hash-value is used to verify the 'clientSecret' credential of this App
- Home
Page stringUrl - Home Page URL
- Icon string
- URL of application icon.
- Id string
- Unique identifier for the SCIM Resource as defined by the Service Provider. Each representation of the Resource MUST include a non-empty id value. This identifier MUST be unique across the Service Provider's entire set of Resources. It MUST be a stable, non-reassignable identifier that does not change when the same Resource is returned in subsequent requests. The value of the id attribute is always issued by the Service Provider and MUST never be specified by the Service Consumer. bulkId: is a reserved keyword and MUST NOT be used in the unique identifier.
- Id
Token stringEnc Algo - Encryption Alogrithm to use for encrypting ID token.
- Idcs
Created []GetBies Domains App Idcs Created By - The User or App who created the Resource
- Idcs
Endpoint string - Idcs
Last []GetModified Bies Domains App Idcs Last Modified By - The User or App who modified the Resource
- Idcs
Last stringUpgraded In Release - The release number when the resource was upgraded.
- Idcs
Prevented []stringOperations - Each value of this attribute specifies an operation that only an internal client may perform on this particular resource.
- Identity
Providers []GetDomains App Identity Provider - A list of IdentityProvider assigned to app. A user trying to access this app will be automatically redirected to configured IdP during the authentication phase, before being able to access App.
- Idp
Policies []GetDomains App Idp Policy - IDP Policy.
- Infrastructure bool
- If true, this App is an internal infrastructure App.
- Is
Alias boolApp - If true, this App is an AliasApp and it cannot be granted to an end-user directly.
- Is
Database boolService - If true, this application acts as database service Application
- Is
Enterprise boolApp - If true, this app acts as Enterprise app with Authentication and URL Authz policy.
- Is
Form boolFill - If true, this application acts as FormFill Application
- Is
Kerberos boolRealm - If true, indicates that this App supports Kerberos Authentication
- Is
Login boolTarget - If true, this App allows runtime services to log end users into this App automatically.
- Is
Managed boolApp - If true, indicates that access to this App requires an account. That is, in order to log in to the App, a User must use an application-specific identity that is maintained in the remote identity-repository of that App.
- Is
Mobile boolTarget - If true, indicates that the App should be visible in each end-user's mobile application.
- Is
Multicloud boolService App - If true, indicates the app is used for multicloud service integration.
- Is
Oauth boolClient - If true, this application acts as an OAuth Client
- Is
Oauth boolResource - If true, indicates that this application acts as an OAuth Resource.
- Is
Obligation boolCapable - This flag indicates if the App is capable of validating obligations with the token for allowing access to the App.
- Is
Opc boolService - If true, this application is an Oracle Public Cloud service-instance.
- Is
Radius boolApp - If true, this application acts as an Radius App
- Is
Saml boolService Provider - If true, then this App acts as a SAML Service Provider.
- Is
Unmanaged boolApp - If true, indicates that this application accepts an Oracle Cloud Identity Service User as a login-identity (does not require an account) and relies for authorization on the User's memberships in AppRoles.
- Is
Web boolTier Policy - If true, the webtier policy is active
- Landing
Page stringUrl - The URL of the landing page for this App, which is the first page that an end user should see if runtime services log that end user in to this App automatically.
- Linking
Callback stringUrl - This attribute specifies the callback URL for the social linking operation.
- Login
Mechanism string - The protocol that runtime services will use to log end users in to this App automatically. If 'OIDC', then runtime services use the OpenID Connect protocol. If 'SAML', then runtime services use Security Assertion Markup Language protocol.
- Login
Page stringUrl - This attribute specifies the URL of the page that the App uses when an end-user signs in to that App.
- Logout
Page stringUrl - This attribute specifies the URL of the page that the App uses when an end-user signs out.
- Logout
Uri string - OAuth will use this URI to logout if this App wants to participate in SSO, and if this App's session gets cleared as part of global logout. Note: This attribute is used only if this App acts as an OAuthClient.
- Metas
[]Get
Domains App Meta - A complex attribute that contains resource metadata. All sub-attributes are OPTIONAL.
- Meter
As boolOpc Service - Indicates whether the application is billed as an OPCService. If true, customer is not billed for runtime operations of the app.
- Migrated bool
- If true, this App was migrated from an earlier version of Oracle Public Cloud infrastructure (and may therefore require special handling from runtime services such as OAuth or SAML). If false, this App requires no special handling from runtime services.
- Name string
- The attribute represents the name of the attribute that will be used in the Security Assertion Markup Language (SAML) assertion
- Ocid string
- Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.
- Post
Logout []stringRedirect Uris - Each value of this attribute is the URI of a landing page within this App. It is used only when this App, acting as an OAuthClient, initiates the logout flow and wants to be redirected back to one of its landing pages.
- Privacy
Policy stringUrl - Privacy Policy URL
- Product
Logo stringUrl - Application Logo URL
- Product
Name string - Product Name
- Protectable
Secondary []GetAudiences Domains App Protectable Secondary Audience - A list of secondary audiences--additional URIs to be added automatically to any OAuth token that allows access to this App. Note: This attribute is used mainly for backward compatibility in certain Oracle Public Cloud Apps.
- Radius
Policies []GetDomains App Radius Policy - RADIUS Policy assigned to this application.
- Ready
To boolUpgrade - If true, this App requires an upgrade and mandates attention from application administrator. The flag is used by UI to indicate this app is ready to upgrade.
- Redirect
Uris []string - OPTIONAL. Each value is a URI within this App. This attribute is required when this App acts as an OAuthClient and is involved in three-legged flows (authorization-code flows).
- Refresh
Token intExpiry - Expiry-time in seconds for a Refresh Token. Any token that allows access to this App, once refreshed, will expire after the specified duration.
- Saml
Service []GetProviders Domains App Saml Service Provider - An attribute that refers to the SAML Service Provider that runtime services will use to log an end user in to this App automatically. Note that this will be used only if the loginMechanism is 'SAML'.
- Schemas []string
- REQUIRED. The schemas attribute is an array of Strings which allows introspection of the supported schema version for a SCIM representation as well any schema extensions supported by that representation. Each String value must be a unique URI. This specification defines URIs for User, Group, and a standard "enterprise" extension. All representations of SCIM schema MUST include a non-zero value array with value(s) of the URIs supported by that representation. Duplicate values MUST NOT be included. Value order is not specified and MUST not impact behavior.
- Scopes
[]Get
Domains App Scope - Scopes defined by this App. Used when this App acts as an OAuth Resource.
- Secondary
Audiences []string - A list of secondary audiences--additional URIs to be added automatically to any OAuth token that allows access to this App. Note: This attribute is used mainly for backward compatibility in certain Oracle Public Cloud Apps.
- Service
Params []GetDomains App Service Param - Custom attribute that is required to compute other attribute values during app creation.
- Service
Type stringUrn - This Uniform Resource Name (URN) value identifies the type of Oracle Public Cloud service of which this app is an instance.
- Service
Type stringVersion - This value specifies the version of the Oracle Public Cloud service of which this App is an instance
- Show
In boolMy Apps - If true, this app will be displayed in the MyApps page of each end-user who has access to the App.
- Signon
Policies []GetDomains App Signon Policy - Sign-on Policy.
- []Get
Domains App Tag - A list of tags on this resource.
- Tenancy
Ocid string - Oracle Cloud Infrastructure Tenant Id (ocid) in which the resource lives.
- Terms
Of stringService Url - Terms of Service URL
- Terms
Of []GetUses Domains App Terms Of Use - Terms Of Use.
- Trust
Policies []GetDomains App Trust Policy - Trust Policies.
- Trust
Scope string - Indicates the scope of trust for this App when acting as an OAuthClient. A value of 'Explicit' indicates that the App is allowed to access only the scopes of OAuthResources that are explicitly specified as 'allowedScopes'. A value of 'Account' indicates that the App is allowed implicitly to access any scope of any OAuthResource within the same Oracle Cloud Account. A value of 'Tags' indicates that the App is allowed to access any scope of any OAuthResource with a matching tag within the same Oracle Cloud Account. A value of 'Default' indicates that the Tenant default trust scope configured in the Tenant Settings is used.
- []Get
Domains App Urnietfparamsscimschemasoracleidcsextension Oci Tag - Oracle Cloud Infrastructure Tags.
- Urnietfparamsscimschemasoracleidcsextensiondbcs
Apps []GetDomains App Urnietfparamsscimschemasoracleidcsextensiondbcs App - This extension provides attributes for database service facet of an App
- Urnietfparamsscimschemasoracleidcsextensionenterprise
App []GetApps Domains App Urnietfparamsscimschemasoracleidcsextensionenterprise App App - This extension defines the Enterprise App related attributes.
- Urnietfparamsscimschemasoracleidcsextensionform
Fill []GetApp Apps Domains App Urnietfparamsscimschemasoracleidcsextensionform Fill App App - This extension provides attributes for Form-Fill facet of App
- Urnietfparamsscimschemasoracleidcsextensionform
Fill []GetApp Template App Templates Domains App Urnietfparamsscimschemasoracleidcsextensionform Fill App Template App Template - This extension provides attributes for Form-Fill facet of AppTemplate
- Urnietfparamsscimschemasoracleidcsextensionkerberos
Realm []GetApps Domains App Urnietfparamsscimschemasoracleidcsextensionkerberos Realm App - Kerberos Realm
- Urnietfparamsscimschemasoracleidcsextensionmanagedapp
Apps []GetDomains App Urnietfparamsscimschemasoracleidcsextensionmanagedapp App - Managed App
- Urnietfparamsscimschemasoracleidcsextensionmulticloud
Service []GetApp Apps Domains App Urnietfparamsscimschemasoracleidcsextensionmulticloud Service App App - This extension defines attributes specific to Apps that represent instances of Multicloud Service App
- Urnietfparamsscimschemasoracleidcsextensionopc
Service []GetApps Domains App Urnietfparamsscimschemasoracleidcsextensionopc Service App - This extension defines attributes specific to Apps that represent instances of an Oracle Public Cloud (OPC) service.
- Urnietfparamsscimschemasoracleidcsextensionradius
App []GetApps Domains App Urnietfparamsscimschemasoracleidcsextensionradius App App - This extension defines attributes specific to Apps that represent instances of Radius App.
- Urnietfparamsscimschemasoracleidcsextensionrequestable
Apps []GetDomains App Urnietfparamsscimschemasoracleidcsextensionrequestable App - Requestable App
- Urnietfparamsscimschemasoracleidcsextensionsaml
Service []GetProvider Apps Domains App Urnietfparamsscimschemasoracleidcsextensionsaml Service Provider App - This extension defines attributes related to the Service Providers configuration.
- Urnietfparamsscimschemasoracleidcsextensionweb
Tier []GetPolicy Apps Domains App Urnietfparamsscimschemasoracleidcsextensionweb Tier Policy App - WebTier Policy
- User
Roles []GetDomains App User Role - A list of AppRoles defined by this UnmanagedApp. Membership in each of these AppRoles confers end-user privilege within this App.
- Attribute
Sets []string - Attributes string
- string
- Resource
Type stringSchema Version
- access
Token IntegerExpiry - Access token expiry
- accounts
List<Get
Domains App Account> - Accounts of App
- active Boolean
- If true, this App is able to participate in runtime services, such as automatic-login, OAuth, and SAML. If false, all runtime services are disabled for this App, and only administrative operations can be performed.
- admin
Roles List<GetDomains App Admin Role> - A list of AppRoles defined by this UnmanagedApp. Membership in each of these AppRoles confers administrative privilege within this App.
- alias
Apps List<GetDomains App Alias App> - Each value of this internal attribute refers to an Oracle Public Cloud infrastructure App on which this App depends.
- all
Url BooleanSchemes Allowed - If true, indicates that the system should allow all URL-schemes within each value of the 'redirectUris' attribute. Also indicates that the system should not attempt to confirm that each value of the 'redirectUris' attribute is a valid URI. In particular, the system should not confirm that the domain component of the URI is a top-level domain and the system should not confirm that the hostname portion is a valid system that is reachable over the network.
- allow
Access BooleanControl - If true, any managed App that is based on this template is checked for access control that is, access to this app is subject to successful authorization at SSO service, viz. app grants to start with.
- allow
Offline Boolean - If true, indicates that the Refresh Token is allowed when this App acts as an OAuth Resource.
- allowed
Grants List<String> - List of grant-types that this App is allowed to use when it acts as an OAuthClient.
- allowed
Operations List<String> - OPTIONAL. Required only when this App acts as an OAuthClient. Supported values are 'introspect' and 'onBehalfOfUser'. The value 'introspect' allows the client to look inside the access-token. The value 'onBehalfOfUser' overrides how the client's privileges are combined with the privileges of the Subject User. Ordinarily, authorization calculates the set of effective privileges as the intersection of the client's privileges and the user's privileges. The value 'onBehalfOf' indicates that authorization should ignore the privileges of the client and use only the user's privileges to calculate the effective privileges.
- allowed
Scopes List<GetDomains App Allowed Scope> - A list of scopes (exposed by this App or by other Apps) that this App is allowed to access when it acts as an OAuthClient.
- List<Get
Domains App Allowed Tag> - A list of tags, acting as an OAuthClient, this App is allowed to access.
- app
Icon String - Application icon.
- app
Id String - The id of the App that defines this AppRole, which is granted to this App. The App that defines the AppRole acts as the producer; the App to which the AppRole is granted acts as a consumer.
- app
Signon List<GetPolicies Domains App App Signon Policy> - App Sign-on Policy.
- app
Thumbnail String - Application thumbnail.
- apps
Network List<GetPerimeters Domains App Apps Network Perimeter> - Network Perimeter
- as
Opc List<GetServices Domains App As Opc Service> - OPCService facet of the application.
- attr
Rendering List<GetMetadatas Domains App Attr Rendering Metadata> - Label for the attribute to be shown in the UI.
- audience String
- The base URI for all of the scopes defined in this App. The value of 'audience' is combined with the 'value' of each scope to form an 'fqs' or fully qualified scope.
- based
On List<GetTemplates Domains App Based On Template> - Application template on which the application is based.
- bypass
Consent Boolean - If true, indicates that consent should be skipped for all scopes
- callback
Service StringUrl - Callback Service URL
- certificates
List<Get
Domains App Certificate> - Each value of this attribute represent a certificate that this App uses when it acts as an OAuthClient.
- client
Ip StringChecking - Network Perimeters checking mode
- client
Secret String - This value is the credential of this App, which this App supplies as a password when this App authenticates to the Oracle Public Cloud infrastructure. This value is also the client secret of this App when it acts as an OAuthClient.
- client
Type String - Specifies the type of access that this App has when it acts as an OAuthClient.
- cloud
Control List<GetProperties Domains App Cloud Control Property> - A collection of arbitrary properties that scope the privileges of a cloud-control App.
- compartment
Ocid String - Oracle Cloud Infrastructure Compartment Id (ocid) in which the resource lives.
- contact
Email StringAddress - Contact Email Address
- delegated
Service List<String>Names - Service Names allow to use Oracle Cloud Infrastructure signature for client authentication instead of client credentials
- delete
In BooleanProgress - A boolean flag indicating this resource in the process of being deleted. Usually set to true when synchronous deletion of the resource would take too long.
- description String
- The description of the AppRole.
- disable
Kmsi BooleanToken Authentication - Indicates whether the application is allowed to be access using kmsi token.
- display
Name String - Display name of the flatfile bundle configuration property. This attribute maps to "displayName" attribute in "ConfigurationProperty" in ICF.
- domain
Ocid String - Oracle Cloud Infrastructure Domain Id (ocid) in which the resource lives.
- editable
Attributes List<GetDomains App Editable Attribute> - App attributes editable by subject
- error
Page StringUrl - This attribute specifies the URL of the page to which an application will redirect an end-user in case of error.
- granted
App List<GetRoles Domains App Granted App Role> - A list of AppRoles that are granted to this App (and that are defined by other Apps). Within the Oracle Public Cloud infrastructure, this allows AppID-based association. Such an association allows this App to act as a consumer and thus to access resources of another App that acts as a producer.
- grants
List<Get
Domains App Grant> - Grants assigned to the app
- hashed
Client StringSecret - Hashed Client Secret. This hash-value is used to verify the 'clientSecret' credential of this App
- home
Page StringUrl - Home Page URL
- icon String
- URL of application icon.
- id String
- Unique identifier for the SCIM Resource as defined by the Service Provider. Each representation of the Resource MUST include a non-empty id value. This identifier MUST be unique across the Service Provider's entire set of Resources. It MUST be a stable, non-reassignable identifier that does not change when the same Resource is returned in subsequent requests. The value of the id attribute is always issued by the Service Provider and MUST never be specified by the Service Consumer. bulkId: is a reserved keyword and MUST NOT be used in the unique identifier.
- id
Token StringEnc Algo - Encryption Alogrithm to use for encrypting ID token.
- idcs
Created List<GetBies Domains App Idcs Created By> - The User or App who created the Resource
- idcs
Endpoint String - idcs
Last List<GetModified Bies Domains App Idcs Last Modified By> - The User or App who modified the Resource
- idcs
Last StringUpgraded In Release - The release number when the resource was upgraded.
- idcs
Prevented List<String>Operations - Each value of this attribute specifies an operation that only an internal client may perform on this particular resource.
- identity
Providers List<GetDomains App Provider> - A list of IdentityProvider assigned to app. A user trying to access this app will be automatically redirected to configured IdP during the authentication phase, before being able to access App.
- idp
Policies List<GetDomains App Idp Policy> - IDP Policy.
- infrastructure Boolean
- If true, this App is an internal infrastructure App.
- is
Alias BooleanApp - If true, this App is an AliasApp and it cannot be granted to an end-user directly.
- is
Database BooleanService - If true, this application acts as database service Application
- is
Enterprise BooleanApp - If true, this app acts as Enterprise app with Authentication and URL Authz policy.
- is
Form BooleanFill - If true, this application acts as FormFill Application
- is
Kerberos BooleanRealm - If true, indicates that this App supports Kerberos Authentication
- is
Login BooleanTarget - If true, this App allows runtime services to log end users into this App automatically.
- is
Managed BooleanApp - If true, indicates that access to this App requires an account. That is, in order to log in to the App, a User must use an application-specific identity that is maintained in the remote identity-repository of that App.
- is
Mobile BooleanTarget - If true, indicates that the App should be visible in each end-user's mobile application.
- is
Multicloud BooleanService App - If true, indicates the app is used for multicloud service integration.
- is
Oauth BooleanClient - If true, this application acts as an OAuth Client
- is
Oauth BooleanResource - If true, indicates that this application acts as an OAuth Resource.
- is
Obligation BooleanCapable - This flag indicates if the App is capable of validating obligations with the token for allowing access to the App.
- is
Opc BooleanService - If true, this application is an Oracle Public Cloud service-instance.
- is
Radius BooleanApp - If true, this application acts as an Radius App
- is
Saml BooleanService Provider - If true, then this App acts as a SAML Service Provider.
- is
Unmanaged BooleanApp - If true, indicates that this application accepts an Oracle Cloud Identity Service User as a login-identity (does not require an account) and relies for authorization on the User's memberships in AppRoles.
- is
Web BooleanTier Policy - If true, the webtier policy is active
- landing
Page StringUrl - The URL of the landing page for this App, which is the first page that an end user should see if runtime services log that end user in to this App automatically.
- linking
Callback StringUrl - This attribute specifies the callback URL for the social linking operation.
- login
Mechanism String - The protocol that runtime services will use to log end users in to this App automatically. If 'OIDC', then runtime services use the OpenID Connect protocol. If 'SAML', then runtime services use Security Assertion Markup Language protocol.
- login
Page StringUrl - This attribute specifies the URL of the page that the App uses when an end-user signs in to that App.
- logout
Page StringUrl - This attribute specifies the URL of the page that the App uses when an end-user signs out.
- logout
Uri String - OAuth will use this URI to logout if this App wants to participate in SSO, and if this App's session gets cleared as part of global logout. Note: This attribute is used only if this App acts as an OAuthClient.
- metas
List<Get
Domains App Meta> - A complex attribute that contains resource metadata. All sub-attributes are OPTIONAL.
- meter
As BooleanOpc Service - Indicates whether the application is billed as an OPCService. If true, customer is not billed for runtime operations of the app.
- migrated Boolean
- If true, this App was migrated from an earlier version of Oracle Public Cloud infrastructure (and may therefore require special handling from runtime services such as OAuth or SAML). If false, this App requires no special handling from runtime services.
- name String
- The attribute represents the name of the attribute that will be used in the Security Assertion Markup Language (SAML) assertion
- ocid String
- Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.
- post
Logout List<String>Redirect Uris - Each value of this attribute is the URI of a landing page within this App. It is used only when this App, acting as an OAuthClient, initiates the logout flow and wants to be redirected back to one of its landing pages.
- privacy
Policy StringUrl - Privacy Policy URL
- product
Logo StringUrl - Application Logo URL
- product
Name String - Product Name
- protectable
Secondary List<GetAudiences Domains App Protectable Secondary Audience> - A list of secondary audiences--additional URIs to be added automatically to any OAuth token that allows access to this App. Note: This attribute is used mainly for backward compatibility in certain Oracle Public Cloud Apps.
- radius
Policies List<GetDomains App Radius Policy> - RADIUS Policy assigned to this application.
- ready
To BooleanUpgrade - If true, this App requires an upgrade and mandates attention from application administrator. The flag is used by UI to indicate this app is ready to upgrade.
- redirect
Uris List<String> - OPTIONAL. Each value is a URI within this App. This attribute is required when this App acts as an OAuthClient and is involved in three-legged flows (authorization-code flows).
- refresh
Token IntegerExpiry - Expiry-time in seconds for a Refresh Token. Any token that allows access to this App, once refreshed, will expire after the specified duration.
- saml
Service List<GetProviders Domains App Saml Service Provider> - An attribute that refers to the SAML Service Provider that runtime services will use to log an end user in to this App automatically. Note that this will be used only if the loginMechanism is 'SAML'.
- schemas List<String>
- REQUIRED. The schemas attribute is an array of Strings which allows introspection of the supported schema version for a SCIM representation as well any schema extensions supported by that representation. Each String value must be a unique URI. This specification defines URIs for User, Group, and a standard "enterprise" extension. All representations of SCIM schema MUST include a non-zero value array with value(s) of the URIs supported by that representation. Duplicate values MUST NOT be included. Value order is not specified and MUST not impact behavior.
- scopes
List<Get
Domains App Scope> - Scopes defined by this App. Used when this App acts as an OAuth Resource.
- secondary
Audiences List<String> - A list of secondary audiences--additional URIs to be added automatically to any OAuth token that allows access to this App. Note: This attribute is used mainly for backward compatibility in certain Oracle Public Cloud Apps.
- service
Params List<GetDomains App Service Param> - Custom attribute that is required to compute other attribute values during app creation.
- service
Type StringUrn - This Uniform Resource Name (URN) value identifies the type of Oracle Public Cloud service of which this app is an instance.
- service
Type StringVersion - This value specifies the version of the Oracle Public Cloud service of which this App is an instance
- show
In BooleanMy Apps - If true, this app will be displayed in the MyApps page of each end-user who has access to the App.
- signon
Policies List<GetDomains App Signon Policy> - Sign-on Policy.
- List<Get
Domains App Tag> - A list of tags on this resource.
- tenancy
Ocid String - Oracle Cloud Infrastructure Tenant Id (ocid) in which the resource lives.
- terms
Of StringService Url - Terms of Service URL
- terms
Of List<GetUses Domains App Terms Of Use> - Terms Of Use.
- trust
Policies List<GetDomains App Trust Policy> - Trust Policies.
- trust
Scope String - Indicates the scope of trust for this App when acting as an OAuthClient. A value of 'Explicit' indicates that the App is allowed to access only the scopes of OAuthResources that are explicitly specified as 'allowedScopes'. A value of 'Account' indicates that the App is allowed implicitly to access any scope of any OAuthResource within the same Oracle Cloud Account. A value of 'Tags' indicates that the App is allowed to access any scope of any OAuthResource with a matching tag within the same Oracle Cloud Account. A value of 'Default' indicates that the Tenant default trust scope configured in the Tenant Settings is used.
- List<Get
Domains App Urnietfparamsscimschemasoracleidcsextension Oci Tag> - Oracle Cloud Infrastructure Tags.
- urnietfparamsscimschemasoracleidcsextensiondbcs
Apps List<GetDomains App Urnietfparamsscimschemasoracleidcsextensiondbcs App> - This extension provides attributes for database service facet of an App
- urnietfparamsscimschemasoracleidcsextensionenterprise
App List<GetApps Domains App Urnietfparamsscimschemasoracleidcsextensionenterprise App App> - This extension defines the Enterprise App related attributes.
- urnietfparamsscimschemasoracleidcsextensionform
Fill List<GetApp Apps Domains App Urnietfparamsscimschemasoracleidcsextensionform Fill App App> - This extension provides attributes for Form-Fill facet of App
- urnietfparamsscimschemasoracleidcsextensionform
Fill List<GetApp Template App Templates Domains App Urnietfparamsscimschemasoracleidcsextensionform Fill App Template App Template> - This extension provides attributes for Form-Fill facet of AppTemplate
- urnietfparamsscimschemasoracleidcsextensionkerberos
Realm List<GetApps Domains App Urnietfparamsscimschemasoracleidcsextensionkerberos Realm App> - Kerberos Realm
- urnietfparamsscimschemasoracleidcsextensionmanagedapp
Apps List<GetDomains App Urnietfparamsscimschemasoracleidcsextensionmanagedapp App> - Managed App
- urnietfparamsscimschemasoracleidcsextensionmulticloud
Service List<GetApp Apps Domains App Urnietfparamsscimschemasoracleidcsextensionmulticloud Service App App> - This extension defines attributes specific to Apps that represent instances of Multicloud Service App
- urnietfparamsscimschemasoracleidcsextensionopc
Service List<GetApps Domains App Urnietfparamsscimschemasoracleidcsextensionopc Service App> - This extension defines attributes specific to Apps that represent instances of an Oracle Public Cloud (OPC) service.
- urnietfparamsscimschemasoracleidcsextensionradius
App List<GetApps Domains App Urnietfparamsscimschemasoracleidcsextensionradius App App> - This extension defines attributes specific to Apps that represent instances of Radius App.
- urnietfparamsscimschemasoracleidcsextensionrequestable
Apps List<GetDomains App Urnietfparamsscimschemasoracleidcsextensionrequestable App> - Requestable App
- urnietfparamsscimschemasoracleidcsextensionsaml
Service List<GetProvider Apps Domains App Urnietfparamsscimschemasoracleidcsextensionsaml Service Provider App> - This extension defines attributes related to the Service Providers configuration.
- urnietfparamsscimschemasoracleidcsextensionweb
Tier List<GetPolicy Apps Domains App Urnietfparamsscimschemasoracleidcsextensionweb Tier Policy App> - WebTier Policy
- user
Roles List<GetDomains App User Role> - A list of AppRoles defined by this UnmanagedApp. Membership in each of these AppRoles confers end-user privilege within this App.
- attribute
Sets List<String> - attributes String
- String
- resource
Type StringSchema Version
- access
Token numberExpiry - Access token expiry
- accounts
Get
Domains App Account[] - Accounts of App
- active boolean
- If true, this App is able to participate in runtime services, such as automatic-login, OAuth, and SAML. If false, all runtime services are disabled for this App, and only administrative operations can be performed.
- admin
Roles GetDomains App Admin Role[] - A list of AppRoles defined by this UnmanagedApp. Membership in each of these AppRoles confers administrative privilege within this App.
- alias
Apps GetDomains App Alias App[] - Each value of this internal attribute refers to an Oracle Public Cloud infrastructure App on which this App depends.
- all
Url booleanSchemes Allowed - If true, indicates that the system should allow all URL-schemes within each value of the 'redirectUris' attribute. Also indicates that the system should not attempt to confirm that each value of the 'redirectUris' attribute is a valid URI. In particular, the system should not confirm that the domain component of the URI is a top-level domain and the system should not confirm that the hostname portion is a valid system that is reachable over the network.
- allow
Access booleanControl - If true, any managed App that is based on this template is checked for access control that is, access to this app is subject to successful authorization at SSO service, viz. app grants to start with.
- allow
Offline boolean - If true, indicates that the Refresh Token is allowed when this App acts as an OAuth Resource.
- allowed
Grants string[] - List of grant-types that this App is allowed to use when it acts as an OAuthClient.
- allowed
Operations string[] - OPTIONAL. Required only when this App acts as an OAuthClient. Supported values are 'introspect' and 'onBehalfOfUser'. The value 'introspect' allows the client to look inside the access-token. The value 'onBehalfOfUser' overrides how the client's privileges are combined with the privileges of the Subject User. Ordinarily, authorization calculates the set of effective privileges as the intersection of the client's privileges and the user's privileges. The value 'onBehalfOf' indicates that authorization should ignore the privileges of the client and use only the user's privileges to calculate the effective privileges.
- allowed
Scopes GetDomains App Allowed Scope[] - A list of scopes (exposed by this App or by other Apps) that this App is allowed to access when it acts as an OAuthClient.
- Get
Domains App Allowed Tag[] - A list of tags, acting as an OAuthClient, this App is allowed to access.
- app
Icon string - Application icon.
- app
Id string - The id of the App that defines this AppRole, which is granted to this App. The App that defines the AppRole acts as the producer; the App to which the AppRole is granted acts as a consumer.
- app
Signon GetPolicies Domains App App Signon Policy[] - App Sign-on Policy.
- app
Thumbnail string - Application thumbnail.
- apps
Network GetPerimeters Domains App Apps Network Perimeter[] - Network Perimeter
- as
Opc GetServices Domains App As Opc Service[] - OPCService facet of the application.
- attr
Rendering GetMetadatas Domains App Attr Rendering Metadata[] - Label for the attribute to be shown in the UI.
- audience string
- The base URI for all of the scopes defined in this App. The value of 'audience' is combined with the 'value' of each scope to form an 'fqs' or fully qualified scope.
- based
On GetTemplates Domains App Based On Template[] - Application template on which the application is based.
- bypass
Consent boolean - If true, indicates that consent should be skipped for all scopes
- callback
Service stringUrl - Callback Service URL
- certificates
Get
Domains App Certificate[] - Each value of this attribute represent a certificate that this App uses when it acts as an OAuthClient.
- client
Ip stringChecking - Network Perimeters checking mode
- client
Secret string - This value is the credential of this App, which this App supplies as a password when this App authenticates to the Oracle Public Cloud infrastructure. This value is also the client secret of this App when it acts as an OAuthClient.
- client
Type string - Specifies the type of access that this App has when it acts as an OAuthClient.
- cloud
Control GetProperties Domains App Cloud Control Property[] - A collection of arbitrary properties that scope the privileges of a cloud-control App.
- compartment
Ocid string - Oracle Cloud Infrastructure Compartment Id (ocid) in which the resource lives.
- contact
Email stringAddress - Contact Email Address
- delegated
Service string[]Names - Service Names allow to use Oracle Cloud Infrastructure signature for client authentication instead of client credentials
- delete
In booleanProgress - A boolean flag indicating this resource in the process of being deleted. Usually set to true when synchronous deletion of the resource would take too long.
- description string
- The description of the AppRole.
- disable
Kmsi booleanToken Authentication - Indicates whether the application is allowed to be access using kmsi token.
- display
Name string - Display name of the flatfile bundle configuration property. This attribute maps to "displayName" attribute in "ConfigurationProperty" in ICF.
- domain
Ocid string - Oracle Cloud Infrastructure Domain Id (ocid) in which the resource lives.
- editable
Attributes GetDomains App Editable Attribute[] - App attributes editable by subject
- error
Page stringUrl - This attribute specifies the URL of the page to which an application will redirect an end-user in case of error.
- granted
App GetRoles Domains App Granted App Role[] - A list of AppRoles that are granted to this App (and that are defined by other Apps). Within the Oracle Public Cloud infrastructure, this allows AppID-based association. Such an association allows this App to act as a consumer and thus to access resources of another App that acts as a producer.
- grants
Get
Domains App Grant[] - Grants assigned to the app
- hashed
Client stringSecret - Hashed Client Secret. This hash-value is used to verify the 'clientSecret' credential of this App
- home
Page stringUrl - Home Page URL
- icon string
- URL of application icon.
- id string
- Unique identifier for the SCIM Resource as defined by the Service Provider. Each representation of the Resource MUST include a non-empty id value. This identifier MUST be unique across the Service Provider's entire set of Resources. It MUST be a stable, non-reassignable identifier that does not change when the same Resource is returned in subsequent requests. The value of the id attribute is always issued by the Service Provider and MUST never be specified by the Service Consumer. bulkId: is a reserved keyword and MUST NOT be used in the unique identifier.
- id
Token stringEnc Algo - Encryption Alogrithm to use for encrypting ID token.
- idcs
Created GetBies Domains App Idcs Created By[] - The User or App who created the Resource
- idcs
Endpoint string - idcs
Last GetModified Bies Domains App Idcs Last Modified By[] - The User or App who modified the Resource
- idcs
Last stringUpgraded In Release - The release number when the resource was upgraded.
- idcs
Prevented string[]Operations - Each value of this attribute specifies an operation that only an internal client may perform on this particular resource.
- identity
Providers GetDomains App Identity Provider[] - A list of IdentityProvider assigned to app. A user trying to access this app will be automatically redirected to configured IdP during the authentication phase, before being able to access App.
- idp
Policies GetDomains App Idp Policy[] - IDP Policy.
- infrastructure boolean
- If true, this App is an internal infrastructure App.
- is
Alias booleanApp - If true, this App is an AliasApp and it cannot be granted to an end-user directly.
- is
Database booleanService - If true, this application acts as database service Application
- is
Enterprise booleanApp - If true, this app acts as Enterprise app with Authentication and URL Authz policy.
- is
Form booleanFill - If true, this application acts as FormFill Application
- is
Kerberos booleanRealm - If true, indicates that this App supports Kerberos Authentication
- is
Login booleanTarget - If true, this App allows runtime services to log end users into this App automatically.
- is
Managed booleanApp - If true, indicates that access to this App requires an account. That is, in order to log in to the App, a User must use an application-specific identity that is maintained in the remote identity-repository of that App.
- is
Mobile booleanTarget - If true, indicates that the App should be visible in each end-user's mobile application.
- is
Multicloud booleanService App - If true, indicates the app is used for multicloud service integration.
- is
Oauth booleanClient - If true, this application acts as an OAuth Client
- is
Oauth booleanResource - If true, indicates that this application acts as an OAuth Resource.
- is
Obligation booleanCapable - This flag indicates if the App is capable of validating obligations with the token for allowing access to the App.
- is
Opc booleanService - If true, this application is an Oracle Public Cloud service-instance.
- is
Radius booleanApp - If true, this application acts as an Radius App
- is
Saml booleanService Provider - If true, then this App acts as a SAML Service Provider.
- is
Unmanaged booleanApp - If true, indicates that this application accepts an Oracle Cloud Identity Service User as a login-identity (does not require an account) and relies for authorization on the User's memberships in AppRoles.
- is
Web booleanTier Policy - If true, the webtier policy is active
- landing
Page stringUrl - The URL of the landing page for this App, which is the first page that an end user should see if runtime services log that end user in to this App automatically.
- linking
Callback stringUrl - This attribute specifies the callback URL for the social linking operation.
- login
Mechanism string - The protocol that runtime services will use to log end users in to this App automatically. If 'OIDC', then runtime services use the OpenID Connect protocol. If 'SAML', then runtime services use Security Assertion Markup Language protocol.
- login
Page stringUrl - This attribute specifies the URL of the page that the App uses when an end-user signs in to that App.
- logout
Page stringUrl - This attribute specifies the URL of the page that the App uses when an end-user signs out.
- logout
Uri string - OAuth will use this URI to logout if this App wants to participate in SSO, and if this App's session gets cleared as part of global logout. Note: This attribute is used only if this App acts as an OAuthClient.
- metas
Get
Domains App Meta[] - A complex attribute that contains resource metadata. All sub-attributes are OPTIONAL.
- meter
As booleanOpc Service - Indicates whether the application is billed as an OPCService. If true, customer is not billed for runtime operations of the app.
- migrated boolean
- If true, this App was migrated from an earlier version of Oracle Public Cloud infrastructure (and may therefore require special handling from runtime services such as OAuth or SAML). If false, this App requires no special handling from runtime services.
- name string
- The attribute represents the name of the attribute that will be used in the Security Assertion Markup Language (SAML) assertion
- ocid string
- Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.
- post
Logout string[]Redirect Uris - Each value of this attribute is the URI of a landing page within this App. It is used only when this App, acting as an OAuthClient, initiates the logout flow and wants to be redirected back to one of its landing pages.
- privacy
Policy stringUrl - Privacy Policy URL
- product
Logo stringUrl - Application Logo URL
- product
Name string - Product Name
- protectable
Secondary GetAudiences Domains App Protectable Secondary Audience[] - A list of secondary audiences--additional URIs to be added automatically to any OAuth token that allows access to this App. Note: This attribute is used mainly for backward compatibility in certain Oracle Public Cloud Apps.
- radius
Policies GetDomains App Radius Policy[] - RADIUS Policy assigned to this application.
- ready
To booleanUpgrade - If true, this App requires an upgrade and mandates attention from application administrator. The flag is used by UI to indicate this app is ready to upgrade.
- redirect
Uris string[] - OPTIONAL. Each value is a URI within this App. This attribute is required when this App acts as an OAuthClient and is involved in three-legged flows (authorization-code flows).
- refresh
Token numberExpiry - Expiry-time in seconds for a Refresh Token. Any token that allows access to this App, once refreshed, will expire after the specified duration.
- saml
Service GetProviders Domains App Saml Service Provider[] - An attribute that refers to the SAML Service Provider that runtime services will use to log an end user in to this App automatically. Note that this will be used only if the loginMechanism is 'SAML'.
- schemas string[]
- REQUIRED. The schemas attribute is an array of Strings which allows introspection of the supported schema version for a SCIM representation as well any schema extensions supported by that representation. Each String value must be a unique URI. This specification defines URIs for User, Group, and a standard "enterprise" extension. All representations of SCIM schema MUST include a non-zero value array with value(s) of the URIs supported by that representation. Duplicate values MUST NOT be included. Value order is not specified and MUST not impact behavior.
- scopes
Get
Domains App Scope[] - Scopes defined by this App. Used when this App acts as an OAuth Resource.
- secondary
Audiences string[] - A list of secondary audiences--additional URIs to be added automatically to any OAuth token that allows access to this App. Note: This attribute is used mainly for backward compatibility in certain Oracle Public Cloud Apps.
- service
Params GetDomains App Service Param[] - Custom attribute that is required to compute other attribute values during app creation.
- service
Type stringUrn - This Uniform Resource Name (URN) value identifies the type of Oracle Public Cloud service of which this app is an instance.
- service
Type stringVersion - This value specifies the version of the Oracle Public Cloud service of which this App is an instance
- show
In booleanMy Apps - If true, this app will be displayed in the MyApps page of each end-user who has access to the App.
- signon
Policies GetDomains App Signon Policy[] - Sign-on Policy.
- Get
Domains App Tag[] - A list of tags on this resource.
- tenancy
Ocid string - Oracle Cloud Infrastructure Tenant Id (ocid) in which the resource lives.
- terms
Of stringService Url - Terms of Service URL
- terms
Of GetUses Domains App Terms Of Use[] - Terms Of Use.
- trust
Policies GetDomains App Trust Policy[] - Trust Policies.
- trust
Scope string - Indicates the scope of trust for this App when acting as an OAuthClient. A value of 'Explicit' indicates that the App is allowed to access only the scopes of OAuthResources that are explicitly specified as 'allowedScopes'. A value of 'Account' indicates that the App is allowed implicitly to access any scope of any OAuthResource within the same Oracle Cloud Account. A value of 'Tags' indicates that the App is allowed to access any scope of any OAuthResource with a matching tag within the same Oracle Cloud Account. A value of 'Default' indicates that the Tenant default trust scope configured in the Tenant Settings is used.
- Get
Domains App Urnietfparamsscimschemasoracleidcsextension Oci Tag[] - Oracle Cloud Infrastructure Tags.
- urnietfparamsscimschemasoracleidcsextensiondbcs
Apps GetDomains App Urnietfparamsscimschemasoracleidcsextensiondbcs App[] - This extension provides attributes for database service facet of an App
- urnietfparamsscimschemasoracleidcsextensionenterprise
App GetApps Domains App Urnietfparamsscimschemasoracleidcsextensionenterprise App App[] - This extension defines the Enterprise App related attributes.
- urnietfparamsscimschemasoracleidcsextensionform
Fill GetApp Apps Domains App Urnietfparamsscimschemasoracleidcsextensionform Fill App App[] - This extension provides attributes for Form-Fill facet of App
- urnietfparamsscimschemasoracleidcsextensionform
Fill GetApp Template App Templates Domains App Urnietfparamsscimschemasoracleidcsextensionform Fill App Template App Template[] - This extension provides attributes for Form-Fill facet of AppTemplate
- urnietfparamsscimschemasoracleidcsextensionkerberos
Realm GetApps Domains App Urnietfparamsscimschemasoracleidcsextensionkerberos Realm App[] - Kerberos Realm
- urnietfparamsscimschemasoracleidcsextensionmanagedapp
Apps GetDomains App Urnietfparamsscimschemasoracleidcsextensionmanagedapp App[] - Managed App
- urnietfparamsscimschemasoracleidcsextensionmulticloud
Service GetApp Apps Domains App Urnietfparamsscimschemasoracleidcsextensionmulticloud Service App App[] - This extension defines attributes specific to Apps that represent instances of Multicloud Service App
- urnietfparamsscimschemasoracleidcsextensionopc
Service GetApps Domains App Urnietfparamsscimschemasoracleidcsextensionopc Service App[] - This extension defines attributes specific to Apps that represent instances of an Oracle Public Cloud (OPC) service.
- urnietfparamsscimschemasoracleidcsextensionradius
App GetApps Domains App Urnietfparamsscimschemasoracleidcsextensionradius App App[] - This extension defines attributes specific to Apps that represent instances of Radius App.
- urnietfparamsscimschemasoracleidcsextensionrequestable
Apps GetDomains App Urnietfparamsscimschemasoracleidcsextensionrequestable App[] - Requestable App
- urnietfparamsscimschemasoracleidcsextensionsaml
Service GetProvider Apps Domains App Urnietfparamsscimschemasoracleidcsextensionsaml Service Provider App[] - This extension defines attributes related to the Service Providers configuration.
- urnietfparamsscimschemasoracleidcsextensionweb
Tier GetPolicy Apps Domains App Urnietfparamsscimschemasoracleidcsextensionweb Tier Policy App[] - WebTier Policy
- user
Roles GetDomains App User Role[] - A list of AppRoles defined by this UnmanagedApp. Membership in each of these AppRoles confers end-user privilege within this App.
- attribute
Sets string[] - attributes string
- string
- resource
Type stringSchema Version
- access_
token_ intexpiry - Access token expiry
- accounts
Sequence[identity.
Get Domains App Account] - Accounts of App
- active bool
- If true, this App is able to participate in runtime services, such as automatic-login, OAuth, and SAML. If false, all runtime services are disabled for this App, and only administrative operations can be performed.
- admin_
roles Sequence[identity.Get Domains App Admin Role] - A list of AppRoles defined by this UnmanagedApp. Membership in each of these AppRoles confers administrative privilege within this App.
- alias_
apps Sequence[identity.Get Domains App Alias App] - Each value of this internal attribute refers to an Oracle Public Cloud infrastructure App on which this App depends.
- all_
url_ boolschemes_ allowed - If true, indicates that the system should allow all URL-schemes within each value of the 'redirectUris' attribute. Also indicates that the system should not attempt to confirm that each value of the 'redirectUris' attribute is a valid URI. In particular, the system should not confirm that the domain component of the URI is a top-level domain and the system should not confirm that the hostname portion is a valid system that is reachable over the network.
- allow_
access_ boolcontrol - If true, any managed App that is based on this template is checked for access control that is, access to this app is subject to successful authorization at SSO service, viz. app grants to start with.
- allow_
offline bool - If true, indicates that the Refresh Token is allowed when this App acts as an OAuth Resource.
- allowed_
grants Sequence[str] - List of grant-types that this App is allowed to use when it acts as an OAuthClient.
- allowed_
operations Sequence[str] - OPTIONAL. Required only when this App acts as an OAuthClient. Supported values are 'introspect' and 'onBehalfOfUser'. The value 'introspect' allows the client to look inside the access-token. The value 'onBehalfOfUser' overrides how the client's privileges are combined with the privileges of the Subject User. Ordinarily, authorization calculates the set of effective privileges as the intersection of the client's privileges and the user's privileges. The value 'onBehalfOf' indicates that authorization should ignore the privileges of the client and use only the user's privileges to calculate the effective privileges.
- allowed_
scopes Sequence[identity.Get Domains App Allowed Scope] - A list of scopes (exposed by this App or by other Apps) that this App is allowed to access when it acts as an OAuthClient.
- Sequence[identity.
Get Domains App Allowed Tag] - A list of tags, acting as an OAuthClient, this App is allowed to access.
- app_
icon str - Application icon.
- app_
id str - The id of the App that defines this AppRole, which is granted to this App. The App that defines the AppRole acts as the producer; the App to which the AppRole is granted acts as a consumer.
- app_
signon_ Sequence[identity.policies Get Domains App App Signon Policy] - App Sign-on Policy.
- app_
thumbnail str - Application thumbnail.
- apps_
network_ Sequence[identity.perimeters Get Domains App Apps Network Perimeter] - Network Perimeter
- as_
opc_ Sequence[identity.services Get Domains App As Opc Service] - OPCService facet of the application.
- attr_
rendering_ Sequence[identity.metadatas Get Domains App Attr Rendering Metadata] - Label for the attribute to be shown in the UI.
- audience str
- The base URI for all of the scopes defined in this App. The value of 'audience' is combined with the 'value' of each scope to form an 'fqs' or fully qualified scope.
- based_
on_ Sequence[identity.templates Get Domains App Based On Template] - Application template on which the application is based.
- bypass_
consent bool - If true, indicates that consent should be skipped for all scopes
- callback_
service_ strurl - Callback Service URL
- certificates
Sequence[identity.
Get Domains App Certificate] - Each value of this attribute represent a certificate that this App uses when it acts as an OAuthClient.
- client_
ip_ strchecking - Network Perimeters checking mode
- client_
secret str - This value is the credential of this App, which this App supplies as a password when this App authenticates to the Oracle Public Cloud infrastructure. This value is also the client secret of this App when it acts as an OAuthClient.
- client_
type str - Specifies the type of access that this App has when it acts as an OAuthClient.
- cloud_
control_ Sequence[identity.properties Get Domains App Cloud Control Property] - A collection of arbitrary properties that scope the privileges of a cloud-control App.
- compartment_
ocid str - Oracle Cloud Infrastructure Compartment Id (ocid) in which the resource lives.
- contact_
email_ straddress - Contact Email Address
- delegated_
service_ Sequence[str]names - Service Names allow to use Oracle Cloud Infrastructure signature for client authentication instead of client credentials
- delete_
in_ boolprogress - A boolean flag indicating this resource in the process of being deleted. Usually set to true when synchronous deletion of the resource would take too long.
- description str
- The description of the AppRole.
- disable_
kmsi_ booltoken_ authentication - Indicates whether the application is allowed to be access using kmsi token.
- display_
name str - Display name of the flatfile bundle configuration property. This attribute maps to "displayName" attribute in "ConfigurationProperty" in ICF.
- domain_
ocid str - Oracle Cloud Infrastructure Domain Id (ocid) in which the resource lives.
- editable_
attributes Sequence[identity.Get Domains App Editable Attribute] - App attributes editable by subject
- error_
page_ strurl - This attribute specifies the URL of the page to which an application will redirect an end-user in case of error.
- granted_
app_ Sequence[identity.roles Get Domains App Granted App Role] - A list of AppRoles that are granted to this App (and that are defined by other Apps). Within the Oracle Public Cloud infrastructure, this allows AppID-based association. Such an association allows this App to act as a consumer and thus to access resources of another App that acts as a producer.
- grants
Sequence[identity.
Get Domains App Grant] - Grants assigned to the app
- hashed_
client_ strsecret - Hashed Client Secret. This hash-value is used to verify the 'clientSecret' credential of this App
- home_
page_ strurl - Home Page URL
- icon str
- URL of application icon.
- id str
- Unique identifier for the SCIM Resource as defined by the Service Provider. Each representation of the Resource MUST include a non-empty id value. This identifier MUST be unique across the Service Provider's entire set of Resources. It MUST be a stable, non-reassignable identifier that does not change when the same Resource is returned in subsequent requests. The value of the id attribute is always issued by the Service Provider and MUST never be specified by the Service Consumer. bulkId: is a reserved keyword and MUST NOT be used in the unique identifier.
- id_
token_ strenc_ algo - Encryption Alogrithm to use for encrypting ID token.
- idcs_
created_ Sequence[identity.bies Get Domains App Idcs Created By] - The User or App who created the Resource
- idcs_
endpoint str - idcs_
last_ Sequence[identity.modified_ bies Get Domains App Idcs Last Modified By] - The User or App who modified the Resource
- idcs_
last_ strupgraded_ in_ release - The release number when the resource was upgraded.
- idcs_
prevented_ Sequence[str]operations - Each value of this attribute specifies an operation that only an internal client may perform on this particular resource.
- identity_
providers Sequence[identity.Get Domains App Identity Provider] - A list of IdentityProvider assigned to app. A user trying to access this app will be automatically redirected to configured IdP during the authentication phase, before being able to access App.
- idp_
policies Sequence[identity.Get Domains App Idp Policy] - IDP Policy.
- infrastructure bool
- If true, this App is an internal infrastructure App.
- is_
alias_ boolapp - If true, this App is an AliasApp and it cannot be granted to an end-user directly.
- is_
database_ boolservice - If true, this application acts as database service Application
- is_
enterprise_ boolapp - If true, this app acts as Enterprise app with Authentication and URL Authz policy.
- is_
form_ boolfill - If true, this application acts as FormFill Application
- is_
kerberos_ boolrealm - If true, indicates that this App supports Kerberos Authentication
- is_
login_ booltarget - If true, this App allows runtime services to log end users into this App automatically.
- is_
managed_ boolapp - If true, indicates that access to this App requires an account. That is, in order to log in to the App, a User must use an application-specific identity that is maintained in the remote identity-repository of that App.
- is_
mobile_ booltarget - If true, indicates that the App should be visible in each end-user's mobile application.
- is_
multicloud_ boolservice_ app - If true, indicates the app is used for multicloud service integration.
- is_
oauth_ boolclient - If true, this application acts as an OAuth Client
- is_
oauth_ boolresource - If true, indicates that this application acts as an OAuth Resource.
- is_
obligation_ boolcapable - This flag indicates if the App is capable of validating obligations with the token for allowing access to the App.
- is_
opc_ boolservice - If true, this application is an Oracle Public Cloud service-instance.
- is_
radius_ boolapp - If true, this application acts as an Radius App
- is_
saml_ boolservice_ provider - If true, then this App acts as a SAML Service Provider.
- is_
unmanaged_ boolapp - If true, indicates that this application accepts an Oracle Cloud Identity Service User as a login-identity (does not require an account) and relies for authorization on the User's memberships in AppRoles.
- is_
web_ booltier_ policy - If true, the webtier policy is active
- landing_
page_ strurl - The URL of the landing page for this App, which is the first page that an end user should see if runtime services log that end user in to this App automatically.
- linking_
callback_ strurl - This attribute specifies the callback URL for the social linking operation.
- login_
mechanism str - The protocol that runtime services will use to log end users in to this App automatically. If 'OIDC', then runtime services use the OpenID Connect protocol. If 'SAML', then runtime services use Security Assertion Markup Language protocol.
- login_
page_ strurl - This attribute specifies the URL of the page that the App uses when an end-user signs in to that App.
- logout_
page_ strurl - This attribute specifies the URL of the page that the App uses when an end-user signs out.
- logout_
uri str - OAuth will use this URI to logout if this App wants to participate in SSO, and if this App's session gets cleared as part of global logout. Note: This attribute is used only if this App acts as an OAuthClient.
- metas
Sequence[identity.
Get Domains App Meta] - A complex attribute that contains resource metadata. All sub-attributes are OPTIONAL.
- meter_
as_ boolopc_ service - Indicates whether the application is billed as an OPCService. If true, customer is not billed for runtime operations of the app.
- migrated bool
- If true, this App was migrated from an earlier version of Oracle Public Cloud infrastructure (and may therefore require special handling from runtime services such as OAuth or SAML). If false, this App requires no special handling from runtime services.
- name str
- The attribute represents the name of the attribute that will be used in the Security Assertion Markup Language (SAML) assertion
- ocid str
- Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.
- post_
logout_ Sequence[str]redirect_ uris - Each value of this attribute is the URI of a landing page within this App. It is used only when this App, acting as an OAuthClient, initiates the logout flow and wants to be redirected back to one of its landing pages.
- privacy_
policy_ strurl - Privacy Policy URL
- product_
logo_ strurl - Application Logo URL
- product_
name str - Product Name
- protectable_
secondary_ Sequence[identity.audiences Get Domains App Protectable Secondary Audience] - A list of secondary audiences--additional URIs to be added automatically to any OAuth token that allows access to this App. Note: This attribute is used mainly for backward compatibility in certain Oracle Public Cloud Apps.
- radius_
policies Sequence[identity.Get Domains App Radius Policy] - RADIUS Policy assigned to this application.
- ready_
to_ boolupgrade - If true, this App requires an upgrade and mandates attention from application administrator. The flag is used by UI to indicate this app is ready to upgrade.
- redirect_
uris Sequence[str] - OPTIONAL. Each value is a URI within this App. This attribute is required when this App acts as an OAuthClient and is involved in three-legged flows (authorization-code flows).
- refresh_
token_ intexpiry - Expiry-time in seconds for a Refresh Token. Any token that allows access to this App, once refreshed, will expire after the specified duration.
- saml_
service_ Sequence[identity.providers Get Domains App Saml Service Provider] - An attribute that refers to the SAML Service Provider that runtime services will use to log an end user in to this App automatically. Note that this will be used only if the loginMechanism is 'SAML'.
- schemas Sequence[str]
- REQUIRED. The schemas attribute is an array of Strings which allows introspection of the supported schema version for a SCIM representation as well any schema extensions supported by that representation. Each String value must be a unique URI. This specification defines URIs for User, Group, and a standard "enterprise" extension. All representations of SCIM schema MUST include a non-zero value array with value(s) of the URIs supported by that representation. Duplicate values MUST NOT be included. Value order is not specified and MUST not impact behavior.
- scopes
Sequence[identity.
Get Domains App Scope] - Scopes defined by this App. Used when this App acts as an OAuth Resource.
- secondary_
audiences Sequence[str] - A list of secondary audiences--additional URIs to be added automatically to any OAuth token that allows access to this App. Note: This attribute is used mainly for backward compatibility in certain Oracle Public Cloud Apps.
- service_
params Sequence[identity.Get Domains App Service Param] - Custom attribute that is required to compute other attribute values during app creation.
- service_
type_ strurn - This Uniform Resource Name (URN) value identifies the type of Oracle Public Cloud service of which this app is an instance.
- service_
type_ strversion - This value specifies the version of the Oracle Public Cloud service of which this App is an instance
- show_
in_ boolmy_ apps - If true, this app will be displayed in the MyApps page of each end-user who has access to the App.
- signon_
policies Sequence[identity.Get Domains App Signon Policy] - Sign-on Policy.
- Sequence[identity.
Get Domains App Tag] - A list of tags on this resource.
- tenancy_
ocid str - Oracle Cloud Infrastructure Tenant Id (ocid) in which the resource lives.
- terms_
of_ strservice_ url - Terms of Service URL
- terms_
of_ Sequence[identity.uses Get Domains App Terms Of Use] - Terms Of Use.
- trust_
policies Sequence[identity.Get Domains App Trust Policy] - Trust Policies.
- trust_
scope str - Indicates the scope of trust for this App when acting as an OAuthClient. A value of 'Explicit' indicates that the App is allowed to access only the scopes of OAuthResources that are explicitly specified as 'allowedScopes'. A value of 'Account' indicates that the App is allowed implicitly to access any scope of any OAuthResource within the same Oracle Cloud Account. A value of 'Tags' indicates that the App is allowed to access any scope of any OAuthResource with a matching tag within the same Oracle Cloud Account. A value of 'Default' indicates that the Tenant default trust scope configured in the Tenant Settings is used.
- Sequence[identity.
Get Domains App Urnietfparamsscimschemasoracleidcsextension Oci Tag] - Oracle Cloud Infrastructure Tags.
- urnietfparamsscimschemasoracleidcsextensiondbcs_
apps Sequence[identity.Get Domains App Urnietfparamsscimschemasoracleidcsextensiondbcs App] - This extension provides attributes for database service facet of an App
- urnietfparamsscimschemasoracleidcsextensionenterprise_
app_ Sequence[identity.apps Get Domains App Urnietfparamsscimschemasoracleidcsextensionenterprise App App] - This extension defines the Enterprise App related attributes.
- urnietfparamsscimschemasoracleidcsextensionform_
fill_ Sequence[identity.app_ apps Get Domains App Urnietfparamsscimschemasoracleidcsextensionform Fill App App] - This extension provides attributes for Form-Fill facet of App
- urnietfparamsscimschemasoracleidcsextensionform_
fill_ Sequence[identity.app_ template_ app_ templates Get Domains App Urnietfparamsscimschemasoracleidcsextensionform Fill App Template App Template] - This extension provides attributes for Form-Fill facet of AppTemplate
- urnietfparamsscimschemasoracleidcsextensionkerberos_
realm_ Sequence[identity.apps Get Domains App Urnietfparamsscimschemasoracleidcsextensionkerberos Realm App] - Kerberos Realm
- urnietfparamsscimschemasoracleidcsextensionmanagedapp_
apps Sequence[identity.Get Domains App Urnietfparamsscimschemasoracleidcsextensionmanagedapp App] - Managed App
- urnietfparamsscimschemasoracleidcsextensionmulticloud_
service_ Sequence[identity.app_ apps Get Domains App Urnietfparamsscimschemasoracleidcsextensionmulticloud Service App App] - This extension defines attributes specific to Apps that represent instances of Multicloud Service App
- urnietfparamsscimschemasoracleidcsextensionopc_
service_ Sequence[identity.apps Get Domains App Urnietfparamsscimschemasoracleidcsextensionopc Service App] - This extension defines attributes specific to Apps that represent instances of an Oracle Public Cloud (OPC) service.
- urnietfparamsscimschemasoracleidcsextensionradius_
app_ Sequence[identity.apps Get Domains App Urnietfparamsscimschemasoracleidcsextensionradius App App] - This extension defines attributes specific to Apps that represent instances of Radius App.
- urnietfparamsscimschemasoracleidcsextensionrequestable_
apps Sequence[identity.Get Domains App Urnietfparamsscimschemasoracleidcsextensionrequestable App] - Requestable App
- urnietfparamsscimschemasoracleidcsextensionsaml_
service_ Sequence[identity.provider_ apps Get Domains App Urnietfparamsscimschemasoracleidcsextensionsaml Service Provider App] - This extension defines attributes related to the Service Providers configuration.
- urnietfparamsscimschemasoracleidcsextensionweb_
tier_ Sequence[identity.policy_ apps Get Domains App Urnietfparamsscimschemasoracleidcsextensionweb Tier Policy App] - WebTier Policy
- user_
roles Sequence[identity.Get Domains App User Role] - A list of AppRoles defined by this UnmanagedApp. Membership in each of these AppRoles confers end-user privilege within this App.
- attribute_
sets Sequence[str] - attributes str
- str
- resource_
type_ strschema_ version
- access
Token NumberExpiry - Access token expiry
- accounts List<Property Map>
- Accounts of App
- active Boolean
- If true, this App is able to participate in runtime services, such as automatic-login, OAuth, and SAML. If false, all runtime services are disabled for this App, and only administrative operations can be performed.
- admin
Roles List<Property Map> - A list of AppRoles defined by this UnmanagedApp. Membership in each of these AppRoles confers administrative privilege within this App.
- alias
Apps List<Property Map> - Each value of this internal attribute refers to an Oracle Public Cloud infrastructure App on which this App depends.
- all
Url BooleanSchemes Allowed - If true, indicates that the system should allow all URL-schemes within each value of the 'redirectUris' attribute. Also indicates that the system should not attempt to confirm that each value of the 'redirectUris' attribute is a valid URI. In particular, the system should not confirm that the domain component of the URI is a top-level domain and the system should not confirm that the hostname portion is a valid system that is reachable over the network.
- allow
Access BooleanControl - If true, any managed App that is based on this template is checked for access control that is, access to this app is subject to successful authorization at SSO service, viz. app grants to start with.
- allow
Offline Boolean - If true, indicates that the Refresh Token is allowed when this App acts as an OAuth Resource.
- allowed
Grants List<String> - List of grant-types that this App is allowed to use when it acts as an OAuthClient.
- allowed
Operations List<String> - OPTIONAL. Required only when this App acts as an OAuthClient. Supported values are 'introspect' and 'onBehalfOfUser'. The value 'introspect' allows the client to look inside the access-token. The value 'onBehalfOfUser' overrides how the client's privileges are combined with the privileges of the Subject User. Ordinarily, authorization calculates the set of effective privileges as the intersection of the client's privileges and the user's privileges. The value 'onBehalfOf' indicates that authorization should ignore the privileges of the client and use only the user's privileges to calculate the effective privileges.
- allowed
Scopes List<Property Map> - A list of scopes (exposed by this App or by other Apps) that this App is allowed to access when it acts as an OAuthClient.
- List<Property Map>
- A list of tags, acting as an OAuthClient, this App is allowed to access.
- app
Icon String - Application icon.
- app
Id String - The id of the App that defines this AppRole, which is granted to this App. The App that defines the AppRole acts as the producer; the App to which the AppRole is granted acts as a consumer.
- app
Signon List<Property Map>Policies - App Sign-on Policy.
- app
Thumbnail String - Application thumbnail.
- apps
Network List<Property Map>Perimeters - Network Perimeter
- as
Opc List<Property Map>Services - OPCService facet of the application.
- attr
Rendering List<Property Map>Metadatas - Label for the attribute to be shown in the UI.
- audience String
- The base URI for all of the scopes defined in this App. The value of 'audience' is combined with the 'value' of each scope to form an 'fqs' or fully qualified scope.
- based
On List<Property Map>Templates - Application template on which the application is based.
- bypass
Consent Boolean - If true, indicates that consent should be skipped for all scopes
- callback
Service StringUrl - Callback Service URL
- certificates List<Property Map>
- Each value of this attribute represent a certificate that this App uses when it acts as an OAuthClient.
- client
Ip StringChecking - Network Perimeters checking mode
- client
Secret String - This value is the credential of this App, which this App supplies as a password when this App authenticates to the Oracle Public Cloud infrastructure. This value is also the client secret of this App when it acts as an OAuthClient.
- client
Type String - Specifies the type of access that this App has when it acts as an OAuthClient.
- cloud
Control List<Property Map>Properties - A collection of arbitrary properties that scope the privileges of a cloud-control App.
- compartment
Ocid String - Oracle Cloud Infrastructure Compartment Id (ocid) in which the resource lives.
- contact
Email StringAddress - Contact Email Address
- delegated
Service List<String>Names - Service Names allow to use Oracle Cloud Infrastructure signature for client authentication instead of client credentials
- delete
In BooleanProgress - A boolean flag indicating this resource in the process of being deleted. Usually set to true when synchronous deletion of the resource would take too long.
- description String
- The description of the AppRole.
- disable
Kmsi BooleanToken Authentication - Indicates whether the application is allowed to be access using kmsi token.
- display
Name String - Display name of the flatfile bundle configuration property. This attribute maps to "displayName" attribute in "ConfigurationProperty" in ICF.
- domain
Ocid String - Oracle Cloud Infrastructure Domain Id (ocid) in which the resource lives.
- editable
Attributes List<Property Map> - App attributes editable by subject
- error
Page StringUrl - This attribute specifies the URL of the page to which an application will redirect an end-user in case of error.
- granted
App List<Property Map>Roles - A list of AppRoles that are granted to this App (and that are defined by other Apps). Within the Oracle Public Cloud infrastructure, this allows AppID-based association. Such an association allows this App to act as a consumer and thus to access resources of another App that acts as a producer.
- grants List<Property Map>
- Grants assigned to the app
- hashed
Client StringSecret - Hashed Client Secret. This hash-value is used to verify the 'clientSecret' credential of this App
- home
Page StringUrl - Home Page URL
- icon String
- URL of application icon.
- id String
- Unique identifier for the SCIM Resource as defined by the Service Provider. Each representation of the Resource MUST include a non-empty id value. This identifier MUST be unique across the Service Provider's entire set of Resources. It MUST be a stable, non-reassignable identifier that does not change when the same Resource is returned in subsequent requests. The value of the id attribute is always issued by the Service Provider and MUST never be specified by the Service Consumer. bulkId: is a reserved keyword and MUST NOT be used in the unique identifier.
- id
Token StringEnc Algo - Encryption Alogrithm to use for encrypting ID token.
- idcs
Created List<Property Map>Bies - The User or App who created the Resource
- idcs
Endpoint String - idcs
Last List<Property Map>Modified Bies - The User or App who modified the Resource
- idcs
Last StringUpgraded In Release - The release number when the resource was upgraded.
- idcs
Prevented List<String>Operations - Each value of this attribute specifies an operation that only an internal client may perform on this particular resource.
- identity
Providers List<Property Map> - A list of IdentityProvider assigned to app. A user trying to access this app will be automatically redirected to configured IdP during the authentication phase, before being able to access App.
- idp
Policies List<Property Map> - IDP Policy.
- infrastructure Boolean
- If true, this App is an internal infrastructure App.
- is
Alias BooleanApp - If true, this App is an AliasApp and it cannot be granted to an end-user directly.
- is
Database BooleanService - If true, this application acts as database service Application
- is
Enterprise BooleanApp - If true, this app acts as Enterprise app with Authentication and URL Authz policy.
- is
Form BooleanFill - If true, this application acts as FormFill Application
- is
Kerberos BooleanRealm - If true, indicates that this App supports Kerberos Authentication
- is
Login BooleanTarget - If true, this App allows runtime services to log end users into this App automatically.
- is
Managed BooleanApp - If true, indicates that access to this App requires an account. That is, in order to log in to the App, a User must use an application-specific identity that is maintained in the remote identity-repository of that App.
- is
Mobile BooleanTarget - If true, indicates that the App should be visible in each end-user's mobile application.
- is
Multicloud BooleanService App - If true, indicates the app is used for multicloud service integration.
- is
Oauth BooleanClient - If true, this application acts as an OAuth Client
- is
Oauth BooleanResource - If true, indicates that this application acts as an OAuth Resource.
- is
Obligation BooleanCapable - This flag indicates if the App is capable of validating obligations with the token for allowing access to the App.
- is
Opc BooleanService - If true, this application is an Oracle Public Cloud service-instance.
- is
Radius BooleanApp - If true, this application acts as an Radius App
- is
Saml BooleanService Provider - If true, then this App acts as a SAML Service Provider.
- is
Unmanaged BooleanApp - If true, indicates that this application accepts an Oracle Cloud Identity Service User as a login-identity (does not require an account) and relies for authorization on the User's memberships in AppRoles.
- is
Web BooleanTier Policy - If true, the webtier policy is active
- landing
Page StringUrl - The URL of the landing page for this App, which is the first page that an end user should see if runtime services log that end user in to this App automatically.
- linking
Callback StringUrl - This attribute specifies the callback URL for the social linking operation.
- login
Mechanism String - The protocol that runtime services will use to log end users in to this App automatically. If 'OIDC', then runtime services use the OpenID Connect protocol. If 'SAML', then runtime services use Security Assertion Markup Language protocol.
- login
Page StringUrl - This attribute specifies the URL of the page that the App uses when an end-user signs in to that App.
- logout
Page StringUrl - This attribute specifies the URL of the page that the App uses when an end-user signs out.
- logout
Uri String - OAuth will use this URI to logout if this App wants to participate in SSO, and if this App's session gets cleared as part of global logout. Note: This attribute is used only if this App acts as an OAuthClient.
- metas List<Property Map>
- A complex attribute that contains resource metadata. All sub-attributes are OPTIONAL.
- meter
As BooleanOpc Service - Indicates whether the application is billed as an OPCService. If true, customer is not billed for runtime operations of the app.
- migrated Boolean
- If true, this App was migrated from an earlier version of Oracle Public Cloud infrastructure (and may therefore require special handling from runtime services such as OAuth or SAML). If false, this App requires no special handling from runtime services.
- name String
- The attribute represents the name of the attribute that will be used in the Security Assertion Markup Language (SAML) assertion
- ocid String
- Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.
- post
Logout List<String>Redirect Uris - Each value of this attribute is the URI of a landing page within this App. It is used only when this App, acting as an OAuthClient, initiates the logout flow and wants to be redirected back to one of its landing pages.
- privacy
Policy StringUrl - Privacy Policy URL
- product
Logo StringUrl - Application Logo URL
- product
Name String - Product Name
- protectable
Secondary List<Property Map>Audiences - A list of secondary audiences--additional URIs to be added automatically to any OAuth token that allows access to this App. Note: This attribute is used mainly for backward compatibility in certain Oracle Public Cloud Apps.
- radius
Policies List<Property Map> - RADIUS Policy assigned to this application.
- ready
To BooleanUpgrade - If true, this App requires an upgrade and mandates attention from application administrator. The flag is used by UI to indicate this app is ready to upgrade.
- redirect
Uris List<String> - OPTIONAL. Each value is a URI within this App. This attribute is required when this App acts as an OAuthClient and is involved in three-legged flows (authorization-code flows).
- refresh
Token NumberExpiry - Expiry-time in seconds for a Refresh Token. Any token that allows access to this App, once refreshed, will expire after the specified duration.
- saml
Service List<Property Map>Providers - An attribute that refers to the SAML Service Provider that runtime services will use to log an end user in to this App automatically. Note that this will be used only if the loginMechanism is 'SAML'.
- schemas List<String>
- REQUIRED. The schemas attribute is an array of Strings which allows introspection of the supported schema version for a SCIM representation as well any schema extensions supported by that representation. Each String value must be a unique URI. This specification defines URIs for User, Group, and a standard "enterprise" extension. All representations of SCIM schema MUST include a non-zero value array with value(s) of the URIs supported by that representation. Duplicate values MUST NOT be included. Value order is not specified and MUST not impact behavior.
- scopes List<Property Map>
- Scopes defined by this App. Used when this App acts as an OAuth Resource.
- secondary
Audiences List<String> - A list of secondary audiences--additional URIs to be added automatically to any OAuth token that allows access to this App. Note: This attribute is used mainly for backward compatibility in certain Oracle Public Cloud Apps.
- service
Params List<Property Map> - Custom attribute that is required to compute other attribute values during app creation.
- service
Type StringUrn - This Uniform Resource Name (URN) value identifies the type of Oracle Public Cloud service of which this app is an instance.
- service
Type StringVersion - This value specifies the version of the Oracle Public Cloud service of which this App is an instance
- show
In BooleanMy Apps - If true, this app will be displayed in the MyApps page of each end-user who has access to the App.
- signon
Policies List<Property Map> - Sign-on Policy.
- List<Property Map>
- A list of tags on this resource.
- tenancy
Ocid String - Oracle Cloud Infrastructure Tenant Id (ocid) in which the resource lives.
- terms
Of StringService Url - Terms of Service URL
- terms
Of List<Property Map>Uses - Terms Of Use.
- trust
Policies List<Property Map> - Trust Policies.
- trust
Scope String - Indicates the scope of trust for this App when acting as an OAuthClient. A value of 'Explicit' indicates that the App is allowed to access only the scopes of OAuthResources that are explicitly specified as 'allowedScopes'. A value of 'Account' indicates that the App is allowed implicitly to access any scope of any OAuthResource within the same Oracle Cloud Account. A value of 'Tags' indicates that the App is allowed to access any scope of any OAuthResource with a matching tag within the same Oracle Cloud Account. A value of 'Default' indicates that the Tenant default trust scope configured in the Tenant Settings is used.
- List<Property Map>
- Oracle Cloud Infrastructure Tags.
- urnietfparamsscimschemasoracleidcsextensiondbcs
Apps List<Property Map> - This extension provides attributes for database service facet of an App
- urnietfparamsscimschemasoracleidcsextensionenterprise
App List<Property Map>Apps - This extension defines the Enterprise App related attributes.
- urnietfparamsscimschemasoracleidcsextensionform
Fill List<Property Map>App Apps - This extension provides attributes for Form-Fill facet of App
- urnietfparamsscimschemasoracleidcsextensionform
Fill List<Property Map>App Template App Templates - This extension provides attributes for Form-Fill facet of AppTemplate
- urnietfparamsscimschemasoracleidcsextensionkerberos
Realm List<Property Map>Apps - Kerberos Realm
- urnietfparamsscimschemasoracleidcsextensionmanagedapp
Apps List<Property Map> - Managed App
- urnietfparamsscimschemasoracleidcsextensionmulticloud
Service List<Property Map>App Apps - This extension defines attributes specific to Apps that represent instances of Multicloud Service App
- urnietfparamsscimschemasoracleidcsextensionopc
Service List<Property Map>Apps - This extension defines attributes specific to Apps that represent instances of an Oracle Public Cloud (OPC) service.
- urnietfparamsscimschemasoracleidcsextensionradius
App List<Property Map>Apps - This extension defines attributes specific to Apps that represent instances of Radius App.
- urnietfparamsscimschemasoracleidcsextensionrequestable
Apps List<Property Map> - Requestable App
- urnietfparamsscimschemasoracleidcsextensionsaml
Service List<Property Map>Provider Apps - This extension defines attributes related to the Service Providers configuration.
- urnietfparamsscimschemasoracleidcsextensionweb
Tier List<Property Map>Policy Apps - WebTier Policy
- user
Roles List<Property Map> - A list of AppRoles defined by this UnmanagedApp. Membership in each of these AppRoles confers end-user privilege within this App.
- attribute
Sets List<String> - attributes String
- String
- resource
Type StringSchema Version
Supporting Types
GetDomainsAppAccount
- Active bool
- If true, this App is able to participate in runtime services, such as automatic-login, OAuth, and SAML. If false, all runtime services are disabled for this App, and only administrative operations can be performed.
- Name string
- The attribute represents the name of the attribute that will be used in the Security Assertion Markup Language (SAML) assertion
- Owner
Id string - Owner identifier
- Ref string
- URI of the AppRole.
- Value string
- ID of the AppRole.
- Active bool
- If true, this App is able to participate in runtime services, such as automatic-login, OAuth, and SAML. If false, all runtime services are disabled for this App, and only administrative operations can be performed.
- Name string
- The attribute represents the name of the attribute that will be used in the Security Assertion Markup Language (SAML) assertion
- Owner
Id string - Owner identifier
- Ref string
- URI of the AppRole.
- Value string
- ID of the AppRole.
- active Boolean
- If true, this App is able to participate in runtime services, such as automatic-login, OAuth, and SAML. If false, all runtime services are disabled for this App, and only administrative operations can be performed.
- name String
- The attribute represents the name of the attribute that will be used in the Security Assertion Markup Language (SAML) assertion
- owner
Id String - Owner identifier
- ref String
- URI of the AppRole.
- value String
- ID of the AppRole.
- active boolean
- If true, this App is able to participate in runtime services, such as automatic-login, OAuth, and SAML. If false, all runtime services are disabled for this App, and only administrative operations can be performed.
- name string
- The attribute represents the name of the attribute that will be used in the Security Assertion Markup Language (SAML) assertion
- owner
Id string - Owner identifier
- ref string
- URI of the AppRole.
- value string
- ID of the AppRole.
- active bool
- If true, this App is able to participate in runtime services, such as automatic-login, OAuth, and SAML. If false, all runtime services are disabled for this App, and only administrative operations can be performed.
- name str
- The attribute represents the name of the attribute that will be used in the Security Assertion Markup Language (SAML) assertion
- owner_
id str - Owner identifier
- ref str
- URI of the AppRole.
- value str
- ID of the AppRole.
- active Boolean
- If true, this App is able to participate in runtime services, such as automatic-login, OAuth, and SAML. If false, all runtime services are disabled for this App, and only administrative operations can be performed.
- name String
- The attribute represents the name of the attribute that will be used in the Security Assertion Markup Language (SAML) assertion
- owner
Id String - Owner identifier
- ref String
- URI of the AppRole.
- value String
- ID of the AppRole.
GetDomainsAppAdminRole
- Description string
- The description of the AppRole.
- Display string
- Display-name of the AppRole.
- Ref string
- URI of the AppRole.
- Value string
- ID of the AppRole.
- Description string
- The description of the AppRole.
- Display string
- Display-name of the AppRole.
- Ref string
- URI of the AppRole.
- Value string
- ID of the AppRole.
- description String
- The description of the AppRole.
- display String
- Display-name of the AppRole.
- ref String
- URI of the AppRole.
- value String
- ID of the AppRole.
- description string
- The description of the AppRole.
- display string
- Display-name of the AppRole.
- ref string
- URI of the AppRole.
- value string
- ID of the AppRole.
- description str
- The description of the AppRole.
- display str
- Display-name of the AppRole.
- ref str
- URI of the AppRole.
- value str
- ID of the AppRole.
- description String
- The description of the AppRole.
- display String
- Display-name of the AppRole.
- ref String
- URI of the AppRole.
- value String
- ID of the AppRole.
GetDomainsAppAliasApp
- Description string
- The description of the AppRole.
- Display string
- Display-name of the AppRole.
- Ref string
- URI of the AppRole.
- Value string
- ID of the AppRole.
- Description string
- The description of the AppRole.
- Display string
- Display-name of the AppRole.
- Ref string
- URI of the AppRole.
- Value string
- ID of the AppRole.
- description String
- The description of the AppRole.
- display String
- Display-name of the AppRole.
- ref String
- URI of the AppRole.
- value String
- ID of the AppRole.
- description string
- The description of the AppRole.
- display string
- Display-name of the AppRole.
- ref string
- URI of the AppRole.
- value string
- ID of the AppRole.
- description str
- The description of the AppRole.
- display str
- Display-name of the AppRole.
- ref str
- URI of the AppRole.
- value str
- ID of the AppRole.
- description String
- The description of the AppRole.
- display String
- Display-name of the AppRole.
- ref String
- URI of the AppRole.
- value String
- ID of the AppRole.
GetDomainsAppAllowedScope
- Fqs string
- The fully qualified value of this scope within this App. A fully qualified scope combines the 'value' of each scope with the value of 'audience'. Each value of 'fqs' must be unique across the system. Used only when this App acts as an OAuth Resource.
- Id
Of stringDefining App - The ID of the App that defines this scope.
- Read
Only bool - If true, indicates that this value must be protected.
- Fqs string
- The fully qualified value of this scope within this App. A fully qualified scope combines the 'value' of each scope with the value of 'audience'. Each value of 'fqs' must be unique across the system. Used only when this App acts as an OAuth Resource.
- Id
Of stringDefining App - The ID of the App that defines this scope.
- Read
Only bool - If true, indicates that this value must be protected.
- fqs String
- The fully qualified value of this scope within this App. A fully qualified scope combines the 'value' of each scope with the value of 'audience'. Each value of 'fqs' must be unique across the system. Used only when this App acts as an OAuth Resource.
- id
Of StringDefining App - The ID of the App that defines this scope.
- read
Only Boolean - If true, indicates that this value must be protected.
- fqs string
- The fully qualified value of this scope within this App. A fully qualified scope combines the 'value' of each scope with the value of 'audience'. Each value of 'fqs' must be unique across the system. Used only when this App acts as an OAuth Resource.
- id
Of stringDefining App - The ID of the App that defines this scope.
- read
Only boolean - If true, indicates that this value must be protected.
- fqs str
- The fully qualified value of this scope within this App. A fully qualified scope combines the 'value' of each scope with the value of 'audience'. Each value of 'fqs' must be unique across the system. Used only when this App acts as an OAuth Resource.
- id_
of_ strdefining_ app - The ID of the App that defines this scope.
- read_
only bool - If true, indicates that this value must be protected.
- fqs String
- The fully qualified value of this scope within this App. A fully qualified scope combines the 'value' of each scope with the value of 'audience'. Each value of 'fqs' must be unique across the system. Used only when this App acts as an OAuth Resource.
- id
Of StringDefining App - The ID of the App that defines this scope.
- read
Only Boolean - If true, indicates that this value must be protected.
GetDomainsAppAllowedTag
GetDomainsAppAppSignonPolicy
GetDomainsAppAppsNetworkPerimeter
GetDomainsAppAsOpcService
GetDomainsAppAttrRenderingMetadata
- Datatype string
- Data type of the attribute.
- Helptext string
- Help text for the attribute. It can contain HTML tags.
- Label string
- Label for the attribute to be shown in the UI.
- Max
Length int - Maximum length of the attribute.
- Max
Size int - Maximum size of the attribute.
- Min
Length int - Minimum length of the attribute.
- Min
Size int - Minimum size of the attribute..
- Name string
- The attribute represents the name of the attribute that will be used in the Security Assertion Markup Language (SAML) assertion
- Order int
- Display sequence of the bundle configuration property.
- Read
Only bool - If true, indicates that this value must be protected.
- Regexp string
- Regular expression of the attribute for validation.
- Required bool
- If true, this flatfile bundle configuration property is required to connect to the target connected managed app. This attribute maps to "isRequired" attribute in "ConfigurationProperty" in ICF.
- Section string
- UI widget to use for the attribute.
- Visible bool
- Indicates whether the attribute is to be shown on the application creation UI.
- Widget string
- UI widget to use for the attribute.
- Datatype string
- Data type of the attribute.
- Helptext string
- Help text for the attribute. It can contain HTML tags.
- Label string
- Label for the attribute to be shown in the UI.
- Max
Length int - Maximum length of the attribute.
- Max
Size int - Maximum size of the attribute.
- Min
Length int - Minimum length of the attribute.
- Min
Size int - Minimum size of the attribute..
- Name string
- The attribute represents the name of the attribute that will be used in the Security Assertion Markup Language (SAML) assertion
- Order int
- Display sequence of the bundle configuration property.
- Read
Only bool - If true, indicates that this value must be protected.
- Regexp string
- Regular expression of the attribute for validation.
- Required bool
- If true, this flatfile bundle configuration property is required to connect to the target connected managed app. This attribute maps to "isRequired" attribute in "ConfigurationProperty" in ICF.
- Section string
- UI widget to use for the attribute.
- Visible bool
- Indicates whether the attribute is to be shown on the application creation UI.
- Widget string
- UI widget to use for the attribute.
- datatype String
- Data type of the attribute.
- helptext String
- Help text for the attribute. It can contain HTML tags.
- label String
- Label for the attribute to be shown in the UI.
- max
Length Integer - Maximum length of the attribute.
- max
Size Integer - Maximum size of the attribute.
- min
Length Integer - Minimum length of the attribute.
- min
Size Integer - Minimum size of the attribute..
- name String
- The attribute represents the name of the attribute that will be used in the Security Assertion Markup Language (SAML) assertion
- order Integer
- Display sequence of the bundle configuration property.
- read
Only Boolean - If true, indicates that this value must be protected.
- regexp String
- Regular expression of the attribute for validation.
- required Boolean
- If true, this flatfile bundle configuration property is required to connect to the target connected managed app. This attribute maps to "isRequired" attribute in "ConfigurationProperty" in ICF.
- section String
- UI widget to use for the attribute.
- visible Boolean
- Indicates whether the attribute is to be shown on the application creation UI.
- widget String
- UI widget to use for the attribute.
- datatype string
- Data type of the attribute.
- helptext string
- Help text for the attribute. It can contain HTML tags.
- label string
- Label for the attribute to be shown in the UI.
- max
Length number - Maximum length of the attribute.
- max
Size number - Maximum size of the attribute.
- min
Length number - Minimum length of the attribute.
- min
Size number - Minimum size of the attribute..
- name string
- The attribute represents the name of the attribute that will be used in the Security Assertion Markup Language (SAML) assertion
- order number
- Display sequence of the bundle configuration property.
- read
Only boolean - If true, indicates that this value must be protected.
- regexp string
- Regular expression of the attribute for validation.
- required boolean
- If true, this flatfile bundle configuration property is required to connect to the target connected managed app. This attribute maps to "isRequired" attribute in "ConfigurationProperty" in ICF.
- section string
- UI widget to use for the attribute.
- visible boolean
- Indicates whether the attribute is to be shown on the application creation UI.
- widget string
- UI widget to use for the attribute.
- datatype str
- Data type of the attribute.
- helptext str
- Help text for the attribute. It can contain HTML tags.
- label str
- Label for the attribute to be shown in the UI.
- max_
length int - Maximum length of the attribute.
- max_
size int - Maximum size of the attribute.
- min_
length int - Minimum length of the attribute.
- min_
size int - Minimum size of the attribute..
- name str
- The attribute represents the name of the attribute that will be used in the Security Assertion Markup Language (SAML) assertion
- order int
- Display sequence of the bundle configuration property.
- read_
only bool - If true, indicates that this value must be protected.
- regexp str
- Regular expression of the attribute for validation.
- required bool
- If true, this flatfile bundle configuration property is required to connect to the target connected managed app. This attribute maps to "isRequired" attribute in "ConfigurationProperty" in ICF.
- section str
- UI widget to use for the attribute.
- visible bool
- Indicates whether the attribute is to be shown on the application creation UI.
- widget str
- UI widget to use for the attribute.
- datatype String
- Data type of the attribute.
- helptext String
- Help text for the attribute. It can contain HTML tags.
- label String
- Label for the attribute to be shown in the UI.
- max
Length Number - Maximum length of the attribute.
- max
Size Number - Maximum size of the attribute.
- min
Length Number - Minimum length of the attribute.
- min
Size Number - Minimum size of the attribute..
- name String
- The attribute represents the name of the attribute that will be used in the Security Assertion Markup Language (SAML) assertion
- order Number
- Display sequence of the bundle configuration property.
- read
Only Boolean - If true, indicates that this value must be protected.
- regexp String
- Regular expression of the attribute for validation.
- required Boolean
- If true, this flatfile bundle configuration property is required to connect to the target connected managed app. This attribute maps to "isRequired" attribute in "ConfigurationProperty" in ICF.
- section String
- UI widget to use for the attribute.
- visible Boolean
- Indicates whether the attribute is to be shown on the application creation UI.
- widget String
- UI widget to use for the attribute.
GetDomainsAppBasedOnTemplate
- Last
Modified string - The most recent DateTime that the details of this Resource were updated at the Service Provider. If this Resource has never been modified since its initial creation, the value MUST be the same as the value of created. The attribute MUST be a DateTime.
- Ref string
- URI of the AppRole.
- Value string
- ID of the AppRole.
- Well
Known stringId - Unique well-known identifier used to reference connector bundle.
- Last
Modified string - The most recent DateTime that the details of this Resource were updated at the Service Provider. If this Resource has never been modified since its initial creation, the value MUST be the same as the value of created. The attribute MUST be a DateTime.
- Ref string
- URI of the AppRole.
- Value string
- ID of the AppRole.
- Well
Known stringId - Unique well-known identifier used to reference connector bundle.
- last
Modified String - The most recent DateTime that the details of this Resource were updated at the Service Provider. If this Resource has never been modified since its initial creation, the value MUST be the same as the value of created. The attribute MUST be a DateTime.
- ref String
- URI of the AppRole.
- value String
- ID of the AppRole.
- well
Known StringId - Unique well-known identifier used to reference connector bundle.
- last
Modified string - The most recent DateTime that the details of this Resource were updated at the Service Provider. If this Resource has never been modified since its initial creation, the value MUST be the same as the value of created. The attribute MUST be a DateTime.
- ref string
- URI of the AppRole.
- value string
- ID of the AppRole.
- well
Known stringId - Unique well-known identifier used to reference connector bundle.
- last_
modified str - The most recent DateTime that the details of this Resource were updated at the Service Provider. If this Resource has never been modified since its initial creation, the value MUST be the same as the value of created. The attribute MUST be a DateTime.
- ref str
- URI of the AppRole.
- value str
- ID of the AppRole.
- well_
known_ strid - Unique well-known identifier used to reference connector bundle.
- last
Modified String - The most recent DateTime that the details of this Resource were updated at the Service Provider. If this Resource has never been modified since its initial creation, the value MUST be the same as the value of created. The attribute MUST be a DateTime.
- ref String
- URI of the AppRole.
- value String
- ID of the AppRole.
- well
Known StringId - Unique well-known identifier used to reference connector bundle.
GetDomainsAppCertificate
- Cert
Alias string - Certificate alias
- Kid string
- Certificate kid
- Sha1thumbprint string
- sha1Thumbprint
- X509base64certificate string
- Base-64-encoded certificate.
- X5t string
- Certificate x5t
- Cert
Alias string - Certificate alias
- Kid string
- Certificate kid
- Sha1thumbprint string
- sha1Thumbprint
- X509base64certificate string
- Base-64-encoded certificate.
- X5t string
- Certificate x5t
- cert
Alias String - Certificate alias
- kid String
- Certificate kid
- sha1thumbprint String
- sha1Thumbprint
- x509base64certificate String
- Base-64-encoded certificate.
- x5t String
- Certificate x5t
- cert
Alias string - Certificate alias
- kid string
- Certificate kid
- sha1thumbprint string
- sha1Thumbprint
- x509base64certificate string
- Base-64-encoded certificate.
- x5t string
- Certificate x5t
- cert_
alias str - Certificate alias
- kid str
- Certificate kid
- sha1thumbprint str
- sha1Thumbprint
- x509base64certificate str
- Base-64-encoded certificate.
- x5t str
- Certificate x5t
- cert
Alias String - Certificate alias
- kid String
- Certificate kid
- sha1thumbprint String
- sha1Thumbprint
- x509base64certificate String
- Base-64-encoded certificate.
- x5t String
- Certificate x5t
GetDomainsAppCloudControlProperty
GetDomainsAppEditableAttribute
- Name string
- The attribute represents the name of the attribute that will be used in the Security Assertion Markup Language (SAML) assertion
- Name string
- The attribute represents the name of the attribute that will be used in the Security Assertion Markup Language (SAML) assertion
- name String
- The attribute represents the name of the attribute that will be used in the Security Assertion Markup Language (SAML) assertion
- name string
- The attribute represents the name of the attribute that will be used in the Security Assertion Markup Language (SAML) assertion
- name str
- The attribute represents the name of the attribute that will be used in the Security Assertion Markup Language (SAML) assertion
- name String
- The attribute represents the name of the attribute that will be used in the Security Assertion Markup Language (SAML) assertion
GetDomainsAppGrant
- Grant
Mechanism string - Each value of grantMechanism indicates how (or by what component) some App (or App-Entitlement) was granted. A customer or the UI should use only grantMechanism values that start with 'ADMINISTRATOR':
- 'ADMINISTRATOR_TO_USER' is for a direct grant to a specific User.
- 'ADMINISTRATOR_TO_GROUP' is for a grant to a specific Group, which results in indirect grants to Users who are members of that Group.
- 'ADMINISTRATOR_TO_APP' is for a grant to a specific App. The grantee (client) App gains access to the granted (server) App.
- Grantee
Id string - Grantee identifier
- Grantee
Type string - Grantee resource type. Allowed values are User and Group.
- Ref string
- URI of the AppRole.
- Value string
- ID of the AppRole.
- Grant
Mechanism string - Each value of grantMechanism indicates how (or by what component) some App (or App-Entitlement) was granted. A customer or the UI should use only grantMechanism values that start with 'ADMINISTRATOR':
- 'ADMINISTRATOR_TO_USER' is for a direct grant to a specific User.
- 'ADMINISTRATOR_TO_GROUP' is for a grant to a specific Group, which results in indirect grants to Users who are members of that Group.
- 'ADMINISTRATOR_TO_APP' is for a grant to a specific App. The grantee (client) App gains access to the granted (server) App.
- Grantee
Id string - Grantee identifier
- Grantee
Type string - Grantee resource type. Allowed values are User and Group.
- Ref string
- URI of the AppRole.
- Value string
- ID of the AppRole.
- grant
Mechanism String - Each value of grantMechanism indicates how (or by what component) some App (or App-Entitlement) was granted. A customer or the UI should use only grantMechanism values that start with 'ADMINISTRATOR':
- 'ADMINISTRATOR_TO_USER' is for a direct grant to a specific User.
- 'ADMINISTRATOR_TO_GROUP' is for a grant to a specific Group, which results in indirect grants to Users who are members of that Group.
- 'ADMINISTRATOR_TO_APP' is for a grant to a specific App. The grantee (client) App gains access to the granted (server) App.
- grantee
Id String - Grantee identifier
- grantee
Type String - Grantee resource type. Allowed values are User and Group.
- ref String
- URI of the AppRole.
- value String
- ID of the AppRole.
- grant
Mechanism string - Each value of grantMechanism indicates how (or by what component) some App (or App-Entitlement) was granted. A customer or the UI should use only grantMechanism values that start with 'ADMINISTRATOR':
- 'ADMINISTRATOR_TO_USER' is for a direct grant to a specific User.
- 'ADMINISTRATOR_TO_GROUP' is for a grant to a specific Group, which results in indirect grants to Users who are members of that Group.
- 'ADMINISTRATOR_TO_APP' is for a grant to a specific App. The grantee (client) App gains access to the granted (server) App.
- grantee
Id string - Grantee identifier
- grantee
Type string - Grantee resource type. Allowed values are User and Group.
- ref string
- URI of the AppRole.
- value string
- ID of the AppRole.
- grant_
mechanism str - Each value of grantMechanism indicates how (or by what component) some App (or App-Entitlement) was granted. A customer or the UI should use only grantMechanism values that start with 'ADMINISTRATOR':
- 'ADMINISTRATOR_TO_USER' is for a direct grant to a specific User.
- 'ADMINISTRATOR_TO_GROUP' is for a grant to a specific Group, which results in indirect grants to Users who are members of that Group.
- 'ADMINISTRATOR_TO_APP' is for a grant to a specific App. The grantee (client) App gains access to the granted (server) App.
- grantee_
id str - Grantee identifier
- grantee_
type str - Grantee resource type. Allowed values are User and Group.
- ref str
- URI of the AppRole.
- value str
- ID of the AppRole.
- grant
Mechanism String - Each value of grantMechanism indicates how (or by what component) some App (or App-Entitlement) was granted. A customer or the UI should use only grantMechanism values that start with 'ADMINISTRATOR':
- 'ADMINISTRATOR_TO_USER' is for a direct grant to a specific User.
- 'ADMINISTRATOR_TO_GROUP' is for a grant to a specific Group, which results in indirect grants to Users who are members of that Group.
- 'ADMINISTRATOR_TO_APP' is for a grant to a specific App. The grantee (client) App gains access to the granted (server) App.
- grantee
Id String - Grantee identifier
- grantee
Type String - Grantee resource type. Allowed values are User and Group.
- ref String
- URI of the AppRole.
- value String
- ID of the AppRole.
GetDomainsAppGrantedAppRole
- Admin
Role bool - If true, then this granted AppRole confers administrative privileges within the App that defines it. Otherwise, the granted AppRole confers only functional privileges.
- App
Id string - ID of the resource
- App
Name string - The name of the App that defines this AppRole, which is granted to this App. The App that defines the AppRole acts as the producer; the App to which the AppRole is granted acts as a consumer.
- Display string
- Display-name of the AppRole.
- Legacy
Group stringName - The name of the legacy group associated with this AppRole.
- Read
Only bool - If true, indicates that this value must be protected.
- Ref string
- URI of the AppRole.
- Type string
- Object Class type. Allowed values are AccountObjectClass, ManagedObjectClass.
- Value string
- ID of the AppRole.
- Admin
Role bool - If true, then this granted AppRole confers administrative privileges within the App that defines it. Otherwise, the granted AppRole confers only functional privileges.
- App
Id string - ID of the resource
- App
Name string - The name of the App that defines this AppRole, which is granted to this App. The App that defines the AppRole acts as the producer; the App to which the AppRole is granted acts as a consumer.
- Display string
- Display-name of the AppRole.
- Legacy
Group stringName - The name of the legacy group associated with this AppRole.
- Read
Only bool - If true, indicates that this value must be protected.
- Ref string
- URI of the AppRole.
- Type string
- Object Class type. Allowed values are AccountObjectClass, ManagedObjectClass.
- Value string
- ID of the AppRole.
- admin
Role Boolean - If true, then this granted AppRole confers administrative privileges within the App that defines it. Otherwise, the granted AppRole confers only functional privileges.
- app
Id String - ID of the resource
- app
Name String - The name of the App that defines this AppRole, which is granted to this App. The App that defines the AppRole acts as the producer; the App to which the AppRole is granted acts as a consumer.
- display String
- Display-name of the AppRole.
- legacy
Group StringName - The name of the legacy group associated with this AppRole.
- read
Only Boolean - If true, indicates that this value must be protected.
- ref String
- URI of the AppRole.
- type String
- Object Class type. Allowed values are AccountObjectClass, ManagedObjectClass.
- value String
- ID of the AppRole.
- admin
Role boolean - If true, then this granted AppRole confers administrative privileges within the App that defines it. Otherwise, the granted AppRole confers only functional privileges.
- app
Id string - ID of the resource
- app
Name string - The name of the App that defines this AppRole, which is granted to this App. The App that defines the AppRole acts as the producer; the App to which the AppRole is granted acts as a consumer.
- display string
- Display-name of the AppRole.
- legacy
Group stringName - The name of the legacy group associated with this AppRole.
- read
Only boolean - If true, indicates that this value must be protected.
- ref string
- URI of the AppRole.
- type string
- Object Class type. Allowed values are AccountObjectClass, ManagedObjectClass.
- value string
- ID of the AppRole.
- admin_
role bool - If true, then this granted AppRole confers administrative privileges within the App that defines it. Otherwise, the granted AppRole confers only functional privileges.
- app_
id str - ID of the resource
- app_
name str - The name of the App that defines this AppRole, which is granted to this App. The App that defines the AppRole acts as the producer; the App to which the AppRole is granted acts as a consumer.
- display str
- Display-name of the AppRole.
- legacy_
group_ strname - The name of the legacy group associated with this AppRole.
- read_
only bool - If true, indicates that this value must be protected.
- ref str
- URI of the AppRole.
- type str
- Object Class type. Allowed values are AccountObjectClass, ManagedObjectClass.
- value str
- ID of the AppRole.
- admin
Role Boolean - If true, then this granted AppRole confers administrative privileges within the App that defines it. Otherwise, the granted AppRole confers only functional privileges.
- app
Id String - ID of the resource
- app
Name String - The name of the App that defines this AppRole, which is granted to this App. The App that defines the AppRole acts as the producer; the App to which the AppRole is granted acts as a consumer.
- display String
- Display-name of the AppRole.
- legacy
Group StringName - The name of the legacy group associated with this AppRole.
- read
Only Boolean - If true, indicates that this value must be protected.
- ref String
- URI of the AppRole.
- type String
- Object Class type. Allowed values are AccountObjectClass, ManagedObjectClass.
- value String
- ID of the AppRole.
GetDomainsAppIdcsCreatedBy
GetDomainsAppIdcsLastModifiedBy
GetDomainsAppIdentityProvider
GetDomainsAppIdpPolicy
GetDomainsAppMeta
- Created string
- The DateTime the Resource was added to the Service Provider
- Last
Modified string - The most recent DateTime that the details of this Resource were updated at the Service Provider. If this Resource has never been modified since its initial creation, the value MUST be the same as the value of created. The attribute MUST be a DateTime.
- Location string
- The URI of the Resource being returned. This value MUST be the same as the Location HTTP response header.
- Resource
Type string - Object class resource type
- Version string
- The version of the Resource being returned. This value must be the same as the ETag HTTP response header.
- Created string
- The DateTime the Resource was added to the Service Provider
- Last
Modified string - The most recent DateTime that the details of this Resource were updated at the Service Provider. If this Resource has never been modified since its initial creation, the value MUST be the same as the value of created. The attribute MUST be a DateTime.
- Location string
- The URI of the Resource being returned. This value MUST be the same as the Location HTTP response header.
- Resource
Type string - Object class resource type
- Version string
- The version of the Resource being returned. This value must be the same as the ETag HTTP response header.
- created String
- The DateTime the Resource was added to the Service Provider
- last
Modified String - The most recent DateTime that the details of this Resource were updated at the Service Provider. If this Resource has never been modified since its initial creation, the value MUST be the same as the value of created. The attribute MUST be a DateTime.
- location String
- The URI of the Resource being returned. This value MUST be the same as the Location HTTP response header.
- resource
Type String - Object class resource type
- version String
- The version of the Resource being returned. This value must be the same as the ETag HTTP response header.
- created string
- The DateTime the Resource was added to the Service Provider
- last
Modified string - The most recent DateTime that the details of this Resource were updated at the Service Provider. If this Resource has never been modified since its initial creation, the value MUST be the same as the value of created. The attribute MUST be a DateTime.
- location string
- The URI of the Resource being returned. This value MUST be the same as the Location HTTP response header.
- resource
Type string - Object class resource type
- version string
- The version of the Resource being returned. This value must be the same as the ETag HTTP response header.
- created str
- The DateTime the Resource was added to the Service Provider
- last_
modified str - The most recent DateTime that the details of this Resource were updated at the Service Provider. If this Resource has never been modified since its initial creation, the value MUST be the same as the value of created. The attribute MUST be a DateTime.
- location str
- The URI of the Resource being returned. This value MUST be the same as the Location HTTP response header.
- resource_
type str - Object class resource type
- version str
- The version of the Resource being returned. This value must be the same as the ETag HTTP response header.
- created String
- The DateTime the Resource was added to the Service Provider
- last
Modified String - The most recent DateTime that the details of this Resource were updated at the Service Provider. If this Resource has never been modified since its initial creation, the value MUST be the same as the value of created. The attribute MUST be a DateTime.
- location String
- The URI of the Resource being returned. This value MUST be the same as the Location HTTP response header.
- resource
Type String - Object class resource type
- version String
- The version of the Resource being returned. This value must be the same as the ETag HTTP response header.
GetDomainsAppProtectableSecondaryAudience
GetDomainsAppRadiusPolicy
GetDomainsAppSamlServiceProvider
GetDomainsAppScope
- Description string
- The description of the AppRole.
- Display
Name string - Display name of the flatfile bundle configuration property. This attribute maps to "displayName" attribute in "ConfigurationProperty" in ICF.
- Fqs string
- The fully qualified value of this scope within this App. A fully qualified scope combines the 'value' of each scope with the value of 'audience'. Each value of 'fqs' must be unique across the system. Used only when this App acts as an OAuth Resource.
- Read
Only bool - If true, indicates that this value must be protected.
- Requires
Consent bool - If true, indicates that a user must provide consent to access this scope. Note: Used only when this App acts as an OAuth Resource.
- Value string
- ID of the AppRole.
- Description string
- The description of the AppRole.
- Display
Name string - Display name of the flatfile bundle configuration property. This attribute maps to "displayName" attribute in "ConfigurationProperty" in ICF.
- Fqs string
- The fully qualified value of this scope within this App. A fully qualified scope combines the 'value' of each scope with the value of 'audience'. Each value of 'fqs' must be unique across the system. Used only when this App acts as an OAuth Resource.
- Read
Only bool - If true, indicates that this value must be protected.
- Requires
Consent bool - If true, indicates that a user must provide consent to access this scope. Note: Used only when this App acts as an OAuth Resource.
- Value string
- ID of the AppRole.
- description String
- The description of the AppRole.
- display
Name String - Display name of the flatfile bundle configuration property. This attribute maps to "displayName" attribute in "ConfigurationProperty" in ICF.
- fqs String
- The fully qualified value of this scope within this App. A fully qualified scope combines the 'value' of each scope with the value of 'audience'. Each value of 'fqs' must be unique across the system. Used only when this App acts as an OAuth Resource.
- read
Only Boolean - If true, indicates that this value must be protected.
- requires
Consent Boolean - If true, indicates that a user must provide consent to access this scope. Note: Used only when this App acts as an OAuth Resource.
- value String
- ID of the AppRole.
- description string
- The description of the AppRole.
- display
Name string - Display name of the flatfile bundle configuration property. This attribute maps to "displayName" attribute in "ConfigurationProperty" in ICF.
- fqs string
- The fully qualified value of this scope within this App. A fully qualified scope combines the 'value' of each scope with the value of 'audience'. Each value of 'fqs' must be unique across the system. Used only when this App acts as an OAuth Resource.
- read
Only boolean - If true, indicates that this value must be protected.
- requires
Consent boolean - If true, indicates that a user must provide consent to access this scope. Note: Used only when this App acts as an OAuth Resource.
- value string
- ID of the AppRole.
- description str
- The description of the AppRole.
- display_
name str - Display name of the flatfile bundle configuration property. This attribute maps to "displayName" attribute in "ConfigurationProperty" in ICF.
- fqs str
- The fully qualified value of this scope within this App. A fully qualified scope combines the 'value' of each scope with the value of 'audience'. Each value of 'fqs' must be unique across the system. Used only when this App acts as an OAuth Resource.
- read_
only bool - If true, indicates that this value must be protected.
- requires_
consent bool - If true, indicates that a user must provide consent to access this scope. Note: Used only when this App acts as an OAuth Resource.
- value str
- ID of the AppRole.
- description String
- The description of the AppRole.
- display
Name String - Display name of the flatfile bundle configuration property. This attribute maps to "displayName" attribute in "ConfigurationProperty" in ICF.
- fqs String
- The fully qualified value of this scope within this App. A fully qualified scope combines the 'value' of each scope with the value of 'audience'. Each value of 'fqs' must be unique across the system. Used only when this App acts as an OAuth Resource.
- read
Only Boolean - If true, indicates that this value must be protected.
- requires
Consent Boolean - If true, indicates that a user must provide consent to access this scope. Note: Used only when this App acts as an OAuth Resource.
- value String
- ID of the AppRole.
GetDomainsAppServiceParam
GetDomainsAppSignonPolicy
GetDomainsAppTag
GetDomainsAppTermsOfUse
GetDomainsAppTrustPolicy
GetDomainsAppUrnietfparamsscimschemasoracleidcsextensionOciTag
- List<Get
Domains App Urnietfparamsscimschemasoracleidcsextension Oci Tag Defined Tag> - Oracle Cloud Infrastructure Defined Tags
- List<Get
Domains App Urnietfparamsscimschemasoracleidcsextension Oci Tag Freeform Tag> - Oracle Cloud Infrastructure Freeform Tags
- string
- Oracle Cloud Infrastructure Tag slug
- []Get
Domains App Urnietfparamsscimschemasoracleidcsextension Oci Tag Defined Tag - Oracle Cloud Infrastructure Defined Tags
- []Get
Domains App Urnietfparamsscimschemasoracleidcsextension Oci Tag Freeform Tag - Oracle Cloud Infrastructure Freeform Tags
- string
- Oracle Cloud Infrastructure Tag slug
- List<Get
Domains App Urnietfparamsscimschemasoracleidcsextension Oci Tag Defined Tag> - Oracle Cloud Infrastructure Defined Tags
- List<Get
Domains App Urnietfparamsscimschemasoracleidcsextension Oci Tag Freeform Tag> - Oracle Cloud Infrastructure Freeform Tags
- String
- Oracle Cloud Infrastructure Tag slug
- Get
Domains App Urnietfparamsscimschemasoracleidcsextension Oci Tag Defined Tag[] - Oracle Cloud Infrastructure Defined Tags
- Get
Domains App Urnietfparamsscimschemasoracleidcsextension Oci Tag Freeform Tag[] - Oracle Cloud Infrastructure Freeform Tags
- string
- Oracle Cloud Infrastructure Tag slug
- Sequence[identity.
Get Domains App Urnietfparamsscimschemasoracleidcsextension Oci Tag Defined Tag] - Oracle Cloud Infrastructure Defined Tags
- Sequence[identity.
Get Domains App Urnietfparamsscimschemasoracleidcsextension Oci Tag Freeform Tag] - Oracle Cloud Infrastructure Freeform Tags
- tag_
slug str - Oracle Cloud Infrastructure Tag slug
- List<Property Map>
- Oracle Cloud Infrastructure Defined Tags
- List<Property Map>
- Oracle Cloud Infrastructure Freeform Tags
- String
- Oracle Cloud Infrastructure Tag slug
GetDomainsAppUrnietfparamsscimschemasoracleidcsextensionOciTagDefinedTag
GetDomainsAppUrnietfparamsscimschemasoracleidcsextensionOciTagFreeformTag
GetDomainsAppUrnietfparamsscimschemasoracleidcsextensiondbcsApp
- Domain
Apps List<GetDomains App Urnietfparamsscimschemasoracleidcsextensiondbcs App Domain App> - Description:
- Domain
Name string - The name of the Enterprise Domain that contains any number of DBInstances. If specified, the value must be unique. A non-null value indicates that App represents a DBDomain. A value of null indicates that the App represents an DB-instance.
- Domain
Apps []GetDomains App Urnietfparamsscimschemasoracleidcsextensiondbcs App Domain App - Description:
- Domain
Name string - The name of the Enterprise Domain that contains any number of DBInstances. If specified, the value must be unique. A non-null value indicates that App represents a DBDomain. A value of null indicates that the App represents an DB-instance.
- domain
Apps List<GetDomains App Urnietfparamsscimschemasoracleidcsextensiondbcs App Domain App> - Description:
- domain
Name String - The name of the Enterprise Domain that contains any number of DBInstances. If specified, the value must be unique. A non-null value indicates that App represents a DBDomain. A value of null indicates that the App represents an DB-instance.
- domain
Apps GetDomains App Urnietfparamsscimschemasoracleidcsextensiondbcs App Domain App[] - Description:
- domain
Name string - The name of the Enterprise Domain that contains any number of DBInstances. If specified, the value must be unique. A non-null value indicates that App represents a DBDomain. A value of null indicates that the App represents an DB-instance.
- domain_
apps Sequence[identity.Get Domains App Urnietfparamsscimschemasoracleidcsextensiondbcs App Domain App] - Description:
- domain_
name str - The name of the Enterprise Domain that contains any number of DBInstances. If specified, the value must be unique. A non-null value indicates that App represents a DBDomain. A value of null indicates that the App represents an DB-instance.
- domain
Apps List<Property Map> - Description:
- domain
Name String - The name of the Enterprise Domain that contains any number of DBInstances. If specified, the value must be unique. A non-null value indicates that App represents a DBDomain. A value of null indicates that the App represents an DB-instance.
GetDomainsAppUrnietfparamsscimschemasoracleidcsextensiondbcsAppDomainApp
GetDomainsAppUrnietfparamsscimschemasoracleidcsextensionenterpriseAppApp
- Allow
Authz intDecision Ttl - Allow Authz policy decision expiry time in seconds.
- Allow
Authz List<GetPolicies Domains App Urnietfparamsscimschemasoracleidcsextensionenterprise App App Allow Authz Policy> - Allow Authz Policy.
- App
Resources List<GetDomains App Urnietfparamsscimschemasoracleidcsextensionenterprise App App App Resource> - A list of AppResources of this App.
- Deny
Authz intDecision Ttl - Deny Authz policy decision expiry time in seconds.
- Deny
Authz List<GetPolicies Domains App Urnietfparamsscimschemasoracleidcsextensionenterprise App App Deny Authz Policy> - Deny Authz Policy.
- Allow
Authz intDecision Ttl - Allow Authz policy decision expiry time in seconds.
- Allow
Authz []GetPolicies Domains App Urnietfparamsscimschemasoracleidcsextensionenterprise App App Allow Authz Policy - Allow Authz Policy.
- App
Resources []GetDomains App Urnietfparamsscimschemasoracleidcsextensionenterprise App App App Resource - A list of AppResources of this App.
- Deny
Authz intDecision Ttl - Deny Authz policy decision expiry time in seconds.
- Deny
Authz []GetPolicies Domains App Urnietfparamsscimschemasoracleidcsextensionenterprise App App Deny Authz Policy - Deny Authz Policy.
- allow
Authz IntegerDecision Ttl - Allow Authz policy decision expiry time in seconds.
- allow
Authz List<GetPolicies Domains App Urnietfparamsscimschemasoracleidcsextensionenterprise App App Allow Authz Policy> - Allow Authz Policy.
- app
Resources List<GetDomains App Urnietfparamsscimschemasoracleidcsextensionenterprise App App App Resource> - A list of AppResources of this App.
- deny
Authz IntegerDecision Ttl - Deny Authz policy decision expiry time in seconds.
- deny
Authz List<GetPolicies Domains App Urnietfparamsscimschemasoracleidcsextensionenterprise App App Deny Authz Policy> - Deny Authz Policy.
- allow
Authz numberDecision Ttl - Allow Authz policy decision expiry time in seconds.
- allow
Authz GetPolicies Domains App Urnietfparamsscimschemasoracleidcsextensionenterprise App App Allow Authz Policy[] - Allow Authz Policy.
- app
Resources GetDomains App Urnietfparamsscimschemasoracleidcsextensionenterprise App App App Resource[] - A list of AppResources of this App.
- deny
Authz numberDecision Ttl - Deny Authz policy decision expiry time in seconds.
- deny
Authz GetPolicies Domains App Urnietfparamsscimschemasoracleidcsextensionenterprise App App Deny Authz Policy[] - Deny Authz Policy.
- allow_
authz_ intdecision_ ttl - Allow Authz policy decision expiry time in seconds.
- allow_
authz_ Sequence[identity.policies Get Domains App Urnietfparamsscimschemasoracleidcsextensionenterprise App App Allow Authz Policy] - Allow Authz Policy.
- app_
resources Sequence[identity.Get Domains App Urnietfparamsscimschemasoracleidcsextensionenterprise App App App Resource] - A list of AppResources of this App.
- deny_
authz_ intdecision_ ttl - Deny Authz policy decision expiry time in seconds.
- deny_
authz_ Sequence[identity.policies Get Domains App Urnietfparamsscimschemasoracleidcsextensionenterprise App App Deny Authz Policy] - Deny Authz Policy.
- allow
Authz NumberDecision Ttl - Allow Authz policy decision expiry time in seconds.
- allow
Authz List<Property Map>Policies - Allow Authz Policy.
- app
Resources List<Property Map> - A list of AppResources of this App.
- deny
Authz NumberDecision Ttl - Deny Authz policy decision expiry time in seconds.
- deny
Authz List<Property Map>Policies - Deny Authz Policy.
GetDomainsAppUrnietfparamsscimschemasoracleidcsextensionenterpriseAppAppAllowAuthzPolicy
GetDomainsAppUrnietfparamsscimschemasoracleidcsextensionenterpriseAppAppAppResource
GetDomainsAppUrnietfparamsscimschemasoracleidcsextensionenterpriseAppAppDenyAuthzPolicy
GetDomainsAppUrnietfparamsscimschemasoracleidcsextensionformFillAppApp
- Configuration string
- FormFill Application Configuration CLOB which has to be maintained in Form-Fill APP for legacy code to do Form-Fill injection
- Form
Cred stringMethod - Indicates how FormFill obtains the username and password of the account that FormFill will use to sign into the target App.
- Form
Credential stringSharing Group Id - Credential Sharing Group to which this form-fill application belongs.
- Form
Fill List<GetUrl Matches Domains App Urnietfparamsscimschemasoracleidcsextensionform Fill App App Form Fill Url Match> - A list of application-formURLs that FormFill should match against any formUrl that the user-specifies when signing in to the target service. Each item in the list also indicates how FormFill should interpret that formUrl.
- Form
Type string - Type of the FormFill application like WebApplication, MainFrameApplication, WindowsApplication. Initially, we will support only WebApplication.
- Reveal
Password boolOn Form - If true, indicates that system is allowed to show the password in plain-text for this account after re-authentication.
- Sync
From boolTemplate - If true, indicates that each of the Form-Fill-related attributes that can be inherited from the template actually will be inherited from the template. If false, indicates that the AppTemplate disabled inheritance for these Form-Fill-related attributes.
- User
Name stringForm Expression - Indicates the custom expression, which can combine concat and substring operations with literals and with any attribute of the Oracle Identity Cloud Service User
- User
Name stringForm Template - Format for generating a username. This value can be Username or Email Address; any other value will be treated as a custom expression. A custom expression may combine 'concat' and 'substring' operations with literals and with any attribute of the Oracle Identity Cloud Service user.
- Configuration string
- FormFill Application Configuration CLOB which has to be maintained in Form-Fill APP for legacy code to do Form-Fill injection
- Form
Cred stringMethod - Indicates how FormFill obtains the username and password of the account that FormFill will use to sign into the target App.
- Form
Credential stringSharing Group Id - Credential Sharing Group to which this form-fill application belongs.
- Form
Fill []GetUrl Matches Domains App Urnietfparamsscimschemasoracleidcsextensionform Fill App App Form Fill Url Match - A list of application-formURLs that FormFill should match against any formUrl that the user-specifies when signing in to the target service. Each item in the list also indicates how FormFill should interpret that formUrl.
- Form
Type string - Type of the FormFill application like WebApplication, MainFrameApplication, WindowsApplication. Initially, we will support only WebApplication.
- Reveal
Password boolOn Form - If true, indicates that system is allowed to show the password in plain-text for this account after re-authentication.
- Sync
From boolTemplate - If true, indicates that each of the Form-Fill-related attributes that can be inherited from the template actually will be inherited from the template. If false, indicates that the AppTemplate disabled inheritance for these Form-Fill-related attributes.
- User
Name stringForm Expression - Indicates the custom expression, which can combine concat and substring operations with literals and with any attribute of the Oracle Identity Cloud Service User
- User
Name stringForm Template - Format for generating a username. This value can be Username or Email Address; any other value will be treated as a custom expression. A custom expression may combine 'concat' and 'substring' operations with literals and with any attribute of the Oracle Identity Cloud Service user.
- configuration String
- FormFill Application Configuration CLOB which has to be maintained in Form-Fill APP for legacy code to do Form-Fill injection
- form
Cred StringMethod - Indicates how FormFill obtains the username and password of the account that FormFill will use to sign into the target App.
- form
Credential StringSharing Group Id - Credential Sharing Group to which this form-fill application belongs.
- form
Fill List<GetUrl Matches Domains App Urnietfparamsscimschemasoracleidcsextensionform Fill App App Form Fill Url Match> - A list of application-formURLs that FormFill should match against any formUrl that the user-specifies when signing in to the target service. Each item in the list also indicates how FormFill should interpret that formUrl.
- form
Type String - Type of the FormFill application like WebApplication, MainFrameApplication, WindowsApplication. Initially, we will support only WebApplication.
- reveal
Password BooleanOn Form - If true, indicates that system is allowed to show the password in plain-text for this account after re-authentication.
- sync
From BooleanTemplate - If true, indicates that each of the Form-Fill-related attributes that can be inherited from the template actually will be inherited from the template. If false, indicates that the AppTemplate disabled inheritance for these Form-Fill-related attributes.
- user
Name StringForm Expression - Indicates the custom expression, which can combine concat and substring operations with literals and with any attribute of the Oracle Identity Cloud Service User
- user
Name StringForm Template - Format for generating a username. This value can be Username or Email Address; any other value will be treated as a custom expression. A custom expression may combine 'concat' and 'substring' operations with literals and with any attribute of the Oracle Identity Cloud Service user.
- configuration string
- FormFill Application Configuration CLOB which has to be maintained in Form-Fill APP for legacy code to do Form-Fill injection
- form
Cred stringMethod - Indicates how FormFill obtains the username and password of the account that FormFill will use to sign into the target App.
- form
Credential stringSharing Group Id - Credential Sharing Group to which this form-fill application belongs.
- form
Fill GetUrl Matches Domains App Urnietfparamsscimschemasoracleidcsextensionform Fill App App Form Fill Url Match[] - A list of application-formURLs that FormFill should match against any formUrl that the user-specifies when signing in to the target service. Each item in the list also indicates how FormFill should interpret that formUrl.
- form
Type string - Type of the FormFill application like WebApplication, MainFrameApplication, WindowsApplication. Initially, we will support only WebApplication.
- reveal
Password booleanOn Form - If true, indicates that system is allowed to show the password in plain-text for this account after re-authentication.
- sync
From booleanTemplate - If true, indicates that each of the Form-Fill-related attributes that can be inherited from the template actually will be inherited from the template. If false, indicates that the AppTemplate disabled inheritance for these Form-Fill-related attributes.
- user
Name stringForm Expression - Indicates the custom expression, which can combine concat and substring operations with literals and with any attribute of the Oracle Identity Cloud Service User
- user
Name stringForm Template - Format for generating a username. This value can be Username or Email Address; any other value will be treated as a custom expression. A custom expression may combine 'concat' and 'substring' operations with literals and with any attribute of the Oracle Identity Cloud Service user.
- configuration str
- FormFill Application Configuration CLOB which has to be maintained in Form-Fill APP for legacy code to do Form-Fill injection
- form_
cred_ strmethod - Indicates how FormFill obtains the username and password of the account that FormFill will use to sign into the target App.
- form_
credential_ strsharing_ group_ id - Credential Sharing Group to which this form-fill application belongs.
- form_
fill_ Sequence[identity.url_ matches Get Domains App Urnietfparamsscimschemasoracleidcsextensionform Fill App App Form Fill Url Match] - A list of application-formURLs that FormFill should match against any formUrl that the user-specifies when signing in to the target service. Each item in the list also indicates how FormFill should interpret that formUrl.
- form_
type str - Type of the FormFill application like WebApplication, MainFrameApplication, WindowsApplication. Initially, we will support only WebApplication.
- reveal_
password_ boolon_ form - If true, indicates that system is allowed to show the password in plain-text for this account after re-authentication.
- sync_
from_ booltemplate - If true, indicates that each of the Form-Fill-related attributes that can be inherited from the template actually will be inherited from the template. If false, indicates that the AppTemplate disabled inheritance for these Form-Fill-related attributes.
- user_
name_ strform_ expression - Indicates the custom expression, which can combine concat and substring operations with literals and with any attribute of the Oracle Identity Cloud Service User
- user_
name_ strform_ template - Format for generating a username. This value can be Username or Email Address; any other value will be treated as a custom expression. A custom expression may combine 'concat' and 'substring' operations with literals and with any attribute of the Oracle Identity Cloud Service user.
- configuration String
- FormFill Application Configuration CLOB which has to be maintained in Form-Fill APP for legacy code to do Form-Fill injection
- form
Cred StringMethod - Indicates how FormFill obtains the username and password of the account that FormFill will use to sign into the target App.
- form
Credential StringSharing Group Id - Credential Sharing Group to which this form-fill application belongs.
- form
Fill List<Property Map>Url Matches - A list of application-formURLs that FormFill should match against any formUrl that the user-specifies when signing in to the target service. Each item in the list also indicates how FormFill should interpret that formUrl.
- form
Type String - Type of the FormFill application like WebApplication, MainFrameApplication, WindowsApplication. Initially, we will support only WebApplication.
- reveal
Password BooleanOn Form - If true, indicates that system is allowed to show the password in plain-text for this account after re-authentication.
- sync
From BooleanTemplate - If true, indicates that each of the Form-Fill-related attributes that can be inherited from the template actually will be inherited from the template. If false, indicates that the AppTemplate disabled inheritance for these Form-Fill-related attributes.
- user
Name StringForm Expression - Indicates the custom expression, which can combine concat and substring operations with literals and with any attribute of the Oracle Identity Cloud Service User
- user
Name StringForm Template - Format for generating a username. This value can be Username or Email Address; any other value will be treated as a custom expression. A custom expression may combine 'concat' and 'substring' operations with literals and with any attribute of the Oracle Identity Cloud Service user.
GetDomainsAppUrnietfparamsscimschemasoracleidcsextensionformFillAppAppFormFillUrlMatch
- Form
Url string - An application formUrl that FormFill will match against any formUrl that a User enters in trying to access the target-service which this App represents.
- Form
Url stringMatch Type - Indicates how to interpret the value of 'formUrl' when matching against a user-specified formUrl. The system currently supports only 'Exact', which indicates that the value of 'formUrl' should be treated as a literal value.
- Form
Url string - An application formUrl that FormFill will match against any formUrl that a User enters in trying to access the target-service which this App represents.
- Form
Url stringMatch Type - Indicates how to interpret the value of 'formUrl' when matching against a user-specified formUrl. The system currently supports only 'Exact', which indicates that the value of 'formUrl' should be treated as a literal value.
- form
Url String - An application formUrl that FormFill will match against any formUrl that a User enters in trying to access the target-service which this App represents.
- form
Url StringMatch Type - Indicates how to interpret the value of 'formUrl' when matching against a user-specified formUrl. The system currently supports only 'Exact', which indicates that the value of 'formUrl' should be treated as a literal value.
- form
Url string - An application formUrl that FormFill will match against any formUrl that a User enters in trying to access the target-service which this App represents.
- form
Url stringMatch Type - Indicates how to interpret the value of 'formUrl' when matching against a user-specified formUrl. The system currently supports only 'Exact', which indicates that the value of 'formUrl' should be treated as a literal value.
- form_
url str - An application formUrl that FormFill will match against any formUrl that a User enters in trying to access the target-service which this App represents.
- form_
url_ strmatch_ type - Indicates how to interpret the value of 'formUrl' when matching against a user-specified formUrl. The system currently supports only 'Exact', which indicates that the value of 'formUrl' should be treated as a literal value.
- form
Url String - An application formUrl that FormFill will match against any formUrl that a User enters in trying to access the target-service which this App represents.
- form
Url StringMatch Type - Indicates how to interpret the value of 'formUrl' when matching against a user-specified formUrl. The system currently supports only 'Exact', which indicates that the value of 'formUrl' should be treated as a literal value.
GetDomainsAppUrnietfparamsscimschemasoracleidcsextensionformFillAppTemplateAppTemplate
- Configuration string
- FormFill Application Configuration CLOB which has to be maintained in Form-Fill APP for legacy code to do Form-Fill injection
- Form
Cred stringMethod - Indicates how FormFill obtains the username and password of the account that FormFill will use to sign into the target App.
- Form
Credential stringSharing Group Id - Credential Sharing Group to which this form-fill application belongs.
- Form
Fill List<GetUrl Matches Domains App Urnietfparamsscimschemasoracleidcsextensionform Fill App Template App Template Form Fill Url Match> - A list of application-formURLs that FormFill should match against any formUrl that the user-specifies when signing in to the target service. Each item in the list also indicates how FormFill should interpret that formUrl.
- Form
Type string - Type of the FormFill application like WebApplication, MainFrameApplication, WindowsApplication. Initially, we will support only WebApplication.
- Reveal
Password boolOn Form - If true, indicates that system is allowed to show the password in plain-text for this account after re-authentication.
- Sync
From boolTemplate - If true, indicates that each of the Form-Fill-related attributes that can be inherited from the template actually will be inherited from the template. If false, indicates that the AppTemplate disabled inheritance for these Form-Fill-related attributes.
- User
Name stringForm Expression - Indicates the custom expression, which can combine concat and substring operations with literals and with any attribute of the Oracle Identity Cloud Service User
- User
Name stringForm Template - Format for generating a username. This value can be Username or Email Address; any other value will be treated as a custom expression. A custom expression may combine 'concat' and 'substring' operations with literals and with any attribute of the Oracle Identity Cloud Service user.
- Configuration string
- FormFill Application Configuration CLOB which has to be maintained in Form-Fill APP for legacy code to do Form-Fill injection
- Form
Cred stringMethod - Indicates how FormFill obtains the username and password of the account that FormFill will use to sign into the target App.
- Form
Credential stringSharing Group Id - Credential Sharing Group to which this form-fill application belongs.
- Form
Fill []GetUrl Matches Domains App Urnietfparamsscimschemasoracleidcsextensionform Fill App Template App Template Form Fill Url Match - A list of application-formURLs that FormFill should match against any formUrl that the user-specifies when signing in to the target service. Each item in the list also indicates how FormFill should interpret that formUrl.
- Form
Type string - Type of the FormFill application like WebApplication, MainFrameApplication, WindowsApplication. Initially, we will support only WebApplication.
- Reveal
Password boolOn Form - If true, indicates that system is allowed to show the password in plain-text for this account after re-authentication.
- Sync
From boolTemplate - If true, indicates that each of the Form-Fill-related attributes that can be inherited from the template actually will be inherited from the template. If false, indicates that the AppTemplate disabled inheritance for these Form-Fill-related attributes.
- User
Name stringForm Expression - Indicates the custom expression, which can combine concat and substring operations with literals and with any attribute of the Oracle Identity Cloud Service User
- User
Name stringForm Template - Format for generating a username. This value can be Username or Email Address; any other value will be treated as a custom expression. A custom expression may combine 'concat' and 'substring' operations with literals and with any attribute of the Oracle Identity Cloud Service user.
- configuration String
- FormFill Application Configuration CLOB which has to be maintained in Form-Fill APP for legacy code to do Form-Fill injection
- form
Cred StringMethod - Indicates how FormFill obtains the username and password of the account that FormFill will use to sign into the target App.
- form
Credential StringSharing Group Id - Credential Sharing Group to which this form-fill application belongs.
- form
Fill List<GetUrl Matches Domains App Urnietfparamsscimschemasoracleidcsextensionform Fill App Template App Template Form Fill Url Match> - A list of application-formURLs that FormFill should match against any formUrl that the user-specifies when signing in to the target service. Each item in the list also indicates how FormFill should interpret that formUrl.
- form
Type String - Type of the FormFill application like WebApplication, MainFrameApplication, WindowsApplication. Initially, we will support only WebApplication.
- reveal
Password BooleanOn Form - If true, indicates that system is allowed to show the password in plain-text for this account after re-authentication.
- sync
From BooleanTemplate - If true, indicates that each of the Form-Fill-related attributes that can be inherited from the template actually will be inherited from the template. If false, indicates that the AppTemplate disabled inheritance for these Form-Fill-related attributes.
- user
Name StringForm Expression - Indicates the custom expression, which can combine concat and substring operations with literals and with any attribute of the Oracle Identity Cloud Service User
- user
Name StringForm Template - Format for generating a username. This value can be Username or Email Address; any other value will be treated as a custom expression. A custom expression may combine 'concat' and 'substring' operations with literals and with any attribute of the Oracle Identity Cloud Service user.
- configuration string
- FormFill Application Configuration CLOB which has to be maintained in Form-Fill APP for legacy code to do Form-Fill injection
- form
Cred stringMethod - Indicates how FormFill obtains the username and password of the account that FormFill will use to sign into the target App.
- form
Credential stringSharing Group Id - Credential Sharing Group to which this form-fill application belongs.
- form
Fill GetUrl Matches Domains App Urnietfparamsscimschemasoracleidcsextensionform Fill App Template App Template Form Fill Url Match[] - A list of application-formURLs that FormFill should match against any formUrl that the user-specifies when signing in to the target service. Each item in the list also indicates how FormFill should interpret that formUrl.
- form
Type string - Type of the FormFill application like WebApplication, MainFrameApplication, WindowsApplication. Initially, we will support only WebApplication.
- reveal
Password booleanOn Form - If true, indicates that system is allowed to show the password in plain-text for this account after re-authentication.
- sync
From booleanTemplate - If true, indicates that each of the Form-Fill-related attributes that can be inherited from the template actually will be inherited from the template. If false, indicates that the AppTemplate disabled inheritance for these Form-Fill-related attributes.
- user
Name stringForm Expression - Indicates the custom expression, which can combine concat and substring operations with literals and with any attribute of the Oracle Identity Cloud Service User
- user
Name stringForm Template - Format for generating a username. This value can be Username or Email Address; any other value will be treated as a custom expression. A custom expression may combine 'concat' and 'substring' operations with literals and with any attribute of the Oracle Identity Cloud Service user.
- configuration str
- FormFill Application Configuration CLOB which has to be maintained in Form-Fill APP for legacy code to do Form-Fill injection
- form_
cred_ strmethod - Indicates how FormFill obtains the username and password of the account that FormFill will use to sign into the target App.
- form_
credential_ strsharing_ group_ id - Credential Sharing Group to which this form-fill application belongs.
- form_
fill_ Sequence[identity.url_ matches Get Domains App Urnietfparamsscimschemasoracleidcsextensionform Fill App Template App Template Form Fill Url Match] - A list of application-formURLs that FormFill should match against any formUrl that the user-specifies when signing in to the target service. Each item in the list also indicates how FormFill should interpret that formUrl.
- form_
type str - Type of the FormFill application like WebApplication, MainFrameApplication, WindowsApplication. Initially, we will support only WebApplication.
- reveal_
password_ boolon_ form - If true, indicates that system is allowed to show the password in plain-text for this account after re-authentication.
- sync_
from_ booltemplate - If true, indicates that each of the Form-Fill-related attributes that can be inherited from the template actually will be inherited from the template. If false, indicates that the AppTemplate disabled inheritance for these Form-Fill-related attributes.
- user_
name_ strform_ expression - Indicates the custom expression, which can combine concat and substring operations with literals and with any attribute of the Oracle Identity Cloud Service User
- user_
name_ strform_ template - Format for generating a username. This value can be Username or Email Address; any other value will be treated as a custom expression. A custom expression may combine 'concat' and 'substring' operations with literals and with any attribute of the Oracle Identity Cloud Service user.
- configuration String
- FormFill Application Configuration CLOB which has to be maintained in Form-Fill APP for legacy code to do Form-Fill injection
- form
Cred StringMethod - Indicates how FormFill obtains the username and password of the account that FormFill will use to sign into the target App.
- form
Credential StringSharing Group Id - Credential Sharing Group to which this form-fill application belongs.
- form
Fill List<Property Map>Url Matches - A list of application-formURLs that FormFill should match against any formUrl that the user-specifies when signing in to the target service. Each item in the list also indicates how FormFill should interpret that formUrl.
- form
Type String - Type of the FormFill application like WebApplication, MainFrameApplication, WindowsApplication. Initially, we will support only WebApplication.
- reveal
Password BooleanOn Form - If true, indicates that system is allowed to show the password in plain-text for this account after re-authentication.
- sync
From BooleanTemplate - If true, indicates that each of the Form-Fill-related attributes that can be inherited from the template actually will be inherited from the template. If false, indicates that the AppTemplate disabled inheritance for these Form-Fill-related attributes.
- user
Name StringForm Expression - Indicates the custom expression, which can combine concat and substring operations with literals and with any attribute of the Oracle Identity Cloud Service User
- user
Name StringForm Template - Format for generating a username. This value can be Username or Email Address; any other value will be treated as a custom expression. A custom expression may combine 'concat' and 'substring' operations with literals and with any attribute of the Oracle Identity Cloud Service user.
GetDomainsAppUrnietfparamsscimschemasoracleidcsextensionformFillAppTemplateAppTemplateFormFillUrlMatch
- Form
Url string - An application formUrl that FormFill will match against any formUrl that a User enters in trying to access the target-service which this App represents.
- Form
Url stringMatch Type - Indicates how to interpret the value of 'formUrl' when matching against a user-specified formUrl. The system currently supports only 'Exact', which indicates that the value of 'formUrl' should be treated as a literal value.
- Form
Url string - An application formUrl that FormFill will match against any formUrl that a User enters in trying to access the target-service which this App represents.
- Form
Url stringMatch Type - Indicates how to interpret the value of 'formUrl' when matching against a user-specified formUrl. The system currently supports only 'Exact', which indicates that the value of 'formUrl' should be treated as a literal value.
- form
Url String - An application formUrl that FormFill will match against any formUrl that a User enters in trying to access the target-service which this App represents.
- form
Url StringMatch Type - Indicates how to interpret the value of 'formUrl' when matching against a user-specified formUrl. The system currently supports only 'Exact', which indicates that the value of 'formUrl' should be treated as a literal value.
- form
Url string - An application formUrl that FormFill will match against any formUrl that a User enters in trying to access the target-service which this App represents.
- form
Url stringMatch Type - Indicates how to interpret the value of 'formUrl' when matching against a user-specified formUrl. The system currently supports only 'Exact', which indicates that the value of 'formUrl' should be treated as a literal value.
- form_
url str - An application formUrl that FormFill will match against any formUrl that a User enters in trying to access the target-service which this App represents.
- form_
url_ strmatch_ type - Indicates how to interpret the value of 'formUrl' when matching against a user-specified formUrl. The system currently supports only 'Exact', which indicates that the value of 'formUrl' should be treated as a literal value.
- form
Url String - An application formUrl that FormFill will match against any formUrl that a User enters in trying to access the target-service which this App represents.
- form
Url StringMatch Type - Indicates how to interpret the value of 'formUrl' when matching against a user-specified formUrl. The system currently supports only 'Exact', which indicates that the value of 'formUrl' should be treated as a literal value.
GetDomainsAppUrnietfparamsscimschemasoracleidcsextensionkerberosRealmApp
- Default
Encryption stringSalt Type - The type of salt that the system will use to encrypt Kerberos-specific artifacts of this App unless another type of salt is specified.
- Master
Key string - The primary key that the system should use to encrypt artifacts that are specific to this Kerberos realm -- for example, to encrypt the Principal Key in each KerberosRealmUser.
- Max
Renewable intAge - Max Renewable Age in seconds
- Max
Ticket intLife - Max Ticket Life in seconds
- Realm
Name string - The name of the Kerberos Realm that this App uses for authentication.
- Supported
Encryption List<string>Salt Types - The types of salt that are available for the system to use when encrypting Kerberos-specific artifacts for this App.
- Ticket
Flags int - Ticket Flags
- Default
Encryption stringSalt Type - The type of salt that the system will use to encrypt Kerberos-specific artifacts of this App unless another type of salt is specified.
- Master
Key string - The primary key that the system should use to encrypt artifacts that are specific to this Kerberos realm -- for example, to encrypt the Principal Key in each KerberosRealmUser.
- Max
Renewable intAge - Max Renewable Age in seconds
- Max
Ticket intLife - Max Ticket Life in seconds
- Realm
Name string - The name of the Kerberos Realm that this App uses for authentication.
- Supported
Encryption []stringSalt Types - The types of salt that are available for the system to use when encrypting Kerberos-specific artifacts for this App.
- Ticket
Flags int - Ticket Flags
- default
Encryption StringSalt Type - The type of salt that the system will use to encrypt Kerberos-specific artifacts of this App unless another type of salt is specified.
- master
Key String - The primary key that the system should use to encrypt artifacts that are specific to this Kerberos realm -- for example, to encrypt the Principal Key in each KerberosRealmUser.
- max
Renewable IntegerAge - Max Renewable Age in seconds
- max
Ticket IntegerLife - Max Ticket Life in seconds
- realm
Name String - The name of the Kerberos Realm that this App uses for authentication.
- supported
Encryption List<String>Salt Types - The types of salt that are available for the system to use when encrypting Kerberos-specific artifacts for this App.
- ticket
Flags Integer - Ticket Flags
- default
Encryption stringSalt Type - The type of salt that the system will use to encrypt Kerberos-specific artifacts of this App unless another type of salt is specified.
- master
Key string - The primary key that the system should use to encrypt artifacts that are specific to this Kerberos realm -- for example, to encrypt the Principal Key in each KerberosRealmUser.
- max
Renewable numberAge - Max Renewable Age in seconds
- max
Ticket numberLife - Max Ticket Life in seconds
- realm
Name string - The name of the Kerberos Realm that this App uses for authentication.
- supported
Encryption string[]Salt Types - The types of salt that are available for the system to use when encrypting Kerberos-specific artifacts for this App.
- ticket
Flags number - Ticket Flags
- default_
encryption_ strsalt_ type - The type of salt that the system will use to encrypt Kerberos-specific artifacts of this App unless another type of salt is specified.
- master_
key str - The primary key that the system should use to encrypt artifacts that are specific to this Kerberos realm -- for example, to encrypt the Principal Key in each KerberosRealmUser.
- max_
renewable_ intage - Max Renewable Age in seconds
- max_
ticket_ intlife - Max Ticket Life in seconds
- realm_
name str - The name of the Kerberos Realm that this App uses for authentication.
- supported_
encryption_ Sequence[str]salt_ types - The types of salt that are available for the system to use when encrypting Kerberos-specific artifacts for this App.
- ticket_
flags int - Ticket Flags
- default
Encryption StringSalt Type - The type of salt that the system will use to encrypt Kerberos-specific artifacts of this App unless another type of salt is specified.
- master
Key String - The primary key that the system should use to encrypt artifacts that are specific to this Kerberos realm -- for example, to encrypt the Principal Key in each KerberosRealmUser.
- max
Renewable NumberAge - Max Renewable Age in seconds
- max
Ticket NumberLife - Max Ticket Life in seconds
- realm
Name String - The name of the Kerberos Realm that this App uses for authentication.
- supported
Encryption List<String>Salt Types - The types of salt that are available for the system to use when encrypting Kerberos-specific artifacts for this App.
- ticket
Flags Number - Ticket Flags
GetDomainsAppUrnietfparamsscimschemasoracleidcsextensionmanagedappApp
- Account
Form boolVisible - If true, then the account form will be displayed in the Oracle Identity Cloud Service UI to interactively create or update an account for this App. If a value is not specified for this attribute, a default value of "false" will be assumed as the value for this attribute.
- Admin
Consent boolGranted - If true, admin has granted consent to perform managed app run-time operations.
- Bundle
Configuration List<GetProperties Domains App Urnietfparamsscimschemasoracleidcsextensionmanagedapp App Bundle Configuration Property> - ConnectorBundle configuration properties
- Bundle
Pool List<GetConfigurations Domains App Urnietfparamsscimschemasoracleidcsextensionmanagedapp App Bundle Pool Configuration> - Configurable options maintaining a pool of ICF connector instances. Values for sub attributes can be set only if the ConnectorBundle referenced in the App has connectorPoolingSupported set to true
- bool
- If true, the managed app can be authoritative.
- Connected bool
- If true, the accounts of the application are managed through an ICF connector bundle
- Connector
Bundles List<GetDomains App Urnietfparamsscimschemasoracleidcsextensionmanagedapp App Connector Bundle> - ConnectorBundle
- Enable
Auth boolSync New User Notification - If true, send activation email to new users created from authoritative sync.
- Enable
Sync bool - If true, sync run-time operations are enabled for this App.
- Enable
Sync boolSummary Report Notification - If true, send sync summary as notification upon job completion.
- Flat
File List<GetBundle Configuration Properties Domains App Urnietfparamsscimschemasoracleidcsextensionmanagedapp App Flat File Bundle Configuration Property> - Flat file connector bundle configuration properties
- Flat
File List<GetConnector Bundles Domains App Urnietfparamsscimschemasoracleidcsextensionmanagedapp App Flat File Connector Bundle> - Flat file connector bundle to sync from a flat file.
- Identity
Bridges List<GetDomains App Urnietfparamsscimschemasoracleidcsextensionmanagedapp App Identity Bridge> - IdentityBridges associated with this App
- bool
- If true, sync from the managed app will be performed as authoritative sync.
- Is
Directory bool - If true, the managed app is a directory.
- Is
On boolPremise App - If true, the managed app is an On-Premise app.
- Is
Schema boolCustomization Supported - If true, the managed app supports schema customization.
- Is
Schema boolDiscovery Supported - If true, the managed app supports schema discovery.
- Is
Three boolLegged Oauth Enabled - If true, the managed app requires 3-legged OAuth for authorization.
- Is
Two boolLegged Oauth Enabled - If true, indicates that Oracle Identity Cloud Service can use two-legged OAuth to connect to this ManagedApp.
- Object
Classes List<GetDomains App Urnietfparamsscimschemasoracleidcsextensionmanagedapp App Object Class> - Object classes
- Sync
Config stringLast Modified - The most recent DateTime that the configuration of this App was updated. AppServices updates this timestamp whenever AppServices updates an App's configuration with respect to synchronization.
- Three
Legged List<GetOauth Credentials Domains App Urnietfparamsscimschemasoracleidcsextensionmanagedapp App Three Legged Oauth Credential> - The value of this attribute persists any OAuth access token that the system uses to connect to this ManagedApp. The system obtains this access token using an OAuth protocol flow that could be two-legged or three-legged. A two-legged flow involves only the requester and the server. A three-legged flow also requires the consent of a user -- in this case the consent of an administrator.
- Three
Legged stringOauth Provider Name - Three legged OAuth provider name in Oracle Identity Cloud Service.
- Account
Form boolVisible - If true, then the account form will be displayed in the Oracle Identity Cloud Service UI to interactively create or update an account for this App. If a value is not specified for this attribute, a default value of "false" will be assumed as the value for this attribute.
- Admin
Consent boolGranted - If true, admin has granted consent to perform managed app run-time operations.
- Bundle
Configuration []GetProperties Domains App Urnietfparamsscimschemasoracleidcsextensionmanagedapp App Bundle Configuration Property - ConnectorBundle configuration properties
- Bundle
Pool []GetConfigurations Domains App Urnietfparamsscimschemasoracleidcsextensionmanagedapp App Bundle Pool Configuration - Configurable options maintaining a pool of ICF connector instances. Values for sub attributes can be set only if the ConnectorBundle referenced in the App has connectorPoolingSupported set to true
- bool
- If true, the managed app can be authoritative.
- Connected bool
- If true, the accounts of the application are managed through an ICF connector bundle
- Connector
Bundles []GetDomains App Urnietfparamsscimschemasoracleidcsextensionmanagedapp App Connector Bundle - ConnectorBundle
- Enable
Auth boolSync New User Notification - If true, send activation email to new users created from authoritative sync.
- Enable
Sync bool - If true, sync run-time operations are enabled for this App.
- Enable
Sync boolSummary Report Notification - If true, send sync summary as notification upon job completion.
- Flat
File []GetBundle Configuration Properties Domains App Urnietfparamsscimschemasoracleidcsextensionmanagedapp App Flat File Bundle Configuration Property - Flat file connector bundle configuration properties
- Flat
File []GetConnector Bundles Domains App Urnietfparamsscimschemasoracleidcsextensionmanagedapp App Flat File Connector Bundle - Flat file connector bundle to sync from a flat file.
- Identity
Bridges []GetDomains App Urnietfparamsscimschemasoracleidcsextensionmanagedapp App Identity Bridge - IdentityBridges associated with this App
- bool
- If true, sync from the managed app will be performed as authoritative sync.
- Is
Directory bool - If true, the managed app is a directory.
- Is
On boolPremise App - If true, the managed app is an On-Premise app.
- Is
Schema boolCustomization Supported - If true, the managed app supports schema customization.
- Is
Schema boolDiscovery Supported - If true, the managed app supports schema discovery.
- Is
Three boolLegged Oauth Enabled - If true, the managed app requires 3-legged OAuth for authorization.
- Is
Two boolLegged Oauth Enabled - If true, indicates that Oracle Identity Cloud Service can use two-legged OAuth to connect to this ManagedApp.
- Object
Classes []GetDomains App Urnietfparamsscimschemasoracleidcsextensionmanagedapp App Object Class - Object classes
- Sync
Config stringLast Modified - The most recent DateTime that the configuration of this App was updated. AppServices updates this timestamp whenever AppServices updates an App's configuration with respect to synchronization.
- Three
Legged []GetOauth Credentials Domains App Urnietfparamsscimschemasoracleidcsextensionmanagedapp App Three Legged Oauth Credential - The value of this attribute persists any OAuth access token that the system uses to connect to this ManagedApp. The system obtains this access token using an OAuth protocol flow that could be two-legged or three-legged. A two-legged flow involves only the requester and the server. A three-legged flow also requires the consent of a user -- in this case the consent of an administrator.
- Three
Legged stringOauth Provider Name - Three legged OAuth provider name in Oracle Identity Cloud Service.
- account
Form BooleanVisible - If true, then the account form will be displayed in the Oracle Identity Cloud Service UI to interactively create or update an account for this App. If a value is not specified for this attribute, a default value of "false" will be assumed as the value for this attribute.
- admin
Consent BooleanGranted - If true, admin has granted consent to perform managed app run-time operations.
- bundle
Configuration List<GetProperties Domains App Urnietfparamsscimschemasoracleidcsextensionmanagedapp App Bundle Configuration Property> - ConnectorBundle configuration properties
- bundle
Pool List<GetConfigurations Domains App Urnietfparamsscimschemasoracleidcsextensionmanagedapp App Bundle Pool Configuration> - Configurable options maintaining a pool of ICF connector instances. Values for sub attributes can be set only if the ConnectorBundle referenced in the App has connectorPoolingSupported set to true
- Boolean
- If true, the managed app can be authoritative.
- connected Boolean
- If true, the accounts of the application are managed through an ICF connector bundle
- connector
Bundles List<GetDomains App Urnietfparamsscimschemasoracleidcsextensionmanagedapp App Connector Bundle> - ConnectorBundle
- enable
Auth BooleanSync New User Notification - If true, send activation email to new users created from authoritative sync.
- enable
Sync Boolean - If true, sync run-time operations are enabled for this App.
- enable
Sync BooleanSummary Report Notification - If true, send sync summary as notification upon job completion.
- flat
File List<GetBundle Configuration Properties Domains App Urnietfparamsscimschemasoracleidcsextensionmanagedapp App Flat File Bundle Configuration Property> - Flat file connector bundle configuration properties
- flat
File List<GetConnector Bundles Domains App Urnietfparamsscimschemasoracleidcsextensionmanagedapp App Flat File Connector Bundle> - Flat file connector bundle to sync from a flat file.
- identity
Bridges List<GetDomains App Urnietfparamsscimschemasoracleidcsextensionmanagedapp App Bridge> - IdentityBridges associated with this App
- Boolean
- If true, sync from the managed app will be performed as authoritative sync.
- is
Directory Boolean - If true, the managed app is a directory.
- is
On BooleanPremise App - If true, the managed app is an On-Premise app.
- is
Schema BooleanCustomization Supported - If true, the managed app supports schema customization.
- is
Schema BooleanDiscovery Supported - If true, the managed app supports schema discovery.
- is
Three BooleanLegged Oauth Enabled - If true, the managed app requires 3-legged OAuth for authorization.
- is
Two BooleanLegged Oauth Enabled - If true, indicates that Oracle Identity Cloud Service can use two-legged OAuth to connect to this ManagedApp.
- object
Classes List<GetDomains App Urnietfparamsscimschemasoracleidcsextensionmanagedapp App Object Class> - Object classes
- sync
Config StringLast Modified - The most recent DateTime that the configuration of this App was updated. AppServices updates this timestamp whenever AppServices updates an App's configuration with respect to synchronization.
- three
Legged List<GetOauth Credentials Domains App Urnietfparamsscimschemasoracleidcsextensionmanagedapp App Three Legged Oauth Credential> - The value of this attribute persists any OAuth access token that the system uses to connect to this ManagedApp. The system obtains this access token using an OAuth protocol flow that could be two-legged or three-legged. A two-legged flow involves only the requester and the server. A three-legged flow also requires the consent of a user -- in this case the consent of an administrator.
- three
Legged StringOauth Provider Name - Three legged OAuth provider name in Oracle Identity Cloud Service.
- account
Form booleanVisible - If true, then the account form will be displayed in the Oracle Identity Cloud Service UI to interactively create or update an account for this App. If a value is not specified for this attribute, a default value of "false" will be assumed as the value for this attribute.
- admin
Consent booleanGranted - If true, admin has granted consent to perform managed app run-time operations.
- bundle
Configuration GetProperties Domains App Urnietfparamsscimschemasoracleidcsextensionmanagedapp App Bundle Configuration Property[] - ConnectorBundle configuration properties
- bundle
Pool GetConfigurations Domains App Urnietfparamsscimschemasoracleidcsextensionmanagedapp App Bundle Pool Configuration[] - Configurable options maintaining a pool of ICF connector instances. Values for sub attributes can be set only if the ConnectorBundle referenced in the App has connectorPoolingSupported set to true
- boolean
- If true, the managed app can be authoritative.
- connected boolean
- If true, the accounts of the application are managed through an ICF connector bundle
- connector
Bundles GetDomains App Urnietfparamsscimschemasoracleidcsextensionmanagedapp App Connector Bundle[] - ConnectorBundle
- enable
Auth booleanSync New User Notification - If true, send activation email to new users created from authoritative sync.
- enable
Sync boolean - If true, sync run-time operations are enabled for this App.
- enable
Sync booleanSummary Report Notification - If true, send sync summary as notification upon job completion.
- flat
File GetBundle Configuration Properties Domains App Urnietfparamsscimschemasoracleidcsextensionmanagedapp App Flat File Bundle Configuration Property[] - Flat file connector bundle configuration properties
- flat
File GetConnector Bundles Domains App Urnietfparamsscimschemasoracleidcsextensionmanagedapp App Flat File Connector Bundle[] - Flat file connector bundle to sync from a flat file.
- identity
Bridges GetDomains App Urnietfparamsscimschemasoracleidcsextensionmanagedapp App Identity Bridge[] - IdentityBridges associated with this App
- boolean
- If true, sync from the managed app will be performed as authoritative sync.
- is
Directory boolean - If true, the managed app is a directory.
- is
On booleanPremise App - If true, the managed app is an On-Premise app.
- is
Schema booleanCustomization Supported - If true, the managed app supports schema customization.
- is
Schema booleanDiscovery Supported - If true, the managed app supports schema discovery.
- is
Three booleanLegged Oauth Enabled - If true, the managed app requires 3-legged OAuth for authorization.
- is
Two booleanLegged Oauth Enabled - If true, indicates that Oracle Identity Cloud Service can use two-legged OAuth to connect to this ManagedApp.
- object
Classes GetDomains App Urnietfparamsscimschemasoracleidcsextensionmanagedapp App Object Class[] - Object classes
- sync
Config stringLast Modified - The most recent DateTime that the configuration of this App was updated. AppServices updates this timestamp whenever AppServices updates an App's configuration with respect to synchronization.
- three
Legged GetOauth Credentials Domains App Urnietfparamsscimschemasoracleidcsextensionmanagedapp App Three Legged Oauth Credential[] - The value of this attribute persists any OAuth access token that the system uses to connect to this ManagedApp. The system obtains this access token using an OAuth protocol flow that could be two-legged or three-legged. A two-legged flow involves only the requester and the server. A three-legged flow also requires the consent of a user -- in this case the consent of an administrator.
- three
Legged stringOauth Provider Name - Three legged OAuth provider name in Oracle Identity Cloud Service.
- account_
form_ boolvisible - If true, then the account form will be displayed in the Oracle Identity Cloud Service UI to interactively create or update an account for this App. If a value is not specified for this attribute, a default value of "false" will be assumed as the value for this attribute.
- admin_
consent_ boolgranted - If true, admin has granted consent to perform managed app run-time operations.
- bundle_
configuration_ Sequence[identity.properties Get Domains App Urnietfparamsscimschemasoracleidcsextensionmanagedapp App Bundle Configuration Property] - ConnectorBundle configuration properties
- bundle_
pool_ Sequence[identity.configurations Get Domains App Urnietfparamsscimschemasoracleidcsextensionmanagedapp App Bundle Pool Configuration] - Configurable options maintaining a pool of ICF connector instances. Values for sub attributes can be set only if the ConnectorBundle referenced in the App has connectorPoolingSupported set to true
- bool
- If true, the managed app can be authoritative.
- connected bool
- If true, the accounts of the application are managed through an ICF connector bundle
- connector_
bundles Sequence[identity.Get Domains App Urnietfparamsscimschemasoracleidcsextensionmanagedapp App Connector Bundle] - ConnectorBundle
- enable_
auth_ boolsync_ new_ user_ notification - If true, send activation email to new users created from authoritative sync.
- enable_
sync bool - If true, sync run-time operations are enabled for this App.
- enable_
sync_ boolsummary_ report_ notification - If true, send sync summary as notification upon job completion.
- flat_
file_ Sequence[identity.bundle_ configuration_ properties Get Domains App Urnietfparamsscimschemasoracleidcsextensionmanagedapp App Flat File Bundle Configuration Property] - Flat file connector bundle configuration properties
- flat_
file_ Sequence[identity.connector_ bundles Get Domains App Urnietfparamsscimschemasoracleidcsextensionmanagedapp App Flat File Connector Bundle] - Flat file connector bundle to sync from a flat file.
- identity_
bridges Sequence[identity.Get Domains App Urnietfparamsscimschemasoracleidcsextensionmanagedapp App Identity Bridge] - IdentityBridges associated with this App
- bool
- If true, sync from the managed app will be performed as authoritative sync.
- is_
directory bool - If true, the managed app is a directory.
- is_
on_ boolpremise_ app - If true, the managed app is an On-Premise app.
- is_
schema_ boolcustomization_ supported - If true, the managed app supports schema customization.
- is_
schema_ booldiscovery_ supported - If true, the managed app supports schema discovery.
- is_
three_ boollegged_ oauth_ enabled - If true, the managed app requires 3-legged OAuth for authorization.
- is_
two_ boollegged_ oauth_ enabled - If true, indicates that Oracle Identity Cloud Service can use two-legged OAuth to connect to this ManagedApp.
- object_
classes Sequence[identity.Get Domains App Urnietfparamsscimschemasoracleidcsextensionmanagedapp App Object Class] - Object classes
- sync_
config_ strlast_ modified - The most recent DateTime that the configuration of this App was updated. AppServices updates this timestamp whenever AppServices updates an App's configuration with respect to synchronization.
- three_
legged_ Sequence[identity.oauth_ credentials Get Domains App Urnietfparamsscimschemasoracleidcsextensionmanagedapp App Three Legged Oauth Credential] - The value of this attribute persists any OAuth access token that the system uses to connect to this ManagedApp. The system obtains this access token using an OAuth protocol flow that could be two-legged or three-legged. A two-legged flow involves only the requester and the server. A three-legged flow also requires the consent of a user -- in this case the consent of an administrator.
- three_
legged_ stroauth_ provider_ name - Three legged OAuth provider name in Oracle Identity Cloud Service.
- account
Form BooleanVisible - If true, then the account form will be displayed in the Oracle Identity Cloud Service UI to interactively create or update an account for this App. If a value is not specified for this attribute, a default value of "false" will be assumed as the value for this attribute.
- admin
Consent BooleanGranted - If true, admin has granted consent to perform managed app run-time operations.
- bundle
Configuration List<Property Map>Properties - ConnectorBundle configuration properties
- bundle
Pool List<Property Map>Configurations - Configurable options maintaining a pool of ICF connector instances. Values for sub attributes can be set only if the ConnectorBundle referenced in the App has connectorPoolingSupported set to true
- Boolean
- If true, the managed app can be authoritative.
- connected Boolean
- If true, the accounts of the application are managed through an ICF connector bundle
- connector
Bundles List<Property Map> - ConnectorBundle
- enable
Auth BooleanSync New User Notification - If true, send activation email to new users created from authoritative sync.
- enable
Sync Boolean - If true, sync run-time operations are enabled for this App.
- enable
Sync BooleanSummary Report Notification - If true, send sync summary as notification upon job completion.
- flat
File List<Property Map>Bundle Configuration Properties - Flat file connector bundle configuration properties
- flat
File List<Property Map>Connector Bundles - Flat file connector bundle to sync from a flat file.
- identity
Bridges List<Property Map> - IdentityBridges associated with this App
- Boolean
- If true, sync from the managed app will be performed as authoritative sync.
- is
Directory Boolean - If true, the managed app is a directory.
- is
On BooleanPremise App - If true, the managed app is an On-Premise app.
- is
Schema BooleanCustomization Supported - If true, the managed app supports schema customization.
- is
Schema BooleanDiscovery Supported - If true, the managed app supports schema discovery.
- is
Three BooleanLegged Oauth Enabled - If true, the managed app requires 3-legged OAuth for authorization.
- is
Two BooleanLegged Oauth Enabled - If true, indicates that Oracle Identity Cloud Service can use two-legged OAuth to connect to this ManagedApp.
- object
Classes List<Property Map> - Object classes
- sync
Config StringLast Modified - The most recent DateTime that the configuration of this App was updated. AppServices updates this timestamp whenever AppServices updates an App's configuration with respect to synchronization.
- three
Legged List<Property Map>Oauth Credentials - The value of this attribute persists any OAuth access token that the system uses to connect to this ManagedApp. The system obtains this access token using an OAuth protocol flow that could be two-legged or three-legged. A two-legged flow involves only the requester and the server. A three-legged flow also requires the consent of a user -- in this case the consent of an administrator.
- three
Legged StringOauth Provider Name - Three legged OAuth provider name in Oracle Identity Cloud Service.
GetDomainsAppUrnietfparamsscimschemasoracleidcsextensionmanagedappAppBundleConfigurationProperty
- Confidential bool
- If true, this flatfile bundle configuration property value is confidential and will be encrypted in Oracle Identity Cloud Service. This attribute maps to "isConfidential" attribute in "ConfigurationProperty" in ICF.
- Display
Name string - Display name of the flatfile bundle configuration property. This attribute maps to "displayName" attribute in "ConfigurationProperty" in ICF.
- Help
Message string - Help message of the flatfile bundle configuration property. This attribute maps to "helpMessage" attribute in "ConfigurationProperty" in ICF.
- Icf
Type string - ICF data type of flatfile the bundle configuration property. This attribute maps to "type" attribute in "ConfigurationProperty" in ICF.
- Name string
- The attribute represents the name of the attribute that will be used in the Security Assertion Markup Language (SAML) assertion
- Order int
- Display sequence of the bundle configuration property.
- Required bool
- If true, this flatfile bundle configuration property is required to connect to the target connected managed app. This attribute maps to "isRequired" attribute in "ConfigurationProperty" in ICF.
- Values List<string>
- ID of the AppRole.
- Confidential bool
- If true, this flatfile bundle configuration property value is confidential and will be encrypted in Oracle Identity Cloud Service. This attribute maps to "isConfidential" attribute in "ConfigurationProperty" in ICF.
- Display
Name string - Display name of the flatfile bundle configuration property. This attribute maps to "displayName" attribute in "ConfigurationProperty" in ICF.
- Help
Message string - Help message of the flatfile bundle configuration property. This attribute maps to "helpMessage" attribute in "ConfigurationProperty" in ICF.
- Icf
Type string - ICF data type of flatfile the bundle configuration property. This attribute maps to "type" attribute in "ConfigurationProperty" in ICF.
- Name string
- The attribute represents the name of the attribute that will be used in the Security Assertion Markup Language (SAML) assertion
- Order int
- Display sequence of the bundle configuration property.
- Required bool
- If true, this flatfile bundle configuration property is required to connect to the target connected managed app. This attribute maps to "isRequired" attribute in "ConfigurationProperty" in ICF.
- Values []string
- ID of the AppRole.
- confidential Boolean
- If true, this flatfile bundle configuration property value is confidential and will be encrypted in Oracle Identity Cloud Service. This attribute maps to "isConfidential" attribute in "ConfigurationProperty" in ICF.
- display
Name String - Display name of the flatfile bundle configuration property. This attribute maps to "displayName" attribute in "ConfigurationProperty" in ICF.
- help
Message String - Help message of the flatfile bundle configuration property. This attribute maps to "helpMessage" attribute in "ConfigurationProperty" in ICF.
- icf
Type String - ICF data type of flatfile the bundle configuration property. This attribute maps to "type" attribute in "ConfigurationProperty" in ICF.
- name String
- The attribute represents the name of the attribute that will be used in the Security Assertion Markup Language (SAML) assertion
- order Integer
- Display sequence of the bundle configuration property.
- required Boolean
- If true, this flatfile bundle configuration property is required to connect to the target connected managed app. This attribute maps to "isRequired" attribute in "ConfigurationProperty" in ICF.
- values List<String>
- ID of the AppRole.
- confidential boolean
- If true, this flatfile bundle configuration property value is confidential and will be encrypted in Oracle Identity Cloud Service. This attribute maps to "isConfidential" attribute in "ConfigurationProperty" in ICF.
- display
Name string - Display name of the flatfile bundle configuration property. This attribute maps to "displayName" attribute in "ConfigurationProperty" in ICF.
- help
Message string - Help message of the flatfile bundle configuration property. This attribute maps to "helpMessage" attribute in "ConfigurationProperty" in ICF.
- icf
Type string - ICF data type of flatfile the bundle configuration property. This attribute maps to "type" attribute in "ConfigurationProperty" in ICF.
- name string
- The attribute represents the name of the attribute that will be used in the Security Assertion Markup Language (SAML) assertion
- order number
- Display sequence of the bundle configuration property.
- required boolean
- If true, this flatfile bundle configuration property is required to connect to the target connected managed app. This attribute maps to "isRequired" attribute in "ConfigurationProperty" in ICF.
- values string[]
- ID of the AppRole.
- confidential bool
- If true, this flatfile bundle configuration property value is confidential and will be encrypted in Oracle Identity Cloud Service. This attribute maps to "isConfidential" attribute in "ConfigurationProperty" in ICF.
- display_
name str - Display name of the flatfile bundle configuration property. This attribute maps to "displayName" attribute in "ConfigurationProperty" in ICF.
- help_
message str - Help message of the flatfile bundle configuration property. This attribute maps to "helpMessage" attribute in "ConfigurationProperty" in ICF.
- icf_
type str - ICF data type of flatfile the bundle configuration property. This attribute maps to "type" attribute in "ConfigurationProperty" in ICF.
- name str
- The attribute represents the name of the attribute that will be used in the Security Assertion Markup Language (SAML) assertion
- order int
- Display sequence of the bundle configuration property.
- required bool
- If true, this flatfile bundle configuration property is required to connect to the target connected managed app. This attribute maps to "isRequired" attribute in "ConfigurationProperty" in ICF.
- values Sequence[str]
- ID of the AppRole.
- confidential Boolean
- If true, this flatfile bundle configuration property value is confidential and will be encrypted in Oracle Identity Cloud Service. This attribute maps to "isConfidential" attribute in "ConfigurationProperty" in ICF.
- display
Name String - Display name of the flatfile bundle configuration property. This attribute maps to "displayName" attribute in "ConfigurationProperty" in ICF.
- help
Message String - Help message of the flatfile bundle configuration property. This attribute maps to "helpMessage" attribute in "ConfigurationProperty" in ICF.
- icf
Type String - ICF data type of flatfile the bundle configuration property. This attribute maps to "type" attribute in "ConfigurationProperty" in ICF.
- name String
- The attribute represents the name of the attribute that will be used in the Security Assertion Markup Language (SAML) assertion
- order Number
- Display sequence of the bundle configuration property.
- required Boolean
- If true, this flatfile bundle configuration property is required to connect to the target connected managed app. This attribute maps to "isRequired" attribute in "ConfigurationProperty" in ICF.
- values List<String>
- ID of the AppRole.
GetDomainsAppUrnietfparamsscimschemasoracleidcsextensionmanagedappAppBundlePoolConfiguration
- Max
Idle int - Maximum number of connector instances in the pool that are idle and active.
- Max
Objects int - Maximum number of connector instances in the pool that are idle and active.
- Max
Wait int - Maximum time (in milliseconds) to wait for a free connector instance to become available before failing.
- Min
Evictable intIdle Time Millis - Minimum time (in milliseconds) to wait before evicting an idle conenctor instance from the pool.
- Min
Idle int - Minimum number of idle connector instances in the pool.
- Max
Idle int - Maximum number of connector instances in the pool that are idle and active.
- Max
Objects int - Maximum number of connector instances in the pool that are idle and active.
- Max
Wait int - Maximum time (in milliseconds) to wait for a free connector instance to become available before failing.
- Min
Evictable intIdle Time Millis - Minimum time (in milliseconds) to wait before evicting an idle conenctor instance from the pool.
- Min
Idle int - Minimum number of idle connector instances in the pool.
- max
Idle Integer - Maximum number of connector instances in the pool that are idle and active.
- max
Objects Integer - Maximum number of connector instances in the pool that are idle and active.
- max
Wait Integer - Maximum time (in milliseconds) to wait for a free connector instance to become available before failing.
- min
Evictable IntegerIdle Time Millis - Minimum time (in milliseconds) to wait before evicting an idle conenctor instance from the pool.
- min
Idle Integer - Minimum number of idle connector instances in the pool.
- max
Idle number - Maximum number of connector instances in the pool that are idle and active.
- max
Objects number - Maximum number of connector instances in the pool that are idle and active.
- max
Wait number - Maximum time (in milliseconds) to wait for a free connector instance to become available before failing.
- min
Evictable numberIdle Time Millis - Minimum time (in milliseconds) to wait before evicting an idle conenctor instance from the pool.
- min
Idle number - Minimum number of idle connector instances in the pool.
- max_
idle int - Maximum number of connector instances in the pool that are idle and active.
- max_
objects int - Maximum number of connector instances in the pool that are idle and active.
- max_
wait int - Maximum time (in milliseconds) to wait for a free connector instance to become available before failing.
- min_
evictable_ intidle_ time_ millis - Minimum time (in milliseconds) to wait before evicting an idle conenctor instance from the pool.
- min_
idle int - Minimum number of idle connector instances in the pool.
- max
Idle Number - Maximum number of connector instances in the pool that are idle and active.
- max
Objects Number - Maximum number of connector instances in the pool that are idle and active.
- max
Wait Number - Maximum time (in milliseconds) to wait for a free connector instance to become available before failing.
- min
Evictable NumberIdle Time Millis - Minimum time (in milliseconds) to wait before evicting an idle conenctor instance from the pool.
- min
Idle Number - Minimum number of idle connector instances in the pool.
GetDomainsAppUrnietfparamsscimschemasoracleidcsextensionmanagedappAppConnectorBundle
- Display string
- Display-name of the AppRole.
- Ref string
- URI of the AppRole.
- Type string
- Object Class type. Allowed values are AccountObjectClass, ManagedObjectClass.
- Value string
- ID of the AppRole.
- Well
Known stringId - Unique well-known identifier used to reference connector bundle.
- Display string
- Display-name of the AppRole.
- Ref string
- URI of the AppRole.
- Type string
- Object Class type. Allowed values are AccountObjectClass, ManagedObjectClass.
- Value string
- ID of the AppRole.
- Well
Known stringId - Unique well-known identifier used to reference connector bundle.
- display String
- Display-name of the AppRole.
- ref String
- URI of the AppRole.
- type String
- Object Class type. Allowed values are AccountObjectClass, ManagedObjectClass.
- value String
- ID of the AppRole.
- well
Known StringId - Unique well-known identifier used to reference connector bundle.
- display string
- Display-name of the AppRole.
- ref string
- URI of the AppRole.
- type string
- Object Class type. Allowed values are AccountObjectClass, ManagedObjectClass.
- value string
- ID of the AppRole.
- well
Known stringId - Unique well-known identifier used to reference connector bundle.
- display str
- Display-name of the AppRole.
- ref str
- URI of the AppRole.
- type str
- Object Class type. Allowed values are AccountObjectClass, ManagedObjectClass.
- value str
- ID of the AppRole.
- well_
known_ strid - Unique well-known identifier used to reference connector bundle.
- display String
- Display-name of the AppRole.
- ref String
- URI of the AppRole.
- type String
- Object Class type. Allowed values are AccountObjectClass, ManagedObjectClass.
- value String
- ID of the AppRole.
- well
Known StringId - Unique well-known identifier used to reference connector bundle.
GetDomainsAppUrnietfparamsscimschemasoracleidcsextensionmanagedappAppFlatFileBundleConfigurationProperty
- Confidential bool
- If true, this flatfile bundle configuration property value is confidential and will be encrypted in Oracle Identity Cloud Service. This attribute maps to "isConfidential" attribute in "ConfigurationProperty" in ICF.
- Display
Name string - Display name of the flatfile bundle configuration property. This attribute maps to "displayName" attribute in "ConfigurationProperty" in ICF.
- Help
Message string - Help message of the flatfile bundle configuration property. This attribute maps to "helpMessage" attribute in "ConfigurationProperty" in ICF.
- Icf
Type string - ICF data type of flatfile the bundle configuration property. This attribute maps to "type" attribute in "ConfigurationProperty" in ICF.
- Name string
- The attribute represents the name of the attribute that will be used in the Security Assertion Markup Language (SAML) assertion
- Order int
- Display sequence of the bundle configuration property.
- Required bool
- If true, this flatfile bundle configuration property is required to connect to the target connected managed app. This attribute maps to "isRequired" attribute in "ConfigurationProperty" in ICF.
- Values List<string>
- ID of the AppRole.
- Confidential bool
- If true, this flatfile bundle configuration property value is confidential and will be encrypted in Oracle Identity Cloud Service. This attribute maps to "isConfidential" attribute in "ConfigurationProperty" in ICF.
- Display
Name string - Display name of the flatfile bundle configuration property. This attribute maps to "displayName" attribute in "ConfigurationProperty" in ICF.
- Help
Message string - Help message of the flatfile bundle configuration property. This attribute maps to "helpMessage" attribute in "ConfigurationProperty" in ICF.
- Icf
Type string - ICF data type of flatfile the bundle configuration property. This attribute maps to "type" attribute in "ConfigurationProperty" in ICF.
- Name string
- The attribute represents the name of the attribute that will be used in the Security Assertion Markup Language (SAML) assertion
- Order int
- Display sequence of the bundle configuration property.
- Required bool
- If true, this flatfile bundle configuration property is required to connect to the target connected managed app. This attribute maps to "isRequired" attribute in "ConfigurationProperty" in ICF.
- Values []string
- ID of the AppRole.
- confidential Boolean
- If true, this flatfile bundle configuration property value is confidential and will be encrypted in Oracle Identity Cloud Service. This attribute maps to "isConfidential" attribute in "ConfigurationProperty" in ICF.
- display
Name String - Display name of the flatfile bundle configuration property. This attribute maps to "displayName" attribute in "ConfigurationProperty" in ICF.
- help
Message String - Help message of the flatfile bundle configuration property. This attribute maps to "helpMessage" attribute in "ConfigurationProperty" in ICF.
- icf
Type String - ICF data type of flatfile the bundle configuration property. This attribute maps to "type" attribute in "ConfigurationProperty" in ICF.
- name String
- The attribute represents the name of the attribute that will be used in the Security Assertion Markup Language (SAML) assertion
- order Integer
- Display sequence of the bundle configuration property.
- required Boolean
- If true, this flatfile bundle configuration property is required to connect to the target connected managed app. This attribute maps to "isRequired" attribute in "ConfigurationProperty" in ICF.
- values List<String>
- ID of the AppRole.
- confidential boolean
- If true, this flatfile bundle configuration property value is confidential and will be encrypted in Oracle Identity Cloud Service. This attribute maps to "isConfidential" attribute in "ConfigurationProperty" in ICF.
- display
Name string - Display name of the flatfile bundle configuration property. This attribute maps to "displayName" attribute in "ConfigurationProperty" in ICF.
- help
Message string - Help message of the flatfile bundle configuration property. This attribute maps to "helpMessage" attribute in "ConfigurationProperty" in ICF.
- icf
Type string - ICF data type of flatfile the bundle configuration property. This attribute maps to "type" attribute in "ConfigurationProperty" in ICF.
- name string
- The attribute represents the name of the attribute that will be used in the Security Assertion Markup Language (SAML) assertion
- order number
- Display sequence of the bundle configuration property.
- required boolean
- If true, this flatfile bundle configuration property is required to connect to the target connected managed app. This attribute maps to "isRequired" attribute in "ConfigurationProperty" in ICF.
- values string[]
- ID of the AppRole.
- confidential bool
- If true, this flatfile bundle configuration property value is confidential and will be encrypted in Oracle Identity Cloud Service. This attribute maps to "isConfidential" attribute in "ConfigurationProperty" in ICF.
- display_
name str - Display name of the flatfile bundle configuration property. This attribute maps to "displayName" attribute in "ConfigurationProperty" in ICF.
- help_
message str - Help message of the flatfile bundle configuration property. This attribute maps to "helpMessage" attribute in "ConfigurationProperty" in ICF.
- icf_
type str - ICF data type of flatfile the bundle configuration property. This attribute maps to "type" attribute in "ConfigurationProperty" in ICF.
- name str
- The attribute represents the name of the attribute that will be used in the Security Assertion Markup Language (SAML) assertion
- order int
- Display sequence of the bundle configuration property.
- required bool
- If true, this flatfile bundle configuration property is required to connect to the target connected managed app. This attribute maps to "isRequired" attribute in "ConfigurationProperty" in ICF.
- values Sequence[str]
- ID of the AppRole.
- confidential Boolean
- If true, this flatfile bundle configuration property value is confidential and will be encrypted in Oracle Identity Cloud Service. This attribute maps to "isConfidential" attribute in "ConfigurationProperty" in ICF.
- display
Name String - Display name of the flatfile bundle configuration property. This attribute maps to "displayName" attribute in "ConfigurationProperty" in ICF.
- help
Message String - Help message of the flatfile bundle configuration property. This attribute maps to "helpMessage" attribute in "ConfigurationProperty" in ICF.
- icf
Type String - ICF data type of flatfile the bundle configuration property. This attribute maps to "type" attribute in "ConfigurationProperty" in ICF.
- name String
- The attribute represents the name of the attribute that will be used in the Security Assertion Markup Language (SAML) assertion
- order Number
- Display sequence of the bundle configuration property.
- required Boolean
- If true, this flatfile bundle configuration property is required to connect to the target connected managed app. This attribute maps to "isRequired" attribute in "ConfigurationProperty" in ICF.
- values List<String>
- ID of the AppRole.
GetDomainsAppUrnietfparamsscimschemasoracleidcsextensionmanagedappAppFlatFileConnectorBundle
- Display string
- Display-name of the AppRole.
- Ref string
- URI of the AppRole.
- Value string
- ID of the AppRole.
- Well
Known stringId - Unique well-known identifier used to reference connector bundle.
- Display string
- Display-name of the AppRole.
- Ref string
- URI of the AppRole.
- Value string
- ID of the AppRole.
- Well
Known stringId - Unique well-known identifier used to reference connector bundle.
- display String
- Display-name of the AppRole.
- ref String
- URI of the AppRole.
- value String
- ID of the AppRole.
- well
Known StringId - Unique well-known identifier used to reference connector bundle.
- display string
- Display-name of the AppRole.
- ref string
- URI of the AppRole.
- value string
- ID of the AppRole.
- well
Known stringId - Unique well-known identifier used to reference connector bundle.
- display str
- Display-name of the AppRole.
- ref str
- URI of the AppRole.
- value str
- ID of the AppRole.
- well_
known_ strid - Unique well-known identifier used to reference connector bundle.
- display String
- Display-name of the AppRole.
- ref String
- URI of the AppRole.
- value String
- ID of the AppRole.
- well
Known StringId - Unique well-known identifier used to reference connector bundle.
GetDomainsAppUrnietfparamsscimschemasoracleidcsextensionmanagedappAppIdentityBridge
GetDomainsAppUrnietfparamsscimschemasoracleidcsextensionmanagedappAppObjectClass
- Display string
- Display-name of the AppRole.
- Is
Account boolObject Class - If true, the object class represents an account. The isAccountObjectClass attribute value 'true' MUST appear no more than once.
- Ref string
- URI of the AppRole.
- Resource
Type string - Object class resource type
- Type string
- Object Class type. Allowed values are AccountObjectClass, ManagedObjectClass.
- Value string
- ID of the AppRole.
- Display string
- Display-name of the AppRole.
- Is
Account boolObject Class - If true, the object class represents an account. The isAccountObjectClass attribute value 'true' MUST appear no more than once.
- Ref string
- URI of the AppRole.
- Resource
Type string - Object class resource type
- Type string
- Object Class type. Allowed values are AccountObjectClass, ManagedObjectClass.
- Value string
- ID of the AppRole.
- display String
- Display-name of the AppRole.
- is
Account BooleanObject Class - If true, the object class represents an account. The isAccountObjectClass attribute value 'true' MUST appear no more than once.
- ref String
- URI of the AppRole.
- resource
Type String - Object class resource type
- type String
- Object Class type. Allowed values are AccountObjectClass, ManagedObjectClass.
- value String
- ID of the AppRole.
- display string
- Display-name of the AppRole.
- is
Account booleanObject Class - If true, the object class represents an account. The isAccountObjectClass attribute value 'true' MUST appear no more than once.
- ref string
- URI of the AppRole.
- resource
Type string - Object class resource type
- type string
- Object Class type. Allowed values are AccountObjectClass, ManagedObjectClass.
- value string
- ID of the AppRole.
- display str
- Display-name of the AppRole.
- is_
account_ boolobject_ class - If true, the object class represents an account. The isAccountObjectClass attribute value 'true' MUST appear no more than once.
- ref str
- URI of the AppRole.
- resource_
type str - Object class resource type
- type str
- Object Class type. Allowed values are AccountObjectClass, ManagedObjectClass.
- value str
- ID of the AppRole.
- display String
- Display-name of the AppRole.
- is
Account BooleanObject Class - If true, the object class represents an account. The isAccountObjectClass attribute value 'true' MUST appear no more than once.
- ref String
- URI of the AppRole.
- resource
Type String - Object class resource type
- type String
- Object Class type. Allowed values are AccountObjectClass, ManagedObjectClass.
- value String
- ID of the AppRole.
GetDomainsAppUrnietfparamsscimschemasoracleidcsextensionmanagedappAppThreeLeggedOauthCredential
- Access
Token string - Access Token
- Access
Token stringExpiry - Access token expiry
- Refresh
Token string - Refresh Token
- Access
Token string - Access Token
- Access
Token stringExpiry - Access token expiry
- Refresh
Token string - Refresh Token
- access
Token String - Access Token
- access
Token StringExpiry - Access token expiry
- refresh
Token String - Refresh Token
- access
Token string - Access Token
- access
Token stringExpiry - Access token expiry
- refresh
Token string - Refresh Token
- access_
token str - Access Token
- access_
token_ strexpiry - Access token expiry
- refresh_
token str - Refresh Token
- access
Token String - Access Token
- access
Token StringExpiry - Access token expiry
- refresh
Token String - Refresh Token
GetDomainsAppUrnietfparamsscimschemasoracleidcsextensionmulticloudServiceAppApp
- Multicloud
Platform stringUrl - The multicloud platform service URL which the application will invoke for runtime operations such as AWSCredentials api invocation
- Multicloud
Service stringType - Specifies the service type for which the application is configured for multicloud integration. For applicable external service types, app will invoke multicloud service for runtime operations
- Multicloud
Platform stringUrl - The multicloud platform service URL which the application will invoke for runtime operations such as AWSCredentials api invocation
- Multicloud
Service stringType - Specifies the service type for which the application is configured for multicloud integration. For applicable external service types, app will invoke multicloud service for runtime operations
- multicloud
Platform StringUrl - The multicloud platform service URL which the application will invoke for runtime operations such as AWSCredentials api invocation
- multicloud
Service StringType - Specifies the service type for which the application is configured for multicloud integration. For applicable external service types, app will invoke multicloud service for runtime operations
- multicloud
Platform stringUrl - The multicloud platform service URL which the application will invoke for runtime operations such as AWSCredentials api invocation
- multicloud
Service stringType - Specifies the service type for which the application is configured for multicloud integration. For applicable external service types, app will invoke multicloud service for runtime operations
- multicloud_
platform_ strurl - The multicloud platform service URL which the application will invoke for runtime operations such as AWSCredentials api invocation
- multicloud_
service_ strtype - Specifies the service type for which the application is configured for multicloud integration. For applicable external service types, app will invoke multicloud service for runtime operations
- multicloud
Platform StringUrl - The multicloud platform service URL which the application will invoke for runtime operations such as AWSCredentials api invocation
- multicloud
Service StringType - Specifies the service type for which the application is configured for multicloud integration. For applicable external service types, app will invoke multicloud service for runtime operations
GetDomainsAppUrnietfparamsscimschemasoracleidcsextensionopcServiceApp
- Current
Federation stringMode - Current Federation Mode
- Current
Synchronization stringMode - Current Synchronization Mode
- Enabling
Next boolFed Sync Modes - If true, indicates that enablement is in progress started but not completed
- Next
Federation stringMode - Next Federation Mode
- Next
Synchronization stringMode - Next Synchronization Mode
- Region string
- This value identifies the OPC region in which the service is running.
- Service
Instance stringIdentifier - This value specifies the unique identifier assigned to an instance of an Oracle Public Cloud service app.
- Current
Federation stringMode - Current Federation Mode
- Current
Synchronization stringMode - Current Synchronization Mode
- Enabling
Next boolFed Sync Modes - If true, indicates that enablement is in progress started but not completed
- Next
Federation stringMode - Next Federation Mode
- Next
Synchronization stringMode - Next Synchronization Mode
- Region string
- This value identifies the OPC region in which the service is running.
- Service
Instance stringIdentifier - This value specifies the unique identifier assigned to an instance of an Oracle Public Cloud service app.
- current
Federation StringMode - Current Federation Mode
- current
Synchronization StringMode - Current Synchronization Mode
- enabling
Next BooleanFed Sync Modes - If true, indicates that enablement is in progress started but not completed
- next
Federation StringMode - Next Federation Mode
- next
Synchronization StringMode - Next Synchronization Mode
- region String
- This value identifies the OPC region in which the service is running.
- service
Instance StringIdentifier - This value specifies the unique identifier assigned to an instance of an Oracle Public Cloud service app.
- current
Federation stringMode - Current Federation Mode
- current
Synchronization stringMode - Current Synchronization Mode
- enabling
Next booleanFed Sync Modes - If true, indicates that enablement is in progress started but not completed
- next
Federation stringMode - Next Federation Mode
- next
Synchronization stringMode - Next Synchronization Mode
- region string
- This value identifies the OPC region in which the service is running.
- service
Instance stringIdentifier - This value specifies the unique identifier assigned to an instance of an Oracle Public Cloud service app.
- current_
federation_ strmode - Current Federation Mode
- current_
synchronization_ strmode - Current Synchronization Mode
- enabling_
next_ boolfed_ sync_ modes - If true, indicates that enablement is in progress started but not completed
- next_
federation_ strmode - Next Federation Mode
- next_
synchronization_ strmode - Next Synchronization Mode
- region str
- This value identifies the OPC region in which the service is running.
- service_
instance_ stridentifier - This value specifies the unique identifier assigned to an instance of an Oracle Public Cloud service app.
- current
Federation StringMode - Current Federation Mode
- current
Synchronization StringMode - Current Synchronization Mode
- enabling
Next BooleanFed Sync Modes - If true, indicates that enablement is in progress started but not completed
- next
Federation StringMode - Next Federation Mode
- next
Synchronization StringMode - Next Synchronization Mode
- region String
- This value identifies the OPC region in which the service is running.
- service
Instance StringIdentifier - This value specifies the unique identifier assigned to an instance of an Oracle Public Cloud service app.
GetDomainsAppUrnietfparamsscimschemasoracleidcsextensionradiusAppApp
- Capture
Client boolIp - If true, capture the client IP address from the RADIUS request packet. IP Address is used for auditing, policy-evaluation and country-code calculation.
- Client
Ip string - This is the IP address of the RADIUS Client like Oracle Database server. It can be only IP address and not hostname.
- Country
Code stringResponse Attribute Id - Vendor-specific identifier of the attribute in the RADIUS response that will contain the end-user's country code. This is an integer-value in the range 1 to 255
- End
User stringIp Attribute - The name of the attribute that contains the Internet Protocol address of the end-user.
- Group
Membership stringRadius Attribute - RADIUS attribute that RADIUS-enabled system uses to pass the group membership
- Group
Membership List<GetTo Returns Domains App Urnietfparamsscimschemasoracleidcsextensionradius App App Group Membership To Return> - In a successful authentication response, Oracle Identity Cloud Service will pass user's group information restricted to groups persisted in this attribute, in the specified RADIUS attribute.
- Group
Name stringFormat - Configure the groupNameFormat based on vendor in order to pass it to RADIUS infra
- Include
Group boolIn Response - Indicates to include groups in RADIUS response
- Password
And boolOtp Together - Indicates if password and OTP are passed in the same sign-in request or not.
- Port string
- This is the port of RADIUS Proxy which RADIUS client will connect to.
- Radius
Vendor stringSpecific Id - ID used to identify a particular vendor.
- Response
Format string - Configure the responseFormat based on vendor in order to pass it to RADIUS infra
- Response
Format stringDelimiter - The delimiter used if group membership responseFormat is a delimited list instead of repeating attributes
- Secret
Key string - Secret key used to secure communication between RADIUS Proxy and RADIUS client
- Type
Of stringRadius App - Value consists of type of RADIUS App. Type can be Oracle Database, VPN etc
- Capture
Client boolIp - If true, capture the client IP address from the RADIUS request packet. IP Address is used for auditing, policy-evaluation and country-code calculation.
- Client
Ip string - This is the IP address of the RADIUS Client like Oracle Database server. It can be only IP address and not hostname.
- Country
Code stringResponse Attribute Id - Vendor-specific identifier of the attribute in the RADIUS response that will contain the end-user's country code. This is an integer-value in the range 1 to 255
- End
User stringIp Attribute - The name of the attribute that contains the Internet Protocol address of the end-user.
- Group
Membership stringRadius Attribute - RADIUS attribute that RADIUS-enabled system uses to pass the group membership
- Group
Membership []GetTo Returns Domains App Urnietfparamsscimschemasoracleidcsextensionradius App App Group Membership To Return - In a successful authentication response, Oracle Identity Cloud Service will pass user's group information restricted to groups persisted in this attribute, in the specified RADIUS attribute.
- Group
Name stringFormat - Configure the groupNameFormat based on vendor in order to pass it to RADIUS infra
- Include
Group boolIn Response - Indicates to include groups in RADIUS response
- Password
And boolOtp Together - Indicates if password and OTP are passed in the same sign-in request or not.
- Port string
- This is the port of RADIUS Proxy which RADIUS client will connect to.
- Radius
Vendor stringSpecific Id - ID used to identify a particular vendor.
- Response
Format string - Configure the responseFormat based on vendor in order to pass it to RADIUS infra
- Response
Format stringDelimiter - The delimiter used if group membership responseFormat is a delimited list instead of repeating attributes
- Secret
Key string - Secret key used to secure communication between RADIUS Proxy and RADIUS client
- Type
Of stringRadius App - Value consists of type of RADIUS App. Type can be Oracle Database, VPN etc
- capture
Client BooleanIp - If true, capture the client IP address from the RADIUS request packet. IP Address is used for auditing, policy-evaluation and country-code calculation.
- client
Ip String - This is the IP address of the RADIUS Client like Oracle Database server. It can be only IP address and not hostname.
- country
Code StringResponse Attribute Id - Vendor-specific identifier of the attribute in the RADIUS response that will contain the end-user's country code. This is an integer-value in the range 1 to 255
- end
User StringIp Attribute - The name of the attribute that contains the Internet Protocol address of the end-user.
- group
Membership StringRadius Attribute - RADIUS attribute that RADIUS-enabled system uses to pass the group membership
- group
Membership List<GetTo Returns Domains App Urnietfparamsscimschemasoracleidcsextensionradius App App Group Membership To Return> - In a successful authentication response, Oracle Identity Cloud Service will pass user's group information restricted to groups persisted in this attribute, in the specified RADIUS attribute.
- group
Name StringFormat - Configure the groupNameFormat based on vendor in order to pass it to RADIUS infra
- include
Group BooleanIn Response - Indicates to include groups in RADIUS response
- password
And BooleanOtp Together - Indicates if password and OTP are passed in the same sign-in request or not.
- port String
- This is the port of RADIUS Proxy which RADIUS client will connect to.
- radius
Vendor StringSpecific Id - ID used to identify a particular vendor.
- response
Format String - Configure the responseFormat based on vendor in order to pass it to RADIUS infra
- response
Format StringDelimiter - The delimiter used if group membership responseFormat is a delimited list instead of repeating attributes
- secret
Key String - Secret key used to secure communication between RADIUS Proxy and RADIUS client
- type
Of StringRadius App - Value consists of type of RADIUS App. Type can be Oracle Database, VPN etc
- capture
Client booleanIp - If true, capture the client IP address from the RADIUS request packet. IP Address is used for auditing, policy-evaluation and country-code calculation.
- client
Ip string - This is the IP address of the RADIUS Client like Oracle Database server. It can be only IP address and not hostname.
- country
Code stringResponse Attribute Id - Vendor-specific identifier of the attribute in the RADIUS response that will contain the end-user's country code. This is an integer-value in the range 1 to 255
- end
User stringIp Attribute - The name of the attribute that contains the Internet Protocol address of the end-user.
- group
Membership stringRadius Attribute - RADIUS attribute that RADIUS-enabled system uses to pass the group membership
- group
Membership GetTo Returns Domains App Urnietfparamsscimschemasoracleidcsextensionradius App App Group Membership To Return[] - In a successful authentication response, Oracle Identity Cloud Service will pass user's group information restricted to groups persisted in this attribute, in the specified RADIUS attribute.
- group
Name stringFormat - Configure the groupNameFormat based on vendor in order to pass it to RADIUS infra
- include
Group booleanIn Response - Indicates to include groups in RADIUS response
- password
And booleanOtp Together - Indicates if password and OTP are passed in the same sign-in request or not.
- port string
- This is the port of RADIUS Proxy which RADIUS client will connect to.
- radius
Vendor stringSpecific Id - ID used to identify a particular vendor.
- response
Format string - Configure the responseFormat based on vendor in order to pass it to RADIUS infra
- response
Format stringDelimiter - The delimiter used if group membership responseFormat is a delimited list instead of repeating attributes
- secret
Key string - Secret key used to secure communication between RADIUS Proxy and RADIUS client
- type
Of stringRadius App - Value consists of type of RADIUS App. Type can be Oracle Database, VPN etc
- capture_
client_ boolip - If true, capture the client IP address from the RADIUS request packet. IP Address is used for auditing, policy-evaluation and country-code calculation.
- client_
ip str - This is the IP address of the RADIUS Client like Oracle Database server. It can be only IP address and not hostname.
- country_
code_ strresponse_ attribute_ id - Vendor-specific identifier of the attribute in the RADIUS response that will contain the end-user's country code. This is an integer-value in the range 1 to 255
- end_
user_ strip_ attribute - The name of the attribute that contains the Internet Protocol address of the end-user.
- group_
membership_ strradius_ attribute - RADIUS attribute that RADIUS-enabled system uses to pass the group membership
- group_
membership_ Sequence[identity.to_ returns Get Domains App Urnietfparamsscimschemasoracleidcsextensionradius App App Group Membership To Return] - In a successful authentication response, Oracle Identity Cloud Service will pass user's group information restricted to groups persisted in this attribute, in the specified RADIUS attribute.
- group_
name_ strformat - Configure the groupNameFormat based on vendor in order to pass it to RADIUS infra
- include_
group_ boolin_ response - Indicates to include groups in RADIUS response
- password_
and_ boolotp_ together - Indicates if password and OTP are passed in the same sign-in request or not.
- port str
- This is the port of RADIUS Proxy which RADIUS client will connect to.
- radius_
vendor_ strspecific_ id - ID used to identify a particular vendor.
- response_
format str - Configure the responseFormat based on vendor in order to pass it to RADIUS infra
- response_
format_ strdelimiter - The delimiter used if group membership responseFormat is a delimited list instead of repeating attributes
- secret_
key str - Secret key used to secure communication between RADIUS Proxy and RADIUS client
- type_
of_ strradius_ app - Value consists of type of RADIUS App. Type can be Oracle Database, VPN etc
- capture
Client BooleanIp - If true, capture the client IP address from the RADIUS request packet. IP Address is used for auditing, policy-evaluation and country-code calculation.
- client
Ip String - This is the IP address of the RADIUS Client like Oracle Database server. It can be only IP address and not hostname.
- country
Code StringResponse Attribute Id - Vendor-specific identifier of the attribute in the RADIUS response that will contain the end-user's country code. This is an integer-value in the range 1 to 255
- end
User StringIp Attribute - The name of the attribute that contains the Internet Protocol address of the end-user.
- group
Membership StringRadius Attribute - RADIUS attribute that RADIUS-enabled system uses to pass the group membership
- group
Membership List<Property Map>To Returns - In a successful authentication response, Oracle Identity Cloud Service will pass user's group information restricted to groups persisted in this attribute, in the specified RADIUS attribute.
- group
Name StringFormat - Configure the groupNameFormat based on vendor in order to pass it to RADIUS infra
- include
Group BooleanIn Response - Indicates to include groups in RADIUS response
- password
And BooleanOtp Together - Indicates if password and OTP are passed in the same sign-in request or not.
- port String
- This is the port of RADIUS Proxy which RADIUS client will connect to.
- radius
Vendor StringSpecific Id - ID used to identify a particular vendor.
- response
Format String - Configure the responseFormat based on vendor in order to pass it to RADIUS infra
- response
Format StringDelimiter - The delimiter used if group membership responseFormat is a delimited list instead of repeating attributes
- secret
Key String - Secret key used to secure communication between RADIUS Proxy and RADIUS client
- type
Of StringRadius App - Value consists of type of RADIUS App. Type can be Oracle Database, VPN etc
GetDomainsAppUrnietfparamsscimschemasoracleidcsextensionradiusAppAppGroupMembershipToReturn
GetDomainsAppUrnietfparamsscimschemasoracleidcsextensionrequestableApp
- Requestable bool
- Flag controlling whether resource can be request by user through self service console.
- Requestable bool
- Flag controlling whether resource can be request by user through self service console.
- requestable Boolean
- Flag controlling whether resource can be request by user through self service console.
- requestable boolean
- Flag controlling whether resource can be request by user through self service console.
- requestable bool
- Flag controlling whether resource can be request by user through self service console.
- requestable Boolean
- Flag controlling whether resource can be request by user through self service console.
GetDomainsAppUrnietfparamsscimschemasoracleidcsextensionsamlServiceProviderApp
- Assertion
Consumer stringUrl - The attribute represents the URL to which the SAML Assertions will be sent by the SAML IdP.
- Encrypt
Assertion bool - If true, indicates that the system must encrypt the Security Assertion Markup Language (SAML) assertion.
- Encryption
Algorithm string - This attribute indicates the encryption algorithm used to encrypt the SAML assertion.
- Encryption
Certificate string - This attribute represents the encryption certificate that an App uses to encrypt the Security Assertion Markup Language (SAML) assertion.
- Federation
Protocol string - Specifies the preferred federation protocol (SAML2.0 or WS-Fed1.1).
- Group
Assertion List<GetAttributes Domains App Urnietfparamsscimschemasoracleidcsextensionsaml Service Provider App Group Assertion Attribute> - Each value of this attribute describes an attribute of Group that will be sent in a Security Assertion Markup Language (SAML) assertion.
- Hok
Acs stringUrl - Hok Assertion Consumer Service Url
- Hok
Required bool - If enabled, then the SAML Service supports Hok for this App.
- Include
Signing boolCert In Signature - If true, then the signing certificate is included in the signature.
- Key
Encryption stringAlgorithm - This attribute indicates the key encryption algorithm.
- Last
Notification stringSent Time - Records the notification timestamp for the SP whose signing certificate is about to expire.
- Logout
Binding string - This attribute represents the HTTP binding that would be used while logout.
- Logout
Enabled bool - If true, then the SAML Service supports logout for this App.
- Logout
Request stringUrl - The URL to which the partner sends the logout request.
- Logout
Response stringUrl - The URL to which the partner sends the logout response.
- Metadata string
- This attribute represents the metadata of a Security Provider in the Security Assertion Markup Language protocol.
- Name
Id stringFormat - This can be any string, but there are a set of standard nameIdFormats. If a nameIdFormat other than the standard list is chosen, it will be considered a custom nameidformat. The standard nameidformats include: saml-x509, saml-emailaddress, saml-windowsnamequalifier, saml-kerberos, saml-persistent, saml-transient, saml-unspecified, saml-none, and saml-persistent-opaque.
- Name
Id stringUserstore Attribute - Deprecated Since: 18.2.2
- Outbound
Assertion List<GetAttributes Domains App Urnietfparamsscimschemasoracleidcsextensionsaml Service Provider App Outbound Assertion Attribute> - Use to construct the outgoing SAML attributes
- Partner
Provider stringId - The ID of the Provider. This value corresponds to the entityID from the Service Provider metadata.
- Partner
Provider stringPattern - The pattern of the Provider. This value corresponds to the entityID from the Service Provider metadata.
- Sign
Response stringOr Assertion - Indicates which part of the response should be signed. A value of "Assertion" indicates that the Assertion should be signed. A value of "Response" indicates that the SSO Response should be signed. A value of "AssertionAndResponse" indicates that both the Assertion and the SSO Response should be signed.
- Signature
Hash stringAlgorithm - This attribute represents the algorithm used to hash the signature.
- Signing
Certificate string - This attribute represents the signing certificate that an App uses to verify the signed authentication request.
- Succinct
Id string - This attribute represents the Succinct ID.
- Tenant
Provider stringId - The alternate Provider ID to be used as the Oracle Identity Cloud Service providerID (instead of the one in SamlSettings) when interacting with this SP.
- User
Assertion List<GetAttributes Domains App Urnietfparamsscimschemasoracleidcsextensionsaml Service Provider App User Assertion Attribute> - Each value of this attribute describes an attribute of User that will be sent in a Security Assertion Markup Language (SAML) assertion.
- Assertion
Consumer stringUrl - The attribute represents the URL to which the SAML Assertions will be sent by the SAML IdP.
- Encrypt
Assertion bool - If true, indicates that the system must encrypt the Security Assertion Markup Language (SAML) assertion.
- Encryption
Algorithm string - This attribute indicates the encryption algorithm used to encrypt the SAML assertion.
- Encryption
Certificate string - This attribute represents the encryption certificate that an App uses to encrypt the Security Assertion Markup Language (SAML) assertion.
- Federation
Protocol string - Specifies the preferred federation protocol (SAML2.0 or WS-Fed1.1).
- Group
Assertion []GetAttributes Domains App Urnietfparamsscimschemasoracleidcsextensionsaml Service Provider App Group Assertion Attribute - Each value of this attribute describes an attribute of Group that will be sent in a Security Assertion Markup Language (SAML) assertion.
- Hok
Acs stringUrl - Hok Assertion Consumer Service Url
- Hok
Required bool - If enabled, then the SAML Service supports Hok for this App.
- Include
Signing boolCert In Signature - If true, then the signing certificate is included in the signature.
- Key
Encryption stringAlgorithm - This attribute indicates the key encryption algorithm.
- Last
Notification stringSent Time - Records the notification timestamp for the SP whose signing certificate is about to expire.
- Logout
Binding string - This attribute represents the HTTP binding that would be used while logout.
- Logout
Enabled bool - If true, then the SAML Service supports logout for this App.
- Logout
Request stringUrl - The URL to which the partner sends the logout request.
- Logout
Response stringUrl - The URL to which the partner sends the logout response.
- Metadata string
- This attribute represents the metadata of a Security Provider in the Security Assertion Markup Language protocol.
- Name
Id stringFormat - This can be any string, but there are a set of standard nameIdFormats. If a nameIdFormat other than the standard list is chosen, it will be considered a custom nameidformat. The standard nameidformats include: saml-x509, saml-emailaddress, saml-windowsnamequalifier, saml-kerberos, saml-persistent, saml-transient, saml-unspecified, saml-none, and saml-persistent-opaque.
- Name
Id stringUserstore Attribute - Deprecated Since: 18.2.2
- Outbound
Assertion []GetAttributes Domains App Urnietfparamsscimschemasoracleidcsextensionsaml Service Provider App Outbound Assertion Attribute - Use to construct the outgoing SAML attributes
- Partner
Provider stringId - The ID of the Provider. This value corresponds to the entityID from the Service Provider metadata.
- Partner
Provider stringPattern - The pattern of the Provider. This value corresponds to the entityID from the Service Provider metadata.
- Sign
Response stringOr Assertion - Indicates which part of the response should be signed. A value of "Assertion" indicates that the Assertion should be signed. A value of "Response" indicates that the SSO Response should be signed. A value of "AssertionAndResponse" indicates that both the Assertion and the SSO Response should be signed.
- Signature
Hash stringAlgorithm - This attribute represents the algorithm used to hash the signature.
- Signing
Certificate string - This attribute represents the signing certificate that an App uses to verify the signed authentication request.
- Succinct
Id string - This attribute represents the Succinct ID.
- Tenant
Provider stringId - The alternate Provider ID to be used as the Oracle Identity Cloud Service providerID (instead of the one in SamlSettings) when interacting with this SP.
- User
Assertion []GetAttributes Domains App Urnietfparamsscimschemasoracleidcsextensionsaml Service Provider App User Assertion Attribute - Each value of this attribute describes an attribute of User that will be sent in a Security Assertion Markup Language (SAML) assertion.
- assertion
Consumer StringUrl - The attribute represents the URL to which the SAML Assertions will be sent by the SAML IdP.
- encrypt
Assertion Boolean - If true, indicates that the system must encrypt the Security Assertion Markup Language (SAML) assertion.
- encryption
Algorithm String - This attribute indicates the encryption algorithm used to encrypt the SAML assertion.
- encryption
Certificate String - This attribute represents the encryption certificate that an App uses to encrypt the Security Assertion Markup Language (SAML) assertion.
- federation
Protocol String - Specifies the preferred federation protocol (SAML2.0 or WS-Fed1.1).
- group
Assertion List<GetAttributes Domains App Urnietfparamsscimschemasoracleidcsextensionsaml Service Provider App Group Assertion Attribute> - Each value of this attribute describes an attribute of Group that will be sent in a Security Assertion Markup Language (SAML) assertion.
- hok
Acs StringUrl - Hok Assertion Consumer Service Url
- hok
Required Boolean - If enabled, then the SAML Service supports Hok for this App.
- include
Signing BooleanCert In Signature - If true, then the signing certificate is included in the signature.
- key
Encryption StringAlgorithm - This attribute indicates the key encryption algorithm.
- last
Notification StringSent Time - Records the notification timestamp for the SP whose signing certificate is about to expire.
- logout
Binding String - This attribute represents the HTTP binding that would be used while logout.
- logout
Enabled Boolean - If true, then the SAML Service supports logout for this App.
- logout
Request StringUrl - The URL to which the partner sends the logout request.
- logout
Response StringUrl - The URL to which the partner sends the logout response.
- metadata String
- This attribute represents the metadata of a Security Provider in the Security Assertion Markup Language protocol.
- name
Id StringFormat - This can be any string, but there are a set of standard nameIdFormats. If a nameIdFormat other than the standard list is chosen, it will be considered a custom nameidformat. The standard nameidformats include: saml-x509, saml-emailaddress, saml-windowsnamequalifier, saml-kerberos, saml-persistent, saml-transient, saml-unspecified, saml-none, and saml-persistent-opaque.
- name
Id StringUserstore Attribute - Deprecated Since: 18.2.2
- outbound
Assertion List<GetAttributes Domains App Urnietfparamsscimschemasoracleidcsextensionsaml Service Provider App Outbound Assertion Attribute> - Use to construct the outgoing SAML attributes
- partner
Provider StringId - The ID of the Provider. This value corresponds to the entityID from the Service Provider metadata.
- partner
Provider StringPattern - The pattern of the Provider. This value corresponds to the entityID from the Service Provider metadata.
- sign
Response StringOr Assertion - Indicates which part of the response should be signed. A value of "Assertion" indicates that the Assertion should be signed. A value of "Response" indicates that the SSO Response should be signed. A value of "AssertionAndResponse" indicates that both the Assertion and the SSO Response should be signed.
- signature
Hash StringAlgorithm - This attribute represents the algorithm used to hash the signature.
- signing
Certificate String - This attribute represents the signing certificate that an App uses to verify the signed authentication request.
- succinct
Id String - This attribute represents the Succinct ID.
- tenant
Provider StringId - The alternate Provider ID to be used as the Oracle Identity Cloud Service providerID (instead of the one in SamlSettings) when interacting with this SP.
- user
Assertion List<GetAttributes Domains App Urnietfparamsscimschemasoracleidcsextensionsaml Service Provider App User Assertion Attribute> - Each value of this attribute describes an attribute of User that will be sent in a Security Assertion Markup Language (SAML) assertion.
- assertion
Consumer stringUrl - The attribute represents the URL to which the SAML Assertions will be sent by the SAML IdP.
- encrypt
Assertion boolean - If true, indicates that the system must encrypt the Security Assertion Markup Language (SAML) assertion.
- encryption
Algorithm string - This attribute indicates the encryption algorithm used to encrypt the SAML assertion.
- encryption
Certificate string - This attribute represents the encryption certificate that an App uses to encrypt the Security Assertion Markup Language (SAML) assertion.
- federation
Protocol string - Specifies the preferred federation protocol (SAML2.0 or WS-Fed1.1).
- group
Assertion GetAttributes Domains App Urnietfparamsscimschemasoracleidcsextensionsaml Service Provider App Group Assertion Attribute[] - Each value of this attribute describes an attribute of Group that will be sent in a Security Assertion Markup Language (SAML) assertion.
- hok
Acs stringUrl - Hok Assertion Consumer Service Url
- hok
Required boolean - If enabled, then the SAML Service supports Hok for this App.
- include
Signing booleanCert In Signature - If true, then the signing certificate is included in the signature.
- key
Encryption stringAlgorithm - This attribute indicates the key encryption algorithm.
- last
Notification stringSent Time - Records the notification timestamp for the SP whose signing certificate is about to expire.
- logout
Binding string - This attribute represents the HTTP binding that would be used while logout.
- logout
Enabled boolean - If true, then the SAML Service supports logout for this App.
- logout
Request stringUrl - The URL to which the partner sends the logout request.
- logout
Response stringUrl - The URL to which the partner sends the logout response.
- metadata string
- This attribute represents the metadata of a Security Provider in the Security Assertion Markup Language protocol.
- name
Id stringFormat - This can be any string, but there are a set of standard nameIdFormats. If a nameIdFormat other than the standard list is chosen, it will be considered a custom nameidformat. The standard nameidformats include: saml-x509, saml-emailaddress, saml-windowsnamequalifier, saml-kerberos, saml-persistent, saml-transient, saml-unspecified, saml-none, and saml-persistent-opaque.
- name
Id stringUserstore Attribute - Deprecated Since: 18.2.2
- outbound
Assertion GetAttributes Domains App Urnietfparamsscimschemasoracleidcsextensionsaml Service Provider App Outbound Assertion Attribute[] - Use to construct the outgoing SAML attributes
- partner
Provider stringId - The ID of the Provider. This value corresponds to the entityID from the Service Provider metadata.
- partner
Provider stringPattern - The pattern of the Provider. This value corresponds to the entityID from the Service Provider metadata.
- sign
Response stringOr Assertion - Indicates which part of the response should be signed. A value of "Assertion" indicates that the Assertion should be signed. A value of "Response" indicates that the SSO Response should be signed. A value of "AssertionAndResponse" indicates that both the Assertion and the SSO Response should be signed.
- signature
Hash stringAlgorithm - This attribute represents the algorithm used to hash the signature.
- signing
Certificate string - This attribute represents the signing certificate that an App uses to verify the signed authentication request.
- succinct
Id string - This attribute represents the Succinct ID.
- tenant
Provider stringId - The alternate Provider ID to be used as the Oracle Identity Cloud Service providerID (instead of the one in SamlSettings) when interacting with this SP.
- user
Assertion GetAttributes Domains App Urnietfparamsscimschemasoracleidcsextensionsaml Service Provider App User Assertion Attribute[] - Each value of this attribute describes an attribute of User that will be sent in a Security Assertion Markup Language (SAML) assertion.
- assertion_
consumer_ strurl - The attribute represents the URL to which the SAML Assertions will be sent by the SAML IdP.
- encrypt_
assertion bool - If true, indicates that the system must encrypt the Security Assertion Markup Language (SAML) assertion.
- encryption_
algorithm str - This attribute indicates the encryption algorithm used to encrypt the SAML assertion.
- encryption_
certificate str - This attribute represents the encryption certificate that an App uses to encrypt the Security Assertion Markup Language (SAML) assertion.
- federation_
protocol str - Specifies the preferred federation protocol (SAML2.0 or WS-Fed1.1).
- group_
assertion_ Sequence[identity.attributes Get Domains App Urnietfparamsscimschemasoracleidcsextensionsaml Service Provider App Group Assertion Attribute] - Each value of this attribute describes an attribute of Group that will be sent in a Security Assertion Markup Language (SAML) assertion.
- hok_
acs_ strurl - Hok Assertion Consumer Service Url
- hok_
required bool - If enabled, then the SAML Service supports Hok for this App.
- include_
signing_ boolcert_ in_ signature - If true, then the signing certificate is included in the signature.
- key_
encryption_ stralgorithm - This attribute indicates the key encryption algorithm.
- last_
notification_ strsent_ time - Records the notification timestamp for the SP whose signing certificate is about to expire.
- logout_
binding str - This attribute represents the HTTP binding that would be used while logout.
- logout_
enabled bool - If true, then the SAML Service supports logout for this App.
- logout_
request_ strurl - The URL to which the partner sends the logout request.
- logout_
response_ strurl - The URL to which the partner sends the logout response.
- metadata str
- This attribute represents the metadata of a Security Provider in the Security Assertion Markup Language protocol.
- name_
id_ strformat - This can be any string, but there are a set of standard nameIdFormats. If a nameIdFormat other than the standard list is chosen, it will be considered a custom nameidformat. The standard nameidformats include: saml-x509, saml-emailaddress, saml-windowsnamequalifier, saml-kerberos, saml-persistent, saml-transient, saml-unspecified, saml-none, and saml-persistent-opaque.
- name_
id_ struserstore_ attribute - Deprecated Since: 18.2.2
- outbound_
assertion_ Sequence[identity.attributes Get Domains App Urnietfparamsscimschemasoracleidcsextensionsaml Service Provider App Outbound Assertion Attribute] - Use to construct the outgoing SAML attributes
- partner_
provider_ strid - The ID of the Provider. This value corresponds to the entityID from the Service Provider metadata.
- partner_
provider_ strpattern - The pattern of the Provider. This value corresponds to the entityID from the Service Provider metadata.
- sign_
response_ stror_ assertion - Indicates which part of the response should be signed. A value of "Assertion" indicates that the Assertion should be signed. A value of "Response" indicates that the SSO Response should be signed. A value of "AssertionAndResponse" indicates that both the Assertion and the SSO Response should be signed.
- signature_
hash_ stralgorithm - This attribute represents the algorithm used to hash the signature.
- signing_
certificate str - This attribute represents the signing certificate that an App uses to verify the signed authentication request.
- succinct_
id str - This attribute represents the Succinct ID.
- tenant_
provider_ strid - The alternate Provider ID to be used as the Oracle Identity Cloud Service providerID (instead of the one in SamlSettings) when interacting with this SP.
- user_
assertion_ Sequence[identity.attributes Get Domains App Urnietfparamsscimschemasoracleidcsextensionsaml Service Provider App User Assertion Attribute] - Each value of this attribute describes an attribute of User that will be sent in a Security Assertion Markup Language (SAML) assertion.
- assertion
Consumer StringUrl - The attribute represents the URL to which the SAML Assertions will be sent by the SAML IdP.
- encrypt
Assertion Boolean - If true, indicates that the system must encrypt the Security Assertion Markup Language (SAML) assertion.
- encryption
Algorithm String - This attribute indicates the encryption algorithm used to encrypt the SAML assertion.
- encryption
Certificate String - This attribute represents the encryption certificate that an App uses to encrypt the Security Assertion Markup Language (SAML) assertion.
- federation
Protocol String - Specifies the preferred federation protocol (SAML2.0 or WS-Fed1.1).
- group
Assertion List<Property Map>Attributes - Each value of this attribute describes an attribute of Group that will be sent in a Security Assertion Markup Language (SAML) assertion.
- hok
Acs StringUrl - Hok Assertion Consumer Service Url
- hok
Required Boolean - If enabled, then the SAML Service supports Hok for this App.
- include
Signing BooleanCert In Signature - If true, then the signing certificate is included in the signature.
- key
Encryption StringAlgorithm - This attribute indicates the key encryption algorithm.
- last
Notification StringSent Time - Records the notification timestamp for the SP whose signing certificate is about to expire.
- logout
Binding String - This attribute represents the HTTP binding that would be used while logout.
- logout
Enabled Boolean - If true, then the SAML Service supports logout for this App.
- logout
Request StringUrl - The URL to which the partner sends the logout request.
- logout
Response StringUrl - The URL to which the partner sends the logout response.
- metadata String
- This attribute represents the metadata of a Security Provider in the Security Assertion Markup Language protocol.
- name
Id StringFormat - This can be any string, but there are a set of standard nameIdFormats. If a nameIdFormat other than the standard list is chosen, it will be considered a custom nameidformat. The standard nameidformats include: saml-x509, saml-emailaddress, saml-windowsnamequalifier, saml-kerberos, saml-persistent, saml-transient, saml-unspecified, saml-none, and saml-persistent-opaque.
- name
Id StringUserstore Attribute - Deprecated Since: 18.2.2
- outbound
Assertion List<Property Map>Attributes - Use to construct the outgoing SAML attributes
- partner
Provider StringId - The ID of the Provider. This value corresponds to the entityID from the Service Provider metadata.
- partner
Provider StringPattern - The pattern of the Provider. This value corresponds to the entityID from the Service Provider metadata.
- sign
Response StringOr Assertion - Indicates which part of the response should be signed. A value of "Assertion" indicates that the Assertion should be signed. A value of "Response" indicates that the SSO Response should be signed. A value of "AssertionAndResponse" indicates that both the Assertion and the SSO Response should be signed.
- signature
Hash StringAlgorithm - This attribute represents the algorithm used to hash the signature.
- signing
Certificate String - This attribute represents the signing certificate that an App uses to verify the signed authentication request.
- succinct
Id String - This attribute represents the Succinct ID.
- tenant
Provider StringId - The alternate Provider ID to be used as the Oracle Identity Cloud Service providerID (instead of the one in SamlSettings) when interacting with this SP.
- user
Assertion List<Property Map>Attributes - Each value of this attribute describes an attribute of User that will be sent in a Security Assertion Markup Language (SAML) assertion.
GetDomainsAppUrnietfparamsscimschemasoracleidcsextensionsamlServiceProviderAppGroupAssertionAttribute
- Condition string
- Indicates the filter types that are supported for the Group assertion attributes.
- Format string
- Indicates the format of the assertion attribute.
- Group
Name string - Indicates the group name that are supported for the group assertion attributes.
- Name string
- The attribute represents the name of the attribute that will be used in the Security Assertion Markup Language (SAML) assertion
- Condition string
- Indicates the filter types that are supported for the Group assertion attributes.
- Format string
- Indicates the format of the assertion attribute.
- Group
Name string - Indicates the group name that are supported for the group assertion attributes.
- Name string
- The attribute represents the name of the attribute that will be used in the Security Assertion Markup Language (SAML) assertion
- condition String
- Indicates the filter types that are supported for the Group assertion attributes.
- format String
- Indicates the format of the assertion attribute.
- group
Name String - Indicates the group name that are supported for the group assertion attributes.
- name String
- The attribute represents the name of the attribute that will be used in the Security Assertion Markup Language (SAML) assertion
- condition string
- Indicates the filter types that are supported for the Group assertion attributes.
- format string
- Indicates the format of the assertion attribute.
- group
Name string - Indicates the group name that are supported for the group assertion attributes.
- name string
- The attribute represents the name of the attribute that will be used in the Security Assertion Markup Language (SAML) assertion
- condition str
- Indicates the filter types that are supported for the Group assertion attributes.
- format str
- Indicates the format of the assertion attribute.
- group_
name str - Indicates the group name that are supported for the group assertion attributes.
- name str
- The attribute represents the name of the attribute that will be used in the Security Assertion Markup Language (SAML) assertion
- condition String
- Indicates the filter types that are supported for the Group assertion attributes.
- format String
- Indicates the format of the assertion attribute.
- group
Name String - Indicates the group name that are supported for the group assertion attributes.
- name String
- The attribute represents the name of the attribute that will be used in the Security Assertion Markup Language (SAML) assertion
GetDomainsAppUrnietfparamsscimschemasoracleidcsextensionsamlServiceProviderAppOutboundAssertionAttribute
GetDomainsAppUrnietfparamsscimschemasoracleidcsextensionsamlServiceProviderAppUserAssertionAttribute
- Format string
- Indicates the format of the assertion attribute.
- Name string
- The attribute represents the name of the attribute that will be used in the Security Assertion Markup Language (SAML) assertion
- User
Store stringAttribute Name - This attribute specifies which user attribute should be used to create the value of the SAML assertion attribute. The userstore attribute can be constructed by using attributes from the Oracle Identity Cloud Service Core Users schema. Note: Attributes from extensions to the Core User schema are not supported in v1.0.
- Format string
- Indicates the format of the assertion attribute.
- Name string
- The attribute represents the name of the attribute that will be used in the Security Assertion Markup Language (SAML) assertion
- User
Store stringAttribute Name - This attribute specifies which user attribute should be used to create the value of the SAML assertion attribute. The userstore attribute can be constructed by using attributes from the Oracle Identity Cloud Service Core Users schema. Note: Attributes from extensions to the Core User schema are not supported in v1.0.
- format String
- Indicates the format of the assertion attribute.
- name String
- The attribute represents the name of the attribute that will be used in the Security Assertion Markup Language (SAML) assertion
- user
Store StringAttribute Name - This attribute specifies which user attribute should be used to create the value of the SAML assertion attribute. The userstore attribute can be constructed by using attributes from the Oracle Identity Cloud Service Core Users schema. Note: Attributes from extensions to the Core User schema are not supported in v1.0.
- format string
- Indicates the format of the assertion attribute.
- name string
- The attribute represents the name of the attribute that will be used in the Security Assertion Markup Language (SAML) assertion
- user
Store stringAttribute Name - This attribute specifies which user attribute should be used to create the value of the SAML assertion attribute. The userstore attribute can be constructed by using attributes from the Oracle Identity Cloud Service Core Users schema. Note: Attributes from extensions to the Core User schema are not supported in v1.0.
- format str
- Indicates the format of the assertion attribute.
- name str
- The attribute represents the name of the attribute that will be used in the Security Assertion Markup Language (SAML) assertion
- user_
store_ strattribute_ name - This attribute specifies which user attribute should be used to create the value of the SAML assertion attribute. The userstore attribute can be constructed by using attributes from the Oracle Identity Cloud Service Core Users schema. Note: Attributes from extensions to the Core User schema are not supported in v1.0.
- format String
- Indicates the format of the assertion attribute.
- name String
- The attribute represents the name of the attribute that will be used in the Security Assertion Markup Language (SAML) assertion
- user
Store StringAttribute Name - This attribute specifies which user attribute should be used to create the value of the SAML assertion attribute. The userstore attribute can be constructed by using attributes from the Oracle Identity Cloud Service Core Users schema. Note: Attributes from extensions to the Core User schema are not supported in v1.0.
GetDomainsAppUrnietfparamsscimschemasoracleidcsextensionwebTierPolicyApp
- Resource
Ref bool - If this Attribute is true, resource ref id and resource ref name attributes will we included in wtp json response.
- Web
Tier stringPolicy Az Control - Webtier policy AZ Control
- Web
Tier stringPolicy Json - Store the web tier policy for an application as a string in Javascript Object Notification (JSON) format.
- Resource
Ref bool - If this Attribute is true, resource ref id and resource ref name attributes will we included in wtp json response.
- Web
Tier stringPolicy Az Control - Webtier policy AZ Control
- Web
Tier stringPolicy Json - Store the web tier policy for an application as a string in Javascript Object Notification (JSON) format.
- resource
Ref Boolean - If this Attribute is true, resource ref id and resource ref name attributes will we included in wtp json response.
- web
Tier StringPolicy Az Control - Webtier policy AZ Control
- web
Tier StringPolicy Json - Store the web tier policy for an application as a string in Javascript Object Notification (JSON) format.
- resource
Ref boolean - If this Attribute is true, resource ref id and resource ref name attributes will we included in wtp json response.
- web
Tier stringPolicy Az Control - Webtier policy AZ Control
- web
Tier stringPolicy Json - Store the web tier policy for an application as a string in Javascript Object Notification (JSON) format.
- resource_
ref bool - If this Attribute is true, resource ref id and resource ref name attributes will we included in wtp json response.
- web_
tier_ strpolicy_ az_ control - Webtier policy AZ Control
- web_
tier_ strpolicy_ json - Store the web tier policy for an application as a string in Javascript Object Notification (JSON) format.
- resource
Ref Boolean - If this Attribute is true, resource ref id and resource ref name attributes will we included in wtp json response.
- web
Tier StringPolicy Az Control - Webtier policy AZ Control
- web
Tier StringPolicy Json - Store the web tier policy for an application as a string in Javascript Object Notification (JSON) format.
GetDomainsAppUserRole
- Description string
- The description of the AppRole.
- Display string
- Display-name of the AppRole.
- Ref string
- URI of the AppRole.
- Value string
- ID of the AppRole.
- Description string
- The description of the AppRole.
- Display string
- Display-name of the AppRole.
- Ref string
- URI of the AppRole.
- Value string
- ID of the AppRole.
- description String
- The description of the AppRole.
- display String
- Display-name of the AppRole.
- ref String
- URI of the AppRole.
- value String
- ID of the AppRole.
- description string
- The description of the AppRole.
- display string
- Display-name of the AppRole.
- ref string
- URI of the AppRole.
- value string
- ID of the AppRole.
- description str
- The description of the AppRole.
- display str
- Display-name of the AppRole.
- ref str
- URI of the AppRole.
- value str
- ID of the AppRole.
- description String
- The description of the AppRole.
- display String
- Display-name of the AppRole.
- ref String
- URI of the AppRole.
- value String
- ID of the AppRole.
Package Details
- Repository
- oci pulumi/pulumi-oci
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
oci
Terraform Provider.