oci.Identity.DomainsIdentityProvider
This resource provides the Identity Provider resource in Oracle Cloud Infrastructure Identity Domains service.
Create an Identity Provider
Example Usage
Coming soon!
Coming soon!
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.oci.Identity.DomainsIdentityProvider;
import com.pulumi.oci.Identity.DomainsIdentityProviderArgs;
import com.pulumi.oci.Identity.inputs.DomainsIdentityProviderCorrelationPolicyArgs;
import com.pulumi.oci.Identity.inputs.DomainsIdentityProviderJitUserProvAssignedGroupArgs;
import com.pulumi.oci.Identity.inputs.DomainsIdentityProviderJitUserProvAttributesArgs;
import com.pulumi.oci.Identity.inputs.DomainsIdentityProviderJitUserProvGroupMappingArgs;
import com.pulumi.oci.Identity.inputs.DomainsIdentityProviderTagArgs;
import com.pulumi.oci.Identity.inputs.DomainsIdentityProviderUrnietfparamsscimschemasoracleidcsextensionsocialIdentityProviderArgs;
import com.pulumi.oci.Identity.inputs.DomainsIdentityProviderUrnietfparamsscimschemasoracleidcsextensionx509identityProviderArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var testIdentityProvider = new DomainsIdentityProvider("testIdentityProvider", DomainsIdentityProviderArgs.builder()
.enabled(false)
.idcsEndpoint(data.oci_identity_domain().test_domain().url())
.partnerName(var_.identity_provider_partner_name())
.schemas("urn:ietf:params:scim:schemas:oracle:idcs:IdentityProvider")
.assertionAttribute(var_.identity_provider_assertion_attribute())
.attributeSets()
.attributes("")
.authnRequestBinding(var_.identity_provider_authn_request_binding())
.authorization(var_.identity_provider_authorization())
.correlationPolicy(DomainsIdentityProviderCorrelationPolicyArgs.builder()
.type(var_.identity_provider_correlation_policy_type())
.value(var_.identity_provider_correlation_policy_value())
.display(var_.identity_provider_correlation_policy_display())
.build())
.description(var_.identity_provider_description())
.encryptionCertificate(var_.identity_provider_encryption_certificate())
.externalId("externalId")
.iconUrl(var_.identity_provider_icon_url())
.id(var_.identity_provider_id())
.idpSsoUrl(var_.identity_provider_idp_sso_url())
.includeSigningCertInSignature(var_.identity_provider_include_signing_cert_in_signature())
.jitUserProvAssignedGroups(DomainsIdentityProviderJitUserProvAssignedGroupArgs.builder()
.value(var_.identity_provider_jit_user_prov_assigned_groups_value())
.build())
.jitUserProvAttributeUpdateEnabled(var_.identity_provider_jit_user_prov_attribute_update_enabled())
.jitUserProvAttributes(DomainsIdentityProviderJitUserProvAttributesArgs.builder()
.value(var_.identity_provider_jit_user_prov_attributes_value())
.build())
.jitUserProvCreateUserEnabled(var_.identity_provider_jit_user_prov_create_user_enabled())
.jitUserProvEnabled(var_.identity_provider_jit_user_prov_enabled())
.jitUserProvGroupAssertionAttributeEnabled(var_.identity_provider_jit_user_prov_group_assertion_attribute_enabled())
.jitUserProvGroupAssignmentMethod(var_.identity_provider_jit_user_prov_group_assignment_method())
.jitUserProvGroupMappingMode(var_.identity_provider_jit_user_prov_group_mapping_mode())
.jitUserProvGroupMappings(DomainsIdentityProviderJitUserProvGroupMappingArgs.builder()
.idpGroup(var_.identity_provider_jit_user_prov_group_mappings_idp_group())
.value(var_.identity_provider_jit_user_prov_group_mappings_value())
.build())
.jitUserProvGroupSamlAttributeName(var_.identity_provider_jit_user_prov_group_saml_attribute_name())
.jitUserProvGroupStaticListEnabled(var_.identity_provider_jit_user_prov_group_static_list_enabled())
.jitUserProvIgnoreErrorOnAbsentGroups(var_.identity_provider_jit_user_prov_ignore_error_on_absent_groups())
.logoutBinding(var_.identity_provider_logout_binding())
.logoutEnabled(var_.identity_provider_logout_enabled())
.logoutRequestUrl(var_.identity_provider_logout_request_url())
.logoutResponseUrl(var_.identity_provider_logout_response_url())
.metadata(var_.identity_provider_metadata())
.nameIdFormat(var_.identity_provider_name_id_format())
.ocid(var_.identity_provider_ocid())
.partnerProviderId(var_.identity_provider_partner_provider_id())
.requestedAuthenticationContexts(var_.identity_provider_requested_authentication_context())
.requireForceAuthn(var_.identity_provider_require_force_authn())
.requiresEncryptedAssertion(var_.identity_provider_requires_encrypted_assertion())
.resourceTypeSchemaVersion(var_.identity_provider_resource_type_schema_version())
.samlHoKrequired(var_.identity_provider_saml_ho_krequired())
.serviceInstanceIdentifier(var_.identity_provider_service_instance_identifier())
.shownOnLoginPage(var_.identity_provider_shown_on_login_page())
.signatureHashAlgorithm(var_.identity_provider_signature_hash_algorithm())
.signingCertificate(var_.identity_provider_signing_certificate())
.succinctId("succinctId")
.tags(DomainsIdentityProviderTagArgs.builder()
.key(var_.identity_provider_tags_key())
.value(var_.identity_provider_tags_value())
.build())
.type(var_.identity_provider_type())
.urnietfparamsscimschemasoracleidcsextensionsocialIdentityProvider(DomainsIdentityProviderUrnietfparamsscimschemasoracleidcsextensionsocialIdentityProviderArgs.builder()
.accountLinkingEnabled(var_.identity_provider_urnietfparamsscimschemasoracleidcsextensionsocial_identity_provider_account_linking_enabled())
.consumerKey(var_.identity_provider_urnietfparamsscimschemasoracleidcsextensionsocial_identity_provider_consumer_key())
.consumerSecret(var_.identity_provider_urnietfparamsscimschemasoracleidcsextensionsocial_identity_provider_consumer_secret())
.registrationEnabled(var_.identity_provider_urnietfparamsscimschemasoracleidcsextensionsocial_identity_provider_registration_enabled())
.serviceProviderName(var_.identity_provider_urnietfparamsscimschemasoracleidcsextensionsocial_identity_provider_service_provider_name())
.accessTokenUrl(var_.identity_provider_urnietfparamsscimschemasoracleidcsextensionsocial_identity_provider_access_token_url())
.adminScopes(var_.identity_provider_urnietfparamsscimschemasoracleidcsextensionsocial_identity_provider_admin_scope())
.authzUrl(var_.identity_provider_urnietfparamsscimschemasoracleidcsextensionsocial_identity_provider_authz_url())
.clientCredentialInPayload(var_.identity_provider_urnietfparamsscimschemasoracleidcsextensionsocial_identity_provider_client_credential_in_payload())
.clockSkewInSeconds(var_.identity_provider_urnietfparamsscimschemasoracleidcsextensionsocial_identity_provider_clock_skew_in_seconds())
.discoveryUrl(var_.identity_provider_urnietfparamsscimschemasoracleidcsextensionsocial_identity_provider_discovery_url())
.idAttribute(var_.identity_provider_urnietfparamsscimschemasoracleidcsextensionsocial_identity_provider_id_attribute())
.profileUrl(var_.identity_provider_urnietfparamsscimschemasoracleidcsextensionsocial_identity_provider_profile_url())
.redirectUrl(var_.identity_provider_urnietfparamsscimschemasoracleidcsextensionsocial_identity_provider_redirect_url())
.scopes(var_.identity_provider_urnietfparamsscimschemasoracleidcsextensionsocial_identity_provider_scope())
.status(var_.identity_provider_urnietfparamsscimschemasoracleidcsextensionsocial_identity_provider_status())
.build())
.urnietfparamsscimschemasoracleidcsextensionx509identityProvider(DomainsIdentityProviderUrnietfparamsscimschemasoracleidcsextensionx509identityProviderArgs.builder()
.certMatchAttribute(var_.identity_provider_urnietfparamsscimschemasoracleidcsextensionx509identity_provider_cert_match_attribute())
.signingCertificateChains("signingCertificateChain")
.userMatchAttribute(var_.identity_provider_urnietfparamsscimschemasoracleidcsextensionx509identity_provider_user_match_attribute())
.crlCheckOnOcspFailureEnabled(var_.identity_provider_urnietfparamsscimschemasoracleidcsextensionx509identity_provider_crl_check_on_ocsp_failure_enabled())
.crlEnabled(var_.identity_provider_urnietfparamsscimschemasoracleidcsextensionx509identity_provider_crl_enabled())
.crlLocation(var_.identity_provider_urnietfparamsscimschemasoracleidcsextensionx509identity_provider_crl_location())
.crlReloadDuration(var_.identity_provider_urnietfparamsscimschemasoracleidcsextensionx509identity_provider_crl_reload_duration())
.ocspAllowUnknownResponseStatus(var_.identity_provider_urnietfparamsscimschemasoracleidcsextensionx509identity_provider_ocsp_allow_unknown_response_status())
.ocspEnableSignedResponse(var_.identity_provider_urnietfparamsscimschemasoracleidcsextensionx509identity_provider_ocsp_enable_signed_response())
.ocspEnabled(var_.identity_provider_urnietfparamsscimschemasoracleidcsextensionx509identity_provider_ocsp_enabled())
.ocspResponderUrl(var_.identity_provider_urnietfparamsscimschemasoracleidcsextensionx509identity_provider_ocsp_responder_url())
.ocspRevalidateTime(var_.identity_provider_urnietfparamsscimschemasoracleidcsextensionx509identity_provider_ocsp_revalidate_time())
.ocspServerName(var_.identity_provider_urnietfparamsscimschemasoracleidcsextensionx509identity_provider_ocsp_server_name())
.ocspTrustCertChains(var_.identity_provider_urnietfparamsscimschemasoracleidcsextensionx509identity_provider_ocsp_trust_cert_chain())
.otherCertMatchAttribute(var_.identity_provider_urnietfparamsscimschemasoracleidcsextensionx509identity_provider_other_cert_match_attribute())
.build())
.userMappingMethod(var_.identity_provider_user_mapping_method())
.userMappingStoreAttribute(var_.identity_provider_user_mapping_store_attribute())
.build());
}
}
Coming soon!
Coming soon!
resources:
testIdentityProvider:
type: oci:Identity:DomainsIdentityProvider
properties:
#Required
enabled: false
idcsEndpoint: ${data.oci_identity_domain.test_domain.url}
partnerName: ${var.identity_provider_partner_name}
schemas:
- urn:ietf:params:scim:schemas:oracle:idcs:IdentityProvider
#Optional
assertionAttribute: ${var.identity_provider_assertion_attribute}
attributeSets: []
attributes:
authnRequestBinding: ${var.identity_provider_authn_request_binding}
authorization: ${var.identity_provider_authorization}
correlationPolicy:
type: ${var.identity_provider_correlation_policy_type}
value: ${var.identity_provider_correlation_policy_value}
display: ${var.identity_provider_correlation_policy_display}
description: ${var.identity_provider_description}
encryptionCertificate: ${var.identity_provider_encryption_certificate}
externalId: externalId
iconUrl: ${var.identity_provider_icon_url}
id: ${var.identity_provider_id}
idpSsoUrl: ${var.identity_provider_idp_sso_url}
includeSigningCertInSignature: ${var.identity_provider_include_signing_cert_in_signature}
jitUserProvAssignedGroups:
- value: ${var.identity_provider_jit_user_prov_assigned_groups_value}
jitUserProvAttributeUpdateEnabled: ${var.identity_provider_jit_user_prov_attribute_update_enabled}
jitUserProvAttributes:
value: ${var.identity_provider_jit_user_prov_attributes_value}
jitUserProvCreateUserEnabled: ${var.identity_provider_jit_user_prov_create_user_enabled}
jitUserProvEnabled: ${var.identity_provider_jit_user_prov_enabled}
jitUserProvGroupAssertionAttributeEnabled: ${var.identity_provider_jit_user_prov_group_assertion_attribute_enabled}
jitUserProvGroupAssignmentMethod: ${var.identity_provider_jit_user_prov_group_assignment_method}
jitUserProvGroupMappingMode: ${var.identity_provider_jit_user_prov_group_mapping_mode}
jitUserProvGroupMappings:
- idpGroup: ${var.identity_provider_jit_user_prov_group_mappings_idp_group}
value: ${var.identity_provider_jit_user_prov_group_mappings_value}
jitUserProvGroupSamlAttributeName: ${var.identity_provider_jit_user_prov_group_saml_attribute_name}
jitUserProvGroupStaticListEnabled: ${var.identity_provider_jit_user_prov_group_static_list_enabled}
jitUserProvIgnoreErrorOnAbsentGroups: ${var.identity_provider_jit_user_prov_ignore_error_on_absent_groups}
logoutBinding: ${var.identity_provider_logout_binding}
logoutEnabled: ${var.identity_provider_logout_enabled}
logoutRequestUrl: ${var.identity_provider_logout_request_url}
logoutResponseUrl: ${var.identity_provider_logout_response_url}
metadata: ${var.identity_provider_metadata}
nameIdFormat: ${var.identity_provider_name_id_format}
ocid: ${var.identity_provider_ocid}
partnerProviderId: ${var.identity_provider_partner_provider_id}
requestedAuthenticationContexts: ${var.identity_provider_requested_authentication_context}
requireForceAuthn: ${var.identity_provider_require_force_authn}
requiresEncryptedAssertion: ${var.identity_provider_requires_encrypted_assertion}
resourceTypeSchemaVersion: ${var.identity_provider_resource_type_schema_version}
samlHoKrequired: ${var.identity_provider_saml_ho_krequired}
serviceInstanceIdentifier: ${var.identity_provider_service_instance_identifier}
shownOnLoginPage: ${var.identity_provider_shown_on_login_page}
signatureHashAlgorithm: ${var.identity_provider_signature_hash_algorithm}
signingCertificate: ${var.identity_provider_signing_certificate}
succinctId: succinctId
tags:
- key: ${var.identity_provider_tags_key}
value: ${var.identity_provider_tags_value}
type: ${var.identity_provider_type}
urnietfparamsscimschemasoracleidcsextensionsocialIdentityProvider:
accountLinkingEnabled: ${var.identity_provider_urnietfparamsscimschemasoracleidcsextensionsocial_identity_provider_account_linking_enabled}
consumerKey: ${var.identity_provider_urnietfparamsscimschemasoracleidcsextensionsocial_identity_provider_consumer_key}
consumerSecret: ${var.identity_provider_urnietfparamsscimschemasoracleidcsextensionsocial_identity_provider_consumer_secret}
registrationEnabled: ${var.identity_provider_urnietfparamsscimschemasoracleidcsextensionsocial_identity_provider_registration_enabled}
serviceProviderName: ${var.identity_provider_urnietfparamsscimschemasoracleidcsextensionsocial_identity_provider_service_provider_name}
accessTokenUrl: ${var.identity_provider_urnietfparamsscimschemasoracleidcsextensionsocial_identity_provider_access_token_url}
adminScopes: ${var.identity_provider_urnietfparamsscimschemasoracleidcsextensionsocial_identity_provider_admin_scope}
authzUrl: ${var.identity_provider_urnietfparamsscimschemasoracleidcsextensionsocial_identity_provider_authz_url}
clientCredentialInPayload: ${var.identity_provider_urnietfparamsscimschemasoracleidcsextensionsocial_identity_provider_client_credential_in_payload}
clockSkewInSeconds: ${var.identity_provider_urnietfparamsscimschemasoracleidcsextensionsocial_identity_provider_clock_skew_in_seconds}
discoveryUrl: ${var.identity_provider_urnietfparamsscimschemasoracleidcsextensionsocial_identity_provider_discovery_url}
idAttribute: ${var.identity_provider_urnietfparamsscimschemasoracleidcsextensionsocial_identity_provider_id_attribute}
profileUrl: ${var.identity_provider_urnietfparamsscimschemasoracleidcsextensionsocial_identity_provider_profile_url}
redirectUrl: ${var.identity_provider_urnietfparamsscimschemasoracleidcsextensionsocial_identity_provider_redirect_url}
scopes: ${var.identity_provider_urnietfparamsscimschemasoracleidcsextensionsocial_identity_provider_scope}
status: ${var.identity_provider_urnietfparamsscimschemasoracleidcsextensionsocial_identity_provider_status}
urnietfparamsscimschemasoracleidcsextensionx509identityProvider:
certMatchAttribute: ${var.identity_provider_urnietfparamsscimschemasoracleidcsextensionx509identity_provider_cert_match_attribute}
signingCertificateChains:
- signingCertificateChain
userMatchAttribute: ${var.identity_provider_urnietfparamsscimschemasoracleidcsextensionx509identity_provider_user_match_attribute}
crlCheckOnOcspFailureEnabled: ${var.identity_provider_urnietfparamsscimschemasoracleidcsextensionx509identity_provider_crl_check_on_ocsp_failure_enabled}
crlEnabled: ${var.identity_provider_urnietfparamsscimschemasoracleidcsextensionx509identity_provider_crl_enabled}
crlLocation: ${var.identity_provider_urnietfparamsscimschemasoracleidcsextensionx509identity_provider_crl_location}
crlReloadDuration: ${var.identity_provider_urnietfparamsscimschemasoracleidcsextensionx509identity_provider_crl_reload_duration}
ocspAllowUnknownResponseStatus: ${var.identity_provider_urnietfparamsscimschemasoracleidcsextensionx509identity_provider_ocsp_allow_unknown_response_status}
ocspEnableSignedResponse: ${var.identity_provider_urnietfparamsscimschemasoracleidcsextensionx509identity_provider_ocsp_enable_signed_response}
ocspEnabled: ${var.identity_provider_urnietfparamsscimschemasoracleidcsextensionx509identity_provider_ocsp_enabled}
ocspResponderUrl: ${var.identity_provider_urnietfparamsscimschemasoracleidcsextensionx509identity_provider_ocsp_responder_url}
ocspRevalidateTime: ${var.identity_provider_urnietfparamsscimschemasoracleidcsextensionx509identity_provider_ocsp_revalidate_time}
ocspServerName: ${var.identity_provider_urnietfparamsscimschemasoracleidcsextensionx509identity_provider_ocsp_server_name}
ocspTrustCertChains: ${var.identity_provider_urnietfparamsscimschemasoracleidcsextensionx509identity_provider_ocsp_trust_cert_chain}
otherCertMatchAttribute: ${var.identity_provider_urnietfparamsscimschemasoracleidcsextensionx509identity_provider_other_cert_match_attribute}
userMappingMethod: ${var.identity_provider_user_mapping_method}
userMappingStoreAttribute: ${var.identity_provider_user_mapping_store_attribute}
Create DomainsIdentityProvider Resource
new DomainsIdentityProvider(name: string, args: DomainsIdentityProviderArgs, opts?: CustomResourceOptions);
@overload
def DomainsIdentityProvider(resource_name: str,
opts: Optional[ResourceOptions] = None,
assertion_attribute: Optional[str] = None,
attribute_sets: Optional[Sequence[str]] = None,
attributes: Optional[str] = None,
authn_request_binding: Optional[str] = None,
authorization: Optional[str] = None,
correlation_policy: Optional[_identity.DomainsIdentityProviderCorrelationPolicyArgs] = None,
description: Optional[str] = None,
enabled: Optional[bool] = None,
encryption_certificate: Optional[str] = None,
external_id: Optional[str] = None,
icon_url: Optional[str] = None,
idcs_endpoint: Optional[str] = None,
idp_sso_url: Optional[str] = None,
include_signing_cert_in_signature: Optional[bool] = None,
jit_user_prov_assigned_groups: Optional[Sequence[_identity.DomainsIdentityProviderJitUserProvAssignedGroupArgs]] = None,
jit_user_prov_attribute_update_enabled: Optional[bool] = None,
jit_user_prov_attributes: Optional[_identity.DomainsIdentityProviderJitUserProvAttributesArgs] = None,
jit_user_prov_create_user_enabled: Optional[bool] = None,
jit_user_prov_enabled: Optional[bool] = None,
jit_user_prov_group_assertion_attribute_enabled: Optional[bool] = None,
jit_user_prov_group_assignment_method: Optional[str] = None,
jit_user_prov_group_mapping_mode: Optional[str] = None,
jit_user_prov_group_mappings: Optional[Sequence[_identity.DomainsIdentityProviderJitUserProvGroupMappingArgs]] = None,
jit_user_prov_group_saml_attribute_name: Optional[str] = None,
jit_user_prov_group_static_list_enabled: Optional[bool] = None,
jit_user_prov_ignore_error_on_absent_groups: Optional[bool] = None,
logout_binding: Optional[str] = None,
logout_enabled: Optional[bool] = None,
logout_request_url: Optional[str] = None,
logout_response_url: Optional[str] = None,
metadata: Optional[str] = None,
name_id_format: Optional[str] = None,
ocid: Optional[str] = None,
partner_name: Optional[str] = None,
partner_provider_id: Optional[str] = None,
requested_authentication_contexts: Optional[Sequence[str]] = None,
require_force_authn: Optional[bool] = None,
requires_encrypted_assertion: Optional[bool] = None,
resource_type_schema_version: Optional[str] = None,
saml_ho_krequired: Optional[bool] = None,
schemas: Optional[Sequence[str]] = None,
service_instance_identifier: Optional[str] = None,
shown_on_login_page: Optional[bool] = None,
signature_hash_algorithm: Optional[str] = None,
signing_certificate: Optional[str] = None,
succinct_id: Optional[str] = None,
tags: Optional[Sequence[_identity.DomainsIdentityProviderTagArgs]] = None,
type: Optional[str] = None,
urnietfparamsscimschemasoracleidcsextensionsocial_identity_provider: Optional[_identity.DomainsIdentityProviderUrnietfparamsscimschemasoracleidcsextensionsocialIdentityProviderArgs] = None,
urnietfparamsscimschemasoracleidcsextensionx509identity_provider: Optional[_identity.DomainsIdentityProviderUrnietfparamsscimschemasoracleidcsextensionx509identityProviderArgs] = None,
user_mapping_method: Optional[str] = None,
user_mapping_store_attribute: Optional[str] = None)
@overload
def DomainsIdentityProvider(resource_name: str,
args: DomainsIdentityProviderArgs,
opts: Optional[ResourceOptions] = None)
func NewDomainsIdentityProvider(ctx *Context, name string, args DomainsIdentityProviderArgs, opts ...ResourceOption) (*DomainsIdentityProvider, error)
public DomainsIdentityProvider(string name, DomainsIdentityProviderArgs args, CustomResourceOptions? opts = null)
public DomainsIdentityProvider(String name, DomainsIdentityProviderArgs args)
public DomainsIdentityProvider(String name, DomainsIdentityProviderArgs args, CustomResourceOptions options)
type: oci:Identity:DomainsIdentityProvider
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args DomainsIdentityProviderArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args DomainsIdentityProviderArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args DomainsIdentityProviderArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args DomainsIdentityProviderArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args DomainsIdentityProviderArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
DomainsIdentityProvider Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
The DomainsIdentityProvider resource accepts the following input properties:
- Enabled bool
(Updatable) Set to true to indicate Partner enabled.
- Idcs
Endpoint string The basic endpoint for the identity domain
- Partner
Name string (Updatable) Unique name of the trusted Identity Provider.
- Schemas List<string>
(Updatable) REQUIRED. The schemas attribute is an array of Strings which allows introspection of the supported schema version for a SCIM representation as well any schema extensions supported by that representation. Each String value must be a unique URI. This specification defines URIs for User, Group, and a standard "enterprise" extension. All representations of SCIM schema MUST include a non-zero value array with value(s) of the URIs supported by that representation. Duplicate values MUST NOT be included. Value order is not specified and MUST not impact behavior.
- Assertion
Attribute string (Updatable) Assertion attribute name.
- Attribute
Sets List<string> (Updatable) A multi-valued list of strings indicating the return type of attribute definition. The specified set of attributes can be fetched by the return type of the attribute. One or more values can be given together to fetch more than one group of attributes. If 'attributes' query parameter is also available, union of the two is fetched. Valid values - all, always, never, request, default. Values are case-insensitive.
- Attributes string
(Updatable) A comma-delimited string that specifies the names of resource attributes that should be returned in the response. By default, a response that contains resource attributes contains only attributes that are defined in the schema for that resource type as returned=always or returned=default. An attribute that is defined as returned=request is returned in a response only if the request specifies its name in the value of this query parameter. If a request specifies this query parameter, the response contains the attributes that this query parameter specifies, as well as any attribute that is defined as returned=always.
- Authn
Request stringBinding (Updatable) HTTP binding to use for authentication requests.
- string
(Updatable) The Authorization field value consists of credentials containing the authentication information of the user agent for the realm of the resource being requested.
- Correlation
Policy DomainsIdentity Provider Correlation Policy Args (Updatable) Correlation policy
- Description string
(Updatable) Description
- Encryption
Certificate string (Updatable) Encryption certificate
- External
Id string (Updatable) An identifier for the Resource as defined by the Service Consumer. The externalId may simplify identification of the Resource between Service Consumer and Service Provider by allowing the Consumer to refer to the Resource with its own identifier, obviating the need to store a local mapping between the local identifier of the Resource and the identifier used by the Service Provider. Each Resource MAY include a non-empty externalId value. The value of the externalId attribute is always issued by the Service Consumer and can never be specified by the Service Provider. The Service Provider MUST always interpret the externalId as scoped to the Service Consumer's tenant.
- Icon
Url string (Updatable) Identity Provider Icon URL.
- Idp
Sso stringUrl (Updatable) Identity Provider SSO URL
- Include
Signing boolCert In Signature (Updatable) Set to true to include the signing certificate in the signature.
- Jit
User List<DomainsProv Assigned Groups Identity Provider Jit User Prov Assigned Group Args> (Updatable) Refers to every group of which a JIT-provisioned User should be a member. Just-in-Time user-provisioning applies this static list when jitUserProvGroupStaticListEnabled:true.
- Jit
User boolProv Attribute Update Enabled (Updatable) Set to true to indicate JIT User Creation is enabled
- Jit
User DomainsProv Attributes Identity Provider Jit User Prov Attributes Args (Updatable) Assertion To User Mapping
- Jit
User boolProv Create User Enabled (Updatable) Set to true to indicate JIT User Creation is enabled
- Jit
User boolProv Enabled (Updatable) Set to true to indicate JIT User Provisioning is enabled
- Jit
User boolProv Group Assertion Attribute Enabled (Updatable) Set to true to indicate JIT User Provisioning Groups should be assigned based on assertion attribute
- Jit
User stringProv Group Assignment Method (Updatable) The default value is 'Overwrite', which tells Just-In-Time user-provisioning to replace any current group-assignments for a User with those assigned by assertions and/or those assigned statically. Specify 'Merge' if you want Just-In-Time user-provisioning to combine its group-assignments with those the user already has.
- Jit
User stringProv Group Mapping Mode (Updatable) Property to indicate the mode of group mapping
- Jit
User List<DomainsProv Group Mappings Identity Provider Jit User Prov Group Mapping Args> (Updatable) The list of mappings between the Identity Domain Group and the IDP group.
- Jit
User stringProv Group Saml Attribute Name (Updatable) Name of the assertion attribute containing the users groups
- Jit
User boolProv Group Static List Enabled (Updatable) Set to true to indicate JIT User Provisioning Groups should be assigned from a static list
- Jit
User boolProv Ignore Error On Absent Groups (Updatable) Set to true to indicate ignoring absence of group while provisioning
- Logout
Binding string (Updatable) HTTP binding to use for logout.
- Logout
Enabled bool (Updatable) Set to true to enable logout.
- Logout
Request stringUrl (Updatable) Logout request URL
- Logout
Response stringUrl (Updatable) Logout response URL
- Metadata string
(Updatable) Metadata
- Name
Id stringFormat (Updatable) Default authentication request name ID format.
- Ocid string
(Updatable) Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.
- Partner
Provider stringId (Updatable) Provider ID
- Requested
Authentication List<string>Contexts (Updatable) SAML SP authentication type.
- Require
Force boolAuthn (Updatable) This SP requires requests SAML IdP to enforce re-authentication.
- Requires
Encrypted boolAssertion (Updatable) SAML SP must accept encrypted assertion only.
- Resource
Type stringSchema Version (Updatable) An endpoint-specific schema version number to use in the Request. Allowed version values are Earliest Version or Latest Version as specified in each REST API endpoint description, or any sequential number inbetween. All schema attributes/body parameters are a part of version 1. After version 1, any attributes added or deprecated will be tagged with the version that they were added to or deprecated in. If no version is provided, the latest schema version is returned.
- Saml
Ho boolKrequired (Updatable) SAML SP HoK Enabled.
- Service
Instance stringIdentifier (Updatable) The serviceInstanceIdentifier of the App that hosts this IdP. This value will match the opcServiceInstanceGUID of any service-instance that the IdP represents.
- Shown
On boolLogin Page (Updatable) Set to true to indicate whether to show IdP in login page or not.
- Signature
Hash stringAlgorithm (Updatable) Signature hash algorithm.
- Signing
Certificate string (Updatable) Signing certificate
- Succinct
Id string (Updatable) Succinct ID
- List<Domains
Identity Provider Tag Args> (Updatable) A list of tags on this resource.
- Type string
(Updatable) Identity Provider Type
- Domains
Identity Provider Urnietfparamsscimschemasoracleidcsextensionsocial Identity Provider Args (Updatable) Social Identity Provider Extension Schema
- Urnietfparamsscimschemasoracleidcsextensionx509identity
Provider DomainsIdentity Provider Urnietfparamsscimschemasoracleidcsextensionx509identity Provider Args (Updatable) X509 Identity Provider Extension Schema
- User
Mapping stringMethod (Updatable) User mapping method.
- User
Mapping stringStore Attribute (Updatable) This property specifies the userstore attribute value that must match the incoming assertion attribute value or the incoming nameid attribute value in order to identify the user during SSO.You can construct the userMappingStoreAttribute value by specifying attributes from the Oracle Identity Cloud Service Core Users schema. For examples of how to construct the userMappingStoreAttribute value, see the Example of a Request Body section of the Examples tab for the POST and PUT methods of the /IdentityProviders endpoint.
- Enabled bool
(Updatable) Set to true to indicate Partner enabled.
- Idcs
Endpoint string The basic endpoint for the identity domain
- Partner
Name string (Updatable) Unique name of the trusted Identity Provider.
- Schemas []string
(Updatable) REQUIRED. The schemas attribute is an array of Strings which allows introspection of the supported schema version for a SCIM representation as well any schema extensions supported by that representation. Each String value must be a unique URI. This specification defines URIs for User, Group, and a standard "enterprise" extension. All representations of SCIM schema MUST include a non-zero value array with value(s) of the URIs supported by that representation. Duplicate values MUST NOT be included. Value order is not specified and MUST not impact behavior.
- Assertion
Attribute string (Updatable) Assertion attribute name.
- Attribute
Sets []string (Updatable) A multi-valued list of strings indicating the return type of attribute definition. The specified set of attributes can be fetched by the return type of the attribute. One or more values can be given together to fetch more than one group of attributes. If 'attributes' query parameter is also available, union of the two is fetched. Valid values - all, always, never, request, default. Values are case-insensitive.
- Attributes string
(Updatable) A comma-delimited string that specifies the names of resource attributes that should be returned in the response. By default, a response that contains resource attributes contains only attributes that are defined in the schema for that resource type as returned=always or returned=default. An attribute that is defined as returned=request is returned in a response only if the request specifies its name in the value of this query parameter. If a request specifies this query parameter, the response contains the attributes that this query parameter specifies, as well as any attribute that is defined as returned=always.
- Authn
Request stringBinding (Updatable) HTTP binding to use for authentication requests.
- string
(Updatable) The Authorization field value consists of credentials containing the authentication information of the user agent for the realm of the resource being requested.
- Correlation
Policy DomainsIdentity Provider Correlation Policy Args (Updatable) Correlation policy
- Description string
(Updatable) Description
- Encryption
Certificate string (Updatable) Encryption certificate
- External
Id string (Updatable) An identifier for the Resource as defined by the Service Consumer. The externalId may simplify identification of the Resource between Service Consumer and Service Provider by allowing the Consumer to refer to the Resource with its own identifier, obviating the need to store a local mapping between the local identifier of the Resource and the identifier used by the Service Provider. Each Resource MAY include a non-empty externalId value. The value of the externalId attribute is always issued by the Service Consumer and can never be specified by the Service Provider. The Service Provider MUST always interpret the externalId as scoped to the Service Consumer's tenant.
- Icon
Url string (Updatable) Identity Provider Icon URL.
- Idp
Sso stringUrl (Updatable) Identity Provider SSO URL
- Include
Signing boolCert In Signature (Updatable) Set to true to include the signing certificate in the signature.
- Jit
User []DomainsProv Assigned Groups Identity Provider Jit User Prov Assigned Group Args (Updatable) Refers to every group of which a JIT-provisioned User should be a member. Just-in-Time user-provisioning applies this static list when jitUserProvGroupStaticListEnabled:true.
- Jit
User boolProv Attribute Update Enabled (Updatable) Set to true to indicate JIT User Creation is enabled
- Jit
User DomainsProv Attributes Identity Provider Jit User Prov Attributes Args (Updatable) Assertion To User Mapping
- Jit
User boolProv Create User Enabled (Updatable) Set to true to indicate JIT User Creation is enabled
- Jit
User boolProv Enabled (Updatable) Set to true to indicate JIT User Provisioning is enabled
- Jit
User boolProv Group Assertion Attribute Enabled (Updatable) Set to true to indicate JIT User Provisioning Groups should be assigned based on assertion attribute
- Jit
User stringProv Group Assignment Method (Updatable) The default value is 'Overwrite', which tells Just-In-Time user-provisioning to replace any current group-assignments for a User with those assigned by assertions and/or those assigned statically. Specify 'Merge' if you want Just-In-Time user-provisioning to combine its group-assignments with those the user already has.
- Jit
User stringProv Group Mapping Mode (Updatable) Property to indicate the mode of group mapping
- Jit
User []DomainsProv Group Mappings Identity Provider Jit User Prov Group Mapping Args (Updatable) The list of mappings between the Identity Domain Group and the IDP group.
- Jit
User stringProv Group Saml Attribute Name (Updatable) Name of the assertion attribute containing the users groups
- Jit
User boolProv Group Static List Enabled (Updatable) Set to true to indicate JIT User Provisioning Groups should be assigned from a static list
- Jit
User boolProv Ignore Error On Absent Groups (Updatable) Set to true to indicate ignoring absence of group while provisioning
- Logout
Binding string (Updatable) HTTP binding to use for logout.
- Logout
Enabled bool (Updatable) Set to true to enable logout.
- Logout
Request stringUrl (Updatable) Logout request URL
- Logout
Response stringUrl (Updatable) Logout response URL
- Metadata string
(Updatable) Metadata
- Name
Id stringFormat (Updatable) Default authentication request name ID format.
- Ocid string
(Updatable) Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.
- Partner
Provider stringId (Updatable) Provider ID
- Requested
Authentication []stringContexts (Updatable) SAML SP authentication type.
- Require
Force boolAuthn (Updatable) This SP requires requests SAML IdP to enforce re-authentication.
- Requires
Encrypted boolAssertion (Updatable) SAML SP must accept encrypted assertion only.
- Resource
Type stringSchema Version (Updatable) An endpoint-specific schema version number to use in the Request. Allowed version values are Earliest Version or Latest Version as specified in each REST API endpoint description, or any sequential number inbetween. All schema attributes/body parameters are a part of version 1. After version 1, any attributes added or deprecated will be tagged with the version that they were added to or deprecated in. If no version is provided, the latest schema version is returned.
- Saml
Ho boolKrequired (Updatable) SAML SP HoK Enabled.
- Service
Instance stringIdentifier (Updatable) The serviceInstanceIdentifier of the App that hosts this IdP. This value will match the opcServiceInstanceGUID of any service-instance that the IdP represents.
- Shown
On boolLogin Page (Updatable) Set to true to indicate whether to show IdP in login page or not.
- Signature
Hash stringAlgorithm (Updatable) Signature hash algorithm.
- Signing
Certificate string (Updatable) Signing certificate
- Succinct
Id string (Updatable) Succinct ID
- []Domains
Identity Provider Tag Args (Updatable) A list of tags on this resource.
- Type string
(Updatable) Identity Provider Type
- Domains
Identity Provider Urnietfparamsscimschemasoracleidcsextensionsocial Identity Provider Args (Updatable) Social Identity Provider Extension Schema
- Urnietfparamsscimschemasoracleidcsextensionx509identity
Provider DomainsIdentity Provider Urnietfparamsscimschemasoracleidcsextensionx509identity Provider Args (Updatable) X509 Identity Provider Extension Schema
- User
Mapping stringMethod (Updatable) User mapping method.
- User
Mapping stringStore Attribute (Updatable) This property specifies the userstore attribute value that must match the incoming assertion attribute value or the incoming nameid attribute value in order to identify the user during SSO.You can construct the userMappingStoreAttribute value by specifying attributes from the Oracle Identity Cloud Service Core Users schema. For examples of how to construct the userMappingStoreAttribute value, see the Example of a Request Body section of the Examples tab for the POST and PUT methods of the /IdentityProviders endpoint.
- enabled Boolean
(Updatable) Set to true to indicate Partner enabled.
- idcs
Endpoint String The basic endpoint for the identity domain
- partner
Name String (Updatable) Unique name of the trusted Identity Provider.
- schemas List<String>
(Updatable) REQUIRED. The schemas attribute is an array of Strings which allows introspection of the supported schema version for a SCIM representation as well any schema extensions supported by that representation. Each String value must be a unique URI. This specification defines URIs for User, Group, and a standard "enterprise" extension. All representations of SCIM schema MUST include a non-zero value array with value(s) of the URIs supported by that representation. Duplicate values MUST NOT be included. Value order is not specified and MUST not impact behavior.
- assertion
Attribute String (Updatable) Assertion attribute name.
- attribute
Sets List<String> (Updatable) A multi-valued list of strings indicating the return type of attribute definition. The specified set of attributes can be fetched by the return type of the attribute. One or more values can be given together to fetch more than one group of attributes. If 'attributes' query parameter is also available, union of the two is fetched. Valid values - all, always, never, request, default. Values are case-insensitive.
- attributes String
(Updatable) A comma-delimited string that specifies the names of resource attributes that should be returned in the response. By default, a response that contains resource attributes contains only attributes that are defined in the schema for that resource type as returned=always or returned=default. An attribute that is defined as returned=request is returned in a response only if the request specifies its name in the value of this query parameter. If a request specifies this query parameter, the response contains the attributes that this query parameter specifies, as well as any attribute that is defined as returned=always.
- authn
Request StringBinding (Updatable) HTTP binding to use for authentication requests.
- String
(Updatable) The Authorization field value consists of credentials containing the authentication information of the user agent for the realm of the resource being requested.
- correlation
Policy DomainsProvider Correlation Policy Args (Updatable) Correlation policy
- description String
(Updatable) Description
- encryption
Certificate String (Updatable) Encryption certificate
- external
Id String (Updatable) An identifier for the Resource as defined by the Service Consumer. The externalId may simplify identification of the Resource between Service Consumer and Service Provider by allowing the Consumer to refer to the Resource with its own identifier, obviating the need to store a local mapping between the local identifier of the Resource and the identifier used by the Service Provider. Each Resource MAY include a non-empty externalId value. The value of the externalId attribute is always issued by the Service Consumer and can never be specified by the Service Provider. The Service Provider MUST always interpret the externalId as scoped to the Service Consumer's tenant.
- icon
Url String (Updatable) Identity Provider Icon URL.
- idp
Sso StringUrl (Updatable) Identity Provider SSO URL
- include
Signing BooleanCert In Signature (Updatable) Set to true to include the signing certificate in the signature.
- jit
User List<DomainsProv Assigned Groups Provider Jit User Prov Assigned Group Args> (Updatable) Refers to every group of which a JIT-provisioned User should be a member. Just-in-Time user-provisioning applies this static list when jitUserProvGroupStaticListEnabled:true.
- jit
User BooleanProv Attribute Update Enabled (Updatable) Set to true to indicate JIT User Creation is enabled
- jit
User DomainsProv Attributes Provider Jit User Prov Attributes Args (Updatable) Assertion To User Mapping
- jit
User BooleanProv Create User Enabled (Updatable) Set to true to indicate JIT User Creation is enabled
- jit
User BooleanProv Enabled (Updatable) Set to true to indicate JIT User Provisioning is enabled
- jit
User BooleanProv Group Assertion Attribute Enabled (Updatable) Set to true to indicate JIT User Provisioning Groups should be assigned based on assertion attribute
- jit
User StringProv Group Assignment Method (Updatable) The default value is 'Overwrite', which tells Just-In-Time user-provisioning to replace any current group-assignments for a User with those assigned by assertions and/or those assigned statically. Specify 'Merge' if you want Just-In-Time user-provisioning to combine its group-assignments with those the user already has.
- jit
User StringProv Group Mapping Mode (Updatable) Property to indicate the mode of group mapping
- jit
User List<DomainsProv Group Mappings Provider Jit User Prov Group Mapping Args> (Updatable) The list of mappings between the Identity Domain Group and the IDP group.
- jit
User StringProv Group Saml Attribute Name (Updatable) Name of the assertion attribute containing the users groups
- jit
User BooleanProv Group Static List Enabled (Updatable) Set to true to indicate JIT User Provisioning Groups should be assigned from a static list
- jit
User BooleanProv Ignore Error On Absent Groups (Updatable) Set to true to indicate ignoring absence of group while provisioning
- logout
Binding String (Updatable) HTTP binding to use for logout.
- logout
Enabled Boolean (Updatable) Set to true to enable logout.
- logout
Request StringUrl (Updatable) Logout request URL
- logout
Response StringUrl (Updatable) Logout response URL
- metadata String
(Updatable) Metadata
- name
Id StringFormat (Updatable) Default authentication request name ID format.
- ocid String
(Updatable) Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.
- partner
Provider StringId (Updatable) Provider ID
- requested
Authentication List<String>Contexts (Updatable) SAML SP authentication type.
- require
Force BooleanAuthn (Updatable) This SP requires requests SAML IdP to enforce re-authentication.
- requires
Encrypted BooleanAssertion (Updatable) SAML SP must accept encrypted assertion only.
- resource
Type StringSchema Version (Updatable) An endpoint-specific schema version number to use in the Request. Allowed version values are Earliest Version or Latest Version as specified in each REST API endpoint description, or any sequential number inbetween. All schema attributes/body parameters are a part of version 1. After version 1, any attributes added or deprecated will be tagged with the version that they were added to or deprecated in. If no version is provided, the latest schema version is returned.
- saml
Ho BooleanKrequired (Updatable) SAML SP HoK Enabled.
- service
Instance StringIdentifier (Updatable) The serviceInstanceIdentifier of the App that hosts this IdP. This value will match the opcServiceInstanceGUID of any service-instance that the IdP represents.
- shown
On BooleanLogin Page (Updatable) Set to true to indicate whether to show IdP in login page or not.
- signature
Hash StringAlgorithm (Updatable) Signature hash algorithm.
- signing
Certificate String (Updatable) Signing certificate
- succinct
Id String (Updatable) Succinct ID
- List<Domains
Provider Tag Args> (Updatable) A list of tags on this resource.
- type String
(Updatable) Identity Provider Type
- Domains
Provider Urnietfparamsscimschemasoracleidcsextensionsocial Provider Args (Updatable) Social Identity Provider Extension Schema
- urnietfparamsscimschemasoracleidcsextensionx509identity
Provider DomainsProvider Urnietfparamsscimschemasoracleidcsextensionx509identity Provider Args (Updatable) X509 Identity Provider Extension Schema
- user
Mapping StringMethod (Updatable) User mapping method.
- user
Mapping StringStore Attribute (Updatable) This property specifies the userstore attribute value that must match the incoming assertion attribute value or the incoming nameid attribute value in order to identify the user during SSO.You can construct the userMappingStoreAttribute value by specifying attributes from the Oracle Identity Cloud Service Core Users schema. For examples of how to construct the userMappingStoreAttribute value, see the Example of a Request Body section of the Examples tab for the POST and PUT methods of the /IdentityProviders endpoint.
- enabled boolean
(Updatable) Set to true to indicate Partner enabled.
- idcs
Endpoint string The basic endpoint for the identity domain
- partner
Name string (Updatable) Unique name of the trusted Identity Provider.
- schemas string[]
(Updatable) REQUIRED. The schemas attribute is an array of Strings which allows introspection of the supported schema version for a SCIM representation as well any schema extensions supported by that representation. Each String value must be a unique URI. This specification defines URIs for User, Group, and a standard "enterprise" extension. All representations of SCIM schema MUST include a non-zero value array with value(s) of the URIs supported by that representation. Duplicate values MUST NOT be included. Value order is not specified and MUST not impact behavior.
- assertion
Attribute string (Updatable) Assertion attribute name.
- attribute
Sets string[] (Updatable) A multi-valued list of strings indicating the return type of attribute definition. The specified set of attributes can be fetched by the return type of the attribute. One or more values can be given together to fetch more than one group of attributes. If 'attributes' query parameter is also available, union of the two is fetched. Valid values - all, always, never, request, default. Values are case-insensitive.
- attributes string
(Updatable) A comma-delimited string that specifies the names of resource attributes that should be returned in the response. By default, a response that contains resource attributes contains only attributes that are defined in the schema for that resource type as returned=always or returned=default. An attribute that is defined as returned=request is returned in a response only if the request specifies its name in the value of this query parameter. If a request specifies this query parameter, the response contains the attributes that this query parameter specifies, as well as any attribute that is defined as returned=always.
- authn
Request stringBinding (Updatable) HTTP binding to use for authentication requests.
- string
(Updatable) The Authorization field value consists of credentials containing the authentication information of the user agent for the realm of the resource being requested.
- correlation
Policy DomainsIdentity Provider Correlation Policy Args (Updatable) Correlation policy
- description string
(Updatable) Description
- encryption
Certificate string (Updatable) Encryption certificate
- external
Id string (Updatable) An identifier for the Resource as defined by the Service Consumer. The externalId may simplify identification of the Resource between Service Consumer and Service Provider by allowing the Consumer to refer to the Resource with its own identifier, obviating the need to store a local mapping between the local identifier of the Resource and the identifier used by the Service Provider. Each Resource MAY include a non-empty externalId value. The value of the externalId attribute is always issued by the Service Consumer and can never be specified by the Service Provider. The Service Provider MUST always interpret the externalId as scoped to the Service Consumer's tenant.
- icon
Url string (Updatable) Identity Provider Icon URL.
- idp
Sso stringUrl (Updatable) Identity Provider SSO URL
- include
Signing booleanCert In Signature (Updatable) Set to true to include the signing certificate in the signature.
- jit
User DomainsProv Assigned Groups Identity Provider Jit User Prov Assigned Group Args[] (Updatable) Refers to every group of which a JIT-provisioned User should be a member. Just-in-Time user-provisioning applies this static list when jitUserProvGroupStaticListEnabled:true.
- jit
User booleanProv Attribute Update Enabled (Updatable) Set to true to indicate JIT User Creation is enabled
- jit
User DomainsProv Attributes Identity Provider Jit User Prov Attributes Args (Updatable) Assertion To User Mapping
- jit
User booleanProv Create User Enabled (Updatable) Set to true to indicate JIT User Creation is enabled
- jit
User booleanProv Enabled (Updatable) Set to true to indicate JIT User Provisioning is enabled
- jit
User booleanProv Group Assertion Attribute Enabled (Updatable) Set to true to indicate JIT User Provisioning Groups should be assigned based on assertion attribute
- jit
User stringProv Group Assignment Method (Updatable) The default value is 'Overwrite', which tells Just-In-Time user-provisioning to replace any current group-assignments for a User with those assigned by assertions and/or those assigned statically. Specify 'Merge' if you want Just-In-Time user-provisioning to combine its group-assignments with those the user already has.
- jit
User stringProv Group Mapping Mode (Updatable) Property to indicate the mode of group mapping
- jit
User DomainsProv Group Mappings Identity Provider Jit User Prov Group Mapping Args[] (Updatable) The list of mappings between the Identity Domain Group and the IDP group.
- jit
User stringProv Group Saml Attribute Name (Updatable) Name of the assertion attribute containing the users groups
- jit
User booleanProv Group Static List Enabled (Updatable) Set to true to indicate JIT User Provisioning Groups should be assigned from a static list
- jit
User booleanProv Ignore Error On Absent Groups (Updatable) Set to true to indicate ignoring absence of group while provisioning
- logout
Binding string (Updatable) HTTP binding to use for logout.
- logout
Enabled boolean (Updatable) Set to true to enable logout.
- logout
Request stringUrl (Updatable) Logout request URL
- logout
Response stringUrl (Updatable) Logout response URL
- metadata string
(Updatable) Metadata
- name
Id stringFormat (Updatable) Default authentication request name ID format.
- ocid string
(Updatable) Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.
- partner
Provider stringId (Updatable) Provider ID
- requested
Authentication string[]Contexts (Updatable) SAML SP authentication type.
- require
Force booleanAuthn (Updatable) This SP requires requests SAML IdP to enforce re-authentication.
- requires
Encrypted booleanAssertion (Updatable) SAML SP must accept encrypted assertion only.
- resource
Type stringSchema Version (Updatable) An endpoint-specific schema version number to use in the Request. Allowed version values are Earliest Version or Latest Version as specified in each REST API endpoint description, or any sequential number inbetween. All schema attributes/body parameters are a part of version 1. After version 1, any attributes added or deprecated will be tagged with the version that they were added to or deprecated in. If no version is provided, the latest schema version is returned.
- saml
Ho booleanKrequired (Updatable) SAML SP HoK Enabled.
- service
Instance stringIdentifier (Updatable) The serviceInstanceIdentifier of the App that hosts this IdP. This value will match the opcServiceInstanceGUID of any service-instance that the IdP represents.
- shown
On booleanLogin Page (Updatable) Set to true to indicate whether to show IdP in login page or not.
- signature
Hash stringAlgorithm (Updatable) Signature hash algorithm.
- signing
Certificate string (Updatable) Signing certificate
- succinct
Id string (Updatable) Succinct ID
- Domains
Identity Provider Tag Args[] (Updatable) A list of tags on this resource.
- type string
(Updatable) Identity Provider Type
- Domains
Identity Provider Urnietfparamsscimschemasoracleidcsextensionsocial Identity Provider Args (Updatable) Social Identity Provider Extension Schema
- urnietfparamsscimschemasoracleidcsextensionx509identity
Provider DomainsIdentity Provider Urnietfparamsscimschemasoracleidcsextensionx509identity Provider Args (Updatable) X509 Identity Provider Extension Schema
- user
Mapping stringMethod (Updatable) User mapping method.
- user
Mapping stringStore Attribute (Updatable) This property specifies the userstore attribute value that must match the incoming assertion attribute value or the incoming nameid attribute value in order to identify the user during SSO.You can construct the userMappingStoreAttribute value by specifying attributes from the Oracle Identity Cloud Service Core Users schema. For examples of how to construct the userMappingStoreAttribute value, see the Example of a Request Body section of the Examples tab for the POST and PUT methods of the /IdentityProviders endpoint.
- enabled bool
(Updatable) Set to true to indicate Partner enabled.
- idcs_
endpoint str The basic endpoint for the identity domain
- partner_
name str (Updatable) Unique name of the trusted Identity Provider.
- schemas Sequence[str]
(Updatable) REQUIRED. The schemas attribute is an array of Strings which allows introspection of the supported schema version for a SCIM representation as well any schema extensions supported by that representation. Each String value must be a unique URI. This specification defines URIs for User, Group, and a standard "enterprise" extension. All representations of SCIM schema MUST include a non-zero value array with value(s) of the URIs supported by that representation. Duplicate values MUST NOT be included. Value order is not specified and MUST not impact behavior.
- assertion_
attribute str (Updatable) Assertion attribute name.
- attribute_
sets Sequence[str] (Updatable) A multi-valued list of strings indicating the return type of attribute definition. The specified set of attributes can be fetched by the return type of the attribute. One or more values can be given together to fetch more than one group of attributes. If 'attributes' query parameter is also available, union of the two is fetched. Valid values - all, always, never, request, default. Values are case-insensitive.
- attributes str
(Updatable) A comma-delimited string that specifies the names of resource attributes that should be returned in the response. By default, a response that contains resource attributes contains only attributes that are defined in the schema for that resource type as returned=always or returned=default. An attribute that is defined as returned=request is returned in a response only if the request specifies its name in the value of this query parameter. If a request specifies this query parameter, the response contains the attributes that this query parameter specifies, as well as any attribute that is defined as returned=always.
- authn_
request_ strbinding (Updatable) HTTP binding to use for authentication requests.
- str
(Updatable) The Authorization field value consists of credentials containing the authentication information of the user agent for the realm of the resource being requested.
- correlation_
policy DomainsIdentity Provider Correlation Policy Args (Updatable) Correlation policy
- description str
(Updatable) Description
- encryption_
certificate str (Updatable) Encryption certificate
- external_
id str (Updatable) An identifier for the Resource as defined by the Service Consumer. The externalId may simplify identification of the Resource between Service Consumer and Service Provider by allowing the Consumer to refer to the Resource with its own identifier, obviating the need to store a local mapping between the local identifier of the Resource and the identifier used by the Service Provider. Each Resource MAY include a non-empty externalId value. The value of the externalId attribute is always issued by the Service Consumer and can never be specified by the Service Provider. The Service Provider MUST always interpret the externalId as scoped to the Service Consumer's tenant.
- icon_
url str (Updatable) Identity Provider Icon URL.
- idp_
sso_ strurl (Updatable) Identity Provider SSO URL
- include_
signing_ boolcert_ in_ signature (Updatable) Set to true to include the signing certificate in the signature.
- jit_
user_ Domainsprov_ assigned_ groups Identity Provider Jit User Prov Assigned Group Args] (Updatable) Refers to every group of which a JIT-provisioned User should be a member. Just-in-Time user-provisioning applies this static list when jitUserProvGroupStaticListEnabled:true.
- jit_
user_ boolprov_ attribute_ update_ enabled (Updatable) Set to true to indicate JIT User Creation is enabled
- jit_
user_ Domainsprov_ attributes Identity Provider Jit User Prov Attributes Args (Updatable) Assertion To User Mapping
- jit_
user_ boolprov_ create_ user_ enabled (Updatable) Set to true to indicate JIT User Creation is enabled
- jit_
user_ boolprov_ enabled (Updatable) Set to true to indicate JIT User Provisioning is enabled
- jit_
user_ boolprov_ group_ assertion_ attribute_ enabled (Updatable) Set to true to indicate JIT User Provisioning Groups should be assigned based on assertion attribute
- jit_
user_ strprov_ group_ assignment_ method (Updatable) The default value is 'Overwrite', which tells Just-In-Time user-provisioning to replace any current group-assignments for a User with those assigned by assertions and/or those assigned statically. Specify 'Merge' if you want Just-In-Time user-provisioning to combine its group-assignments with those the user already has.
- jit_
user_ strprov_ group_ mapping_ mode (Updatable) Property to indicate the mode of group mapping
- jit_
user_ Domainsprov_ group_ mappings Identity Provider Jit User Prov Group Mapping Args] (Updatable) The list of mappings between the Identity Domain Group and the IDP group.
- jit_
user_ strprov_ group_ saml_ attribute_ name (Updatable) Name of the assertion attribute containing the users groups
- jit_
user_ boolprov_ group_ static_ list_ enabled (Updatable) Set to true to indicate JIT User Provisioning Groups should be assigned from a static list
- jit_
user_ boolprov_ ignore_ error_ on_ absent_ groups (Updatable) Set to true to indicate ignoring absence of group while provisioning
- logout_
binding str (Updatable) HTTP binding to use for logout.
- logout_
enabled bool (Updatable) Set to true to enable logout.
- logout_
request_ strurl (Updatable) Logout request URL
- logout_
response_ strurl (Updatable) Logout response URL
- metadata str
(Updatable) Metadata
- name_
id_ strformat (Updatable) Default authentication request name ID format.
- ocid str
(Updatable) Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.
- partner_
provider_ strid (Updatable) Provider ID
- requested_
authentication_ Sequence[str]contexts (Updatable) SAML SP authentication type.
- require_
force_ boolauthn (Updatable) This SP requires requests SAML IdP to enforce re-authentication.
- requires_
encrypted_ boolassertion (Updatable) SAML SP must accept encrypted assertion only.
- resource_
type_ strschema_ version (Updatable) An endpoint-specific schema version number to use in the Request. Allowed version values are Earliest Version or Latest Version as specified in each REST API endpoint description, or any sequential number inbetween. All schema attributes/body parameters are a part of version 1. After version 1, any attributes added or deprecated will be tagged with the version that they were added to or deprecated in. If no version is provided, the latest schema version is returned.
- saml_
ho_ boolkrequired (Updatable) SAML SP HoK Enabled.
- service_
instance_ stridentifier (Updatable) The serviceInstanceIdentifier of the App that hosts this IdP. This value will match the opcServiceInstanceGUID of any service-instance that the IdP represents.
- shown_
on_ boollogin_ page (Updatable) Set to true to indicate whether to show IdP in login page or not.
- signature_
hash_ stralgorithm (Updatable) Signature hash algorithm.
- signing_
certificate str (Updatable) Signing certificate
- succinct_
id str (Updatable) Succinct ID
- Domains
Identity Provider Tag Args] (Updatable) A list of tags on this resource.
- type str
(Updatable) Identity Provider Type
- Domains
Identity Provider Urnietfparamsscimschemasoracleidcsextensionsocial Identity Provider Args (Updatable) Social Identity Provider Extension Schema
- urnietfparamsscimschemasoracleidcsextensionx509identity_
provider DomainsIdentity Provider Urnietfparamsscimschemasoracleidcsextensionx509identity Provider Args (Updatable) X509 Identity Provider Extension Schema
- user_
mapping_ strmethod (Updatable) User mapping method.
- user_
mapping_ strstore_ attribute (Updatable) This property specifies the userstore attribute value that must match the incoming assertion attribute value or the incoming nameid attribute value in order to identify the user during SSO.You can construct the userMappingStoreAttribute value by specifying attributes from the Oracle Identity Cloud Service Core Users schema. For examples of how to construct the userMappingStoreAttribute value, see the Example of a Request Body section of the Examples tab for the POST and PUT methods of the /IdentityProviders endpoint.
- enabled Boolean
(Updatable) Set to true to indicate Partner enabled.
- idcs
Endpoint String The basic endpoint for the identity domain
- partner
Name String (Updatable) Unique name of the trusted Identity Provider.
- schemas List<String>
(Updatable) REQUIRED. The schemas attribute is an array of Strings which allows introspection of the supported schema version for a SCIM representation as well any schema extensions supported by that representation. Each String value must be a unique URI. This specification defines URIs for User, Group, and a standard "enterprise" extension. All representations of SCIM schema MUST include a non-zero value array with value(s) of the URIs supported by that representation. Duplicate values MUST NOT be included. Value order is not specified and MUST not impact behavior.
- assertion
Attribute String (Updatable) Assertion attribute name.
- attribute
Sets List<String> (Updatable) A multi-valued list of strings indicating the return type of attribute definition. The specified set of attributes can be fetched by the return type of the attribute. One or more values can be given together to fetch more than one group of attributes. If 'attributes' query parameter is also available, union of the two is fetched. Valid values - all, always, never, request, default. Values are case-insensitive.
- attributes String
(Updatable) A comma-delimited string that specifies the names of resource attributes that should be returned in the response. By default, a response that contains resource attributes contains only attributes that are defined in the schema for that resource type as returned=always or returned=default. An attribute that is defined as returned=request is returned in a response only if the request specifies its name in the value of this query parameter. If a request specifies this query parameter, the response contains the attributes that this query parameter specifies, as well as any attribute that is defined as returned=always.
- authn
Request StringBinding (Updatable) HTTP binding to use for authentication requests.
- String
(Updatable) The Authorization field value consists of credentials containing the authentication information of the user agent for the realm of the resource being requested.
- correlation
Policy Property Map (Updatable) Correlation policy
- description String
(Updatable) Description
- encryption
Certificate String (Updatable) Encryption certificate
- external
Id String (Updatable) An identifier for the Resource as defined by the Service Consumer. The externalId may simplify identification of the Resource between Service Consumer and Service Provider by allowing the Consumer to refer to the Resource with its own identifier, obviating the need to store a local mapping between the local identifier of the Resource and the identifier used by the Service Provider. Each Resource MAY include a non-empty externalId value. The value of the externalId attribute is always issued by the Service Consumer and can never be specified by the Service Provider. The Service Provider MUST always interpret the externalId as scoped to the Service Consumer's tenant.
- icon
Url String (Updatable) Identity Provider Icon URL.
- idp
Sso StringUrl (Updatable) Identity Provider SSO URL
- include
Signing BooleanCert In Signature (Updatable) Set to true to include the signing certificate in the signature.
- jit
User List<Property Map>Prov Assigned Groups (Updatable) Refers to every group of which a JIT-provisioned User should be a member. Just-in-Time user-provisioning applies this static list when jitUserProvGroupStaticListEnabled:true.
- jit
User BooleanProv Attribute Update Enabled (Updatable) Set to true to indicate JIT User Creation is enabled
- jit
User Property MapProv Attributes (Updatable) Assertion To User Mapping
- jit
User BooleanProv Create User Enabled (Updatable) Set to true to indicate JIT User Creation is enabled
- jit
User BooleanProv Enabled (Updatable) Set to true to indicate JIT User Provisioning is enabled
- jit
User BooleanProv Group Assertion Attribute Enabled (Updatable) Set to true to indicate JIT User Provisioning Groups should be assigned based on assertion attribute
- jit
User StringProv Group Assignment Method (Updatable) The default value is 'Overwrite', which tells Just-In-Time user-provisioning to replace any current group-assignments for a User with those assigned by assertions and/or those assigned statically. Specify 'Merge' if you want Just-In-Time user-provisioning to combine its group-assignments with those the user already has.
- jit
User StringProv Group Mapping Mode (Updatable) Property to indicate the mode of group mapping
- jit
User List<Property Map>Prov Group Mappings (Updatable) The list of mappings between the Identity Domain Group and the IDP group.
- jit
User StringProv Group Saml Attribute Name (Updatable) Name of the assertion attribute containing the users groups
- jit
User BooleanProv Group Static List Enabled (Updatable) Set to true to indicate JIT User Provisioning Groups should be assigned from a static list
- jit
User BooleanProv Ignore Error On Absent Groups (Updatable) Set to true to indicate ignoring absence of group while provisioning
- logout
Binding String (Updatable) HTTP binding to use for logout.
- logout
Enabled Boolean (Updatable) Set to true to enable logout.
- logout
Request StringUrl (Updatable) Logout request URL
- logout
Response StringUrl (Updatable) Logout response URL
- metadata String
(Updatable) Metadata
- name
Id StringFormat (Updatable) Default authentication request name ID format.
- ocid String
(Updatable) Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.
- partner
Provider StringId (Updatable) Provider ID
- requested
Authentication List<String>Contexts (Updatable) SAML SP authentication type.
- require
Force BooleanAuthn (Updatable) This SP requires requests SAML IdP to enforce re-authentication.
- requires
Encrypted BooleanAssertion (Updatable) SAML SP must accept encrypted assertion only.
- resource
Type StringSchema Version (Updatable) An endpoint-specific schema version number to use in the Request. Allowed version values are Earliest Version or Latest Version as specified in each REST API endpoint description, or any sequential number inbetween. All schema attributes/body parameters are a part of version 1. After version 1, any attributes added or deprecated will be tagged with the version that they were added to or deprecated in. If no version is provided, the latest schema version is returned.
- saml
Ho BooleanKrequired (Updatable) SAML SP HoK Enabled.
- service
Instance StringIdentifier (Updatable) The serviceInstanceIdentifier of the App that hosts this IdP. This value will match the opcServiceInstanceGUID of any service-instance that the IdP represents.
- shown
On BooleanLogin Page (Updatable) Set to true to indicate whether to show IdP in login page or not.
- signature
Hash StringAlgorithm (Updatable) Signature hash algorithm.
- signing
Certificate String (Updatable) Signing certificate
- succinct
Id String (Updatable) Succinct ID
- List<Property Map>
(Updatable) A list of tags on this resource.
- type String
(Updatable) Identity Provider Type
- Property Map
(Updatable) Social Identity Provider Extension Schema
- urnietfparamsscimschemasoracleidcsextensionx509identity
Provider Property Map (Updatable) X509 Identity Provider Extension Schema
- user
Mapping StringMethod (Updatable) User mapping method.
- user
Mapping StringStore Attribute (Updatable) This property specifies the userstore attribute value that must match the incoming assertion attribute value or the incoming nameid attribute value in order to identify the user during SSO.You can construct the userMappingStoreAttribute value by specifying attributes from the Oracle Identity Cloud Service Core Users schema. For examples of how to construct the userMappingStoreAttribute value, see the Example of a Request Body section of the Examples tab for the POST and PUT methods of the /IdentityProviders endpoint.
Outputs
All input properties are implicitly available as output properties. Additionally, the DomainsIdentityProvider resource produces the following output properties:
- Compartment
Ocid string (Updatable) Oracle Cloud Infrastructure Compartment Id (ocid) in which the resource lives.
- Delete
In boolProgress (Updatable) A boolean flag indicating this resource in the process of being deleted. Usually set to true when synchronous deletion of the resource would take too long.
- Domain
Ocid string (Updatable) Oracle Cloud Infrastructure Domain Id (ocid) in which the resource lives.
- Id string
The provider-assigned unique ID for this managed resource.
- Idcs
Created List<DomainsBies Identity Provider Idcs Created By> (Updatable) The User or App who created the Resource
- Idcs
Last List<DomainsModified Bies Identity Provider Idcs Last Modified By> (Updatable) The User or App who modified the Resource
- Idcs
Last stringUpgraded In Release (Updatable) The release number when the resource was upgraded.
- Idcs
Prevented List<string>Operations (Updatable) Each value of this attribute specifies an operation that only an internal client may perform on this particular resource.
- Metas
List<Domains
Identity Provider Meta> (Updatable) A complex attribute that contains resource metadata. All sub-attributes are OPTIONAL.
- Tenancy
Ocid string (Updatable) Oracle Cloud Infrastructure Tenant Id (ocid) in which the resource lives.
- Tenant
Provider stringId (Updatable) The alternate Provider ID to be used as the Oracle Identity Cloud Service providerID (instead of the one in SamlSettings) when interacting with this IdP.
- Compartment
Ocid string (Updatable) Oracle Cloud Infrastructure Compartment Id (ocid) in which the resource lives.
- Delete
In boolProgress (Updatable) A boolean flag indicating this resource in the process of being deleted. Usually set to true when synchronous deletion of the resource would take too long.
- Domain
Ocid string (Updatable) Oracle Cloud Infrastructure Domain Id (ocid) in which the resource lives.
- Id string
The provider-assigned unique ID for this managed resource.
- Idcs
Created []DomainsBies Identity Provider Idcs Created By (Updatable) The User or App who created the Resource
- Idcs
Last []DomainsModified Bies Identity Provider Idcs Last Modified By (Updatable) The User or App who modified the Resource
- Idcs
Last stringUpgraded In Release (Updatable) The release number when the resource was upgraded.
- Idcs
Prevented []stringOperations (Updatable) Each value of this attribute specifies an operation that only an internal client may perform on this particular resource.
- Metas
[]Domains
Identity Provider Meta (Updatable) A complex attribute that contains resource metadata. All sub-attributes are OPTIONAL.
- Tenancy
Ocid string (Updatable) Oracle Cloud Infrastructure Tenant Id (ocid) in which the resource lives.
- Tenant
Provider stringId (Updatable) The alternate Provider ID to be used as the Oracle Identity Cloud Service providerID (instead of the one in SamlSettings) when interacting with this IdP.
- compartment
Ocid String (Updatable) Oracle Cloud Infrastructure Compartment Id (ocid) in which the resource lives.
- delete
In BooleanProgress (Updatable) A boolean flag indicating this resource in the process of being deleted. Usually set to true when synchronous deletion of the resource would take too long.
- domain
Ocid String (Updatable) Oracle Cloud Infrastructure Domain Id (ocid) in which the resource lives.
- id String
The provider-assigned unique ID for this managed resource.
- idcs
Created List<DomainsBies Provider Idcs Created By> (Updatable) The User or App who created the Resource
- idcs
Last List<DomainsModified Bies Provider Idcs Last Modified By> (Updatable) The User or App who modified the Resource
- idcs
Last StringUpgraded In Release (Updatable) The release number when the resource was upgraded.
- idcs
Prevented List<String>Operations (Updatable) Each value of this attribute specifies an operation that only an internal client may perform on this particular resource.
- metas
List<Domains
Provider Meta> (Updatable) A complex attribute that contains resource metadata. All sub-attributes are OPTIONAL.
- tenancy
Ocid String (Updatable) Oracle Cloud Infrastructure Tenant Id (ocid) in which the resource lives.
- tenant
Provider StringId (Updatable) The alternate Provider ID to be used as the Oracle Identity Cloud Service providerID (instead of the one in SamlSettings) when interacting with this IdP.
- compartment
Ocid string (Updatable) Oracle Cloud Infrastructure Compartment Id (ocid) in which the resource lives.
- delete
In booleanProgress (Updatable) A boolean flag indicating this resource in the process of being deleted. Usually set to true when synchronous deletion of the resource would take too long.
- domain
Ocid string (Updatable) Oracle Cloud Infrastructure Domain Id (ocid) in which the resource lives.
- id string
The provider-assigned unique ID for this managed resource.
- idcs
Created DomainsBies Identity Provider Idcs Created By[] (Updatable) The User or App who created the Resource
- idcs
Last DomainsModified Bies Identity Provider Idcs Last Modified By[] (Updatable) The User or App who modified the Resource
- idcs
Last stringUpgraded In Release (Updatable) The release number when the resource was upgraded.
- idcs
Prevented string[]Operations (Updatable) Each value of this attribute specifies an operation that only an internal client may perform on this particular resource.
- metas
Domains
Identity Provider Meta[] (Updatable) A complex attribute that contains resource metadata. All sub-attributes are OPTIONAL.
- tenancy
Ocid string (Updatable) Oracle Cloud Infrastructure Tenant Id (ocid) in which the resource lives.
- tenant
Provider stringId (Updatable) The alternate Provider ID to be used as the Oracle Identity Cloud Service providerID (instead of the one in SamlSettings) when interacting with this IdP.
- compartment_
ocid str (Updatable) Oracle Cloud Infrastructure Compartment Id (ocid) in which the resource lives.
- delete_
in_ boolprogress (Updatable) A boolean flag indicating this resource in the process of being deleted. Usually set to true when synchronous deletion of the resource would take too long.
- domain_
ocid str (Updatable) Oracle Cloud Infrastructure Domain Id (ocid) in which the resource lives.
- id str
The provider-assigned unique ID for this managed resource.
- idcs_
created_ Domainsbies Identity Provider Idcs Created By] (Updatable) The User or App who created the Resource
- idcs_
last_ Domainsmodified_ bies Identity Provider Idcs Last Modified By] (Updatable) The User or App who modified the Resource
- idcs_
last_ strupgraded_ in_ release (Updatable) The release number when the resource was upgraded.
- idcs_
prevented_ Sequence[str]operations (Updatable) Each value of this attribute specifies an operation that only an internal client may perform on this particular resource.
- metas
Domains
Identity Provider Meta] (Updatable) A complex attribute that contains resource metadata. All sub-attributes are OPTIONAL.
- tenancy_
ocid str (Updatable) Oracle Cloud Infrastructure Tenant Id (ocid) in which the resource lives.
- tenant_
provider_ strid (Updatable) The alternate Provider ID to be used as the Oracle Identity Cloud Service providerID (instead of the one in SamlSettings) when interacting with this IdP.
- compartment
Ocid String (Updatable) Oracle Cloud Infrastructure Compartment Id (ocid) in which the resource lives.
- delete
In BooleanProgress (Updatable) A boolean flag indicating this resource in the process of being deleted. Usually set to true when synchronous deletion of the resource would take too long.
- domain
Ocid String (Updatable) Oracle Cloud Infrastructure Domain Id (ocid) in which the resource lives.
- id String
The provider-assigned unique ID for this managed resource.
- idcs
Created List<Property Map>Bies (Updatable) The User or App who created the Resource
- idcs
Last List<Property Map>Modified Bies (Updatable) The User or App who modified the Resource
- idcs
Last StringUpgraded In Release (Updatable) The release number when the resource was upgraded.
- idcs
Prevented List<String>Operations (Updatable) Each value of this attribute specifies an operation that only an internal client may perform on this particular resource.
- metas List<Property Map>
(Updatable) A complex attribute that contains resource metadata. All sub-attributes are OPTIONAL.
- tenancy
Ocid String (Updatable) Oracle Cloud Infrastructure Tenant Id (ocid) in which the resource lives.
- tenant
Provider StringId (Updatable) The alternate Provider ID to be used as the Oracle Identity Cloud Service providerID (instead of the one in SamlSettings) when interacting with this IdP.
Look up Existing DomainsIdentityProvider Resource
Get an existing DomainsIdentityProvider resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: DomainsIdentityProviderState, opts?: CustomResourceOptions): DomainsIdentityProvider
@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
assertion_attribute: Optional[str] = None,
attribute_sets: Optional[Sequence[str]] = None,
attributes: Optional[str] = None,
authn_request_binding: Optional[str] = None,
authorization: Optional[str] = None,
compartment_ocid: Optional[str] = None,
correlation_policy: Optional[_identity.DomainsIdentityProviderCorrelationPolicyArgs] = None,
delete_in_progress: Optional[bool] = None,
description: Optional[str] = None,
domain_ocid: Optional[str] = None,
enabled: Optional[bool] = None,
encryption_certificate: Optional[str] = None,
external_id: Optional[str] = None,
icon_url: Optional[str] = None,
idcs_created_bies: Optional[Sequence[_identity.DomainsIdentityProviderIdcsCreatedByArgs]] = None,
idcs_endpoint: Optional[str] = None,
idcs_last_modified_bies: Optional[Sequence[_identity.DomainsIdentityProviderIdcsLastModifiedByArgs]] = None,
idcs_last_upgraded_in_release: Optional[str] = None,
idcs_prevented_operations: Optional[Sequence[str]] = None,
idp_sso_url: Optional[str] = None,
include_signing_cert_in_signature: Optional[bool] = None,
jit_user_prov_assigned_groups: Optional[Sequence[_identity.DomainsIdentityProviderJitUserProvAssignedGroupArgs]] = None,
jit_user_prov_attribute_update_enabled: Optional[bool] = None,
jit_user_prov_attributes: Optional[_identity.DomainsIdentityProviderJitUserProvAttributesArgs] = None,
jit_user_prov_create_user_enabled: Optional[bool] = None,
jit_user_prov_enabled: Optional[bool] = None,
jit_user_prov_group_assertion_attribute_enabled: Optional[bool] = None,
jit_user_prov_group_assignment_method: Optional[str] = None,
jit_user_prov_group_mapping_mode: Optional[str] = None,
jit_user_prov_group_mappings: Optional[Sequence[_identity.DomainsIdentityProviderJitUserProvGroupMappingArgs]] = None,
jit_user_prov_group_saml_attribute_name: Optional[str] = None,
jit_user_prov_group_static_list_enabled: Optional[bool] = None,
jit_user_prov_ignore_error_on_absent_groups: Optional[bool] = None,
logout_binding: Optional[str] = None,
logout_enabled: Optional[bool] = None,
logout_request_url: Optional[str] = None,
logout_response_url: Optional[str] = None,
metadata: Optional[str] = None,
metas: Optional[Sequence[_identity.DomainsIdentityProviderMetaArgs]] = None,
name_id_format: Optional[str] = None,
ocid: Optional[str] = None,
partner_name: Optional[str] = None,
partner_provider_id: Optional[str] = None,
requested_authentication_contexts: Optional[Sequence[str]] = None,
require_force_authn: Optional[bool] = None,
requires_encrypted_assertion: Optional[bool] = None,
resource_type_schema_version: Optional[str] = None,
saml_ho_krequired: Optional[bool] = None,
schemas: Optional[Sequence[str]] = None,
service_instance_identifier: Optional[str] = None,
shown_on_login_page: Optional[bool] = None,
signature_hash_algorithm: Optional[str] = None,
signing_certificate: Optional[str] = None,
succinct_id: Optional[str] = None,
tags: Optional[Sequence[_identity.DomainsIdentityProviderTagArgs]] = None,
tenancy_ocid: Optional[str] = None,
tenant_provider_id: Optional[str] = None,
type: Optional[str] = None,
urnietfparamsscimschemasoracleidcsextensionsocial_identity_provider: Optional[_identity.DomainsIdentityProviderUrnietfparamsscimschemasoracleidcsextensionsocialIdentityProviderArgs] = None,
urnietfparamsscimschemasoracleidcsextensionx509identity_provider: Optional[_identity.DomainsIdentityProviderUrnietfparamsscimschemasoracleidcsextensionx509identityProviderArgs] = None,
user_mapping_method: Optional[str] = None,
user_mapping_store_attribute: Optional[str] = None) -> DomainsIdentityProvider
func GetDomainsIdentityProvider(ctx *Context, name string, id IDInput, state *DomainsIdentityProviderState, opts ...ResourceOption) (*DomainsIdentityProvider, error)
public static DomainsIdentityProvider Get(string name, Input<string> id, DomainsIdentityProviderState? state, CustomResourceOptions? opts = null)
public static DomainsIdentityProvider get(String name, Output<String> id, DomainsIdentityProviderState state, CustomResourceOptions options)
Resource lookup is not supported in YAML
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Assertion
Attribute string (Updatable) Assertion attribute name.
- Attribute
Sets List<string> (Updatable) A multi-valued list of strings indicating the return type of attribute definition. The specified set of attributes can be fetched by the return type of the attribute. One or more values can be given together to fetch more than one group of attributes. If 'attributes' query parameter is also available, union of the two is fetched. Valid values - all, always, never, request, default. Values are case-insensitive.
- Attributes string
(Updatable) A comma-delimited string that specifies the names of resource attributes that should be returned in the response. By default, a response that contains resource attributes contains only attributes that are defined in the schema for that resource type as returned=always or returned=default. An attribute that is defined as returned=request is returned in a response only if the request specifies its name in the value of this query parameter. If a request specifies this query parameter, the response contains the attributes that this query parameter specifies, as well as any attribute that is defined as returned=always.
- Authn
Request stringBinding (Updatable) HTTP binding to use for authentication requests.
- string
(Updatable) The Authorization field value consists of credentials containing the authentication information of the user agent for the realm of the resource being requested.
- Compartment
Ocid string (Updatable) Oracle Cloud Infrastructure Compartment Id (ocid) in which the resource lives.
- Correlation
Policy DomainsIdentity Provider Correlation Policy Args (Updatable) Correlation policy
- Delete
In boolProgress (Updatable) A boolean flag indicating this resource in the process of being deleted. Usually set to true when synchronous deletion of the resource would take too long.
- Description string
(Updatable) Description
- Domain
Ocid string (Updatable) Oracle Cloud Infrastructure Domain Id (ocid) in which the resource lives.
- Enabled bool
(Updatable) Set to true to indicate Partner enabled.
- Encryption
Certificate string (Updatable) Encryption certificate
- External
Id string (Updatable) An identifier for the Resource as defined by the Service Consumer. The externalId may simplify identification of the Resource between Service Consumer and Service Provider by allowing the Consumer to refer to the Resource with its own identifier, obviating the need to store a local mapping between the local identifier of the Resource and the identifier used by the Service Provider. Each Resource MAY include a non-empty externalId value. The value of the externalId attribute is always issued by the Service Consumer and can never be specified by the Service Provider. The Service Provider MUST always interpret the externalId as scoped to the Service Consumer's tenant.
- Icon
Url string (Updatable) Identity Provider Icon URL.
- Idcs
Created List<DomainsBies Identity Provider Idcs Created By Args> (Updatable) The User or App who created the Resource
- Idcs
Endpoint string The basic endpoint for the identity domain
- Idcs
Last List<DomainsModified Bies Identity Provider Idcs Last Modified By Args> (Updatable) The User or App who modified the Resource
- Idcs
Last stringUpgraded In Release (Updatable) The release number when the resource was upgraded.
- Idcs
Prevented List<string>Operations (Updatable) Each value of this attribute specifies an operation that only an internal client may perform on this particular resource.
- Idp
Sso stringUrl (Updatable) Identity Provider SSO URL
- Include
Signing boolCert In Signature (Updatable) Set to true to include the signing certificate in the signature.
- Jit
User List<DomainsProv Assigned Groups Identity Provider Jit User Prov Assigned Group Args> (Updatable) Refers to every group of which a JIT-provisioned User should be a member. Just-in-Time user-provisioning applies this static list when jitUserProvGroupStaticListEnabled:true.
- Jit
User boolProv Attribute Update Enabled (Updatable) Set to true to indicate JIT User Creation is enabled
- Jit
User DomainsProv Attributes Identity Provider Jit User Prov Attributes Args (Updatable) Assertion To User Mapping
- Jit
User boolProv Create User Enabled (Updatable) Set to true to indicate JIT User Creation is enabled
- Jit
User boolProv Enabled (Updatable) Set to true to indicate JIT User Provisioning is enabled
- Jit
User boolProv Group Assertion Attribute Enabled (Updatable) Set to true to indicate JIT User Provisioning Groups should be assigned based on assertion attribute
- Jit
User stringProv Group Assignment Method (Updatable) The default value is 'Overwrite', which tells Just-In-Time user-provisioning to replace any current group-assignments for a User with those assigned by assertions and/or those assigned statically. Specify 'Merge' if you want Just-In-Time user-provisioning to combine its group-assignments with those the user already has.
- Jit
User stringProv Group Mapping Mode (Updatable) Property to indicate the mode of group mapping
- Jit
User List<DomainsProv Group Mappings Identity Provider Jit User Prov Group Mapping Args> (Updatable) The list of mappings between the Identity Domain Group and the IDP group.
- Jit
User stringProv Group Saml Attribute Name (Updatable) Name of the assertion attribute containing the users groups
- Jit
User boolProv Group Static List Enabled (Updatable) Set to true to indicate JIT User Provisioning Groups should be assigned from a static list
- Jit
User boolProv Ignore Error On Absent Groups (Updatable) Set to true to indicate ignoring absence of group while provisioning
- Logout
Binding string (Updatable) HTTP binding to use for logout.
- Logout
Enabled bool (Updatable) Set to true to enable logout.
- Logout
Request stringUrl (Updatable) Logout request URL
- Logout
Response stringUrl (Updatable) Logout response URL
- Metadata string
(Updatable) Metadata
- Metas
List<Domains
Identity Provider Meta Args> (Updatable) A complex attribute that contains resource metadata. All sub-attributes are OPTIONAL.
- Name
Id stringFormat (Updatable) Default authentication request name ID format.
- Ocid string
(Updatable) Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.
- Partner
Name string (Updatable) Unique name of the trusted Identity Provider.
- Partner
Provider stringId (Updatable) Provider ID
- Requested
Authentication List<string>Contexts (Updatable) SAML SP authentication type.
- Require
Force boolAuthn (Updatable) This SP requires requests SAML IdP to enforce re-authentication.
- Requires
Encrypted boolAssertion (Updatable) SAML SP must accept encrypted assertion only.
- Resource
Type stringSchema Version (Updatable) An endpoint-specific schema version number to use in the Request. Allowed version values are Earliest Version or Latest Version as specified in each REST API endpoint description, or any sequential number inbetween. All schema attributes/body parameters are a part of version 1. After version 1, any attributes added or deprecated will be tagged with the version that they were added to or deprecated in. If no version is provided, the latest schema version is returned.
- Saml
Ho boolKrequired (Updatable) SAML SP HoK Enabled.
- Schemas List<string>
(Updatable) REQUIRED. The schemas attribute is an array of Strings which allows introspection of the supported schema version for a SCIM representation as well any schema extensions supported by that representation. Each String value must be a unique URI. This specification defines URIs for User, Group, and a standard "enterprise" extension. All representations of SCIM schema MUST include a non-zero value array with value(s) of the URIs supported by that representation. Duplicate values MUST NOT be included. Value order is not specified and MUST not impact behavior.
- Service
Instance stringIdentifier (Updatable) The serviceInstanceIdentifier of the App that hosts this IdP. This value will match the opcServiceInstanceGUID of any service-instance that the IdP represents.
- Shown
On boolLogin Page (Updatable) Set to true to indicate whether to show IdP in login page or not.
- Signature
Hash stringAlgorithm (Updatable) Signature hash algorithm.
- Signing
Certificate string (Updatable) Signing certificate
- Succinct
Id string (Updatable) Succinct ID
- List<Domains
Identity Provider Tag Args> (Updatable) A list of tags on this resource.
- Tenancy
Ocid string (Updatable) Oracle Cloud Infrastructure Tenant Id (ocid) in which the resource lives.
- Tenant
Provider stringId (Updatable) The alternate Provider ID to be used as the Oracle Identity Cloud Service providerID (instead of the one in SamlSettings) when interacting with this IdP.
- Type string
(Updatable) Identity Provider Type
- Domains
Identity Provider Urnietfparamsscimschemasoracleidcsextensionsocial Identity Provider Args (Updatable) Social Identity Provider Extension Schema
- Urnietfparamsscimschemasoracleidcsextensionx509identity
Provider DomainsIdentity Provider Urnietfparamsscimschemasoracleidcsextensionx509identity Provider Args (Updatable) X509 Identity Provider Extension Schema
- User
Mapping stringMethod (Updatable) User mapping method.
- User
Mapping stringStore Attribute (Updatable) This property specifies the userstore attribute value that must match the incoming assertion attribute value or the incoming nameid attribute value in order to identify the user during SSO.You can construct the userMappingStoreAttribute value by specifying attributes from the Oracle Identity Cloud Service Core Users schema. For examples of how to construct the userMappingStoreAttribute value, see the Example of a Request Body section of the Examples tab for the POST and PUT methods of the /IdentityProviders endpoint.
- Assertion
Attribute string (Updatable) Assertion attribute name.
- Attribute
Sets []string (Updatable) A multi-valued list of strings indicating the return type of attribute definition. The specified set of attributes can be fetched by the return type of the attribute. One or more values can be given together to fetch more than one group of attributes. If 'attributes' query parameter is also available, union of the two is fetched. Valid values - all, always, never, request, default. Values are case-insensitive.
- Attributes string
(Updatable) A comma-delimited string that specifies the names of resource attributes that should be returned in the response. By default, a response that contains resource attributes contains only attributes that are defined in the schema for that resource type as returned=always or returned=default. An attribute that is defined as returned=request is returned in a response only if the request specifies its name in the value of this query parameter. If a request specifies this query parameter, the response contains the attributes that this query parameter specifies, as well as any attribute that is defined as returned=always.
- Authn
Request stringBinding (Updatable) HTTP binding to use for authentication requests.
- string
(Updatable) The Authorization field value consists of credentials containing the authentication information of the user agent for the realm of the resource being requested.
- Compartment
Ocid string (Updatable) Oracle Cloud Infrastructure Compartment Id (ocid) in which the resource lives.
- Correlation
Policy DomainsIdentity Provider Correlation Policy Args (Updatable) Correlation policy
- Delete
In boolProgress (Updatable) A boolean flag indicating this resource in the process of being deleted. Usually set to true when synchronous deletion of the resource would take too long.
- Description string
(Updatable) Description
- Domain
Ocid string (Updatable) Oracle Cloud Infrastructure Domain Id (ocid) in which the resource lives.
- Enabled bool
(Updatable) Set to true to indicate Partner enabled.
- Encryption
Certificate string (Updatable) Encryption certificate
- External
Id string (Updatable) An identifier for the Resource as defined by the Service Consumer. The externalId may simplify identification of the Resource between Service Consumer and Service Provider by allowing the Consumer to refer to the Resource with its own identifier, obviating the need to store a local mapping between the local identifier of the Resource and the identifier used by the Service Provider. Each Resource MAY include a non-empty externalId value. The value of the externalId attribute is always issued by the Service Consumer and can never be specified by the Service Provider. The Service Provider MUST always interpret the externalId as scoped to the Service Consumer's tenant.
- Icon
Url string (Updatable) Identity Provider Icon URL.
- Idcs
Created []DomainsBies Identity Provider Idcs Created By Args (Updatable) The User or App who created the Resource
- Idcs
Endpoint string The basic endpoint for the identity domain
- Idcs
Last []DomainsModified Bies Identity Provider Idcs Last Modified By Args (Updatable) The User or App who modified the Resource
- Idcs
Last stringUpgraded In Release (Updatable) The release number when the resource was upgraded.
- Idcs
Prevented []stringOperations (Updatable) Each value of this attribute specifies an operation that only an internal client may perform on this particular resource.
- Idp
Sso stringUrl (Updatable) Identity Provider SSO URL
- Include
Signing boolCert In Signature (Updatable) Set to true to include the signing certificate in the signature.
- Jit
User []DomainsProv Assigned Groups Identity Provider Jit User Prov Assigned Group Args (Updatable) Refers to every group of which a JIT-provisioned User should be a member. Just-in-Time user-provisioning applies this static list when jitUserProvGroupStaticListEnabled:true.
- Jit
User boolProv Attribute Update Enabled (Updatable) Set to true to indicate JIT User Creation is enabled
- Jit
User DomainsProv Attributes Identity Provider Jit User Prov Attributes Args (Updatable) Assertion To User Mapping
- Jit
User boolProv Create User Enabled (Updatable) Set to true to indicate JIT User Creation is enabled
- Jit
User boolProv Enabled (Updatable) Set to true to indicate JIT User Provisioning is enabled
- Jit
User boolProv Group Assertion Attribute Enabled (Updatable) Set to true to indicate JIT User Provisioning Groups should be assigned based on assertion attribute
- Jit
User stringProv Group Assignment Method (Updatable) The default value is 'Overwrite', which tells Just-In-Time user-provisioning to replace any current group-assignments for a User with those assigned by assertions and/or those assigned statically. Specify 'Merge' if you want Just-In-Time user-provisioning to combine its group-assignments with those the user already has.
- Jit
User stringProv Group Mapping Mode (Updatable) Property to indicate the mode of group mapping
- Jit
User []DomainsProv Group Mappings Identity Provider Jit User Prov Group Mapping Args (Updatable) The list of mappings between the Identity Domain Group and the IDP group.
- Jit
User stringProv Group Saml Attribute Name (Updatable) Name of the assertion attribute containing the users groups
- Jit
User boolProv Group Static List Enabled (Updatable) Set to true to indicate JIT User Provisioning Groups should be assigned from a static list
- Jit
User boolProv Ignore Error On Absent Groups (Updatable) Set to true to indicate ignoring absence of group while provisioning
- Logout
Binding string (Updatable) HTTP binding to use for logout.
- Logout
Enabled bool (Updatable) Set to true to enable logout.
- Logout
Request stringUrl (Updatable) Logout request URL
- Logout
Response stringUrl (Updatable) Logout response URL
- Metadata string
(Updatable) Metadata
- Metas
[]Domains
Identity Provider Meta Args (Updatable) A complex attribute that contains resource metadata. All sub-attributes are OPTIONAL.
- Name
Id stringFormat (Updatable) Default authentication request name ID format.
- Ocid string
(Updatable) Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.
- Partner
Name string (Updatable) Unique name of the trusted Identity Provider.
- Partner
Provider stringId (Updatable) Provider ID
- Requested
Authentication []stringContexts (Updatable) SAML SP authentication type.
- Require
Force boolAuthn (Updatable) This SP requires requests SAML IdP to enforce re-authentication.
- Requires
Encrypted boolAssertion (Updatable) SAML SP must accept encrypted assertion only.
- Resource
Type stringSchema Version (Updatable) An endpoint-specific schema version number to use in the Request. Allowed version values are Earliest Version or Latest Version as specified in each REST API endpoint description, or any sequential number inbetween. All schema attributes/body parameters are a part of version 1. After version 1, any attributes added or deprecated will be tagged with the version that they were added to or deprecated in. If no version is provided, the latest schema version is returned.
- Saml
Ho boolKrequired (Updatable) SAML SP HoK Enabled.
- Schemas []string
(Updatable) REQUIRED. The schemas attribute is an array of Strings which allows introspection of the supported schema version for a SCIM representation as well any schema extensions supported by that representation. Each String value must be a unique URI. This specification defines URIs for User, Group, and a standard "enterprise" extension. All representations of SCIM schema MUST include a non-zero value array with value(s) of the URIs supported by that representation. Duplicate values MUST NOT be included. Value order is not specified and MUST not impact behavior.
- Service
Instance stringIdentifier (Updatable) The serviceInstanceIdentifier of the App that hosts this IdP. This value will match the opcServiceInstanceGUID of any service-instance that the IdP represents.
- Shown
On boolLogin Page (Updatable) Set to true to indicate whether to show IdP in login page or not.
- Signature
Hash stringAlgorithm (Updatable) Signature hash algorithm.
- Signing
Certificate string (Updatable) Signing certificate
- Succinct
Id string (Updatable) Succinct ID
- []Domains
Identity Provider Tag Args (Updatable) A list of tags on this resource.
- Tenancy
Ocid string (Updatable) Oracle Cloud Infrastructure Tenant Id (ocid) in which the resource lives.
- Tenant
Provider stringId (Updatable) The alternate Provider ID to be used as the Oracle Identity Cloud Service providerID (instead of the one in SamlSettings) when interacting with this IdP.
- Type string
(Updatable) Identity Provider Type
- Domains
Identity Provider Urnietfparamsscimschemasoracleidcsextensionsocial Identity Provider Args (Updatable) Social Identity Provider Extension Schema
- Urnietfparamsscimschemasoracleidcsextensionx509identity
Provider DomainsIdentity Provider Urnietfparamsscimschemasoracleidcsextensionx509identity Provider Args (Updatable) X509 Identity Provider Extension Schema
- User
Mapping stringMethod (Updatable) User mapping method.
- User
Mapping stringStore Attribute (Updatable) This property specifies the userstore attribute value that must match the incoming assertion attribute value or the incoming nameid attribute value in order to identify the user during SSO.You can construct the userMappingStoreAttribute value by specifying attributes from the Oracle Identity Cloud Service Core Users schema. For examples of how to construct the userMappingStoreAttribute value, see the Example of a Request Body section of the Examples tab for the POST and PUT methods of the /IdentityProviders endpoint.
- assertion
Attribute String (Updatable) Assertion attribute name.
- attribute
Sets List<String> (Updatable) A multi-valued list of strings indicating the return type of attribute definition. The specified set of attributes can be fetched by the return type of the attribute. One or more values can be given together to fetch more than one group of attributes. If 'attributes' query parameter is also available, union of the two is fetched. Valid values - all, always, never, request, default. Values are case-insensitive.
- attributes String
(Updatable) A comma-delimited string that specifies the names of resource attributes that should be returned in the response. By default, a response that contains resource attributes contains only attributes that are defined in the schema for that resource type as returned=always or returned=default. An attribute that is defined as returned=request is returned in a response only if the request specifies its name in the value of this query parameter. If a request specifies this query parameter, the response contains the attributes that this query parameter specifies, as well as any attribute that is defined as returned=always.
- authn
Request StringBinding (Updatable) HTTP binding to use for authentication requests.
- String
(Updatable) The Authorization field value consists of credentials containing the authentication information of the user agent for the realm of the resource being requested.
- compartment
Ocid String (Updatable) Oracle Cloud Infrastructure Compartment Id (ocid) in which the resource lives.
- correlation
Policy DomainsProvider Correlation Policy Args (Updatable) Correlation policy
- delete
In BooleanProgress (Updatable) A boolean flag indicating this resource in the process of being deleted. Usually set to true when synchronous deletion of the resource would take too long.
- description String
(Updatable) Description
- domain
Ocid String (Updatable) Oracle Cloud Infrastructure Domain Id (ocid) in which the resource lives.
- enabled Boolean
(Updatable) Set to true to indicate Partner enabled.
- encryption
Certificate String (Updatable) Encryption certificate
- external
Id String (Updatable) An identifier for the Resource as defined by the Service Consumer. The externalId may simplify identification of the Resource between Service Consumer and Service Provider by allowing the Consumer to refer to the Resource with its own identifier, obviating the need to store a local mapping between the local identifier of the Resource and the identifier used by the Service Provider. Each Resource MAY include a non-empty externalId value. The value of the externalId attribute is always issued by the Service Consumer and can never be specified by the Service Provider. The Service Provider MUST always interpret the externalId as scoped to the Service Consumer's tenant.
- icon
Url String (Updatable) Identity Provider Icon URL.
- idcs
Created List<DomainsBies Provider Idcs Created By Args> (Updatable) The User or App who created the Resource
- idcs
Endpoint String The basic endpoint for the identity domain
- idcs
Last List<DomainsModified Bies Provider Idcs Last Modified By Args> (Updatable) The User or App who modified the Resource
- idcs
Last StringUpgraded In Release (Updatable) The release number when the resource was upgraded.
- idcs
Prevented List<String>Operations (Updatable) Each value of this attribute specifies an operation that only an internal client may perform on this particular resource.
- idp
Sso StringUrl (Updatable) Identity Provider SSO URL
- include
Signing BooleanCert In Signature (Updatable) Set to true to include the signing certificate in the signature.
- jit
User List<DomainsProv Assigned Groups Provider Jit User Prov Assigned Group Args> (Updatable) Refers to every group of which a JIT-provisioned User should be a member. Just-in-Time user-provisioning applies this static list when jitUserProvGroupStaticListEnabled:true.
- jit
User BooleanProv Attribute Update Enabled (Updatable) Set to true to indicate JIT User Creation is enabled
- jit
User DomainsProv Attributes Provider Jit User Prov Attributes Args (Updatable) Assertion To User Mapping
- jit
User BooleanProv Create User Enabled (Updatable) Set to true to indicate JIT User Creation is enabled
- jit
User BooleanProv Enabled (Updatable) Set to true to indicate JIT User Provisioning is enabled
- jit
User BooleanProv Group Assertion Attribute Enabled (Updatable) Set to true to indicate JIT User Provisioning Groups should be assigned based on assertion attribute
- jit
User StringProv Group Assignment Method (Updatable) The default value is 'Overwrite', which tells Just-In-Time user-provisioning to replace any current group-assignments for a User with those assigned by assertions and/or those assigned statically. Specify 'Merge' if you want Just-In-Time user-provisioning to combine its group-assignments with those the user already has.
- jit
User StringProv Group Mapping Mode (Updatable) Property to indicate the mode of group mapping
- jit
User List<DomainsProv Group Mappings Provider Jit User Prov Group Mapping Args> (Updatable) The list of mappings between the Identity Domain Group and the IDP group.
- jit
User StringProv Group Saml Attribute Name (Updatable) Name of the assertion attribute containing the users groups
- jit
User BooleanProv Group Static List Enabled (Updatable) Set to true to indicate JIT User Provisioning Groups should be assigned from a static list
- jit
User BooleanProv Ignore Error On Absent Groups (Updatable) Set to true to indicate ignoring absence of group while provisioning
- logout
Binding String (Updatable) HTTP binding to use for logout.
- logout
Enabled Boolean (Updatable) Set to true to enable logout.
- logout
Request StringUrl (Updatable) Logout request URL
- logout
Response StringUrl (Updatable) Logout response URL
- metadata String
(Updatable) Metadata
- metas
List<Domains
Provider Meta Args> (Updatable) A complex attribute that contains resource metadata. All sub-attributes are OPTIONAL.
- name
Id StringFormat (Updatable) Default authentication request name ID format.
- ocid String
(Updatable) Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.
- partner
Name String (Updatable) Unique name of the trusted Identity Provider.
- partner
Provider StringId (Updatable) Provider ID
- requested
Authentication List<String>Contexts (Updatable) SAML SP authentication type.
- require
Force BooleanAuthn (Updatable) This SP requires requests SAML IdP to enforce re-authentication.
- requires
Encrypted BooleanAssertion (Updatable) SAML SP must accept encrypted assertion only.
- resource
Type StringSchema Version (Updatable) An endpoint-specific schema version number to use in the Request. Allowed version values are Earliest Version or Latest Version as specified in each REST API endpoint description, or any sequential number inbetween. All schema attributes/body parameters are a part of version 1. After version 1, any attributes added or deprecated will be tagged with the version that they were added to or deprecated in. If no version is provided, the latest schema version is returned.
- saml
Ho BooleanKrequired (Updatable) SAML SP HoK Enabled.
- schemas List<String>
(Updatable) REQUIRED. The schemas attribute is an array of Strings which allows introspection of the supported schema version for a SCIM representation as well any schema extensions supported by that representation. Each String value must be a unique URI. This specification defines URIs for User, Group, and a standard "enterprise" extension. All representations of SCIM schema MUST include a non-zero value array with value(s) of the URIs supported by that representation. Duplicate values MUST NOT be included. Value order is not specified and MUST not impact behavior.
- service
Instance StringIdentifier (Updatable) The serviceInstanceIdentifier of the App that hosts this IdP. This value will match the opcServiceInstanceGUID of any service-instance that the IdP represents.
- shown
On BooleanLogin Page (Updatable) Set to true to indicate whether to show IdP in login page or not.
- signature
Hash StringAlgorithm (Updatable) Signature hash algorithm.
- signing
Certificate String (Updatable) Signing certificate
- succinct
Id String (Updatable) Succinct ID
- List<Domains
Provider Tag Args> (Updatable) A list of tags on this resource.
- tenancy
Ocid String (Updatable) Oracle Cloud Infrastructure Tenant Id (ocid) in which the resource lives.
- tenant
Provider StringId (Updatable) The alternate Provider ID to be used as the Oracle Identity Cloud Service providerID (instead of the one in SamlSettings) when interacting with this IdP.
- type String
(Updatable) Identity Provider Type
- Domains
Provider Urnietfparamsscimschemasoracleidcsextensionsocial Provider Args (Updatable) Social Identity Provider Extension Schema
- urnietfparamsscimschemasoracleidcsextensionx509identity
Provider DomainsProvider Urnietfparamsscimschemasoracleidcsextensionx509identity Provider Args (Updatable) X509 Identity Provider Extension Schema
- user
Mapping StringMethod (Updatable) User mapping method.
- user
Mapping StringStore Attribute (Updatable) This property specifies the userstore attribute value that must match the incoming assertion attribute value or the incoming nameid attribute value in order to identify the user during SSO.You can construct the userMappingStoreAttribute value by specifying attributes from the Oracle Identity Cloud Service Core Users schema. For examples of how to construct the userMappingStoreAttribute value, see the Example of a Request Body section of the Examples tab for the POST and PUT methods of the /IdentityProviders endpoint.
- assertion
Attribute string (Updatable) Assertion attribute name.
- attribute
Sets string[] (Updatable) A multi-valued list of strings indicating the return type of attribute definition. The specified set of attributes can be fetched by the return type of the attribute. One or more values can be given together to fetch more than one group of attributes. If 'attributes' query parameter is also available, union of the two is fetched. Valid values - all, always, never, request, default. Values are case-insensitive.
- attributes string
(Updatable) A comma-delimited string that specifies the names of resource attributes that should be returned in the response. By default, a response that contains resource attributes contains only attributes that are defined in the schema for that resource type as returned=always or returned=default. An attribute that is defined as returned=request is returned in a response only if the request specifies its name in the value of this query parameter. If a request specifies this query parameter, the response contains the attributes that this query parameter specifies, as well as any attribute that is defined as returned=always.
- authn
Request stringBinding (Updatable) HTTP binding to use for authentication requests.
- string
(Updatable) The Authorization field value consists of credentials containing the authentication information of the user agent for the realm of the resource being requested.
- compartment
Ocid string (Updatable) Oracle Cloud Infrastructure Compartment Id (ocid) in which the resource lives.
- correlation
Policy DomainsIdentity Provider Correlation Policy Args (Updatable) Correlation policy
- delete
In booleanProgress (Updatable) A boolean flag indicating this resource in the process of being deleted. Usually set to true when synchronous deletion of the resource would take too long.
- description string
(Updatable) Description
- domain
Ocid string (Updatable) Oracle Cloud Infrastructure Domain Id (ocid) in which the resource lives.
- enabled boolean
(Updatable) Set to true to indicate Partner enabled.
- encryption
Certificate string (Updatable) Encryption certificate
- external
Id string (Updatable) An identifier for the Resource as defined by the Service Consumer. The externalId may simplify identification of the Resource between Service Consumer and Service Provider by allowing the Consumer to refer to the Resource with its own identifier, obviating the need to store a local mapping between the local identifier of the Resource and the identifier used by the Service Provider. Each Resource MAY include a non-empty externalId value. The value of the externalId attribute is always issued by the Service Consumer and can never be specified by the Service Provider. The Service Provider MUST always interpret the externalId as scoped to the Service Consumer's tenant.
- icon
Url string (Updatable) Identity Provider Icon URL.
- idcs
Created DomainsBies Identity Provider Idcs Created By Args[] (Updatable) The User or App who created the Resource
- idcs
Endpoint string The basic endpoint for the identity domain
- idcs
Last DomainsModified Bies Identity Provider Idcs Last Modified By Args[] (Updatable) The User or App who modified the Resource
- idcs
Last stringUpgraded In Release (Updatable) The release number when the resource was upgraded.
- idcs
Prevented string[]Operations (Updatable) Each value of this attribute specifies an operation that only an internal client may perform on this particular resource.
- idp
Sso stringUrl (Updatable) Identity Provider SSO URL
- include
Signing booleanCert In Signature (Updatable) Set to true to include the signing certificate in the signature.
- jit
User DomainsProv Assigned Groups Identity Provider Jit User Prov Assigned Group Args[] (Updatable) Refers to every group of which a JIT-provisioned User should be a member. Just-in-Time user-provisioning applies this static list when jitUserProvGroupStaticListEnabled:true.
- jit
User booleanProv Attribute Update Enabled (Updatable) Set to true to indicate JIT User Creation is enabled
- jit
User DomainsProv Attributes Identity Provider Jit User Prov Attributes Args (Updatable) Assertion To User Mapping
- jit
User booleanProv Create User Enabled (Updatable) Set to true to indicate JIT User Creation is enabled
- jit
User booleanProv Enabled (Updatable) Set to true to indicate JIT User Provisioning is enabled
- jit
User booleanProv Group Assertion Attribute Enabled (Updatable) Set to true to indicate JIT User Provisioning Groups should be assigned based on assertion attribute
- jit
User stringProv Group Assignment Method (Updatable) The default value is 'Overwrite', which tells Just-In-Time user-provisioning to replace any current group-assignments for a User with those assigned by assertions and/or those assigned statically. Specify 'Merge' if you want Just-In-Time user-provisioning to combine its group-assignments with those the user already has.
- jit
User stringProv Group Mapping Mode (Updatable) Property to indicate the mode of group mapping
- jit
User DomainsProv Group Mappings Identity Provider Jit User Prov Group Mapping Args[] (Updatable) The list of mappings between the Identity Domain Group and the IDP group.
- jit
User stringProv Group Saml Attribute Name (Updatable) Name of the assertion attribute containing the users groups
- jit
User booleanProv Group Static List Enabled (Updatable) Set to true to indicate JIT User Provisioning Groups should be assigned from a static list
- jit
User booleanProv Ignore Error On Absent Groups (Updatable) Set to true to indicate ignoring absence of group while provisioning
- logout
Binding string (Updatable) HTTP binding to use for logout.
- logout
Enabled boolean (Updatable) Set to true to enable logout.
- logout
Request stringUrl (Updatable) Logout request URL
- logout
Response stringUrl (Updatable) Logout response URL
- metadata string
(Updatable) Metadata
- metas
Domains
Identity Provider Meta Args[] (Updatable) A complex attribute that contains resource metadata. All sub-attributes are OPTIONAL.
- name
Id stringFormat (Updatable) Default authentication request name ID format.
- ocid string
(Updatable) Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.
- partner
Name string (Updatable) Unique name of the trusted Identity Provider.
- partner
Provider stringId (Updatable) Provider ID
- requested
Authentication string[]Contexts (Updatable) SAML SP authentication type.
- require
Force booleanAuthn (Updatable) This SP requires requests SAML IdP to enforce re-authentication.
- requires
Encrypted booleanAssertion (Updatable) SAML SP must accept encrypted assertion only.
- resource
Type stringSchema Version (Updatable) An endpoint-specific schema version number to use in the Request. Allowed version values are Earliest Version or Latest Version as specified in each REST API endpoint description, or any sequential number inbetween. All schema attributes/body parameters are a part of version 1. After version 1, any attributes added or deprecated will be tagged with the version that they were added to or deprecated in. If no version is provided, the latest schema version is returned.
- saml
Ho booleanKrequired (Updatable) SAML SP HoK Enabled.
- schemas string[]
(Updatable) REQUIRED. The schemas attribute is an array of Strings which allows introspection of the supported schema version for a SCIM representation as well any schema extensions supported by that representation. Each String value must be a unique URI. This specification defines URIs for User, Group, and a standard "enterprise" extension. All representations of SCIM schema MUST include a non-zero value array with value(s) of the URIs supported by that representation. Duplicate values MUST NOT be included. Value order is not specified and MUST not impact behavior.
- service
Instance stringIdentifier (Updatable) The serviceInstanceIdentifier of the App that hosts this IdP. This value will match the opcServiceInstanceGUID of any service-instance that the IdP represents.
- shown
On booleanLogin Page (Updatable) Set to true to indicate whether to show IdP in login page or not.
- signature
Hash stringAlgorithm (Updatable) Signature hash algorithm.
- signing
Certificate string (Updatable) Signing certificate
- succinct
Id string (Updatable) Succinct ID
- Domains
Identity Provider Tag Args[] (Updatable) A list of tags on this resource.
- tenancy
Ocid string (Updatable) Oracle Cloud Infrastructure Tenant Id (ocid) in which the resource lives.
- tenant
Provider stringId (Updatable) The alternate Provider ID to be used as the Oracle Identity Cloud Service providerID (instead of the one in SamlSettings) when interacting with this IdP.
- type string
(Updatable) Identity Provider Type
- Domains
Identity Provider Urnietfparamsscimschemasoracleidcsextensionsocial Identity Provider Args (Updatable) Social Identity Provider Extension Schema
- urnietfparamsscimschemasoracleidcsextensionx509identity
Provider DomainsIdentity Provider Urnietfparamsscimschemasoracleidcsextensionx509identity Provider Args (Updatable) X509 Identity Provider Extension Schema
- user
Mapping stringMethod (Updatable) User mapping method.
- user
Mapping stringStore Attribute (Updatable) This property specifies the userstore attribute value that must match the incoming assertion attribute value or the incoming nameid attribute value in order to identify the user during SSO.You can construct the userMappingStoreAttribute value by specifying attributes from the Oracle Identity Cloud Service Core Users schema. For examples of how to construct the userMappingStoreAttribute value, see the Example of a Request Body section of the Examples tab for the POST and PUT methods of the /IdentityProviders endpoint.
- assertion_
attribute str (Updatable) Assertion attribute name.
- attribute_
sets Sequence[str] (Updatable) A multi-valued list of strings indicating the return type of attribute definition. The specified set of attributes can be fetched by the return type of the attribute. One or more values can be given together to fetch more than one group of attributes. If 'attributes' query parameter is also available, union of the two is fetched. Valid values - all, always, never, request, default. Values are case-insensitive.
- attributes str
(Updatable) A comma-delimited string that specifies the names of resource attributes that should be returned in the response. By default, a response that contains resource attributes contains only attributes that are defined in the schema for that resource type as returned=always or returned=default. An attribute that is defined as returned=request is returned in a response only if the request specifies its name in the value of this query parameter. If a request specifies this query parameter, the response contains the attributes that this query parameter specifies, as well as any attribute that is defined as returned=always.
- authn_
request_ strbinding (Updatable) HTTP binding to use for authentication requests.
- str
(Updatable) The Authorization field value consists of credentials containing the authentication information of the user agent for the realm of the resource being requested.
- compartment_
ocid str (Updatable) Oracle Cloud Infrastructure Compartment Id (ocid) in which the resource lives.
- correlation_
policy DomainsIdentity Provider Correlation Policy Args (Updatable) Correlation policy
- delete_
in_ boolprogress (Updatable) A boolean flag indicating this resource in the process of being deleted. Usually set to true when synchronous deletion of the resource would take too long.
- description str
(Updatable) Description
- domain_
ocid str (Updatable) Oracle Cloud Infrastructure Domain Id (ocid) in which the resource lives.
- enabled bool
(Updatable) Set to true to indicate Partner enabled.
- encryption_
certificate str (Updatable) Encryption certificate
- external_
id str (Updatable) An identifier for the Resource as defined by the Service Consumer. The externalId may simplify identification of the Resource between Service Consumer and Service Provider by allowing the Consumer to refer to the Resource with its own identifier, obviating the need to store a local mapping between the local identifier of the Resource and the identifier used by the Service Provider. Each Resource MAY include a non-empty externalId value. The value of the externalId attribute is always issued by the Service Consumer and can never be specified by the Service Provider. The Service Provider MUST always interpret the externalId as scoped to the Service Consumer's tenant.
- icon_
url str (Updatable) Identity Provider Icon URL.
- idcs_
created_ Domainsbies Identity Provider Idcs Created By Args] (Updatable) The User or App who created the Resource
- idcs_
endpoint str The basic endpoint for the identity domain
- idcs_
last_ Domainsmodified_ bies Identity Provider Idcs Last Modified By Args] (Updatable) The User or App who modified the Resource
- idcs_
last_ strupgraded_ in_ release (Updatable) The release number when the resource was upgraded.
- idcs_
prevented_ Sequence[str]operations (Updatable) Each value of this attribute specifies an operation that only an internal client may perform on this particular resource.
- idp_
sso_ strurl (Updatable) Identity Provider SSO URL
- include_
signing_ boolcert_ in_ signature (Updatable) Set to true to include the signing certificate in the signature.
- jit_
user_ Domainsprov_ assigned_ groups Identity Provider Jit User Prov Assigned Group Args] (Updatable) Refers to every group of which a JIT-provisioned User should be a member. Just-in-Time user-provisioning applies this static list when jitUserProvGroupStaticListEnabled:true.
- jit_
user_ boolprov_ attribute_ update_ enabled (Updatable) Set to true to indicate JIT User Creation is enabled
- jit_
user_ Domainsprov_ attributes Identity Provider Jit User Prov Attributes Args (Updatable) Assertion To User Mapping
- jit_
user_ boolprov_ create_ user_ enabled (Updatable) Set to true to indicate JIT User Creation is enabled
- jit_
user_ boolprov_ enabled (Updatable) Set to true to indicate JIT User Provisioning is enabled
- jit_
user_ boolprov_ group_ assertion_ attribute_ enabled (Updatable) Set to true to indicate JIT User Provisioning Groups should be assigned based on assertion attribute
- jit_
user_ strprov_ group_ assignment_ method (Updatable) The default value is 'Overwrite', which tells Just-In-Time user-provisioning to replace any current group-assignments for a User with those assigned by assertions and/or those assigned statically. Specify 'Merge' if you want Just-In-Time user-provisioning to combine its group-assignments with those the user already has.
- jit_
user_ strprov_ group_ mapping_ mode (Updatable) Property to indicate the mode of group mapping
- jit_
user_ Domainsprov_ group_ mappings Identity Provider Jit User Prov Group Mapping Args] (Updatable) The list of mappings between the Identity Domain Group and the IDP group.
- jit_
user_ strprov_ group_ saml_ attribute_ name (Updatable) Name of the assertion attribute containing the users groups
- jit_
user_ boolprov_ group_ static_ list_ enabled (Updatable) Set to true to indicate JIT User Provisioning Groups should be assigned from a static list
- jit_
user_ boolprov_ ignore_ error_ on_ absent_ groups (Updatable) Set to true to indicate ignoring absence of group while provisioning
- logout_
binding str (Updatable) HTTP binding to use for logout.
- logout_
enabled bool (Updatable) Set to true to enable logout.
- logout_
request_ strurl (Updatable) Logout request URL
- logout_
response_ strurl (Updatable) Logout response URL
- metadata str
(Updatable) Metadata
- metas
Domains
Identity Provider Meta Args] (Updatable) A complex attribute that contains resource metadata. All sub-attributes are OPTIONAL.
- name_
id_ strformat (Updatable) Default authentication request name ID format.
- ocid str
(Updatable) Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.
- partner_
name str (Updatable) Unique name of the trusted Identity Provider.
- partner_
provider_ strid (Updatable) Provider ID
- requested_
authentication_ Sequence[str]contexts (Updatable) SAML SP authentication type.
- require_
force_ boolauthn (Updatable) This SP requires requests SAML IdP to enforce re-authentication.
- requires_
encrypted_ boolassertion (Updatable) SAML SP must accept encrypted assertion only.
- resource_
type_ strschema_ version (Updatable) An endpoint-specific schema version number to use in the Request. Allowed version values are Earliest Version or Latest Version as specified in each REST API endpoint description, or any sequential number inbetween. All schema attributes/body parameters are a part of version 1. After version 1, any attributes added or deprecated will be tagged with the version that they were added to or deprecated in. If no version is provided, the latest schema version is returned.
- saml_
ho_ boolkrequired (Updatable) SAML SP HoK Enabled.
- schemas Sequence[str]
(Updatable) REQUIRED. The schemas attribute is an array of Strings which allows introspection of the supported schema version for a SCIM representation as well any schema extensions supported by that representation. Each String value must be a unique URI. This specification defines URIs for User, Group, and a standard "enterprise" extension. All representations of SCIM schema MUST include a non-zero value array with value(s) of the URIs supported by that representation. Duplicate values MUST NOT be included. Value order is not specified and MUST not impact behavior.
- service_
instance_ stridentifier (Updatable) The serviceInstanceIdentifier of the App that hosts this IdP. This value will match the opcServiceInstanceGUID of any service-instance that the IdP represents.
- shown_
on_ boollogin_ page (Updatable) Set to true to indicate whether to show IdP in login page or not.
- signature_
hash_ stralgorithm (Updatable) Signature hash algorithm.
- signing_
certificate str (Updatable) Signing certificate
- succinct_
id str (Updatable) Succinct ID
- Domains
Identity Provider Tag Args] (Updatable) A list of tags on this resource.
- tenancy_
ocid str (Updatable) Oracle Cloud Infrastructure Tenant Id (ocid) in which the resource lives.
- tenant_
provider_ strid (Updatable) The alternate Provider ID to be used as the Oracle Identity Cloud Service providerID (instead of the one in SamlSettings) when interacting with this IdP.
- type str
(Updatable) Identity Provider Type
- Domains
Identity Provider Urnietfparamsscimschemasoracleidcsextensionsocial Identity Provider Args (Updatable) Social Identity Provider Extension Schema
- urnietfparamsscimschemasoracleidcsextensionx509identity_
provider DomainsIdentity Provider Urnietfparamsscimschemasoracleidcsextensionx509identity Provider Args (Updatable) X509 Identity Provider Extension Schema
- user_
mapping_ strmethod (Updatable) User mapping method.
- user_
mapping_ strstore_ attribute (Updatable) This property specifies the userstore attribute value that must match the incoming assertion attribute value or the incoming nameid attribute value in order to identify the user during SSO.You can construct the userMappingStoreAttribute value by specifying attributes from the Oracle Identity Cloud Service Core Users schema. For examples of how to construct the userMappingStoreAttribute value, see the Example of a Request Body section of the Examples tab for the POST and PUT methods of the /IdentityProviders endpoint.
- assertion
Attribute String (Updatable) Assertion attribute name.
- attribute
Sets List<String> (Updatable) A multi-valued list of strings indicating the return type of attribute definition. The specified set of attributes can be fetched by the return type of the attribute. One or more values can be given together to fetch more than one group of attributes. If 'attributes' query parameter is also available, union of the two is fetched. Valid values - all, always, never, request, default. Values are case-insensitive.
- attributes String
(Updatable) A comma-delimited string that specifies the names of resource attributes that should be returned in the response. By default, a response that contains resource attributes contains only attributes that are defined in the schema for that resource type as returned=always or returned=default. An attribute that is defined as returned=request is returned in a response only if the request specifies its name in the value of this query parameter. If a request specifies this query parameter, the response contains the attributes that this query parameter specifies, as well as any attribute that is defined as returned=always.
- authn
Request StringBinding (Updatable) HTTP binding to use for authentication requests.
- String
(Updatable) The Authorization field value consists of credentials containing the authentication information of the user agent for the realm of the resource being requested.
- compartment
Ocid String (Updatable) Oracle Cloud Infrastructure Compartment Id (ocid) in which the resource lives.
- correlation
Policy Property Map (Updatable) Correlation policy
- delete
In BooleanProgress (Updatable) A boolean flag indicating this resource in the process of being deleted. Usually set to true when synchronous deletion of the resource would take too long.
- description String
(Updatable) Description
- domain
Ocid String (Updatable) Oracle Cloud Infrastructure Domain Id (ocid) in which the resource lives.
- enabled Boolean
(Updatable) Set to true to indicate Partner enabled.
- encryption
Certificate String (Updatable) Encryption certificate
- external
Id String (Updatable) An identifier for the Resource as defined by the Service Consumer. The externalId may simplify identification of the Resource between Service Consumer and Service Provider by allowing the Consumer to refer to the Resource with its own identifier, obviating the need to store a local mapping between the local identifier of the Resource and the identifier used by the Service Provider. Each Resource MAY include a non-empty externalId value. The value of the externalId attribute is always issued by the Service Consumer and can never be specified by the Service Provider. The Service Provider MUST always interpret the externalId as scoped to the Service Consumer's tenant.
- icon
Url String (Updatable) Identity Provider Icon URL.
- idcs
Created List<Property Map>Bies (Updatable) The User or App who created the Resource
- idcs
Endpoint String The basic endpoint for the identity domain
- idcs
Last List<Property Map>Modified Bies (Updatable) The User or App who modified the Resource
- idcs
Last StringUpgraded In Release (Updatable) The release number when the resource was upgraded.
- idcs
Prevented List<String>Operations (Updatable) Each value of this attribute specifies an operation that only an internal client may perform on this particular resource.
- idp
Sso StringUrl (Updatable) Identity Provider SSO URL
- include
Signing BooleanCert In Signature (Updatable) Set to true to include the signing certificate in the signature.
- jit
User List<Property Map>Prov Assigned Groups (Updatable) Refers to every group of which a JIT-provisioned User should be a member. Just-in-Time user-provisioning applies this static list when jitUserProvGroupStaticListEnabled:true.
- jit
User BooleanProv Attribute Update Enabled (Updatable) Set to true to indicate JIT User Creation is enabled
- jit
User Property MapProv Attributes (Updatable) Assertion To User Mapping
- jit
User BooleanProv Create User Enabled (Updatable) Set to true to indicate JIT User Creation is enabled
- jit
User BooleanProv Enabled (Updatable) Set to true to indicate JIT User Provisioning is enabled
- jit
User BooleanProv Group Assertion Attribute Enabled (Updatable) Set to true to indicate JIT User Provisioning Groups should be assigned based on assertion attribute
- jit
User StringProv Group Assignment Method (Updatable) The default value is 'Overwrite', which tells Just-In-Time user-provisioning to replace any current group-assignments for a User with those assigned by assertions and/or those assigned statically. Specify 'Merge' if you want Just-In-Time user-provisioning to combine its group-assignments with those the user already has.
- jit
User StringProv Group Mapping Mode (Updatable) Property to indicate the mode of group mapping
- jit
User List<Property Map>Prov Group Mappings (Updatable) The list of mappings between the Identity Domain Group and the IDP group.
- jit
User StringProv Group Saml Attribute Name (Updatable) Name of the assertion attribute containing the users groups
- jit
User BooleanProv Group Static List Enabled (Updatable) Set to true to indicate JIT User Provisioning Groups should be assigned from a static list
- jit
User BooleanProv Ignore Error On Absent Groups (Updatable) Set to true to indicate ignoring absence of group while provisioning
- logout
Binding String (Updatable) HTTP binding to use for logout.
- logout
Enabled Boolean (Updatable) Set to true to enable logout.
- logout
Request StringUrl (Updatable) Logout request URL
- logout
Response StringUrl (Updatable) Logout response URL
- metadata String
(Updatable) Metadata
- metas List<Property Map>
(Updatable) A complex attribute that contains resource metadata. All sub-attributes are OPTIONAL.
- name
Id StringFormat (Updatable) Default authentication request name ID format.
- ocid String
(Updatable) Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.
- partner
Name String (Updatable) Unique name of the trusted Identity Provider.
- partner
Provider StringId (Updatable) Provider ID
- requested
Authentication List<String>Contexts (Updatable) SAML SP authentication type.
- require
Force BooleanAuthn (Updatable) This SP requires requests SAML IdP to enforce re-authentication.
- requires
Encrypted BooleanAssertion (Updatable) SAML SP must accept encrypted assertion only.
- resource
Type StringSchema Version (Updatable) An endpoint-specific schema version number to use in the Request. Allowed version values are Earliest Version or Latest Version as specified in each REST API endpoint description, or any sequential number inbetween. All schema attributes/body parameters are a part of version 1. After version 1, any attributes added or deprecated will be tagged with the version that they were added to or deprecated in. If no version is provided, the latest schema version is returned.
- saml
Ho BooleanKrequired (Updatable) SAML SP HoK Enabled.
- schemas List<String>
(Updatable) REQUIRED. The schemas attribute is an array of Strings which allows introspection of the supported schema version for a SCIM representation as well any schema extensions supported by that representation. Each String value must be a unique URI. This specification defines URIs for User, Group, and a standard "enterprise" extension. All representations of SCIM schema MUST include a non-zero value array with value(s) of the URIs supported by that representation. Duplicate values MUST NOT be included. Value order is not specified and MUST not impact behavior.
- service
Instance StringIdentifier (Updatable) The serviceInstanceIdentifier of the App that hosts this IdP. This value will match the opcServiceInstanceGUID of any service-instance that the IdP represents.
- shown
On BooleanLogin Page (Updatable) Set to true to indicate whether to show IdP in login page or not.
- signature
Hash StringAlgorithm (Updatable) Signature hash algorithm.
- signing
Certificate String (Updatable) Signing certificate
- succinct
Id String (Updatable) Succinct ID
- List<Property Map>
(Updatable) A list of tags on this resource.
- tenancy
Ocid String (Updatable) Oracle Cloud Infrastructure Tenant Id (ocid) in which the resource lives.
- tenant
Provider StringId (Updatable) The alternate Provider ID to be used as the Oracle Identity Cloud Service providerID (instead of the one in SamlSettings) when interacting with this IdP.
- type String
(Updatable) Identity Provider Type
- Property Map
(Updatable) Social Identity Provider Extension Schema
- urnietfparamsscimschemasoracleidcsextensionx509identity
Provider Property Map (Updatable) X509 Identity Provider Extension Schema
- user
Mapping StringMethod (Updatable) User mapping method.
- user
Mapping StringStore Attribute (Updatable) This property specifies the userstore attribute value that must match the incoming assertion attribute value or the incoming nameid attribute value in order to identify the user during SSO.You can construct the userMappingStoreAttribute value by specifying attributes from the Oracle Identity Cloud Service Core Users schema. For examples of how to construct the userMappingStoreAttribute value, see the Example of a Request Body section of the Examples tab for the POST and PUT methods of the /IdentityProviders endpoint.
Supporting Types
DomainsIdentityProviderCorrelationPolicy
DomainsIdentityProviderIdcsCreatedBy
- Value string
(Updatable) Value of the tag.
- Display string
(Updatable) A human readable name, primarily used for display purposes. READ-ONLY.
- Ocid string
(Updatable) Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.
- Ref string
(Updatable) Group URI
- Type string
(Updatable) Identity Provider Type
- Value string
(Updatable) Value of the tag.
- Display string
(Updatable) A human readable name, primarily used for display purposes. READ-ONLY.
- Ocid string
(Updatable) Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.
- Ref string
(Updatable) Group URI
- Type string
(Updatable) Identity Provider Type
- value String
(Updatable) Value of the tag.
- display String
(Updatable) A human readable name, primarily used for display purposes. READ-ONLY.
- ocid String
(Updatable) Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.
- ref String
(Updatable) Group URI
- type String
(Updatable) Identity Provider Type
- value string
(Updatable) Value of the tag.
- display string
(Updatable) A human readable name, primarily used for display purposes. READ-ONLY.
- ocid string
(Updatable) Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.
- ref string
(Updatable) Group URI
- type string
(Updatable) Identity Provider Type
- value String
(Updatable) Value of the tag.
- display String
(Updatable) A human readable name, primarily used for display purposes. READ-ONLY.
- ocid String
(Updatable) Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.
- ref String
(Updatable) Group URI
- type String
(Updatable) Identity Provider Type
DomainsIdentityProviderIdcsLastModifiedBy
- Value string
(Updatable) Value of the tag.
- Display string
(Updatable) A human readable name, primarily used for display purposes. READ-ONLY.
- Ocid string
(Updatable) Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.
- Ref string
(Updatable) Group URI
- Type string
(Updatable) Identity Provider Type
- Value string
(Updatable) Value of the tag.
- Display string
(Updatable) A human readable name, primarily used for display purposes. READ-ONLY.
- Ocid string
(Updatable) Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.
- Ref string
(Updatable) Group URI
- Type string
(Updatable) Identity Provider Type
- value String
(Updatable) Value of the tag.
- display String
(Updatable) A human readable name, primarily used for display purposes. READ-ONLY.
- ocid String
(Updatable) Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.
- ref String
(Updatable) Group URI
- type String
(Updatable) Identity Provider Type
- value string
(Updatable) Value of the tag.
- display string
(Updatable) A human readable name, primarily used for display purposes. READ-ONLY.
- ocid string
(Updatable) Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.
- ref string
(Updatable) Group URI
- type string
(Updatable) Identity Provider Type
- value String
(Updatable) Value of the tag.
- display String
(Updatable) A human readable name, primarily used for display purposes. READ-ONLY.
- ocid String
(Updatable) Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.
- ref String
(Updatable) Group URI
- type String
(Updatable) Identity Provider Type
DomainsIdentityProviderJitUserProvAssignedGroup
DomainsIdentityProviderJitUserProvAttributes
DomainsIdentityProviderJitUserProvGroupMapping
DomainsIdentityProviderMeta
- Created string
(Updatable) The DateTime the Resource was added to the Service Provider
- Last
Modified string (Updatable) The most recent DateTime that the details of this Resource were updated at the Service Provider. If this Resource has never been modified since its initial creation, the value MUST be the same as the value of created. The attribute MUST be a DateTime.
- Location string
(Updatable) The URI of the Resource being returned. This value MUST be the same as the Location HTTP response header.
- Resource
Type string (Updatable) Name of the resource type of the resource--for example, Users or Groups
- Version string
(Updatable) The version of the Resource being returned. This value must be the same as the ETag HTTP response header.
- Created string
(Updatable) The DateTime the Resource was added to the Service Provider
- Last
Modified string (Updatable) The most recent DateTime that the details of this Resource were updated at the Service Provider. If this Resource has never been modified since its initial creation, the value MUST be the same as the value of created. The attribute MUST be a DateTime.
- Location string
(Updatable) The URI of the Resource being returned. This value MUST be the same as the Location HTTP response header.
- Resource
Type string (Updatable) Name of the resource type of the resource--for example, Users or Groups
- Version string
(Updatable) The version of the Resource being returned. This value must be the same as the ETag HTTP response header.
- created String
(Updatable) The DateTime the Resource was added to the Service Provider
- last
Modified String (Updatable) The most recent DateTime that the details of this Resource were updated at the Service Provider. If this Resource has never been modified since its initial creation, the value MUST be the same as the value of created. The attribute MUST be a DateTime.
- location String
(Updatable) The URI of the Resource being returned. This value MUST be the same as the Location HTTP response header.
- resource
Type String (Updatable) Name of the resource type of the resource--for example, Users or Groups
- version String
(Updatable) The version of the Resource being returned. This value must be the same as the ETag HTTP response header.
- created string
(Updatable) The DateTime the Resource was added to the Service Provider
- last
Modified string (Updatable) The most recent DateTime that the details of this Resource were updated at the Service Provider. If this Resource has never been modified since its initial creation, the value MUST be the same as the value of created. The attribute MUST be a DateTime.
- location string
(Updatable) The URI of the Resource being returned. This value MUST be the same as the Location HTTP response header.
- resource
Type string (Updatable) Name of the resource type of the resource--for example, Users or Groups
- version string
(Updatable) The version of the Resource being returned. This value must be the same as the ETag HTTP response header.
- created str
(Updatable) The DateTime the Resource was added to the Service Provider
- last_
modified str (Updatable) The most recent DateTime that the details of this Resource were updated at the Service Provider. If this Resource has never been modified since its initial creation, the value MUST be the same as the value of created. The attribute MUST be a DateTime.
- location str
(Updatable) The URI of the Resource being returned. This value MUST be the same as the Location HTTP response header.
- resource_
type str (Updatable) Name of the resource type of the resource--for example, Users or Groups
- version str
(Updatable) The version of the Resource being returned. This value must be the same as the ETag HTTP response header.
- created String
(Updatable) The DateTime the Resource was added to the Service Provider
- last
Modified String (Updatable) The most recent DateTime that the details of this Resource were updated at the Service Provider. If this Resource has never been modified since its initial creation, the value MUST be the same as the value of created. The attribute MUST be a DateTime.
- location String
(Updatable) The URI of the Resource being returned. This value MUST be the same as the Location HTTP response header.
- resource
Type String (Updatable) Name of the resource type of the resource--for example, Users or Groups
- version String
(Updatable) The version of the Resource being returned. This value must be the same as the ETag HTTP response header.
DomainsIdentityProviderTag
DomainsIdentityProviderUrnietfparamsscimschemasoracleidcsextensionsocialIdentityProvider
- Account
Linking boolEnabled (Updatable) Whether account linking is enabled
- Consumer
Key string (Updatable) Social IDP Client Application Client ID
- Consumer
Secret string (Updatable) Social IDP Client Application Client Secret
- Registration
Enabled bool (Updatable) Whether registration is enabled
- Service
Provider stringName (Updatable) Service Provider Name
- Access
Token stringUrl (Updatable) Social IDP Access token URL
- Admin
Scopes List<string> (Updatable) Admin scope to request
- Authz
Url string (Updatable) Social IDP Authorization URL
- Client
Credential boolIn Payload (Updatable) Whether the client credential is contained in payload
- Clock
Skew intIn Seconds (Updatable) Social IDP allowed clock skew time
- Discovery
Url string (Updatable) Discovery URL
- Id
Attribute string (Updatable) Id attribute used for account linking
- Profile
Url string (Updatable) Social IDP User profile URL
- Redirect
Url string (Updatable) redirect URL for social idp
- Scopes List<string>
(Updatable) Scope to request
- Status string
(Updatable) Status
- Account
Linking boolEnabled (Updatable) Whether account linking is enabled
- Consumer
Key string (Updatable) Social IDP Client Application Client ID
- Consumer
Secret string (Updatable) Social IDP Client Application Client Secret
- Registration
Enabled bool (Updatable) Whether registration is enabled
- Service
Provider stringName (Updatable) Service Provider Name
- Access
Token stringUrl (Updatable) Social IDP Access token URL
- Admin
Scopes []string (Updatable) Admin scope to request
- Authz
Url string (Updatable) Social IDP Authorization URL
- Client
Credential boolIn Payload (Updatable) Whether the client credential is contained in payload
- Clock
Skew intIn Seconds (Updatable) Social IDP allowed clock skew time
- Discovery
Url string (Updatable) Discovery URL
- Id
Attribute string (Updatable) Id attribute used for account linking
- Profile
Url string (Updatable) Social IDP User profile URL
- Redirect
Url string (Updatable) redirect URL for social idp
- Scopes []string
(Updatable) Scope to request
- Status string
(Updatable) Status
- account
Linking BooleanEnabled (Updatable) Whether account linking is enabled
- consumer
Key String (Updatable) Social IDP Client Application Client ID
- consumer
Secret String (Updatable) Social IDP Client Application Client Secret
- registration
Enabled Boolean (Updatable) Whether registration is enabled
- service
Provider StringName (Updatable) Service Provider Name
- access
Token StringUrl (Updatable) Social IDP Access token URL
- admin
Scopes List<String> (Updatable) Admin scope to request
- authz
Url String (Updatable) Social IDP Authorization URL
- client
Credential BooleanIn Payload (Updatable) Whether the client credential is contained in payload
- clock
Skew IntegerIn Seconds (Updatable) Social IDP allowed clock skew time
- discovery
Url String (Updatable) Discovery URL
- id
Attribute String (Updatable) Id attribute used for account linking
- profile
Url String (Updatable) Social IDP User profile URL
- redirect
Url String (Updatable) redirect URL for social idp
- scopes List<String>
(Updatable) Scope to request
- status String
(Updatable) Status
- account
Linking booleanEnabled (Updatable) Whether account linking is enabled
- consumer
Key string (Updatable) Social IDP Client Application Client ID
- consumer
Secret string (Updatable) Social IDP Client Application Client Secret
- registration
Enabled boolean (Updatable) Whether registration is enabled
- service
Provider stringName (Updatable) Service Provider Name
- access
Token stringUrl (Updatable) Social IDP Access token URL
- admin
Scopes string[] (Updatable) Admin scope to request
- authz
Url string (Updatable) Social IDP Authorization URL
- client
Credential booleanIn Payload (Updatable) Whether the client credential is contained in payload
- clock
Skew numberIn Seconds (Updatable) Social IDP allowed clock skew time
- discovery
Url string (Updatable) Discovery URL
- id
Attribute string (Updatable) Id attribute used for account linking
- profile
Url string (Updatable) Social IDP User profile URL
- redirect
Url string (Updatable) redirect URL for social idp
- scopes string[]
(Updatable) Scope to request
- status string
(Updatable) Status
- account_
linking_ boolenabled (Updatable) Whether account linking is enabled
- consumer_
key str (Updatable) Social IDP Client Application Client ID
- consumer_
secret str (Updatable) Social IDP Client Application Client Secret
- registration_
enabled bool (Updatable) Whether registration is enabled
- service_
provider_ strname (Updatable) Service Provider Name
- access_
token_ strurl (Updatable) Social IDP Access token URL
- admin_
scopes Sequence[str] (Updatable) Admin scope to request
- authz_
url str (Updatable) Social IDP Authorization URL
- client_
credential_ boolin_ payload (Updatable) Whether the client credential is contained in payload
- clock_
skew_ intin_ seconds (Updatable) Social IDP allowed clock skew time
- discovery_
url str (Updatable) Discovery URL
- id_
attribute str (Updatable) Id attribute used for account linking
- profile_
url str (Updatable) Social IDP User profile URL
- redirect_
url str (Updatable) redirect URL for social idp
- scopes Sequence[str]
(Updatable) Scope to request
- status str
(Updatable) Status
- account
Linking BooleanEnabled (Updatable) Whether account linking is enabled
- consumer
Key String (Updatable) Social IDP Client Application Client ID
- consumer
Secret String (Updatable) Social IDP Client Application Client Secret
- registration
Enabled Boolean (Updatable) Whether registration is enabled
- service
Provider StringName (Updatable) Service Provider Name
- access
Token StringUrl (Updatable) Social IDP Access token URL
- admin
Scopes List<String> (Updatable) Admin scope to request
- authz
Url String (Updatable) Social IDP Authorization URL
- client
Credential BooleanIn Payload (Updatable) Whether the client credential is contained in payload
- clock
Skew NumberIn Seconds (Updatable) Social IDP allowed clock skew time
- discovery
Url String (Updatable) Discovery URL
- id
Attribute String (Updatable) Id attribute used for account linking
- profile
Url String (Updatable) Social IDP User profile URL
- redirect
Url String (Updatable) redirect URL for social idp
- scopes List<String>
(Updatable) Scope to request
- status String
(Updatable) Status
DomainsIdentityProviderUrnietfparamsscimschemasoracleidcsextensionx509identityProvider
- Cert
Match stringAttribute (Updatable) X509 Certificate Matching Attribute
- Signing
Certificate List<string>Chains (Updatable) Certificate alias list to create a chain for the incoming client certificate
- User
Match stringAttribute (Updatable) This property specifies the userstore attribute value that must match the incoming certificate attribute.
- Crl
Check boolOn Ocsp Failure Enabled (Updatable) Fallback on CRL Validation if OCSP fails.
- Crl
Enabled bool (Updatable) Set to true to enable CRL Validation
- Crl
Location string (Updatable) CRL Location URL
- Crl
Reload intDuration (Updatable) Fetch the CRL contents every X minutes
- Ocsp
Allow boolUnknown Response Status (Updatable) Allow access if OCSP response is UNKNOWN or OCSP Responder does not respond within the timeout duration
- Ocsp
Enable boolSigned Response (Updatable) Describes if the OCSP response is signed
- Ocsp
Enabled bool (Updatable) Set to true to enable OCSP Validation
- Ocsp
Responder stringUrl (Updatable) This property specifies OCSP Responder URL.
- Ocsp
Revalidate intTime (Updatable) Revalidate OCSP status for user after X hours
- Ocsp
Server stringName (Updatable) This property specifies the OCSP Server alias name
- Ocsp
Trust List<string>Cert Chains (Updatable) OCSP Trusted Certificate Chain
- Other
Cert stringMatch Attribute (Updatable) Check for specific conditions of other certificate attributes
- Cert
Match stringAttribute (Updatable) X509 Certificate Matching Attribute
- Signing
Certificate []stringChains (Updatable) Certificate alias list to create a chain for the incoming client certificate
- User
Match stringAttribute (Updatable) This property specifies the userstore attribute value that must match the incoming certificate attribute.
- Crl
Check boolOn Ocsp Failure Enabled (Updatable) Fallback on CRL Validation if OCSP fails.
- Crl
Enabled bool (Updatable) Set to true to enable CRL Validation
- Crl
Location string (Updatable) CRL Location URL
- Crl
Reload intDuration (Updatable) Fetch the CRL contents every X minutes
- Ocsp
Allow boolUnknown Response Status (Updatable) Allow access if OCSP response is UNKNOWN or OCSP Responder does not respond within the timeout duration
- Ocsp
Enable boolSigned Response (Updatable) Describes if the OCSP response is signed
- Ocsp
Enabled bool (Updatable) Set to true to enable OCSP Validation
- Ocsp
Responder stringUrl (Updatable) This property specifies OCSP Responder URL.
- Ocsp
Revalidate intTime (Updatable) Revalidate OCSP status for user after X hours
- Ocsp
Server stringName (Updatable) This property specifies the OCSP Server alias name
- Ocsp
Trust []stringCert Chains (Updatable) OCSP Trusted Certificate Chain
- Other
Cert stringMatch Attribute (Updatable) Check for specific conditions of other certificate attributes
- cert
Match StringAttribute (Updatable) X509 Certificate Matching Attribute
- signing
Certificate List<String>Chains (Updatable) Certificate alias list to create a chain for the incoming client certificate
- user
Match StringAttribute (Updatable) This property specifies the userstore attribute value that must match the incoming certificate attribute.
- crl
Check BooleanOn Ocsp Failure Enabled (Updatable) Fallback on CRL Validation if OCSP fails.
- crl
Enabled Boolean (Updatable) Set to true to enable CRL Validation
- crl
Location String (Updatable) CRL Location URL
- crl
Reload IntegerDuration (Updatable) Fetch the CRL contents every X minutes
- ocsp
Allow BooleanUnknown Response Status (Updatable) Allow access if OCSP response is UNKNOWN or OCSP Responder does not respond within the timeout duration
- ocsp
Enable BooleanSigned Response (Updatable) Describes if the OCSP response is signed
- ocsp
Enabled Boolean (Updatable) Set to true to enable OCSP Validation
- ocsp
Responder StringUrl (Updatable) This property specifies OCSP Responder URL.
- ocsp
Revalidate IntegerTime (Updatable) Revalidate OCSP status for user after X hours
- ocsp
Server StringName (Updatable) This property specifies the OCSP Server alias name
- ocsp
Trust List<String>Cert Chains (Updatable) OCSP Trusted Certificate Chain
- other
Cert StringMatch Attribute (Updatable) Check for specific conditions of other certificate attributes
- cert
Match stringAttribute (Updatable) X509 Certificate Matching Attribute
- signing
Certificate string[]Chains (Updatable) Certificate alias list to create a chain for the incoming client certificate
- user
Match stringAttribute (Updatable) This property specifies the userstore attribute value that must match the incoming certificate attribute.
- crl
Check booleanOn Ocsp Failure Enabled (Updatable) Fallback on CRL Validation if OCSP fails.
- crl
Enabled boolean (Updatable) Set to true to enable CRL Validation
- crl
Location string (Updatable) CRL Location URL
- crl
Reload numberDuration (Updatable) Fetch the CRL contents every X minutes
- ocsp
Allow booleanUnknown Response Status (Updatable) Allow access if OCSP response is UNKNOWN or OCSP Responder does not respond within the timeout duration
- ocsp
Enable booleanSigned Response (Updatable) Describes if the OCSP response is signed
- ocsp
Enabled boolean (Updatable) Set to true to enable OCSP Validation
- ocsp
Responder stringUrl (Updatable) This property specifies OCSP Responder URL.
- ocsp
Revalidate numberTime (Updatable) Revalidate OCSP status for user after X hours
- ocsp
Server stringName (Updatable) This property specifies the OCSP Server alias name
- ocsp
Trust string[]Cert Chains (Updatable) OCSP Trusted Certificate Chain
- other
Cert stringMatch Attribute (Updatable) Check for specific conditions of other certificate attributes
- cert_
match_ strattribute (Updatable) X509 Certificate Matching Attribute
- signing_
certificate_ Sequence[str]chains (Updatable) Certificate alias list to create a chain for the incoming client certificate
- user_
match_ strattribute (Updatable) This property specifies the userstore attribute value that must match the incoming certificate attribute.
- crl_
check_ boolon_ ocsp_ failure_ enabled (Updatable) Fallback on CRL Validation if OCSP fails.
- crl_
enabled bool (Updatable) Set to true to enable CRL Validation
- crl_
location str (Updatable) CRL Location URL
- crl_
reload_ intduration (Updatable) Fetch the CRL contents every X minutes
- ocsp_
allow_ boolunknown_ response_ status (Updatable) Allow access if OCSP response is UNKNOWN or OCSP Responder does not respond within the timeout duration
- ocsp_
enable_ boolsigned_ response (Updatable) Describes if the OCSP response is signed
- ocsp_
enabled bool (Updatable) Set to true to enable OCSP Validation
- ocsp_
responder_ strurl (Updatable) This property specifies OCSP Responder URL.
- ocsp_
revalidate_ inttime (Updatable) Revalidate OCSP status for user after X hours
- ocsp_
server_ strname (Updatable) This property specifies the OCSP Server alias name
- ocsp_
trust_ Sequence[str]cert_ chains (Updatable) OCSP Trusted Certificate Chain
- other_
cert_ strmatch_ attribute (Updatable) Check for specific conditions of other certificate attributes
- cert
Match StringAttribute (Updatable) X509 Certificate Matching Attribute
- signing
Certificate List<String>Chains (Updatable) Certificate alias list to create a chain for the incoming client certificate
- user
Match StringAttribute (Updatable) This property specifies the userstore attribute value that must match the incoming certificate attribute.
- crl
Check BooleanOn Ocsp Failure Enabled (Updatable) Fallback on CRL Validation if OCSP fails.
- crl
Enabled Boolean (Updatable) Set to true to enable CRL Validation
- crl
Location String (Updatable) CRL Location URL
- crl
Reload NumberDuration (Updatable) Fetch the CRL contents every X minutes
- ocsp
Allow BooleanUnknown Response Status (Updatable) Allow access if OCSP response is UNKNOWN or OCSP Responder does not respond within the timeout duration
- ocsp
Enable BooleanSigned Response (Updatable) Describes if the OCSP response is signed
- ocsp
Enabled Boolean (Updatable) Set to true to enable OCSP Validation
- ocsp
Responder StringUrl (Updatable) This property specifies OCSP Responder URL.
- ocsp
Revalidate NumberTime (Updatable) Revalidate OCSP status for user after X hours
- ocsp
Server StringName (Updatable) This property specifies the OCSP Server alias name
- ocsp
Trust List<String>Cert Chains (Updatable) OCSP Trusted Certificate Chain
- other
Cert StringMatch Attribute (Updatable) Check for specific conditions of other certificate attributes
Import
IdentityProviders can be imported using the id
, e.g.
$ pulumi import oci:Identity/domainsIdentityProvider:DomainsIdentityProvider test_identity_provider "idcsEndpoint/{idcsEndpoint}/identityProviders/{identityProviderId}"
Package Details
- Repository
- oci pulumi/pulumi-oci
- License
- Apache-2.0
- Notes
This Pulumi package is based on the
oci
Terraform Provider.