oci logo
Oracle Cloud Infrastructure v0.13.0, Mar 28 23

oci.Identity.DomainsIdentityProvider

This resource provides the Identity Provider resource in Oracle Cloud Infrastructure Identity Domains service.

Create an Identity Provider

Example Usage

Coming soon!

Coming soon!

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.oci.Identity.DomainsIdentityProvider;
import com.pulumi.oci.Identity.DomainsIdentityProviderArgs;
import com.pulumi.oci.Identity.inputs.DomainsIdentityProviderCorrelationPolicyArgs;
import com.pulumi.oci.Identity.inputs.DomainsIdentityProviderJitUserProvAssignedGroupArgs;
import com.pulumi.oci.Identity.inputs.DomainsIdentityProviderJitUserProvAttributesArgs;
import com.pulumi.oci.Identity.inputs.DomainsIdentityProviderJitUserProvGroupMappingArgs;
import com.pulumi.oci.Identity.inputs.DomainsIdentityProviderTagArgs;
import com.pulumi.oci.Identity.inputs.DomainsIdentityProviderUrnietfparamsscimschemasoracleidcsextensionsocialIdentityProviderArgs;
import com.pulumi.oci.Identity.inputs.DomainsIdentityProviderUrnietfparamsscimschemasoracleidcsextensionx509identityProviderArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var testIdentityProvider = new DomainsIdentityProvider("testIdentityProvider", DomainsIdentityProviderArgs.builder()        
            .enabled(false)
            .idcsEndpoint(data.oci_identity_domain().test_domain().url())
            .partnerName(var_.identity_provider_partner_name())
            .schemas("urn:ietf:params:scim:schemas:oracle:idcs:IdentityProvider")
            .assertionAttribute(var_.identity_provider_assertion_attribute())
            .attributeSets()
            .attributes("")
            .authnRequestBinding(var_.identity_provider_authn_request_binding())
            .authorization(var_.identity_provider_authorization())
            .correlationPolicy(DomainsIdentityProviderCorrelationPolicyArgs.builder()
                .type(var_.identity_provider_correlation_policy_type())
                .value(var_.identity_provider_correlation_policy_value())
                .display(var_.identity_provider_correlation_policy_display())
                .build())
            .description(var_.identity_provider_description())
            .encryptionCertificate(var_.identity_provider_encryption_certificate())
            .externalId("externalId")
            .iconUrl(var_.identity_provider_icon_url())
            .id(var_.identity_provider_id())
            .idpSsoUrl(var_.identity_provider_idp_sso_url())
            .includeSigningCertInSignature(var_.identity_provider_include_signing_cert_in_signature())
            .jitUserProvAssignedGroups(DomainsIdentityProviderJitUserProvAssignedGroupArgs.builder()
                .value(var_.identity_provider_jit_user_prov_assigned_groups_value())
                .build())
            .jitUserProvAttributeUpdateEnabled(var_.identity_provider_jit_user_prov_attribute_update_enabled())
            .jitUserProvAttributes(DomainsIdentityProviderJitUserProvAttributesArgs.builder()
                .value(var_.identity_provider_jit_user_prov_attributes_value())
                .build())
            .jitUserProvCreateUserEnabled(var_.identity_provider_jit_user_prov_create_user_enabled())
            .jitUserProvEnabled(var_.identity_provider_jit_user_prov_enabled())
            .jitUserProvGroupAssertionAttributeEnabled(var_.identity_provider_jit_user_prov_group_assertion_attribute_enabled())
            .jitUserProvGroupAssignmentMethod(var_.identity_provider_jit_user_prov_group_assignment_method())
            .jitUserProvGroupMappingMode(var_.identity_provider_jit_user_prov_group_mapping_mode())
            .jitUserProvGroupMappings(DomainsIdentityProviderJitUserProvGroupMappingArgs.builder()
                .idpGroup(var_.identity_provider_jit_user_prov_group_mappings_idp_group())
                .value(var_.identity_provider_jit_user_prov_group_mappings_value())
                .build())
            .jitUserProvGroupSamlAttributeName(var_.identity_provider_jit_user_prov_group_saml_attribute_name())
            .jitUserProvGroupStaticListEnabled(var_.identity_provider_jit_user_prov_group_static_list_enabled())
            .jitUserProvIgnoreErrorOnAbsentGroups(var_.identity_provider_jit_user_prov_ignore_error_on_absent_groups())
            .logoutBinding(var_.identity_provider_logout_binding())
            .logoutEnabled(var_.identity_provider_logout_enabled())
            .logoutRequestUrl(var_.identity_provider_logout_request_url())
            .logoutResponseUrl(var_.identity_provider_logout_response_url())
            .metadata(var_.identity_provider_metadata())
            .nameIdFormat(var_.identity_provider_name_id_format())
            .ocid(var_.identity_provider_ocid())
            .partnerProviderId(var_.identity_provider_partner_provider_id())
            .requestedAuthenticationContexts(var_.identity_provider_requested_authentication_context())
            .requireForceAuthn(var_.identity_provider_require_force_authn())
            .requiresEncryptedAssertion(var_.identity_provider_requires_encrypted_assertion())
            .resourceTypeSchemaVersion(var_.identity_provider_resource_type_schema_version())
            .samlHoKrequired(var_.identity_provider_saml_ho_krequired())
            .serviceInstanceIdentifier(var_.identity_provider_service_instance_identifier())
            .shownOnLoginPage(var_.identity_provider_shown_on_login_page())
            .signatureHashAlgorithm(var_.identity_provider_signature_hash_algorithm())
            .signingCertificate(var_.identity_provider_signing_certificate())
            .succinctId("succinctId")
            .tags(DomainsIdentityProviderTagArgs.builder()
                .key(var_.identity_provider_tags_key())
                .value(var_.identity_provider_tags_value())
                .build())
            .type(var_.identity_provider_type())
            .urnietfparamsscimschemasoracleidcsextensionsocialIdentityProvider(DomainsIdentityProviderUrnietfparamsscimschemasoracleidcsextensionsocialIdentityProviderArgs.builder()
                .accountLinkingEnabled(var_.identity_provider_urnietfparamsscimschemasoracleidcsextensionsocial_identity_provider_account_linking_enabled())
                .consumerKey(var_.identity_provider_urnietfparamsscimschemasoracleidcsextensionsocial_identity_provider_consumer_key())
                .consumerSecret(var_.identity_provider_urnietfparamsscimschemasoracleidcsextensionsocial_identity_provider_consumer_secret())
                .registrationEnabled(var_.identity_provider_urnietfparamsscimschemasoracleidcsextensionsocial_identity_provider_registration_enabled())
                .serviceProviderName(var_.identity_provider_urnietfparamsscimschemasoracleidcsextensionsocial_identity_provider_service_provider_name())
                .accessTokenUrl(var_.identity_provider_urnietfparamsscimschemasoracleidcsextensionsocial_identity_provider_access_token_url())
                .adminScopes(var_.identity_provider_urnietfparamsscimschemasoracleidcsextensionsocial_identity_provider_admin_scope())
                .authzUrl(var_.identity_provider_urnietfparamsscimschemasoracleidcsextensionsocial_identity_provider_authz_url())
                .clientCredentialInPayload(var_.identity_provider_urnietfparamsscimschemasoracleidcsextensionsocial_identity_provider_client_credential_in_payload())
                .clockSkewInSeconds(var_.identity_provider_urnietfparamsscimschemasoracleidcsextensionsocial_identity_provider_clock_skew_in_seconds())
                .discoveryUrl(var_.identity_provider_urnietfparamsscimschemasoracleidcsextensionsocial_identity_provider_discovery_url())
                .idAttribute(var_.identity_provider_urnietfparamsscimschemasoracleidcsextensionsocial_identity_provider_id_attribute())
                .profileUrl(var_.identity_provider_urnietfparamsscimschemasoracleidcsextensionsocial_identity_provider_profile_url())
                .redirectUrl(var_.identity_provider_urnietfparamsscimschemasoracleidcsextensionsocial_identity_provider_redirect_url())
                .scopes(var_.identity_provider_urnietfparamsscimschemasoracleidcsextensionsocial_identity_provider_scope())
                .status(var_.identity_provider_urnietfparamsscimschemasoracleidcsextensionsocial_identity_provider_status())
                .build())
            .urnietfparamsscimschemasoracleidcsextensionx509identityProvider(DomainsIdentityProviderUrnietfparamsscimschemasoracleidcsextensionx509identityProviderArgs.builder()
                .certMatchAttribute(var_.identity_provider_urnietfparamsscimschemasoracleidcsextensionx509identity_provider_cert_match_attribute())
                .signingCertificateChains("signingCertificateChain")
                .userMatchAttribute(var_.identity_provider_urnietfparamsscimschemasoracleidcsextensionx509identity_provider_user_match_attribute())
                .crlCheckOnOcspFailureEnabled(var_.identity_provider_urnietfparamsscimschemasoracleidcsextensionx509identity_provider_crl_check_on_ocsp_failure_enabled())
                .crlEnabled(var_.identity_provider_urnietfparamsscimschemasoracleidcsextensionx509identity_provider_crl_enabled())
                .crlLocation(var_.identity_provider_urnietfparamsscimschemasoracleidcsextensionx509identity_provider_crl_location())
                .crlReloadDuration(var_.identity_provider_urnietfparamsscimschemasoracleidcsextensionx509identity_provider_crl_reload_duration())
                .ocspAllowUnknownResponseStatus(var_.identity_provider_urnietfparamsscimschemasoracleidcsextensionx509identity_provider_ocsp_allow_unknown_response_status())
                .ocspEnableSignedResponse(var_.identity_provider_urnietfparamsscimschemasoracleidcsextensionx509identity_provider_ocsp_enable_signed_response())
                .ocspEnabled(var_.identity_provider_urnietfparamsscimschemasoracleidcsextensionx509identity_provider_ocsp_enabled())
                .ocspResponderUrl(var_.identity_provider_urnietfparamsscimschemasoracleidcsextensionx509identity_provider_ocsp_responder_url())
                .ocspRevalidateTime(var_.identity_provider_urnietfparamsscimschemasoracleidcsextensionx509identity_provider_ocsp_revalidate_time())
                .ocspServerName(var_.identity_provider_urnietfparamsscimschemasoracleidcsextensionx509identity_provider_ocsp_server_name())
                .ocspTrustCertChains(var_.identity_provider_urnietfparamsscimschemasoracleidcsextensionx509identity_provider_ocsp_trust_cert_chain())
                .otherCertMatchAttribute(var_.identity_provider_urnietfparamsscimschemasoracleidcsextensionx509identity_provider_other_cert_match_attribute())
                .build())
            .userMappingMethod(var_.identity_provider_user_mapping_method())
            .userMappingStoreAttribute(var_.identity_provider_user_mapping_store_attribute())
            .build());

    }
}

Coming soon!

Coming soon!

resources:
  testIdentityProvider:
    type: oci:Identity:DomainsIdentityProvider
    properties:
      #Required
      enabled: false
      idcsEndpoint: ${data.oci_identity_domain.test_domain.url}
      partnerName: ${var.identity_provider_partner_name}
      schemas:
        - urn:ietf:params:scim:schemas:oracle:idcs:IdentityProvider
      #Optional
      assertionAttribute: ${var.identity_provider_assertion_attribute}
      attributeSets: []
      attributes:
      authnRequestBinding: ${var.identity_provider_authn_request_binding}
      authorization: ${var.identity_provider_authorization}
      correlationPolicy:
        type: ${var.identity_provider_correlation_policy_type}
        value: ${var.identity_provider_correlation_policy_value}
        display: ${var.identity_provider_correlation_policy_display}
      description: ${var.identity_provider_description}
      encryptionCertificate: ${var.identity_provider_encryption_certificate}
      externalId: externalId
      iconUrl: ${var.identity_provider_icon_url}
      id: ${var.identity_provider_id}
      idpSsoUrl: ${var.identity_provider_idp_sso_url}
      includeSigningCertInSignature: ${var.identity_provider_include_signing_cert_in_signature}
      jitUserProvAssignedGroups:
        - value: ${var.identity_provider_jit_user_prov_assigned_groups_value}
      jitUserProvAttributeUpdateEnabled: ${var.identity_provider_jit_user_prov_attribute_update_enabled}
      jitUserProvAttributes:
        value: ${var.identity_provider_jit_user_prov_attributes_value}
      jitUserProvCreateUserEnabled: ${var.identity_provider_jit_user_prov_create_user_enabled}
      jitUserProvEnabled: ${var.identity_provider_jit_user_prov_enabled}
      jitUserProvGroupAssertionAttributeEnabled: ${var.identity_provider_jit_user_prov_group_assertion_attribute_enabled}
      jitUserProvGroupAssignmentMethod: ${var.identity_provider_jit_user_prov_group_assignment_method}
      jitUserProvGroupMappingMode: ${var.identity_provider_jit_user_prov_group_mapping_mode}
      jitUserProvGroupMappings:
        - idpGroup: ${var.identity_provider_jit_user_prov_group_mappings_idp_group}
          value: ${var.identity_provider_jit_user_prov_group_mappings_value}
      jitUserProvGroupSamlAttributeName: ${var.identity_provider_jit_user_prov_group_saml_attribute_name}
      jitUserProvGroupStaticListEnabled: ${var.identity_provider_jit_user_prov_group_static_list_enabled}
      jitUserProvIgnoreErrorOnAbsentGroups: ${var.identity_provider_jit_user_prov_ignore_error_on_absent_groups}
      logoutBinding: ${var.identity_provider_logout_binding}
      logoutEnabled: ${var.identity_provider_logout_enabled}
      logoutRequestUrl: ${var.identity_provider_logout_request_url}
      logoutResponseUrl: ${var.identity_provider_logout_response_url}
      metadata: ${var.identity_provider_metadata}
      nameIdFormat: ${var.identity_provider_name_id_format}
      ocid: ${var.identity_provider_ocid}
      partnerProviderId: ${var.identity_provider_partner_provider_id}
      requestedAuthenticationContexts: ${var.identity_provider_requested_authentication_context}
      requireForceAuthn: ${var.identity_provider_require_force_authn}
      requiresEncryptedAssertion: ${var.identity_provider_requires_encrypted_assertion}
      resourceTypeSchemaVersion: ${var.identity_provider_resource_type_schema_version}
      samlHoKrequired: ${var.identity_provider_saml_ho_krequired}
      serviceInstanceIdentifier: ${var.identity_provider_service_instance_identifier}
      shownOnLoginPage: ${var.identity_provider_shown_on_login_page}
      signatureHashAlgorithm: ${var.identity_provider_signature_hash_algorithm}
      signingCertificate: ${var.identity_provider_signing_certificate}
      succinctId: succinctId
      tags:
        - key: ${var.identity_provider_tags_key}
          value: ${var.identity_provider_tags_value}
      type: ${var.identity_provider_type}
      urnietfparamsscimschemasoracleidcsextensionsocialIdentityProvider:
        accountLinkingEnabled: ${var.identity_provider_urnietfparamsscimschemasoracleidcsextensionsocial_identity_provider_account_linking_enabled}
        consumerKey: ${var.identity_provider_urnietfparamsscimschemasoracleidcsextensionsocial_identity_provider_consumer_key}
        consumerSecret: ${var.identity_provider_urnietfparamsscimschemasoracleidcsextensionsocial_identity_provider_consumer_secret}
        registrationEnabled: ${var.identity_provider_urnietfparamsscimschemasoracleidcsextensionsocial_identity_provider_registration_enabled}
        serviceProviderName: ${var.identity_provider_urnietfparamsscimschemasoracleidcsextensionsocial_identity_provider_service_provider_name}
        accessTokenUrl: ${var.identity_provider_urnietfparamsscimschemasoracleidcsextensionsocial_identity_provider_access_token_url}
        adminScopes: ${var.identity_provider_urnietfparamsscimschemasoracleidcsextensionsocial_identity_provider_admin_scope}
        authzUrl: ${var.identity_provider_urnietfparamsscimschemasoracleidcsextensionsocial_identity_provider_authz_url}
        clientCredentialInPayload: ${var.identity_provider_urnietfparamsscimschemasoracleidcsextensionsocial_identity_provider_client_credential_in_payload}
        clockSkewInSeconds: ${var.identity_provider_urnietfparamsscimschemasoracleidcsextensionsocial_identity_provider_clock_skew_in_seconds}
        discoveryUrl: ${var.identity_provider_urnietfparamsscimschemasoracleidcsextensionsocial_identity_provider_discovery_url}
        idAttribute: ${var.identity_provider_urnietfparamsscimschemasoracleidcsextensionsocial_identity_provider_id_attribute}
        profileUrl: ${var.identity_provider_urnietfparamsscimschemasoracleidcsextensionsocial_identity_provider_profile_url}
        redirectUrl: ${var.identity_provider_urnietfparamsscimschemasoracleidcsextensionsocial_identity_provider_redirect_url}
        scopes: ${var.identity_provider_urnietfparamsscimschemasoracleidcsextensionsocial_identity_provider_scope}
        status: ${var.identity_provider_urnietfparamsscimschemasoracleidcsextensionsocial_identity_provider_status}
      urnietfparamsscimschemasoracleidcsextensionx509identityProvider:
        certMatchAttribute: ${var.identity_provider_urnietfparamsscimschemasoracleidcsextensionx509identity_provider_cert_match_attribute}
        signingCertificateChains:
          - signingCertificateChain
        userMatchAttribute: ${var.identity_provider_urnietfparamsscimschemasoracleidcsextensionx509identity_provider_user_match_attribute}
        crlCheckOnOcspFailureEnabled: ${var.identity_provider_urnietfparamsscimschemasoracleidcsextensionx509identity_provider_crl_check_on_ocsp_failure_enabled}
        crlEnabled: ${var.identity_provider_urnietfparamsscimschemasoracleidcsextensionx509identity_provider_crl_enabled}
        crlLocation: ${var.identity_provider_urnietfparamsscimschemasoracleidcsextensionx509identity_provider_crl_location}
        crlReloadDuration: ${var.identity_provider_urnietfparamsscimschemasoracleidcsextensionx509identity_provider_crl_reload_duration}
        ocspAllowUnknownResponseStatus: ${var.identity_provider_urnietfparamsscimschemasoracleidcsextensionx509identity_provider_ocsp_allow_unknown_response_status}
        ocspEnableSignedResponse: ${var.identity_provider_urnietfparamsscimschemasoracleidcsextensionx509identity_provider_ocsp_enable_signed_response}
        ocspEnabled: ${var.identity_provider_urnietfparamsscimschemasoracleidcsextensionx509identity_provider_ocsp_enabled}
        ocspResponderUrl: ${var.identity_provider_urnietfparamsscimschemasoracleidcsextensionx509identity_provider_ocsp_responder_url}
        ocspRevalidateTime: ${var.identity_provider_urnietfparamsscimschemasoracleidcsextensionx509identity_provider_ocsp_revalidate_time}
        ocspServerName: ${var.identity_provider_urnietfparamsscimschemasoracleidcsextensionx509identity_provider_ocsp_server_name}
        ocspTrustCertChains: ${var.identity_provider_urnietfparamsscimschemasoracleidcsextensionx509identity_provider_ocsp_trust_cert_chain}
        otherCertMatchAttribute: ${var.identity_provider_urnietfparamsscimschemasoracleidcsextensionx509identity_provider_other_cert_match_attribute}
      userMappingMethod: ${var.identity_provider_user_mapping_method}
      userMappingStoreAttribute: ${var.identity_provider_user_mapping_store_attribute}

Create DomainsIdentityProvider Resource

new DomainsIdentityProvider(name: string, args: DomainsIdentityProviderArgs, opts?: CustomResourceOptions);
@overload
def DomainsIdentityProvider(resource_name: str,
                            opts: Optional[ResourceOptions] = None,
                            assertion_attribute: Optional[str] = None,
                            attribute_sets: Optional[Sequence[str]] = None,
                            attributes: Optional[str] = None,
                            authn_request_binding: Optional[str] = None,
                            authorization: Optional[str] = None,
                            correlation_policy: Optional[_identity.DomainsIdentityProviderCorrelationPolicyArgs] = None,
                            description: Optional[str] = None,
                            enabled: Optional[bool] = None,
                            encryption_certificate: Optional[str] = None,
                            external_id: Optional[str] = None,
                            icon_url: Optional[str] = None,
                            idcs_endpoint: Optional[str] = None,
                            idp_sso_url: Optional[str] = None,
                            include_signing_cert_in_signature: Optional[bool] = None,
                            jit_user_prov_assigned_groups: Optional[Sequence[_identity.DomainsIdentityProviderJitUserProvAssignedGroupArgs]] = None,
                            jit_user_prov_attribute_update_enabled: Optional[bool] = None,
                            jit_user_prov_attributes: Optional[_identity.DomainsIdentityProviderJitUserProvAttributesArgs] = None,
                            jit_user_prov_create_user_enabled: Optional[bool] = None,
                            jit_user_prov_enabled: Optional[bool] = None,
                            jit_user_prov_group_assertion_attribute_enabled: Optional[bool] = None,
                            jit_user_prov_group_assignment_method: Optional[str] = None,
                            jit_user_prov_group_mapping_mode: Optional[str] = None,
                            jit_user_prov_group_mappings: Optional[Sequence[_identity.DomainsIdentityProviderJitUserProvGroupMappingArgs]] = None,
                            jit_user_prov_group_saml_attribute_name: Optional[str] = None,
                            jit_user_prov_group_static_list_enabled: Optional[bool] = None,
                            jit_user_prov_ignore_error_on_absent_groups: Optional[bool] = None,
                            logout_binding: Optional[str] = None,
                            logout_enabled: Optional[bool] = None,
                            logout_request_url: Optional[str] = None,
                            logout_response_url: Optional[str] = None,
                            metadata: Optional[str] = None,
                            name_id_format: Optional[str] = None,
                            ocid: Optional[str] = None,
                            partner_name: Optional[str] = None,
                            partner_provider_id: Optional[str] = None,
                            requested_authentication_contexts: Optional[Sequence[str]] = None,
                            require_force_authn: Optional[bool] = None,
                            requires_encrypted_assertion: Optional[bool] = None,
                            resource_type_schema_version: Optional[str] = None,
                            saml_ho_krequired: Optional[bool] = None,
                            schemas: Optional[Sequence[str]] = None,
                            service_instance_identifier: Optional[str] = None,
                            shown_on_login_page: Optional[bool] = None,
                            signature_hash_algorithm: Optional[str] = None,
                            signing_certificate: Optional[str] = None,
                            succinct_id: Optional[str] = None,
                            tags: Optional[Sequence[_identity.DomainsIdentityProviderTagArgs]] = None,
                            type: Optional[str] = None,
                            urnietfparamsscimschemasoracleidcsextensionsocial_identity_provider: Optional[_identity.DomainsIdentityProviderUrnietfparamsscimschemasoracleidcsextensionsocialIdentityProviderArgs] = None,
                            urnietfparamsscimschemasoracleidcsextensionx509identity_provider: Optional[_identity.DomainsIdentityProviderUrnietfparamsscimschemasoracleidcsextensionx509identityProviderArgs] = None,
                            user_mapping_method: Optional[str] = None,
                            user_mapping_store_attribute: Optional[str] = None)
@overload
def DomainsIdentityProvider(resource_name: str,
                            args: DomainsIdentityProviderArgs,
                            opts: Optional[ResourceOptions] = None)
func NewDomainsIdentityProvider(ctx *Context, name string, args DomainsIdentityProviderArgs, opts ...ResourceOption) (*DomainsIdentityProvider, error)
public DomainsIdentityProvider(string name, DomainsIdentityProviderArgs args, CustomResourceOptions? opts = null)
public DomainsIdentityProvider(String name, DomainsIdentityProviderArgs args)
public DomainsIdentityProvider(String name, DomainsIdentityProviderArgs args, CustomResourceOptions options)
type: oci:Identity:DomainsIdentityProvider
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

name string
The unique name of the resource.
args DomainsIdentityProviderArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
resource_name str
The unique name of the resource.
args DomainsIdentityProviderArgs
The arguments to resource properties.
opts ResourceOptions
Bag of options to control resource's behavior.
ctx Context
Context object for the current deployment.
name string
The unique name of the resource.
args DomainsIdentityProviderArgs
The arguments to resource properties.
opts ResourceOption
Bag of options to control resource's behavior.
name string
The unique name of the resource.
args DomainsIdentityProviderArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
name String
The unique name of the resource.
args DomainsIdentityProviderArgs
The arguments to resource properties.
options CustomResourceOptions
Bag of options to control resource's behavior.

DomainsIdentityProvider Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

The DomainsIdentityProvider resource accepts the following input properties:

Enabled bool

(Updatable) Set to true to indicate Partner enabled.

IdcsEndpoint string

The basic endpoint for the identity domain

PartnerName string

(Updatable) Unique name of the trusted Identity Provider.

Schemas List<string>

(Updatable) REQUIRED. The schemas attribute is an array of Strings which allows introspection of the supported schema version for a SCIM representation as well any schema extensions supported by that representation. Each String value must be a unique URI. This specification defines URIs for User, Group, and a standard "enterprise" extension. All representations of SCIM schema MUST include a non-zero value array with value(s) of the URIs supported by that representation. Duplicate values MUST NOT be included. Value order is not specified and MUST not impact behavior.

AssertionAttribute string

(Updatable) Assertion attribute name.

AttributeSets List<string>

(Updatable) A multi-valued list of strings indicating the return type of attribute definition. The specified set of attributes can be fetched by the return type of the attribute. One or more values can be given together to fetch more than one group of attributes. If 'attributes' query parameter is also available, union of the two is fetched. Valid values - all, always, never, request, default. Values are case-insensitive.

Attributes string

(Updatable) A comma-delimited string that specifies the names of resource attributes that should be returned in the response. By default, a response that contains resource attributes contains only attributes that are defined in the schema for that resource type as returned=always or returned=default. An attribute that is defined as returned=request is returned in a response only if the request specifies its name in the value of this query parameter. If a request specifies this query parameter, the response contains the attributes that this query parameter specifies, as well as any attribute that is defined as returned=always.

AuthnRequestBinding string

(Updatable) HTTP binding to use for authentication requests.

Authorization string

(Updatable) The Authorization field value consists of credentials containing the authentication information of the user agent for the realm of the resource being requested.

CorrelationPolicy DomainsIdentityProviderCorrelationPolicyArgs

(Updatable) Correlation policy

Description string

(Updatable) Description

EncryptionCertificate string

(Updatable) Encryption certificate

ExternalId string

(Updatable) An identifier for the Resource as defined by the Service Consumer. The externalId may simplify identification of the Resource between Service Consumer and Service Provider by allowing the Consumer to refer to the Resource with its own identifier, obviating the need to store a local mapping between the local identifier of the Resource and the identifier used by the Service Provider. Each Resource MAY include a non-empty externalId value. The value of the externalId attribute is always issued by the Service Consumer and can never be specified by the Service Provider. The Service Provider MUST always interpret the externalId as scoped to the Service Consumer's tenant.

IconUrl string

(Updatable) Identity Provider Icon URL.

IdpSsoUrl string

(Updatable) Identity Provider SSO URL

IncludeSigningCertInSignature bool

(Updatable) Set to true to include the signing certificate in the signature.

JitUserProvAssignedGroups List<DomainsIdentityProviderJitUserProvAssignedGroupArgs>

(Updatable) Refers to every group of which a JIT-provisioned User should be a member. Just-in-Time user-provisioning applies this static list when jitUserProvGroupStaticListEnabled:true.

JitUserProvAttributeUpdateEnabled bool

(Updatable) Set to true to indicate JIT User Creation is enabled

JitUserProvAttributes DomainsIdentityProviderJitUserProvAttributesArgs

(Updatable) Assertion To User Mapping

JitUserProvCreateUserEnabled bool

(Updatable) Set to true to indicate JIT User Creation is enabled

JitUserProvEnabled bool

(Updatable) Set to true to indicate JIT User Provisioning is enabled

JitUserProvGroupAssertionAttributeEnabled bool

(Updatable) Set to true to indicate JIT User Provisioning Groups should be assigned based on assertion attribute

JitUserProvGroupAssignmentMethod string

(Updatable) The default value is 'Overwrite', which tells Just-In-Time user-provisioning to replace any current group-assignments for a User with those assigned by assertions and/or those assigned statically. Specify 'Merge' if you want Just-In-Time user-provisioning to combine its group-assignments with those the user already has.

JitUserProvGroupMappingMode string

(Updatable) Property to indicate the mode of group mapping

JitUserProvGroupMappings List<DomainsIdentityProviderJitUserProvGroupMappingArgs>

(Updatable) The list of mappings between the Identity Domain Group and the IDP group.

JitUserProvGroupSamlAttributeName string

(Updatable) Name of the assertion attribute containing the users groups

JitUserProvGroupStaticListEnabled bool

(Updatable) Set to true to indicate JIT User Provisioning Groups should be assigned from a static list

JitUserProvIgnoreErrorOnAbsentGroups bool

(Updatable) Set to true to indicate ignoring absence of group while provisioning

LogoutBinding string

(Updatable) HTTP binding to use for logout.

LogoutEnabled bool

(Updatable) Set to true to enable logout.

LogoutRequestUrl string

(Updatable) Logout request URL

LogoutResponseUrl string

(Updatable) Logout response URL

Metadata string

(Updatable) Metadata

NameIdFormat string

(Updatable) Default authentication request name ID format.

Ocid string

(Updatable) Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.

PartnerProviderId string

(Updatable) Provider ID

RequestedAuthenticationContexts List<string>

(Updatable) SAML SP authentication type.

RequireForceAuthn bool

(Updatable) This SP requires requests SAML IdP to enforce re-authentication.

RequiresEncryptedAssertion bool

(Updatable) SAML SP must accept encrypted assertion only.

ResourceTypeSchemaVersion string

(Updatable) An endpoint-specific schema version number to use in the Request. Allowed version values are Earliest Version or Latest Version as specified in each REST API endpoint description, or any sequential number inbetween. All schema attributes/body parameters are a part of version 1. After version 1, any attributes added or deprecated will be tagged with the version that they were added to or deprecated in. If no version is provided, the latest schema version is returned.

SamlHoKrequired bool

(Updatable) SAML SP HoK Enabled.

ServiceInstanceIdentifier string

(Updatable) The serviceInstanceIdentifier of the App that hosts this IdP. This value will match the opcServiceInstanceGUID of any service-instance that the IdP represents.

ShownOnLoginPage bool

(Updatable) Set to true to indicate whether to show IdP in login page or not.

SignatureHashAlgorithm string

(Updatable) Signature hash algorithm.

SigningCertificate string

(Updatable) Signing certificate

SuccinctId string

(Updatable) Succinct ID

Tags List<DomainsIdentityProviderTagArgs>

(Updatable) A list of tags on this resource.

Type string

(Updatable) Identity Provider Type

UrnietfparamsscimschemasoracleidcsextensionsocialIdentityProvider DomainsIdentityProviderUrnietfparamsscimschemasoracleidcsextensionsocialIdentityProviderArgs

(Updatable) Social Identity Provider Extension Schema

Urnietfparamsscimschemasoracleidcsextensionx509identityProvider DomainsIdentityProviderUrnietfparamsscimschemasoracleidcsextensionx509identityProviderArgs

(Updatable) X509 Identity Provider Extension Schema

UserMappingMethod string

(Updatable) User mapping method.

UserMappingStoreAttribute string

(Updatable) This property specifies the userstore attribute value that must match the incoming assertion attribute value or the incoming nameid attribute value in order to identify the user during SSO.You can construct the userMappingStoreAttribute value by specifying attributes from the Oracle Identity Cloud Service Core Users schema. For examples of how to construct the userMappingStoreAttribute value, see the Example of a Request Body section of the Examples tab for the POST and PUT methods of the /IdentityProviders endpoint.

Enabled bool

(Updatable) Set to true to indicate Partner enabled.

IdcsEndpoint string

The basic endpoint for the identity domain

PartnerName string

(Updatable) Unique name of the trusted Identity Provider.

Schemas []string

(Updatable) REQUIRED. The schemas attribute is an array of Strings which allows introspection of the supported schema version for a SCIM representation as well any schema extensions supported by that representation. Each String value must be a unique URI. This specification defines URIs for User, Group, and a standard "enterprise" extension. All representations of SCIM schema MUST include a non-zero value array with value(s) of the URIs supported by that representation. Duplicate values MUST NOT be included. Value order is not specified and MUST not impact behavior.

AssertionAttribute string

(Updatable) Assertion attribute name.

AttributeSets []string

(Updatable) A multi-valued list of strings indicating the return type of attribute definition. The specified set of attributes can be fetched by the return type of the attribute. One or more values can be given together to fetch more than one group of attributes. If 'attributes' query parameter is also available, union of the two is fetched. Valid values - all, always, never, request, default. Values are case-insensitive.

Attributes string

(Updatable) A comma-delimited string that specifies the names of resource attributes that should be returned in the response. By default, a response that contains resource attributes contains only attributes that are defined in the schema for that resource type as returned=always or returned=default. An attribute that is defined as returned=request is returned in a response only if the request specifies its name in the value of this query parameter. If a request specifies this query parameter, the response contains the attributes that this query parameter specifies, as well as any attribute that is defined as returned=always.

AuthnRequestBinding string

(Updatable) HTTP binding to use for authentication requests.

Authorization string

(Updatable) The Authorization field value consists of credentials containing the authentication information of the user agent for the realm of the resource being requested.

CorrelationPolicy DomainsIdentityProviderCorrelationPolicyArgs

(Updatable) Correlation policy

Description string

(Updatable) Description

EncryptionCertificate string

(Updatable) Encryption certificate

ExternalId string

(Updatable) An identifier for the Resource as defined by the Service Consumer. The externalId may simplify identification of the Resource between Service Consumer and Service Provider by allowing the Consumer to refer to the Resource with its own identifier, obviating the need to store a local mapping between the local identifier of the Resource and the identifier used by the Service Provider. Each Resource MAY include a non-empty externalId value. The value of the externalId attribute is always issued by the Service Consumer and can never be specified by the Service Provider. The Service Provider MUST always interpret the externalId as scoped to the Service Consumer's tenant.

IconUrl string

(Updatable) Identity Provider Icon URL.

IdpSsoUrl string

(Updatable) Identity Provider SSO URL

IncludeSigningCertInSignature bool

(Updatable) Set to true to include the signing certificate in the signature.

JitUserProvAssignedGroups []DomainsIdentityProviderJitUserProvAssignedGroupArgs

(Updatable) Refers to every group of which a JIT-provisioned User should be a member. Just-in-Time user-provisioning applies this static list when jitUserProvGroupStaticListEnabled:true.

JitUserProvAttributeUpdateEnabled bool

(Updatable) Set to true to indicate JIT User Creation is enabled

JitUserProvAttributes DomainsIdentityProviderJitUserProvAttributesArgs

(Updatable) Assertion To User Mapping

JitUserProvCreateUserEnabled bool

(Updatable) Set to true to indicate JIT User Creation is enabled

JitUserProvEnabled bool

(Updatable) Set to true to indicate JIT User Provisioning is enabled

JitUserProvGroupAssertionAttributeEnabled bool

(Updatable) Set to true to indicate JIT User Provisioning Groups should be assigned based on assertion attribute

JitUserProvGroupAssignmentMethod string

(Updatable) The default value is 'Overwrite', which tells Just-In-Time user-provisioning to replace any current group-assignments for a User with those assigned by assertions and/or those assigned statically. Specify 'Merge' if you want Just-In-Time user-provisioning to combine its group-assignments with those the user already has.

JitUserProvGroupMappingMode string

(Updatable) Property to indicate the mode of group mapping

JitUserProvGroupMappings []DomainsIdentityProviderJitUserProvGroupMappingArgs

(Updatable) The list of mappings between the Identity Domain Group and the IDP group.

JitUserProvGroupSamlAttributeName string

(Updatable) Name of the assertion attribute containing the users groups

JitUserProvGroupStaticListEnabled bool

(Updatable) Set to true to indicate JIT User Provisioning Groups should be assigned from a static list

JitUserProvIgnoreErrorOnAbsentGroups bool

(Updatable) Set to true to indicate ignoring absence of group while provisioning

LogoutBinding string

(Updatable) HTTP binding to use for logout.

LogoutEnabled bool

(Updatable) Set to true to enable logout.

LogoutRequestUrl string

(Updatable) Logout request URL

LogoutResponseUrl string

(Updatable) Logout response URL

Metadata string

(Updatable) Metadata

NameIdFormat string

(Updatable) Default authentication request name ID format.

Ocid string

(Updatable) Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.

PartnerProviderId string

(Updatable) Provider ID

RequestedAuthenticationContexts []string

(Updatable) SAML SP authentication type.

RequireForceAuthn bool

(Updatable) This SP requires requests SAML IdP to enforce re-authentication.

RequiresEncryptedAssertion bool

(Updatable) SAML SP must accept encrypted assertion only.

ResourceTypeSchemaVersion string

(Updatable) An endpoint-specific schema version number to use in the Request. Allowed version values are Earliest Version or Latest Version as specified in each REST API endpoint description, or any sequential number inbetween. All schema attributes/body parameters are a part of version 1. After version 1, any attributes added or deprecated will be tagged with the version that they were added to or deprecated in. If no version is provided, the latest schema version is returned.

SamlHoKrequired bool

(Updatable) SAML SP HoK Enabled.

ServiceInstanceIdentifier string

(Updatable) The serviceInstanceIdentifier of the App that hosts this IdP. This value will match the opcServiceInstanceGUID of any service-instance that the IdP represents.

ShownOnLoginPage bool

(Updatable) Set to true to indicate whether to show IdP in login page or not.

SignatureHashAlgorithm string

(Updatable) Signature hash algorithm.

SigningCertificate string

(Updatable) Signing certificate

SuccinctId string

(Updatable) Succinct ID

Tags []DomainsIdentityProviderTagArgs

(Updatable) A list of tags on this resource.

Type string

(Updatable) Identity Provider Type

UrnietfparamsscimschemasoracleidcsextensionsocialIdentityProvider DomainsIdentityProviderUrnietfparamsscimschemasoracleidcsextensionsocialIdentityProviderArgs

(Updatable) Social Identity Provider Extension Schema

Urnietfparamsscimschemasoracleidcsextensionx509identityProvider DomainsIdentityProviderUrnietfparamsscimschemasoracleidcsextensionx509identityProviderArgs

(Updatable) X509 Identity Provider Extension Schema

UserMappingMethod string

(Updatable) User mapping method.

UserMappingStoreAttribute string

(Updatable) This property specifies the userstore attribute value that must match the incoming assertion attribute value or the incoming nameid attribute value in order to identify the user during SSO.You can construct the userMappingStoreAttribute value by specifying attributes from the Oracle Identity Cloud Service Core Users schema. For examples of how to construct the userMappingStoreAttribute value, see the Example of a Request Body section of the Examples tab for the POST and PUT methods of the /IdentityProviders endpoint.

enabled Boolean

(Updatable) Set to true to indicate Partner enabled.

idcsEndpoint String

The basic endpoint for the identity domain

partnerName String

(Updatable) Unique name of the trusted Identity Provider.

schemas List<String>

(Updatable) REQUIRED. The schemas attribute is an array of Strings which allows introspection of the supported schema version for a SCIM representation as well any schema extensions supported by that representation. Each String value must be a unique URI. This specification defines URIs for User, Group, and a standard "enterprise" extension. All representations of SCIM schema MUST include a non-zero value array with value(s) of the URIs supported by that representation. Duplicate values MUST NOT be included. Value order is not specified and MUST not impact behavior.

assertionAttribute String

(Updatable) Assertion attribute name.

attributeSets List<String>

(Updatable) A multi-valued list of strings indicating the return type of attribute definition. The specified set of attributes can be fetched by the return type of the attribute. One or more values can be given together to fetch more than one group of attributes. If 'attributes' query parameter is also available, union of the two is fetched. Valid values - all, always, never, request, default. Values are case-insensitive.

attributes String

(Updatable) A comma-delimited string that specifies the names of resource attributes that should be returned in the response. By default, a response that contains resource attributes contains only attributes that are defined in the schema for that resource type as returned=always or returned=default. An attribute that is defined as returned=request is returned in a response only if the request specifies its name in the value of this query parameter. If a request specifies this query parameter, the response contains the attributes that this query parameter specifies, as well as any attribute that is defined as returned=always.

authnRequestBinding String

(Updatable) HTTP binding to use for authentication requests.

authorization String

(Updatable) The Authorization field value consists of credentials containing the authentication information of the user agent for the realm of the resource being requested.

correlationPolicy DomainsProviderCorrelationPolicyArgs

(Updatable) Correlation policy

description String

(Updatable) Description

encryptionCertificate String

(Updatable) Encryption certificate

externalId String

(Updatable) An identifier for the Resource as defined by the Service Consumer. The externalId may simplify identification of the Resource between Service Consumer and Service Provider by allowing the Consumer to refer to the Resource with its own identifier, obviating the need to store a local mapping between the local identifier of the Resource and the identifier used by the Service Provider. Each Resource MAY include a non-empty externalId value. The value of the externalId attribute is always issued by the Service Consumer and can never be specified by the Service Provider. The Service Provider MUST always interpret the externalId as scoped to the Service Consumer's tenant.

iconUrl String

(Updatable) Identity Provider Icon URL.

idpSsoUrl String

(Updatable) Identity Provider SSO URL

includeSigningCertInSignature Boolean

(Updatable) Set to true to include the signing certificate in the signature.

jitUserProvAssignedGroups List<DomainsProviderJitUserProvAssignedGroupArgs>

(Updatable) Refers to every group of which a JIT-provisioned User should be a member. Just-in-Time user-provisioning applies this static list when jitUserProvGroupStaticListEnabled:true.

jitUserProvAttributeUpdateEnabled Boolean

(Updatable) Set to true to indicate JIT User Creation is enabled

jitUserProvAttributes DomainsProviderJitUserProvAttributesArgs

(Updatable) Assertion To User Mapping

jitUserProvCreateUserEnabled Boolean

(Updatable) Set to true to indicate JIT User Creation is enabled

jitUserProvEnabled Boolean

(Updatable) Set to true to indicate JIT User Provisioning is enabled

jitUserProvGroupAssertionAttributeEnabled Boolean

(Updatable) Set to true to indicate JIT User Provisioning Groups should be assigned based on assertion attribute

jitUserProvGroupAssignmentMethod String

(Updatable) The default value is 'Overwrite', which tells Just-In-Time user-provisioning to replace any current group-assignments for a User with those assigned by assertions and/or those assigned statically. Specify 'Merge' if you want Just-In-Time user-provisioning to combine its group-assignments with those the user already has.

jitUserProvGroupMappingMode String

(Updatable) Property to indicate the mode of group mapping

jitUserProvGroupMappings List<DomainsProviderJitUserProvGroupMappingArgs>

(Updatable) The list of mappings between the Identity Domain Group and the IDP group.

jitUserProvGroupSamlAttributeName String

(Updatable) Name of the assertion attribute containing the users groups

jitUserProvGroupStaticListEnabled Boolean

(Updatable) Set to true to indicate JIT User Provisioning Groups should be assigned from a static list

jitUserProvIgnoreErrorOnAbsentGroups Boolean

(Updatable) Set to true to indicate ignoring absence of group while provisioning

logoutBinding String

(Updatable) HTTP binding to use for logout.

logoutEnabled Boolean

(Updatable) Set to true to enable logout.

logoutRequestUrl String

(Updatable) Logout request URL

logoutResponseUrl String

(Updatable) Logout response URL

metadata String

(Updatable) Metadata

nameIdFormat String

(Updatable) Default authentication request name ID format.

ocid String

(Updatable) Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.

partnerProviderId String

(Updatable) Provider ID

requestedAuthenticationContexts List<String>

(Updatable) SAML SP authentication type.

requireForceAuthn Boolean

(Updatable) This SP requires requests SAML IdP to enforce re-authentication.

requiresEncryptedAssertion Boolean

(Updatable) SAML SP must accept encrypted assertion only.

resourceTypeSchemaVersion String

(Updatable) An endpoint-specific schema version number to use in the Request. Allowed version values are Earliest Version or Latest Version as specified in each REST API endpoint description, or any sequential number inbetween. All schema attributes/body parameters are a part of version 1. After version 1, any attributes added or deprecated will be tagged with the version that they were added to or deprecated in. If no version is provided, the latest schema version is returned.

samlHoKrequired Boolean

(Updatable) SAML SP HoK Enabled.

serviceInstanceIdentifier String

(Updatable) The serviceInstanceIdentifier of the App that hosts this IdP. This value will match the opcServiceInstanceGUID of any service-instance that the IdP represents.

shownOnLoginPage Boolean

(Updatable) Set to true to indicate whether to show IdP in login page or not.

signatureHashAlgorithm String

(Updatable) Signature hash algorithm.

signingCertificate String

(Updatable) Signing certificate

succinctId String

(Updatable) Succinct ID

tags List<DomainsProviderTagArgs>

(Updatable) A list of tags on this resource.

type String

(Updatable) Identity Provider Type

urnietfparamsscimschemasoracleidcsextensionsocialIdentityProvider DomainsProviderUrnietfparamsscimschemasoracleidcsextensionsocialProviderArgs

(Updatable) Social Identity Provider Extension Schema

urnietfparamsscimschemasoracleidcsextensionx509identityProvider DomainsProviderUrnietfparamsscimschemasoracleidcsextensionx509identityProviderArgs

(Updatable) X509 Identity Provider Extension Schema

userMappingMethod String

(Updatable) User mapping method.

userMappingStoreAttribute String

(Updatable) This property specifies the userstore attribute value that must match the incoming assertion attribute value or the incoming nameid attribute value in order to identify the user during SSO.You can construct the userMappingStoreAttribute value by specifying attributes from the Oracle Identity Cloud Service Core Users schema. For examples of how to construct the userMappingStoreAttribute value, see the Example of a Request Body section of the Examples tab for the POST and PUT methods of the /IdentityProviders endpoint.

enabled boolean

(Updatable) Set to true to indicate Partner enabled.

idcsEndpoint string

The basic endpoint for the identity domain

partnerName string

(Updatable) Unique name of the trusted Identity Provider.

schemas string[]

(Updatable) REQUIRED. The schemas attribute is an array of Strings which allows introspection of the supported schema version for a SCIM representation as well any schema extensions supported by that representation. Each String value must be a unique URI. This specification defines URIs for User, Group, and a standard "enterprise" extension. All representations of SCIM schema MUST include a non-zero value array with value(s) of the URIs supported by that representation. Duplicate values MUST NOT be included. Value order is not specified and MUST not impact behavior.

assertionAttribute string

(Updatable) Assertion attribute name.

attributeSets string[]

(Updatable) A multi-valued list of strings indicating the return type of attribute definition. The specified set of attributes can be fetched by the return type of the attribute. One or more values can be given together to fetch more than one group of attributes. If 'attributes' query parameter is also available, union of the two is fetched. Valid values - all, always, never, request, default. Values are case-insensitive.

attributes string

(Updatable) A comma-delimited string that specifies the names of resource attributes that should be returned in the response. By default, a response that contains resource attributes contains only attributes that are defined in the schema for that resource type as returned=always or returned=default. An attribute that is defined as returned=request is returned in a response only if the request specifies its name in the value of this query parameter. If a request specifies this query parameter, the response contains the attributes that this query parameter specifies, as well as any attribute that is defined as returned=always.

authnRequestBinding string

(Updatable) HTTP binding to use for authentication requests.

authorization string

(Updatable) The Authorization field value consists of credentials containing the authentication information of the user agent for the realm of the resource being requested.

correlationPolicy DomainsIdentityProviderCorrelationPolicyArgs

(Updatable) Correlation policy

description string

(Updatable) Description

encryptionCertificate string

(Updatable) Encryption certificate

externalId string

(Updatable) An identifier for the Resource as defined by the Service Consumer. The externalId may simplify identification of the Resource between Service Consumer and Service Provider by allowing the Consumer to refer to the Resource with its own identifier, obviating the need to store a local mapping between the local identifier of the Resource and the identifier used by the Service Provider. Each Resource MAY include a non-empty externalId value. The value of the externalId attribute is always issued by the Service Consumer and can never be specified by the Service Provider. The Service Provider MUST always interpret the externalId as scoped to the Service Consumer's tenant.

iconUrl string

(Updatable) Identity Provider Icon URL.

idpSsoUrl string

(Updatable) Identity Provider SSO URL

includeSigningCertInSignature boolean

(Updatable) Set to true to include the signing certificate in the signature.

jitUserProvAssignedGroups DomainsIdentityProviderJitUserProvAssignedGroupArgs[]

(Updatable) Refers to every group of which a JIT-provisioned User should be a member. Just-in-Time user-provisioning applies this static list when jitUserProvGroupStaticListEnabled:true.

jitUserProvAttributeUpdateEnabled boolean

(Updatable) Set to true to indicate JIT User Creation is enabled

jitUserProvAttributes DomainsIdentityProviderJitUserProvAttributesArgs

(Updatable) Assertion To User Mapping

jitUserProvCreateUserEnabled boolean

(Updatable) Set to true to indicate JIT User Creation is enabled

jitUserProvEnabled boolean

(Updatable) Set to true to indicate JIT User Provisioning is enabled

jitUserProvGroupAssertionAttributeEnabled boolean

(Updatable) Set to true to indicate JIT User Provisioning Groups should be assigned based on assertion attribute

jitUserProvGroupAssignmentMethod string

(Updatable) The default value is 'Overwrite', which tells Just-In-Time user-provisioning to replace any current group-assignments for a User with those assigned by assertions and/or those assigned statically. Specify 'Merge' if you want Just-In-Time user-provisioning to combine its group-assignments with those the user already has.

jitUserProvGroupMappingMode string

(Updatable) Property to indicate the mode of group mapping

jitUserProvGroupMappings DomainsIdentityProviderJitUserProvGroupMappingArgs[]

(Updatable) The list of mappings between the Identity Domain Group and the IDP group.

jitUserProvGroupSamlAttributeName string

(Updatable) Name of the assertion attribute containing the users groups

jitUserProvGroupStaticListEnabled boolean

(Updatable) Set to true to indicate JIT User Provisioning Groups should be assigned from a static list

jitUserProvIgnoreErrorOnAbsentGroups boolean

(Updatable) Set to true to indicate ignoring absence of group while provisioning

logoutBinding string

(Updatable) HTTP binding to use for logout.

logoutEnabled boolean

(Updatable) Set to true to enable logout.

logoutRequestUrl string

(Updatable) Logout request URL

logoutResponseUrl string

(Updatable) Logout response URL

metadata string

(Updatable) Metadata

nameIdFormat string

(Updatable) Default authentication request name ID format.

ocid string

(Updatable) Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.

partnerProviderId string

(Updatable) Provider ID

requestedAuthenticationContexts string[]

(Updatable) SAML SP authentication type.

requireForceAuthn boolean

(Updatable) This SP requires requests SAML IdP to enforce re-authentication.

requiresEncryptedAssertion boolean

(Updatable) SAML SP must accept encrypted assertion only.

resourceTypeSchemaVersion string

(Updatable) An endpoint-specific schema version number to use in the Request. Allowed version values are Earliest Version or Latest Version as specified in each REST API endpoint description, or any sequential number inbetween. All schema attributes/body parameters are a part of version 1. After version 1, any attributes added or deprecated will be tagged with the version that they were added to or deprecated in. If no version is provided, the latest schema version is returned.

samlHoKrequired boolean

(Updatable) SAML SP HoK Enabled.

serviceInstanceIdentifier string

(Updatable) The serviceInstanceIdentifier of the App that hosts this IdP. This value will match the opcServiceInstanceGUID of any service-instance that the IdP represents.

shownOnLoginPage boolean

(Updatable) Set to true to indicate whether to show IdP in login page or not.

signatureHashAlgorithm string

(Updatable) Signature hash algorithm.

signingCertificate string

(Updatable) Signing certificate

succinctId string

(Updatable) Succinct ID

tags DomainsIdentityProviderTagArgs[]

(Updatable) A list of tags on this resource.

type string

(Updatable) Identity Provider Type

urnietfparamsscimschemasoracleidcsextensionsocialIdentityProvider DomainsIdentityProviderUrnietfparamsscimschemasoracleidcsextensionsocialIdentityProviderArgs

(Updatable) Social Identity Provider Extension Schema

urnietfparamsscimschemasoracleidcsextensionx509identityProvider DomainsIdentityProviderUrnietfparamsscimschemasoracleidcsextensionx509identityProviderArgs

(Updatable) X509 Identity Provider Extension Schema

userMappingMethod string

(Updatable) User mapping method.

userMappingStoreAttribute string

(Updatable) This property specifies the userstore attribute value that must match the incoming assertion attribute value or the incoming nameid attribute value in order to identify the user during SSO.You can construct the userMappingStoreAttribute value by specifying attributes from the Oracle Identity Cloud Service Core Users schema. For examples of how to construct the userMappingStoreAttribute value, see the Example of a Request Body section of the Examples tab for the POST and PUT methods of the /IdentityProviders endpoint.

enabled bool

(Updatable) Set to true to indicate Partner enabled.

idcs_endpoint str

The basic endpoint for the identity domain

partner_name str

(Updatable) Unique name of the trusted Identity Provider.

schemas Sequence[str]

(Updatable) REQUIRED. The schemas attribute is an array of Strings which allows introspection of the supported schema version for a SCIM representation as well any schema extensions supported by that representation. Each String value must be a unique URI. This specification defines URIs for User, Group, and a standard "enterprise" extension. All representations of SCIM schema MUST include a non-zero value array with value(s) of the URIs supported by that representation. Duplicate values MUST NOT be included. Value order is not specified and MUST not impact behavior.

assertion_attribute str

(Updatable) Assertion attribute name.

attribute_sets Sequence[str]

(Updatable) A multi-valued list of strings indicating the return type of attribute definition. The specified set of attributes can be fetched by the return type of the attribute. One or more values can be given together to fetch more than one group of attributes. If 'attributes' query parameter is also available, union of the two is fetched. Valid values - all, always, never, request, default. Values are case-insensitive.

attributes str

(Updatable) A comma-delimited string that specifies the names of resource attributes that should be returned in the response. By default, a response that contains resource attributes contains only attributes that are defined in the schema for that resource type as returned=always or returned=default. An attribute that is defined as returned=request is returned in a response only if the request specifies its name in the value of this query parameter. If a request specifies this query parameter, the response contains the attributes that this query parameter specifies, as well as any attribute that is defined as returned=always.

authn_request_binding str

(Updatable) HTTP binding to use for authentication requests.

authorization str

(Updatable) The Authorization field value consists of credentials containing the authentication information of the user agent for the realm of the resource being requested.

correlation_policy DomainsIdentityProviderCorrelationPolicyArgs

(Updatable) Correlation policy

description str

(Updatable) Description

encryption_certificate str

(Updatable) Encryption certificate

external_id str

(Updatable) An identifier for the Resource as defined by the Service Consumer. The externalId may simplify identification of the Resource between Service Consumer and Service Provider by allowing the Consumer to refer to the Resource with its own identifier, obviating the need to store a local mapping between the local identifier of the Resource and the identifier used by the Service Provider. Each Resource MAY include a non-empty externalId value. The value of the externalId attribute is always issued by the Service Consumer and can never be specified by the Service Provider. The Service Provider MUST always interpret the externalId as scoped to the Service Consumer's tenant.

icon_url str

(Updatable) Identity Provider Icon URL.

idp_sso_url str

(Updatable) Identity Provider SSO URL

include_signing_cert_in_signature bool

(Updatable) Set to true to include the signing certificate in the signature.

jit_user_prov_assigned_groups DomainsIdentityProviderJitUserProvAssignedGroupArgs]

(Updatable) Refers to every group of which a JIT-provisioned User should be a member. Just-in-Time user-provisioning applies this static list when jitUserProvGroupStaticListEnabled:true.

jit_user_prov_attribute_update_enabled bool

(Updatable) Set to true to indicate JIT User Creation is enabled

jit_user_prov_attributes DomainsIdentityProviderJitUserProvAttributesArgs

(Updatable) Assertion To User Mapping

jit_user_prov_create_user_enabled bool

(Updatable) Set to true to indicate JIT User Creation is enabled

jit_user_prov_enabled bool

(Updatable) Set to true to indicate JIT User Provisioning is enabled

jit_user_prov_group_assertion_attribute_enabled bool

(Updatable) Set to true to indicate JIT User Provisioning Groups should be assigned based on assertion attribute

jit_user_prov_group_assignment_method str

(Updatable) The default value is 'Overwrite', which tells Just-In-Time user-provisioning to replace any current group-assignments for a User with those assigned by assertions and/or those assigned statically. Specify 'Merge' if you want Just-In-Time user-provisioning to combine its group-assignments with those the user already has.

jit_user_prov_group_mapping_mode str

(Updatable) Property to indicate the mode of group mapping

jit_user_prov_group_mappings DomainsIdentityProviderJitUserProvGroupMappingArgs]

(Updatable) The list of mappings between the Identity Domain Group and the IDP group.

jit_user_prov_group_saml_attribute_name str

(Updatable) Name of the assertion attribute containing the users groups

jit_user_prov_group_static_list_enabled bool

(Updatable) Set to true to indicate JIT User Provisioning Groups should be assigned from a static list

jit_user_prov_ignore_error_on_absent_groups bool

(Updatable) Set to true to indicate ignoring absence of group while provisioning

logout_binding str

(Updatable) HTTP binding to use for logout.

logout_enabled bool

(Updatable) Set to true to enable logout.

logout_request_url str

(Updatable) Logout request URL

logout_response_url str

(Updatable) Logout response URL

metadata str

(Updatable) Metadata

name_id_format str

(Updatable) Default authentication request name ID format.

ocid str

(Updatable) Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.

partner_provider_id str

(Updatable) Provider ID

requested_authentication_contexts Sequence[str]

(Updatable) SAML SP authentication type.

require_force_authn bool

(Updatable) This SP requires requests SAML IdP to enforce re-authentication.

requires_encrypted_assertion bool

(Updatable) SAML SP must accept encrypted assertion only.

resource_type_schema_version str

(Updatable) An endpoint-specific schema version number to use in the Request. Allowed version values are Earliest Version or Latest Version as specified in each REST API endpoint description, or any sequential number inbetween. All schema attributes/body parameters are a part of version 1. After version 1, any attributes added or deprecated will be tagged with the version that they were added to or deprecated in. If no version is provided, the latest schema version is returned.

saml_ho_krequired bool

(Updatable) SAML SP HoK Enabled.

service_instance_identifier str

(Updatable) The serviceInstanceIdentifier of the App that hosts this IdP. This value will match the opcServiceInstanceGUID of any service-instance that the IdP represents.

shown_on_login_page bool

(Updatable) Set to true to indicate whether to show IdP in login page or not.

signature_hash_algorithm str

(Updatable) Signature hash algorithm.

signing_certificate str

(Updatable) Signing certificate

succinct_id str

(Updatable) Succinct ID

tags DomainsIdentityProviderTagArgs]

(Updatable) A list of tags on this resource.

type str

(Updatable) Identity Provider Type

urnietfparamsscimschemasoracleidcsextensionsocial_identity_provider DomainsIdentityProviderUrnietfparamsscimschemasoracleidcsextensionsocialIdentityProviderArgs

(Updatable) Social Identity Provider Extension Schema

urnietfparamsscimschemasoracleidcsextensionx509identity_provider DomainsIdentityProviderUrnietfparamsscimschemasoracleidcsextensionx509identityProviderArgs

(Updatable) X509 Identity Provider Extension Schema

user_mapping_method str

(Updatable) User mapping method.

user_mapping_store_attribute str

(Updatable) This property specifies the userstore attribute value that must match the incoming assertion attribute value or the incoming nameid attribute value in order to identify the user during SSO.You can construct the userMappingStoreAttribute value by specifying attributes from the Oracle Identity Cloud Service Core Users schema. For examples of how to construct the userMappingStoreAttribute value, see the Example of a Request Body section of the Examples tab for the POST and PUT methods of the /IdentityProviders endpoint.

enabled Boolean

(Updatable) Set to true to indicate Partner enabled.

idcsEndpoint String

The basic endpoint for the identity domain

partnerName String

(Updatable) Unique name of the trusted Identity Provider.

schemas List<String>

(Updatable) REQUIRED. The schemas attribute is an array of Strings which allows introspection of the supported schema version for a SCIM representation as well any schema extensions supported by that representation. Each String value must be a unique URI. This specification defines URIs for User, Group, and a standard "enterprise" extension. All representations of SCIM schema MUST include a non-zero value array with value(s) of the URIs supported by that representation. Duplicate values MUST NOT be included. Value order is not specified and MUST not impact behavior.

assertionAttribute String

(Updatable) Assertion attribute name.

attributeSets List<String>

(Updatable) A multi-valued list of strings indicating the return type of attribute definition. The specified set of attributes can be fetched by the return type of the attribute. One or more values can be given together to fetch more than one group of attributes. If 'attributes' query parameter is also available, union of the two is fetched. Valid values - all, always, never, request, default. Values are case-insensitive.

attributes String

(Updatable) A comma-delimited string that specifies the names of resource attributes that should be returned in the response. By default, a response that contains resource attributes contains only attributes that are defined in the schema for that resource type as returned=always or returned=default. An attribute that is defined as returned=request is returned in a response only if the request specifies its name in the value of this query parameter. If a request specifies this query parameter, the response contains the attributes that this query parameter specifies, as well as any attribute that is defined as returned=always.

authnRequestBinding String

(Updatable) HTTP binding to use for authentication requests.

authorization String

(Updatable) The Authorization field value consists of credentials containing the authentication information of the user agent for the realm of the resource being requested.

correlationPolicy Property Map

(Updatable) Correlation policy

description String

(Updatable) Description

encryptionCertificate String

(Updatable) Encryption certificate

externalId String

(Updatable) An identifier for the Resource as defined by the Service Consumer. The externalId may simplify identification of the Resource between Service Consumer and Service Provider by allowing the Consumer to refer to the Resource with its own identifier, obviating the need to store a local mapping between the local identifier of the Resource and the identifier used by the Service Provider. Each Resource MAY include a non-empty externalId value. The value of the externalId attribute is always issued by the Service Consumer and can never be specified by the Service Provider. The Service Provider MUST always interpret the externalId as scoped to the Service Consumer's tenant.

iconUrl String

(Updatable) Identity Provider Icon URL.

idpSsoUrl String

(Updatable) Identity Provider SSO URL

includeSigningCertInSignature Boolean

(Updatable) Set to true to include the signing certificate in the signature.

jitUserProvAssignedGroups List<Property Map>

(Updatable) Refers to every group of which a JIT-provisioned User should be a member. Just-in-Time user-provisioning applies this static list when jitUserProvGroupStaticListEnabled:true.

jitUserProvAttributeUpdateEnabled Boolean

(Updatable) Set to true to indicate JIT User Creation is enabled

jitUserProvAttributes Property Map

(Updatable) Assertion To User Mapping

jitUserProvCreateUserEnabled Boolean

(Updatable) Set to true to indicate JIT User Creation is enabled

jitUserProvEnabled Boolean

(Updatable) Set to true to indicate JIT User Provisioning is enabled

jitUserProvGroupAssertionAttributeEnabled Boolean

(Updatable) Set to true to indicate JIT User Provisioning Groups should be assigned based on assertion attribute

jitUserProvGroupAssignmentMethod String

(Updatable) The default value is 'Overwrite', which tells Just-In-Time user-provisioning to replace any current group-assignments for a User with those assigned by assertions and/or those assigned statically. Specify 'Merge' if you want Just-In-Time user-provisioning to combine its group-assignments with those the user already has.

jitUserProvGroupMappingMode String

(Updatable) Property to indicate the mode of group mapping

jitUserProvGroupMappings List<Property Map>

(Updatable) The list of mappings between the Identity Domain Group and the IDP group.

jitUserProvGroupSamlAttributeName String

(Updatable) Name of the assertion attribute containing the users groups

jitUserProvGroupStaticListEnabled Boolean

(Updatable) Set to true to indicate JIT User Provisioning Groups should be assigned from a static list

jitUserProvIgnoreErrorOnAbsentGroups Boolean

(Updatable) Set to true to indicate ignoring absence of group while provisioning

logoutBinding String

(Updatable) HTTP binding to use for logout.

logoutEnabled Boolean

(Updatable) Set to true to enable logout.

logoutRequestUrl String

(Updatable) Logout request URL

logoutResponseUrl String

(Updatable) Logout response URL

metadata String

(Updatable) Metadata

nameIdFormat String

(Updatable) Default authentication request name ID format.

ocid String

(Updatable) Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.

partnerProviderId String

(Updatable) Provider ID

requestedAuthenticationContexts List<String>

(Updatable) SAML SP authentication type.

requireForceAuthn Boolean

(Updatable) This SP requires requests SAML IdP to enforce re-authentication.

requiresEncryptedAssertion Boolean

(Updatable) SAML SP must accept encrypted assertion only.

resourceTypeSchemaVersion String

(Updatable) An endpoint-specific schema version number to use in the Request. Allowed version values are Earliest Version or Latest Version as specified in each REST API endpoint description, or any sequential number inbetween. All schema attributes/body parameters are a part of version 1. After version 1, any attributes added or deprecated will be tagged with the version that they were added to or deprecated in. If no version is provided, the latest schema version is returned.

samlHoKrequired Boolean

(Updatable) SAML SP HoK Enabled.

serviceInstanceIdentifier String

(Updatable) The serviceInstanceIdentifier of the App that hosts this IdP. This value will match the opcServiceInstanceGUID of any service-instance that the IdP represents.

shownOnLoginPage Boolean

(Updatable) Set to true to indicate whether to show IdP in login page or not.

signatureHashAlgorithm String

(Updatable) Signature hash algorithm.

signingCertificate String

(Updatable) Signing certificate

succinctId String

(Updatable) Succinct ID

tags List<Property Map>

(Updatable) A list of tags on this resource.

type String

(Updatable) Identity Provider Type

urnietfparamsscimschemasoracleidcsextensionsocialIdentityProvider Property Map

(Updatable) Social Identity Provider Extension Schema

urnietfparamsscimschemasoracleidcsextensionx509identityProvider Property Map

(Updatable) X509 Identity Provider Extension Schema

userMappingMethod String

(Updatable) User mapping method.

userMappingStoreAttribute String

(Updatable) This property specifies the userstore attribute value that must match the incoming assertion attribute value or the incoming nameid attribute value in order to identify the user during SSO.You can construct the userMappingStoreAttribute value by specifying attributes from the Oracle Identity Cloud Service Core Users schema. For examples of how to construct the userMappingStoreAttribute value, see the Example of a Request Body section of the Examples tab for the POST and PUT methods of the /IdentityProviders endpoint.

Outputs

All input properties are implicitly available as output properties. Additionally, the DomainsIdentityProvider resource produces the following output properties:

CompartmentOcid string

(Updatable) Oracle Cloud Infrastructure Compartment Id (ocid) in which the resource lives.

DeleteInProgress bool

(Updatable) A boolean flag indicating this resource in the process of being deleted. Usually set to true when synchronous deletion of the resource would take too long.

DomainOcid string

(Updatable) Oracle Cloud Infrastructure Domain Id (ocid) in which the resource lives.

Id string

The provider-assigned unique ID for this managed resource.

IdcsCreatedBies List<DomainsIdentityProviderIdcsCreatedBy>

(Updatable) The User or App who created the Resource

IdcsLastModifiedBies List<DomainsIdentityProviderIdcsLastModifiedBy>

(Updatable) The User or App who modified the Resource

IdcsLastUpgradedInRelease string

(Updatable) The release number when the resource was upgraded.

IdcsPreventedOperations List<string>

(Updatable) Each value of this attribute specifies an operation that only an internal client may perform on this particular resource.

Metas List<DomainsIdentityProviderMeta>

(Updatable) A complex attribute that contains resource metadata. All sub-attributes are OPTIONAL.

TenancyOcid string

(Updatable) Oracle Cloud Infrastructure Tenant Id (ocid) in which the resource lives.

TenantProviderId string

(Updatable) The alternate Provider ID to be used as the Oracle Identity Cloud Service providerID (instead of the one in SamlSettings) when interacting with this IdP.

CompartmentOcid string

(Updatable) Oracle Cloud Infrastructure Compartment Id (ocid) in which the resource lives.

DeleteInProgress bool

(Updatable) A boolean flag indicating this resource in the process of being deleted. Usually set to true when synchronous deletion of the resource would take too long.

DomainOcid string

(Updatable) Oracle Cloud Infrastructure Domain Id (ocid) in which the resource lives.

Id string

The provider-assigned unique ID for this managed resource.

IdcsCreatedBies []DomainsIdentityProviderIdcsCreatedBy

(Updatable) The User or App who created the Resource

IdcsLastModifiedBies []DomainsIdentityProviderIdcsLastModifiedBy

(Updatable) The User or App who modified the Resource

IdcsLastUpgradedInRelease string

(Updatable) The release number when the resource was upgraded.

IdcsPreventedOperations []string

(Updatable) Each value of this attribute specifies an operation that only an internal client may perform on this particular resource.

Metas []DomainsIdentityProviderMeta

(Updatable) A complex attribute that contains resource metadata. All sub-attributes are OPTIONAL.

TenancyOcid string

(Updatable) Oracle Cloud Infrastructure Tenant Id (ocid) in which the resource lives.

TenantProviderId string

(Updatable) The alternate Provider ID to be used as the Oracle Identity Cloud Service providerID (instead of the one in SamlSettings) when interacting with this IdP.

compartmentOcid String

(Updatable) Oracle Cloud Infrastructure Compartment Id (ocid) in which the resource lives.

deleteInProgress Boolean

(Updatable) A boolean flag indicating this resource in the process of being deleted. Usually set to true when synchronous deletion of the resource would take too long.

domainOcid String

(Updatable) Oracle Cloud Infrastructure Domain Id (ocid) in which the resource lives.

id String

The provider-assigned unique ID for this managed resource.

idcsCreatedBies List<DomainsProviderIdcsCreatedBy>

(Updatable) The User or App who created the Resource

idcsLastModifiedBies List<DomainsProviderIdcsLastModifiedBy>

(Updatable) The User or App who modified the Resource

idcsLastUpgradedInRelease String

(Updatable) The release number when the resource was upgraded.

idcsPreventedOperations List<String>

(Updatable) Each value of this attribute specifies an operation that only an internal client may perform on this particular resource.

metas List<DomainsProviderMeta>

(Updatable) A complex attribute that contains resource metadata. All sub-attributes are OPTIONAL.

tenancyOcid String

(Updatable) Oracle Cloud Infrastructure Tenant Id (ocid) in which the resource lives.

tenantProviderId String

(Updatable) The alternate Provider ID to be used as the Oracle Identity Cloud Service providerID (instead of the one in SamlSettings) when interacting with this IdP.

compartmentOcid string

(Updatable) Oracle Cloud Infrastructure Compartment Id (ocid) in which the resource lives.

deleteInProgress boolean

(Updatable) A boolean flag indicating this resource in the process of being deleted. Usually set to true when synchronous deletion of the resource would take too long.

domainOcid string

(Updatable) Oracle Cloud Infrastructure Domain Id (ocid) in which the resource lives.

id string

The provider-assigned unique ID for this managed resource.

idcsCreatedBies DomainsIdentityProviderIdcsCreatedBy[]

(Updatable) The User or App who created the Resource

idcsLastModifiedBies DomainsIdentityProviderIdcsLastModifiedBy[]

(Updatable) The User or App who modified the Resource

idcsLastUpgradedInRelease string

(Updatable) The release number when the resource was upgraded.

idcsPreventedOperations string[]

(Updatable) Each value of this attribute specifies an operation that only an internal client may perform on this particular resource.

metas DomainsIdentityProviderMeta[]

(Updatable) A complex attribute that contains resource metadata. All sub-attributes are OPTIONAL.

tenancyOcid string

(Updatable) Oracle Cloud Infrastructure Tenant Id (ocid) in which the resource lives.

tenantProviderId string

(Updatable) The alternate Provider ID to be used as the Oracle Identity Cloud Service providerID (instead of the one in SamlSettings) when interacting with this IdP.

compartment_ocid str

(Updatable) Oracle Cloud Infrastructure Compartment Id (ocid) in which the resource lives.

delete_in_progress bool

(Updatable) A boolean flag indicating this resource in the process of being deleted. Usually set to true when synchronous deletion of the resource would take too long.

domain_ocid str

(Updatable) Oracle Cloud Infrastructure Domain Id (ocid) in which the resource lives.

id str

The provider-assigned unique ID for this managed resource.

idcs_created_bies DomainsIdentityProviderIdcsCreatedBy]

(Updatable) The User or App who created the Resource

idcs_last_modified_bies DomainsIdentityProviderIdcsLastModifiedBy]

(Updatable) The User or App who modified the Resource

idcs_last_upgraded_in_release str

(Updatable) The release number when the resource was upgraded.

idcs_prevented_operations Sequence[str]

(Updatable) Each value of this attribute specifies an operation that only an internal client may perform on this particular resource.

metas DomainsIdentityProviderMeta]

(Updatable) A complex attribute that contains resource metadata. All sub-attributes are OPTIONAL.

tenancy_ocid str

(Updatable) Oracle Cloud Infrastructure Tenant Id (ocid) in which the resource lives.

tenant_provider_id str

(Updatable) The alternate Provider ID to be used as the Oracle Identity Cloud Service providerID (instead of the one in SamlSettings) when interacting with this IdP.

compartmentOcid String

(Updatable) Oracle Cloud Infrastructure Compartment Id (ocid) in which the resource lives.

deleteInProgress Boolean

(Updatable) A boolean flag indicating this resource in the process of being deleted. Usually set to true when synchronous deletion of the resource would take too long.

domainOcid String

(Updatable) Oracle Cloud Infrastructure Domain Id (ocid) in which the resource lives.

id String

The provider-assigned unique ID for this managed resource.

idcsCreatedBies List<Property Map>

(Updatable) The User or App who created the Resource

idcsLastModifiedBies List<Property Map>

(Updatable) The User or App who modified the Resource

idcsLastUpgradedInRelease String

(Updatable) The release number when the resource was upgraded.

idcsPreventedOperations List<String>

(Updatable) Each value of this attribute specifies an operation that only an internal client may perform on this particular resource.

metas List<Property Map>

(Updatable) A complex attribute that contains resource metadata. All sub-attributes are OPTIONAL.

tenancyOcid String

(Updatable) Oracle Cloud Infrastructure Tenant Id (ocid) in which the resource lives.

tenantProviderId String

(Updatable) The alternate Provider ID to be used as the Oracle Identity Cloud Service providerID (instead of the one in SamlSettings) when interacting with this IdP.

Look up Existing DomainsIdentityProvider Resource

Get an existing DomainsIdentityProvider resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: DomainsIdentityProviderState, opts?: CustomResourceOptions): DomainsIdentityProvider
@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        assertion_attribute: Optional[str] = None,
        attribute_sets: Optional[Sequence[str]] = None,
        attributes: Optional[str] = None,
        authn_request_binding: Optional[str] = None,
        authorization: Optional[str] = None,
        compartment_ocid: Optional[str] = None,
        correlation_policy: Optional[_identity.DomainsIdentityProviderCorrelationPolicyArgs] = None,
        delete_in_progress: Optional[bool] = None,
        description: Optional[str] = None,
        domain_ocid: Optional[str] = None,
        enabled: Optional[bool] = None,
        encryption_certificate: Optional[str] = None,
        external_id: Optional[str] = None,
        icon_url: Optional[str] = None,
        idcs_created_bies: Optional[Sequence[_identity.DomainsIdentityProviderIdcsCreatedByArgs]] = None,
        idcs_endpoint: Optional[str] = None,
        idcs_last_modified_bies: Optional[Sequence[_identity.DomainsIdentityProviderIdcsLastModifiedByArgs]] = None,
        idcs_last_upgraded_in_release: Optional[str] = None,
        idcs_prevented_operations: Optional[Sequence[str]] = None,
        idp_sso_url: Optional[str] = None,
        include_signing_cert_in_signature: Optional[bool] = None,
        jit_user_prov_assigned_groups: Optional[Sequence[_identity.DomainsIdentityProviderJitUserProvAssignedGroupArgs]] = None,
        jit_user_prov_attribute_update_enabled: Optional[bool] = None,
        jit_user_prov_attributes: Optional[_identity.DomainsIdentityProviderJitUserProvAttributesArgs] = None,
        jit_user_prov_create_user_enabled: Optional[bool] = None,
        jit_user_prov_enabled: Optional[bool] = None,
        jit_user_prov_group_assertion_attribute_enabled: Optional[bool] = None,
        jit_user_prov_group_assignment_method: Optional[str] = None,
        jit_user_prov_group_mapping_mode: Optional[str] = None,
        jit_user_prov_group_mappings: Optional[Sequence[_identity.DomainsIdentityProviderJitUserProvGroupMappingArgs]] = None,
        jit_user_prov_group_saml_attribute_name: Optional[str] = None,
        jit_user_prov_group_static_list_enabled: Optional[bool] = None,
        jit_user_prov_ignore_error_on_absent_groups: Optional[bool] = None,
        logout_binding: Optional[str] = None,
        logout_enabled: Optional[bool] = None,
        logout_request_url: Optional[str] = None,
        logout_response_url: Optional[str] = None,
        metadata: Optional[str] = None,
        metas: Optional[Sequence[_identity.DomainsIdentityProviderMetaArgs]] = None,
        name_id_format: Optional[str] = None,
        ocid: Optional[str] = None,
        partner_name: Optional[str] = None,
        partner_provider_id: Optional[str] = None,
        requested_authentication_contexts: Optional[Sequence[str]] = None,
        require_force_authn: Optional[bool] = None,
        requires_encrypted_assertion: Optional[bool] = None,
        resource_type_schema_version: Optional[str] = None,
        saml_ho_krequired: Optional[bool] = None,
        schemas: Optional[Sequence[str]] = None,
        service_instance_identifier: Optional[str] = None,
        shown_on_login_page: Optional[bool] = None,
        signature_hash_algorithm: Optional[str] = None,
        signing_certificate: Optional[str] = None,
        succinct_id: Optional[str] = None,
        tags: Optional[Sequence[_identity.DomainsIdentityProviderTagArgs]] = None,
        tenancy_ocid: Optional[str] = None,
        tenant_provider_id: Optional[str] = None,
        type: Optional[str] = None,
        urnietfparamsscimschemasoracleidcsextensionsocial_identity_provider: Optional[_identity.DomainsIdentityProviderUrnietfparamsscimschemasoracleidcsextensionsocialIdentityProviderArgs] = None,
        urnietfparamsscimschemasoracleidcsextensionx509identity_provider: Optional[_identity.DomainsIdentityProviderUrnietfparamsscimschemasoracleidcsextensionx509identityProviderArgs] = None,
        user_mapping_method: Optional[str] = None,
        user_mapping_store_attribute: Optional[str] = None) -> DomainsIdentityProvider
func GetDomainsIdentityProvider(ctx *Context, name string, id IDInput, state *DomainsIdentityProviderState, opts ...ResourceOption) (*DomainsIdentityProvider, error)
public static DomainsIdentityProvider Get(string name, Input<string> id, DomainsIdentityProviderState? state, CustomResourceOptions? opts = null)
public static DomainsIdentityProvider get(String name, Output<String> id, DomainsIdentityProviderState state, CustomResourceOptions options)
Resource lookup is not supported in YAML
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
resource_name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
The following state arguments are supported:
AssertionAttribute string

(Updatable) Assertion attribute name.

AttributeSets List<string>

(Updatable) A multi-valued list of strings indicating the return type of attribute definition. The specified set of attributes can be fetched by the return type of the attribute. One or more values can be given together to fetch more than one group of attributes. If 'attributes' query parameter is also available, union of the two is fetched. Valid values - all, always, never, request, default. Values are case-insensitive.

Attributes string

(Updatable) A comma-delimited string that specifies the names of resource attributes that should be returned in the response. By default, a response that contains resource attributes contains only attributes that are defined in the schema for that resource type as returned=always or returned=default. An attribute that is defined as returned=request is returned in a response only if the request specifies its name in the value of this query parameter. If a request specifies this query parameter, the response contains the attributes that this query parameter specifies, as well as any attribute that is defined as returned=always.

AuthnRequestBinding string

(Updatable) HTTP binding to use for authentication requests.

Authorization string

(Updatable) The Authorization field value consists of credentials containing the authentication information of the user agent for the realm of the resource being requested.

CompartmentOcid string

(Updatable) Oracle Cloud Infrastructure Compartment Id (ocid) in which the resource lives.

CorrelationPolicy DomainsIdentityProviderCorrelationPolicyArgs

(Updatable) Correlation policy

DeleteInProgress bool

(Updatable) A boolean flag indicating this resource in the process of being deleted. Usually set to true when synchronous deletion of the resource would take too long.

Description string

(Updatable) Description

DomainOcid string

(Updatable) Oracle Cloud Infrastructure Domain Id (ocid) in which the resource lives.

Enabled bool

(Updatable) Set to true to indicate Partner enabled.

EncryptionCertificate string

(Updatable) Encryption certificate

ExternalId string

(Updatable) An identifier for the Resource as defined by the Service Consumer. The externalId may simplify identification of the Resource between Service Consumer and Service Provider by allowing the Consumer to refer to the Resource with its own identifier, obviating the need to store a local mapping between the local identifier of the Resource and the identifier used by the Service Provider. Each Resource MAY include a non-empty externalId value. The value of the externalId attribute is always issued by the Service Consumer and can never be specified by the Service Provider. The Service Provider MUST always interpret the externalId as scoped to the Service Consumer's tenant.

IconUrl string

(Updatable) Identity Provider Icon URL.

IdcsCreatedBies List<DomainsIdentityProviderIdcsCreatedByArgs>

(Updatable) The User or App who created the Resource

IdcsEndpoint string

The basic endpoint for the identity domain

IdcsLastModifiedBies List<DomainsIdentityProviderIdcsLastModifiedByArgs>

(Updatable) The User or App who modified the Resource

IdcsLastUpgradedInRelease string

(Updatable) The release number when the resource was upgraded.

IdcsPreventedOperations List<string>

(Updatable) Each value of this attribute specifies an operation that only an internal client may perform on this particular resource.

IdpSsoUrl string

(Updatable) Identity Provider SSO URL

IncludeSigningCertInSignature bool

(Updatable) Set to true to include the signing certificate in the signature.

JitUserProvAssignedGroups List<DomainsIdentityProviderJitUserProvAssignedGroupArgs>

(Updatable) Refers to every group of which a JIT-provisioned User should be a member. Just-in-Time user-provisioning applies this static list when jitUserProvGroupStaticListEnabled:true.

JitUserProvAttributeUpdateEnabled bool

(Updatable) Set to true to indicate JIT User Creation is enabled

JitUserProvAttributes DomainsIdentityProviderJitUserProvAttributesArgs

(Updatable) Assertion To User Mapping

JitUserProvCreateUserEnabled bool

(Updatable) Set to true to indicate JIT User Creation is enabled

JitUserProvEnabled bool

(Updatable) Set to true to indicate JIT User Provisioning is enabled

JitUserProvGroupAssertionAttributeEnabled bool

(Updatable) Set to true to indicate JIT User Provisioning Groups should be assigned based on assertion attribute

JitUserProvGroupAssignmentMethod string

(Updatable) The default value is 'Overwrite', which tells Just-In-Time user-provisioning to replace any current group-assignments for a User with those assigned by assertions and/or those assigned statically. Specify 'Merge' if you want Just-In-Time user-provisioning to combine its group-assignments with those the user already has.

JitUserProvGroupMappingMode string

(Updatable) Property to indicate the mode of group mapping

JitUserProvGroupMappings List<DomainsIdentityProviderJitUserProvGroupMappingArgs>

(Updatable) The list of mappings between the Identity Domain Group and the IDP group.

JitUserProvGroupSamlAttributeName string

(Updatable) Name of the assertion attribute containing the users groups

JitUserProvGroupStaticListEnabled bool

(Updatable) Set to true to indicate JIT User Provisioning Groups should be assigned from a static list

JitUserProvIgnoreErrorOnAbsentGroups bool

(Updatable) Set to true to indicate ignoring absence of group while provisioning

LogoutBinding string

(Updatable) HTTP binding to use for logout.

LogoutEnabled bool

(Updatable) Set to true to enable logout.

LogoutRequestUrl string

(Updatable) Logout request URL

LogoutResponseUrl string

(Updatable) Logout response URL

Metadata string

(Updatable) Metadata

Metas List<DomainsIdentityProviderMetaArgs>

(Updatable) A complex attribute that contains resource metadata. All sub-attributes are OPTIONAL.

NameIdFormat string

(Updatable) Default authentication request name ID format.

Ocid string

(Updatable) Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.

PartnerName string

(Updatable) Unique name of the trusted Identity Provider.

PartnerProviderId string

(Updatable) Provider ID

RequestedAuthenticationContexts List<string>

(Updatable) SAML SP authentication type.

RequireForceAuthn bool

(Updatable) This SP requires requests SAML IdP to enforce re-authentication.

RequiresEncryptedAssertion bool

(Updatable) SAML SP must accept encrypted assertion only.

ResourceTypeSchemaVersion string

(Updatable) An endpoint-specific schema version number to use in the Request. Allowed version values are Earliest Version or Latest Version as specified in each REST API endpoint description, or any sequential number inbetween. All schema attributes/body parameters are a part of version 1. After version 1, any attributes added or deprecated will be tagged with the version that they were added to or deprecated in. If no version is provided, the latest schema version is returned.

SamlHoKrequired bool

(Updatable) SAML SP HoK Enabled.

Schemas List<string>

(Updatable) REQUIRED. The schemas attribute is an array of Strings which allows introspection of the supported schema version for a SCIM representation as well any schema extensions supported by that representation. Each String value must be a unique URI. This specification defines URIs for User, Group, and a standard "enterprise" extension. All representations of SCIM schema MUST include a non-zero value array with value(s) of the URIs supported by that representation. Duplicate values MUST NOT be included. Value order is not specified and MUST not impact behavior.

ServiceInstanceIdentifier string

(Updatable) The serviceInstanceIdentifier of the App that hosts this IdP. This value will match the opcServiceInstanceGUID of any service-instance that the IdP represents.

ShownOnLoginPage bool

(Updatable) Set to true to indicate whether to show IdP in login page or not.

SignatureHashAlgorithm string

(Updatable) Signature hash algorithm.

SigningCertificate string

(Updatable) Signing certificate

SuccinctId string

(Updatable) Succinct ID

Tags List<DomainsIdentityProviderTagArgs>

(Updatable) A list of tags on this resource.

TenancyOcid string

(Updatable) Oracle Cloud Infrastructure Tenant Id (ocid) in which the resource lives.

TenantProviderId string

(Updatable) The alternate Provider ID to be used as the Oracle Identity Cloud Service providerID (instead of the one in SamlSettings) when interacting with this IdP.

Type string

(Updatable) Identity Provider Type

UrnietfparamsscimschemasoracleidcsextensionsocialIdentityProvider DomainsIdentityProviderUrnietfparamsscimschemasoracleidcsextensionsocialIdentityProviderArgs

(Updatable) Social Identity Provider Extension Schema

Urnietfparamsscimschemasoracleidcsextensionx509identityProvider DomainsIdentityProviderUrnietfparamsscimschemasoracleidcsextensionx509identityProviderArgs

(Updatable) X509 Identity Provider Extension Schema

UserMappingMethod string

(Updatable) User mapping method.

UserMappingStoreAttribute string

(Updatable) This property specifies the userstore attribute value that must match the incoming assertion attribute value or the incoming nameid attribute value in order to identify the user during SSO.You can construct the userMappingStoreAttribute value by specifying attributes from the Oracle Identity Cloud Service Core Users schema. For examples of how to construct the userMappingStoreAttribute value, see the Example of a Request Body section of the Examples tab for the POST and PUT methods of the /IdentityProviders endpoint.

AssertionAttribute string

(Updatable) Assertion attribute name.

AttributeSets []string

(Updatable) A multi-valued list of strings indicating the return type of attribute definition. The specified set of attributes can be fetched by the return type of the attribute. One or more values can be given together to fetch more than one group of attributes. If 'attributes' query parameter is also available, union of the two is fetched. Valid values - all, always, never, request, default. Values are case-insensitive.

Attributes string

(Updatable) A comma-delimited string that specifies the names of resource attributes that should be returned in the response. By default, a response that contains resource attributes contains only attributes that are defined in the schema for that resource type as returned=always or returned=default. An attribute that is defined as returned=request is returned in a response only if the request specifies its name in the value of this query parameter. If a request specifies this query parameter, the response contains the attributes that this query parameter specifies, as well as any attribute that is defined as returned=always.

AuthnRequestBinding string

(Updatable) HTTP binding to use for authentication requests.

Authorization string

(Updatable) The Authorization field value consists of credentials containing the authentication information of the user agent for the realm of the resource being requested.

CompartmentOcid string

(Updatable) Oracle Cloud Infrastructure Compartment Id (ocid) in which the resource lives.

CorrelationPolicy DomainsIdentityProviderCorrelationPolicyArgs

(Updatable) Correlation policy

DeleteInProgress bool

(Updatable) A boolean flag indicating this resource in the process of being deleted. Usually set to true when synchronous deletion of the resource would take too long.

Description string

(Updatable) Description

DomainOcid string

(Updatable) Oracle Cloud Infrastructure Domain Id (ocid) in which the resource lives.

Enabled bool

(Updatable) Set to true to indicate Partner enabled.

EncryptionCertificate string

(Updatable) Encryption certificate

ExternalId string

(Updatable) An identifier for the Resource as defined by the Service Consumer. The externalId may simplify identification of the Resource between Service Consumer and Service Provider by allowing the Consumer to refer to the Resource with its own identifier, obviating the need to store a local mapping between the local identifier of the Resource and the identifier used by the Service Provider. Each Resource MAY include a non-empty externalId value. The value of the externalId attribute is always issued by the Service Consumer and can never be specified by the Service Provider. The Service Provider MUST always interpret the externalId as scoped to the Service Consumer's tenant.

IconUrl string

(Updatable) Identity Provider Icon URL.

IdcsCreatedBies []DomainsIdentityProviderIdcsCreatedByArgs

(Updatable) The User or App who created the Resource

IdcsEndpoint string

The basic endpoint for the identity domain

IdcsLastModifiedBies []DomainsIdentityProviderIdcsLastModifiedByArgs

(Updatable) The User or App who modified the Resource

IdcsLastUpgradedInRelease string

(Updatable) The release number when the resource was upgraded.

IdcsPreventedOperations []string

(Updatable) Each value of this attribute specifies an operation that only an internal client may perform on this particular resource.

IdpSsoUrl string

(Updatable) Identity Provider SSO URL

IncludeSigningCertInSignature bool

(Updatable) Set to true to include the signing certificate in the signature.

JitUserProvAssignedGroups []DomainsIdentityProviderJitUserProvAssignedGroupArgs

(Updatable) Refers to every group of which a JIT-provisioned User should be a member. Just-in-Time user-provisioning applies this static list when jitUserProvGroupStaticListEnabled:true.

JitUserProvAttributeUpdateEnabled bool

(Updatable) Set to true to indicate JIT User Creation is enabled

JitUserProvAttributes DomainsIdentityProviderJitUserProvAttributesArgs

(Updatable) Assertion To User Mapping

JitUserProvCreateUserEnabled bool

(Updatable) Set to true to indicate JIT User Creation is enabled

JitUserProvEnabled bool

(Updatable) Set to true to indicate JIT User Provisioning is enabled

JitUserProvGroupAssertionAttributeEnabled bool

(Updatable) Set to true to indicate JIT User Provisioning Groups should be assigned based on assertion attribute

JitUserProvGroupAssignmentMethod string

(Updatable) The default value is 'Overwrite', which tells Just-In-Time user-provisioning to replace any current group-assignments for a User with those assigned by assertions and/or those assigned statically. Specify 'Merge' if you want Just-In-Time user-provisioning to combine its group-assignments with those the user already has.

JitUserProvGroupMappingMode string

(Updatable) Property to indicate the mode of group mapping

JitUserProvGroupMappings []DomainsIdentityProviderJitUserProvGroupMappingArgs

(Updatable) The list of mappings between the Identity Domain Group and the IDP group.

JitUserProvGroupSamlAttributeName string

(Updatable) Name of the assertion attribute containing the users groups

JitUserProvGroupStaticListEnabled bool

(Updatable) Set to true to indicate JIT User Provisioning Groups should be assigned from a static list

JitUserProvIgnoreErrorOnAbsentGroups bool

(Updatable) Set to true to indicate ignoring absence of group while provisioning

LogoutBinding string

(Updatable) HTTP binding to use for logout.

LogoutEnabled bool

(Updatable) Set to true to enable logout.

LogoutRequestUrl string

(Updatable) Logout request URL

LogoutResponseUrl string

(Updatable) Logout response URL

Metadata string

(Updatable) Metadata

Metas []DomainsIdentityProviderMetaArgs

(Updatable) A complex attribute that contains resource metadata. All sub-attributes are OPTIONAL.

NameIdFormat string

(Updatable) Default authentication request name ID format.

Ocid string

(Updatable) Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.

PartnerName string

(Updatable) Unique name of the trusted Identity Provider.

PartnerProviderId string

(Updatable) Provider ID

RequestedAuthenticationContexts []string

(Updatable) SAML SP authentication type.

RequireForceAuthn bool

(Updatable) This SP requires requests SAML IdP to enforce re-authentication.

RequiresEncryptedAssertion bool

(Updatable) SAML SP must accept encrypted assertion only.

ResourceTypeSchemaVersion string

(Updatable) An endpoint-specific schema version number to use in the Request. Allowed version values are Earliest Version or Latest Version as specified in each REST API endpoint description, or any sequential number inbetween. All schema attributes/body parameters are a part of version 1. After version 1, any attributes added or deprecated will be tagged with the version that they were added to or deprecated in. If no version is provided, the latest schema version is returned.

SamlHoKrequired bool

(Updatable) SAML SP HoK Enabled.

Schemas []string

(Updatable) REQUIRED. The schemas attribute is an array of Strings which allows introspection of the supported schema version for a SCIM representation as well any schema extensions supported by that representation. Each String value must be a unique URI. This specification defines URIs for User, Group, and a standard "enterprise" extension. All representations of SCIM schema MUST include a non-zero value array with value(s) of the URIs supported by that representation. Duplicate values MUST NOT be included. Value order is not specified and MUST not impact behavior.

ServiceInstanceIdentifier string

(Updatable) The serviceInstanceIdentifier of the App that hosts this IdP. This value will match the opcServiceInstanceGUID of any service-instance that the IdP represents.

ShownOnLoginPage bool

(Updatable) Set to true to indicate whether to show IdP in login page or not.

SignatureHashAlgorithm string

(Updatable) Signature hash algorithm.

SigningCertificate string

(Updatable) Signing certificate

SuccinctId string

(Updatable) Succinct ID

Tags []DomainsIdentityProviderTagArgs

(Updatable) A list of tags on this resource.

TenancyOcid string

(Updatable) Oracle Cloud Infrastructure Tenant Id (ocid) in which the resource lives.

TenantProviderId string

(Updatable) The alternate Provider ID to be used as the Oracle Identity Cloud Service providerID (instead of the one in SamlSettings) when interacting with this IdP.

Type string

(Updatable) Identity Provider Type

UrnietfparamsscimschemasoracleidcsextensionsocialIdentityProvider DomainsIdentityProviderUrnietfparamsscimschemasoracleidcsextensionsocialIdentityProviderArgs

(Updatable) Social Identity Provider Extension Schema

Urnietfparamsscimschemasoracleidcsextensionx509identityProvider DomainsIdentityProviderUrnietfparamsscimschemasoracleidcsextensionx509identityProviderArgs

(Updatable) X509 Identity Provider Extension Schema

UserMappingMethod string

(Updatable) User mapping method.

UserMappingStoreAttribute string

(Updatable) This property specifies the userstore attribute value that must match the incoming assertion attribute value or the incoming nameid attribute value in order to identify the user during SSO.You can construct the userMappingStoreAttribute value by specifying attributes from the Oracle Identity Cloud Service Core Users schema. For examples of how to construct the userMappingStoreAttribute value, see the Example of a Request Body section of the Examples tab for the POST and PUT methods of the /IdentityProviders endpoint.

assertionAttribute String

(Updatable) Assertion attribute name.

attributeSets List<String>

(Updatable) A multi-valued list of strings indicating the return type of attribute definition. The specified set of attributes can be fetched by the return type of the attribute. One or more values can be given together to fetch more than one group of attributes. If 'attributes' query parameter is also available, union of the two is fetched. Valid values - all, always, never, request, default. Values are case-insensitive.

attributes String

(Updatable) A comma-delimited string that specifies the names of resource attributes that should be returned in the response. By default, a response that contains resource attributes contains only attributes that are defined in the schema for that resource type as returned=always or returned=default. An attribute that is defined as returned=request is returned in a response only if the request specifies its name in the value of this query parameter. If a request specifies this query parameter, the response contains the attributes that this query parameter specifies, as well as any attribute that is defined as returned=always.

authnRequestBinding String

(Updatable) HTTP binding to use for authentication requests.

authorization String

(Updatable) The Authorization field value consists of credentials containing the authentication information of the user agent for the realm of the resource being requested.

compartmentOcid String

(Updatable) Oracle Cloud Infrastructure Compartment Id (ocid) in which the resource lives.

correlationPolicy DomainsProviderCorrelationPolicyArgs

(Updatable) Correlation policy

deleteInProgress Boolean

(Updatable) A boolean flag indicating this resource in the process of being deleted. Usually set to true when synchronous deletion of the resource would take too long.

description String

(Updatable) Description

domainOcid String

(Updatable) Oracle Cloud Infrastructure Domain Id (ocid) in which the resource lives.

enabled Boolean

(Updatable) Set to true to indicate Partner enabled.

encryptionCertificate String

(Updatable) Encryption certificate

externalId String

(Updatable) An identifier for the Resource as defined by the Service Consumer. The externalId may simplify identification of the Resource between Service Consumer and Service Provider by allowing the Consumer to refer to the Resource with its own identifier, obviating the need to store a local mapping between the local identifier of the Resource and the identifier used by the Service Provider. Each Resource MAY include a non-empty externalId value. The value of the externalId attribute is always issued by the Service Consumer and can never be specified by the Service Provider. The Service Provider MUST always interpret the externalId as scoped to the Service Consumer's tenant.

iconUrl String

(Updatable) Identity Provider Icon URL.

idcsCreatedBies List<DomainsProviderIdcsCreatedByArgs>

(Updatable) The User or App who created the Resource

idcsEndpoint String

The basic endpoint for the identity domain

idcsLastModifiedBies List<DomainsProviderIdcsLastModifiedByArgs>

(Updatable) The User or App who modified the Resource

idcsLastUpgradedInRelease String

(Updatable) The release number when the resource was upgraded.

idcsPreventedOperations List<String>

(Updatable) Each value of this attribute specifies an operation that only an internal client may perform on this particular resource.

idpSsoUrl String

(Updatable) Identity Provider SSO URL

includeSigningCertInSignature Boolean

(Updatable) Set to true to include the signing certificate in the signature.

jitUserProvAssignedGroups List<DomainsProviderJitUserProvAssignedGroupArgs>

(Updatable) Refers to every group of which a JIT-provisioned User should be a member. Just-in-Time user-provisioning applies this static list when jitUserProvGroupStaticListEnabled:true.

jitUserProvAttributeUpdateEnabled Boolean

(Updatable) Set to true to indicate JIT User Creation is enabled

jitUserProvAttributes DomainsProviderJitUserProvAttributesArgs

(Updatable) Assertion To User Mapping

jitUserProvCreateUserEnabled Boolean

(Updatable) Set to true to indicate JIT User Creation is enabled

jitUserProvEnabled Boolean

(Updatable) Set to true to indicate JIT User Provisioning is enabled

jitUserProvGroupAssertionAttributeEnabled Boolean

(Updatable) Set to true to indicate JIT User Provisioning Groups should be assigned based on assertion attribute

jitUserProvGroupAssignmentMethod String

(Updatable) The default value is 'Overwrite', which tells Just-In-Time user-provisioning to replace any current group-assignments for a User with those assigned by assertions and/or those assigned statically. Specify 'Merge' if you want Just-In-Time user-provisioning to combine its group-assignments with those the user already has.

jitUserProvGroupMappingMode String

(Updatable) Property to indicate the mode of group mapping

jitUserProvGroupMappings List<DomainsProviderJitUserProvGroupMappingArgs>

(Updatable) The list of mappings between the Identity Domain Group and the IDP group.

jitUserProvGroupSamlAttributeName String

(Updatable) Name of the assertion attribute containing the users groups

jitUserProvGroupStaticListEnabled Boolean

(Updatable) Set to true to indicate JIT User Provisioning Groups should be assigned from a static list

jitUserProvIgnoreErrorOnAbsentGroups Boolean

(Updatable) Set to true to indicate ignoring absence of group while provisioning

logoutBinding String

(Updatable) HTTP binding to use for logout.

logoutEnabled Boolean

(Updatable) Set to true to enable logout.

logoutRequestUrl String

(Updatable) Logout request URL

logoutResponseUrl String

(Updatable) Logout response URL

metadata String

(Updatable) Metadata

metas List<DomainsProviderMetaArgs>

(Updatable) A complex attribute that contains resource metadata. All sub-attributes are OPTIONAL.

nameIdFormat String

(Updatable) Default authentication request name ID format.

ocid String

(Updatable) Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.

partnerName String

(Updatable) Unique name of the trusted Identity Provider.

partnerProviderId String

(Updatable) Provider ID

requestedAuthenticationContexts List<String>

(Updatable) SAML SP authentication type.

requireForceAuthn Boolean

(Updatable) This SP requires requests SAML IdP to enforce re-authentication.

requiresEncryptedAssertion Boolean

(Updatable) SAML SP must accept encrypted assertion only.

resourceTypeSchemaVersion String

(Updatable) An endpoint-specific schema version number to use in the Request. Allowed version values are Earliest Version or Latest Version as specified in each REST API endpoint description, or any sequential number inbetween. All schema attributes/body parameters are a part of version 1. After version 1, any attributes added or deprecated will be tagged with the version that they were added to or deprecated in. If no version is provided, the latest schema version is returned.

samlHoKrequired Boolean

(Updatable) SAML SP HoK Enabled.

schemas List<String>

(Updatable) REQUIRED. The schemas attribute is an array of Strings which allows introspection of the supported schema version for a SCIM representation as well any schema extensions supported by that representation. Each String value must be a unique URI. This specification defines URIs for User, Group, and a standard "enterprise" extension. All representations of SCIM schema MUST include a non-zero value array with value(s) of the URIs supported by that representation. Duplicate values MUST NOT be included. Value order is not specified and MUST not impact behavior.

serviceInstanceIdentifier String

(Updatable) The serviceInstanceIdentifier of the App that hosts this IdP. This value will match the opcServiceInstanceGUID of any service-instance that the IdP represents.

shownOnLoginPage Boolean

(Updatable) Set to true to indicate whether to show IdP in login page or not.

signatureHashAlgorithm String

(Updatable) Signature hash algorithm.

signingCertificate String

(Updatable) Signing certificate

succinctId String

(Updatable) Succinct ID

tags List<DomainsProviderTagArgs>

(Updatable) A list of tags on this resource.

tenancyOcid String

(Updatable) Oracle Cloud Infrastructure Tenant Id (ocid) in which the resource lives.

tenantProviderId String

(Updatable) The alternate Provider ID to be used as the Oracle Identity Cloud Service providerID (instead of the one in SamlSettings) when interacting with this IdP.

type String

(Updatable) Identity Provider Type

urnietfparamsscimschemasoracleidcsextensionsocialIdentityProvider DomainsProviderUrnietfparamsscimschemasoracleidcsextensionsocialProviderArgs

(Updatable) Social Identity Provider Extension Schema

urnietfparamsscimschemasoracleidcsextensionx509identityProvider DomainsProviderUrnietfparamsscimschemasoracleidcsextensionx509identityProviderArgs

(Updatable) X509 Identity Provider Extension Schema

userMappingMethod String

(Updatable) User mapping method.

userMappingStoreAttribute String

(Updatable) This property specifies the userstore attribute value that must match the incoming assertion attribute value or the incoming nameid attribute value in order to identify the user during SSO.You can construct the userMappingStoreAttribute value by specifying attributes from the Oracle Identity Cloud Service Core Users schema. For examples of how to construct the userMappingStoreAttribute value, see the Example of a Request Body section of the Examples tab for the POST and PUT methods of the /IdentityProviders endpoint.

assertionAttribute string

(Updatable) Assertion attribute name.

attributeSets string[]

(Updatable) A multi-valued list of strings indicating the return type of attribute definition. The specified set of attributes can be fetched by the return type of the attribute. One or more values can be given together to fetch more than one group of attributes. If 'attributes' query parameter is also available, union of the two is fetched. Valid values - all, always, never, request, default. Values are case-insensitive.

attributes string

(Updatable) A comma-delimited string that specifies the names of resource attributes that should be returned in the response. By default, a response that contains resource attributes contains only attributes that are defined in the schema for that resource type as returned=always or returned=default. An attribute that is defined as returned=request is returned in a response only if the request specifies its name in the value of this query parameter. If a request specifies this query parameter, the response contains the attributes that this query parameter specifies, as well as any attribute that is defined as returned=always.

authnRequestBinding string

(Updatable) HTTP binding to use for authentication requests.

authorization string

(Updatable) The Authorization field value consists of credentials containing the authentication information of the user agent for the realm of the resource being requested.

compartmentOcid string

(Updatable) Oracle Cloud Infrastructure Compartment Id (ocid) in which the resource lives.

correlationPolicy DomainsIdentityProviderCorrelationPolicyArgs

(Updatable) Correlation policy

deleteInProgress boolean

(Updatable) A boolean flag indicating this resource in the process of being deleted. Usually set to true when synchronous deletion of the resource would take too long.

description string

(Updatable) Description

domainOcid string

(Updatable) Oracle Cloud Infrastructure Domain Id (ocid) in which the resource lives.

enabled boolean

(Updatable) Set to true to indicate Partner enabled.

encryptionCertificate string

(Updatable) Encryption certificate

externalId string

(Updatable) An identifier for the Resource as defined by the Service Consumer. The externalId may simplify identification of the Resource between Service Consumer and Service Provider by allowing the Consumer to refer to the Resource with its own identifier, obviating the need to store a local mapping between the local identifier of the Resource and the identifier used by the Service Provider. Each Resource MAY include a non-empty externalId value. The value of the externalId attribute is always issued by the Service Consumer and can never be specified by the Service Provider. The Service Provider MUST always interpret the externalId as scoped to the Service Consumer's tenant.

iconUrl string

(Updatable) Identity Provider Icon URL.

idcsCreatedBies DomainsIdentityProviderIdcsCreatedByArgs[]

(Updatable) The User or App who created the Resource

idcsEndpoint string

The basic endpoint for the identity domain

idcsLastModifiedBies DomainsIdentityProviderIdcsLastModifiedByArgs[]

(Updatable) The User or App who modified the Resource

idcsLastUpgradedInRelease string

(Updatable) The release number when the resource was upgraded.

idcsPreventedOperations string[]

(Updatable) Each value of this attribute specifies an operation that only an internal client may perform on this particular resource.

idpSsoUrl string

(Updatable) Identity Provider SSO URL

includeSigningCertInSignature boolean

(Updatable) Set to true to include the signing certificate in the signature.

jitUserProvAssignedGroups DomainsIdentityProviderJitUserProvAssignedGroupArgs[]

(Updatable) Refers to every group of which a JIT-provisioned User should be a member. Just-in-Time user-provisioning applies this static list when jitUserProvGroupStaticListEnabled:true.

jitUserProvAttributeUpdateEnabled boolean

(Updatable) Set to true to indicate JIT User Creation is enabled

jitUserProvAttributes DomainsIdentityProviderJitUserProvAttributesArgs

(Updatable) Assertion To User Mapping

jitUserProvCreateUserEnabled boolean

(Updatable) Set to true to indicate JIT User Creation is enabled

jitUserProvEnabled boolean

(Updatable) Set to true to indicate JIT User Provisioning is enabled

jitUserProvGroupAssertionAttributeEnabled boolean

(Updatable) Set to true to indicate JIT User Provisioning Groups should be assigned based on assertion attribute

jitUserProvGroupAssignmentMethod string

(Updatable) The default value is 'Overwrite', which tells Just-In-Time user-provisioning to replace any current group-assignments for a User with those assigned by assertions and/or those assigned statically. Specify 'Merge' if you want Just-In-Time user-provisioning to combine its group-assignments with those the user already has.

jitUserProvGroupMappingMode string

(Updatable) Property to indicate the mode of group mapping

jitUserProvGroupMappings DomainsIdentityProviderJitUserProvGroupMappingArgs[]

(Updatable) The list of mappings between the Identity Domain Group and the IDP group.

jitUserProvGroupSamlAttributeName string

(Updatable) Name of the assertion attribute containing the users groups

jitUserProvGroupStaticListEnabled boolean

(Updatable) Set to true to indicate JIT User Provisioning Groups should be assigned from a static list

jitUserProvIgnoreErrorOnAbsentGroups boolean

(Updatable) Set to true to indicate ignoring absence of group while provisioning

logoutBinding string

(Updatable) HTTP binding to use for logout.

logoutEnabled boolean

(Updatable) Set to true to enable logout.

logoutRequestUrl string

(Updatable) Logout request URL

logoutResponseUrl string

(Updatable) Logout response URL

metadata string

(Updatable) Metadata

metas DomainsIdentityProviderMetaArgs[]

(Updatable) A complex attribute that contains resource metadata. All sub-attributes are OPTIONAL.

nameIdFormat string

(Updatable) Default authentication request name ID format.

ocid string

(Updatable) Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.

partnerName string

(Updatable) Unique name of the trusted Identity Provider.

partnerProviderId string

(Updatable) Provider ID

requestedAuthenticationContexts string[]

(Updatable) SAML SP authentication type.

requireForceAuthn boolean

(Updatable) This SP requires requests SAML IdP to enforce re-authentication.

requiresEncryptedAssertion boolean

(Updatable) SAML SP must accept encrypted assertion only.

resourceTypeSchemaVersion string

(Updatable) An endpoint-specific schema version number to use in the Request. Allowed version values are Earliest Version or Latest Version as specified in each REST API endpoint description, or any sequential number inbetween. All schema attributes/body parameters are a part of version 1. After version 1, any attributes added or deprecated will be tagged with the version that they were added to or deprecated in. If no version is provided, the latest schema version is returned.

samlHoKrequired boolean

(Updatable) SAML SP HoK Enabled.

schemas string[]

(Updatable) REQUIRED. The schemas attribute is an array of Strings which allows introspection of the supported schema version for a SCIM representation as well any schema extensions supported by that representation. Each String value must be a unique URI. This specification defines URIs for User, Group, and a standard "enterprise" extension. All representations of SCIM schema MUST include a non-zero value array with value(s) of the URIs supported by that representation. Duplicate values MUST NOT be included. Value order is not specified and MUST not impact behavior.

serviceInstanceIdentifier string

(Updatable) The serviceInstanceIdentifier of the App that hosts this IdP. This value will match the opcServiceInstanceGUID of any service-instance that the IdP represents.

shownOnLoginPage boolean

(Updatable) Set to true to indicate whether to show IdP in login page or not.

signatureHashAlgorithm string

(Updatable) Signature hash algorithm.

signingCertificate string

(Updatable) Signing certificate

succinctId string

(Updatable) Succinct ID

tags DomainsIdentityProviderTagArgs[]

(Updatable) A list of tags on this resource.

tenancyOcid string

(Updatable) Oracle Cloud Infrastructure Tenant Id (ocid) in which the resource lives.

tenantProviderId string

(Updatable) The alternate Provider ID to be used as the Oracle Identity Cloud Service providerID (instead of the one in SamlSettings) when interacting with this IdP.

type string

(Updatable) Identity Provider Type

urnietfparamsscimschemasoracleidcsextensionsocialIdentityProvider DomainsIdentityProviderUrnietfparamsscimschemasoracleidcsextensionsocialIdentityProviderArgs

(Updatable) Social Identity Provider Extension Schema

urnietfparamsscimschemasoracleidcsextensionx509identityProvider DomainsIdentityProviderUrnietfparamsscimschemasoracleidcsextensionx509identityProviderArgs

(Updatable) X509 Identity Provider Extension Schema

userMappingMethod string

(Updatable) User mapping method.

userMappingStoreAttribute string

(Updatable) This property specifies the userstore attribute value that must match the incoming assertion attribute value or the incoming nameid attribute value in order to identify the user during SSO.You can construct the userMappingStoreAttribute value by specifying attributes from the Oracle Identity Cloud Service Core Users schema. For examples of how to construct the userMappingStoreAttribute value, see the Example of a Request Body section of the Examples tab for the POST and PUT methods of the /IdentityProviders endpoint.

assertion_attribute str

(Updatable) Assertion attribute name.

attribute_sets Sequence[str]

(Updatable) A multi-valued list of strings indicating the return type of attribute definition. The specified set of attributes can be fetched by the return type of the attribute. One or more values can be given together to fetch more than one group of attributes. If 'attributes' query parameter is also available, union of the two is fetched. Valid values - all, always, never, request, default. Values are case-insensitive.

attributes str

(Updatable) A comma-delimited string that specifies the names of resource attributes that should be returned in the response. By default, a response that contains resource attributes contains only attributes that are defined in the schema for that resource type as returned=always or returned=default. An attribute that is defined as returned=request is returned in a response only if the request specifies its name in the value of this query parameter. If a request specifies this query parameter, the response contains the attributes that this query parameter specifies, as well as any attribute that is defined as returned=always.

authn_request_binding str

(Updatable) HTTP binding to use for authentication requests.

authorization str

(Updatable) The Authorization field value consists of credentials containing the authentication information of the user agent for the realm of the resource being requested.

compartment_ocid str

(Updatable) Oracle Cloud Infrastructure Compartment Id (ocid) in which the resource lives.

correlation_policy DomainsIdentityProviderCorrelationPolicyArgs

(Updatable) Correlation policy

delete_in_progress bool

(Updatable) A boolean flag indicating this resource in the process of being deleted. Usually set to true when synchronous deletion of the resource would take too long.

description str

(Updatable) Description

domain_ocid str

(Updatable) Oracle Cloud Infrastructure Domain Id (ocid) in which the resource lives.

enabled bool

(Updatable) Set to true to indicate Partner enabled.

encryption_certificate str

(Updatable) Encryption certificate

external_id str

(Updatable) An identifier for the Resource as defined by the Service Consumer. The externalId may simplify identification of the Resource between Service Consumer and Service Provider by allowing the Consumer to refer to the Resource with its own identifier, obviating the need to store a local mapping between the local identifier of the Resource and the identifier used by the Service Provider. Each Resource MAY include a non-empty externalId value. The value of the externalId attribute is always issued by the Service Consumer and can never be specified by the Service Provider. The Service Provider MUST always interpret the externalId as scoped to the Service Consumer's tenant.

icon_url str

(Updatable) Identity Provider Icon URL.

idcs_created_bies DomainsIdentityProviderIdcsCreatedByArgs]

(Updatable) The User or App who created the Resource

idcs_endpoint str

The basic endpoint for the identity domain

idcs_last_modified_bies DomainsIdentityProviderIdcsLastModifiedByArgs]

(Updatable) The User or App who modified the Resource

idcs_last_upgraded_in_release str

(Updatable) The release number when the resource was upgraded.

idcs_prevented_operations Sequence[str]

(Updatable) Each value of this attribute specifies an operation that only an internal client may perform on this particular resource.

idp_sso_url str

(Updatable) Identity Provider SSO URL

include_signing_cert_in_signature bool

(Updatable) Set to true to include the signing certificate in the signature.

jit_user_prov_assigned_groups DomainsIdentityProviderJitUserProvAssignedGroupArgs]

(Updatable) Refers to every group of which a JIT-provisioned User should be a member. Just-in-Time user-provisioning applies this static list when jitUserProvGroupStaticListEnabled:true.

jit_user_prov_attribute_update_enabled bool

(Updatable) Set to true to indicate JIT User Creation is enabled

jit_user_prov_attributes DomainsIdentityProviderJitUserProvAttributesArgs

(Updatable) Assertion To User Mapping

jit_user_prov_create_user_enabled bool

(Updatable) Set to true to indicate JIT User Creation is enabled

jit_user_prov_enabled bool

(Updatable) Set to true to indicate JIT User Provisioning is enabled

jit_user_prov_group_assertion_attribute_enabled bool

(Updatable) Set to true to indicate JIT User Provisioning Groups should be assigned based on assertion attribute

jit_user_prov_group_assignment_method str

(Updatable) The default value is 'Overwrite', which tells Just-In-Time user-provisioning to replace any current group-assignments for a User with those assigned by assertions and/or those assigned statically. Specify 'Merge' if you want Just-In-Time user-provisioning to combine its group-assignments with those the user already has.

jit_user_prov_group_mapping_mode str

(Updatable) Property to indicate the mode of group mapping

jit_user_prov_group_mappings DomainsIdentityProviderJitUserProvGroupMappingArgs]

(Updatable) The list of mappings between the Identity Domain Group and the IDP group.

jit_user_prov_group_saml_attribute_name str

(Updatable) Name of the assertion attribute containing the users groups

jit_user_prov_group_static_list_enabled bool

(Updatable) Set to true to indicate JIT User Provisioning Groups should be assigned from a static list

jit_user_prov_ignore_error_on_absent_groups bool

(Updatable) Set to true to indicate ignoring absence of group while provisioning

logout_binding str

(Updatable) HTTP binding to use for logout.

logout_enabled bool

(Updatable) Set to true to enable logout.

logout_request_url str

(Updatable) Logout request URL

logout_response_url str

(Updatable) Logout response URL

metadata str

(Updatable) Metadata

metas DomainsIdentityProviderMetaArgs]

(Updatable) A complex attribute that contains resource metadata. All sub-attributes are OPTIONAL.

name_id_format str

(Updatable) Default authentication request name ID format.

ocid str

(Updatable) Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.

partner_name str

(Updatable) Unique name of the trusted Identity Provider.

partner_provider_id str

(Updatable) Provider ID

requested_authentication_contexts Sequence[str]

(Updatable) SAML SP authentication type.

require_force_authn bool

(Updatable) This SP requires requests SAML IdP to enforce re-authentication.

requires_encrypted_assertion bool

(Updatable) SAML SP must accept encrypted assertion only.

resource_type_schema_version str

(Updatable) An endpoint-specific schema version number to use in the Request. Allowed version values are Earliest Version or Latest Version as specified in each REST API endpoint description, or any sequential number inbetween. All schema attributes/body parameters are a part of version 1. After version 1, any attributes added or deprecated will be tagged with the version that they were added to or deprecated in. If no version is provided, the latest schema version is returned.

saml_ho_krequired bool

(Updatable) SAML SP HoK Enabled.

schemas Sequence[str]

(Updatable) REQUIRED. The schemas attribute is an array of Strings which allows introspection of the supported schema version for a SCIM representation as well any schema extensions supported by that representation. Each String value must be a unique URI. This specification defines URIs for User, Group, and a standard "enterprise" extension. All representations of SCIM schema MUST include a non-zero value array with value(s) of the URIs supported by that representation. Duplicate values MUST NOT be included. Value order is not specified and MUST not impact behavior.

service_instance_identifier str

(Updatable) The serviceInstanceIdentifier of the App that hosts this IdP. This value will match the opcServiceInstanceGUID of any service-instance that the IdP represents.

shown_on_login_page bool

(Updatable) Set to true to indicate whether to show IdP in login page or not.

signature_hash_algorithm str

(Updatable) Signature hash algorithm.

signing_certificate str

(Updatable) Signing certificate

succinct_id str

(Updatable) Succinct ID

tags DomainsIdentityProviderTagArgs]

(Updatable) A list of tags on this resource.

tenancy_ocid str

(Updatable) Oracle Cloud Infrastructure Tenant Id (ocid) in which the resource lives.

tenant_provider_id str

(Updatable) The alternate Provider ID to be used as the Oracle Identity Cloud Service providerID (instead of the one in SamlSettings) when interacting with this IdP.

type str

(Updatable) Identity Provider Type

urnietfparamsscimschemasoracleidcsextensionsocial_identity_provider DomainsIdentityProviderUrnietfparamsscimschemasoracleidcsextensionsocialIdentityProviderArgs

(Updatable) Social Identity Provider Extension Schema

urnietfparamsscimschemasoracleidcsextensionx509identity_provider DomainsIdentityProviderUrnietfparamsscimschemasoracleidcsextensionx509identityProviderArgs

(Updatable) X509 Identity Provider Extension Schema

user_mapping_method str

(Updatable) User mapping method.

user_mapping_store_attribute str

(Updatable) This property specifies the userstore attribute value that must match the incoming assertion attribute value or the incoming nameid attribute value in order to identify the user during SSO.You can construct the userMappingStoreAttribute value by specifying attributes from the Oracle Identity Cloud Service Core Users schema. For examples of how to construct the userMappingStoreAttribute value, see the Example of a Request Body section of the Examples tab for the POST and PUT methods of the /IdentityProviders endpoint.

assertionAttribute String

(Updatable) Assertion attribute name.

attributeSets List<String>

(Updatable) A multi-valued list of strings indicating the return type of attribute definition. The specified set of attributes can be fetched by the return type of the attribute. One or more values can be given together to fetch more than one group of attributes. If 'attributes' query parameter is also available, union of the two is fetched. Valid values - all, always, never, request, default. Values are case-insensitive.

attributes String

(Updatable) A comma-delimited string that specifies the names of resource attributes that should be returned in the response. By default, a response that contains resource attributes contains only attributes that are defined in the schema for that resource type as returned=always or returned=default. An attribute that is defined as returned=request is returned in a response only if the request specifies its name in the value of this query parameter. If a request specifies this query parameter, the response contains the attributes that this query parameter specifies, as well as any attribute that is defined as returned=always.

authnRequestBinding String

(Updatable) HTTP binding to use for authentication requests.

authorization String

(Updatable) The Authorization field value consists of credentials containing the authentication information of the user agent for the realm of the resource being requested.

compartmentOcid String

(Updatable) Oracle Cloud Infrastructure Compartment Id (ocid) in which the resource lives.

correlationPolicy Property Map

(Updatable) Correlation policy

deleteInProgress Boolean

(Updatable) A boolean flag indicating this resource in the process of being deleted. Usually set to true when synchronous deletion of the resource would take too long.

description String

(Updatable) Description

domainOcid String

(Updatable) Oracle Cloud Infrastructure Domain Id (ocid) in which the resource lives.

enabled Boolean

(Updatable) Set to true to indicate Partner enabled.

encryptionCertificate String

(Updatable) Encryption certificate

externalId String

(Updatable) An identifier for the Resource as defined by the Service Consumer. The externalId may simplify identification of the Resource between Service Consumer and Service Provider by allowing the Consumer to refer to the Resource with its own identifier, obviating the need to store a local mapping between the local identifier of the Resource and the identifier used by the Service Provider. Each Resource MAY include a non-empty externalId value. The value of the externalId attribute is always issued by the Service Consumer and can never be specified by the Service Provider. The Service Provider MUST always interpret the externalId as scoped to the Service Consumer's tenant.

iconUrl String

(Updatable) Identity Provider Icon URL.

idcsCreatedBies List<Property Map>

(Updatable) The User or App who created the Resource

idcsEndpoint String

The basic endpoint for the identity domain

idcsLastModifiedBies List<Property Map>

(Updatable) The User or App who modified the Resource

idcsLastUpgradedInRelease String

(Updatable) The release number when the resource was upgraded.

idcsPreventedOperations List<String>

(Updatable) Each value of this attribute specifies an operation that only an internal client may perform on this particular resource.

idpSsoUrl String

(Updatable) Identity Provider SSO URL

includeSigningCertInSignature Boolean

(Updatable) Set to true to include the signing certificate in the signature.

jitUserProvAssignedGroups List<Property Map>

(Updatable) Refers to every group of which a JIT-provisioned User should be a member. Just-in-Time user-provisioning applies this static list when jitUserProvGroupStaticListEnabled:true.

jitUserProvAttributeUpdateEnabled Boolean

(Updatable) Set to true to indicate JIT User Creation is enabled

jitUserProvAttributes Property Map

(Updatable) Assertion To User Mapping

jitUserProvCreateUserEnabled Boolean

(Updatable) Set to true to indicate JIT User Creation is enabled

jitUserProvEnabled Boolean

(Updatable) Set to true to indicate JIT User Provisioning is enabled

jitUserProvGroupAssertionAttributeEnabled Boolean

(Updatable) Set to true to indicate JIT User Provisioning Groups should be assigned based on assertion attribute

jitUserProvGroupAssignmentMethod String

(Updatable) The default value is 'Overwrite', which tells Just-In-Time user-provisioning to replace any current group-assignments for a User with those assigned by assertions and/or those assigned statically. Specify 'Merge' if you want Just-In-Time user-provisioning to combine its group-assignments with those the user already has.

jitUserProvGroupMappingMode String

(Updatable) Property to indicate the mode of group mapping

jitUserProvGroupMappings List<Property Map>

(Updatable) The list of mappings between the Identity Domain Group and the IDP group.

jitUserProvGroupSamlAttributeName String

(Updatable) Name of the assertion attribute containing the users groups

jitUserProvGroupStaticListEnabled Boolean

(Updatable) Set to true to indicate JIT User Provisioning Groups should be assigned from a static list

jitUserProvIgnoreErrorOnAbsentGroups Boolean

(Updatable) Set to true to indicate ignoring absence of group while provisioning

logoutBinding String

(Updatable) HTTP binding to use for logout.

logoutEnabled Boolean

(Updatable) Set to true to enable logout.

logoutRequestUrl String

(Updatable) Logout request URL

logoutResponseUrl String

(Updatable) Logout response URL

metadata String

(Updatable) Metadata

metas List<Property Map>

(Updatable) A complex attribute that contains resource metadata. All sub-attributes are OPTIONAL.

nameIdFormat String

(Updatable) Default authentication request name ID format.

ocid String

(Updatable) Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.

partnerName String

(Updatable) Unique name of the trusted Identity Provider.

partnerProviderId String

(Updatable) Provider ID

requestedAuthenticationContexts List<String>

(Updatable) SAML SP authentication type.

requireForceAuthn Boolean

(Updatable) This SP requires requests SAML IdP to enforce re-authentication.

requiresEncryptedAssertion Boolean

(Updatable) SAML SP must accept encrypted assertion only.

resourceTypeSchemaVersion String

(Updatable) An endpoint-specific schema version number to use in the Request. Allowed version values are Earliest Version or Latest Version as specified in each REST API endpoint description, or any sequential number inbetween. All schema attributes/body parameters are a part of version 1. After version 1, any attributes added or deprecated will be tagged with the version that they were added to or deprecated in. If no version is provided, the latest schema version is returned.

samlHoKrequired Boolean

(Updatable) SAML SP HoK Enabled.

schemas List<String>

(Updatable) REQUIRED. The schemas attribute is an array of Strings which allows introspection of the supported schema version for a SCIM representation as well any schema extensions supported by that representation. Each String value must be a unique URI. This specification defines URIs for User, Group, and a standard "enterprise" extension. All representations of SCIM schema MUST include a non-zero value array with value(s) of the URIs supported by that representation. Duplicate values MUST NOT be included. Value order is not specified and MUST not impact behavior.

serviceInstanceIdentifier String

(Updatable) The serviceInstanceIdentifier of the App that hosts this IdP. This value will match the opcServiceInstanceGUID of any service-instance that the IdP represents.

shownOnLoginPage Boolean

(Updatable) Set to true to indicate whether to show IdP in login page or not.

signatureHashAlgorithm String

(Updatable) Signature hash algorithm.

signingCertificate String

(Updatable) Signing certificate

succinctId String

(Updatable) Succinct ID

tags List<Property Map>

(Updatable) A list of tags on this resource.

tenancyOcid String

(Updatable) Oracle Cloud Infrastructure Tenant Id (ocid) in which the resource lives.

tenantProviderId String

(Updatable) The alternate Provider ID to be used as the Oracle Identity Cloud Service providerID (instead of the one in SamlSettings) when interacting with this IdP.

type String

(Updatable) Identity Provider Type

urnietfparamsscimschemasoracleidcsextensionsocialIdentityProvider Property Map

(Updatable) Social Identity Provider Extension Schema

urnietfparamsscimschemasoracleidcsextensionx509identityProvider Property Map

(Updatable) X509 Identity Provider Extension Schema

userMappingMethod String

(Updatable) User mapping method.

userMappingStoreAttribute String

(Updatable) This property specifies the userstore attribute value that must match the incoming assertion attribute value or the incoming nameid attribute value in order to identify the user during SSO.You can construct the userMappingStoreAttribute value by specifying attributes from the Oracle Identity Cloud Service Core Users schema. For examples of how to construct the userMappingStoreAttribute value, see the Example of a Request Body section of the Examples tab for the POST and PUT methods of the /IdentityProviders endpoint.

Supporting Types

DomainsIdentityProviderCorrelationPolicy

Type string

(Updatable) Identity Provider Type

Value string

(Updatable) Value of the tag.

Display string

(Updatable) A human readable name, primarily used for display purposes. READ-ONLY.

Ref string

(Updatable) Group URI

Type string

(Updatable) Identity Provider Type

Value string

(Updatable) Value of the tag.

Display string

(Updatable) A human readable name, primarily used for display purposes. READ-ONLY.

Ref string

(Updatable) Group URI

type String

(Updatable) Identity Provider Type

value String

(Updatable) Value of the tag.

display String

(Updatable) A human readable name, primarily used for display purposes. READ-ONLY.

ref String

(Updatable) Group URI

type string

(Updatable) Identity Provider Type

value string

(Updatable) Value of the tag.

display string

(Updatable) A human readable name, primarily used for display purposes. READ-ONLY.

ref string

(Updatable) Group URI

type str

(Updatable) Identity Provider Type

value str

(Updatable) Value of the tag.

display str

(Updatable) A human readable name, primarily used for display purposes. READ-ONLY.

ref str

(Updatable) Group URI

type String

(Updatable) Identity Provider Type

value String

(Updatable) Value of the tag.

display String

(Updatable) A human readable name, primarily used for display purposes. READ-ONLY.

ref String

(Updatable) Group URI

DomainsIdentityProviderIdcsCreatedBy

Value string

(Updatable) Value of the tag.

Display string

(Updatable) A human readable name, primarily used for display purposes. READ-ONLY.

Ocid string

(Updatable) Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.

Ref string

(Updatable) Group URI

Type string

(Updatable) Identity Provider Type

Value string

(Updatable) Value of the tag.

Display string

(Updatable) A human readable name, primarily used for display purposes. READ-ONLY.

Ocid string

(Updatable) Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.

Ref string

(Updatable) Group URI

Type string

(Updatable) Identity Provider Type

value String

(Updatable) Value of the tag.

display String

(Updatable) A human readable name, primarily used for display purposes. READ-ONLY.

ocid String

(Updatable) Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.

ref String

(Updatable) Group URI

type String

(Updatable) Identity Provider Type

value string

(Updatable) Value of the tag.

display string

(Updatable) A human readable name, primarily used for display purposes. READ-ONLY.

ocid string

(Updatable) Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.

ref string

(Updatable) Group URI

type string

(Updatable) Identity Provider Type

value str

(Updatable) Value of the tag.

display str

(Updatable) A human readable name, primarily used for display purposes. READ-ONLY.

ocid str

(Updatable) Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.

ref str

(Updatable) Group URI

type str

(Updatable) Identity Provider Type

value String

(Updatable) Value of the tag.

display String

(Updatable) A human readable name, primarily used for display purposes. READ-ONLY.

ocid String

(Updatable) Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.

ref String

(Updatable) Group URI

type String

(Updatable) Identity Provider Type

DomainsIdentityProviderIdcsLastModifiedBy

Value string

(Updatable) Value of the tag.

Display string

(Updatable) A human readable name, primarily used for display purposes. READ-ONLY.

Ocid string

(Updatable) Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.

Ref string

(Updatable) Group URI

Type string

(Updatable) Identity Provider Type

Value string

(Updatable) Value of the tag.

Display string

(Updatable) A human readable name, primarily used for display purposes. READ-ONLY.

Ocid string

(Updatable) Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.

Ref string

(Updatable) Group URI

Type string

(Updatable) Identity Provider Type

value String

(Updatable) Value of the tag.

display String

(Updatable) A human readable name, primarily used for display purposes. READ-ONLY.

ocid String

(Updatable) Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.

ref String

(Updatable) Group URI

type String

(Updatable) Identity Provider Type

value string

(Updatable) Value of the tag.

display string

(Updatable) A human readable name, primarily used for display purposes. READ-ONLY.

ocid string

(Updatable) Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.

ref string

(Updatable) Group URI

type string

(Updatable) Identity Provider Type

value str

(Updatable) Value of the tag.

display str

(Updatable) A human readable name, primarily used for display purposes. READ-ONLY.

ocid str

(Updatable) Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.

ref str

(Updatable) Group URI

type str

(Updatable) Identity Provider Type

value String

(Updatable) Value of the tag.

display String

(Updatable) A human readable name, primarily used for display purposes. READ-ONLY.

ocid String

(Updatable) Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.

ref String

(Updatable) Group URI

type String

(Updatable) Identity Provider Type

DomainsIdentityProviderJitUserProvAssignedGroup

Value string

(Updatable) Value of the tag.

Display string

(Updatable) A human readable name, primarily used for display purposes. READ-ONLY.

Ref string

(Updatable) Group URI

Value string

(Updatable) Value of the tag.

Display string

(Updatable) A human readable name, primarily used for display purposes. READ-ONLY.

Ref string

(Updatable) Group URI

value String

(Updatable) Value of the tag.

display String

(Updatable) A human readable name, primarily used for display purposes. READ-ONLY.

ref String

(Updatable) Group URI

value string

(Updatable) Value of the tag.

display string

(Updatable) A human readable name, primarily used for display purposes. READ-ONLY.

ref string

(Updatable) Group URI

value str

(Updatable) Value of the tag.

display str

(Updatable) A human readable name, primarily used for display purposes. READ-ONLY.

ref str

(Updatable) Group URI

value String

(Updatable) Value of the tag.

display String

(Updatable) A human readable name, primarily used for display purposes. READ-ONLY.

ref String

(Updatable) Group URI

DomainsIdentityProviderJitUserProvAttributes

Value string

(Updatable) Value of the tag.

Ref string

(Updatable) Group URI

Value string

(Updatable) Value of the tag.

Ref string

(Updatable) Group URI

value String

(Updatable) Value of the tag.

ref String

(Updatable) Group URI

value string

(Updatable) Value of the tag.

ref string

(Updatable) Group URI

value str

(Updatable) Value of the tag.

ref str

(Updatable) Group URI

value String

(Updatable) Value of the tag.

ref String

(Updatable) Group URI

DomainsIdentityProviderJitUserProvGroupMapping

IdpGroup string

(Updatable) IDP Group Name

Value string

(Updatable) Value of the tag.

Ref string

(Updatable) Group URI

IdpGroup string

(Updatable) IDP Group Name

Value string

(Updatable) Value of the tag.

Ref string

(Updatable) Group URI

idpGroup String

(Updatable) IDP Group Name

value String

(Updatable) Value of the tag.

ref String

(Updatable) Group URI

idpGroup string

(Updatable) IDP Group Name

value string

(Updatable) Value of the tag.

ref string

(Updatable) Group URI

idp_group str

(Updatable) IDP Group Name

value str

(Updatable) Value of the tag.

ref str

(Updatable) Group URI

idpGroup String

(Updatable) IDP Group Name

value String

(Updatable) Value of the tag.

ref String

(Updatable) Group URI

DomainsIdentityProviderMeta

Created string

(Updatable) The DateTime the Resource was added to the Service Provider

LastModified string

(Updatable) The most recent DateTime that the details of this Resource were updated at the Service Provider. If this Resource has never been modified since its initial creation, the value MUST be the same as the value of created. The attribute MUST be a DateTime.

Location string

(Updatable) The URI of the Resource being returned. This value MUST be the same as the Location HTTP response header.

ResourceType string

(Updatable) Name of the resource type of the resource--for example, Users or Groups

Version string

(Updatable) The version of the Resource being returned. This value must be the same as the ETag HTTP response header.

Created string

(Updatable) The DateTime the Resource was added to the Service Provider

LastModified string

(Updatable) The most recent DateTime that the details of this Resource were updated at the Service Provider. If this Resource has never been modified since its initial creation, the value MUST be the same as the value of created. The attribute MUST be a DateTime.

Location string

(Updatable) The URI of the Resource being returned. This value MUST be the same as the Location HTTP response header.

ResourceType string

(Updatable) Name of the resource type of the resource--for example, Users or Groups

Version string

(Updatable) The version of the Resource being returned. This value must be the same as the ETag HTTP response header.

created String

(Updatable) The DateTime the Resource was added to the Service Provider

lastModified String

(Updatable) The most recent DateTime that the details of this Resource were updated at the Service Provider. If this Resource has never been modified since its initial creation, the value MUST be the same as the value of created. The attribute MUST be a DateTime.

location String

(Updatable) The URI of the Resource being returned. This value MUST be the same as the Location HTTP response header.

resourceType String

(Updatable) Name of the resource type of the resource--for example, Users or Groups

version String

(Updatable) The version of the Resource being returned. This value must be the same as the ETag HTTP response header.

created string

(Updatable) The DateTime the Resource was added to the Service Provider

lastModified string

(Updatable) The most recent DateTime that the details of this Resource were updated at the Service Provider. If this Resource has never been modified since its initial creation, the value MUST be the same as the value of created. The attribute MUST be a DateTime.

location string

(Updatable) The URI of the Resource being returned. This value MUST be the same as the Location HTTP response header.

resourceType string

(Updatable) Name of the resource type of the resource--for example, Users or Groups

version string

(Updatable) The version of the Resource being returned. This value must be the same as the ETag HTTP response header.

created str

(Updatable) The DateTime the Resource was added to the Service Provider

last_modified str

(Updatable) The most recent DateTime that the details of this Resource were updated at the Service Provider. If this Resource has never been modified since its initial creation, the value MUST be the same as the value of created. The attribute MUST be a DateTime.

location str

(Updatable) The URI of the Resource being returned. This value MUST be the same as the Location HTTP response header.

resource_type str

(Updatable) Name of the resource type of the resource--for example, Users or Groups

version str

(Updatable) The version of the Resource being returned. This value must be the same as the ETag HTTP response header.

created String

(Updatable) The DateTime the Resource was added to the Service Provider

lastModified String

(Updatable) The most recent DateTime that the details of this Resource were updated at the Service Provider. If this Resource has never been modified since its initial creation, the value MUST be the same as the value of created. The attribute MUST be a DateTime.

location String

(Updatable) The URI of the Resource being returned. This value MUST be the same as the Location HTTP response header.

resourceType String

(Updatable) Name of the resource type of the resource--for example, Users or Groups

version String

(Updatable) The version of the Resource being returned. This value must be the same as the ETag HTTP response header.

DomainsIdentityProviderTag

Key string

(Updatable) Key or name of the tag.

Value string

(Updatable) Value of the tag.

Key string

(Updatable) Key or name of the tag.

Value string

(Updatable) Value of the tag.

key String

(Updatable) Key or name of the tag.

value String

(Updatable) Value of the tag.

key string

(Updatable) Key or name of the tag.

value string

(Updatable) Value of the tag.

key str

(Updatable) Key or name of the tag.

value str

(Updatable) Value of the tag.

key String

(Updatable) Key or name of the tag.

value String

(Updatable) Value of the tag.

DomainsIdentityProviderUrnietfparamsscimschemasoracleidcsextensionsocialIdentityProvider

AccountLinkingEnabled bool

(Updatable) Whether account linking is enabled

ConsumerKey string

(Updatable) Social IDP Client Application Client ID

ConsumerSecret string

(Updatable) Social IDP Client Application Client Secret

RegistrationEnabled bool

(Updatable) Whether registration is enabled

ServiceProviderName string

(Updatable) Service Provider Name

AccessTokenUrl string

(Updatable) Social IDP Access token URL

AdminScopes List<string>

(Updatable) Admin scope to request

AuthzUrl string

(Updatable) Social IDP Authorization URL

ClientCredentialInPayload bool

(Updatable) Whether the client credential is contained in payload

ClockSkewInSeconds int

(Updatable) Social IDP allowed clock skew time

DiscoveryUrl string

(Updatable) Discovery URL

IdAttribute string

(Updatable) Id attribute used for account linking

ProfileUrl string

(Updatable) Social IDP User profile URL

RedirectUrl string

(Updatable) redirect URL for social idp

Scopes List<string>

(Updatable) Scope to request

Status string

(Updatable) Status

AccountLinkingEnabled bool

(Updatable) Whether account linking is enabled

ConsumerKey string

(Updatable) Social IDP Client Application Client ID

ConsumerSecret string

(Updatable) Social IDP Client Application Client Secret

RegistrationEnabled bool

(Updatable) Whether registration is enabled

ServiceProviderName string

(Updatable) Service Provider Name

AccessTokenUrl string

(Updatable) Social IDP Access token URL

AdminScopes []string

(Updatable) Admin scope to request

AuthzUrl string

(Updatable) Social IDP Authorization URL

ClientCredentialInPayload bool

(Updatable) Whether the client credential is contained in payload

ClockSkewInSeconds int

(Updatable) Social IDP allowed clock skew time

DiscoveryUrl string

(Updatable) Discovery URL

IdAttribute string

(Updatable) Id attribute used for account linking

ProfileUrl string

(Updatable) Social IDP User profile URL

RedirectUrl string

(Updatable) redirect URL for social idp

Scopes []string

(Updatable) Scope to request

Status string

(Updatable) Status

accountLinkingEnabled Boolean

(Updatable) Whether account linking is enabled

consumerKey String

(Updatable) Social IDP Client Application Client ID

consumerSecret String

(Updatable) Social IDP Client Application Client Secret

registrationEnabled Boolean

(Updatable) Whether registration is enabled

serviceProviderName String

(Updatable) Service Provider Name

accessTokenUrl String

(Updatable) Social IDP Access token URL

adminScopes List<String>

(Updatable) Admin scope to request

authzUrl String

(Updatable) Social IDP Authorization URL

clientCredentialInPayload Boolean

(Updatable) Whether the client credential is contained in payload

clockSkewInSeconds Integer

(Updatable) Social IDP allowed clock skew time

discoveryUrl String

(Updatable) Discovery URL

idAttribute String

(Updatable) Id attribute used for account linking

profileUrl String

(Updatable) Social IDP User profile URL

redirectUrl String

(Updatable) redirect URL for social idp

scopes List<String>

(Updatable) Scope to request

status String

(Updatable) Status

accountLinkingEnabled boolean

(Updatable) Whether account linking is enabled

consumerKey string

(Updatable) Social IDP Client Application Client ID

consumerSecret string

(Updatable) Social IDP Client Application Client Secret

registrationEnabled boolean

(Updatable) Whether registration is enabled

serviceProviderName string

(Updatable) Service Provider Name

accessTokenUrl string

(Updatable) Social IDP Access token URL

adminScopes string[]

(Updatable) Admin scope to request

authzUrl string

(Updatable) Social IDP Authorization URL

clientCredentialInPayload boolean

(Updatable) Whether the client credential is contained in payload

clockSkewInSeconds number

(Updatable) Social IDP allowed clock skew time

discoveryUrl string

(Updatable) Discovery URL

idAttribute string

(Updatable) Id attribute used for account linking

profileUrl string

(Updatable) Social IDP User profile URL

redirectUrl string

(Updatable) redirect URL for social idp

scopes string[]

(Updatable) Scope to request

status string

(Updatable) Status

account_linking_enabled bool

(Updatable) Whether account linking is enabled

consumer_key str

(Updatable) Social IDP Client Application Client ID

consumer_secret str

(Updatable) Social IDP Client Application Client Secret

registration_enabled bool

(Updatable) Whether registration is enabled

service_provider_name str

(Updatable) Service Provider Name

access_token_url str

(Updatable) Social IDP Access token URL

admin_scopes Sequence[str]

(Updatable) Admin scope to request

authz_url str

(Updatable) Social IDP Authorization URL

client_credential_in_payload bool

(Updatable) Whether the client credential is contained in payload

clock_skew_in_seconds int

(Updatable) Social IDP allowed clock skew time

discovery_url str

(Updatable) Discovery URL

id_attribute str

(Updatable) Id attribute used for account linking

profile_url str

(Updatable) Social IDP User profile URL

redirect_url str

(Updatable) redirect URL for social idp

scopes Sequence[str]

(Updatable) Scope to request

status str

(Updatable) Status

accountLinkingEnabled Boolean

(Updatable) Whether account linking is enabled

consumerKey String

(Updatable) Social IDP Client Application Client ID

consumerSecret String

(Updatable) Social IDP Client Application Client Secret

registrationEnabled Boolean

(Updatable) Whether registration is enabled

serviceProviderName String

(Updatable) Service Provider Name

accessTokenUrl String

(Updatable) Social IDP Access token URL

adminScopes List<String>

(Updatable) Admin scope to request

authzUrl String

(Updatable) Social IDP Authorization URL

clientCredentialInPayload Boolean

(Updatable) Whether the client credential is contained in payload

clockSkewInSeconds Number

(Updatable) Social IDP allowed clock skew time

discoveryUrl String

(Updatable) Discovery URL

idAttribute String

(Updatable) Id attribute used for account linking

profileUrl String

(Updatable) Social IDP User profile URL

redirectUrl String

(Updatable) redirect URL for social idp

scopes List<String>

(Updatable) Scope to request

status String

(Updatable) Status

DomainsIdentityProviderUrnietfparamsscimschemasoracleidcsextensionx509identityProvider

CertMatchAttribute string

(Updatable) X509 Certificate Matching Attribute

SigningCertificateChains List<string>

(Updatable) Certificate alias list to create a chain for the incoming client certificate

UserMatchAttribute string

(Updatable) This property specifies the userstore attribute value that must match the incoming certificate attribute.

CrlCheckOnOcspFailureEnabled bool

(Updatable) Fallback on CRL Validation if OCSP fails.

CrlEnabled bool

(Updatable) Set to true to enable CRL Validation

CrlLocation string

(Updatable) CRL Location URL

CrlReloadDuration int

(Updatable) Fetch the CRL contents every X minutes

OcspAllowUnknownResponseStatus bool

(Updatable) Allow access if OCSP response is UNKNOWN or OCSP Responder does not respond within the timeout duration

OcspEnableSignedResponse bool

(Updatable) Describes if the OCSP response is signed

OcspEnabled bool

(Updatable) Set to true to enable OCSP Validation

OcspResponderUrl string

(Updatable) This property specifies OCSP Responder URL.

OcspRevalidateTime int

(Updatable) Revalidate OCSP status for user after X hours

OcspServerName string

(Updatable) This property specifies the OCSP Server alias name

OcspTrustCertChains List<string>

(Updatable) OCSP Trusted Certificate Chain

OtherCertMatchAttribute string

(Updatable) Check for specific conditions of other certificate attributes

CertMatchAttribute string

(Updatable) X509 Certificate Matching Attribute

SigningCertificateChains []string

(Updatable) Certificate alias list to create a chain for the incoming client certificate

UserMatchAttribute string

(Updatable) This property specifies the userstore attribute value that must match the incoming certificate attribute.

CrlCheckOnOcspFailureEnabled bool

(Updatable) Fallback on CRL Validation if OCSP fails.

CrlEnabled bool

(Updatable) Set to true to enable CRL Validation

CrlLocation string

(Updatable) CRL Location URL

CrlReloadDuration int

(Updatable) Fetch the CRL contents every X minutes

OcspAllowUnknownResponseStatus bool

(Updatable) Allow access if OCSP response is UNKNOWN or OCSP Responder does not respond within the timeout duration

OcspEnableSignedResponse bool

(Updatable) Describes if the OCSP response is signed

OcspEnabled bool

(Updatable) Set to true to enable OCSP Validation

OcspResponderUrl string

(Updatable) This property specifies OCSP Responder URL.

OcspRevalidateTime int

(Updatable) Revalidate OCSP status for user after X hours

OcspServerName string

(Updatable) This property specifies the OCSP Server alias name

OcspTrustCertChains []string

(Updatable) OCSP Trusted Certificate Chain

OtherCertMatchAttribute string

(Updatable) Check for specific conditions of other certificate attributes

certMatchAttribute String

(Updatable) X509 Certificate Matching Attribute

signingCertificateChains List<String>

(Updatable) Certificate alias list to create a chain for the incoming client certificate

userMatchAttribute String

(Updatable) This property specifies the userstore attribute value that must match the incoming certificate attribute.

crlCheckOnOcspFailureEnabled Boolean

(Updatable) Fallback on CRL Validation if OCSP fails.

crlEnabled Boolean

(Updatable) Set to true to enable CRL Validation

crlLocation String

(Updatable) CRL Location URL

crlReloadDuration Integer

(Updatable) Fetch the CRL contents every X minutes

ocspAllowUnknownResponseStatus Boolean

(Updatable) Allow access if OCSP response is UNKNOWN or OCSP Responder does not respond within the timeout duration

ocspEnableSignedResponse Boolean

(Updatable) Describes if the OCSP response is signed

ocspEnabled Boolean

(Updatable) Set to true to enable OCSP Validation

ocspResponderUrl String

(Updatable) This property specifies OCSP Responder URL.

ocspRevalidateTime Integer

(Updatable) Revalidate OCSP status for user after X hours

ocspServerName String

(Updatable) This property specifies the OCSP Server alias name

ocspTrustCertChains List<String>

(Updatable) OCSP Trusted Certificate Chain

otherCertMatchAttribute String

(Updatable) Check for specific conditions of other certificate attributes

certMatchAttribute string

(Updatable) X509 Certificate Matching Attribute

signingCertificateChains string[]

(Updatable) Certificate alias list to create a chain for the incoming client certificate

userMatchAttribute string

(Updatable) This property specifies the userstore attribute value that must match the incoming certificate attribute.

crlCheckOnOcspFailureEnabled boolean

(Updatable) Fallback on CRL Validation if OCSP fails.

crlEnabled boolean

(Updatable) Set to true to enable CRL Validation

crlLocation string

(Updatable) CRL Location URL

crlReloadDuration number

(Updatable) Fetch the CRL contents every X minutes

ocspAllowUnknownResponseStatus boolean

(Updatable) Allow access if OCSP response is UNKNOWN or OCSP Responder does not respond within the timeout duration

ocspEnableSignedResponse boolean

(Updatable) Describes if the OCSP response is signed

ocspEnabled boolean

(Updatable) Set to true to enable OCSP Validation

ocspResponderUrl string

(Updatable) This property specifies OCSP Responder URL.

ocspRevalidateTime number

(Updatable) Revalidate OCSP status for user after X hours

ocspServerName string

(Updatable) This property specifies the OCSP Server alias name

ocspTrustCertChains string[]

(Updatable) OCSP Trusted Certificate Chain

otherCertMatchAttribute string

(Updatable) Check for specific conditions of other certificate attributes

cert_match_attribute str

(Updatable) X509 Certificate Matching Attribute

signing_certificate_chains Sequence[str]

(Updatable) Certificate alias list to create a chain for the incoming client certificate

user_match_attribute str

(Updatable) This property specifies the userstore attribute value that must match the incoming certificate attribute.

crl_check_on_ocsp_failure_enabled bool

(Updatable) Fallback on CRL Validation if OCSP fails.

crl_enabled bool

(Updatable) Set to true to enable CRL Validation

crl_location str

(Updatable) CRL Location URL

crl_reload_duration int

(Updatable) Fetch the CRL contents every X minutes

ocsp_allow_unknown_response_status bool

(Updatable) Allow access if OCSP response is UNKNOWN or OCSP Responder does not respond within the timeout duration

ocsp_enable_signed_response bool

(Updatable) Describes if the OCSP response is signed

ocsp_enabled bool

(Updatable) Set to true to enable OCSP Validation

ocsp_responder_url str

(Updatable) This property specifies OCSP Responder URL.

ocsp_revalidate_time int

(Updatable) Revalidate OCSP status for user after X hours

ocsp_server_name str

(Updatable) This property specifies the OCSP Server alias name

ocsp_trust_cert_chains Sequence[str]

(Updatable) OCSP Trusted Certificate Chain

other_cert_match_attribute str

(Updatable) Check for specific conditions of other certificate attributes

certMatchAttribute String

(Updatable) X509 Certificate Matching Attribute

signingCertificateChains List<String>

(Updatable) Certificate alias list to create a chain for the incoming client certificate

userMatchAttribute String

(Updatable) This property specifies the userstore attribute value that must match the incoming certificate attribute.

crlCheckOnOcspFailureEnabled Boolean

(Updatable) Fallback on CRL Validation if OCSP fails.

crlEnabled Boolean

(Updatable) Set to true to enable CRL Validation

crlLocation String

(Updatable) CRL Location URL

crlReloadDuration Number

(Updatable) Fetch the CRL contents every X minutes

ocspAllowUnknownResponseStatus Boolean

(Updatable) Allow access if OCSP response is UNKNOWN or OCSP Responder does not respond within the timeout duration

ocspEnableSignedResponse Boolean

(Updatable) Describes if the OCSP response is signed

ocspEnabled Boolean

(Updatable) Set to true to enable OCSP Validation

ocspResponderUrl String

(Updatable) This property specifies OCSP Responder URL.

ocspRevalidateTime Number

(Updatable) Revalidate OCSP status for user after X hours

ocspServerName String

(Updatable) This property specifies the OCSP Server alias name

ocspTrustCertChains List<String>

(Updatable) OCSP Trusted Certificate Chain

otherCertMatchAttribute String

(Updatable) Check for specific conditions of other certificate attributes

Import

IdentityProviders can be imported using the id, e.g.

 $ pulumi import oci:Identity/domainsIdentityProvider:DomainsIdentityProvider test_identity_provider "idcsEndpoint/{idcsEndpoint}/identityProviders/{identityProviderId}"

Package Details

Repository
oci pulumi/pulumi-oci
License
Apache-2.0
Notes

This Pulumi package is based on the oci Terraform Provider.