oci logo
Oracle Cloud Infrastructure v0.12.0, Mar 17 23

oci.Identity.getDomainsAuthenticationFactorSettings

This data source provides the list of Authentication Factor Settings in Oracle Cloud Infrastructure Identity Domains service.

Search Authentication Factor Settings

Example Usage

using System.Collections.Generic;
using Pulumi;
using Oci = Pulumi.Oci;

return await Deployment.RunAsync(() => 
{
    var testAuthenticationFactorSettings = Oci.Identity.GetDomainsAuthenticationFactorSettings.Invoke(new()
    {
        IdcsEndpoint = data.Oci_identity_domain.Test_domain.Url,
        AttributeSets = new[] {},
        Attributes = "",
        Authorization = @var.Authentication_factor_setting_authorization,
        ResourceTypeSchemaVersion = @var.Authentication_factor_setting_resource_type_schema_version,
    });

});
package main

import (
	"github.com/pulumi/pulumi-oci/sdk/go/oci/Identity"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := Identity.GetDomainsAuthenticationFactorSettings(ctx, &identity.GetDomainsAuthenticationFactorSettingsArgs{
			IdcsEndpoint:              data.Oci_identity_domain.Test_domain.Url,
			AttributeSets:             []interface{}{},
			Attributes:                pulumi.StringRef(""),
			Authorization:             pulumi.StringRef(_var.Authentication_factor_setting_authorization),
			ResourceTypeSchemaVersion: pulumi.StringRef(_var.Authentication_factor_setting_resource_type_schema_version),
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}
package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.oci.Identity.IdentityFunctions;
import com.pulumi.oci.Identity.inputs.GetDomainsAuthenticationFactorSettingsArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        final var testAuthenticationFactorSettings = IdentityFunctions.getDomainsAuthenticationFactorSettings(GetDomainsAuthenticationFactorSettingsArgs.builder()
            .idcsEndpoint(data.oci_identity_domain().test_domain().url())
            .attributeSets()
            .attributes("")
            .authorization(var_.authentication_factor_setting_authorization())
            .resourceTypeSchemaVersion(var_.authentication_factor_setting_resource_type_schema_version())
            .build());

    }
}
import pulumi
import pulumi_oci as oci

test_authentication_factor_settings = oci.Identity.get_domains_authentication_factor_settings(idcs_endpoint=data["oci_identity_domain"]["test_domain"]["url"],
    attribute_sets=[],
    attributes="",
    authorization=var["authentication_factor_setting_authorization"],
    resource_type_schema_version=var["authentication_factor_setting_resource_type_schema_version"])
import * as pulumi from "@pulumi/pulumi";
import * as oci from "@pulumi/oci";

const testAuthenticationFactorSettings = oci.Identity.getDomainsAuthenticationFactorSettings({
    idcsEndpoint: data.oci_identity_domain.test_domain.url,
    attributeSets: [],
    attributes: "",
    authorization: _var.authentication_factor_setting_authorization,
    resourceTypeSchemaVersion: _var.authentication_factor_setting_resource_type_schema_version,
});
variables:
  testAuthenticationFactorSettings:
    fn::invoke:
      Function: oci:Identity:getDomainsAuthenticationFactorSettings
      Arguments:
        idcsEndpoint: ${data.oci_identity_domain.test_domain.url}
        attributeSets: []
        attributes:
        authorization: ${var.authentication_factor_setting_authorization}
        resourceTypeSchemaVersion: ${var.authentication_factor_setting_resource_type_schema_version}

Using getDomainsAuthenticationFactorSettings

Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.

function getDomainsAuthenticationFactorSettings(args: GetDomainsAuthenticationFactorSettingsArgs, opts?: InvokeOptions): Promise<GetDomainsAuthenticationFactorSettingsResult>
function getDomainsAuthenticationFactorSettingsOutput(args: GetDomainsAuthenticationFactorSettingsOutputArgs, opts?: InvokeOptions): Output<GetDomainsAuthenticationFactorSettingsResult>
def get_domains_authentication_factor_settings(attribute_sets: Optional[Sequence[str]] = None,
                                               attributes: Optional[str] = None,
                                               authorization: Optional[str] = None,
                                               compartment_id: Optional[str] = None,
                                               idcs_endpoint: Optional[str] = None,
                                               resource_type_schema_version: Optional[str] = None,
                                               opts: Optional[InvokeOptions] = None) -> GetDomainsAuthenticationFactorSettingsResult
def get_domains_authentication_factor_settings_output(attribute_sets: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
                                               attributes: Optional[pulumi.Input[str]] = None,
                                               authorization: Optional[pulumi.Input[str]] = None,
                                               compartment_id: Optional[pulumi.Input[str]] = None,
                                               idcs_endpoint: Optional[pulumi.Input[str]] = None,
                                               resource_type_schema_version: Optional[pulumi.Input[str]] = None,
                                               opts: Optional[InvokeOptions] = None) -> Output[GetDomainsAuthenticationFactorSettingsResult]
func GetDomainsAuthenticationFactorSettings(ctx *Context, args *GetDomainsAuthenticationFactorSettingsArgs, opts ...InvokeOption) (*GetDomainsAuthenticationFactorSettingsResult, error)
func GetDomainsAuthenticationFactorSettingsOutput(ctx *Context, args *GetDomainsAuthenticationFactorSettingsOutputArgs, opts ...InvokeOption) GetDomainsAuthenticationFactorSettingsResultOutput

> Note: This function is named GetDomainsAuthenticationFactorSettings in the Go SDK.

public static class GetDomainsAuthenticationFactorSettings 
{
    public static Task<GetDomainsAuthenticationFactorSettingsResult> InvokeAsync(GetDomainsAuthenticationFactorSettingsArgs args, InvokeOptions? opts = null)
    public static Output<GetDomainsAuthenticationFactorSettingsResult> Invoke(GetDomainsAuthenticationFactorSettingsInvokeArgs args, InvokeOptions? opts = null)
}
public static CompletableFuture<GetDomainsAuthenticationFactorSettingsResult> getDomainsAuthenticationFactorSettings(GetDomainsAuthenticationFactorSettingsArgs args, InvokeOptions options)
// Output-based functions aren't available in Java yet
fn::invoke:
  function: oci:Identity/getDomainsAuthenticationFactorSettings:getDomainsAuthenticationFactorSettings
  arguments:
    # arguments dictionary

The following arguments are supported:

IdcsEndpoint string

The basic endpoint for the identity domain

AttributeSets List<string>

A multi-valued list of strings indicating the return type of attribute definition. The specified set of attributes can be fetched by the return type of the attribute. One or more values can be given together to fetch more than one group of attributes. If 'attributes' query parameter is also available, union of the two is fetched. Valid values - all, always, never, request, default. Values are case-insensitive.

Attributes string

A comma-delimited string that specifies the names of resource attributes that should be returned in the response. By default, a response that contains resource attributes contains only attributes that are defined in the schema for that resource type as returned=always or returned=default. An attribute that is defined as returned=request is returned in a response only if the request specifies its name in the value of this query parameter. If a request specifies this query parameter, the response contains the attributes that this query parameter specifies, as well as any attribute that is defined as returned=always.

Authorization string

The Authorization field value consists of credentials containing the authentication information of the user agent for the realm of the resource being requested.

CompartmentId string
ResourceTypeSchemaVersion string

An endpoint-specific schema version number to use in the Request. Allowed version values are Earliest Version or Latest Version as specified in each REST API endpoint description, or any sequential number inbetween. All schema attributes/body parameters are a part of version 1. After version 1, any attributes added or deprecated will be tagged with the version that they were added to or deprecated in. If no version is provided, the latest schema version is returned.

IdcsEndpoint string

The basic endpoint for the identity domain

AttributeSets []string

A multi-valued list of strings indicating the return type of attribute definition. The specified set of attributes can be fetched by the return type of the attribute. One or more values can be given together to fetch more than one group of attributes. If 'attributes' query parameter is also available, union of the two is fetched. Valid values - all, always, never, request, default. Values are case-insensitive.

Attributes string

A comma-delimited string that specifies the names of resource attributes that should be returned in the response. By default, a response that contains resource attributes contains only attributes that are defined in the schema for that resource type as returned=always or returned=default. An attribute that is defined as returned=request is returned in a response only if the request specifies its name in the value of this query parameter. If a request specifies this query parameter, the response contains the attributes that this query parameter specifies, as well as any attribute that is defined as returned=always.

Authorization string

The Authorization field value consists of credentials containing the authentication information of the user agent for the realm of the resource being requested.

CompartmentId string
ResourceTypeSchemaVersion string

An endpoint-specific schema version number to use in the Request. Allowed version values are Earliest Version or Latest Version as specified in each REST API endpoint description, or any sequential number inbetween. All schema attributes/body parameters are a part of version 1. After version 1, any attributes added or deprecated will be tagged with the version that they were added to or deprecated in. If no version is provided, the latest schema version is returned.

idcsEndpoint String

The basic endpoint for the identity domain

attributeSets List<String>

A multi-valued list of strings indicating the return type of attribute definition. The specified set of attributes can be fetched by the return type of the attribute. One or more values can be given together to fetch more than one group of attributes. If 'attributes' query parameter is also available, union of the two is fetched. Valid values - all, always, never, request, default. Values are case-insensitive.

attributes String

A comma-delimited string that specifies the names of resource attributes that should be returned in the response. By default, a response that contains resource attributes contains only attributes that are defined in the schema for that resource type as returned=always or returned=default. An attribute that is defined as returned=request is returned in a response only if the request specifies its name in the value of this query parameter. If a request specifies this query parameter, the response contains the attributes that this query parameter specifies, as well as any attribute that is defined as returned=always.

authorization String

The Authorization field value consists of credentials containing the authentication information of the user agent for the realm of the resource being requested.

compartmentId String
resourceTypeSchemaVersion String

An endpoint-specific schema version number to use in the Request. Allowed version values are Earliest Version or Latest Version as specified in each REST API endpoint description, or any sequential number inbetween. All schema attributes/body parameters are a part of version 1. After version 1, any attributes added or deprecated will be tagged with the version that they were added to or deprecated in. If no version is provided, the latest schema version is returned.

idcsEndpoint string

The basic endpoint for the identity domain

attributeSets string[]

A multi-valued list of strings indicating the return type of attribute definition. The specified set of attributes can be fetched by the return type of the attribute. One or more values can be given together to fetch more than one group of attributes. If 'attributes' query parameter is also available, union of the two is fetched. Valid values - all, always, never, request, default. Values are case-insensitive.

attributes string

A comma-delimited string that specifies the names of resource attributes that should be returned in the response. By default, a response that contains resource attributes contains only attributes that are defined in the schema for that resource type as returned=always or returned=default. An attribute that is defined as returned=request is returned in a response only if the request specifies its name in the value of this query parameter. If a request specifies this query parameter, the response contains the attributes that this query parameter specifies, as well as any attribute that is defined as returned=always.

authorization string

The Authorization field value consists of credentials containing the authentication information of the user agent for the realm of the resource being requested.

compartmentId string
resourceTypeSchemaVersion string

An endpoint-specific schema version number to use in the Request. Allowed version values are Earliest Version or Latest Version as specified in each REST API endpoint description, or any sequential number inbetween. All schema attributes/body parameters are a part of version 1. After version 1, any attributes added or deprecated will be tagged with the version that they were added to or deprecated in. If no version is provided, the latest schema version is returned.

idcs_endpoint str

The basic endpoint for the identity domain

attribute_sets Sequence[str]

A multi-valued list of strings indicating the return type of attribute definition. The specified set of attributes can be fetched by the return type of the attribute. One or more values can be given together to fetch more than one group of attributes. If 'attributes' query parameter is also available, union of the two is fetched. Valid values - all, always, never, request, default. Values are case-insensitive.

attributes str

A comma-delimited string that specifies the names of resource attributes that should be returned in the response. By default, a response that contains resource attributes contains only attributes that are defined in the schema for that resource type as returned=always or returned=default. An attribute that is defined as returned=request is returned in a response only if the request specifies its name in the value of this query parameter. If a request specifies this query parameter, the response contains the attributes that this query parameter specifies, as well as any attribute that is defined as returned=always.

authorization str

The Authorization field value consists of credentials containing the authentication information of the user agent for the realm of the resource being requested.

compartment_id str
resource_type_schema_version str

An endpoint-specific schema version number to use in the Request. Allowed version values are Earliest Version or Latest Version as specified in each REST API endpoint description, or any sequential number inbetween. All schema attributes/body parameters are a part of version 1. After version 1, any attributes added or deprecated will be tagged with the version that they were added to or deprecated in. If no version is provided, the latest schema version is returned.

idcsEndpoint String

The basic endpoint for the identity domain

attributeSets List<String>

A multi-valued list of strings indicating the return type of attribute definition. The specified set of attributes can be fetched by the return type of the attribute. One or more values can be given together to fetch more than one group of attributes. If 'attributes' query parameter is also available, union of the two is fetched. Valid values - all, always, never, request, default. Values are case-insensitive.

attributes String

A comma-delimited string that specifies the names of resource attributes that should be returned in the response. By default, a response that contains resource attributes contains only attributes that are defined in the schema for that resource type as returned=always or returned=default. An attribute that is defined as returned=request is returned in a response only if the request specifies its name in the value of this query parameter. If a request specifies this query parameter, the response contains the attributes that this query parameter specifies, as well as any attribute that is defined as returned=always.

authorization String

The Authorization field value consists of credentials containing the authentication information of the user agent for the realm of the resource being requested.

compartmentId String
resourceTypeSchemaVersion String

An endpoint-specific schema version number to use in the Request. Allowed version values are Earliest Version or Latest Version as specified in each REST API endpoint description, or any sequential number inbetween. All schema attributes/body parameters are a part of version 1. After version 1, any attributes added or deprecated will be tagged with the version that they were added to or deprecated in. If no version is provided, the latest schema version is returned.

getDomainsAuthenticationFactorSettings Result

The following output properties are available:

AuthenticationFactorSettings List<GetDomainsAuthenticationFactorSettingsAuthenticationFactorSetting>

The list of authentication_factor_settings.

Id string

The provider-assigned unique ID for this managed resource.

IdcsEndpoint string
ItemsPerPage int
Schemas List<string>

REQUIRED. The schemas attribute is an array of Strings which allows introspection of the supported schema version for a SCIM representation as well any schema extensions supported by that representation. Each String value must be a unique URI. This specification defines URIs for User, Group, and a standard "enterprise" extension. All representations of SCIM schema MUST include a non-zero value array with value(s) of the URIs supported by that representation. Duplicate values MUST NOT be included. Value order is not specified and MUST not impact behavior.

StartIndex int
TotalResults int
AttributeSets List<string>
Attributes string
Authorization string
CompartmentId string
ResourceTypeSchemaVersion string
AuthenticationFactorSettings []GetDomainsAuthenticationFactorSettingsAuthenticationFactorSetting

The list of authentication_factor_settings.

Id string

The provider-assigned unique ID for this managed resource.

IdcsEndpoint string
ItemsPerPage int
Schemas []string

REQUIRED. The schemas attribute is an array of Strings which allows introspection of the supported schema version for a SCIM representation as well any schema extensions supported by that representation. Each String value must be a unique URI. This specification defines URIs for User, Group, and a standard "enterprise" extension. All representations of SCIM schema MUST include a non-zero value array with value(s) of the URIs supported by that representation. Duplicate values MUST NOT be included. Value order is not specified and MUST not impact behavior.

StartIndex int
TotalResults int
AttributeSets []string
Attributes string
Authorization string
CompartmentId string
ResourceTypeSchemaVersion string
authenticationFactorSettings List<GetDomainsAuthenticationFactorSettingsAuthenticationFactorSetting>

The list of authentication_factor_settings.

id String

The provider-assigned unique ID for this managed resource.

idcsEndpoint String
itemsPerPage Integer
schemas List<String>

REQUIRED. The schemas attribute is an array of Strings which allows introspection of the supported schema version for a SCIM representation as well any schema extensions supported by that representation. Each String value must be a unique URI. This specification defines URIs for User, Group, and a standard "enterprise" extension. All representations of SCIM schema MUST include a non-zero value array with value(s) of the URIs supported by that representation. Duplicate values MUST NOT be included. Value order is not specified and MUST not impact behavior.

startIndex Integer
totalResults Integer
attributeSets List<String>
attributes String
authorization String
compartmentId String
resourceTypeSchemaVersion String
authenticationFactorSettings GetDomainsAuthenticationFactorSettingsAuthenticationFactorSetting[]

The list of authentication_factor_settings.

id string

The provider-assigned unique ID for this managed resource.

idcsEndpoint string
itemsPerPage number
schemas string[]

REQUIRED. The schemas attribute is an array of Strings which allows introspection of the supported schema version for a SCIM representation as well any schema extensions supported by that representation. Each String value must be a unique URI. This specification defines URIs for User, Group, and a standard "enterprise" extension. All representations of SCIM schema MUST include a non-zero value array with value(s) of the URIs supported by that representation. Duplicate values MUST NOT be included. Value order is not specified and MUST not impact behavior.

startIndex number
totalResults number
attributeSets string[]
attributes string
authorization string
compartmentId string
resourceTypeSchemaVersion string
authentication_factor_settings GetDomainsAuthenticationFactorSettingsAuthenticationFactorSetting]

The list of authentication_factor_settings.

id str

The provider-assigned unique ID for this managed resource.

idcs_endpoint str
items_per_page int
schemas Sequence[str]

REQUIRED. The schemas attribute is an array of Strings which allows introspection of the supported schema version for a SCIM representation as well any schema extensions supported by that representation. Each String value must be a unique URI. This specification defines URIs for User, Group, and a standard "enterprise" extension. All representations of SCIM schema MUST include a non-zero value array with value(s) of the URIs supported by that representation. Duplicate values MUST NOT be included. Value order is not specified and MUST not impact behavior.

start_index int
total_results int
attribute_sets Sequence[str]
attributes str
authorization str
compartment_id str
resource_type_schema_version str
authenticationFactorSettings List<Property Map>

The list of authentication_factor_settings.

id String

The provider-assigned unique ID for this managed resource.

idcsEndpoint String
itemsPerPage Number
schemas List<String>

REQUIRED. The schemas attribute is an array of Strings which allows introspection of the supported schema version for a SCIM representation as well any schema extensions supported by that representation. Each String value must be a unique URI. This specification defines URIs for User, Group, and a standard "enterprise" extension. All representations of SCIM schema MUST include a non-zero value array with value(s) of the URIs supported by that representation. Duplicate values MUST NOT be included. Value order is not specified and MUST not impact behavior.

startIndex Number
totalResults Number
attributeSets List<String>
attributes String
authorization String
compartmentId String
resourceTypeSchemaVersion String

Supporting Types

GetDomainsAuthenticationFactorSettingsAuthenticationFactorSetting

AttributeSets List<string>

A multi-valued list of strings indicating the return type of attribute definition. The specified set of attributes can be fetched by the return type of the attribute. One or more values can be given together to fetch more than one group of attributes. If 'attributes' query parameter is also available, union of the two is fetched. Valid values - all, always, never, request, default. Values are case-insensitive.

Attributes string

A comma-delimited string that specifies the names of resource attributes that should be returned in the response. By default, a response that contains resource attributes contains only attributes that are defined in the schema for that resource type as returned=always or returned=default. An attribute that is defined as returned=request is returned in a response only if the request specifies its name in the value of this query parameter. If a request specifies this query parameter, the response contains the attributes that this query parameter specifies, as well as any attribute that is defined as returned=always.

AuthenticationFactorSettingId string
Authorization string

The Authorization field value consists of credentials containing the authentication information of the user agent for the realm of the resource being requested.

AutoEnrollEmailFactorDisabled bool

If true, indicates that email will not be enrolled as a MFA factor automatically if it a account recovery factor

BypassCodeEnabled bool

If true, indicates that Bypass Code is enabled for authentication

BypassCodeSettings List<GetDomainsAuthenticationFactorSettingsAuthenticationFactorSettingBypassCodeSetting>

Settings related to the bypass code, such as bypass code length, bypass code expiry, max active bypass codes, and so on

ClientAppSettings List<GetDomainsAuthenticationFactorSettingsAuthenticationFactorSettingClientAppSetting>

Settings related to compliance, Personal Identification Number (PIN) policy, and so on

CompartmentOcid string

Oracle Cloud Infrastructure Compartment Id (ocid) in which the resource lives.

CompliancePolicies List<GetDomainsAuthenticationFactorSettingsAuthenticationFactorSettingCompliancePolicy>

Compliance Policy that defines actions to be taken when a condition is violated

DeleteInProgress bool

A boolean flag indicating this resource in the process of being deleted. Usually set to true when synchronous deletion of the resource would take too long.

DomainOcid string

Oracle Cloud Infrastructure Domain Id (ocid) in which the resource lives.

EmailEnabled bool

If true, indicates that the EMAIL channel is enabled for authentication

EmailSettings List<GetDomainsAuthenticationFactorSettingsAuthenticationFactorSettingEmailSetting>

Settings related to Email Factor, such as enabled email magic link factor, custom url for Email Link

EndpointRestrictions List<GetDomainsAuthenticationFactorSettingsAuthenticationFactorSettingEndpointRestriction>

Settings that describe the set of restrictions that the system should apply to devices and trusted endpoints of a user

FidoAuthenticatorEnabled bool

If true, indicates that the Fido Authenticator channels are enabled for authentication

HideBackupFactorEnabled bool

If true, indicates that 'Show backup factor(s)' button will be hidden during authentication

Id string

Unique identifier for the SCIM Resource as defined by the Service Provider. Each representation of the Resource MUST include a non-empty id value. This identifier MUST be unique across the Service Provider's entire set of Resources. It MUST be a stable, non-reassignable identifier that does not change when the same Resource is returned in subsequent requests. The value of the id attribute is always issued by the Service Provider and MUST never be specified by the Service Consumer. bulkId: is a reserved keyword and MUST NOT be used in the unique identifier.

IdcsCreatedBies List<GetDomainsAuthenticationFactorSettingsAuthenticationFactorSettingIdcsCreatedBy>

The User or App who created the Resource

IdcsEndpoint string

The basic endpoint for the identity domain

IdcsLastModifiedBies List<GetDomainsAuthenticationFactorSettingsAuthenticationFactorSettingIdcsLastModifiedBy>

The User or App who modified the Resource

IdcsLastUpgradedInRelease string

The release number when the resource was upgraded.

IdcsPreventedOperations List<string>

Each value of this attribute specifies an operation that only an internal client may perform on this particular resource.

IdentityStoreSettings List<GetDomainsAuthenticationFactorSettingsAuthenticationFactorSettingIdentityStoreSetting>

Settings related to the use of a user's profile details from the identity store

Metas List<GetDomainsAuthenticationFactorSettingsAuthenticationFactorSettingMeta>

A complex attribute that contains resource metadata. All sub-attributes are OPTIONAL.

MfaEnabledCategory string

Specifies the category of people for whom Multi-Factor Authentication is enabled. This is a readOnly attribute which reflects the value of mfaEnabledCategory attribute in SsoSettings

MfaEnrollmentType string

Specifies if Multi-Factor Authentication enrollment is mandatory or optional for a user

NotificationSettings List<GetDomainsAuthenticationFactorSettingsAuthenticationFactorSettingNotificationSetting>

Settings related to the Mobile App Notification channel, such as pull

Ocid string

Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.

PhoneCallEnabled bool

If true, indicates that the phone (PHONE_CALL) channel is enabled for authentication

PushEnabled bool

If true, indicates that the Mobile App Push Notification channel is enabled for authentication

ResourceTypeSchemaVersion string

An endpoint-specific schema version number to use in the Request. Allowed version values are Earliest Version or Latest Version as specified in each REST API endpoint description, or any sequential number inbetween. All schema attributes/body parameters are a part of version 1. After version 1, any attributes added or deprecated will be tagged with the version that they were added to or deprecated in. If no version is provided, the latest schema version is returned.

Schemas List<string>

REQUIRED. The schemas attribute is an array of Strings which allows introspection of the supported schema version for a SCIM representation as well any schema extensions supported by that representation. Each String value must be a unique URI. This specification defines URIs for User, Group, and a standard "enterprise" extension. All representations of SCIM schema MUST include a non-zero value array with value(s) of the URIs supported by that representation. Duplicate values MUST NOT be included. Value order is not specified and MUST not impact behavior.

SecurityQuestionsEnabled bool

If true, indicates that Security Questions are enabled for authentication

SmsEnabled bool

If true, indicates that the Short Message Service (SMS) channel is enabled for authentication

Tags List<GetDomainsAuthenticationFactorSettingsAuthenticationFactorSettingTag>

A list of tags on this resource.

TenancyOcid string

Oracle Cloud Infrastructure Tenant Id (ocid) in which the resource lives.

ThirdPartyFactors List<GetDomainsAuthenticationFactorSettingsAuthenticationFactorSettingThirdPartyFactor>

Settings related to third-party factor

TotpEnabled bool

If true, indicates that the Mobile App One Time Passcode channel is enabled for authentication

TotpSettings List<GetDomainsAuthenticationFactorSettingsAuthenticationFactorSettingTotpSetting>

Settings related to Time-Based One-Time Passcodes (TOTP), such as hashing algo, totp time step, passcode length, and so on

UrnietfparamsscimschemasoracleidcsextensionfidoAuthenticationFactorSettings List<GetDomainsAuthenticationFactorSettingsAuthenticationFactorSettingUrnietfparamsscimschemasoracleidcsextensionfidoAuthenticationFactorSetting>

This extension defines attributes used to manage Multi-Factor Authentication settings of fido authentication

UrnietfparamsscimschemasoracleidcsextensionthirdPartyAuthenticationFactorSettings List<GetDomainsAuthenticationFactorSettingsAuthenticationFactorSettingUrnietfparamsscimschemasoracleidcsextensionthirdPartyAuthenticationFactorSetting>

This extension defines attributes used to manage Multi-Factor Authentication settings of third party provider

UserEnrollmentDisabledFactors List<string>

Factors for which enrollment should be blocked for End User

YubicoOtpEnabled bool

If true, indicates that the Yubico OTP is enabled for authentication

AttributeSets []string

A multi-valued list of strings indicating the return type of attribute definition. The specified set of attributes can be fetched by the return type of the attribute. One or more values can be given together to fetch more than one group of attributes. If 'attributes' query parameter is also available, union of the two is fetched. Valid values - all, always, never, request, default. Values are case-insensitive.

Attributes string

A comma-delimited string that specifies the names of resource attributes that should be returned in the response. By default, a response that contains resource attributes contains only attributes that are defined in the schema for that resource type as returned=always or returned=default. An attribute that is defined as returned=request is returned in a response only if the request specifies its name in the value of this query parameter. If a request specifies this query parameter, the response contains the attributes that this query parameter specifies, as well as any attribute that is defined as returned=always.

AuthenticationFactorSettingId string
Authorization string

The Authorization field value consists of credentials containing the authentication information of the user agent for the realm of the resource being requested.

AutoEnrollEmailFactorDisabled bool

If true, indicates that email will not be enrolled as a MFA factor automatically if it a account recovery factor

BypassCodeEnabled bool

If true, indicates that Bypass Code is enabled for authentication

BypassCodeSettings []GetDomainsAuthenticationFactorSettingsAuthenticationFactorSettingBypassCodeSetting

Settings related to the bypass code, such as bypass code length, bypass code expiry, max active bypass codes, and so on

ClientAppSettings []GetDomainsAuthenticationFactorSettingsAuthenticationFactorSettingClientAppSetting

Settings related to compliance, Personal Identification Number (PIN) policy, and so on

CompartmentOcid string

Oracle Cloud Infrastructure Compartment Id (ocid) in which the resource lives.

CompliancePolicies []GetDomainsAuthenticationFactorSettingsAuthenticationFactorSettingCompliancePolicy

Compliance Policy that defines actions to be taken when a condition is violated

DeleteInProgress bool

A boolean flag indicating this resource in the process of being deleted. Usually set to true when synchronous deletion of the resource would take too long.

DomainOcid string

Oracle Cloud Infrastructure Domain Id (ocid) in which the resource lives.

EmailEnabled bool

If true, indicates that the EMAIL channel is enabled for authentication

EmailSettings []GetDomainsAuthenticationFactorSettingsAuthenticationFactorSettingEmailSetting

Settings related to Email Factor, such as enabled email magic link factor, custom url for Email Link

EndpointRestrictions []GetDomainsAuthenticationFactorSettingsAuthenticationFactorSettingEndpointRestriction

Settings that describe the set of restrictions that the system should apply to devices and trusted endpoints of a user

FidoAuthenticatorEnabled bool

If true, indicates that the Fido Authenticator channels are enabled for authentication

HideBackupFactorEnabled bool

If true, indicates that 'Show backup factor(s)' button will be hidden during authentication

Id string

Unique identifier for the SCIM Resource as defined by the Service Provider. Each representation of the Resource MUST include a non-empty id value. This identifier MUST be unique across the Service Provider's entire set of Resources. It MUST be a stable, non-reassignable identifier that does not change when the same Resource is returned in subsequent requests. The value of the id attribute is always issued by the Service Provider and MUST never be specified by the Service Consumer. bulkId: is a reserved keyword and MUST NOT be used in the unique identifier.

IdcsCreatedBies []GetDomainsAuthenticationFactorSettingsAuthenticationFactorSettingIdcsCreatedBy

The User or App who created the Resource

IdcsEndpoint string

The basic endpoint for the identity domain

IdcsLastModifiedBies []GetDomainsAuthenticationFactorSettingsAuthenticationFactorSettingIdcsLastModifiedBy

The User or App who modified the Resource

IdcsLastUpgradedInRelease string

The release number when the resource was upgraded.

IdcsPreventedOperations []string

Each value of this attribute specifies an operation that only an internal client may perform on this particular resource.

IdentityStoreSettings []GetDomainsAuthenticationFactorSettingsAuthenticationFactorSettingIdentityStoreSetting

Settings related to the use of a user's profile details from the identity store

Metas []GetDomainsAuthenticationFactorSettingsAuthenticationFactorSettingMeta

A complex attribute that contains resource metadata. All sub-attributes are OPTIONAL.

MfaEnabledCategory string

Specifies the category of people for whom Multi-Factor Authentication is enabled. This is a readOnly attribute which reflects the value of mfaEnabledCategory attribute in SsoSettings

MfaEnrollmentType string

Specifies if Multi-Factor Authentication enrollment is mandatory or optional for a user

NotificationSettings []GetDomainsAuthenticationFactorSettingsAuthenticationFactorSettingNotificationSetting

Settings related to the Mobile App Notification channel, such as pull

Ocid string

Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.

PhoneCallEnabled bool

If true, indicates that the phone (PHONE_CALL) channel is enabled for authentication

PushEnabled bool

If true, indicates that the Mobile App Push Notification channel is enabled for authentication

ResourceTypeSchemaVersion string

An endpoint-specific schema version number to use in the Request. Allowed version values are Earliest Version or Latest Version as specified in each REST API endpoint description, or any sequential number inbetween. All schema attributes/body parameters are a part of version 1. After version 1, any attributes added or deprecated will be tagged with the version that they were added to or deprecated in. If no version is provided, the latest schema version is returned.

Schemas []string

REQUIRED. The schemas attribute is an array of Strings which allows introspection of the supported schema version for a SCIM representation as well any schema extensions supported by that representation. Each String value must be a unique URI. This specification defines URIs for User, Group, and a standard "enterprise" extension. All representations of SCIM schema MUST include a non-zero value array with value(s) of the URIs supported by that representation. Duplicate values MUST NOT be included. Value order is not specified and MUST not impact behavior.

SecurityQuestionsEnabled bool

If true, indicates that Security Questions are enabled for authentication

SmsEnabled bool

If true, indicates that the Short Message Service (SMS) channel is enabled for authentication

Tags []GetDomainsAuthenticationFactorSettingsAuthenticationFactorSettingTag

A list of tags on this resource.

TenancyOcid string

Oracle Cloud Infrastructure Tenant Id (ocid) in which the resource lives.

ThirdPartyFactors []GetDomainsAuthenticationFactorSettingsAuthenticationFactorSettingThirdPartyFactor

Settings related to third-party factor

TotpEnabled bool

If true, indicates that the Mobile App One Time Passcode channel is enabled for authentication

TotpSettings []GetDomainsAuthenticationFactorSettingsAuthenticationFactorSettingTotpSetting

Settings related to Time-Based One-Time Passcodes (TOTP), such as hashing algo, totp time step, passcode length, and so on

UrnietfparamsscimschemasoracleidcsextensionfidoAuthenticationFactorSettings []GetDomainsAuthenticationFactorSettingsAuthenticationFactorSettingUrnietfparamsscimschemasoracleidcsextensionfidoAuthenticationFactorSetting

This extension defines attributes used to manage Multi-Factor Authentication settings of fido authentication

UrnietfparamsscimschemasoracleidcsextensionthirdPartyAuthenticationFactorSettings []GetDomainsAuthenticationFactorSettingsAuthenticationFactorSettingUrnietfparamsscimschemasoracleidcsextensionthirdPartyAuthenticationFactorSetting

This extension defines attributes used to manage Multi-Factor Authentication settings of third party provider

UserEnrollmentDisabledFactors []string

Factors for which enrollment should be blocked for End User

YubicoOtpEnabled bool

If true, indicates that the Yubico OTP is enabled for authentication

attributeSets List<String>

A multi-valued list of strings indicating the return type of attribute definition. The specified set of attributes can be fetched by the return type of the attribute. One or more values can be given together to fetch more than one group of attributes. If 'attributes' query parameter is also available, union of the two is fetched. Valid values - all, always, never, request, default. Values are case-insensitive.

attributes String

A comma-delimited string that specifies the names of resource attributes that should be returned in the response. By default, a response that contains resource attributes contains only attributes that are defined in the schema for that resource type as returned=always or returned=default. An attribute that is defined as returned=request is returned in a response only if the request specifies its name in the value of this query parameter. If a request specifies this query parameter, the response contains the attributes that this query parameter specifies, as well as any attribute that is defined as returned=always.

authenticationFactorSettingId String
authorization String

The Authorization field value consists of credentials containing the authentication information of the user agent for the realm of the resource being requested.

autoEnrollEmailFactorDisabled Boolean

If true, indicates that email will not be enrolled as a MFA factor automatically if it a account recovery factor

bypassCodeEnabled Boolean

If true, indicates that Bypass Code is enabled for authentication

bypassCodeSettings List<GetDomainsAuthenticationFactorSettingsAuthenticationFactorSettingBypassCodeSetting>

Settings related to the bypass code, such as bypass code length, bypass code expiry, max active bypass codes, and so on

clientAppSettings List<GetDomainsAuthenticationFactorSettingsAuthenticationFactorSettingClientAppSetting>

Settings related to compliance, Personal Identification Number (PIN) policy, and so on

compartmentOcid String

Oracle Cloud Infrastructure Compartment Id (ocid) in which the resource lives.

compliancePolicies List<GetDomainsAuthenticationFactorSettingsAuthenticationFactorSettingCompliancePolicy>

Compliance Policy that defines actions to be taken when a condition is violated

deleteInProgress Boolean

A boolean flag indicating this resource in the process of being deleted. Usually set to true when synchronous deletion of the resource would take too long.

domainOcid String

Oracle Cloud Infrastructure Domain Id (ocid) in which the resource lives.

emailEnabled Boolean

If true, indicates that the EMAIL channel is enabled for authentication

emailSettings List<GetDomainsAuthenticationFactorSettingsAuthenticationFactorSettingEmailSetting>

Settings related to Email Factor, such as enabled email magic link factor, custom url for Email Link

endpointRestrictions List<GetDomainsAuthenticationFactorSettingsAuthenticationFactorSettingEndpointRestriction>

Settings that describe the set of restrictions that the system should apply to devices and trusted endpoints of a user

fidoAuthenticatorEnabled Boolean

If true, indicates that the Fido Authenticator channels are enabled for authentication

hideBackupFactorEnabled Boolean

If true, indicates that 'Show backup factor(s)' button will be hidden during authentication

id String

Unique identifier for the SCIM Resource as defined by the Service Provider. Each representation of the Resource MUST include a non-empty id value. This identifier MUST be unique across the Service Provider's entire set of Resources. It MUST be a stable, non-reassignable identifier that does not change when the same Resource is returned in subsequent requests. The value of the id attribute is always issued by the Service Provider and MUST never be specified by the Service Consumer. bulkId: is a reserved keyword and MUST NOT be used in the unique identifier.

idcsCreatedBies List<GetDomainsAuthenticationFactorSettingsAuthenticationFactorSettingIdcsCreatedBy>

The User or App who created the Resource

idcsEndpoint String

The basic endpoint for the identity domain

idcsLastModifiedBies List<GetDomainsAuthenticationFactorSettingsAuthenticationFactorSettingIdcsLastModifiedBy>

The User or App who modified the Resource

idcsLastUpgradedInRelease String

The release number when the resource was upgraded.

idcsPreventedOperations List<String>

Each value of this attribute specifies an operation that only an internal client may perform on this particular resource.

identityStoreSettings List<GetDomainsAuthenticationFactorSettingsAuthenticationFactorSettingStoreSetting>

Settings related to the use of a user's profile details from the identity store

metas List<GetDomainsAuthenticationFactorSettingsAuthenticationFactorSettingMeta>

A complex attribute that contains resource metadata. All sub-attributes are OPTIONAL.

mfaEnabledCategory String

Specifies the category of people for whom Multi-Factor Authentication is enabled. This is a readOnly attribute which reflects the value of mfaEnabledCategory attribute in SsoSettings

mfaEnrollmentType String

Specifies if Multi-Factor Authentication enrollment is mandatory or optional for a user

notificationSettings List<GetDomainsAuthenticationFactorSettingsAuthenticationFactorSettingNotificationSetting>

Settings related to the Mobile App Notification channel, such as pull

ocid String

Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.

phoneCallEnabled Boolean

If true, indicates that the phone (PHONE_CALL) channel is enabled for authentication

pushEnabled Boolean

If true, indicates that the Mobile App Push Notification channel is enabled for authentication

resourceTypeSchemaVersion String

An endpoint-specific schema version number to use in the Request. Allowed version values are Earliest Version or Latest Version as specified in each REST API endpoint description, or any sequential number inbetween. All schema attributes/body parameters are a part of version 1. After version 1, any attributes added or deprecated will be tagged with the version that they were added to or deprecated in. If no version is provided, the latest schema version is returned.

schemas List<String>

REQUIRED. The schemas attribute is an array of Strings which allows introspection of the supported schema version for a SCIM representation as well any schema extensions supported by that representation. Each String value must be a unique URI. This specification defines URIs for User, Group, and a standard "enterprise" extension. All representations of SCIM schema MUST include a non-zero value array with value(s) of the URIs supported by that representation. Duplicate values MUST NOT be included. Value order is not specified and MUST not impact behavior.

securityQuestionsEnabled Boolean

If true, indicates that Security Questions are enabled for authentication

smsEnabled Boolean

If true, indicates that the Short Message Service (SMS) channel is enabled for authentication

tags List<GetDomainsAuthenticationFactorSettingsAuthenticationFactorSettingTag>

A list of tags on this resource.

tenancyOcid String

Oracle Cloud Infrastructure Tenant Id (ocid) in which the resource lives.

thirdPartyFactors List<GetDomainsAuthenticationFactorSettingsAuthenticationFactorSettingThirdPartyFactor>

Settings related to third-party factor

totpEnabled Boolean

If true, indicates that the Mobile App One Time Passcode channel is enabled for authentication

totpSettings List<GetDomainsAuthenticationFactorSettingsAuthenticationFactorSettingTotpSetting>

Settings related to Time-Based One-Time Passcodes (TOTP), such as hashing algo, totp time step, passcode length, and so on

urnietfparamsscimschemasoracleidcsextensionfidoAuthenticationFactorSettings List<GetDomainsAuthenticationFactorSettingsAuthenticationFactorSettingUrnietfparamsscimschemasoracleidcsextensionfidoAuthenticationFactorSetting>

This extension defines attributes used to manage Multi-Factor Authentication settings of fido authentication

urnietfparamsscimschemasoracleidcsextensionthirdPartyAuthenticationFactorSettings List<GetDomainsAuthenticationFactorSettingsAuthenticationFactorSettingUrnietfparamsscimschemasoracleidcsextensionthirdPartyAuthenticationFactorSetting>

This extension defines attributes used to manage Multi-Factor Authentication settings of third party provider

userEnrollmentDisabledFactors List<String>

Factors for which enrollment should be blocked for End User

yubicoOtpEnabled Boolean

If true, indicates that the Yubico OTP is enabled for authentication

attributeSets string[]

A multi-valued list of strings indicating the return type of attribute definition. The specified set of attributes can be fetched by the return type of the attribute. One or more values can be given together to fetch more than one group of attributes. If 'attributes' query parameter is also available, union of the two is fetched. Valid values - all, always, never, request, default. Values are case-insensitive.

attributes string

A comma-delimited string that specifies the names of resource attributes that should be returned in the response. By default, a response that contains resource attributes contains only attributes that are defined in the schema for that resource type as returned=always or returned=default. An attribute that is defined as returned=request is returned in a response only if the request specifies its name in the value of this query parameter. If a request specifies this query parameter, the response contains the attributes that this query parameter specifies, as well as any attribute that is defined as returned=always.

authenticationFactorSettingId string
authorization string

The Authorization field value consists of credentials containing the authentication information of the user agent for the realm of the resource being requested.

autoEnrollEmailFactorDisabled boolean

If true, indicates that email will not be enrolled as a MFA factor automatically if it a account recovery factor

bypassCodeEnabled boolean

If true, indicates that Bypass Code is enabled for authentication

bypassCodeSettings GetDomainsAuthenticationFactorSettingsAuthenticationFactorSettingBypassCodeSetting[]

Settings related to the bypass code, such as bypass code length, bypass code expiry, max active bypass codes, and so on

clientAppSettings GetDomainsAuthenticationFactorSettingsAuthenticationFactorSettingClientAppSetting[]

Settings related to compliance, Personal Identification Number (PIN) policy, and so on

compartmentOcid string

Oracle Cloud Infrastructure Compartment Id (ocid) in which the resource lives.

compliancePolicies GetDomainsAuthenticationFactorSettingsAuthenticationFactorSettingCompliancePolicy[]

Compliance Policy that defines actions to be taken when a condition is violated

deleteInProgress boolean

A boolean flag indicating this resource in the process of being deleted. Usually set to true when synchronous deletion of the resource would take too long.

domainOcid string

Oracle Cloud Infrastructure Domain Id (ocid) in which the resource lives.

emailEnabled boolean

If true, indicates that the EMAIL channel is enabled for authentication

emailSettings GetDomainsAuthenticationFactorSettingsAuthenticationFactorSettingEmailSetting[]

Settings related to Email Factor, such as enabled email magic link factor, custom url for Email Link

endpointRestrictions GetDomainsAuthenticationFactorSettingsAuthenticationFactorSettingEndpointRestriction[]

Settings that describe the set of restrictions that the system should apply to devices and trusted endpoints of a user

fidoAuthenticatorEnabled boolean

If true, indicates that the Fido Authenticator channels are enabled for authentication

hideBackupFactorEnabled boolean

If true, indicates that 'Show backup factor(s)' button will be hidden during authentication

id string

Unique identifier for the SCIM Resource as defined by the Service Provider. Each representation of the Resource MUST include a non-empty id value. This identifier MUST be unique across the Service Provider's entire set of Resources. It MUST be a stable, non-reassignable identifier that does not change when the same Resource is returned in subsequent requests. The value of the id attribute is always issued by the Service Provider and MUST never be specified by the Service Consumer. bulkId: is a reserved keyword and MUST NOT be used in the unique identifier.

idcsCreatedBies GetDomainsAuthenticationFactorSettingsAuthenticationFactorSettingIdcsCreatedBy[]

The User or App who created the Resource

idcsEndpoint string

The basic endpoint for the identity domain

idcsLastModifiedBies GetDomainsAuthenticationFactorSettingsAuthenticationFactorSettingIdcsLastModifiedBy[]

The User or App who modified the Resource

idcsLastUpgradedInRelease string

The release number when the resource was upgraded.

idcsPreventedOperations string[]

Each value of this attribute specifies an operation that only an internal client may perform on this particular resource.

identityStoreSettings GetDomainsAuthenticationFactorSettingsAuthenticationFactorSettingIdentityStoreSetting[]

Settings related to the use of a user's profile details from the identity store

metas GetDomainsAuthenticationFactorSettingsAuthenticationFactorSettingMeta[]

A complex attribute that contains resource metadata. All sub-attributes are OPTIONAL.

mfaEnabledCategory string

Specifies the category of people for whom Multi-Factor Authentication is enabled. This is a readOnly attribute which reflects the value of mfaEnabledCategory attribute in SsoSettings

mfaEnrollmentType string

Specifies if Multi-Factor Authentication enrollment is mandatory or optional for a user

notificationSettings GetDomainsAuthenticationFactorSettingsAuthenticationFactorSettingNotificationSetting[]

Settings related to the Mobile App Notification channel, such as pull

ocid string

Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.

phoneCallEnabled boolean

If true, indicates that the phone (PHONE_CALL) channel is enabled for authentication

pushEnabled boolean

If true, indicates that the Mobile App Push Notification channel is enabled for authentication

resourceTypeSchemaVersion string

An endpoint-specific schema version number to use in the Request. Allowed version values are Earliest Version or Latest Version as specified in each REST API endpoint description, or any sequential number inbetween. All schema attributes/body parameters are a part of version 1. After version 1, any attributes added or deprecated will be tagged with the version that they were added to or deprecated in. If no version is provided, the latest schema version is returned.

schemas string[]

REQUIRED. The schemas attribute is an array of Strings which allows introspection of the supported schema version for a SCIM representation as well any schema extensions supported by that representation. Each String value must be a unique URI. This specification defines URIs for User, Group, and a standard "enterprise" extension. All representations of SCIM schema MUST include a non-zero value array with value(s) of the URIs supported by that representation. Duplicate values MUST NOT be included. Value order is not specified and MUST not impact behavior.

securityQuestionsEnabled boolean

If true, indicates that Security Questions are enabled for authentication

smsEnabled boolean

If true, indicates that the Short Message Service (SMS) channel is enabled for authentication

tags GetDomainsAuthenticationFactorSettingsAuthenticationFactorSettingTag[]

A list of tags on this resource.

tenancyOcid string

Oracle Cloud Infrastructure Tenant Id (ocid) in which the resource lives.

thirdPartyFactors GetDomainsAuthenticationFactorSettingsAuthenticationFactorSettingThirdPartyFactor[]

Settings related to third-party factor

totpEnabled boolean

If true, indicates that the Mobile App One Time Passcode channel is enabled for authentication

totpSettings GetDomainsAuthenticationFactorSettingsAuthenticationFactorSettingTotpSetting[]

Settings related to Time-Based One-Time Passcodes (TOTP), such as hashing algo, totp time step, passcode length, and so on

urnietfparamsscimschemasoracleidcsextensionfidoAuthenticationFactorSettings GetDomainsAuthenticationFactorSettingsAuthenticationFactorSettingUrnietfparamsscimschemasoracleidcsextensionfidoAuthenticationFactorSetting[]

This extension defines attributes used to manage Multi-Factor Authentication settings of fido authentication

urnietfparamsscimschemasoracleidcsextensionthirdPartyAuthenticationFactorSettings GetDomainsAuthenticationFactorSettingsAuthenticationFactorSettingUrnietfparamsscimschemasoracleidcsextensionthirdPartyAuthenticationFactorSetting[]

This extension defines attributes used to manage Multi-Factor Authentication settings of third party provider

userEnrollmentDisabledFactors string[]

Factors for which enrollment should be blocked for End User

yubicoOtpEnabled boolean

If true, indicates that the Yubico OTP is enabled for authentication

attribute_sets Sequence[str]

A multi-valued list of strings indicating the return type of attribute definition. The specified set of attributes can be fetched by the return type of the attribute. One or more values can be given together to fetch more than one group of attributes. If 'attributes' query parameter is also available, union of the two is fetched. Valid values - all, always, never, request, default. Values are case-insensitive.

attributes str

A comma-delimited string that specifies the names of resource attributes that should be returned in the response. By default, a response that contains resource attributes contains only attributes that are defined in the schema for that resource type as returned=always or returned=default. An attribute that is defined as returned=request is returned in a response only if the request specifies its name in the value of this query parameter. If a request specifies this query parameter, the response contains the attributes that this query parameter specifies, as well as any attribute that is defined as returned=always.

authentication_factor_setting_id str
authorization str

The Authorization field value consists of credentials containing the authentication information of the user agent for the realm of the resource being requested.

auto_enroll_email_factor_disabled bool

If true, indicates that email will not be enrolled as a MFA factor automatically if it a account recovery factor

bypass_code_enabled bool

If true, indicates that Bypass Code is enabled for authentication

bypass_code_settings GetDomainsAuthenticationFactorSettingsAuthenticationFactorSettingBypassCodeSetting]

Settings related to the bypass code, such as bypass code length, bypass code expiry, max active bypass codes, and so on

client_app_settings GetDomainsAuthenticationFactorSettingsAuthenticationFactorSettingClientAppSetting]

Settings related to compliance, Personal Identification Number (PIN) policy, and so on

compartment_ocid str

Oracle Cloud Infrastructure Compartment Id (ocid) in which the resource lives.

compliance_policies GetDomainsAuthenticationFactorSettingsAuthenticationFactorSettingCompliancePolicy]

Compliance Policy that defines actions to be taken when a condition is violated

delete_in_progress bool

A boolean flag indicating this resource in the process of being deleted. Usually set to true when synchronous deletion of the resource would take too long.

domain_ocid str

Oracle Cloud Infrastructure Domain Id (ocid) in which the resource lives.

email_enabled bool

If true, indicates that the EMAIL channel is enabled for authentication

email_settings GetDomainsAuthenticationFactorSettingsAuthenticationFactorSettingEmailSetting]

Settings related to Email Factor, such as enabled email magic link factor, custom url for Email Link

endpoint_restrictions GetDomainsAuthenticationFactorSettingsAuthenticationFactorSettingEndpointRestriction]

Settings that describe the set of restrictions that the system should apply to devices and trusted endpoints of a user

fido_authenticator_enabled bool

If true, indicates that the Fido Authenticator channels are enabled for authentication

hide_backup_factor_enabled bool

If true, indicates that 'Show backup factor(s)' button will be hidden during authentication

id str

Unique identifier for the SCIM Resource as defined by the Service Provider. Each representation of the Resource MUST include a non-empty id value. This identifier MUST be unique across the Service Provider's entire set of Resources. It MUST be a stable, non-reassignable identifier that does not change when the same Resource is returned in subsequent requests. The value of the id attribute is always issued by the Service Provider and MUST never be specified by the Service Consumer. bulkId: is a reserved keyword and MUST NOT be used in the unique identifier.

idcs_created_bies GetDomainsAuthenticationFactorSettingsAuthenticationFactorSettingIdcsCreatedBy]

The User or App who created the Resource

idcs_endpoint str

The basic endpoint for the identity domain

idcs_last_modified_bies GetDomainsAuthenticationFactorSettingsAuthenticationFactorSettingIdcsLastModifiedBy]

The User or App who modified the Resource

idcs_last_upgraded_in_release str

The release number when the resource was upgraded.

idcs_prevented_operations Sequence[str]

Each value of this attribute specifies an operation that only an internal client may perform on this particular resource.

identity_store_settings GetDomainsAuthenticationFactorSettingsAuthenticationFactorSettingIdentityStoreSetting]

Settings related to the use of a user's profile details from the identity store

metas GetDomainsAuthenticationFactorSettingsAuthenticationFactorSettingMeta]

A complex attribute that contains resource metadata. All sub-attributes are OPTIONAL.

mfa_enabled_category str

Specifies the category of people for whom Multi-Factor Authentication is enabled. This is a readOnly attribute which reflects the value of mfaEnabledCategory attribute in SsoSettings

mfa_enrollment_type str

Specifies if Multi-Factor Authentication enrollment is mandatory or optional for a user

notification_settings GetDomainsAuthenticationFactorSettingsAuthenticationFactorSettingNotificationSetting]

Settings related to the Mobile App Notification channel, such as pull

ocid str

Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.

phone_call_enabled bool

If true, indicates that the phone (PHONE_CALL) channel is enabled for authentication

push_enabled bool

If true, indicates that the Mobile App Push Notification channel is enabled for authentication

resource_type_schema_version str

An endpoint-specific schema version number to use in the Request. Allowed version values are Earliest Version or Latest Version as specified in each REST API endpoint description, or any sequential number inbetween. All schema attributes/body parameters are a part of version 1. After version 1, any attributes added or deprecated will be tagged with the version that they were added to or deprecated in. If no version is provided, the latest schema version is returned.

schemas Sequence[str]

REQUIRED. The schemas attribute is an array of Strings which allows introspection of the supported schema version for a SCIM representation as well any schema extensions supported by that representation. Each String value must be a unique URI. This specification defines URIs for User, Group, and a standard "enterprise" extension. All representations of SCIM schema MUST include a non-zero value array with value(s) of the URIs supported by that representation. Duplicate values MUST NOT be included. Value order is not specified and MUST not impact behavior.

security_questions_enabled bool

If true, indicates that Security Questions are enabled for authentication

sms_enabled bool

If true, indicates that the Short Message Service (SMS) channel is enabled for authentication

tags GetDomainsAuthenticationFactorSettingsAuthenticationFactorSettingTag]

A list of tags on this resource.

tenancy_ocid str

Oracle Cloud Infrastructure Tenant Id (ocid) in which the resource lives.

third_party_factors GetDomainsAuthenticationFactorSettingsAuthenticationFactorSettingThirdPartyFactor]

Settings related to third-party factor

totp_enabled bool

If true, indicates that the Mobile App One Time Passcode channel is enabled for authentication

totp_settings GetDomainsAuthenticationFactorSettingsAuthenticationFactorSettingTotpSetting]

Settings related to Time-Based One-Time Passcodes (TOTP), such as hashing algo, totp time step, passcode length, and so on

urnietfparamsscimschemasoracleidcsextensionfido_authentication_factor_settings GetDomainsAuthenticationFactorSettingsAuthenticationFactorSettingUrnietfparamsscimschemasoracleidcsextensionfidoAuthenticationFactorSetting]

This extension defines attributes used to manage Multi-Factor Authentication settings of fido authentication

urnietfparamsscimschemasoracleidcsextensionthird_party_authentication_factor_settings GetDomainsAuthenticationFactorSettingsAuthenticationFactorSettingUrnietfparamsscimschemasoracleidcsextensionthirdPartyAuthenticationFactorSetting]

This extension defines attributes used to manage Multi-Factor Authentication settings of third party provider

user_enrollment_disabled_factors Sequence[str]

Factors for which enrollment should be blocked for End User

yubico_otp_enabled bool

If true, indicates that the Yubico OTP is enabled for authentication

attributeSets List<String>

A multi-valued list of strings indicating the return type of attribute definition. The specified set of attributes can be fetched by the return type of the attribute. One or more values can be given together to fetch more than one group of attributes. If 'attributes' query parameter is also available, union of the two is fetched. Valid values - all, always, never, request, default. Values are case-insensitive.

attributes String

A comma-delimited string that specifies the names of resource attributes that should be returned in the response. By default, a response that contains resource attributes contains only attributes that are defined in the schema for that resource type as returned=always or returned=default. An attribute that is defined as returned=request is returned in a response only if the request specifies its name in the value of this query parameter. If a request specifies this query parameter, the response contains the attributes that this query parameter specifies, as well as any attribute that is defined as returned=always.

authenticationFactorSettingId String
authorization String

The Authorization field value consists of credentials containing the authentication information of the user agent for the realm of the resource being requested.

autoEnrollEmailFactorDisabled Boolean

If true, indicates that email will not be enrolled as a MFA factor automatically if it a account recovery factor

bypassCodeEnabled Boolean

If true, indicates that Bypass Code is enabled for authentication

bypassCodeSettings List<Property Map>

Settings related to the bypass code, such as bypass code length, bypass code expiry, max active bypass codes, and so on

clientAppSettings List<Property Map>

Settings related to compliance, Personal Identification Number (PIN) policy, and so on

compartmentOcid String

Oracle Cloud Infrastructure Compartment Id (ocid) in which the resource lives.

compliancePolicies List<Property Map>

Compliance Policy that defines actions to be taken when a condition is violated

deleteInProgress Boolean

A boolean flag indicating this resource in the process of being deleted. Usually set to true when synchronous deletion of the resource would take too long.

domainOcid String

Oracle Cloud Infrastructure Domain Id (ocid) in which the resource lives.

emailEnabled Boolean

If true, indicates that the EMAIL channel is enabled for authentication

emailSettings List<Property Map>

Settings related to Email Factor, such as enabled email magic link factor, custom url for Email Link

endpointRestrictions List<Property Map>

Settings that describe the set of restrictions that the system should apply to devices and trusted endpoints of a user

fidoAuthenticatorEnabled Boolean

If true, indicates that the Fido Authenticator channels are enabled for authentication

hideBackupFactorEnabled Boolean

If true, indicates that 'Show backup factor(s)' button will be hidden during authentication

id String

Unique identifier for the SCIM Resource as defined by the Service Provider. Each representation of the Resource MUST include a non-empty id value. This identifier MUST be unique across the Service Provider's entire set of Resources. It MUST be a stable, non-reassignable identifier that does not change when the same Resource is returned in subsequent requests. The value of the id attribute is always issued by the Service Provider and MUST never be specified by the Service Consumer. bulkId: is a reserved keyword and MUST NOT be used in the unique identifier.

idcsCreatedBies List<Property Map>

The User or App who created the Resource

idcsEndpoint String

The basic endpoint for the identity domain

idcsLastModifiedBies List<Property Map>

The User or App who modified the Resource

idcsLastUpgradedInRelease String

The release number when the resource was upgraded.

idcsPreventedOperations List<String>

Each value of this attribute specifies an operation that only an internal client may perform on this particular resource.

identityStoreSettings List<Property Map>

Settings related to the use of a user's profile details from the identity store

metas List<Property Map>

A complex attribute that contains resource metadata. All sub-attributes are OPTIONAL.

mfaEnabledCategory String

Specifies the category of people for whom Multi-Factor Authentication is enabled. This is a readOnly attribute which reflects the value of mfaEnabledCategory attribute in SsoSettings

mfaEnrollmentType String

Specifies if Multi-Factor Authentication enrollment is mandatory or optional for a user

notificationSettings List<Property Map>

Settings related to the Mobile App Notification channel, such as pull

ocid String

Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.

phoneCallEnabled Boolean

If true, indicates that the phone (PHONE_CALL) channel is enabled for authentication

pushEnabled Boolean

If true, indicates that the Mobile App Push Notification channel is enabled for authentication

resourceTypeSchemaVersion String

An endpoint-specific schema version number to use in the Request. Allowed version values are Earliest Version or Latest Version as specified in each REST API endpoint description, or any sequential number inbetween. All schema attributes/body parameters are a part of version 1. After version 1, any attributes added or deprecated will be tagged with the version that they were added to or deprecated in. If no version is provided, the latest schema version is returned.

schemas List<String>

REQUIRED. The schemas attribute is an array of Strings which allows introspection of the supported schema version for a SCIM representation as well any schema extensions supported by that representation. Each String value must be a unique URI. This specification defines URIs for User, Group, and a standard "enterprise" extension. All representations of SCIM schema MUST include a non-zero value array with value(s) of the URIs supported by that representation. Duplicate values MUST NOT be included. Value order is not specified and MUST not impact behavior.

securityQuestionsEnabled Boolean

If true, indicates that Security Questions are enabled for authentication

smsEnabled Boolean

If true, indicates that the Short Message Service (SMS) channel is enabled for authentication

tags List<Property Map>

A list of tags on this resource.

tenancyOcid String

Oracle Cloud Infrastructure Tenant Id (ocid) in which the resource lives.

thirdPartyFactors List<Property Map>

Settings related to third-party factor

totpEnabled Boolean

If true, indicates that the Mobile App One Time Passcode channel is enabled for authentication

totpSettings List<Property Map>

Settings related to Time-Based One-Time Passcodes (TOTP), such as hashing algo, totp time step, passcode length, and so on

urnietfparamsscimschemasoracleidcsextensionfidoAuthenticationFactorSettings List<Property Map>

This extension defines attributes used to manage Multi-Factor Authentication settings of fido authentication

urnietfparamsscimschemasoracleidcsextensionthirdPartyAuthenticationFactorSettings List<Property Map>

This extension defines attributes used to manage Multi-Factor Authentication settings of third party provider

userEnrollmentDisabledFactors List<String>

Factors for which enrollment should be blocked for End User

yubicoOtpEnabled Boolean

If true, indicates that the Yubico OTP is enabled for authentication

GetDomainsAuthenticationFactorSettingsAuthenticationFactorSettingBypassCodeSetting

HelpDeskCodeExpiryInMins int

Expiry (in minutes) of any bypass code that is generated by the help desk

HelpDeskGenerationEnabled bool

If true, indicates that help desk bypass code generation is enabled

HelpDeskMaxUsage int

The maximum number of times that any bypass code that is generated by the help desk can be used

Length int

Exact length of the bypass code to be generated

MaxActive int

The maximum number of bypass codes that can be issued to any user

SelfServiceGenerationEnabled bool

If true, indicates that self-service bypass code generation is enabled

HelpDeskCodeExpiryInMins int

Expiry (in minutes) of any bypass code that is generated by the help desk

HelpDeskGenerationEnabled bool

If true, indicates that help desk bypass code generation is enabled

HelpDeskMaxUsage int

The maximum number of times that any bypass code that is generated by the help desk can be used

Length int

Exact length of the bypass code to be generated

MaxActive int

The maximum number of bypass codes that can be issued to any user

SelfServiceGenerationEnabled bool

If true, indicates that self-service bypass code generation is enabled

helpDeskCodeExpiryInMins Integer

Expiry (in minutes) of any bypass code that is generated by the help desk

helpDeskGenerationEnabled Boolean

If true, indicates that help desk bypass code generation is enabled

helpDeskMaxUsage Integer

The maximum number of times that any bypass code that is generated by the help desk can be used

length Integer

Exact length of the bypass code to be generated

maxActive Integer

The maximum number of bypass codes that can be issued to any user

selfServiceGenerationEnabled Boolean

If true, indicates that self-service bypass code generation is enabled

helpDeskCodeExpiryInMins number

Expiry (in minutes) of any bypass code that is generated by the help desk

helpDeskGenerationEnabled boolean

If true, indicates that help desk bypass code generation is enabled

helpDeskMaxUsage number

The maximum number of times that any bypass code that is generated by the help desk can be used

length number

Exact length of the bypass code to be generated

maxActive number

The maximum number of bypass codes that can be issued to any user

selfServiceGenerationEnabled boolean

If true, indicates that self-service bypass code generation is enabled

help_desk_code_expiry_in_mins int

Expiry (in minutes) of any bypass code that is generated by the help desk

help_desk_generation_enabled bool

If true, indicates that help desk bypass code generation is enabled

help_desk_max_usage int

The maximum number of times that any bypass code that is generated by the help desk can be used

length int

Exact length of the bypass code to be generated

max_active int

The maximum number of bypass codes that can be issued to any user

self_service_generation_enabled bool

If true, indicates that self-service bypass code generation is enabled

helpDeskCodeExpiryInMins Number

Expiry (in minutes) of any bypass code that is generated by the help desk

helpDeskGenerationEnabled Boolean

If true, indicates that help desk bypass code generation is enabled

helpDeskMaxUsage Number

The maximum number of times that any bypass code that is generated by the help desk can be used

length Number

Exact length of the bypass code to be generated

maxActive Number

The maximum number of bypass codes that can be issued to any user

selfServiceGenerationEnabled Boolean

If true, indicates that self-service bypass code generation is enabled

GetDomainsAuthenticationFactorSettingsAuthenticationFactorSettingClientAppSetting

DeviceProtectionPolicy string

Indicates what protection policy that the system applies on a device. By default, the value is NONE, which indicates that the system applies no protection policy. A value of APP_PIN indicates that the system requires a Personal Identification Number (PIN). A value of DEVICE_BIOMETRIC_OR_APP_PIN indicates that either a PIN or a biometric authentication factor is required.

InitialLockoutPeriodInSecs int

The period of time in seconds that the system will lock a user out of the service after that user exceeds the maximum number of login failures

KeyPairLength int

The size of the key that the system uses to generate the public-private key pair

LockoutEscalationPattern string

The pattern of escalation that the system follows, in locking a particular user out of the service.

MaxFailuresBeforeLockout int

The maximum number of times that a particular user can fail to login before the system locks that user out of the service

MaxFailuresBeforeWarning int

The maximum number of login failures that the system will allow before raising a warning and sending an alert via email

MaxLockoutIntervalInSecs int

The maximum period of time that the system will lock a particular user out of the service regardless of what the configured pattern of escalation would otherwise dictate

MinPinLength int

Minimum length of the Personal Identification Number (PIN)

PolicyUpdateFreqInDays int

The period of time in days after which a client should refresh its policy by re-reading that policy from the server

RequestSigningAlgo string

Indicates which algorithm the system will use to sign requests

SharedSecretEncoding string

Indicates the type of encoding that the system should use to generate a shared secret

UnlockAppForEachRequestEnabled bool

If true, indicates that the system should require the user to unlock the client app for each request. In order to unlock the App, the user must supply a Personal Identification Number (PIN) or a biometric authentication-factor.

UnlockAppIntervalInSecs int

Specifies the period of time in seconds after which the client App should require the user to unlock the App. In order to unlock the App, the user must supply a Personal Identification Number (PIN) or a biometric authentication-factor. A value of zero means that it is disabled.

UnlockOnAppForegroundEnabled bool

If true, indicates that the system should require the user to unlock the client App, when the client App comes to the foreground in the display of the device. In order to unlock the App, the user must supply a Personal Identification Number (PIN) or a biometric authentication-factor.

UnlockOnAppStartEnabled bool

If true, indicates that the system should require the user to unlock the client App whenever the App is started. In order to unlock the App, the user must supply a Personal Identification Number (PIN) or a biometric authentication-factor.

DeviceProtectionPolicy string

Indicates what protection policy that the system applies on a device. By default, the value is NONE, which indicates that the system applies no protection policy. A value of APP_PIN indicates that the system requires a Personal Identification Number (PIN). A value of DEVICE_BIOMETRIC_OR_APP_PIN indicates that either a PIN or a biometric authentication factor is required.

InitialLockoutPeriodInSecs int

The period of time in seconds that the system will lock a user out of the service after that user exceeds the maximum number of login failures

KeyPairLength int

The size of the key that the system uses to generate the public-private key pair

LockoutEscalationPattern string

The pattern of escalation that the system follows, in locking a particular user out of the service.

MaxFailuresBeforeLockout int

The maximum number of times that a particular user can fail to login before the system locks that user out of the service

MaxFailuresBeforeWarning int

The maximum number of login failures that the system will allow before raising a warning and sending an alert via email

MaxLockoutIntervalInSecs int

The maximum period of time that the system will lock a particular user out of the service regardless of what the configured pattern of escalation would otherwise dictate

MinPinLength int

Minimum length of the Personal Identification Number (PIN)

PolicyUpdateFreqInDays int

The period of time in days after which a client should refresh its policy by re-reading that policy from the server

RequestSigningAlgo string

Indicates which algorithm the system will use to sign requests

SharedSecretEncoding string

Indicates the type of encoding that the system should use to generate a shared secret

UnlockAppForEachRequestEnabled bool

If true, indicates that the system should require the user to unlock the client app for each request. In order to unlock the App, the user must supply a Personal Identification Number (PIN) or a biometric authentication-factor.

UnlockAppIntervalInSecs int

Specifies the period of time in seconds after which the client App should require the user to unlock the App. In order to unlock the App, the user must supply a Personal Identification Number (PIN) or a biometric authentication-factor. A value of zero means that it is disabled.

UnlockOnAppForegroundEnabled bool

If true, indicates that the system should require the user to unlock the client App, when the client App comes to the foreground in the display of the device. In order to unlock the App, the user must supply a Personal Identification Number (PIN) or a biometric authentication-factor.

UnlockOnAppStartEnabled bool

If true, indicates that the system should require the user to unlock the client App whenever the App is started. In order to unlock the App, the user must supply a Personal Identification Number (PIN) or a biometric authentication-factor.

deviceProtectionPolicy String

Indicates what protection policy that the system applies on a device. By default, the value is NONE, which indicates that the system applies no protection policy. A value of APP_PIN indicates that the system requires a Personal Identification Number (PIN). A value of DEVICE_BIOMETRIC_OR_APP_PIN indicates that either a PIN or a biometric authentication factor is required.

initialLockoutPeriodInSecs Integer

The period of time in seconds that the system will lock a user out of the service after that user exceeds the maximum number of login failures

keyPairLength Integer

The size of the key that the system uses to generate the public-private key pair

lockoutEscalationPattern String

The pattern of escalation that the system follows, in locking a particular user out of the service.

maxFailuresBeforeLockout Integer

The maximum number of times that a particular user can fail to login before the system locks that user out of the service

maxFailuresBeforeWarning Integer

The maximum number of login failures that the system will allow before raising a warning and sending an alert via email

maxLockoutIntervalInSecs Integer

The maximum period of time that the system will lock a particular user out of the service regardless of what the configured pattern of escalation would otherwise dictate

minPinLength Integer

Minimum length of the Personal Identification Number (PIN)

policyUpdateFreqInDays Integer

The period of time in days after which a client should refresh its policy by re-reading that policy from the server

requestSigningAlgo String

Indicates which algorithm the system will use to sign requests

sharedSecretEncoding String

Indicates the type of encoding that the system should use to generate a shared secret

unlockAppForEachRequestEnabled Boolean

If true, indicates that the system should require the user to unlock the client app for each request. In order to unlock the App, the user must supply a Personal Identification Number (PIN) or a biometric authentication-factor.

unlockAppIntervalInSecs Integer

Specifies the period of time in seconds after which the client App should require the user to unlock the App. In order to unlock the App, the user must supply a Personal Identification Number (PIN) or a biometric authentication-factor. A value of zero means that it is disabled.

unlockOnAppForegroundEnabled Boolean

If true, indicates that the system should require the user to unlock the client App, when the client App comes to the foreground in the display of the device. In order to unlock the App, the user must supply a Personal Identification Number (PIN) or a biometric authentication-factor.

unlockOnAppStartEnabled Boolean

If true, indicates that the system should require the user to unlock the client App whenever the App is started. In order to unlock the App, the user must supply a Personal Identification Number (PIN) or a biometric authentication-factor.

deviceProtectionPolicy string

Indicates what protection policy that the system applies on a device. By default, the value is NONE, which indicates that the system applies no protection policy. A value of APP_PIN indicates that the system requires a Personal Identification Number (PIN). A value of DEVICE_BIOMETRIC_OR_APP_PIN indicates that either a PIN or a biometric authentication factor is required.

initialLockoutPeriodInSecs number

The period of time in seconds that the system will lock a user out of the service after that user exceeds the maximum number of login failures

keyPairLength number

The size of the key that the system uses to generate the public-private key pair

lockoutEscalationPattern string

The pattern of escalation that the system follows, in locking a particular user out of the service.

maxFailuresBeforeLockout number

The maximum number of times that a particular user can fail to login before the system locks that user out of the service

maxFailuresBeforeWarning number

The maximum number of login failures that the system will allow before raising a warning and sending an alert via email

maxLockoutIntervalInSecs number

The maximum period of time that the system will lock a particular user out of the service regardless of what the configured pattern of escalation would otherwise dictate

minPinLength number

Minimum length of the Personal Identification Number (PIN)

policyUpdateFreqInDays number

The period of time in days after which a client should refresh its policy by re-reading that policy from the server

requestSigningAlgo string

Indicates which algorithm the system will use to sign requests

sharedSecretEncoding string

Indicates the type of encoding that the system should use to generate a shared secret

unlockAppForEachRequestEnabled boolean

If true, indicates that the system should require the user to unlock the client app for each request. In order to unlock the App, the user must supply a Personal Identification Number (PIN) or a biometric authentication-factor.

unlockAppIntervalInSecs number

Specifies the period of time in seconds after which the client App should require the user to unlock the App. In order to unlock the App, the user must supply a Personal Identification Number (PIN) or a biometric authentication-factor. A value of zero means that it is disabled.

unlockOnAppForegroundEnabled boolean

If true, indicates that the system should require the user to unlock the client App, when the client App comes to the foreground in the display of the device. In order to unlock the App, the user must supply a Personal Identification Number (PIN) or a biometric authentication-factor.

unlockOnAppStartEnabled boolean

If true, indicates that the system should require the user to unlock the client App whenever the App is started. In order to unlock the App, the user must supply a Personal Identification Number (PIN) or a biometric authentication-factor.

device_protection_policy str

Indicates what protection policy that the system applies on a device. By default, the value is NONE, which indicates that the system applies no protection policy. A value of APP_PIN indicates that the system requires a Personal Identification Number (PIN). A value of DEVICE_BIOMETRIC_OR_APP_PIN indicates that either a PIN or a biometric authentication factor is required.

initial_lockout_period_in_secs int

The period of time in seconds that the system will lock a user out of the service after that user exceeds the maximum number of login failures

key_pair_length int

The size of the key that the system uses to generate the public-private key pair

lockout_escalation_pattern str

The pattern of escalation that the system follows, in locking a particular user out of the service.

max_failures_before_lockout int

The maximum number of times that a particular user can fail to login before the system locks that user out of the service

max_failures_before_warning int

The maximum number of login failures that the system will allow before raising a warning and sending an alert via email

max_lockout_interval_in_secs int

The maximum period of time that the system will lock a particular user out of the service regardless of what the configured pattern of escalation would otherwise dictate

min_pin_length int

Minimum length of the Personal Identification Number (PIN)

policy_update_freq_in_days int

The period of time in days after which a client should refresh its policy by re-reading that policy from the server

request_signing_algo str

Indicates which algorithm the system will use to sign requests

shared_secret_encoding str

Indicates the type of encoding that the system should use to generate a shared secret

unlock_app_for_each_request_enabled bool

If true, indicates that the system should require the user to unlock the client app for each request. In order to unlock the App, the user must supply a Personal Identification Number (PIN) or a biometric authentication-factor.

unlock_app_interval_in_secs int

Specifies the period of time in seconds after which the client App should require the user to unlock the App. In order to unlock the App, the user must supply a Personal Identification Number (PIN) or a biometric authentication-factor. A value of zero means that it is disabled.

unlock_on_app_foreground_enabled bool

If true, indicates that the system should require the user to unlock the client App, when the client App comes to the foreground in the display of the device. In order to unlock the App, the user must supply a Personal Identification Number (PIN) or a biometric authentication-factor.

unlock_on_app_start_enabled bool

If true, indicates that the system should require the user to unlock the client App whenever the App is started. In order to unlock the App, the user must supply a Personal Identification Number (PIN) or a biometric authentication-factor.

deviceProtectionPolicy String

Indicates what protection policy that the system applies on a device. By default, the value is NONE, which indicates that the system applies no protection policy. A value of APP_PIN indicates that the system requires a Personal Identification Number (PIN). A value of DEVICE_BIOMETRIC_OR_APP_PIN indicates that either a PIN or a biometric authentication factor is required.

initialLockoutPeriodInSecs Number

The period of time in seconds that the system will lock a user out of the service after that user exceeds the maximum number of login failures

keyPairLength Number

The size of the key that the system uses to generate the public-private key pair

lockoutEscalationPattern String

The pattern of escalation that the system follows, in locking a particular user out of the service.

maxFailuresBeforeLockout Number

The maximum number of times that a particular user can fail to login before the system locks that user out of the service

maxFailuresBeforeWarning Number

The maximum number of login failures that the system will allow before raising a warning and sending an alert via email

maxLockoutIntervalInSecs Number

The maximum period of time that the system will lock a particular user out of the service regardless of what the configured pattern of escalation would otherwise dictate

minPinLength Number

Minimum length of the Personal Identification Number (PIN)

policyUpdateFreqInDays Number

The period of time in days after which a client should refresh its policy by re-reading that policy from the server

requestSigningAlgo String

Indicates which algorithm the system will use to sign requests

sharedSecretEncoding String

Indicates the type of encoding that the system should use to generate a shared secret

unlockAppForEachRequestEnabled Boolean

If true, indicates that the system should require the user to unlock the client app for each request. In order to unlock the App, the user must supply a Personal Identification Number (PIN) or a biometric authentication-factor.

unlockAppIntervalInSecs Number

Specifies the period of time in seconds after which the client App should require the user to unlock the App. In order to unlock the App, the user must supply a Personal Identification Number (PIN) or a biometric authentication-factor. A value of zero means that it is disabled.

unlockOnAppForegroundEnabled Boolean

If true, indicates that the system should require the user to unlock the client App, when the client App comes to the foreground in the display of the device. In order to unlock the App, the user must supply a Personal Identification Number (PIN) or a biometric authentication-factor.

unlockOnAppStartEnabled Boolean

If true, indicates that the system should require the user to unlock the client App whenever the App is started. In order to unlock the App, the user must supply a Personal Identification Number (PIN) or a biometric authentication-factor.

GetDomainsAuthenticationFactorSettingsAuthenticationFactorSettingCompliancePolicy

Action string

The action to be taken if the value of the attribute is not as expected

Name string

The name of the attribute being evaluated

Value string

Value of the tag.

Action string

The action to be taken if the value of the attribute is not as expected

Name string

The name of the attribute being evaluated

Value string

Value of the tag.

action String

The action to be taken if the value of the attribute is not as expected

name String

The name of the attribute being evaluated

value String

Value of the tag.

action string

The action to be taken if the value of the attribute is not as expected

name string

The name of the attribute being evaluated

value string

Value of the tag.

action str

The action to be taken if the value of the attribute is not as expected

name str

The name of the attribute being evaluated

value str

Value of the tag.

action String

The action to be taken if the value of the attribute is not as expected

name String

The name of the attribute being evaluated

value String

Value of the tag.

GetDomainsAuthenticationFactorSettingsAuthenticationFactorSettingEmailSetting

EmailLinkCustomUrl string

Custom redirect Url which will be used in email link

EmailLinkEnabled bool

Specifies whether Email link is enabled or not.

EmailLinkCustomUrl string

Custom redirect Url which will be used in email link

EmailLinkEnabled bool

Specifies whether Email link is enabled or not.

emailLinkCustomUrl String

Custom redirect Url which will be used in email link

emailLinkEnabled Boolean

Specifies whether Email link is enabled or not.

emailLinkCustomUrl string

Custom redirect Url which will be used in email link

emailLinkEnabled boolean

Specifies whether Email link is enabled or not.

email_link_custom_url str

Custom redirect Url which will be used in email link

email_link_enabled bool

Specifies whether Email link is enabled or not.

emailLinkCustomUrl String

Custom redirect Url which will be used in email link

emailLinkEnabled Boolean

Specifies whether Email link is enabled or not.

GetDomainsAuthenticationFactorSettingsAuthenticationFactorSettingEndpointRestriction

MaxEndpointTrustDurationInDays int

Maximum number of days until an endpoint can be trusted

MaxEnrolledDevices int

Maximum number of enrolled devices per user

MaxIncorrectAttempts int

An integer that represents the maximum number of failed MFA logins before an account is locked

MaxTrustedEndpoints int

Max number of trusted endpoints per user

TrustedEndpointsEnabled bool

Specify if trusted endpoints are enabled

MaxEndpointTrustDurationInDays int

Maximum number of days until an endpoint can be trusted

MaxEnrolledDevices int

Maximum number of enrolled devices per user

MaxIncorrectAttempts int

An integer that represents the maximum number of failed MFA logins before an account is locked

MaxTrustedEndpoints int

Max number of trusted endpoints per user

TrustedEndpointsEnabled bool

Specify if trusted endpoints are enabled

maxEndpointTrustDurationInDays Integer

Maximum number of days until an endpoint can be trusted

maxEnrolledDevices Integer

Maximum number of enrolled devices per user

maxIncorrectAttempts Integer

An integer that represents the maximum number of failed MFA logins before an account is locked

maxTrustedEndpoints Integer

Max number of trusted endpoints per user

trustedEndpointsEnabled Boolean

Specify if trusted endpoints are enabled

maxEndpointTrustDurationInDays number

Maximum number of days until an endpoint can be trusted

maxEnrolledDevices number

Maximum number of enrolled devices per user

maxIncorrectAttempts number

An integer that represents the maximum number of failed MFA logins before an account is locked

maxTrustedEndpoints number

Max number of trusted endpoints per user

trustedEndpointsEnabled boolean

Specify if trusted endpoints are enabled

max_endpoint_trust_duration_in_days int

Maximum number of days until an endpoint can be trusted

max_enrolled_devices int

Maximum number of enrolled devices per user

max_incorrect_attempts int

An integer that represents the maximum number of failed MFA logins before an account is locked

max_trusted_endpoints int

Max number of trusted endpoints per user

trusted_endpoints_enabled bool

Specify if trusted endpoints are enabled

maxEndpointTrustDurationInDays Number

Maximum number of days until an endpoint can be trusted

maxEnrolledDevices Number

Maximum number of enrolled devices per user

maxIncorrectAttempts Number

An integer that represents the maximum number of failed MFA logins before an account is locked

maxTrustedEndpoints Number

Max number of trusted endpoints per user

trustedEndpointsEnabled Boolean

Specify if trusted endpoints are enabled

GetDomainsAuthenticationFactorSettingsAuthenticationFactorSettingIdcsCreatedBy

Display string

The displayName of the User or App who modified this Resource

Ocid string

Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.

Ref string

The URI of the SCIM resource that represents the User or App who modified this Resource

Type string

The type of resource, User or App, that modified this Resource

Value string

Value of the tag.

Display string

The displayName of the User or App who modified this Resource

Ocid string

Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.

Ref string

The URI of the SCIM resource that represents the User or App who modified this Resource

Type string

The type of resource, User or App, that modified this Resource

Value string

Value of the tag.

display String

The displayName of the User or App who modified this Resource

ocid String

Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.

ref String

The URI of the SCIM resource that represents the User or App who modified this Resource

type String

The type of resource, User or App, that modified this Resource

value String

Value of the tag.

display string

The displayName of the User or App who modified this Resource

ocid string

Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.

ref string

The URI of the SCIM resource that represents the User or App who modified this Resource

type string

The type of resource, User or App, that modified this Resource

value string

Value of the tag.

display str

The displayName of the User or App who modified this Resource

ocid str

Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.

ref str

The URI of the SCIM resource that represents the User or App who modified this Resource

type str

The type of resource, User or App, that modified this Resource

value str

Value of the tag.

display String

The displayName of the User or App who modified this Resource

ocid String

Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.

ref String

The URI of the SCIM resource that represents the User or App who modified this Resource

type String

The type of resource, User or App, that modified this Resource

value String

Value of the tag.

GetDomainsAuthenticationFactorSettingsAuthenticationFactorSettingIdcsLastModifiedBy

Display string

The displayName of the User or App who modified this Resource

Ocid string

Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.

Ref string

The URI of the SCIM resource that represents the User or App who modified this Resource

Type string

The type of resource, User or App, that modified this Resource

Value string

Value of the tag.

Display string

The displayName of the User or App who modified this Resource

Ocid string

Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.

Ref string

The URI of the SCIM resource that represents the User or App who modified this Resource

Type string

The type of resource, User or App, that modified this Resource

Value string

Value of the tag.

display String

The displayName of the User or App who modified this Resource

ocid String

Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.

ref String

The URI of the SCIM resource that represents the User or App who modified this Resource

type String

The type of resource, User or App, that modified this Resource

value String

Value of the tag.

display string

The displayName of the User or App who modified this Resource

ocid string

Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.

ref string

The URI of the SCIM resource that represents the User or App who modified this Resource

type string

The type of resource, User or App, that modified this Resource

value string

Value of the tag.

display str

The displayName of the User or App who modified this Resource

ocid str

Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.

ref str

The URI of the SCIM resource that represents the User or App who modified this Resource

type str

The type of resource, User or App, that modified this Resource

value str

Value of the tag.

display String

The displayName of the User or App who modified this Resource

ocid String

Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.

ref String

The URI of the SCIM resource that represents the User or App who modified this Resource

type String

The type of resource, User or App, that modified this Resource

value String

Value of the tag.

GetDomainsAuthenticationFactorSettingsAuthenticationFactorSettingIdentityStoreSetting

MobileNumberEnabled bool

If true, indicates that Multi-Factor Authentication should use the mobile number in the identity store

MobileNumberUpdateEnabled bool

If true, indicates that the user can update the mobile number in the user's Multi-Factor Authentication profile

MobileNumberEnabled bool

If true, indicates that Multi-Factor Authentication should use the mobile number in the identity store

MobileNumberUpdateEnabled bool

If true, indicates that the user can update the mobile number in the user's Multi-Factor Authentication profile

mobileNumberEnabled Boolean

If true, indicates that Multi-Factor Authentication should use the mobile number in the identity store

mobileNumberUpdateEnabled Boolean

If true, indicates that the user can update the mobile number in the user's Multi-Factor Authentication profile

mobileNumberEnabled boolean

If true, indicates that Multi-Factor Authentication should use the mobile number in the identity store

mobileNumberUpdateEnabled boolean

If true, indicates that the user can update the mobile number in the user's Multi-Factor Authentication profile

mobile_number_enabled bool

If true, indicates that Multi-Factor Authentication should use the mobile number in the identity store

mobile_number_update_enabled bool

If true, indicates that the user can update the mobile number in the user's Multi-Factor Authentication profile

mobileNumberEnabled Boolean

If true, indicates that Multi-Factor Authentication should use the mobile number in the identity store

mobileNumberUpdateEnabled Boolean

If true, indicates that the user can update the mobile number in the user's Multi-Factor Authentication profile

GetDomainsAuthenticationFactorSettingsAuthenticationFactorSettingMeta

Created string

The DateTime the Resource was added to the Service Provider

LastModified string

The most recent DateTime that the details of this Resource were updated at the Service Provider. If this Resource has never been modified since its initial creation, the value MUST be the same as the value of created. The attribute MUST be a DateTime.

Location string

The URI of the Resource being returned. This value MUST be the same as the Location HTTP response header.

ResourceType string

Name of the resource type of the resource--for example, Users or Groups

Version string

The version of the Resource being returned. This value must be the same as the ETag HTTP response header.

Created string

The DateTime the Resource was added to the Service Provider

LastModified string

The most recent DateTime that the details of this Resource were updated at the Service Provider. If this Resource has never been modified since its initial creation, the value MUST be the same as the value of created. The attribute MUST be a DateTime.

Location string

The URI of the Resource being returned. This value MUST be the same as the Location HTTP response header.

ResourceType string

Name of the resource type of the resource--for example, Users or Groups

Version string

The version of the Resource being returned. This value must be the same as the ETag HTTP response header.

created String

The DateTime the Resource was added to the Service Provider

lastModified String

The most recent DateTime that the details of this Resource were updated at the Service Provider. If this Resource has never been modified since its initial creation, the value MUST be the same as the value of created. The attribute MUST be a DateTime.

location String

The URI of the Resource being returned. This value MUST be the same as the Location HTTP response header.

resourceType String

Name of the resource type of the resource--for example, Users or Groups

version String

The version of the Resource being returned. This value must be the same as the ETag HTTP response header.

created string

The DateTime the Resource was added to the Service Provider

lastModified string

The most recent DateTime that the details of this Resource were updated at the Service Provider. If this Resource has never been modified since its initial creation, the value MUST be the same as the value of created. The attribute MUST be a DateTime.

location string

The URI of the Resource being returned. This value MUST be the same as the Location HTTP response header.

resourceType string

Name of the resource type of the resource--for example, Users or Groups

version string

The version of the Resource being returned. This value must be the same as the ETag HTTP response header.

created str

The DateTime the Resource was added to the Service Provider

last_modified str

The most recent DateTime that the details of this Resource were updated at the Service Provider. If this Resource has never been modified since its initial creation, the value MUST be the same as the value of created. The attribute MUST be a DateTime.

location str

The URI of the Resource being returned. This value MUST be the same as the Location HTTP response header.

resource_type str

Name of the resource type of the resource--for example, Users or Groups

version str

The version of the Resource being returned. This value must be the same as the ETag HTTP response header.

created String

The DateTime the Resource was added to the Service Provider

lastModified String

The most recent DateTime that the details of this Resource were updated at the Service Provider. If this Resource has never been modified since its initial creation, the value MUST be the same as the value of created. The attribute MUST be a DateTime.

location String

The URI of the Resource being returned. This value MUST be the same as the Location HTTP response header.

resourceType String

Name of the resource type of the resource--for example, Users or Groups

version String

The version of the Resource being returned. This value must be the same as the ETag HTTP response header.

GetDomainsAuthenticationFactorSettingsAuthenticationFactorSettingNotificationSetting

PullEnabled bool

If true, indicates that the Mobile App Pull Notification channel is enabled for authentication

PullEnabled bool

If true, indicates that the Mobile App Pull Notification channel is enabled for authentication

pullEnabled Boolean

If true, indicates that the Mobile App Pull Notification channel is enabled for authentication

pullEnabled boolean

If true, indicates that the Mobile App Pull Notification channel is enabled for authentication

pull_enabled bool

If true, indicates that the Mobile App Pull Notification channel is enabled for authentication

pullEnabled Boolean

If true, indicates that the Mobile App Pull Notification channel is enabled for authentication

GetDomainsAuthenticationFactorSettingsAuthenticationFactorSettingTag

Key string

Key or name of the tag.

Value string

Value of the tag.

Key string

Key or name of the tag.

Value string

Value of the tag.

key String

Key or name of the tag.

value String

Value of the tag.

key string

Key or name of the tag.

value string

Value of the tag.

key str

Key or name of the tag.

value str

Value of the tag.

key String

Key or name of the tag.

value String

Value of the tag.

GetDomainsAuthenticationFactorSettingsAuthenticationFactorSettingThirdPartyFactor

DuoSecurity bool

To enable Duo Security factor

DuoSecurity bool

To enable Duo Security factor

duoSecurity Boolean

To enable Duo Security factor

duoSecurity boolean

To enable Duo Security factor

duo_security bool

To enable Duo Security factor

duoSecurity Boolean

To enable Duo Security factor

GetDomainsAuthenticationFactorSettingsAuthenticationFactorSettingTotpSetting

EmailOtpValidityDurationInMins int

The period of time (in minutes) that a one-time passcode remains valid that the system sends by email.

EmailPasscodeLength int

Exact length of the email one-time passcode.

HashingAlgorithm string

The hashing algorithm to be used to calculate a One-Time Passcode. By default, the system uses SHA1.

JwtValidityDurationInSecs int

The period of time (in seconds) that a JSON Web Token (JWT) is valid

KeyRefreshIntervalInDays int

The duration of time (in days) after which the shared secret has to be refreshed

PasscodeLength int

Exact length of the One-Time Passcode that the system should generate

SmsOtpValidityDurationInMins int

The period of time (in minutes) for which a One-Time Passcode that the system sends by Short Message Service (SMS) or by voice remains valid

SmsPasscodeLength int

Exact length of the Short Message Service (SMS) One-Time Passcode

TimeStepInSecs int

Time (in secs) to be used as the time step

TimeStepTolerance int

The tolerance/step-size that the system should use when validating a One-Time Passcode

EmailOtpValidityDurationInMins int

The period of time (in minutes) that a one-time passcode remains valid that the system sends by email.

EmailPasscodeLength int

Exact length of the email one-time passcode.

HashingAlgorithm string

The hashing algorithm to be used to calculate a One-Time Passcode. By default, the system uses SHA1.

JwtValidityDurationInSecs int

The period of time (in seconds) that a JSON Web Token (JWT) is valid

KeyRefreshIntervalInDays int

The duration of time (in days) after which the shared secret has to be refreshed

PasscodeLength int

Exact length of the One-Time Passcode that the system should generate

SmsOtpValidityDurationInMins int

The period of time (in minutes) for which a One-Time Passcode that the system sends by Short Message Service (SMS) or by voice remains valid

SmsPasscodeLength int

Exact length of the Short Message Service (SMS) One-Time Passcode

TimeStepInSecs int

Time (in secs) to be used as the time step

TimeStepTolerance int

The tolerance/step-size that the system should use when validating a One-Time Passcode

emailOtpValidityDurationInMins Integer

The period of time (in minutes) that a one-time passcode remains valid that the system sends by email.

emailPasscodeLength Integer

Exact length of the email one-time passcode.

hashingAlgorithm String

The hashing algorithm to be used to calculate a One-Time Passcode. By default, the system uses SHA1.

jwtValidityDurationInSecs Integer

The period of time (in seconds) that a JSON Web Token (JWT) is valid

keyRefreshIntervalInDays Integer

The duration of time (in days) after which the shared secret has to be refreshed

passcodeLength Integer

Exact length of the One-Time Passcode that the system should generate

smsOtpValidityDurationInMins Integer

The period of time (in minutes) for which a One-Time Passcode that the system sends by Short Message Service (SMS) or by voice remains valid

smsPasscodeLength Integer

Exact length of the Short Message Service (SMS) One-Time Passcode

timeStepInSecs Integer

Time (in secs) to be used as the time step

timeStepTolerance Integer

The tolerance/step-size that the system should use when validating a One-Time Passcode

emailOtpValidityDurationInMins number

The period of time (in minutes) that a one-time passcode remains valid that the system sends by email.

emailPasscodeLength number

Exact length of the email one-time passcode.

hashingAlgorithm string

The hashing algorithm to be used to calculate a One-Time Passcode. By default, the system uses SHA1.

jwtValidityDurationInSecs number

The period of time (in seconds) that a JSON Web Token (JWT) is valid

keyRefreshIntervalInDays number

The duration of time (in days) after which the shared secret has to be refreshed

passcodeLength number

Exact length of the One-Time Passcode that the system should generate

smsOtpValidityDurationInMins number

The period of time (in minutes) for which a One-Time Passcode that the system sends by Short Message Service (SMS) or by voice remains valid

smsPasscodeLength number

Exact length of the Short Message Service (SMS) One-Time Passcode

timeStepInSecs number

Time (in secs) to be used as the time step

timeStepTolerance number

The tolerance/step-size that the system should use when validating a One-Time Passcode

email_otp_validity_duration_in_mins int

The period of time (in minutes) that a one-time passcode remains valid that the system sends by email.

email_passcode_length int

Exact length of the email one-time passcode.

hashing_algorithm str

The hashing algorithm to be used to calculate a One-Time Passcode. By default, the system uses SHA1.

jwt_validity_duration_in_secs int

The period of time (in seconds) that a JSON Web Token (JWT) is valid

key_refresh_interval_in_days int

The duration of time (in days) after which the shared secret has to be refreshed

passcode_length int

Exact length of the One-Time Passcode that the system should generate

sms_otp_validity_duration_in_mins int

The period of time (in minutes) for which a One-Time Passcode that the system sends by Short Message Service (SMS) or by voice remains valid

sms_passcode_length int

Exact length of the Short Message Service (SMS) One-Time Passcode

time_step_in_secs int

Time (in secs) to be used as the time step

time_step_tolerance int

The tolerance/step-size that the system should use when validating a One-Time Passcode

emailOtpValidityDurationInMins Number

The period of time (in minutes) that a one-time passcode remains valid that the system sends by email.

emailPasscodeLength Number

Exact length of the email one-time passcode.

hashingAlgorithm String

The hashing algorithm to be used to calculate a One-Time Passcode. By default, the system uses SHA1.

jwtValidityDurationInSecs Number

The period of time (in seconds) that a JSON Web Token (JWT) is valid

keyRefreshIntervalInDays Number

The duration of time (in days) after which the shared secret has to be refreshed

passcodeLength Number

Exact length of the One-Time Passcode that the system should generate

smsOtpValidityDurationInMins Number

The period of time (in minutes) for which a One-Time Passcode that the system sends by Short Message Service (SMS) or by voice remains valid

smsPasscodeLength Number

Exact length of the Short Message Service (SMS) One-Time Passcode

timeStepInSecs Number

Time (in secs) to be used as the time step

timeStepTolerance Number

The tolerance/step-size that the system should use when validating a One-Time Passcode

GetDomainsAuthenticationFactorSettingsAuthenticationFactorSettingUrnietfparamsscimschemasoracleidcsextensionfidoAuthenticationFactorSetting

Attestation string

Attribute used to define the type of attestation required.

AuthenticatorSelectionAttachment string

Attribute used to define authenticator selection attachment.

AuthenticatorSelectionRequireResidentKey bool

Flag used to indicate authenticator selection is required or not

AuthenticatorSelectionResidentKey string

Attribute used to define authenticator selection resident key requirement.

AuthenticatorSelectionUserVerification string

Attribute used to define authenticator selection verification.

DomainValidationLevel int

Number of domain levels IDCS should use for origin comparision

ExcludeCredentials bool

Flag used to indicate whether we need to restrict creation of multiple credentials in same authenticator

PublicKeyTypes List<string>

List of server supported public key algorithms

Timeout int

Timeout for the fido authentication to complete

Attestation string

Attribute used to define the type of attestation required.

AuthenticatorSelectionAttachment string

Attribute used to define authenticator selection attachment.

AuthenticatorSelectionRequireResidentKey bool

Flag used to indicate authenticator selection is required or not

AuthenticatorSelectionResidentKey string

Attribute used to define authenticator selection resident key requirement.

AuthenticatorSelectionUserVerification string

Attribute used to define authenticator selection verification.

DomainValidationLevel int

Number of domain levels IDCS should use for origin comparision

ExcludeCredentials bool

Flag used to indicate whether we need to restrict creation of multiple credentials in same authenticator

PublicKeyTypes []string

List of server supported public key algorithms

Timeout int

Timeout for the fido authentication to complete

attestation String

Attribute used to define the type of attestation required.

authenticatorSelectionAttachment String

Attribute used to define authenticator selection attachment.

authenticatorSelectionRequireResidentKey Boolean

Flag used to indicate authenticator selection is required or not

authenticatorSelectionResidentKey String

Attribute used to define authenticator selection resident key requirement.

authenticatorSelectionUserVerification String

Attribute used to define authenticator selection verification.

domainValidationLevel Integer

Number of domain levels IDCS should use for origin comparision

excludeCredentials Boolean

Flag used to indicate whether we need to restrict creation of multiple credentials in same authenticator

publicKeyTypes List<String>

List of server supported public key algorithms

timeout Integer

Timeout for the fido authentication to complete

attestation string

Attribute used to define the type of attestation required.

authenticatorSelectionAttachment string

Attribute used to define authenticator selection attachment.

authenticatorSelectionRequireResidentKey boolean

Flag used to indicate authenticator selection is required or not

authenticatorSelectionResidentKey string

Attribute used to define authenticator selection resident key requirement.

authenticatorSelectionUserVerification string

Attribute used to define authenticator selection verification.

domainValidationLevel number

Number of domain levels IDCS should use for origin comparision

excludeCredentials boolean

Flag used to indicate whether we need to restrict creation of multiple credentials in same authenticator

publicKeyTypes string[]

List of server supported public key algorithms

timeout number

Timeout for the fido authentication to complete

attestation str

Attribute used to define the type of attestation required.

authenticator_selection_attachment str

Attribute used to define authenticator selection attachment.

authenticator_selection_require_resident_key bool

Flag used to indicate authenticator selection is required or not

authenticator_selection_resident_key str

Attribute used to define authenticator selection resident key requirement.

authenticator_selection_user_verification str

Attribute used to define authenticator selection verification.

domain_validation_level int

Number of domain levels IDCS should use for origin comparision

exclude_credentials bool

Flag used to indicate whether we need to restrict creation of multiple credentials in same authenticator

public_key_types Sequence[str]

List of server supported public key algorithms

timeout int

Timeout for the fido authentication to complete

attestation String

Attribute used to define the type of attestation required.

authenticatorSelectionAttachment String

Attribute used to define authenticator selection attachment.

authenticatorSelectionRequireResidentKey Boolean

Flag used to indicate authenticator selection is required or not

authenticatorSelectionResidentKey String

Attribute used to define authenticator selection resident key requirement.

authenticatorSelectionUserVerification String

Attribute used to define authenticator selection verification.

domainValidationLevel Number

Number of domain levels IDCS should use for origin comparision

excludeCredentials Boolean

Flag used to indicate whether we need to restrict creation of multiple credentials in same authenticator

publicKeyTypes List<String>

List of server supported public key algorithms

timeout Number

Timeout for the fido authentication to complete

GetDomainsAuthenticationFactorSettingsAuthenticationFactorSettingUrnietfparamsscimschemasoracleidcsextensionthirdPartyAuthenticationFactorSetting

duoSecuritySettings List<Property Map>

Settings related to Duo Security

GetDomainsAuthenticationFactorSettingsAuthenticationFactorSettingUrnietfparamsscimschemasoracleidcsextensionthirdPartyAuthenticationFactorSettingDuoSecuritySetting

ApiHostname string

Hostname to access the Duo security account

AttestationKey string

Attestation key to attest the request and response between Duo Security

IntegrationKey string

Integration key from Duo Security authenticator

SecretKey string

Secret key from Duo Security authenticator

UserMappingAttribute string

User attribute mapping value

ApiHostname string

Hostname to access the Duo security account

AttestationKey string

Attestation key to attest the request and response between Duo Security

IntegrationKey string

Integration key from Duo Security authenticator

SecretKey string

Secret key from Duo Security authenticator

UserMappingAttribute string

User attribute mapping value

apiHostname String

Hostname to access the Duo security account

attestationKey String

Attestation key to attest the request and response between Duo Security

integrationKey String

Integration key from Duo Security authenticator

secretKey String

Secret key from Duo Security authenticator

userMappingAttribute String

User attribute mapping value

apiHostname string

Hostname to access the Duo security account

attestationKey string

Attestation key to attest the request and response between Duo Security

integrationKey string

Integration key from Duo Security authenticator

secretKey string

Secret key from Duo Security authenticator

userMappingAttribute string

User attribute mapping value

api_hostname str

Hostname to access the Duo security account

attestation_key str

Attestation key to attest the request and response between Duo Security

integration_key str

Integration key from Duo Security authenticator

secret_key str

Secret key from Duo Security authenticator

user_mapping_attribute str

User attribute mapping value

apiHostname String

Hostname to access the Duo security account

attestationKey String

Attestation key to attest the request and response between Duo Security

integrationKey String

Integration key from Duo Security authenticator

secretKey String

Secret key from Duo Security authenticator

userMappingAttribute String

User attribute mapping value

Package Details

Repository
oci pulumi/pulumi-oci
License
Apache-2.0
Notes

This Pulumi package is based on the oci Terraform Provider.