oci logo
Oracle Cloud Infrastructure v0.19.0, May 26 23

oci.Identity.getDomainsIdentityProvider

Explore with Pulumi AI

This data source provides details about a specific Identity Provider resource in Oracle Cloud Infrastructure Identity Domains service.

Get an Identity Provider

Example Usage

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Oci = Pulumi.Oci;

return await Deployment.RunAsync(() => 
{
    var testIdentityProvider = Oci.Identity.GetDomainsIdentityProvider.Invoke(new()
    {
        IdcsEndpoint = data.Oci_identity_domain.Test_domain.Url,
        IdentityProviderId = oci_identity_identity_provider.Test_identity_provider.Id,
        AttributeSets = new[] {},
        Attributes = "",
        Authorization = @var.Identity_provider_authorization,
        ResourceTypeSchemaVersion = @var.Identity_provider_resource_type_schema_version,
    });

});
package main

import (
	"github.com/pulumi/pulumi-oci/sdk/go/oci/Identity"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := Identity.GetDomainsIdentityProvider(ctx, &identity.GetDomainsIdentityProviderArgs{
			IdcsEndpoint:              data.Oci_identity_domain.Test_domain.Url,
			IdentityProviderId:        oci_identity_identity_provider.Test_identity_provider.Id,
			AttributeSets:             []interface{}{},
			Attributes:                pulumi.StringRef(""),
			Authorization:             pulumi.StringRef(_var.Identity_provider_authorization),
			ResourceTypeSchemaVersion: pulumi.StringRef(_var.Identity_provider_resource_type_schema_version),
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}
package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.oci.Identity.IdentityFunctions;
import com.pulumi.oci.Identity.inputs.GetDomainsIdentityProviderArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        final var testIdentityProvider = IdentityFunctions.getDomainsIdentityProvider(GetDomainsIdentityProviderArgs.builder()
            .idcsEndpoint(data.oci_identity_domain().test_domain().url())
            .identityProviderId(oci_identity_identity_provider.test_identity_provider().id())
            .attributeSets()
            .attributes("")
            .authorization(var_.identity_provider_authorization())
            .resourceTypeSchemaVersion(var_.identity_provider_resource_type_schema_version())
            .build());

    }
}
import pulumi
import pulumi_oci as oci

test_identity_provider = oci.Identity.get_domains_identity_provider(idcs_endpoint=%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference),
    identity_provider_id=%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference),
    attribute_sets=[],
    attributes="",
    authorization=%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference),
    resource_type_schema_version=%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference))
import * as pulumi from "@pulumi/pulumi";
import * as oci from "@pulumi/oci";

const testIdentityProvider = oci.Identity.getDomainsIdentityProvider({
    idcsEndpoint: data.oci_identity_domain.test_domain.url,
    identityProviderId: oci_identity_identity_provider.test_identity_provider.id,
    attributeSets: [],
    attributes: "",
    authorization: _var.identity_provider_authorization,
    resourceTypeSchemaVersion: _var.identity_provider_resource_type_schema_version,
});
variables:
  testIdentityProvider:
    fn::invoke:
      Function: oci:Identity:getDomainsIdentityProvider
      Arguments:
        idcsEndpoint: ${data.oci_identity_domain.test_domain.url}
        identityProviderId: ${oci_identity_identity_provider.test_identity_provider.id}
        attributeSets: []
        attributes:
        authorization: ${var.identity_provider_authorization}
        resourceTypeSchemaVersion: ${var.identity_provider_resource_type_schema_version}

Using getDomainsIdentityProvider

Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.

function getDomainsIdentityProvider(args: GetDomainsIdentityProviderArgs, opts?: InvokeOptions): Promise<GetDomainsIdentityProviderResult>
function getDomainsIdentityProviderOutput(args: GetDomainsIdentityProviderOutputArgs, opts?: InvokeOptions): Output<GetDomainsIdentityProviderResult>
def get_domains_identity_provider(attribute_sets: Optional[Sequence[str]] = None,
                                  attributes: Optional[str] = None,
                                  authorization: Optional[str] = None,
                                  idcs_endpoint: Optional[str] = None,
                                  identity_provider_id: Optional[str] = None,
                                  resource_type_schema_version: Optional[str] = None,
                                  opts: Optional[InvokeOptions] = None) -> GetDomainsIdentityProviderResult
def get_domains_identity_provider_output(attribute_sets: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
                                  attributes: Optional[pulumi.Input[str]] = None,
                                  authorization: Optional[pulumi.Input[str]] = None,
                                  idcs_endpoint: Optional[pulumi.Input[str]] = None,
                                  identity_provider_id: Optional[pulumi.Input[str]] = None,
                                  resource_type_schema_version: Optional[pulumi.Input[str]] = None,
                                  opts: Optional[InvokeOptions] = None) -> Output[GetDomainsIdentityProviderResult]
func GetDomainsIdentityProvider(ctx *Context, args *GetDomainsIdentityProviderArgs, opts ...InvokeOption) (*GetDomainsIdentityProviderResult, error)
func GetDomainsIdentityProviderOutput(ctx *Context, args *GetDomainsIdentityProviderOutputArgs, opts ...InvokeOption) GetDomainsIdentityProviderResultOutput

> Note: This function is named GetDomainsIdentityProvider in the Go SDK.

public static class GetDomainsIdentityProvider 
{
    public static Task<GetDomainsIdentityProviderResult> InvokeAsync(GetDomainsIdentityProviderArgs args, InvokeOptions? opts = null)
    public static Output<GetDomainsIdentityProviderResult> Invoke(GetDomainsIdentityProviderInvokeArgs args, InvokeOptions? opts = null)
}
public static CompletableFuture<GetDomainsIdentityProviderResult> getDomainsIdentityProvider(GetDomainsIdentityProviderArgs args, InvokeOptions options)
// Output-based functions aren't available in Java yet
fn::invoke:
  function: oci:Identity/getDomainsIdentityProvider:getDomainsIdentityProvider
  arguments:
    # arguments dictionary

The following arguments are supported:

IdcsEndpoint string

The basic endpoint for the identity domain

IdentityProviderId string

ID of the resource

AttributeSets List<string>

A multi-valued list of strings indicating the return type of attribute definition. The specified set of attributes can be fetched by the return type of the attribute. One or more values can be given together to fetch more than one group of attributes. If 'attributes' query parameter is also available, union of the two is fetched. Valid values - all, always, never, request, default. Values are case-insensitive.

Attributes string

A comma-delimited string that specifies the names of resource attributes that should be returned in the response. By default, a response that contains resource attributes contains only attributes that are defined in the schema for that resource type as returned=always or returned=default. An attribute that is defined as returned=request is returned in a response only if the request specifies its name in the value of this query parameter. If a request specifies this query parameter, the response contains the attributes that this query parameter specifies, as well as any attribute that is defined as returned=always.

Authorization string

The Authorization field value consists of credentials containing the authentication information of the user agent for the realm of the resource being requested.

ResourceTypeSchemaVersion string

An endpoint-specific schema version number to use in the Request. Allowed version values are Earliest Version or Latest Version as specified in each REST API endpoint description, or any sequential number inbetween. All schema attributes/body parameters are a part of version 1. After version 1, any attributes added or deprecated will be tagged with the version that they were added to or deprecated in. If no version is provided, the latest schema version is returned.

IdcsEndpoint string

The basic endpoint for the identity domain

IdentityProviderId string

ID of the resource

AttributeSets []string

A multi-valued list of strings indicating the return type of attribute definition. The specified set of attributes can be fetched by the return type of the attribute. One or more values can be given together to fetch more than one group of attributes. If 'attributes' query parameter is also available, union of the two is fetched. Valid values - all, always, never, request, default. Values are case-insensitive.

Attributes string

A comma-delimited string that specifies the names of resource attributes that should be returned in the response. By default, a response that contains resource attributes contains only attributes that are defined in the schema for that resource type as returned=always or returned=default. An attribute that is defined as returned=request is returned in a response only if the request specifies its name in the value of this query parameter. If a request specifies this query parameter, the response contains the attributes that this query parameter specifies, as well as any attribute that is defined as returned=always.

Authorization string

The Authorization field value consists of credentials containing the authentication information of the user agent for the realm of the resource being requested.

ResourceTypeSchemaVersion string

An endpoint-specific schema version number to use in the Request. Allowed version values are Earliest Version or Latest Version as specified in each REST API endpoint description, or any sequential number inbetween. All schema attributes/body parameters are a part of version 1. After version 1, any attributes added or deprecated will be tagged with the version that they were added to or deprecated in. If no version is provided, the latest schema version is returned.

idcsEndpoint String

The basic endpoint for the identity domain

identityProviderId String

ID of the resource

attributeSets List<String>

A multi-valued list of strings indicating the return type of attribute definition. The specified set of attributes can be fetched by the return type of the attribute. One or more values can be given together to fetch more than one group of attributes. If 'attributes' query parameter is also available, union of the two is fetched. Valid values - all, always, never, request, default. Values are case-insensitive.

attributes String

A comma-delimited string that specifies the names of resource attributes that should be returned in the response. By default, a response that contains resource attributes contains only attributes that are defined in the schema for that resource type as returned=always or returned=default. An attribute that is defined as returned=request is returned in a response only if the request specifies its name in the value of this query parameter. If a request specifies this query parameter, the response contains the attributes that this query parameter specifies, as well as any attribute that is defined as returned=always.

authorization String

The Authorization field value consists of credentials containing the authentication information of the user agent for the realm of the resource being requested.

resourceTypeSchemaVersion String

An endpoint-specific schema version number to use in the Request. Allowed version values are Earliest Version or Latest Version as specified in each REST API endpoint description, or any sequential number inbetween. All schema attributes/body parameters are a part of version 1. After version 1, any attributes added or deprecated will be tagged with the version that they were added to or deprecated in. If no version is provided, the latest schema version is returned.

idcsEndpoint string

The basic endpoint for the identity domain

identityProviderId string

ID of the resource

attributeSets string[]

A multi-valued list of strings indicating the return type of attribute definition. The specified set of attributes can be fetched by the return type of the attribute. One or more values can be given together to fetch more than one group of attributes. If 'attributes' query parameter is also available, union of the two is fetched. Valid values - all, always, never, request, default. Values are case-insensitive.

attributes string

A comma-delimited string that specifies the names of resource attributes that should be returned in the response. By default, a response that contains resource attributes contains only attributes that are defined in the schema for that resource type as returned=always or returned=default. An attribute that is defined as returned=request is returned in a response only if the request specifies its name in the value of this query parameter. If a request specifies this query parameter, the response contains the attributes that this query parameter specifies, as well as any attribute that is defined as returned=always.

authorization string

The Authorization field value consists of credentials containing the authentication information of the user agent for the realm of the resource being requested.

resourceTypeSchemaVersion string

An endpoint-specific schema version number to use in the Request. Allowed version values are Earliest Version or Latest Version as specified in each REST API endpoint description, or any sequential number inbetween. All schema attributes/body parameters are a part of version 1. After version 1, any attributes added or deprecated will be tagged with the version that they were added to or deprecated in. If no version is provided, the latest schema version is returned.

idcs_endpoint str

The basic endpoint for the identity domain

identity_provider_id str

ID of the resource

attribute_sets Sequence[str]

A multi-valued list of strings indicating the return type of attribute definition. The specified set of attributes can be fetched by the return type of the attribute. One or more values can be given together to fetch more than one group of attributes. If 'attributes' query parameter is also available, union of the two is fetched. Valid values - all, always, never, request, default. Values are case-insensitive.

attributes str

A comma-delimited string that specifies the names of resource attributes that should be returned in the response. By default, a response that contains resource attributes contains only attributes that are defined in the schema for that resource type as returned=always or returned=default. An attribute that is defined as returned=request is returned in a response only if the request specifies its name in the value of this query parameter. If a request specifies this query parameter, the response contains the attributes that this query parameter specifies, as well as any attribute that is defined as returned=always.

authorization str

The Authorization field value consists of credentials containing the authentication information of the user agent for the realm of the resource being requested.

resource_type_schema_version str

An endpoint-specific schema version number to use in the Request. Allowed version values are Earliest Version or Latest Version as specified in each REST API endpoint description, or any sequential number inbetween. All schema attributes/body parameters are a part of version 1. After version 1, any attributes added or deprecated will be tagged with the version that they were added to or deprecated in. If no version is provided, the latest schema version is returned.

idcsEndpoint String

The basic endpoint for the identity domain

identityProviderId String

ID of the resource

attributeSets List<String>

A multi-valued list of strings indicating the return type of attribute definition. The specified set of attributes can be fetched by the return type of the attribute. One or more values can be given together to fetch more than one group of attributes. If 'attributes' query parameter is also available, union of the two is fetched. Valid values - all, always, never, request, default. Values are case-insensitive.

attributes String

A comma-delimited string that specifies the names of resource attributes that should be returned in the response. By default, a response that contains resource attributes contains only attributes that are defined in the schema for that resource type as returned=always or returned=default. An attribute that is defined as returned=request is returned in a response only if the request specifies its name in the value of this query parameter. If a request specifies this query parameter, the response contains the attributes that this query parameter specifies, as well as any attribute that is defined as returned=always.

authorization String

The Authorization field value consists of credentials containing the authentication information of the user agent for the realm of the resource being requested.

resourceTypeSchemaVersion String

An endpoint-specific schema version number to use in the Request. Allowed version values are Earliest Version or Latest Version as specified in each REST API endpoint description, or any sequential number inbetween. All schema attributes/body parameters are a part of version 1. After version 1, any attributes added or deprecated will be tagged with the version that they were added to or deprecated in. If no version is provided, the latest schema version is returned.

getDomainsIdentityProvider Result

The following output properties are available:

AssertionAttribute string

Assertion attribute name.

AuthnRequestBinding string

HTTP binding to use for authentication requests.

CompartmentOcid string

Oracle Cloud Infrastructure Compartment Id (ocid) in which the resource lives.

CorrelationPolicies List<GetDomainsIdentityProviderCorrelationPolicy>

Correlation policy

DeleteInProgress bool

A boolean flag indicating this resource in the process of being deleted. Usually set to true when synchronous deletion of the resource would take too long.

Description string

Description

DomainOcid string

Oracle Cloud Infrastructure Domain Id (ocid) in which the resource lives.

Enabled bool

Set to true to indicate Partner enabled.

EncryptionCertificate string

Encryption certificate

ExternalId string

An identifier for the Resource as defined by the Service Consumer. The externalId may simplify identification of the Resource between Service Consumer and Service Provider by allowing the Consumer to refer to the Resource with its own identifier, obviating the need to store a local mapping between the local identifier of the Resource and the identifier used by the Service Provider. Each Resource MAY include a non-empty externalId value. The value of the externalId attribute is always issued by the Service Consumer and can never be specified by the Service Provider. The Service Provider MUST always interpret the externalId as scoped to the Service Consumer's tenant.

IconUrl string

Identity Provider Icon URL.

Id string

Unique identifier for the SCIM Resource as defined by the Service Provider. Each representation of the Resource MUST include a non-empty id value. This identifier MUST be unique across the Service Provider's entire set of Resources. It MUST be a stable, non-reassignable identifier that does not change when the same Resource is returned in subsequent requests. The value of the id attribute is always issued by the Service Provider and MUST never be specified by the Service Consumer. bulkId: is a reserved keyword and MUST NOT be used in the unique identifier.

IdcsCreatedBies List<GetDomainsIdentityProviderIdcsCreatedBy>

The User or App who created the Resource

IdcsEndpoint string
IdcsLastModifiedBies List<GetDomainsIdentityProviderIdcsLastModifiedBy>

The User or App who modified the Resource

IdcsLastUpgradedInRelease string

The release number when the resource was upgraded.

IdcsPreventedOperations List<string>

Each value of this attribute specifies an operation that only an internal client may perform on this particular resource.

IdentityProviderId string
IdpSsoUrl string

Identity Provider SSO URL

IncludeSigningCertInSignature bool

Set to true to include the signing certificate in the signature.

JitUserProvAssignedGroups List<GetDomainsIdentityProviderJitUserProvAssignedGroup>

Refers to every group of which a JIT-provisioned User should be a member. Just-in-Time user-provisioning applies this static list when jitUserProvGroupStaticListEnabled:true.

JitUserProvAttributeUpdateEnabled bool

Set to true to indicate JIT User Creation is enabled

JitUserProvAttributes List<GetDomainsIdentityProviderJitUserProvAttribute>

Assertion To User Mapping

JitUserProvCreateUserEnabled bool

Set to true to indicate JIT User Creation is enabled

JitUserProvEnabled bool

Set to true to indicate JIT User Provisioning is enabled

JitUserProvGroupAssertionAttributeEnabled bool

Set to true to indicate JIT User Provisioning Groups should be assigned based on assertion attribute

JitUserProvGroupAssignmentMethod string

The default value is 'Overwrite', which tells Just-In-Time user-provisioning to replace any current group-assignments for a User with those assigned by assertions and/or those assigned statically. Specify 'Merge' if you want Just-In-Time user-provisioning to combine its group-assignments with those the user already has.

JitUserProvGroupMappingMode string

Property to indicate the mode of group mapping

JitUserProvGroupMappings List<GetDomainsIdentityProviderJitUserProvGroupMapping>

The list of mappings between the Identity Domain Group and the IDP group.

JitUserProvGroupSamlAttributeName string

Name of the assertion attribute containing the users groups

JitUserProvGroupStaticListEnabled bool

Set to true to indicate JIT User Provisioning Groups should be assigned from a static list

JitUserProvIgnoreErrorOnAbsentGroups bool

Set to true to indicate ignoring absence of group while provisioning

LogoutBinding string

HTTP binding to use for logout.

LogoutEnabled bool

Set to true to enable logout.

LogoutRequestUrl string

Logout request URL

LogoutResponseUrl string

Logout response URL

Metadata string

Metadata

Metas List<GetDomainsIdentityProviderMeta>

A complex attribute that contains resource metadata. All sub-attributes are OPTIONAL.

NameIdFormat string

Default authentication request name ID format.

Ocid string

Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.

PartnerName string

Unique name of the trusted Identity Provider.

PartnerProviderId string

Provider ID

RequestedAuthenticationContexts List<string>

SAML SP authentication type.

RequireForceAuthn bool

This SP requires requests SAML IdP to enforce re-authentication.

RequiresEncryptedAssertion bool

SAML SP must accept encrypted assertion only.

SamlHoKrequired bool

SAML SP HoK Enabled.

Schemas List<string>

REQUIRED. The schemas attribute is an array of Strings which allows introspection of the supported schema version for a SCIM representation as well any schema extensions supported by that representation. Each String value must be a unique URI. This specification defines URIs for User, Group, and a standard "enterprise" extension. All representations of SCIM schema MUST include a non-zero value array with value(s) of the URIs supported by that representation. Duplicate values MUST NOT be included. Value order is not specified and MUST not impact behavior.

ServiceInstanceIdentifier string

The serviceInstanceIdentifier of the App that hosts this IdP. This value will match the opcServiceInstanceGUID of any service-instance that the IdP represents.

ShownOnLoginPage bool

Set to true to indicate whether to show IdP in login page or not.

SignatureHashAlgorithm string

Signature hash algorithm.

SigningCertificate string

Signing certificate

SuccinctId string

Succinct ID

Tags List<GetDomainsIdentityProviderTag>

A list of tags on this resource.

TenancyOcid string

Oracle Cloud Infrastructure Tenant Id (ocid) in which the resource lives.

TenantProviderId string

The alternate Provider ID to be used as the Oracle Identity Cloud Service providerID (instead of the one in SamlSettings) when interacting with this IdP.

Type string

Identity Provider Type

UrnietfparamsscimschemasoracleidcsextensionsocialIdentityProviders List<GetDomainsIdentityProviderUrnietfparamsscimschemasoracleidcsextensionsocialIdentityProvider>

Social Identity Provider Extension Schema

Urnietfparamsscimschemasoracleidcsextensionx509identityProviders List<GetDomainsIdentityProviderUrnietfparamsscimschemasoracleidcsextensionx509identityProvider>

X509 Identity Provider Extension Schema

UserMappingMethod string

User mapping method.

UserMappingStoreAttribute string

This property specifies the userstore attribute value that must match the incoming assertion attribute value or the incoming nameid attribute value in order to identify the user during SSO.You can construct the userMappingStoreAttribute value by specifying attributes from the Oracle Identity Cloud Service Core Users schema. For examples of how to construct the userMappingStoreAttribute value, see the Example of a Request Body section of the Examples tab for the POST and PUT methods of the /IdentityProviders endpoint.

AttributeSets List<string>
Attributes string
Authorization string
ResourceTypeSchemaVersion string
AssertionAttribute string

Assertion attribute name.

AuthnRequestBinding string

HTTP binding to use for authentication requests.

CompartmentOcid string

Oracle Cloud Infrastructure Compartment Id (ocid) in which the resource lives.

CorrelationPolicies []GetDomainsIdentityProviderCorrelationPolicy

Correlation policy

DeleteInProgress bool

A boolean flag indicating this resource in the process of being deleted. Usually set to true when synchronous deletion of the resource would take too long.

Description string

Description

DomainOcid string

Oracle Cloud Infrastructure Domain Id (ocid) in which the resource lives.

Enabled bool

Set to true to indicate Partner enabled.

EncryptionCertificate string

Encryption certificate

ExternalId string

An identifier for the Resource as defined by the Service Consumer. The externalId may simplify identification of the Resource between Service Consumer and Service Provider by allowing the Consumer to refer to the Resource with its own identifier, obviating the need to store a local mapping between the local identifier of the Resource and the identifier used by the Service Provider. Each Resource MAY include a non-empty externalId value. The value of the externalId attribute is always issued by the Service Consumer and can never be specified by the Service Provider. The Service Provider MUST always interpret the externalId as scoped to the Service Consumer's tenant.

IconUrl string

Identity Provider Icon URL.

Id string

Unique identifier for the SCIM Resource as defined by the Service Provider. Each representation of the Resource MUST include a non-empty id value. This identifier MUST be unique across the Service Provider's entire set of Resources. It MUST be a stable, non-reassignable identifier that does not change when the same Resource is returned in subsequent requests. The value of the id attribute is always issued by the Service Provider and MUST never be specified by the Service Consumer. bulkId: is a reserved keyword and MUST NOT be used in the unique identifier.

IdcsCreatedBies []GetDomainsIdentityProviderIdcsCreatedBy

The User or App who created the Resource

IdcsEndpoint string
IdcsLastModifiedBies []GetDomainsIdentityProviderIdcsLastModifiedBy

The User or App who modified the Resource

IdcsLastUpgradedInRelease string

The release number when the resource was upgraded.

IdcsPreventedOperations []string

Each value of this attribute specifies an operation that only an internal client may perform on this particular resource.

IdentityProviderId string
IdpSsoUrl string

Identity Provider SSO URL

IncludeSigningCertInSignature bool

Set to true to include the signing certificate in the signature.

JitUserProvAssignedGroups []GetDomainsIdentityProviderJitUserProvAssignedGroup

Refers to every group of which a JIT-provisioned User should be a member. Just-in-Time user-provisioning applies this static list when jitUserProvGroupStaticListEnabled:true.

JitUserProvAttributeUpdateEnabled bool

Set to true to indicate JIT User Creation is enabled

JitUserProvAttributes []GetDomainsIdentityProviderJitUserProvAttribute

Assertion To User Mapping

JitUserProvCreateUserEnabled bool

Set to true to indicate JIT User Creation is enabled

JitUserProvEnabled bool

Set to true to indicate JIT User Provisioning is enabled

JitUserProvGroupAssertionAttributeEnabled bool

Set to true to indicate JIT User Provisioning Groups should be assigned based on assertion attribute

JitUserProvGroupAssignmentMethod string

The default value is 'Overwrite', which tells Just-In-Time user-provisioning to replace any current group-assignments for a User with those assigned by assertions and/or those assigned statically. Specify 'Merge' if you want Just-In-Time user-provisioning to combine its group-assignments with those the user already has.

JitUserProvGroupMappingMode string

Property to indicate the mode of group mapping

JitUserProvGroupMappings []GetDomainsIdentityProviderJitUserProvGroupMapping

The list of mappings between the Identity Domain Group and the IDP group.

JitUserProvGroupSamlAttributeName string

Name of the assertion attribute containing the users groups

JitUserProvGroupStaticListEnabled bool

Set to true to indicate JIT User Provisioning Groups should be assigned from a static list

JitUserProvIgnoreErrorOnAbsentGroups bool

Set to true to indicate ignoring absence of group while provisioning

LogoutBinding string

HTTP binding to use for logout.

LogoutEnabled bool

Set to true to enable logout.

LogoutRequestUrl string

Logout request URL

LogoutResponseUrl string

Logout response URL

Metadata string

Metadata

Metas []GetDomainsIdentityProviderMeta

A complex attribute that contains resource metadata. All sub-attributes are OPTIONAL.

NameIdFormat string

Default authentication request name ID format.

Ocid string

Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.

PartnerName string

Unique name of the trusted Identity Provider.

PartnerProviderId string

Provider ID

RequestedAuthenticationContexts []string

SAML SP authentication type.

RequireForceAuthn bool

This SP requires requests SAML IdP to enforce re-authentication.

RequiresEncryptedAssertion bool

SAML SP must accept encrypted assertion only.

SamlHoKrequired bool

SAML SP HoK Enabled.

Schemas []string

REQUIRED. The schemas attribute is an array of Strings which allows introspection of the supported schema version for a SCIM representation as well any schema extensions supported by that representation. Each String value must be a unique URI. This specification defines URIs for User, Group, and a standard "enterprise" extension. All representations of SCIM schema MUST include a non-zero value array with value(s) of the URIs supported by that representation. Duplicate values MUST NOT be included. Value order is not specified and MUST not impact behavior.

ServiceInstanceIdentifier string

The serviceInstanceIdentifier of the App that hosts this IdP. This value will match the opcServiceInstanceGUID of any service-instance that the IdP represents.

ShownOnLoginPage bool

Set to true to indicate whether to show IdP in login page or not.

SignatureHashAlgorithm string

Signature hash algorithm.

SigningCertificate string

Signing certificate

SuccinctId string

Succinct ID

Tags []GetDomainsIdentityProviderTag

A list of tags on this resource.

TenancyOcid string

Oracle Cloud Infrastructure Tenant Id (ocid) in which the resource lives.

TenantProviderId string

The alternate Provider ID to be used as the Oracle Identity Cloud Service providerID (instead of the one in SamlSettings) when interacting with this IdP.

Type string

Identity Provider Type

UrnietfparamsscimschemasoracleidcsextensionsocialIdentityProviders []GetDomainsIdentityProviderUrnietfparamsscimschemasoracleidcsextensionsocialIdentityProvider

Social Identity Provider Extension Schema

Urnietfparamsscimschemasoracleidcsextensionx509identityProviders []GetDomainsIdentityProviderUrnietfparamsscimschemasoracleidcsextensionx509identityProvider

X509 Identity Provider Extension Schema

UserMappingMethod string

User mapping method.

UserMappingStoreAttribute string

This property specifies the userstore attribute value that must match the incoming assertion attribute value or the incoming nameid attribute value in order to identify the user during SSO.You can construct the userMappingStoreAttribute value by specifying attributes from the Oracle Identity Cloud Service Core Users schema. For examples of how to construct the userMappingStoreAttribute value, see the Example of a Request Body section of the Examples tab for the POST and PUT methods of the /IdentityProviders endpoint.

AttributeSets []string
Attributes string
Authorization string
ResourceTypeSchemaVersion string
assertionAttribute String

Assertion attribute name.

authnRequestBinding String

HTTP binding to use for authentication requests.

compartmentOcid String

Oracle Cloud Infrastructure Compartment Id (ocid) in which the resource lives.

correlationPolicies List<GetDomainsProviderCorrelationPolicy>

Correlation policy

deleteInProgress Boolean

A boolean flag indicating this resource in the process of being deleted. Usually set to true when synchronous deletion of the resource would take too long.

description String

Description

domainOcid String

Oracle Cloud Infrastructure Domain Id (ocid) in which the resource lives.

enabled Boolean

Set to true to indicate Partner enabled.

encryptionCertificate String

Encryption certificate

externalId String

An identifier for the Resource as defined by the Service Consumer. The externalId may simplify identification of the Resource between Service Consumer and Service Provider by allowing the Consumer to refer to the Resource with its own identifier, obviating the need to store a local mapping between the local identifier of the Resource and the identifier used by the Service Provider. Each Resource MAY include a non-empty externalId value. The value of the externalId attribute is always issued by the Service Consumer and can never be specified by the Service Provider. The Service Provider MUST always interpret the externalId as scoped to the Service Consumer's tenant.

iconUrl String

Identity Provider Icon URL.

id String

Unique identifier for the SCIM Resource as defined by the Service Provider. Each representation of the Resource MUST include a non-empty id value. This identifier MUST be unique across the Service Provider's entire set of Resources. It MUST be a stable, non-reassignable identifier that does not change when the same Resource is returned in subsequent requests. The value of the id attribute is always issued by the Service Provider and MUST never be specified by the Service Consumer. bulkId: is a reserved keyword and MUST NOT be used in the unique identifier.

idcsCreatedBies List<GetDomainsProviderIdcsCreatedBy>

The User or App who created the Resource

idcsEndpoint String
idcsLastModifiedBies List<GetDomainsProviderIdcsLastModifiedBy>

The User or App who modified the Resource

idcsLastUpgradedInRelease String

The release number when the resource was upgraded.

idcsPreventedOperations List<String>

Each value of this attribute specifies an operation that only an internal client may perform on this particular resource.

identityProviderId String
idpSsoUrl String

Identity Provider SSO URL

includeSigningCertInSignature Boolean

Set to true to include the signing certificate in the signature.

jitUserProvAssignedGroups List<GetDomainsProviderJitUserProvAssignedGroup>

Refers to every group of which a JIT-provisioned User should be a member. Just-in-Time user-provisioning applies this static list when jitUserProvGroupStaticListEnabled:true.

jitUserProvAttributeUpdateEnabled Boolean

Set to true to indicate JIT User Creation is enabled

jitUserProvAttributes List<GetDomainsProviderJitUserProvAttribute>

Assertion To User Mapping

jitUserProvCreateUserEnabled Boolean

Set to true to indicate JIT User Creation is enabled

jitUserProvEnabled Boolean

Set to true to indicate JIT User Provisioning is enabled

jitUserProvGroupAssertionAttributeEnabled Boolean

Set to true to indicate JIT User Provisioning Groups should be assigned based on assertion attribute

jitUserProvGroupAssignmentMethod String

The default value is 'Overwrite', which tells Just-In-Time user-provisioning to replace any current group-assignments for a User with those assigned by assertions and/or those assigned statically. Specify 'Merge' if you want Just-In-Time user-provisioning to combine its group-assignments with those the user already has.

jitUserProvGroupMappingMode String

Property to indicate the mode of group mapping

jitUserProvGroupMappings List<GetDomainsProviderJitUserProvGroupMapping>

The list of mappings between the Identity Domain Group and the IDP group.

jitUserProvGroupSamlAttributeName String

Name of the assertion attribute containing the users groups

jitUserProvGroupStaticListEnabled Boolean

Set to true to indicate JIT User Provisioning Groups should be assigned from a static list

jitUserProvIgnoreErrorOnAbsentGroups Boolean

Set to true to indicate ignoring absence of group while provisioning

logoutBinding String

HTTP binding to use for logout.

logoutEnabled Boolean

Set to true to enable logout.

logoutRequestUrl String

Logout request URL

logoutResponseUrl String

Logout response URL

metadata String

Metadata

metas List<GetDomainsProviderMeta>

A complex attribute that contains resource metadata. All sub-attributes are OPTIONAL.

nameIdFormat String

Default authentication request name ID format.

ocid String

Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.

partnerName String

Unique name of the trusted Identity Provider.

partnerProviderId String

Provider ID

requestedAuthenticationContexts List<String>

SAML SP authentication type.

requireForceAuthn Boolean

This SP requires requests SAML IdP to enforce re-authentication.

requiresEncryptedAssertion Boolean

SAML SP must accept encrypted assertion only.

samlHoKrequired Boolean

SAML SP HoK Enabled.

schemas List<String>

REQUIRED. The schemas attribute is an array of Strings which allows introspection of the supported schema version for a SCIM representation as well any schema extensions supported by that representation. Each String value must be a unique URI. This specification defines URIs for User, Group, and a standard "enterprise" extension. All representations of SCIM schema MUST include a non-zero value array with value(s) of the URIs supported by that representation. Duplicate values MUST NOT be included. Value order is not specified and MUST not impact behavior.

serviceInstanceIdentifier String

The serviceInstanceIdentifier of the App that hosts this IdP. This value will match the opcServiceInstanceGUID of any service-instance that the IdP represents.

shownOnLoginPage Boolean

Set to true to indicate whether to show IdP in login page or not.

signatureHashAlgorithm String

Signature hash algorithm.

signingCertificate String

Signing certificate

succinctId String

Succinct ID

tags List<GetDomainsProviderTag>

A list of tags on this resource.

tenancyOcid String

Oracle Cloud Infrastructure Tenant Id (ocid) in which the resource lives.

tenantProviderId String

The alternate Provider ID to be used as the Oracle Identity Cloud Service providerID (instead of the one in SamlSettings) when interacting with this IdP.

type String

Identity Provider Type

urnietfparamsscimschemasoracleidcsextensionsocialIdentityProviders List<GetDomainsProviderUrnietfparamsscimschemasoracleidcsextensionsocialProvider>

Social Identity Provider Extension Schema

urnietfparamsscimschemasoracleidcsextensionx509identityProviders List<GetDomainsProviderUrnietfparamsscimschemasoracleidcsextensionx509identityProvider>

X509 Identity Provider Extension Schema

userMappingMethod String

User mapping method.

userMappingStoreAttribute String

This property specifies the userstore attribute value that must match the incoming assertion attribute value or the incoming nameid attribute value in order to identify the user during SSO.You can construct the userMappingStoreAttribute value by specifying attributes from the Oracle Identity Cloud Service Core Users schema. For examples of how to construct the userMappingStoreAttribute value, see the Example of a Request Body section of the Examples tab for the POST and PUT methods of the /IdentityProviders endpoint.

attributeSets List<String>
attributes String
authorization String
resourceTypeSchemaVersion String
assertionAttribute string

Assertion attribute name.

authnRequestBinding string

HTTP binding to use for authentication requests.

compartmentOcid string

Oracle Cloud Infrastructure Compartment Id (ocid) in which the resource lives.

correlationPolicies GetDomainsIdentityProviderCorrelationPolicy[]

Correlation policy

deleteInProgress boolean

A boolean flag indicating this resource in the process of being deleted. Usually set to true when synchronous deletion of the resource would take too long.

description string

Description

domainOcid string

Oracle Cloud Infrastructure Domain Id (ocid) in which the resource lives.

enabled boolean

Set to true to indicate Partner enabled.

encryptionCertificate string

Encryption certificate

externalId string

An identifier for the Resource as defined by the Service Consumer. The externalId may simplify identification of the Resource between Service Consumer and Service Provider by allowing the Consumer to refer to the Resource with its own identifier, obviating the need to store a local mapping between the local identifier of the Resource and the identifier used by the Service Provider. Each Resource MAY include a non-empty externalId value. The value of the externalId attribute is always issued by the Service Consumer and can never be specified by the Service Provider. The Service Provider MUST always interpret the externalId as scoped to the Service Consumer's tenant.

iconUrl string

Identity Provider Icon URL.

id string

Unique identifier for the SCIM Resource as defined by the Service Provider. Each representation of the Resource MUST include a non-empty id value. This identifier MUST be unique across the Service Provider's entire set of Resources. It MUST be a stable, non-reassignable identifier that does not change when the same Resource is returned in subsequent requests. The value of the id attribute is always issued by the Service Provider and MUST never be specified by the Service Consumer. bulkId: is a reserved keyword and MUST NOT be used in the unique identifier.

idcsCreatedBies GetDomainsIdentityProviderIdcsCreatedBy[]

The User or App who created the Resource

idcsEndpoint string
idcsLastModifiedBies GetDomainsIdentityProviderIdcsLastModifiedBy[]

The User or App who modified the Resource

idcsLastUpgradedInRelease string

The release number when the resource was upgraded.

idcsPreventedOperations string[]

Each value of this attribute specifies an operation that only an internal client may perform on this particular resource.

identityProviderId string
idpSsoUrl string

Identity Provider SSO URL

includeSigningCertInSignature boolean

Set to true to include the signing certificate in the signature.

jitUserProvAssignedGroups GetDomainsIdentityProviderJitUserProvAssignedGroup[]

Refers to every group of which a JIT-provisioned User should be a member. Just-in-Time user-provisioning applies this static list when jitUserProvGroupStaticListEnabled:true.

jitUserProvAttributeUpdateEnabled boolean

Set to true to indicate JIT User Creation is enabled

jitUserProvAttributes GetDomainsIdentityProviderJitUserProvAttribute[]

Assertion To User Mapping

jitUserProvCreateUserEnabled boolean

Set to true to indicate JIT User Creation is enabled

jitUserProvEnabled boolean

Set to true to indicate JIT User Provisioning is enabled

jitUserProvGroupAssertionAttributeEnabled boolean

Set to true to indicate JIT User Provisioning Groups should be assigned based on assertion attribute

jitUserProvGroupAssignmentMethod string

The default value is 'Overwrite', which tells Just-In-Time user-provisioning to replace any current group-assignments for a User with those assigned by assertions and/or those assigned statically. Specify 'Merge' if you want Just-In-Time user-provisioning to combine its group-assignments with those the user already has.

jitUserProvGroupMappingMode string

Property to indicate the mode of group mapping

jitUserProvGroupMappings GetDomainsIdentityProviderJitUserProvGroupMapping[]

The list of mappings between the Identity Domain Group and the IDP group.

jitUserProvGroupSamlAttributeName string

Name of the assertion attribute containing the users groups

jitUserProvGroupStaticListEnabled boolean

Set to true to indicate JIT User Provisioning Groups should be assigned from a static list

jitUserProvIgnoreErrorOnAbsentGroups boolean

Set to true to indicate ignoring absence of group while provisioning

logoutBinding string

HTTP binding to use for logout.

logoutEnabled boolean

Set to true to enable logout.

logoutRequestUrl string

Logout request URL

logoutResponseUrl string

Logout response URL

metadata string

Metadata

metas GetDomainsIdentityProviderMeta[]

A complex attribute that contains resource metadata. All sub-attributes are OPTIONAL.

nameIdFormat string

Default authentication request name ID format.

ocid string

Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.

partnerName string

Unique name of the trusted Identity Provider.

partnerProviderId string

Provider ID

requestedAuthenticationContexts string[]

SAML SP authentication type.

requireForceAuthn boolean

This SP requires requests SAML IdP to enforce re-authentication.

requiresEncryptedAssertion boolean

SAML SP must accept encrypted assertion only.

samlHoKrequired boolean

SAML SP HoK Enabled.

schemas string[]

REQUIRED. The schemas attribute is an array of Strings which allows introspection of the supported schema version for a SCIM representation as well any schema extensions supported by that representation. Each String value must be a unique URI. This specification defines URIs for User, Group, and a standard "enterprise" extension. All representations of SCIM schema MUST include a non-zero value array with value(s) of the URIs supported by that representation. Duplicate values MUST NOT be included. Value order is not specified and MUST not impact behavior.

serviceInstanceIdentifier string

The serviceInstanceIdentifier of the App that hosts this IdP. This value will match the opcServiceInstanceGUID of any service-instance that the IdP represents.

shownOnLoginPage boolean

Set to true to indicate whether to show IdP in login page or not.

signatureHashAlgorithm string

Signature hash algorithm.

signingCertificate string

Signing certificate

succinctId string

Succinct ID

tags GetDomainsIdentityProviderTag[]

A list of tags on this resource.

tenancyOcid string

Oracle Cloud Infrastructure Tenant Id (ocid) in which the resource lives.

tenantProviderId string

The alternate Provider ID to be used as the Oracle Identity Cloud Service providerID (instead of the one in SamlSettings) when interacting with this IdP.

type string

Identity Provider Type

urnietfparamsscimschemasoracleidcsextensionsocialIdentityProviders GetDomainsIdentityProviderUrnietfparamsscimschemasoracleidcsextensionsocialIdentityProvider[]

Social Identity Provider Extension Schema

urnietfparamsscimschemasoracleidcsextensionx509identityProviders GetDomainsIdentityProviderUrnietfparamsscimschemasoracleidcsextensionx509identityProvider[]

X509 Identity Provider Extension Schema

userMappingMethod string

User mapping method.

userMappingStoreAttribute string

This property specifies the userstore attribute value that must match the incoming assertion attribute value or the incoming nameid attribute value in order to identify the user during SSO.You can construct the userMappingStoreAttribute value by specifying attributes from the Oracle Identity Cloud Service Core Users schema. For examples of how to construct the userMappingStoreAttribute value, see the Example of a Request Body section of the Examples tab for the POST and PUT methods of the /IdentityProviders endpoint.

attributeSets string[]
attributes string
authorization string
resourceTypeSchemaVersion string
assertion_attribute str

Assertion attribute name.

authn_request_binding str

HTTP binding to use for authentication requests.

compartment_ocid str

Oracle Cloud Infrastructure Compartment Id (ocid) in which the resource lives.

correlation_policies GetDomainsIdentityProviderCorrelationPolicy]

Correlation policy

delete_in_progress bool

A boolean flag indicating this resource in the process of being deleted. Usually set to true when synchronous deletion of the resource would take too long.

description str

Description

domain_ocid str

Oracle Cloud Infrastructure Domain Id (ocid) in which the resource lives.

enabled bool

Set to true to indicate Partner enabled.

encryption_certificate str

Encryption certificate

external_id str

An identifier for the Resource as defined by the Service Consumer. The externalId may simplify identification of the Resource between Service Consumer and Service Provider by allowing the Consumer to refer to the Resource with its own identifier, obviating the need to store a local mapping between the local identifier of the Resource and the identifier used by the Service Provider. Each Resource MAY include a non-empty externalId value. The value of the externalId attribute is always issued by the Service Consumer and can never be specified by the Service Provider. The Service Provider MUST always interpret the externalId as scoped to the Service Consumer's tenant.

icon_url str

Identity Provider Icon URL.

id str

Unique identifier for the SCIM Resource as defined by the Service Provider. Each representation of the Resource MUST include a non-empty id value. This identifier MUST be unique across the Service Provider's entire set of Resources. It MUST be a stable, non-reassignable identifier that does not change when the same Resource is returned in subsequent requests. The value of the id attribute is always issued by the Service Provider and MUST never be specified by the Service Consumer. bulkId: is a reserved keyword and MUST NOT be used in the unique identifier.

idcs_created_bies GetDomainsIdentityProviderIdcsCreatedBy]

The User or App who created the Resource

idcs_endpoint str
idcs_last_modified_bies GetDomainsIdentityProviderIdcsLastModifiedBy]

The User or App who modified the Resource

idcs_last_upgraded_in_release str

The release number when the resource was upgraded.

idcs_prevented_operations Sequence[str]

Each value of this attribute specifies an operation that only an internal client may perform on this particular resource.

identity_provider_id str
idp_sso_url str

Identity Provider SSO URL

include_signing_cert_in_signature bool

Set to true to include the signing certificate in the signature.

jit_user_prov_assigned_groups GetDomainsIdentityProviderJitUserProvAssignedGroup]

Refers to every group of which a JIT-provisioned User should be a member. Just-in-Time user-provisioning applies this static list when jitUserProvGroupStaticListEnabled:true.

jit_user_prov_attribute_update_enabled bool

Set to true to indicate JIT User Creation is enabled

jit_user_prov_attributes GetDomainsIdentityProviderJitUserProvAttribute]

Assertion To User Mapping

jit_user_prov_create_user_enabled bool

Set to true to indicate JIT User Creation is enabled

jit_user_prov_enabled bool

Set to true to indicate JIT User Provisioning is enabled

jit_user_prov_group_assertion_attribute_enabled bool

Set to true to indicate JIT User Provisioning Groups should be assigned based on assertion attribute

jit_user_prov_group_assignment_method str

The default value is 'Overwrite', which tells Just-In-Time user-provisioning to replace any current group-assignments for a User with those assigned by assertions and/or those assigned statically. Specify 'Merge' if you want Just-In-Time user-provisioning to combine its group-assignments with those the user already has.

jit_user_prov_group_mapping_mode str

Property to indicate the mode of group mapping

jit_user_prov_group_mappings GetDomainsIdentityProviderJitUserProvGroupMapping]

The list of mappings between the Identity Domain Group and the IDP group.

jit_user_prov_group_saml_attribute_name str

Name of the assertion attribute containing the users groups

jit_user_prov_group_static_list_enabled bool

Set to true to indicate JIT User Provisioning Groups should be assigned from a static list

jit_user_prov_ignore_error_on_absent_groups bool

Set to true to indicate ignoring absence of group while provisioning

logout_binding str

HTTP binding to use for logout.

logout_enabled bool

Set to true to enable logout.

logout_request_url str

Logout request URL

logout_response_url str

Logout response URL

metadata str

Metadata

metas GetDomainsIdentityProviderMeta]

A complex attribute that contains resource metadata. All sub-attributes are OPTIONAL.

name_id_format str

Default authentication request name ID format.

ocid str

Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.

partner_name str

Unique name of the trusted Identity Provider.

partner_provider_id str

Provider ID

requested_authentication_contexts Sequence[str]

SAML SP authentication type.

require_force_authn bool

This SP requires requests SAML IdP to enforce re-authentication.

requires_encrypted_assertion bool

SAML SP must accept encrypted assertion only.

saml_ho_krequired bool

SAML SP HoK Enabled.

schemas Sequence[str]

REQUIRED. The schemas attribute is an array of Strings which allows introspection of the supported schema version for a SCIM representation as well any schema extensions supported by that representation. Each String value must be a unique URI. This specification defines URIs for User, Group, and a standard "enterprise" extension. All representations of SCIM schema MUST include a non-zero value array with value(s) of the URIs supported by that representation. Duplicate values MUST NOT be included. Value order is not specified and MUST not impact behavior.

service_instance_identifier str

The serviceInstanceIdentifier of the App that hosts this IdP. This value will match the opcServiceInstanceGUID of any service-instance that the IdP represents.

shown_on_login_page bool

Set to true to indicate whether to show IdP in login page or not.

signature_hash_algorithm str

Signature hash algorithm.

signing_certificate str

Signing certificate

succinct_id str

Succinct ID

tags GetDomainsIdentityProviderTag]

A list of tags on this resource.

tenancy_ocid str

Oracle Cloud Infrastructure Tenant Id (ocid) in which the resource lives.

tenant_provider_id str

The alternate Provider ID to be used as the Oracle Identity Cloud Service providerID (instead of the one in SamlSettings) when interacting with this IdP.

type str

Identity Provider Type

urnietfparamsscimschemasoracleidcsextensionsocial_identity_providers GetDomainsIdentityProviderUrnietfparamsscimschemasoracleidcsextensionsocialIdentityProvider]

Social Identity Provider Extension Schema

urnietfparamsscimschemasoracleidcsextensionx509identity_providers GetDomainsIdentityProviderUrnietfparamsscimschemasoracleidcsextensionx509identityProvider]

X509 Identity Provider Extension Schema

user_mapping_method str

User mapping method.

user_mapping_store_attribute str

This property specifies the userstore attribute value that must match the incoming assertion attribute value or the incoming nameid attribute value in order to identify the user during SSO.You can construct the userMappingStoreAttribute value by specifying attributes from the Oracle Identity Cloud Service Core Users schema. For examples of how to construct the userMappingStoreAttribute value, see the Example of a Request Body section of the Examples tab for the POST and PUT methods of the /IdentityProviders endpoint.

attribute_sets Sequence[str]
attributes str
authorization str
resource_type_schema_version str
assertionAttribute String

Assertion attribute name.

authnRequestBinding String

HTTP binding to use for authentication requests.

compartmentOcid String

Oracle Cloud Infrastructure Compartment Id (ocid) in which the resource lives.

correlationPolicies List<Property Map>

Correlation policy

deleteInProgress Boolean

A boolean flag indicating this resource in the process of being deleted. Usually set to true when synchronous deletion of the resource would take too long.

description String

Description

domainOcid String

Oracle Cloud Infrastructure Domain Id (ocid) in which the resource lives.

enabled Boolean

Set to true to indicate Partner enabled.

encryptionCertificate String

Encryption certificate

externalId String

An identifier for the Resource as defined by the Service Consumer. The externalId may simplify identification of the Resource between Service Consumer and Service Provider by allowing the Consumer to refer to the Resource with its own identifier, obviating the need to store a local mapping between the local identifier of the Resource and the identifier used by the Service Provider. Each Resource MAY include a non-empty externalId value. The value of the externalId attribute is always issued by the Service Consumer and can never be specified by the Service Provider. The Service Provider MUST always interpret the externalId as scoped to the Service Consumer's tenant.

iconUrl String

Identity Provider Icon URL.

id String

Unique identifier for the SCIM Resource as defined by the Service Provider. Each representation of the Resource MUST include a non-empty id value. This identifier MUST be unique across the Service Provider's entire set of Resources. It MUST be a stable, non-reassignable identifier that does not change when the same Resource is returned in subsequent requests. The value of the id attribute is always issued by the Service Provider and MUST never be specified by the Service Consumer. bulkId: is a reserved keyword and MUST NOT be used in the unique identifier.

idcsCreatedBies List<Property Map>

The User or App who created the Resource

idcsEndpoint String
idcsLastModifiedBies List<Property Map>

The User or App who modified the Resource

idcsLastUpgradedInRelease String

The release number when the resource was upgraded.

idcsPreventedOperations List<String>

Each value of this attribute specifies an operation that only an internal client may perform on this particular resource.

identityProviderId String
idpSsoUrl String

Identity Provider SSO URL

includeSigningCertInSignature Boolean

Set to true to include the signing certificate in the signature.

jitUserProvAssignedGroups List<Property Map>

Refers to every group of which a JIT-provisioned User should be a member. Just-in-Time user-provisioning applies this static list when jitUserProvGroupStaticListEnabled:true.

jitUserProvAttributeUpdateEnabled Boolean

Set to true to indicate JIT User Creation is enabled

jitUserProvAttributes List<Property Map>

Assertion To User Mapping

jitUserProvCreateUserEnabled Boolean

Set to true to indicate JIT User Creation is enabled

jitUserProvEnabled Boolean

Set to true to indicate JIT User Provisioning is enabled

jitUserProvGroupAssertionAttributeEnabled Boolean

Set to true to indicate JIT User Provisioning Groups should be assigned based on assertion attribute

jitUserProvGroupAssignmentMethod String

The default value is 'Overwrite', which tells Just-In-Time user-provisioning to replace any current group-assignments for a User with those assigned by assertions and/or those assigned statically. Specify 'Merge' if you want Just-In-Time user-provisioning to combine its group-assignments with those the user already has.

jitUserProvGroupMappingMode String

Property to indicate the mode of group mapping

jitUserProvGroupMappings List<Property Map>

The list of mappings between the Identity Domain Group and the IDP group.

jitUserProvGroupSamlAttributeName String

Name of the assertion attribute containing the users groups

jitUserProvGroupStaticListEnabled Boolean

Set to true to indicate JIT User Provisioning Groups should be assigned from a static list

jitUserProvIgnoreErrorOnAbsentGroups Boolean

Set to true to indicate ignoring absence of group while provisioning

logoutBinding String

HTTP binding to use for logout.

logoutEnabled Boolean

Set to true to enable logout.

logoutRequestUrl String

Logout request URL

logoutResponseUrl String

Logout response URL

metadata String

Metadata

metas List<Property Map>

A complex attribute that contains resource metadata. All sub-attributes are OPTIONAL.

nameIdFormat String

Default authentication request name ID format.

ocid String

Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.

partnerName String

Unique name of the trusted Identity Provider.

partnerProviderId String

Provider ID

requestedAuthenticationContexts List<String>

SAML SP authentication type.

requireForceAuthn Boolean

This SP requires requests SAML IdP to enforce re-authentication.

requiresEncryptedAssertion Boolean

SAML SP must accept encrypted assertion only.

samlHoKrequired Boolean

SAML SP HoK Enabled.

schemas List<String>

REQUIRED. The schemas attribute is an array of Strings which allows introspection of the supported schema version for a SCIM representation as well any schema extensions supported by that representation. Each String value must be a unique URI. This specification defines URIs for User, Group, and a standard "enterprise" extension. All representations of SCIM schema MUST include a non-zero value array with value(s) of the URIs supported by that representation. Duplicate values MUST NOT be included. Value order is not specified and MUST not impact behavior.

serviceInstanceIdentifier String

The serviceInstanceIdentifier of the App that hosts this IdP. This value will match the opcServiceInstanceGUID of any service-instance that the IdP represents.

shownOnLoginPage Boolean

Set to true to indicate whether to show IdP in login page or not.

signatureHashAlgorithm String

Signature hash algorithm.

signingCertificate String

Signing certificate

succinctId String

Succinct ID

tags List<Property Map>

A list of tags on this resource.

tenancyOcid String

Oracle Cloud Infrastructure Tenant Id (ocid) in which the resource lives.

tenantProviderId String

The alternate Provider ID to be used as the Oracle Identity Cloud Service providerID (instead of the one in SamlSettings) when interacting with this IdP.

type String

Identity Provider Type

urnietfparamsscimschemasoracleidcsextensionsocialIdentityProviders List<Property Map>

Social Identity Provider Extension Schema

urnietfparamsscimschemasoracleidcsextensionx509identityProviders List<Property Map>

X509 Identity Provider Extension Schema

userMappingMethod String

User mapping method.

userMappingStoreAttribute String

This property specifies the userstore attribute value that must match the incoming assertion attribute value or the incoming nameid attribute value in order to identify the user during SSO.You can construct the userMappingStoreAttribute value by specifying attributes from the Oracle Identity Cloud Service Core Users schema. For examples of how to construct the userMappingStoreAttribute value, see the Example of a Request Body section of the Examples tab for the POST and PUT methods of the /IdentityProviders endpoint.

attributeSets List<String>
attributes String
authorization String
resourceTypeSchemaVersion String

Supporting Types

GetDomainsIdentityProviderCorrelationPolicy

Display string

A human readable name, primarily used for display purposes. READ-ONLY.

Ref string

Group URI

Type string

Identity Provider Type

Value string

Value of the tag.

Display string

A human readable name, primarily used for display purposes. READ-ONLY.

Ref string

Group URI

Type string

Identity Provider Type

Value string

Value of the tag.

display String

A human readable name, primarily used for display purposes. READ-ONLY.

ref String

Group URI

type String

Identity Provider Type

value String

Value of the tag.

display string

A human readable name, primarily used for display purposes. READ-ONLY.

ref string

Group URI

type string

Identity Provider Type

value string

Value of the tag.

display str

A human readable name, primarily used for display purposes. READ-ONLY.

ref str

Group URI

type str

Identity Provider Type

value str

Value of the tag.

display String

A human readable name, primarily used for display purposes. READ-ONLY.

ref String

Group URI

type String

Identity Provider Type

value String

Value of the tag.

GetDomainsIdentityProviderIdcsCreatedBy

Display string

A human readable name, primarily used for display purposes. READ-ONLY.

Ocid string

Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.

Ref string

Group URI

Type string

Identity Provider Type

Value string

Value of the tag.

Display string

A human readable name, primarily used for display purposes. READ-ONLY.

Ocid string

Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.

Ref string

Group URI

Type string

Identity Provider Type

Value string

Value of the tag.

display String

A human readable name, primarily used for display purposes. READ-ONLY.

ocid String

Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.

ref String

Group URI

type String

Identity Provider Type

value String

Value of the tag.

display string

A human readable name, primarily used for display purposes. READ-ONLY.

ocid string

Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.

ref string

Group URI

type string

Identity Provider Type

value string

Value of the tag.

display str

A human readable name, primarily used for display purposes. READ-ONLY.

ocid str

Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.

ref str

Group URI

type str

Identity Provider Type

value str

Value of the tag.

display String

A human readable name, primarily used for display purposes. READ-ONLY.

ocid String

Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.

ref String

Group URI

type String

Identity Provider Type

value String

Value of the tag.

GetDomainsIdentityProviderIdcsLastModifiedBy

Display string

A human readable name, primarily used for display purposes. READ-ONLY.

Ocid string

Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.

Ref string

Group URI

Type string

Identity Provider Type

Value string

Value of the tag.

Display string

A human readable name, primarily used for display purposes. READ-ONLY.

Ocid string

Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.

Ref string

Group URI

Type string

Identity Provider Type

Value string

Value of the tag.

display String

A human readable name, primarily used for display purposes. READ-ONLY.

ocid String

Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.

ref String

Group URI

type String

Identity Provider Type

value String

Value of the tag.

display string

A human readable name, primarily used for display purposes. READ-ONLY.

ocid string

Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.

ref string

Group URI

type string

Identity Provider Type

value string

Value of the tag.

display str

A human readable name, primarily used for display purposes. READ-ONLY.

ocid str

Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.

ref str

Group URI

type str

Identity Provider Type

value str

Value of the tag.

display String

A human readable name, primarily used for display purposes. READ-ONLY.

ocid String

Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.

ref String

Group URI

type String

Identity Provider Type

value String

Value of the tag.

GetDomainsIdentityProviderJitUserProvAssignedGroup

Display string

A human readable name, primarily used for display purposes. READ-ONLY.

Ref string

Group URI

Value string

Value of the tag.

Display string

A human readable name, primarily used for display purposes. READ-ONLY.

Ref string

Group URI

Value string

Value of the tag.

display String

A human readable name, primarily used for display purposes. READ-ONLY.

ref String

Group URI

value String

Value of the tag.

display string

A human readable name, primarily used for display purposes. READ-ONLY.

ref string

Group URI

value string

Value of the tag.

display str

A human readable name, primarily used for display purposes. READ-ONLY.

ref str

Group URI

value str

Value of the tag.

display String

A human readable name, primarily used for display purposes. READ-ONLY.

ref String

Group URI

value String

Value of the tag.

GetDomainsIdentityProviderJitUserProvAttribute

Ref string

Group URI

Value string

Value of the tag.

Ref string

Group URI

Value string

Value of the tag.

ref String

Group URI

value String

Value of the tag.

ref string

Group URI

value string

Value of the tag.

ref str

Group URI

value str

Value of the tag.

ref String

Group URI

value String

Value of the tag.

GetDomainsIdentityProviderJitUserProvGroupMapping

IdpGroup string

IDP Group Name

Ref string

Group URI

Value string

Value of the tag.

IdpGroup string

IDP Group Name

Ref string

Group URI

Value string

Value of the tag.

idpGroup String

IDP Group Name

ref String

Group URI

value String

Value of the tag.

idpGroup string

IDP Group Name

ref string

Group URI

value string

Value of the tag.

idp_group str

IDP Group Name

ref str

Group URI

value str

Value of the tag.

idpGroup String

IDP Group Name

ref String

Group URI

value String

Value of the tag.

GetDomainsIdentityProviderMeta

Created string

The DateTime the Resource was added to the Service Provider

LastModified string

The most recent DateTime that the details of this Resource were updated at the Service Provider. If this Resource has never been modified since its initial creation, the value MUST be the same as the value of created. The attribute MUST be a DateTime.

Location string

The URI of the Resource being returned. This value MUST be the same as the Location HTTP response header.

ResourceType string

Name of the resource type of the resource--for example, Users or Groups

Version string

The version of the Resource being returned. This value must be the same as the ETag HTTP response header.

Created string

The DateTime the Resource was added to the Service Provider

LastModified string

The most recent DateTime that the details of this Resource were updated at the Service Provider. If this Resource has never been modified since its initial creation, the value MUST be the same as the value of created. The attribute MUST be a DateTime.

Location string

The URI of the Resource being returned. This value MUST be the same as the Location HTTP response header.

ResourceType string

Name of the resource type of the resource--for example, Users or Groups

Version string

The version of the Resource being returned. This value must be the same as the ETag HTTP response header.

created String

The DateTime the Resource was added to the Service Provider

lastModified String

The most recent DateTime that the details of this Resource were updated at the Service Provider. If this Resource has never been modified since its initial creation, the value MUST be the same as the value of created. The attribute MUST be a DateTime.

location String

The URI of the Resource being returned. This value MUST be the same as the Location HTTP response header.

resourceType String

Name of the resource type of the resource--for example, Users or Groups

version String

The version of the Resource being returned. This value must be the same as the ETag HTTP response header.

created string

The DateTime the Resource was added to the Service Provider

lastModified string

The most recent DateTime that the details of this Resource were updated at the Service Provider. If this Resource has never been modified since its initial creation, the value MUST be the same as the value of created. The attribute MUST be a DateTime.

location string

The URI of the Resource being returned. This value MUST be the same as the Location HTTP response header.

resourceType string

Name of the resource type of the resource--for example, Users or Groups

version string

The version of the Resource being returned. This value must be the same as the ETag HTTP response header.

created str

The DateTime the Resource was added to the Service Provider

last_modified str

The most recent DateTime that the details of this Resource were updated at the Service Provider. If this Resource has never been modified since its initial creation, the value MUST be the same as the value of created. The attribute MUST be a DateTime.

location str

The URI of the Resource being returned. This value MUST be the same as the Location HTTP response header.

resource_type str

Name of the resource type of the resource--for example, Users or Groups

version str

The version of the Resource being returned. This value must be the same as the ETag HTTP response header.

created String

The DateTime the Resource was added to the Service Provider

lastModified String

The most recent DateTime that the details of this Resource were updated at the Service Provider. If this Resource has never been modified since its initial creation, the value MUST be the same as the value of created. The attribute MUST be a DateTime.

location String

The URI of the Resource being returned. This value MUST be the same as the Location HTTP response header.

resourceType String

Name of the resource type of the resource--for example, Users or Groups

version String

The version of the Resource being returned. This value must be the same as the ETag HTTP response header.

GetDomainsIdentityProviderTag

Key string

Key or name of the tag.

Value string

Value of the tag.

Key string

Key or name of the tag.

Value string

Value of the tag.

key String

Key or name of the tag.

value String

Value of the tag.

key string

Key or name of the tag.

value string

Value of the tag.

key str

Key or name of the tag.

value str

Value of the tag.

key String

Key or name of the tag.

value String

Value of the tag.

GetDomainsIdentityProviderUrnietfparamsscimschemasoracleidcsextensionsocialIdentityProvider

AccessTokenUrl string

Social IDP Access token URL

AccountLinkingEnabled bool

Whether account linking is enabled

AdminScopes List<string>

Admin scope to request

AuthzUrl string

Social IDP Authorization URL

ClientCredentialInPayload bool

Whether the client credential is contained in payload

ClockSkewInSeconds int

Social IDP allowed clock skew time

ConsumerKey string

Social IDP Client Application Client ID

ConsumerSecret string

Social IDP Client Application Client Secret

DiscoveryUrl string

Discovery URL

IdAttribute string

Id attribute used for account linking

ProfileUrl string

Social IDP User profile URL

RedirectUrl string

redirect URL for social idp

RegistrationEnabled bool

Whether registration is enabled

Scopes List<string>

Scope to request

ServiceProviderName string

Service Provider Name

Status string

Status

AccessTokenUrl string

Social IDP Access token URL

AccountLinkingEnabled bool

Whether account linking is enabled

AdminScopes []string

Admin scope to request

AuthzUrl string

Social IDP Authorization URL

ClientCredentialInPayload bool

Whether the client credential is contained in payload

ClockSkewInSeconds int

Social IDP allowed clock skew time

ConsumerKey string

Social IDP Client Application Client ID

ConsumerSecret string

Social IDP Client Application Client Secret

DiscoveryUrl string

Discovery URL

IdAttribute string

Id attribute used for account linking

ProfileUrl string

Social IDP User profile URL

RedirectUrl string

redirect URL for social idp

RegistrationEnabled bool

Whether registration is enabled

Scopes []string

Scope to request

ServiceProviderName string

Service Provider Name

Status string

Status

accessTokenUrl String

Social IDP Access token URL

accountLinkingEnabled Boolean

Whether account linking is enabled

adminScopes List<String>

Admin scope to request

authzUrl String

Social IDP Authorization URL

clientCredentialInPayload Boolean

Whether the client credential is contained in payload

clockSkewInSeconds Integer

Social IDP allowed clock skew time

consumerKey String

Social IDP Client Application Client ID

consumerSecret String

Social IDP Client Application Client Secret

discoveryUrl String

Discovery URL

idAttribute String

Id attribute used for account linking

profileUrl String

Social IDP User profile URL

redirectUrl String

redirect URL for social idp

registrationEnabled Boolean

Whether registration is enabled

scopes List<String>

Scope to request

serviceProviderName String

Service Provider Name

status String

Status

accessTokenUrl string

Social IDP Access token URL

accountLinkingEnabled boolean

Whether account linking is enabled

adminScopes string[]

Admin scope to request

authzUrl string

Social IDP Authorization URL

clientCredentialInPayload boolean

Whether the client credential is contained in payload

clockSkewInSeconds number

Social IDP allowed clock skew time

consumerKey string

Social IDP Client Application Client ID

consumerSecret string

Social IDP Client Application Client Secret

discoveryUrl string

Discovery URL

idAttribute string

Id attribute used for account linking

profileUrl string

Social IDP User profile URL

redirectUrl string

redirect URL for social idp

registrationEnabled boolean

Whether registration is enabled

scopes string[]

Scope to request

serviceProviderName string

Service Provider Name

status string

Status

access_token_url str

Social IDP Access token URL

account_linking_enabled bool

Whether account linking is enabled

admin_scopes Sequence[str]

Admin scope to request

authz_url str

Social IDP Authorization URL

client_credential_in_payload bool

Whether the client credential is contained in payload

clock_skew_in_seconds int

Social IDP allowed clock skew time

consumer_key str

Social IDP Client Application Client ID

consumer_secret str

Social IDP Client Application Client Secret

discovery_url str

Discovery URL

id_attribute str

Id attribute used for account linking

profile_url str

Social IDP User profile URL

redirect_url str

redirect URL for social idp

registration_enabled bool

Whether registration is enabled

scopes Sequence[str]

Scope to request

service_provider_name str

Service Provider Name

status str

Status

accessTokenUrl String

Social IDP Access token URL

accountLinkingEnabled Boolean

Whether account linking is enabled

adminScopes List<String>

Admin scope to request

authzUrl String

Social IDP Authorization URL

clientCredentialInPayload Boolean

Whether the client credential is contained in payload

clockSkewInSeconds Number

Social IDP allowed clock skew time

consumerKey String

Social IDP Client Application Client ID

consumerSecret String

Social IDP Client Application Client Secret

discoveryUrl String

Discovery URL

idAttribute String

Id attribute used for account linking

profileUrl String

Social IDP User profile URL

redirectUrl String

redirect URL for social idp

registrationEnabled Boolean

Whether registration is enabled

scopes List<String>

Scope to request

serviceProviderName String

Service Provider Name

status String

Status

GetDomainsIdentityProviderUrnietfparamsscimschemasoracleidcsextensionx509identityProvider

CertMatchAttribute string

X509 Certificate Matching Attribute

CrlCheckOnOcspFailureEnabled bool

Fallback on CRL Validation if OCSP fails.

CrlEnabled bool

Set to true to enable CRL Validation

CrlLocation string

CRL Location URL

CrlReloadDuration int

Fetch the CRL contents every X minutes

OcspAllowUnknownResponseStatus bool

Allow access if OCSP response is UNKNOWN or OCSP Responder does not respond within the timeout duration

OcspEnableSignedResponse bool

Describes if the OCSP response is signed

OcspEnabled bool

Set to true to enable OCSP Validation

OcspResponderUrl string

This property specifies OCSP Responder URL.

OcspRevalidateTime int

Revalidate OCSP status for user after X hours

OcspServerName string

This property specifies the OCSP Server alias name

OcspTrustCertChains List<string>

OCSP Trusted Certificate Chain

OtherCertMatchAttribute string

Check for specific conditions of other certificate attributes

SigningCertificateChains List<string>

Certificate alias list to create a chain for the incoming client certificate

UserMatchAttribute string

This property specifies the userstore attribute value that must match the incoming certificate attribute.

CertMatchAttribute string

X509 Certificate Matching Attribute

CrlCheckOnOcspFailureEnabled bool

Fallback on CRL Validation if OCSP fails.

CrlEnabled bool

Set to true to enable CRL Validation

CrlLocation string

CRL Location URL

CrlReloadDuration int

Fetch the CRL contents every X minutes

OcspAllowUnknownResponseStatus bool

Allow access if OCSP response is UNKNOWN or OCSP Responder does not respond within the timeout duration

OcspEnableSignedResponse bool

Describes if the OCSP response is signed

OcspEnabled bool

Set to true to enable OCSP Validation

OcspResponderUrl string

This property specifies OCSP Responder URL.

OcspRevalidateTime int

Revalidate OCSP status for user after X hours

OcspServerName string

This property specifies the OCSP Server alias name

OcspTrustCertChains []string

OCSP Trusted Certificate Chain

OtherCertMatchAttribute string

Check for specific conditions of other certificate attributes

SigningCertificateChains []string

Certificate alias list to create a chain for the incoming client certificate

UserMatchAttribute string

This property specifies the userstore attribute value that must match the incoming certificate attribute.

certMatchAttribute String

X509 Certificate Matching Attribute

crlCheckOnOcspFailureEnabled Boolean

Fallback on CRL Validation if OCSP fails.

crlEnabled Boolean

Set to true to enable CRL Validation

crlLocation String

CRL Location URL

crlReloadDuration Integer

Fetch the CRL contents every X minutes

ocspAllowUnknownResponseStatus Boolean

Allow access if OCSP response is UNKNOWN or OCSP Responder does not respond within the timeout duration

ocspEnableSignedResponse Boolean

Describes if the OCSP response is signed

ocspEnabled Boolean

Set to true to enable OCSP Validation

ocspResponderUrl String

This property specifies OCSP Responder URL.

ocspRevalidateTime Integer

Revalidate OCSP status for user after X hours

ocspServerName String

This property specifies the OCSP Server alias name

ocspTrustCertChains List<String>

OCSP Trusted Certificate Chain

otherCertMatchAttribute String

Check for specific conditions of other certificate attributes

signingCertificateChains List<String>

Certificate alias list to create a chain for the incoming client certificate

userMatchAttribute String

This property specifies the userstore attribute value that must match the incoming certificate attribute.

certMatchAttribute string

X509 Certificate Matching Attribute

crlCheckOnOcspFailureEnabled boolean

Fallback on CRL Validation if OCSP fails.

crlEnabled boolean

Set to true to enable CRL Validation

crlLocation string

CRL Location URL

crlReloadDuration number

Fetch the CRL contents every X minutes

ocspAllowUnknownResponseStatus boolean

Allow access if OCSP response is UNKNOWN or OCSP Responder does not respond within the timeout duration

ocspEnableSignedResponse boolean

Describes if the OCSP response is signed

ocspEnabled boolean

Set to true to enable OCSP Validation

ocspResponderUrl string

This property specifies OCSP Responder URL.

ocspRevalidateTime number

Revalidate OCSP status for user after X hours

ocspServerName string

This property specifies the OCSP Server alias name

ocspTrustCertChains string[]

OCSP Trusted Certificate Chain

otherCertMatchAttribute string

Check for specific conditions of other certificate attributes

signingCertificateChains string[]

Certificate alias list to create a chain for the incoming client certificate

userMatchAttribute string

This property specifies the userstore attribute value that must match the incoming certificate attribute.

cert_match_attribute str

X509 Certificate Matching Attribute

crl_check_on_ocsp_failure_enabled bool

Fallback on CRL Validation if OCSP fails.

crl_enabled bool

Set to true to enable CRL Validation

crl_location str

CRL Location URL

crl_reload_duration int

Fetch the CRL contents every X minutes

ocsp_allow_unknown_response_status bool

Allow access if OCSP response is UNKNOWN or OCSP Responder does not respond within the timeout duration

ocsp_enable_signed_response bool

Describes if the OCSP response is signed

ocsp_enabled bool

Set to true to enable OCSP Validation

ocsp_responder_url str

This property specifies OCSP Responder URL.

ocsp_revalidate_time int

Revalidate OCSP status for user after X hours

ocsp_server_name str

This property specifies the OCSP Server alias name

ocsp_trust_cert_chains Sequence[str]

OCSP Trusted Certificate Chain

other_cert_match_attribute str

Check for specific conditions of other certificate attributes

signing_certificate_chains Sequence[str]

Certificate alias list to create a chain for the incoming client certificate

user_match_attribute str

This property specifies the userstore attribute value that must match the incoming certificate attribute.

certMatchAttribute String

X509 Certificate Matching Attribute

crlCheckOnOcspFailureEnabled Boolean

Fallback on CRL Validation if OCSP fails.

crlEnabled Boolean

Set to true to enable CRL Validation

crlLocation String

CRL Location URL

crlReloadDuration Number

Fetch the CRL contents every X minutes

ocspAllowUnknownResponseStatus Boolean

Allow access if OCSP response is UNKNOWN or OCSP Responder does not respond within the timeout duration

ocspEnableSignedResponse Boolean

Describes if the OCSP response is signed

ocspEnabled Boolean

Set to true to enable OCSP Validation

ocspResponderUrl String

This property specifies OCSP Responder URL.

ocspRevalidateTime Number

Revalidate OCSP status for user after X hours

ocspServerName String

This property specifies the OCSP Server alias name

ocspTrustCertChains List<String>

OCSP Trusted Certificate Chain

otherCertMatchAttribute String

Check for specific conditions of other certificate attributes

signingCertificateChains List<String>

Certificate alias list to create a chain for the incoming client certificate

userMatchAttribute String

This property specifies the userstore attribute value that must match the incoming certificate attribute.

Package Details

Repository
oci pulumi/pulumi-oci
License
Apache-2.0
Notes

This Pulumi package is based on the oci Terraform Provider.