1. Packages
  2. Oracle Cloud Infrastructure
  3. API Docs
  4. Identity
  5. getDomainsIdentityProvider
Oracle Cloud Infrastructure v1.29.0 published on Thursday, Mar 28, 2024 by Pulumi

oci.Identity.getDomainsIdentityProvider

Explore with Pulumi AI

oci logo
Oracle Cloud Infrastructure v1.29.0 published on Thursday, Mar 28, 2024 by Pulumi

    This data source provides details about a specific Identity Provider resource in Oracle Cloud Infrastructure Identity Domains service.

    Get an Identity Provider

    Example Usage

    import * as pulumi from "@pulumi/pulumi";
    import * as oci from "@pulumi/oci";
    
    const testIdentityProvider = oci.Identity.getDomainsIdentityProvider({
        idcsEndpoint: data.oci_identity_domain.test_domain.url,
        identityProviderId: oci_identity_identity_provider.test_identity_provider.id,
        attributeSets: [],
        attributes: "",
        authorization: _var.identity_provider_authorization,
        resourceTypeSchemaVersion: _var.identity_provider_resource_type_schema_version,
    });
    
    import pulumi
    import pulumi_oci as oci
    
    test_identity_provider = oci.Identity.get_domains_identity_provider(idcs_endpoint=data["oci_identity_domain"]["test_domain"]["url"],
        identity_provider_id=oci_identity_identity_provider["test_identity_provider"]["id"],
        attribute_sets=[],
        attributes="",
        authorization=var["identity_provider_authorization"],
        resource_type_schema_version=var["identity_provider_resource_type_schema_version"])
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-oci/sdk/go/oci/Identity"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		_, err := Identity.GetDomainsIdentityProvider(ctx, &identity.GetDomainsIdentityProviderArgs{
    			IdcsEndpoint:              data.Oci_identity_domain.Test_domain.Url,
    			IdentityProviderId:        oci_identity_identity_provider.Test_identity_provider.Id,
    			AttributeSets:             []interface{}{},
    			Attributes:                pulumi.StringRef(""),
    			Authorization:             pulumi.StringRef(_var.Identity_provider_authorization),
    			ResourceTypeSchemaVersion: pulumi.StringRef(_var.Identity_provider_resource_type_schema_version),
    		}, nil)
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Oci = Pulumi.Oci;
    
    return await Deployment.RunAsync(() => 
    {
        var testIdentityProvider = Oci.Identity.GetDomainsIdentityProvider.Invoke(new()
        {
            IdcsEndpoint = data.Oci_identity_domain.Test_domain.Url,
            IdentityProviderId = oci_identity_identity_provider.Test_identity_provider.Id,
            AttributeSets = new() { },
            Attributes = "",
            Authorization = @var.Identity_provider_authorization,
            ResourceTypeSchemaVersion = @var.Identity_provider_resource_type_schema_version,
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.oci.Identity.IdentityFunctions;
    import com.pulumi.oci.Identity.inputs.GetDomainsIdentityProviderArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            final var testIdentityProvider = IdentityFunctions.getDomainsIdentityProvider(GetDomainsIdentityProviderArgs.builder()
                .idcsEndpoint(data.oci_identity_domain().test_domain().url())
                .identityProviderId(oci_identity_identity_provider.test_identity_provider().id())
                .attributeSets()
                .attributes("")
                .authorization(var_.identity_provider_authorization())
                .resourceTypeSchemaVersion(var_.identity_provider_resource_type_schema_version())
                .build());
    
        }
    }
    
    variables:
      testIdentityProvider:
        fn::invoke:
          Function: oci:Identity:getDomainsIdentityProvider
          Arguments:
            idcsEndpoint: ${data.oci_identity_domain.test_domain.url}
            identityProviderId: ${oci_identity_identity_provider.test_identity_provider.id}
            attributeSets: []
            attributes:
            authorization: ${var.identity_provider_authorization}
            resourceTypeSchemaVersion: ${var.identity_provider_resource_type_schema_version}
    

    Using getDomainsIdentityProvider

    Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.

    function getDomainsIdentityProvider(args: GetDomainsIdentityProviderArgs, opts?: InvokeOptions): Promise<GetDomainsIdentityProviderResult>
    function getDomainsIdentityProviderOutput(args: GetDomainsIdentityProviderOutputArgs, opts?: InvokeOptions): Output<GetDomainsIdentityProviderResult>
    def get_domains_identity_provider(attribute_sets: Optional[Sequence[str]] = None,
                                      attributes: Optional[str] = None,
                                      authorization: Optional[str] = None,
                                      idcs_endpoint: Optional[str] = None,
                                      identity_provider_id: Optional[str] = None,
                                      resource_type_schema_version: Optional[str] = None,
                                      opts: Optional[InvokeOptions] = None) -> GetDomainsIdentityProviderResult
    def get_domains_identity_provider_output(attribute_sets: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
                                      attributes: Optional[pulumi.Input[str]] = None,
                                      authorization: Optional[pulumi.Input[str]] = None,
                                      idcs_endpoint: Optional[pulumi.Input[str]] = None,
                                      identity_provider_id: Optional[pulumi.Input[str]] = None,
                                      resource_type_schema_version: Optional[pulumi.Input[str]] = None,
                                      opts: Optional[InvokeOptions] = None) -> Output[GetDomainsIdentityProviderResult]
    func GetDomainsIdentityProvider(ctx *Context, args *GetDomainsIdentityProviderArgs, opts ...InvokeOption) (*GetDomainsIdentityProviderResult, error)
    func GetDomainsIdentityProviderOutput(ctx *Context, args *GetDomainsIdentityProviderOutputArgs, opts ...InvokeOption) GetDomainsIdentityProviderResultOutput

    > Note: This function is named GetDomainsIdentityProvider in the Go SDK.

    public static class GetDomainsIdentityProvider 
    {
        public static Task<GetDomainsIdentityProviderResult> InvokeAsync(GetDomainsIdentityProviderArgs args, InvokeOptions? opts = null)
        public static Output<GetDomainsIdentityProviderResult> Invoke(GetDomainsIdentityProviderInvokeArgs args, InvokeOptions? opts = null)
    }
    public static CompletableFuture<GetDomainsIdentityProviderResult> getDomainsIdentityProvider(GetDomainsIdentityProviderArgs args, InvokeOptions options)
    // Output-based functions aren't available in Java yet
    
    fn::invoke:
      function: oci:Identity/getDomainsIdentityProvider:getDomainsIdentityProvider
      arguments:
        # arguments dictionary

    The following arguments are supported:

    IdcsEndpoint string
    The basic endpoint for the identity domain
    IdentityProviderId string
    ID of the resource
    AttributeSets List<string>
    A multi-valued list of strings indicating the return type of attribute definition. The specified set of attributes can be fetched by the return type of the attribute. One or more values can be given together to fetch more than one group of attributes. If 'attributes' query parameter is also available, union of the two is fetched. Valid values - all, always, never, request, default. Values are case-insensitive.
    Attributes string
    A comma-delimited string that specifies the names of resource attributes that should be returned in the response. By default, a response that contains resource attributes contains only attributes that are defined in the schema for that resource type as returned=always or returned=default. An attribute that is defined as returned=request is returned in a response only if the request specifies its name in the value of this query parameter. If a request specifies this query parameter, the response contains the attributes that this query parameter specifies, as well as any attribute that is defined as returned=always.
    Authorization string
    The Authorization field value consists of credentials containing the authentication information of the user agent for the realm of the resource being requested.
    ResourceTypeSchemaVersion string
    An endpoint-specific schema version number to use in the Request. Allowed version values are Earliest Version or Latest Version as specified in each REST API endpoint description, or any sequential number inbetween. All schema attributes/body parameters are a part of version 1. After version 1, any attributes added or deprecated will be tagged with the version that they were added to or deprecated in. If no version is provided, the latest schema version is returned.
    IdcsEndpoint string
    The basic endpoint for the identity domain
    IdentityProviderId string
    ID of the resource
    AttributeSets []string
    A multi-valued list of strings indicating the return type of attribute definition. The specified set of attributes can be fetched by the return type of the attribute. One or more values can be given together to fetch more than one group of attributes. If 'attributes' query parameter is also available, union of the two is fetched. Valid values - all, always, never, request, default. Values are case-insensitive.
    Attributes string
    A comma-delimited string that specifies the names of resource attributes that should be returned in the response. By default, a response that contains resource attributes contains only attributes that are defined in the schema for that resource type as returned=always or returned=default. An attribute that is defined as returned=request is returned in a response only if the request specifies its name in the value of this query parameter. If a request specifies this query parameter, the response contains the attributes that this query parameter specifies, as well as any attribute that is defined as returned=always.
    Authorization string
    The Authorization field value consists of credentials containing the authentication information of the user agent for the realm of the resource being requested.
    ResourceTypeSchemaVersion string
    An endpoint-specific schema version number to use in the Request. Allowed version values are Earliest Version or Latest Version as specified in each REST API endpoint description, or any sequential number inbetween. All schema attributes/body parameters are a part of version 1. After version 1, any attributes added or deprecated will be tagged with the version that they were added to or deprecated in. If no version is provided, the latest schema version is returned.
    idcsEndpoint String
    The basic endpoint for the identity domain
    identityProviderId String
    ID of the resource
    attributeSets List<String>
    A multi-valued list of strings indicating the return type of attribute definition. The specified set of attributes can be fetched by the return type of the attribute. One or more values can be given together to fetch more than one group of attributes. If 'attributes' query parameter is also available, union of the two is fetched. Valid values - all, always, never, request, default. Values are case-insensitive.
    attributes String
    A comma-delimited string that specifies the names of resource attributes that should be returned in the response. By default, a response that contains resource attributes contains only attributes that are defined in the schema for that resource type as returned=always or returned=default. An attribute that is defined as returned=request is returned in a response only if the request specifies its name in the value of this query parameter. If a request specifies this query parameter, the response contains the attributes that this query parameter specifies, as well as any attribute that is defined as returned=always.
    authorization String
    The Authorization field value consists of credentials containing the authentication information of the user agent for the realm of the resource being requested.
    resourceTypeSchemaVersion String
    An endpoint-specific schema version number to use in the Request. Allowed version values are Earliest Version or Latest Version as specified in each REST API endpoint description, or any sequential number inbetween. All schema attributes/body parameters are a part of version 1. After version 1, any attributes added or deprecated will be tagged with the version that they were added to or deprecated in. If no version is provided, the latest schema version is returned.
    idcsEndpoint string
    The basic endpoint for the identity domain
    identityProviderId string
    ID of the resource
    attributeSets string[]
    A multi-valued list of strings indicating the return type of attribute definition. The specified set of attributes can be fetched by the return type of the attribute. One or more values can be given together to fetch more than one group of attributes. If 'attributes' query parameter is also available, union of the two is fetched. Valid values - all, always, never, request, default. Values are case-insensitive.
    attributes string
    A comma-delimited string that specifies the names of resource attributes that should be returned in the response. By default, a response that contains resource attributes contains only attributes that are defined in the schema for that resource type as returned=always or returned=default. An attribute that is defined as returned=request is returned in a response only if the request specifies its name in the value of this query parameter. If a request specifies this query parameter, the response contains the attributes that this query parameter specifies, as well as any attribute that is defined as returned=always.
    authorization string
    The Authorization field value consists of credentials containing the authentication information of the user agent for the realm of the resource being requested.
    resourceTypeSchemaVersion string
    An endpoint-specific schema version number to use in the Request. Allowed version values are Earliest Version or Latest Version as specified in each REST API endpoint description, or any sequential number inbetween. All schema attributes/body parameters are a part of version 1. After version 1, any attributes added or deprecated will be tagged with the version that they were added to or deprecated in. If no version is provided, the latest schema version is returned.
    idcs_endpoint str
    The basic endpoint for the identity domain
    identity_provider_id str
    ID of the resource
    attribute_sets Sequence[str]
    A multi-valued list of strings indicating the return type of attribute definition. The specified set of attributes can be fetched by the return type of the attribute. One or more values can be given together to fetch more than one group of attributes. If 'attributes' query parameter is also available, union of the two is fetched. Valid values - all, always, never, request, default. Values are case-insensitive.
    attributes str
    A comma-delimited string that specifies the names of resource attributes that should be returned in the response. By default, a response that contains resource attributes contains only attributes that are defined in the schema for that resource type as returned=always or returned=default. An attribute that is defined as returned=request is returned in a response only if the request specifies its name in the value of this query parameter. If a request specifies this query parameter, the response contains the attributes that this query parameter specifies, as well as any attribute that is defined as returned=always.
    authorization str
    The Authorization field value consists of credentials containing the authentication information of the user agent for the realm of the resource being requested.
    resource_type_schema_version str
    An endpoint-specific schema version number to use in the Request. Allowed version values are Earliest Version or Latest Version as specified in each REST API endpoint description, or any sequential number inbetween. All schema attributes/body parameters are a part of version 1. After version 1, any attributes added or deprecated will be tagged with the version that they were added to or deprecated in. If no version is provided, the latest schema version is returned.
    idcsEndpoint String
    The basic endpoint for the identity domain
    identityProviderId String
    ID of the resource
    attributeSets List<String>
    A multi-valued list of strings indicating the return type of attribute definition. The specified set of attributes can be fetched by the return type of the attribute. One or more values can be given together to fetch more than one group of attributes. If 'attributes' query parameter is also available, union of the two is fetched. Valid values - all, always, never, request, default. Values are case-insensitive.
    attributes String
    A comma-delimited string that specifies the names of resource attributes that should be returned in the response. By default, a response that contains resource attributes contains only attributes that are defined in the schema for that resource type as returned=always or returned=default. An attribute that is defined as returned=request is returned in a response only if the request specifies its name in the value of this query parameter. If a request specifies this query parameter, the response contains the attributes that this query parameter specifies, as well as any attribute that is defined as returned=always.
    authorization String
    The Authorization field value consists of credentials containing the authentication information of the user agent for the realm of the resource being requested.
    resourceTypeSchemaVersion String
    An endpoint-specific schema version number to use in the Request. Allowed version values are Earliest Version or Latest Version as specified in each REST API endpoint description, or any sequential number inbetween. All schema attributes/body parameters are a part of version 1. After version 1, any attributes added or deprecated will be tagged with the version that they were added to or deprecated in. If no version is provided, the latest schema version is returned.

    getDomainsIdentityProvider Result

    The following output properties are available:

    AssertionAttribute string
    Assertion attribute name.
    AuthnRequestBinding string
    HTTP binding to use for authentication requests.
    CompartmentOcid string
    Oracle Cloud Infrastructure Compartment Id (ocid) in which the resource lives.
    CorrelationPolicies List<GetDomainsIdentityProviderCorrelationPolicy>
    Correlation policy
    DeleteInProgress bool
    A boolean flag indicating this resource in the process of being deleted. Usually set to true when synchronous deletion of the resource would take too long.
    Description string
    Description
    DomainOcid string
    Oracle Cloud Infrastructure Domain Id (ocid) in which the resource lives.
    Enabled bool
    Set to true to indicate Partner enabled.
    EncryptionCertificate string
    Encryption certificate
    ExternalId string
    An identifier for the Resource as defined by the Service Consumer. The externalId may simplify identification of the Resource between Service Consumer and Service Provider by allowing the Consumer to refer to the Resource with its own identifier, obviating the need to store a local mapping between the local identifier of the Resource and the identifier used by the Service Provider. Each Resource MAY include a non-empty externalId value. The value of the externalId attribute is always issued by the Service Consumer and can never be specified by the Service Provider. The Service Provider MUST always interpret the externalId as scoped to the Service Consumer's tenant.
    IconUrl string
    Identity Provider Icon URL.
    Id string
    Unique identifier for the SCIM Resource as defined by the Service Provider. Each representation of the Resource MUST include a non-empty id value. This identifier MUST be unique across the Service Provider's entire set of Resources. It MUST be a stable, non-reassignable identifier that does not change when the same Resource is returned in subsequent requests. The value of the id attribute is always issued by the Service Provider and MUST never be specified by the Service Consumer. bulkId: is a reserved keyword and MUST NOT be used in the unique identifier.
    IdcsCreatedBies List<GetDomainsIdentityProviderIdcsCreatedBy>
    The User or App who created the Resource
    IdcsEndpoint string
    IdcsLastModifiedBies List<GetDomainsIdentityProviderIdcsLastModifiedBy>
    The User or App who modified the Resource
    IdcsLastUpgradedInRelease string
    The release number when the resource was upgraded.
    IdcsPreventedOperations List<string>
    Each value of this attribute specifies an operation that only an internal client may perform on this particular resource.
    IdentityProviderId string
    IdpSsoUrl string
    Identity Provider SSO URL
    IncludeSigningCertInSignature bool
    Set to true to include the signing certificate in the signature.
    JitUserProvAssignedGroups List<GetDomainsIdentityProviderJitUserProvAssignedGroup>
    Refers to every group of which a JIT-provisioned User should be a member. Just-in-Time user-provisioning applies this static list when jitUserProvGroupStaticListEnabled:true.
    JitUserProvAttributeUpdateEnabled bool
    Set to true to indicate JIT User Creation is enabled
    JitUserProvAttributes List<GetDomainsIdentityProviderJitUserProvAttribute>
    Assertion To User Mapping
    JitUserProvCreateUserEnabled bool
    Set to true to indicate JIT User Creation is enabled
    JitUserProvEnabled bool
    Set to true to indicate JIT User Provisioning is enabled
    JitUserProvGroupAssertionAttributeEnabled bool
    Set to true to indicate JIT User Provisioning Groups should be assigned based on assertion attribute
    JitUserProvGroupAssignmentMethod string
    The default value is 'Overwrite', which tells Just-In-Time user-provisioning to replace any current group-assignments for a User with those assigned by assertions and/or those assigned statically. Specify 'Merge' if you want Just-In-Time user-provisioning to combine its group-assignments with those the user already has.
    JitUserProvGroupMappingMode string
    Property to indicate the mode of group mapping
    JitUserProvGroupMappings List<GetDomainsIdentityProviderJitUserProvGroupMapping>
    The list of mappings between the Identity Domain Group and the IDP group.
    JitUserProvGroupSamlAttributeName string
    Name of the assertion attribute containing the users groups
    JitUserProvGroupStaticListEnabled bool
    Set to true to indicate JIT User Provisioning Groups should be assigned from a static list
    JitUserProvIgnoreErrorOnAbsentGroups bool
    Set to true to indicate ignoring absence of group while provisioning
    LastNotificationSentTime string
    Records the notification timestamp for the IdP whose signing certificate is about to expire
    LogoutBinding string
    HTTP binding to use for logout.
    LogoutEnabled bool
    Set to true to enable logout.
    LogoutRequestUrl string
    Logout request URL
    LogoutResponseUrl string
    Logout response URL
    Metadata string
    Metadata
    Metas List<GetDomainsIdentityProviderMeta>
    A complex attribute that contains resource metadata. All sub-attributes are OPTIONAL.
    NameIdFormat string
    Default authentication request name ID format.
    Ocid string
    Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.
    PartnerName string
    Unique name of the trusted Identity Provider.
    PartnerProviderId string
    Provider ID
    RequestedAuthenticationContexts List<string>
    SAML SP authentication type.
    RequireForceAuthn bool
    This SP requires requests SAML IdP to enforce re-authentication.
    RequiresEncryptedAssertion bool
    SAML SP must accept encrypted assertion only.
    SamlHoKrequired bool
    SAML SP HoK Enabled.
    Schemas List<string>
    REQUIRED. The schemas attribute is an array of Strings which allows introspection of the supported schema version for a SCIM representation as well any schema extensions supported by that representation. Each String value must be a unique URI. This specification defines URIs for User, Group, and a standard "enterprise" extension. All representations of SCIM schema MUST include a non-zero value array with value(s) of the URIs supported by that representation. Duplicate values MUST NOT be included. Value order is not specified and MUST not impact behavior.
    ServiceInstanceIdentifier string
    The serviceInstanceIdentifier of the App that hosts this IdP. This value will match the opcServiceInstanceGUID of any service-instance that the IdP represents.
    ShownOnLoginPage bool
    Set to true to indicate whether to show IdP in login page or not.
    SignatureHashAlgorithm string
    Signature hash algorithm.
    SigningCertificate string
    Signing certificate
    SuccinctId string
    Succinct ID
    Tags List<GetDomainsIdentityProviderTag>
    A list of tags on this resource.
    TenancyOcid string
    Oracle Cloud Infrastructure Tenant Id (ocid) in which the resource lives.
    TenantProviderId string
    The alternate Provider ID to be used as the Oracle Identity Cloud Service providerID (instead of the one in SamlSettings) when interacting with this IdP.
    Type string
    Identity Provider Type
    UrnietfparamsscimschemasoracleidcsextensionsocialIdentityProviders List<GetDomainsIdentityProviderUrnietfparamsscimschemasoracleidcsextensionsocialIdentityProvider>
    Social Identity Provider Extension Schema
    Urnietfparamsscimschemasoracleidcsextensionx509identityProviders List<GetDomainsIdentityProviderUrnietfparamsscimschemasoracleidcsextensionx509identityProvider>
    X509 Identity Provider Extension Schema
    UserMappingMethod string
    User mapping method.
    UserMappingStoreAttribute string
    This property specifies the userstore attribute value that must match the incoming assertion attribute value or the incoming nameid attribute value in order to identify the user during SSO.You can construct the userMappingStoreAttribute value by specifying attributes from the Oracle Identity Cloud Service Core Users schema. For examples of how to construct the userMappingStoreAttribute value, see the Example of a Request Body section of the Examples tab for the POST and PUT methods of the /IdentityProviders endpoint.
    AttributeSets List<string>
    Attributes string
    Authorization string
    ResourceTypeSchemaVersion string
    AssertionAttribute string
    Assertion attribute name.
    AuthnRequestBinding string
    HTTP binding to use for authentication requests.
    CompartmentOcid string
    Oracle Cloud Infrastructure Compartment Id (ocid) in which the resource lives.
    CorrelationPolicies []GetDomainsIdentityProviderCorrelationPolicy
    Correlation policy
    DeleteInProgress bool
    A boolean flag indicating this resource in the process of being deleted. Usually set to true when synchronous deletion of the resource would take too long.
    Description string
    Description
    DomainOcid string
    Oracle Cloud Infrastructure Domain Id (ocid) in which the resource lives.
    Enabled bool
    Set to true to indicate Partner enabled.
    EncryptionCertificate string
    Encryption certificate
    ExternalId string
    An identifier for the Resource as defined by the Service Consumer. The externalId may simplify identification of the Resource between Service Consumer and Service Provider by allowing the Consumer to refer to the Resource with its own identifier, obviating the need to store a local mapping between the local identifier of the Resource and the identifier used by the Service Provider. Each Resource MAY include a non-empty externalId value. The value of the externalId attribute is always issued by the Service Consumer and can never be specified by the Service Provider. The Service Provider MUST always interpret the externalId as scoped to the Service Consumer's tenant.
    IconUrl string
    Identity Provider Icon URL.
    Id string
    Unique identifier for the SCIM Resource as defined by the Service Provider. Each representation of the Resource MUST include a non-empty id value. This identifier MUST be unique across the Service Provider's entire set of Resources. It MUST be a stable, non-reassignable identifier that does not change when the same Resource is returned in subsequent requests. The value of the id attribute is always issued by the Service Provider and MUST never be specified by the Service Consumer. bulkId: is a reserved keyword and MUST NOT be used in the unique identifier.
    IdcsCreatedBies []GetDomainsIdentityProviderIdcsCreatedBy
    The User or App who created the Resource
    IdcsEndpoint string
    IdcsLastModifiedBies []GetDomainsIdentityProviderIdcsLastModifiedBy
    The User or App who modified the Resource
    IdcsLastUpgradedInRelease string
    The release number when the resource was upgraded.
    IdcsPreventedOperations []string
    Each value of this attribute specifies an operation that only an internal client may perform on this particular resource.
    IdentityProviderId string
    IdpSsoUrl string
    Identity Provider SSO URL
    IncludeSigningCertInSignature bool
    Set to true to include the signing certificate in the signature.
    JitUserProvAssignedGroups []GetDomainsIdentityProviderJitUserProvAssignedGroup
    Refers to every group of which a JIT-provisioned User should be a member. Just-in-Time user-provisioning applies this static list when jitUserProvGroupStaticListEnabled:true.
    JitUserProvAttributeUpdateEnabled bool
    Set to true to indicate JIT User Creation is enabled
    JitUserProvAttributes []GetDomainsIdentityProviderJitUserProvAttribute
    Assertion To User Mapping
    JitUserProvCreateUserEnabled bool
    Set to true to indicate JIT User Creation is enabled
    JitUserProvEnabled bool
    Set to true to indicate JIT User Provisioning is enabled
    JitUserProvGroupAssertionAttributeEnabled bool
    Set to true to indicate JIT User Provisioning Groups should be assigned based on assertion attribute
    JitUserProvGroupAssignmentMethod string
    The default value is 'Overwrite', which tells Just-In-Time user-provisioning to replace any current group-assignments for a User with those assigned by assertions and/or those assigned statically. Specify 'Merge' if you want Just-In-Time user-provisioning to combine its group-assignments with those the user already has.
    JitUserProvGroupMappingMode string
    Property to indicate the mode of group mapping
    JitUserProvGroupMappings []GetDomainsIdentityProviderJitUserProvGroupMapping
    The list of mappings between the Identity Domain Group and the IDP group.
    JitUserProvGroupSamlAttributeName string
    Name of the assertion attribute containing the users groups
    JitUserProvGroupStaticListEnabled bool
    Set to true to indicate JIT User Provisioning Groups should be assigned from a static list
    JitUserProvIgnoreErrorOnAbsentGroups bool
    Set to true to indicate ignoring absence of group while provisioning
    LastNotificationSentTime string
    Records the notification timestamp for the IdP whose signing certificate is about to expire
    LogoutBinding string
    HTTP binding to use for logout.
    LogoutEnabled bool
    Set to true to enable logout.
    LogoutRequestUrl string
    Logout request URL
    LogoutResponseUrl string
    Logout response URL
    Metadata string
    Metadata
    Metas []GetDomainsIdentityProviderMeta
    A complex attribute that contains resource metadata. All sub-attributes are OPTIONAL.
    NameIdFormat string
    Default authentication request name ID format.
    Ocid string
    Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.
    PartnerName string
    Unique name of the trusted Identity Provider.
    PartnerProviderId string
    Provider ID
    RequestedAuthenticationContexts []string
    SAML SP authentication type.
    RequireForceAuthn bool
    This SP requires requests SAML IdP to enforce re-authentication.
    RequiresEncryptedAssertion bool
    SAML SP must accept encrypted assertion only.
    SamlHoKrequired bool
    SAML SP HoK Enabled.
    Schemas []string
    REQUIRED. The schemas attribute is an array of Strings which allows introspection of the supported schema version for a SCIM representation as well any schema extensions supported by that representation. Each String value must be a unique URI. This specification defines URIs for User, Group, and a standard "enterprise" extension. All representations of SCIM schema MUST include a non-zero value array with value(s) of the URIs supported by that representation. Duplicate values MUST NOT be included. Value order is not specified and MUST not impact behavior.
    ServiceInstanceIdentifier string
    The serviceInstanceIdentifier of the App that hosts this IdP. This value will match the opcServiceInstanceGUID of any service-instance that the IdP represents.
    ShownOnLoginPage bool
    Set to true to indicate whether to show IdP in login page or not.
    SignatureHashAlgorithm string
    Signature hash algorithm.
    SigningCertificate string
    Signing certificate
    SuccinctId string
    Succinct ID
    Tags []GetDomainsIdentityProviderTag
    A list of tags on this resource.
    TenancyOcid string
    Oracle Cloud Infrastructure Tenant Id (ocid) in which the resource lives.
    TenantProviderId string
    The alternate Provider ID to be used as the Oracle Identity Cloud Service providerID (instead of the one in SamlSettings) when interacting with this IdP.
    Type string
    Identity Provider Type
    UrnietfparamsscimschemasoracleidcsextensionsocialIdentityProviders []GetDomainsIdentityProviderUrnietfparamsscimschemasoracleidcsextensionsocialIdentityProvider
    Social Identity Provider Extension Schema
    Urnietfparamsscimschemasoracleidcsextensionx509identityProviders []GetDomainsIdentityProviderUrnietfparamsscimschemasoracleidcsextensionx509identityProvider
    X509 Identity Provider Extension Schema
    UserMappingMethod string
    User mapping method.
    UserMappingStoreAttribute string
    This property specifies the userstore attribute value that must match the incoming assertion attribute value or the incoming nameid attribute value in order to identify the user during SSO.You can construct the userMappingStoreAttribute value by specifying attributes from the Oracle Identity Cloud Service Core Users schema. For examples of how to construct the userMappingStoreAttribute value, see the Example of a Request Body section of the Examples tab for the POST and PUT methods of the /IdentityProviders endpoint.
    AttributeSets []string
    Attributes string
    Authorization string
    ResourceTypeSchemaVersion string
    assertionAttribute String
    Assertion attribute name.
    authnRequestBinding String
    HTTP binding to use for authentication requests.
    compartmentOcid String
    Oracle Cloud Infrastructure Compartment Id (ocid) in which the resource lives.
    correlationPolicies List<GetDomainsProviderCorrelationPolicy>
    Correlation policy
    deleteInProgress Boolean
    A boolean flag indicating this resource in the process of being deleted. Usually set to true when synchronous deletion of the resource would take too long.
    description String
    Description
    domainOcid String
    Oracle Cloud Infrastructure Domain Id (ocid) in which the resource lives.
    enabled Boolean
    Set to true to indicate Partner enabled.
    encryptionCertificate String
    Encryption certificate
    externalId String
    An identifier for the Resource as defined by the Service Consumer. The externalId may simplify identification of the Resource between Service Consumer and Service Provider by allowing the Consumer to refer to the Resource with its own identifier, obviating the need to store a local mapping between the local identifier of the Resource and the identifier used by the Service Provider. Each Resource MAY include a non-empty externalId value. The value of the externalId attribute is always issued by the Service Consumer and can never be specified by the Service Provider. The Service Provider MUST always interpret the externalId as scoped to the Service Consumer's tenant.
    iconUrl String
    Identity Provider Icon URL.
    id String
    Unique identifier for the SCIM Resource as defined by the Service Provider. Each representation of the Resource MUST include a non-empty id value. This identifier MUST be unique across the Service Provider's entire set of Resources. It MUST be a stable, non-reassignable identifier that does not change when the same Resource is returned in subsequent requests. The value of the id attribute is always issued by the Service Provider and MUST never be specified by the Service Consumer. bulkId: is a reserved keyword and MUST NOT be used in the unique identifier.
    idcsCreatedBies List<GetDomainsProviderIdcsCreatedBy>
    The User or App who created the Resource
    idcsEndpoint String
    idcsLastModifiedBies List<GetDomainsProviderIdcsLastModifiedBy>
    The User or App who modified the Resource
    idcsLastUpgradedInRelease String
    The release number when the resource was upgraded.
    idcsPreventedOperations List<String>
    Each value of this attribute specifies an operation that only an internal client may perform on this particular resource.
    identityProviderId String
    idpSsoUrl String
    Identity Provider SSO URL
    includeSigningCertInSignature Boolean
    Set to true to include the signing certificate in the signature.
    jitUserProvAssignedGroups List<GetDomainsProviderJitUserProvAssignedGroup>
    Refers to every group of which a JIT-provisioned User should be a member. Just-in-Time user-provisioning applies this static list when jitUserProvGroupStaticListEnabled:true.
    jitUserProvAttributeUpdateEnabled Boolean
    Set to true to indicate JIT User Creation is enabled
    jitUserProvAttributes List<GetDomainsProviderJitUserProvAttribute>
    Assertion To User Mapping
    jitUserProvCreateUserEnabled Boolean
    Set to true to indicate JIT User Creation is enabled
    jitUserProvEnabled Boolean
    Set to true to indicate JIT User Provisioning is enabled
    jitUserProvGroupAssertionAttributeEnabled Boolean
    Set to true to indicate JIT User Provisioning Groups should be assigned based on assertion attribute
    jitUserProvGroupAssignmentMethod String
    The default value is 'Overwrite', which tells Just-In-Time user-provisioning to replace any current group-assignments for a User with those assigned by assertions and/or those assigned statically. Specify 'Merge' if you want Just-In-Time user-provisioning to combine its group-assignments with those the user already has.
    jitUserProvGroupMappingMode String
    Property to indicate the mode of group mapping
    jitUserProvGroupMappings List<GetDomainsProviderJitUserProvGroupMapping>
    The list of mappings between the Identity Domain Group and the IDP group.
    jitUserProvGroupSamlAttributeName String
    Name of the assertion attribute containing the users groups
    jitUserProvGroupStaticListEnabled Boolean
    Set to true to indicate JIT User Provisioning Groups should be assigned from a static list
    jitUserProvIgnoreErrorOnAbsentGroups Boolean
    Set to true to indicate ignoring absence of group while provisioning
    lastNotificationSentTime String
    Records the notification timestamp for the IdP whose signing certificate is about to expire
    logoutBinding String
    HTTP binding to use for logout.
    logoutEnabled Boolean
    Set to true to enable logout.
    logoutRequestUrl String
    Logout request URL
    logoutResponseUrl String
    Logout response URL
    metadata String
    Metadata
    metas List<GetDomainsProviderMeta>
    A complex attribute that contains resource metadata. All sub-attributes are OPTIONAL.
    nameIdFormat String
    Default authentication request name ID format.
    ocid String
    Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.
    partnerName String
    Unique name of the trusted Identity Provider.
    partnerProviderId String
    Provider ID
    requestedAuthenticationContexts List<String>
    SAML SP authentication type.
    requireForceAuthn Boolean
    This SP requires requests SAML IdP to enforce re-authentication.
    requiresEncryptedAssertion Boolean
    SAML SP must accept encrypted assertion only.
    samlHoKrequired Boolean
    SAML SP HoK Enabled.
    schemas List<String>
    REQUIRED. The schemas attribute is an array of Strings which allows introspection of the supported schema version for a SCIM representation as well any schema extensions supported by that representation. Each String value must be a unique URI. This specification defines URIs for User, Group, and a standard "enterprise" extension. All representations of SCIM schema MUST include a non-zero value array with value(s) of the URIs supported by that representation. Duplicate values MUST NOT be included. Value order is not specified and MUST not impact behavior.
    serviceInstanceIdentifier String
    The serviceInstanceIdentifier of the App that hosts this IdP. This value will match the opcServiceInstanceGUID of any service-instance that the IdP represents.
    shownOnLoginPage Boolean
    Set to true to indicate whether to show IdP in login page or not.
    signatureHashAlgorithm String
    Signature hash algorithm.
    signingCertificate String
    Signing certificate
    succinctId String
    Succinct ID
    tags List<GetDomainsProviderTag>
    A list of tags on this resource.
    tenancyOcid String
    Oracle Cloud Infrastructure Tenant Id (ocid) in which the resource lives.
    tenantProviderId String
    The alternate Provider ID to be used as the Oracle Identity Cloud Service providerID (instead of the one in SamlSettings) when interacting with this IdP.
    type String
    Identity Provider Type
    urnietfparamsscimschemasoracleidcsextensionsocialIdentityProviders List<GetDomainsProviderUrnietfparamsscimschemasoracleidcsextensionsocialProvider>
    Social Identity Provider Extension Schema
    urnietfparamsscimschemasoracleidcsextensionx509identityProviders List<GetDomainsProviderUrnietfparamsscimschemasoracleidcsextensionx509identityProvider>
    X509 Identity Provider Extension Schema
    userMappingMethod String
    User mapping method.
    userMappingStoreAttribute String
    This property specifies the userstore attribute value that must match the incoming assertion attribute value or the incoming nameid attribute value in order to identify the user during SSO.You can construct the userMappingStoreAttribute value by specifying attributes from the Oracle Identity Cloud Service Core Users schema. For examples of how to construct the userMappingStoreAttribute value, see the Example of a Request Body section of the Examples tab for the POST and PUT methods of the /IdentityProviders endpoint.
    attributeSets List<String>
    attributes String
    authorization String
    resourceTypeSchemaVersion String
    assertionAttribute string
    Assertion attribute name.
    authnRequestBinding string
    HTTP binding to use for authentication requests.
    compartmentOcid string
    Oracle Cloud Infrastructure Compartment Id (ocid) in which the resource lives.
    correlationPolicies GetDomainsIdentityProviderCorrelationPolicy[]
    Correlation policy
    deleteInProgress boolean
    A boolean flag indicating this resource in the process of being deleted. Usually set to true when synchronous deletion of the resource would take too long.
    description string
    Description
    domainOcid string
    Oracle Cloud Infrastructure Domain Id (ocid) in which the resource lives.
    enabled boolean
    Set to true to indicate Partner enabled.
    encryptionCertificate string
    Encryption certificate
    externalId string
    An identifier for the Resource as defined by the Service Consumer. The externalId may simplify identification of the Resource between Service Consumer and Service Provider by allowing the Consumer to refer to the Resource with its own identifier, obviating the need to store a local mapping between the local identifier of the Resource and the identifier used by the Service Provider. Each Resource MAY include a non-empty externalId value. The value of the externalId attribute is always issued by the Service Consumer and can never be specified by the Service Provider. The Service Provider MUST always interpret the externalId as scoped to the Service Consumer's tenant.
    iconUrl string
    Identity Provider Icon URL.
    id string
    Unique identifier for the SCIM Resource as defined by the Service Provider. Each representation of the Resource MUST include a non-empty id value. This identifier MUST be unique across the Service Provider's entire set of Resources. It MUST be a stable, non-reassignable identifier that does not change when the same Resource is returned in subsequent requests. The value of the id attribute is always issued by the Service Provider and MUST never be specified by the Service Consumer. bulkId: is a reserved keyword and MUST NOT be used in the unique identifier.
    idcsCreatedBies GetDomainsIdentityProviderIdcsCreatedBy[]
    The User or App who created the Resource
    idcsEndpoint string
    idcsLastModifiedBies GetDomainsIdentityProviderIdcsLastModifiedBy[]
    The User or App who modified the Resource
    idcsLastUpgradedInRelease string
    The release number when the resource was upgraded.
    idcsPreventedOperations string[]
    Each value of this attribute specifies an operation that only an internal client may perform on this particular resource.
    identityProviderId string
    idpSsoUrl string
    Identity Provider SSO URL
    includeSigningCertInSignature boolean
    Set to true to include the signing certificate in the signature.
    jitUserProvAssignedGroups GetDomainsIdentityProviderJitUserProvAssignedGroup[]
    Refers to every group of which a JIT-provisioned User should be a member. Just-in-Time user-provisioning applies this static list when jitUserProvGroupStaticListEnabled:true.
    jitUserProvAttributeUpdateEnabled boolean
    Set to true to indicate JIT User Creation is enabled
    jitUserProvAttributes GetDomainsIdentityProviderJitUserProvAttribute[]
    Assertion To User Mapping
    jitUserProvCreateUserEnabled boolean
    Set to true to indicate JIT User Creation is enabled
    jitUserProvEnabled boolean
    Set to true to indicate JIT User Provisioning is enabled
    jitUserProvGroupAssertionAttributeEnabled boolean
    Set to true to indicate JIT User Provisioning Groups should be assigned based on assertion attribute
    jitUserProvGroupAssignmentMethod string
    The default value is 'Overwrite', which tells Just-In-Time user-provisioning to replace any current group-assignments for a User with those assigned by assertions and/or those assigned statically. Specify 'Merge' if you want Just-In-Time user-provisioning to combine its group-assignments with those the user already has.
    jitUserProvGroupMappingMode string
    Property to indicate the mode of group mapping
    jitUserProvGroupMappings GetDomainsIdentityProviderJitUserProvGroupMapping[]
    The list of mappings between the Identity Domain Group and the IDP group.
    jitUserProvGroupSamlAttributeName string
    Name of the assertion attribute containing the users groups
    jitUserProvGroupStaticListEnabled boolean
    Set to true to indicate JIT User Provisioning Groups should be assigned from a static list
    jitUserProvIgnoreErrorOnAbsentGroups boolean
    Set to true to indicate ignoring absence of group while provisioning
    lastNotificationSentTime string
    Records the notification timestamp for the IdP whose signing certificate is about to expire
    logoutBinding string
    HTTP binding to use for logout.
    logoutEnabled boolean
    Set to true to enable logout.
    logoutRequestUrl string
    Logout request URL
    logoutResponseUrl string
    Logout response URL
    metadata string
    Metadata
    metas GetDomainsIdentityProviderMeta[]
    A complex attribute that contains resource metadata. All sub-attributes are OPTIONAL.
    nameIdFormat string
    Default authentication request name ID format.
    ocid string
    Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.
    partnerName string
    Unique name of the trusted Identity Provider.
    partnerProviderId string
    Provider ID
    requestedAuthenticationContexts string[]
    SAML SP authentication type.
    requireForceAuthn boolean
    This SP requires requests SAML IdP to enforce re-authentication.
    requiresEncryptedAssertion boolean
    SAML SP must accept encrypted assertion only.
    samlHoKrequired boolean
    SAML SP HoK Enabled.
    schemas string[]
    REQUIRED. The schemas attribute is an array of Strings which allows introspection of the supported schema version for a SCIM representation as well any schema extensions supported by that representation. Each String value must be a unique URI. This specification defines URIs for User, Group, and a standard "enterprise" extension. All representations of SCIM schema MUST include a non-zero value array with value(s) of the URIs supported by that representation. Duplicate values MUST NOT be included. Value order is not specified and MUST not impact behavior.
    serviceInstanceIdentifier string
    The serviceInstanceIdentifier of the App that hosts this IdP. This value will match the opcServiceInstanceGUID of any service-instance that the IdP represents.
    shownOnLoginPage boolean
    Set to true to indicate whether to show IdP in login page or not.
    signatureHashAlgorithm string
    Signature hash algorithm.
    signingCertificate string
    Signing certificate
    succinctId string
    Succinct ID
    tags GetDomainsIdentityProviderTag[]
    A list of tags on this resource.
    tenancyOcid string
    Oracle Cloud Infrastructure Tenant Id (ocid) in which the resource lives.
    tenantProviderId string
    The alternate Provider ID to be used as the Oracle Identity Cloud Service providerID (instead of the one in SamlSettings) when interacting with this IdP.
    type string
    Identity Provider Type
    urnietfparamsscimschemasoracleidcsextensionsocialIdentityProviders GetDomainsIdentityProviderUrnietfparamsscimschemasoracleidcsextensionsocialIdentityProvider[]
    Social Identity Provider Extension Schema
    urnietfparamsscimschemasoracleidcsextensionx509identityProviders GetDomainsIdentityProviderUrnietfparamsscimschemasoracleidcsextensionx509identityProvider[]
    X509 Identity Provider Extension Schema
    userMappingMethod string
    User mapping method.
    userMappingStoreAttribute string
    This property specifies the userstore attribute value that must match the incoming assertion attribute value or the incoming nameid attribute value in order to identify the user during SSO.You can construct the userMappingStoreAttribute value by specifying attributes from the Oracle Identity Cloud Service Core Users schema. For examples of how to construct the userMappingStoreAttribute value, see the Example of a Request Body section of the Examples tab for the POST and PUT methods of the /IdentityProviders endpoint.
    attributeSets string[]
    attributes string
    authorization string
    resourceTypeSchemaVersion string
    assertion_attribute str
    Assertion attribute name.
    authn_request_binding str
    HTTP binding to use for authentication requests.
    compartment_ocid str
    Oracle Cloud Infrastructure Compartment Id (ocid) in which the resource lives.
    correlation_policies GetDomainsIdentityProviderCorrelationPolicy]
    Correlation policy
    delete_in_progress bool
    A boolean flag indicating this resource in the process of being deleted. Usually set to true when synchronous deletion of the resource would take too long.
    description str
    Description
    domain_ocid str
    Oracle Cloud Infrastructure Domain Id (ocid) in which the resource lives.
    enabled bool
    Set to true to indicate Partner enabled.
    encryption_certificate str
    Encryption certificate
    external_id str
    An identifier for the Resource as defined by the Service Consumer. The externalId may simplify identification of the Resource between Service Consumer and Service Provider by allowing the Consumer to refer to the Resource with its own identifier, obviating the need to store a local mapping between the local identifier of the Resource and the identifier used by the Service Provider. Each Resource MAY include a non-empty externalId value. The value of the externalId attribute is always issued by the Service Consumer and can never be specified by the Service Provider. The Service Provider MUST always interpret the externalId as scoped to the Service Consumer's tenant.
    icon_url str
    Identity Provider Icon URL.
    id str
    Unique identifier for the SCIM Resource as defined by the Service Provider. Each representation of the Resource MUST include a non-empty id value. This identifier MUST be unique across the Service Provider's entire set of Resources. It MUST be a stable, non-reassignable identifier that does not change when the same Resource is returned in subsequent requests. The value of the id attribute is always issued by the Service Provider and MUST never be specified by the Service Consumer. bulkId: is a reserved keyword and MUST NOT be used in the unique identifier.
    idcs_created_bies GetDomainsIdentityProviderIdcsCreatedBy]
    The User or App who created the Resource
    idcs_endpoint str
    idcs_last_modified_bies GetDomainsIdentityProviderIdcsLastModifiedBy]
    The User or App who modified the Resource
    idcs_last_upgraded_in_release str
    The release number when the resource was upgraded.
    idcs_prevented_operations Sequence[str]
    Each value of this attribute specifies an operation that only an internal client may perform on this particular resource.
    identity_provider_id str
    idp_sso_url str
    Identity Provider SSO URL
    include_signing_cert_in_signature bool
    Set to true to include the signing certificate in the signature.
    jit_user_prov_assigned_groups GetDomainsIdentityProviderJitUserProvAssignedGroup]
    Refers to every group of which a JIT-provisioned User should be a member. Just-in-Time user-provisioning applies this static list when jitUserProvGroupStaticListEnabled:true.
    jit_user_prov_attribute_update_enabled bool
    Set to true to indicate JIT User Creation is enabled
    jit_user_prov_attributes GetDomainsIdentityProviderJitUserProvAttribute]
    Assertion To User Mapping
    jit_user_prov_create_user_enabled bool
    Set to true to indicate JIT User Creation is enabled
    jit_user_prov_enabled bool
    Set to true to indicate JIT User Provisioning is enabled
    jit_user_prov_group_assertion_attribute_enabled bool
    Set to true to indicate JIT User Provisioning Groups should be assigned based on assertion attribute
    jit_user_prov_group_assignment_method str
    The default value is 'Overwrite', which tells Just-In-Time user-provisioning to replace any current group-assignments for a User with those assigned by assertions and/or those assigned statically. Specify 'Merge' if you want Just-In-Time user-provisioning to combine its group-assignments with those the user already has.
    jit_user_prov_group_mapping_mode str
    Property to indicate the mode of group mapping
    jit_user_prov_group_mappings GetDomainsIdentityProviderJitUserProvGroupMapping]
    The list of mappings between the Identity Domain Group and the IDP group.
    jit_user_prov_group_saml_attribute_name str
    Name of the assertion attribute containing the users groups
    jit_user_prov_group_static_list_enabled bool
    Set to true to indicate JIT User Provisioning Groups should be assigned from a static list
    jit_user_prov_ignore_error_on_absent_groups bool
    Set to true to indicate ignoring absence of group while provisioning
    last_notification_sent_time str
    Records the notification timestamp for the IdP whose signing certificate is about to expire
    logout_binding str
    HTTP binding to use for logout.
    logout_enabled bool
    Set to true to enable logout.
    logout_request_url str
    Logout request URL
    logout_response_url str
    Logout response URL
    metadata str
    Metadata
    metas GetDomainsIdentityProviderMeta]
    A complex attribute that contains resource metadata. All sub-attributes are OPTIONAL.
    name_id_format str
    Default authentication request name ID format.
    ocid str
    Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.
    partner_name str
    Unique name of the trusted Identity Provider.
    partner_provider_id str
    Provider ID
    requested_authentication_contexts Sequence[str]
    SAML SP authentication type.
    require_force_authn bool
    This SP requires requests SAML IdP to enforce re-authentication.
    requires_encrypted_assertion bool
    SAML SP must accept encrypted assertion only.
    saml_ho_krequired bool
    SAML SP HoK Enabled.
    schemas Sequence[str]
    REQUIRED. The schemas attribute is an array of Strings which allows introspection of the supported schema version for a SCIM representation as well any schema extensions supported by that representation. Each String value must be a unique URI. This specification defines URIs for User, Group, and a standard "enterprise" extension. All representations of SCIM schema MUST include a non-zero value array with value(s) of the URIs supported by that representation. Duplicate values MUST NOT be included. Value order is not specified and MUST not impact behavior.
    service_instance_identifier str
    The serviceInstanceIdentifier of the App that hosts this IdP. This value will match the opcServiceInstanceGUID of any service-instance that the IdP represents.
    shown_on_login_page bool
    Set to true to indicate whether to show IdP in login page or not.
    signature_hash_algorithm str
    Signature hash algorithm.
    signing_certificate str
    Signing certificate
    succinct_id str
    Succinct ID
    tags GetDomainsIdentityProviderTag]
    A list of tags on this resource.
    tenancy_ocid str
    Oracle Cloud Infrastructure Tenant Id (ocid) in which the resource lives.
    tenant_provider_id str
    The alternate Provider ID to be used as the Oracle Identity Cloud Service providerID (instead of the one in SamlSettings) when interacting with this IdP.
    type str
    Identity Provider Type
    urnietfparamsscimschemasoracleidcsextensionsocial_identity_providers GetDomainsIdentityProviderUrnietfparamsscimschemasoracleidcsextensionsocialIdentityProvider]
    Social Identity Provider Extension Schema
    urnietfparamsscimschemasoracleidcsextensionx509identity_providers GetDomainsIdentityProviderUrnietfparamsscimschemasoracleidcsextensionx509identityProvider]
    X509 Identity Provider Extension Schema
    user_mapping_method str
    User mapping method.
    user_mapping_store_attribute str
    This property specifies the userstore attribute value that must match the incoming assertion attribute value or the incoming nameid attribute value in order to identify the user during SSO.You can construct the userMappingStoreAttribute value by specifying attributes from the Oracle Identity Cloud Service Core Users schema. For examples of how to construct the userMappingStoreAttribute value, see the Example of a Request Body section of the Examples tab for the POST and PUT methods of the /IdentityProviders endpoint.
    attribute_sets Sequence[str]
    attributes str
    authorization str
    resource_type_schema_version str
    assertionAttribute String
    Assertion attribute name.
    authnRequestBinding String
    HTTP binding to use for authentication requests.
    compartmentOcid String
    Oracle Cloud Infrastructure Compartment Id (ocid) in which the resource lives.
    correlationPolicies List<Property Map>
    Correlation policy
    deleteInProgress Boolean
    A boolean flag indicating this resource in the process of being deleted. Usually set to true when synchronous deletion of the resource would take too long.
    description String
    Description
    domainOcid String
    Oracle Cloud Infrastructure Domain Id (ocid) in which the resource lives.
    enabled Boolean
    Set to true to indicate Partner enabled.
    encryptionCertificate String
    Encryption certificate
    externalId String
    An identifier for the Resource as defined by the Service Consumer. The externalId may simplify identification of the Resource between Service Consumer and Service Provider by allowing the Consumer to refer to the Resource with its own identifier, obviating the need to store a local mapping between the local identifier of the Resource and the identifier used by the Service Provider. Each Resource MAY include a non-empty externalId value. The value of the externalId attribute is always issued by the Service Consumer and can never be specified by the Service Provider. The Service Provider MUST always interpret the externalId as scoped to the Service Consumer's tenant.
    iconUrl String
    Identity Provider Icon URL.
    id String
    Unique identifier for the SCIM Resource as defined by the Service Provider. Each representation of the Resource MUST include a non-empty id value. This identifier MUST be unique across the Service Provider's entire set of Resources. It MUST be a stable, non-reassignable identifier that does not change when the same Resource is returned in subsequent requests. The value of the id attribute is always issued by the Service Provider and MUST never be specified by the Service Consumer. bulkId: is a reserved keyword and MUST NOT be used in the unique identifier.
    idcsCreatedBies List<Property Map>
    The User or App who created the Resource
    idcsEndpoint String
    idcsLastModifiedBies List<Property Map>
    The User or App who modified the Resource
    idcsLastUpgradedInRelease String
    The release number when the resource was upgraded.
    idcsPreventedOperations List<String>
    Each value of this attribute specifies an operation that only an internal client may perform on this particular resource.
    identityProviderId String
    idpSsoUrl String
    Identity Provider SSO URL
    includeSigningCertInSignature Boolean
    Set to true to include the signing certificate in the signature.
    jitUserProvAssignedGroups List<Property Map>
    Refers to every group of which a JIT-provisioned User should be a member. Just-in-Time user-provisioning applies this static list when jitUserProvGroupStaticListEnabled:true.
    jitUserProvAttributeUpdateEnabled Boolean
    Set to true to indicate JIT User Creation is enabled
    jitUserProvAttributes List<Property Map>
    Assertion To User Mapping
    jitUserProvCreateUserEnabled Boolean
    Set to true to indicate JIT User Creation is enabled
    jitUserProvEnabled Boolean
    Set to true to indicate JIT User Provisioning is enabled
    jitUserProvGroupAssertionAttributeEnabled Boolean
    Set to true to indicate JIT User Provisioning Groups should be assigned based on assertion attribute
    jitUserProvGroupAssignmentMethod String
    The default value is 'Overwrite', which tells Just-In-Time user-provisioning to replace any current group-assignments for a User with those assigned by assertions and/or those assigned statically. Specify 'Merge' if you want Just-In-Time user-provisioning to combine its group-assignments with those the user already has.
    jitUserProvGroupMappingMode String
    Property to indicate the mode of group mapping
    jitUserProvGroupMappings List<Property Map>
    The list of mappings between the Identity Domain Group and the IDP group.
    jitUserProvGroupSamlAttributeName String
    Name of the assertion attribute containing the users groups
    jitUserProvGroupStaticListEnabled Boolean
    Set to true to indicate JIT User Provisioning Groups should be assigned from a static list
    jitUserProvIgnoreErrorOnAbsentGroups Boolean
    Set to true to indicate ignoring absence of group while provisioning
    lastNotificationSentTime String
    Records the notification timestamp for the IdP whose signing certificate is about to expire
    logoutBinding String
    HTTP binding to use for logout.
    logoutEnabled Boolean
    Set to true to enable logout.
    logoutRequestUrl String
    Logout request URL
    logoutResponseUrl String
    Logout response URL
    metadata String
    Metadata
    metas List<Property Map>
    A complex attribute that contains resource metadata. All sub-attributes are OPTIONAL.
    nameIdFormat String
    Default authentication request name ID format.
    ocid String
    Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.
    partnerName String
    Unique name of the trusted Identity Provider.
    partnerProviderId String
    Provider ID
    requestedAuthenticationContexts List<String>
    SAML SP authentication type.
    requireForceAuthn Boolean
    This SP requires requests SAML IdP to enforce re-authentication.
    requiresEncryptedAssertion Boolean
    SAML SP must accept encrypted assertion only.
    samlHoKrequired Boolean
    SAML SP HoK Enabled.
    schemas List<String>
    REQUIRED. The schemas attribute is an array of Strings which allows introspection of the supported schema version for a SCIM representation as well any schema extensions supported by that representation. Each String value must be a unique URI. This specification defines URIs for User, Group, and a standard "enterprise" extension. All representations of SCIM schema MUST include a non-zero value array with value(s) of the URIs supported by that representation. Duplicate values MUST NOT be included. Value order is not specified and MUST not impact behavior.
    serviceInstanceIdentifier String
    The serviceInstanceIdentifier of the App that hosts this IdP. This value will match the opcServiceInstanceGUID of any service-instance that the IdP represents.
    shownOnLoginPage Boolean
    Set to true to indicate whether to show IdP in login page or not.
    signatureHashAlgorithm String
    Signature hash algorithm.
    signingCertificate String
    Signing certificate
    succinctId String
    Succinct ID
    tags List<Property Map>
    A list of tags on this resource.
    tenancyOcid String
    Oracle Cloud Infrastructure Tenant Id (ocid) in which the resource lives.
    tenantProviderId String
    The alternate Provider ID to be used as the Oracle Identity Cloud Service providerID (instead of the one in SamlSettings) when interacting with this IdP.
    type String
    Identity Provider Type
    urnietfparamsscimschemasoracleidcsextensionsocialIdentityProviders List<Property Map>
    Social Identity Provider Extension Schema
    urnietfparamsscimschemasoracleidcsextensionx509identityProviders List<Property Map>
    X509 Identity Provider Extension Schema
    userMappingMethod String
    User mapping method.
    userMappingStoreAttribute String
    This property specifies the userstore attribute value that must match the incoming assertion attribute value or the incoming nameid attribute value in order to identify the user during SSO.You can construct the userMappingStoreAttribute value by specifying attributes from the Oracle Identity Cloud Service Core Users schema. For examples of how to construct the userMappingStoreAttribute value, see the Example of a Request Body section of the Examples tab for the POST and PUT methods of the /IdentityProviders endpoint.
    attributeSets List<String>
    attributes String
    authorization String
    resourceTypeSchemaVersion String

    Supporting Types

    GetDomainsIdentityProviderCorrelationPolicy

    Display string
    A human readable name, primarily used for display purposes. READ-ONLY.
    Ref string
    Group URI
    Type string
    Identity Provider Type
    Value string
    Value of the tag.
    Display string
    A human readable name, primarily used for display purposes. READ-ONLY.
    Ref string
    Group URI
    Type string
    Identity Provider Type
    Value string
    Value of the tag.
    display String
    A human readable name, primarily used for display purposes. READ-ONLY.
    ref String
    Group URI
    type String
    Identity Provider Type
    value String
    Value of the tag.
    display string
    A human readable name, primarily used for display purposes. READ-ONLY.
    ref string
    Group URI
    type string
    Identity Provider Type
    value string
    Value of the tag.
    display str
    A human readable name, primarily used for display purposes. READ-ONLY.
    ref str
    Group URI
    type str
    Identity Provider Type
    value str
    Value of the tag.
    display String
    A human readable name, primarily used for display purposes. READ-ONLY.
    ref String
    Group URI
    type String
    Identity Provider Type
    value String
    Value of the tag.

    GetDomainsIdentityProviderIdcsCreatedBy

    Display string
    A human readable name, primarily used for display purposes. READ-ONLY.
    Ocid string
    Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.
    Ref string
    Group URI
    Type string
    Identity Provider Type
    Value string
    Value of the tag.
    Display string
    A human readable name, primarily used for display purposes. READ-ONLY.
    Ocid string
    Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.
    Ref string
    Group URI
    Type string
    Identity Provider Type
    Value string
    Value of the tag.
    display String
    A human readable name, primarily used for display purposes. READ-ONLY.
    ocid String
    Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.
    ref String
    Group URI
    type String
    Identity Provider Type
    value String
    Value of the tag.
    display string
    A human readable name, primarily used for display purposes. READ-ONLY.
    ocid string
    Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.
    ref string
    Group URI
    type string
    Identity Provider Type
    value string
    Value of the tag.
    display str
    A human readable name, primarily used for display purposes. READ-ONLY.
    ocid str
    Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.
    ref str
    Group URI
    type str
    Identity Provider Type
    value str
    Value of the tag.
    display String
    A human readable name, primarily used for display purposes. READ-ONLY.
    ocid String
    Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.
    ref String
    Group URI
    type String
    Identity Provider Type
    value String
    Value of the tag.

    GetDomainsIdentityProviderIdcsLastModifiedBy

    Display string
    A human readable name, primarily used for display purposes. READ-ONLY.
    Ocid string
    Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.
    Ref string
    Group URI
    Type string
    Identity Provider Type
    Value string
    Value of the tag.
    Display string
    A human readable name, primarily used for display purposes. READ-ONLY.
    Ocid string
    Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.
    Ref string
    Group URI
    Type string
    Identity Provider Type
    Value string
    Value of the tag.
    display String
    A human readable name, primarily used for display purposes. READ-ONLY.
    ocid String
    Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.
    ref String
    Group URI
    type String
    Identity Provider Type
    value String
    Value of the tag.
    display string
    A human readable name, primarily used for display purposes. READ-ONLY.
    ocid string
    Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.
    ref string
    Group URI
    type string
    Identity Provider Type
    value string
    Value of the tag.
    display str
    A human readable name, primarily used for display purposes. READ-ONLY.
    ocid str
    Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.
    ref str
    Group URI
    type str
    Identity Provider Type
    value str
    Value of the tag.
    display String
    A human readable name, primarily used for display purposes. READ-ONLY.
    ocid String
    Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.
    ref String
    Group URI
    type String
    Identity Provider Type
    value String
    Value of the tag.

    GetDomainsIdentityProviderJitUserProvAssignedGroup

    Display string
    A human readable name, primarily used for display purposes. READ-ONLY.
    Ref string
    Group URI
    Value string
    Value of the tag.
    Display string
    A human readable name, primarily used for display purposes. READ-ONLY.
    Ref string
    Group URI
    Value string
    Value of the tag.
    display String
    A human readable name, primarily used for display purposes. READ-ONLY.
    ref String
    Group URI
    value String
    Value of the tag.
    display string
    A human readable name, primarily used for display purposes. READ-ONLY.
    ref string
    Group URI
    value string
    Value of the tag.
    display str
    A human readable name, primarily used for display purposes. READ-ONLY.
    ref str
    Group URI
    value str
    Value of the tag.
    display String
    A human readable name, primarily used for display purposes. READ-ONLY.
    ref String
    Group URI
    value String
    Value of the tag.

    GetDomainsIdentityProviderJitUserProvAttribute

    Ref string
    Group URI
    Value string
    Value of the tag.
    Ref string
    Group URI
    Value string
    Value of the tag.
    ref String
    Group URI
    value String
    Value of the tag.
    ref string
    Group URI
    value string
    Value of the tag.
    ref str
    Group URI
    value str
    Value of the tag.
    ref String
    Group URI
    value String
    Value of the tag.

    GetDomainsIdentityProviderJitUserProvGroupMapping

    IdpGroup string
    IDP Group Name
    Ref string
    Group URI
    Value string
    Value of the tag.
    IdpGroup string
    IDP Group Name
    Ref string
    Group URI
    Value string
    Value of the tag.
    idpGroup String
    IDP Group Name
    ref String
    Group URI
    value String
    Value of the tag.
    idpGroup string
    IDP Group Name
    ref string
    Group URI
    value string
    Value of the tag.
    idp_group str
    IDP Group Name
    ref str
    Group URI
    value str
    Value of the tag.
    idpGroup String
    IDP Group Name
    ref String
    Group URI
    value String
    Value of the tag.

    GetDomainsIdentityProviderMeta

    Created string
    The DateTime the Resource was added to the Service Provider
    LastModified string
    The most recent DateTime that the details of this Resource were updated at the Service Provider. If this Resource has never been modified since its initial creation, the value MUST be the same as the value of created. The attribute MUST be a DateTime.
    Location string
    The URI of the Resource being returned. This value MUST be the same as the Location HTTP response header.
    ResourceType string
    Name of the resource type of the resource--for example, Users or Groups
    Version string
    The version of the Resource being returned. This value must be the same as the ETag HTTP response header.
    Created string
    The DateTime the Resource was added to the Service Provider
    LastModified string
    The most recent DateTime that the details of this Resource were updated at the Service Provider. If this Resource has never been modified since its initial creation, the value MUST be the same as the value of created. The attribute MUST be a DateTime.
    Location string
    The URI of the Resource being returned. This value MUST be the same as the Location HTTP response header.
    ResourceType string
    Name of the resource type of the resource--for example, Users or Groups
    Version string
    The version of the Resource being returned. This value must be the same as the ETag HTTP response header.
    created String
    The DateTime the Resource was added to the Service Provider
    lastModified String
    The most recent DateTime that the details of this Resource were updated at the Service Provider. If this Resource has never been modified since its initial creation, the value MUST be the same as the value of created. The attribute MUST be a DateTime.
    location String
    The URI of the Resource being returned. This value MUST be the same as the Location HTTP response header.
    resourceType String
    Name of the resource type of the resource--for example, Users or Groups
    version String
    The version of the Resource being returned. This value must be the same as the ETag HTTP response header.
    created string
    The DateTime the Resource was added to the Service Provider
    lastModified string
    The most recent DateTime that the details of this Resource were updated at the Service Provider. If this Resource has never been modified since its initial creation, the value MUST be the same as the value of created. The attribute MUST be a DateTime.
    location string
    The URI of the Resource being returned. This value MUST be the same as the Location HTTP response header.
    resourceType string
    Name of the resource type of the resource--for example, Users or Groups
    version string
    The version of the Resource being returned. This value must be the same as the ETag HTTP response header.
    created str
    The DateTime the Resource was added to the Service Provider
    last_modified str
    The most recent DateTime that the details of this Resource were updated at the Service Provider. If this Resource has never been modified since its initial creation, the value MUST be the same as the value of created. The attribute MUST be a DateTime.
    location str
    The URI of the Resource being returned. This value MUST be the same as the Location HTTP response header.
    resource_type str
    Name of the resource type of the resource--for example, Users or Groups
    version str
    The version of the Resource being returned. This value must be the same as the ETag HTTP response header.
    created String
    The DateTime the Resource was added to the Service Provider
    lastModified String
    The most recent DateTime that the details of this Resource were updated at the Service Provider. If this Resource has never been modified since its initial creation, the value MUST be the same as the value of created. The attribute MUST be a DateTime.
    location String
    The URI of the Resource being returned. This value MUST be the same as the Location HTTP response header.
    resourceType String
    Name of the resource type of the resource--for example, Users or Groups
    version String
    The version of the Resource being returned. This value must be the same as the ETag HTTP response header.

    GetDomainsIdentityProviderTag

    Key string
    Key or name of the tag.
    Value string
    Value of the tag.
    Key string
    Key or name of the tag.
    Value string
    Value of the tag.
    key String
    Key or name of the tag.
    value String
    Value of the tag.
    key string
    Key or name of the tag.
    value string
    Value of the tag.
    key str
    Key or name of the tag.
    value str
    Value of the tag.
    key String
    Key or name of the tag.
    value String
    Value of the tag.

    GetDomainsIdentityProviderUrnietfparamsscimschemasoracleidcsextensionsocialIdentityProvider

    AccessTokenUrl string
    Social IDP Access token URL
    AccountLinkingEnabled bool
    Whether account linking is enabled
    AdminScopes List<string>
    Admin scope to request
    AuthzUrl string
    Social IDP Authorization URL
    ClientCredentialInPayload bool
    Whether the client credential is contained in payload
    ClockSkewInSeconds int
    Social IDP allowed clock skew time
    ConsumerKey string
    Social IDP Client Application Client ID
    ConsumerSecret string
    Social IDP Client Application Client Secret
    DiscoveryUrl string
    Discovery URL
    IdAttribute string
    Id attribute used for account linking
    ProfileUrl string
    Social IDP User profile URL
    RedirectUrl string
    redirect URL for social idp
    RegistrationEnabled bool
    Whether registration is enabled
    Scopes List<string>
    Scope to request
    ServiceProviderName string
    Service Provider Name
    Status string
    Status
    AccessTokenUrl string
    Social IDP Access token URL
    AccountLinkingEnabled bool
    Whether account linking is enabled
    AdminScopes []string
    Admin scope to request
    AuthzUrl string
    Social IDP Authorization URL
    ClientCredentialInPayload bool
    Whether the client credential is contained in payload
    ClockSkewInSeconds int
    Social IDP allowed clock skew time
    ConsumerKey string
    Social IDP Client Application Client ID
    ConsumerSecret string
    Social IDP Client Application Client Secret
    DiscoveryUrl string
    Discovery URL
    IdAttribute string
    Id attribute used for account linking
    ProfileUrl string
    Social IDP User profile URL
    RedirectUrl string
    redirect URL for social idp
    RegistrationEnabled bool
    Whether registration is enabled
    Scopes []string
    Scope to request
    ServiceProviderName string
    Service Provider Name
    Status string
    Status
    accessTokenUrl String
    Social IDP Access token URL
    accountLinkingEnabled Boolean
    Whether account linking is enabled
    adminScopes List<String>
    Admin scope to request
    authzUrl String
    Social IDP Authorization URL
    clientCredentialInPayload Boolean
    Whether the client credential is contained in payload
    clockSkewInSeconds Integer
    Social IDP allowed clock skew time
    consumerKey String
    Social IDP Client Application Client ID
    consumerSecret String
    Social IDP Client Application Client Secret
    discoveryUrl String
    Discovery URL
    idAttribute String
    Id attribute used for account linking
    profileUrl String
    Social IDP User profile URL
    redirectUrl String
    redirect URL for social idp
    registrationEnabled Boolean
    Whether registration is enabled
    scopes List<String>
    Scope to request
    serviceProviderName String
    Service Provider Name
    status String
    Status
    accessTokenUrl string
    Social IDP Access token URL
    accountLinkingEnabled boolean
    Whether account linking is enabled
    adminScopes string[]
    Admin scope to request
    authzUrl string
    Social IDP Authorization URL
    clientCredentialInPayload boolean
    Whether the client credential is contained in payload
    clockSkewInSeconds number
    Social IDP allowed clock skew time
    consumerKey string
    Social IDP Client Application Client ID
    consumerSecret string
    Social IDP Client Application Client Secret
    discoveryUrl string
    Discovery URL
    idAttribute string
    Id attribute used for account linking
    profileUrl string
    Social IDP User profile URL
    redirectUrl string
    redirect URL for social idp
    registrationEnabled boolean
    Whether registration is enabled
    scopes string[]
    Scope to request
    serviceProviderName string
    Service Provider Name
    status string
    Status
    access_token_url str
    Social IDP Access token URL
    account_linking_enabled bool
    Whether account linking is enabled
    admin_scopes Sequence[str]
    Admin scope to request
    authz_url str
    Social IDP Authorization URL
    client_credential_in_payload bool
    Whether the client credential is contained in payload
    clock_skew_in_seconds int
    Social IDP allowed clock skew time
    consumer_key str
    Social IDP Client Application Client ID
    consumer_secret str
    Social IDP Client Application Client Secret
    discovery_url str
    Discovery URL
    id_attribute str
    Id attribute used for account linking
    profile_url str
    Social IDP User profile URL
    redirect_url str
    redirect URL for social idp
    registration_enabled bool
    Whether registration is enabled
    scopes Sequence[str]
    Scope to request
    service_provider_name str
    Service Provider Name
    status str
    Status
    accessTokenUrl String
    Social IDP Access token URL
    accountLinkingEnabled Boolean
    Whether account linking is enabled
    adminScopes List<String>
    Admin scope to request
    authzUrl String
    Social IDP Authorization URL
    clientCredentialInPayload Boolean
    Whether the client credential is contained in payload
    clockSkewInSeconds Number
    Social IDP allowed clock skew time
    consumerKey String
    Social IDP Client Application Client ID
    consumerSecret String
    Social IDP Client Application Client Secret
    discoveryUrl String
    Discovery URL
    idAttribute String
    Id attribute used for account linking
    profileUrl String
    Social IDP User profile URL
    redirectUrl String
    redirect URL for social idp
    registrationEnabled Boolean
    Whether registration is enabled
    scopes List<String>
    Scope to request
    serviceProviderName String
    Service Provider Name
    status String
    Status

    GetDomainsIdentityProviderUrnietfparamsscimschemasoracleidcsextensionx509identityProvider

    CertMatchAttribute string
    X509 Certificate Matching Attribute
    CrlCheckOnOcspFailureEnabled bool
    Fallback on CRL Validation if OCSP fails.
    CrlEnabled bool
    Set to true to enable CRL Validation
    CrlLocation string
    CRL Location URL
    CrlReloadDuration int
    Fetch the CRL contents every X minutes
    EkuValidationEnabled bool
    Set to true to enable EKU Validation
    EkuValues List<string>
    List of EKU which needs to be validated
    OcspAllowUnknownResponseStatus bool
    Allow access if OCSP response is UNKNOWN or OCSP Responder does not respond within the timeout duration
    OcspEnableSignedResponse bool
    Describes if the OCSP response is signed
    OcspEnabled bool
    Set to true to enable OCSP Validation
    OcspResponderUrl string
    This property specifies OCSP Responder URL.
    OcspRevalidateTime int
    Revalidate OCSP status for user after X hours
    OcspServerName string
    This property specifies the OCSP Server alias name
    OcspTrustCertChains List<string>
    OCSP Trusted Certificate Chain
    OtherCertMatchAttribute string
    Check for specific conditions of other certificate attributes
    SigningCertificateChains List<string>
    Certificate alias list to create a chain for the incoming client certificate
    UserMatchAttribute string
    This property specifies the userstore attribute value that must match the incoming certificate attribute.
    CertMatchAttribute string
    X509 Certificate Matching Attribute
    CrlCheckOnOcspFailureEnabled bool
    Fallback on CRL Validation if OCSP fails.
    CrlEnabled bool
    Set to true to enable CRL Validation
    CrlLocation string
    CRL Location URL
    CrlReloadDuration int
    Fetch the CRL contents every X minutes
    EkuValidationEnabled bool
    Set to true to enable EKU Validation
    EkuValues []string
    List of EKU which needs to be validated
    OcspAllowUnknownResponseStatus bool
    Allow access if OCSP response is UNKNOWN or OCSP Responder does not respond within the timeout duration
    OcspEnableSignedResponse bool
    Describes if the OCSP response is signed
    OcspEnabled bool
    Set to true to enable OCSP Validation
    OcspResponderUrl string
    This property specifies OCSP Responder URL.
    OcspRevalidateTime int
    Revalidate OCSP status for user after X hours
    OcspServerName string
    This property specifies the OCSP Server alias name
    OcspTrustCertChains []string
    OCSP Trusted Certificate Chain
    OtherCertMatchAttribute string
    Check for specific conditions of other certificate attributes
    SigningCertificateChains []string
    Certificate alias list to create a chain for the incoming client certificate
    UserMatchAttribute string
    This property specifies the userstore attribute value that must match the incoming certificate attribute.
    certMatchAttribute String
    X509 Certificate Matching Attribute
    crlCheckOnOcspFailureEnabled Boolean
    Fallback on CRL Validation if OCSP fails.
    crlEnabled Boolean
    Set to true to enable CRL Validation
    crlLocation String
    CRL Location URL
    crlReloadDuration Integer
    Fetch the CRL contents every X minutes
    ekuValidationEnabled Boolean
    Set to true to enable EKU Validation
    ekuValues List<String>
    List of EKU which needs to be validated
    ocspAllowUnknownResponseStatus Boolean
    Allow access if OCSP response is UNKNOWN or OCSP Responder does not respond within the timeout duration
    ocspEnableSignedResponse Boolean
    Describes if the OCSP response is signed
    ocspEnabled Boolean
    Set to true to enable OCSP Validation
    ocspResponderUrl String
    This property specifies OCSP Responder URL.
    ocspRevalidateTime Integer
    Revalidate OCSP status for user after X hours
    ocspServerName String
    This property specifies the OCSP Server alias name
    ocspTrustCertChains List<String>
    OCSP Trusted Certificate Chain
    otherCertMatchAttribute String
    Check for specific conditions of other certificate attributes
    signingCertificateChains List<String>
    Certificate alias list to create a chain for the incoming client certificate
    userMatchAttribute String
    This property specifies the userstore attribute value that must match the incoming certificate attribute.
    certMatchAttribute string
    X509 Certificate Matching Attribute
    crlCheckOnOcspFailureEnabled boolean
    Fallback on CRL Validation if OCSP fails.
    crlEnabled boolean
    Set to true to enable CRL Validation
    crlLocation string
    CRL Location URL
    crlReloadDuration number
    Fetch the CRL contents every X minutes
    ekuValidationEnabled boolean
    Set to true to enable EKU Validation
    ekuValues string[]
    List of EKU which needs to be validated
    ocspAllowUnknownResponseStatus boolean
    Allow access if OCSP response is UNKNOWN or OCSP Responder does not respond within the timeout duration
    ocspEnableSignedResponse boolean
    Describes if the OCSP response is signed
    ocspEnabled boolean
    Set to true to enable OCSP Validation
    ocspResponderUrl string
    This property specifies OCSP Responder URL.
    ocspRevalidateTime number
    Revalidate OCSP status for user after X hours
    ocspServerName string
    This property specifies the OCSP Server alias name
    ocspTrustCertChains string[]
    OCSP Trusted Certificate Chain
    otherCertMatchAttribute string
    Check for specific conditions of other certificate attributes
    signingCertificateChains string[]
    Certificate alias list to create a chain for the incoming client certificate
    userMatchAttribute string
    This property specifies the userstore attribute value that must match the incoming certificate attribute.
    cert_match_attribute str
    X509 Certificate Matching Attribute
    crl_check_on_ocsp_failure_enabled bool
    Fallback on CRL Validation if OCSP fails.
    crl_enabled bool
    Set to true to enable CRL Validation
    crl_location str
    CRL Location URL
    crl_reload_duration int
    Fetch the CRL contents every X minutes
    eku_validation_enabled bool
    Set to true to enable EKU Validation
    eku_values Sequence[str]
    List of EKU which needs to be validated
    ocsp_allow_unknown_response_status bool
    Allow access if OCSP response is UNKNOWN or OCSP Responder does not respond within the timeout duration
    ocsp_enable_signed_response bool
    Describes if the OCSP response is signed
    ocsp_enabled bool
    Set to true to enable OCSP Validation
    ocsp_responder_url str
    This property specifies OCSP Responder URL.
    ocsp_revalidate_time int
    Revalidate OCSP status for user after X hours
    ocsp_server_name str
    This property specifies the OCSP Server alias name
    ocsp_trust_cert_chains Sequence[str]
    OCSP Trusted Certificate Chain
    other_cert_match_attribute str
    Check for specific conditions of other certificate attributes
    signing_certificate_chains Sequence[str]
    Certificate alias list to create a chain for the incoming client certificate
    user_match_attribute str
    This property specifies the userstore attribute value that must match the incoming certificate attribute.
    certMatchAttribute String
    X509 Certificate Matching Attribute
    crlCheckOnOcspFailureEnabled Boolean
    Fallback on CRL Validation if OCSP fails.
    crlEnabled Boolean
    Set to true to enable CRL Validation
    crlLocation String
    CRL Location URL
    crlReloadDuration Number
    Fetch the CRL contents every X minutes
    ekuValidationEnabled Boolean
    Set to true to enable EKU Validation
    ekuValues List<String>
    List of EKU which needs to be validated
    ocspAllowUnknownResponseStatus Boolean
    Allow access if OCSP response is UNKNOWN or OCSP Responder does not respond within the timeout duration
    ocspEnableSignedResponse Boolean
    Describes if the OCSP response is signed
    ocspEnabled Boolean
    Set to true to enable OCSP Validation
    ocspResponderUrl String
    This property specifies OCSP Responder URL.
    ocspRevalidateTime Number
    Revalidate OCSP status for user after X hours
    ocspServerName String
    This property specifies the OCSP Server alias name
    ocspTrustCertChains List<String>
    OCSP Trusted Certificate Chain
    otherCertMatchAttribute String
    Check for specific conditions of other certificate attributes
    signingCertificateChains List<String>
    Certificate alias list to create a chain for the incoming client certificate
    userMatchAttribute String
    This property specifies the userstore attribute value that must match the incoming certificate attribute.

    Package Details

    Repository
    oci pulumi/pulumi-oci
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the oci Terraform Provider.
    oci logo
    Oracle Cloud Infrastructure v1.29.0 published on Thursday, Mar 28, 2024 by Pulumi