Oracle Cloud Infrastructure v2.31.0 published on Thursday, Apr 17, 2025 by Pulumi
oci.Identity.getDomainsIdentityProvider
Explore with Pulumi AI
This data source provides details about a specific Identity Provider resource in Oracle Cloud Infrastructure Identity Domains service.
Get an Identity Provider
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as oci from "@pulumi/oci";
const testIdentityProvider = oci.Identity.getDomainsIdentityProvider({
idcsEndpoint: testDomain.url,
identityProviderId: testIdentityProviderOciIdentityIdentityProvider.id,
attributeSets: [],
attributes: "",
authorization: identityProviderAuthorization,
resourceTypeSchemaVersion: identityProviderResourceTypeSchemaVersion,
});
import pulumi
import pulumi_oci as oci
test_identity_provider = oci.Identity.get_domains_identity_provider(idcs_endpoint=test_domain["url"],
identity_provider_id=test_identity_provider_oci_identity_identity_provider["id"],
attribute_sets=[],
attributes="",
authorization=identity_provider_authorization,
resource_type_schema_version=identity_provider_resource_type_schema_version)
package main
import (
"github.com/pulumi/pulumi-oci/sdk/v2/go/oci/identity"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := identity.GetDomainsIdentityProvider(ctx, &identity.GetDomainsIdentityProviderArgs{
IdcsEndpoint: testDomain.Url,
IdentityProviderId: testIdentityProviderOciIdentityIdentityProvider.Id,
AttributeSets: []interface{}{},
Attributes: pulumi.StringRef(""),
Authorization: pulumi.StringRef(identityProviderAuthorization),
ResourceTypeSchemaVersion: pulumi.StringRef(identityProviderResourceTypeSchemaVersion),
}, nil)
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Oci = Pulumi.Oci;
return await Deployment.RunAsync(() =>
{
var testIdentityProvider = Oci.Identity.GetDomainsIdentityProvider.Invoke(new()
{
IdcsEndpoint = testDomain.Url,
IdentityProviderId = testIdentityProviderOciIdentityIdentityProvider.Id,
AttributeSets = new() { },
Attributes = "",
Authorization = identityProviderAuthorization,
ResourceTypeSchemaVersion = identityProviderResourceTypeSchemaVersion,
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.oci.Identity.IdentityFunctions;
import com.pulumi.oci.Identity.inputs.GetDomainsIdentityProviderArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var testIdentityProvider = IdentityFunctions.getDomainsIdentityProvider(GetDomainsIdentityProviderArgs.builder()
.idcsEndpoint(testDomain.url())
.identityProviderId(testIdentityProviderOciIdentityIdentityProvider.id())
.attributeSets()
.attributes("")
.authorization(identityProviderAuthorization)
.resourceTypeSchemaVersion(identityProviderResourceTypeSchemaVersion)
.build());
}
}
variables:
testIdentityProvider:
fn::invoke:
function: oci:Identity:getDomainsIdentityProvider
arguments:
idcsEndpoint: ${testDomain.url}
identityProviderId: ${testIdentityProviderOciIdentityIdentityProvider.id}
attributeSets: []
attributes: ""
authorization: ${identityProviderAuthorization}
resourceTypeSchemaVersion: ${identityProviderResourceTypeSchemaVersion}
Using getDomainsIdentityProvider
Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.
function getDomainsIdentityProvider(args: GetDomainsIdentityProviderArgs, opts?: InvokeOptions): Promise<GetDomainsIdentityProviderResult>
function getDomainsIdentityProviderOutput(args: GetDomainsIdentityProviderOutputArgs, opts?: InvokeOptions): Output<GetDomainsIdentityProviderResult>
def get_domains_identity_provider(attribute_sets: Optional[Sequence[str]] = None,
attributes: Optional[str] = None,
authorization: Optional[str] = None,
idcs_endpoint: Optional[str] = None,
identity_provider_id: Optional[str] = None,
resource_type_schema_version: Optional[str] = None,
opts: Optional[InvokeOptions] = None) -> GetDomainsIdentityProviderResult
def get_domains_identity_provider_output(attribute_sets: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
attributes: Optional[pulumi.Input[str]] = None,
authorization: Optional[pulumi.Input[str]] = None,
idcs_endpoint: Optional[pulumi.Input[str]] = None,
identity_provider_id: Optional[pulumi.Input[str]] = None,
resource_type_schema_version: Optional[pulumi.Input[str]] = None,
opts: Optional[InvokeOptions] = None) -> Output[GetDomainsIdentityProviderResult]
func GetDomainsIdentityProvider(ctx *Context, args *GetDomainsIdentityProviderArgs, opts ...InvokeOption) (*GetDomainsIdentityProviderResult, error)
func GetDomainsIdentityProviderOutput(ctx *Context, args *GetDomainsIdentityProviderOutputArgs, opts ...InvokeOption) GetDomainsIdentityProviderResultOutput
> Note: This function is named GetDomainsIdentityProvider
in the Go SDK.
public static class GetDomainsIdentityProvider
{
public static Task<GetDomainsIdentityProviderResult> InvokeAsync(GetDomainsIdentityProviderArgs args, InvokeOptions? opts = null)
public static Output<GetDomainsIdentityProviderResult> Invoke(GetDomainsIdentityProviderInvokeArgs args, InvokeOptions? opts = null)
}
public static CompletableFuture<GetDomainsIdentityProviderResult> getDomainsIdentityProvider(GetDomainsIdentityProviderArgs args, InvokeOptions options)
public static Output<GetDomainsIdentityProviderResult> getDomainsIdentityProvider(GetDomainsIdentityProviderArgs args, InvokeOptions options)
fn::invoke:
function: oci:Identity/getDomainsIdentityProvider:getDomainsIdentityProvider
arguments:
# arguments dictionary
The following arguments are supported:
- Idcs
Endpoint This property is required. string - The basic endpoint for the identity domain
- Identity
Provider Id This property is required. string - ID of the resource
- Attribute
Sets List<string> - A multi-valued list of strings indicating the return type of attribute definition. The specified set of attributes can be fetched by the return type of the attribute. One or more values can be given together to fetch more than one group of attributes. If 'attributes' query parameter is also available, union of the two is fetched. Valid values - all, always, never, request, default. Values are case-insensitive.
- Attributes string
- A comma-delimited string that specifies the names of resource attributes that should be returned in the response. By default, a response that contains resource attributes contains only attributes that are defined in the schema for that resource type as returned=always or returned=default. An attribute that is defined as returned=request is returned in a response only if the request specifies its name in the value of this query parameter. If a request specifies this query parameter, the response contains the attributes that this query parameter specifies, as well as any attribute that is defined as returned=always.
- string
- The Authorization field value consists of credentials containing the authentication information of the user agent for the realm of the resource being requested.
- Resource
Type stringSchema Version - An endpoint-specific schema version number to use in the Request. Allowed version values are Earliest Version or Latest Version as specified in each REST API endpoint description, or any sequential number inbetween. All schema attributes/body parameters are a part of version 1. After version 1, any attributes added or deprecated will be tagged with the version that they were added to or deprecated in. If no version is provided, the latest schema version is returned.
- Idcs
Endpoint This property is required. string - The basic endpoint for the identity domain
- Identity
Provider Id This property is required. string - ID of the resource
- Attribute
Sets []string - A multi-valued list of strings indicating the return type of attribute definition. The specified set of attributes can be fetched by the return type of the attribute. One or more values can be given together to fetch more than one group of attributes. If 'attributes' query parameter is also available, union of the two is fetched. Valid values - all, always, never, request, default. Values are case-insensitive.
- Attributes string
- A comma-delimited string that specifies the names of resource attributes that should be returned in the response. By default, a response that contains resource attributes contains only attributes that are defined in the schema for that resource type as returned=always or returned=default. An attribute that is defined as returned=request is returned in a response only if the request specifies its name in the value of this query parameter. If a request specifies this query parameter, the response contains the attributes that this query parameter specifies, as well as any attribute that is defined as returned=always.
- string
- The Authorization field value consists of credentials containing the authentication information of the user agent for the realm of the resource being requested.
- Resource
Type stringSchema Version - An endpoint-specific schema version number to use in the Request. Allowed version values are Earliest Version or Latest Version as specified in each REST API endpoint description, or any sequential number inbetween. All schema attributes/body parameters are a part of version 1. After version 1, any attributes added or deprecated will be tagged with the version that they were added to or deprecated in. If no version is provided, the latest schema version is returned.
- idcs
Endpoint This property is required. String - The basic endpoint for the identity domain
- identity
Provider Id This property is required. String - ID of the resource
- attribute
Sets List<String> - A multi-valued list of strings indicating the return type of attribute definition. The specified set of attributes can be fetched by the return type of the attribute. One or more values can be given together to fetch more than one group of attributes. If 'attributes' query parameter is also available, union of the two is fetched. Valid values - all, always, never, request, default. Values are case-insensitive.
- attributes String
- A comma-delimited string that specifies the names of resource attributes that should be returned in the response. By default, a response that contains resource attributes contains only attributes that are defined in the schema for that resource type as returned=always or returned=default. An attribute that is defined as returned=request is returned in a response only if the request specifies its name in the value of this query parameter. If a request specifies this query parameter, the response contains the attributes that this query parameter specifies, as well as any attribute that is defined as returned=always.
- String
- The Authorization field value consists of credentials containing the authentication information of the user agent for the realm of the resource being requested.
- resource
Type StringSchema Version - An endpoint-specific schema version number to use in the Request. Allowed version values are Earliest Version or Latest Version as specified in each REST API endpoint description, or any sequential number inbetween. All schema attributes/body parameters are a part of version 1. After version 1, any attributes added or deprecated will be tagged with the version that they were added to or deprecated in. If no version is provided, the latest schema version is returned.
- idcs
Endpoint This property is required. string - The basic endpoint for the identity domain
- identity
Provider Id This property is required. string - ID of the resource
- attribute
Sets string[] - A multi-valued list of strings indicating the return type of attribute definition. The specified set of attributes can be fetched by the return type of the attribute. One or more values can be given together to fetch more than one group of attributes. If 'attributes' query parameter is also available, union of the two is fetched. Valid values - all, always, never, request, default. Values are case-insensitive.
- attributes string
- A comma-delimited string that specifies the names of resource attributes that should be returned in the response. By default, a response that contains resource attributes contains only attributes that are defined in the schema for that resource type as returned=always or returned=default. An attribute that is defined as returned=request is returned in a response only if the request specifies its name in the value of this query parameter. If a request specifies this query parameter, the response contains the attributes that this query parameter specifies, as well as any attribute that is defined as returned=always.
- string
- The Authorization field value consists of credentials containing the authentication information of the user agent for the realm of the resource being requested.
- resource
Type stringSchema Version - An endpoint-specific schema version number to use in the Request. Allowed version values are Earliest Version or Latest Version as specified in each REST API endpoint description, or any sequential number inbetween. All schema attributes/body parameters are a part of version 1. After version 1, any attributes added or deprecated will be tagged with the version that they were added to or deprecated in. If no version is provided, the latest schema version is returned.
- idcs_
endpoint This property is required. str - The basic endpoint for the identity domain
- identity_
provider_ id This property is required. str - ID of the resource
- attribute_
sets Sequence[str] - A multi-valued list of strings indicating the return type of attribute definition. The specified set of attributes can be fetched by the return type of the attribute. One or more values can be given together to fetch more than one group of attributes. If 'attributes' query parameter is also available, union of the two is fetched. Valid values - all, always, never, request, default. Values are case-insensitive.
- attributes str
- A comma-delimited string that specifies the names of resource attributes that should be returned in the response. By default, a response that contains resource attributes contains only attributes that are defined in the schema for that resource type as returned=always or returned=default. An attribute that is defined as returned=request is returned in a response only if the request specifies its name in the value of this query parameter. If a request specifies this query parameter, the response contains the attributes that this query parameter specifies, as well as any attribute that is defined as returned=always.
- str
- The Authorization field value consists of credentials containing the authentication information of the user agent for the realm of the resource being requested.
- resource_
type_ strschema_ version - An endpoint-specific schema version number to use in the Request. Allowed version values are Earliest Version or Latest Version as specified in each REST API endpoint description, or any sequential number inbetween. All schema attributes/body parameters are a part of version 1. After version 1, any attributes added or deprecated will be tagged with the version that they were added to or deprecated in. If no version is provided, the latest schema version is returned.
- idcs
Endpoint This property is required. String - The basic endpoint for the identity domain
- identity
Provider Id This property is required. String - ID of the resource
- attribute
Sets List<String> - A multi-valued list of strings indicating the return type of attribute definition. The specified set of attributes can be fetched by the return type of the attribute. One or more values can be given together to fetch more than one group of attributes. If 'attributes' query parameter is also available, union of the two is fetched. Valid values - all, always, never, request, default. Values are case-insensitive.
- attributes String
- A comma-delimited string that specifies the names of resource attributes that should be returned in the response. By default, a response that contains resource attributes contains only attributes that are defined in the schema for that resource type as returned=always or returned=default. An attribute that is defined as returned=request is returned in a response only if the request specifies its name in the value of this query parameter. If a request specifies this query parameter, the response contains the attributes that this query parameter specifies, as well as any attribute that is defined as returned=always.
- String
- The Authorization field value consists of credentials containing the authentication information of the user agent for the realm of the resource being requested.
- resource
Type StringSchema Version - An endpoint-specific schema version number to use in the Request. Allowed version values are Earliest Version or Latest Version as specified in each REST API endpoint description, or any sequential number inbetween. All schema attributes/body parameters are a part of version 1. After version 1, any attributes added or deprecated will be tagged with the version that they were added to or deprecated in. If no version is provided, the latest schema version is returned.
getDomainsIdentityProvider Result
The following output properties are available:
- Assertion
Attribute string - Assertion attribute name.
- Authn
Request stringBinding - HTTP binding to use for authentication requests.
- Compartment
Ocid string - Oracle Cloud Infrastructure Compartment Id (ocid) in which the resource lives.
- Correlation
Policies List<GetDomains Identity Provider Correlation Policy> - Correlation policy
- Delete
In boolProgress - A boolean flag indicating this resource in the process of being deleted. Usually set to true when synchronous deletion of the resource would take too long.
- Description string
- Description
- Domain
Ocid string - Oracle Cloud Infrastructure Domain Id (ocid) in which the resource lives.
- Enabled bool
- Set to true to indicate Partner enabled.
- Encryption
Certificate string - Encryption certificate
- External
Id string - An identifier for the Resource as defined by the Service Consumer. The externalId may simplify identification of the Resource between Service Consumer and Service Provider by allowing the Consumer to refer to the Resource with its own identifier, obviating the need to store a local mapping between the local identifier of the Resource and the identifier used by the Service Provider. Each Resource MAY include a non-empty externalId value. The value of the externalId attribute is always issued by the Service Consumer and can never be specified by the Service Provider. The Service Provider MUST always interpret the externalId as scoped to the Service Consumer's tenant.
- Icon
Url string - Identity Provider Icon URL.
- Id string
- Unique identifier for the SCIM Resource as defined by the Service Provider. Each representation of the Resource MUST include a non-empty id value. This identifier MUST be unique across the Service Provider's entire set of Resources. It MUST be a stable, non-reassignable identifier that does not change when the same Resource is returned in subsequent requests. The value of the id attribute is always issued by the Service Provider and MUST never be specified by the Service Consumer. bulkId: is a reserved keyword and MUST NOT be used in the unique identifier.
- Idcs
Created List<GetBies Domains Identity Provider Idcs Created By> - The User or App who created the Resource
- Idcs
Endpoint string - Idcs
Last List<GetModified Bies Domains Identity Provider Idcs Last Modified By> - The User or App who modified the Resource
- Idcs
Last stringUpgraded In Release - The release number when the resource was upgraded.
- Idcs
Prevented List<string>Operations - Each value of this attribute specifies an operation that only an internal client may perform on this particular resource.
- Identity
Provider stringId - Idp
Sso stringUrl - Identity Provider SSO URL
- Include
Signing boolCert In Signature - Set to true to include the signing certificate in the signature.
- Jit
User List<GetProv Assigned Groups Domains Identity Provider Jit User Prov Assigned Group> - Refers to every group of which a JIT-provisioned User should be a member. Just-in-Time user-provisioning applies this static list when jitUserProvGroupStaticListEnabled:true.
- Jit
User boolProv Attribute Update Enabled - Set to true to indicate JIT User Creation is enabled
- Jit
User List<GetProv Attributes Domains Identity Provider Jit User Prov Attribute> - Assertion To User Mapping
- Jit
User boolProv Create User Enabled - Set to true to indicate JIT User Creation is enabled
- Jit
User boolProv Enabled - Set to true to indicate JIT User Provisioning is enabled
- Jit
User boolProv Group Assertion Attribute Enabled - Set to true to indicate JIT User Provisioning Groups should be assigned based on assertion attribute
- Jit
User stringProv Group Assignment Method - The default value is 'Overwrite', which tells Just-In-Time user-provisioning to replace any current group-assignments for a User with those assigned by assertions and/or those assigned statically. Specify 'Merge' if you want Just-In-Time user-provisioning to combine its group-assignments with those the user already has.
- Jit
User stringProv Group Mapping Mode - Property to indicate the mode of group mapping
- Jit
User List<GetProv Group Mappings Domains Identity Provider Jit User Prov Group Mapping> - The list of mappings between the Identity Domain Group and the IDP group.
- Jit
User stringProv Group Saml Attribute Name - Name of the assertion attribute containing the users groups
- Jit
User boolProv Group Static List Enabled - Set to true to indicate JIT User Provisioning Groups should be assigned from a static list
- Jit
User boolProv Ignore Error On Absent Groups - Set to true to indicate ignoring absence of group while provisioning
- Last
Notification stringSent Time - Records the notification timestamp for the IdP whose signing certificate is about to expire
- Logout
Binding string - HTTP binding to use for logout.
- Logout
Enabled bool - Set to true to enable logout.
- Logout
Request stringUrl - Logout request URL
- Logout
Response stringUrl - Logout response URL
- Metadata string
- Metadata
- Metas
List<Get
Domains Identity Provider Meta> - A complex attribute that contains resource metadata. All sub-attributes are OPTIONAL.
- Name
Id stringFormat - Default authentication request name ID format.
- Ocid string
- Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.
- Partner
Name string - Unique name of the trusted Identity Provider.
- Partner
Provider stringId - Provider ID
- Requested
Authentication List<string>Contexts - SAML SP authentication type.
- Require
Force boolAuthn - This SP requires requests SAML IdP to enforce re-authentication.
- Requires
Encrypted boolAssertion - SAML SP must accept encrypted assertion only.
- Saml
Ho boolKrequired - SAML SP HoK Enabled.
- Schemas List<string>
- REQUIRED. The schemas attribute is an array of Strings which allows introspection of the supported schema version for a SCIM representation as well any schema extensions supported by that representation. Each String value must be a unique URI. This specification defines URIs for User, Group, and a standard "enterprise" extension. All representations of SCIM schema MUST include a non-zero value array with value(s) of the URIs supported by that representation. Duplicate values MUST NOT be included. Value order is not specified and MUST not impact behavior.
- Service
Instance stringIdentifier - The serviceInstanceIdentifier of the App that hosts this IdP. This value will match the opcServiceInstanceGUID of any service-instance that the IdP represents.
- Shown
On boolLogin Page - Set to true to indicate whether to show IdP in login page or not.
- Signature
Hash stringAlgorithm - Signature hash algorithm.
- Signing
Certificate string - Signing certificate
- Succinct
Id string - Succinct ID
- List<Get
Domains Identity Provider Tag> - A list of tags on this resource.
- Tenancy
Ocid string - Oracle Cloud Infrastructure Tenant Id (ocid) in which the resource lives.
- Tenant
Provider stringId - The alternate Provider ID to be used as the Oracle Identity Cloud Service providerID (instead of the one in SamlSettings) when interacting with this IdP.
- Type string
- Identity Provider Type
- List<Get
Domains Identity Provider Urnietfparamsscimschemasoracleidcsextensionsocial Identity Provider> - Social Identity Provider Extension Schema
- Urnietfparamsscimschemasoracleidcsextensionx509identity
Providers List<GetDomains Identity Provider Urnietfparamsscimschemasoracleidcsextensionx509identity Provider> - X509 Identity Provider Extension Schema
- User
Mapping stringMethod - User mapping method.
- User
Mapping stringStore Attribute - This property specifies the userstore attribute value that must match the incoming assertion attribute value or the incoming nameid attribute value in order to identify the user during SSO.You can construct the userMappingStoreAttribute value by specifying attributes from the Oracle Identity Cloud Service Core Users schema. For examples of how to construct the userMappingStoreAttribute value, see the Example of a Request Body section of the Examples tab for the POST and PUT methods of the /IdentityProviders endpoint.
- Attribute
Sets List<string> - Attributes string
- string
- Resource
Type stringSchema Version
- Assertion
Attribute string - Assertion attribute name.
- Authn
Request stringBinding - HTTP binding to use for authentication requests.
- Compartment
Ocid string - Oracle Cloud Infrastructure Compartment Id (ocid) in which the resource lives.
- Correlation
Policies []GetDomains Identity Provider Correlation Policy - Correlation policy
- Delete
In boolProgress - A boolean flag indicating this resource in the process of being deleted. Usually set to true when synchronous deletion of the resource would take too long.
- Description string
- Description
- Domain
Ocid string - Oracle Cloud Infrastructure Domain Id (ocid) in which the resource lives.
- Enabled bool
- Set to true to indicate Partner enabled.
- Encryption
Certificate string - Encryption certificate
- External
Id string - An identifier for the Resource as defined by the Service Consumer. The externalId may simplify identification of the Resource between Service Consumer and Service Provider by allowing the Consumer to refer to the Resource with its own identifier, obviating the need to store a local mapping between the local identifier of the Resource and the identifier used by the Service Provider. Each Resource MAY include a non-empty externalId value. The value of the externalId attribute is always issued by the Service Consumer and can never be specified by the Service Provider. The Service Provider MUST always interpret the externalId as scoped to the Service Consumer's tenant.
- Icon
Url string - Identity Provider Icon URL.
- Id string
- Unique identifier for the SCIM Resource as defined by the Service Provider. Each representation of the Resource MUST include a non-empty id value. This identifier MUST be unique across the Service Provider's entire set of Resources. It MUST be a stable, non-reassignable identifier that does not change when the same Resource is returned in subsequent requests. The value of the id attribute is always issued by the Service Provider and MUST never be specified by the Service Consumer. bulkId: is a reserved keyword and MUST NOT be used in the unique identifier.
- Idcs
Created []GetBies Domains Identity Provider Idcs Created By - The User or App who created the Resource
- Idcs
Endpoint string - Idcs
Last []GetModified Bies Domains Identity Provider Idcs Last Modified By - The User or App who modified the Resource
- Idcs
Last stringUpgraded In Release - The release number when the resource was upgraded.
- Idcs
Prevented []stringOperations - Each value of this attribute specifies an operation that only an internal client may perform on this particular resource.
- Identity
Provider stringId - Idp
Sso stringUrl - Identity Provider SSO URL
- Include
Signing boolCert In Signature - Set to true to include the signing certificate in the signature.
- Jit
User []GetProv Assigned Groups Domains Identity Provider Jit User Prov Assigned Group - Refers to every group of which a JIT-provisioned User should be a member. Just-in-Time user-provisioning applies this static list when jitUserProvGroupStaticListEnabled:true.
- Jit
User boolProv Attribute Update Enabled - Set to true to indicate JIT User Creation is enabled
- Jit
User []GetProv Attributes Domains Identity Provider Jit User Prov Attribute - Assertion To User Mapping
- Jit
User boolProv Create User Enabled - Set to true to indicate JIT User Creation is enabled
- Jit
User boolProv Enabled - Set to true to indicate JIT User Provisioning is enabled
- Jit
User boolProv Group Assertion Attribute Enabled - Set to true to indicate JIT User Provisioning Groups should be assigned based on assertion attribute
- Jit
User stringProv Group Assignment Method - The default value is 'Overwrite', which tells Just-In-Time user-provisioning to replace any current group-assignments for a User with those assigned by assertions and/or those assigned statically. Specify 'Merge' if you want Just-In-Time user-provisioning to combine its group-assignments with those the user already has.
- Jit
User stringProv Group Mapping Mode - Property to indicate the mode of group mapping
- Jit
User []GetProv Group Mappings Domains Identity Provider Jit User Prov Group Mapping - The list of mappings between the Identity Domain Group and the IDP group.
- Jit
User stringProv Group Saml Attribute Name - Name of the assertion attribute containing the users groups
- Jit
User boolProv Group Static List Enabled - Set to true to indicate JIT User Provisioning Groups should be assigned from a static list
- Jit
User boolProv Ignore Error On Absent Groups - Set to true to indicate ignoring absence of group while provisioning
- Last
Notification stringSent Time - Records the notification timestamp for the IdP whose signing certificate is about to expire
- Logout
Binding string - HTTP binding to use for logout.
- Logout
Enabled bool - Set to true to enable logout.
- Logout
Request stringUrl - Logout request URL
- Logout
Response stringUrl - Logout response URL
- Metadata string
- Metadata
- Metas
[]Get
Domains Identity Provider Meta - A complex attribute that contains resource metadata. All sub-attributes are OPTIONAL.
- Name
Id stringFormat - Default authentication request name ID format.
- Ocid string
- Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.
- Partner
Name string - Unique name of the trusted Identity Provider.
- Partner
Provider stringId - Provider ID
- Requested
Authentication []stringContexts - SAML SP authentication type.
- Require
Force boolAuthn - This SP requires requests SAML IdP to enforce re-authentication.
- Requires
Encrypted boolAssertion - SAML SP must accept encrypted assertion only.
- Saml
Ho boolKrequired - SAML SP HoK Enabled.
- Schemas []string
- REQUIRED. The schemas attribute is an array of Strings which allows introspection of the supported schema version for a SCIM representation as well any schema extensions supported by that representation. Each String value must be a unique URI. This specification defines URIs for User, Group, and a standard "enterprise" extension. All representations of SCIM schema MUST include a non-zero value array with value(s) of the URIs supported by that representation. Duplicate values MUST NOT be included. Value order is not specified and MUST not impact behavior.
- Service
Instance stringIdentifier - The serviceInstanceIdentifier of the App that hosts this IdP. This value will match the opcServiceInstanceGUID of any service-instance that the IdP represents.
- Shown
On boolLogin Page - Set to true to indicate whether to show IdP in login page or not.
- Signature
Hash stringAlgorithm - Signature hash algorithm.
- Signing
Certificate string - Signing certificate
- Succinct
Id string - Succinct ID
- []Get
Domains Identity Provider Tag - A list of tags on this resource.
- Tenancy
Ocid string - Oracle Cloud Infrastructure Tenant Id (ocid) in which the resource lives.
- Tenant
Provider stringId - The alternate Provider ID to be used as the Oracle Identity Cloud Service providerID (instead of the one in SamlSettings) when interacting with this IdP.
- Type string
- Identity Provider Type
- []Get
Domains Identity Provider Urnietfparamsscimschemasoracleidcsextensionsocial Identity Provider - Social Identity Provider Extension Schema
- Urnietfparamsscimschemasoracleidcsextensionx509identity
Providers []GetDomains Identity Provider Urnietfparamsscimschemasoracleidcsextensionx509identity Provider - X509 Identity Provider Extension Schema
- User
Mapping stringMethod - User mapping method.
- User
Mapping stringStore Attribute - This property specifies the userstore attribute value that must match the incoming assertion attribute value or the incoming nameid attribute value in order to identify the user during SSO.You can construct the userMappingStoreAttribute value by specifying attributes from the Oracle Identity Cloud Service Core Users schema. For examples of how to construct the userMappingStoreAttribute value, see the Example of a Request Body section of the Examples tab for the POST and PUT methods of the /IdentityProviders endpoint.
- Attribute
Sets []string - Attributes string
- string
- Resource
Type stringSchema Version
- assertion
Attribute String - Assertion attribute name.
- authn
Request StringBinding - HTTP binding to use for authentication requests.
- compartment
Ocid String - Oracle Cloud Infrastructure Compartment Id (ocid) in which the resource lives.
- correlation
Policies List<GetDomains Provider Correlation Policy> - Correlation policy
- delete
In BooleanProgress - A boolean flag indicating this resource in the process of being deleted. Usually set to true when synchronous deletion of the resource would take too long.
- description String
- Description
- domain
Ocid String - Oracle Cloud Infrastructure Domain Id (ocid) in which the resource lives.
- enabled Boolean
- Set to true to indicate Partner enabled.
- encryption
Certificate String - Encryption certificate
- external
Id String - An identifier for the Resource as defined by the Service Consumer. The externalId may simplify identification of the Resource between Service Consumer and Service Provider by allowing the Consumer to refer to the Resource with its own identifier, obviating the need to store a local mapping between the local identifier of the Resource and the identifier used by the Service Provider. Each Resource MAY include a non-empty externalId value. The value of the externalId attribute is always issued by the Service Consumer and can never be specified by the Service Provider. The Service Provider MUST always interpret the externalId as scoped to the Service Consumer's tenant.
- icon
Url String - Identity Provider Icon URL.
- id String
- Unique identifier for the SCIM Resource as defined by the Service Provider. Each representation of the Resource MUST include a non-empty id value. This identifier MUST be unique across the Service Provider's entire set of Resources. It MUST be a stable, non-reassignable identifier that does not change when the same Resource is returned in subsequent requests. The value of the id attribute is always issued by the Service Provider and MUST never be specified by the Service Consumer. bulkId: is a reserved keyword and MUST NOT be used in the unique identifier.
- idcs
Created List<GetBies Domains Provider Idcs Created By> - The User or App who created the Resource
- idcs
Endpoint String - idcs
Last List<GetModified Bies Domains Provider Idcs Last Modified By> - The User or App who modified the Resource
- idcs
Last StringUpgraded In Release - The release number when the resource was upgraded.
- idcs
Prevented List<String>Operations - Each value of this attribute specifies an operation that only an internal client may perform on this particular resource.
- identity
Provider StringId - idp
Sso StringUrl - Identity Provider SSO URL
- include
Signing BooleanCert In Signature - Set to true to include the signing certificate in the signature.
- jit
User List<GetProv Assigned Groups Domains Provider Jit User Prov Assigned Group> - Refers to every group of which a JIT-provisioned User should be a member. Just-in-Time user-provisioning applies this static list when jitUserProvGroupStaticListEnabled:true.
- jit
User BooleanProv Attribute Update Enabled - Set to true to indicate JIT User Creation is enabled
- jit
User List<GetProv Attributes Domains Provider Jit User Prov Attribute> - Assertion To User Mapping
- jit
User BooleanProv Create User Enabled - Set to true to indicate JIT User Creation is enabled
- jit
User BooleanProv Enabled - Set to true to indicate JIT User Provisioning is enabled
- jit
User BooleanProv Group Assertion Attribute Enabled - Set to true to indicate JIT User Provisioning Groups should be assigned based on assertion attribute
- jit
User StringProv Group Assignment Method - The default value is 'Overwrite', which tells Just-In-Time user-provisioning to replace any current group-assignments for a User with those assigned by assertions and/or those assigned statically. Specify 'Merge' if you want Just-In-Time user-provisioning to combine its group-assignments with those the user already has.
- jit
User StringProv Group Mapping Mode - Property to indicate the mode of group mapping
- jit
User List<GetProv Group Mappings Domains Provider Jit User Prov Group Mapping> - The list of mappings between the Identity Domain Group and the IDP group.
- jit
User StringProv Group Saml Attribute Name - Name of the assertion attribute containing the users groups
- jit
User BooleanProv Group Static List Enabled - Set to true to indicate JIT User Provisioning Groups should be assigned from a static list
- jit
User BooleanProv Ignore Error On Absent Groups - Set to true to indicate ignoring absence of group while provisioning
- last
Notification StringSent Time - Records the notification timestamp for the IdP whose signing certificate is about to expire
- logout
Binding String - HTTP binding to use for logout.
- logout
Enabled Boolean - Set to true to enable logout.
- logout
Request StringUrl - Logout request URL
- logout
Response StringUrl - Logout response URL
- metadata String
- Metadata
- metas
List<Get
Domains Provider Meta> - A complex attribute that contains resource metadata. All sub-attributes are OPTIONAL.
- name
Id StringFormat - Default authentication request name ID format.
- ocid String
- Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.
- partner
Name String - Unique name of the trusted Identity Provider.
- partner
Provider StringId - Provider ID
- requested
Authentication List<String>Contexts - SAML SP authentication type.
- require
Force BooleanAuthn - This SP requires requests SAML IdP to enforce re-authentication.
- requires
Encrypted BooleanAssertion - SAML SP must accept encrypted assertion only.
- saml
Ho BooleanKrequired - SAML SP HoK Enabled.
- schemas List<String>
- REQUIRED. The schemas attribute is an array of Strings which allows introspection of the supported schema version for a SCIM representation as well any schema extensions supported by that representation. Each String value must be a unique URI. This specification defines URIs for User, Group, and a standard "enterprise" extension. All representations of SCIM schema MUST include a non-zero value array with value(s) of the URIs supported by that representation. Duplicate values MUST NOT be included. Value order is not specified and MUST not impact behavior.
- service
Instance StringIdentifier - The serviceInstanceIdentifier of the App that hosts this IdP. This value will match the opcServiceInstanceGUID of any service-instance that the IdP represents.
- shown
On BooleanLogin Page - Set to true to indicate whether to show IdP in login page or not.
- signature
Hash StringAlgorithm - Signature hash algorithm.
- signing
Certificate String - Signing certificate
- succinct
Id String - Succinct ID
- List<Get
Domains Provider Tag> - A list of tags on this resource.
- tenancy
Ocid String - Oracle Cloud Infrastructure Tenant Id (ocid) in which the resource lives.
- tenant
Provider StringId - The alternate Provider ID to be used as the Oracle Identity Cloud Service providerID (instead of the one in SamlSettings) when interacting with this IdP.
- type String
- Identity Provider Type
- List<Get
Domains Provider Urnietfparamsscimschemasoracleidcsextensionsocial Provider> - Social Identity Provider Extension Schema
- urnietfparamsscimschemasoracleidcsextensionx509identity
Providers List<GetDomains Provider Urnietfparamsscimschemasoracleidcsextensionx509identity Provider> - X509 Identity Provider Extension Schema
- user
Mapping StringMethod - User mapping method.
- user
Mapping StringStore Attribute - This property specifies the userstore attribute value that must match the incoming assertion attribute value or the incoming nameid attribute value in order to identify the user during SSO.You can construct the userMappingStoreAttribute value by specifying attributes from the Oracle Identity Cloud Service Core Users schema. For examples of how to construct the userMappingStoreAttribute value, see the Example of a Request Body section of the Examples tab for the POST and PUT methods of the /IdentityProviders endpoint.
- attribute
Sets List<String> - attributes String
- String
- resource
Type StringSchema Version
- assertion
Attribute string - Assertion attribute name.
- authn
Request stringBinding - HTTP binding to use for authentication requests.
- compartment
Ocid string - Oracle Cloud Infrastructure Compartment Id (ocid) in which the resource lives.
- correlation
Policies GetDomains Identity Provider Correlation Policy[] - Correlation policy
- delete
In booleanProgress - A boolean flag indicating this resource in the process of being deleted. Usually set to true when synchronous deletion of the resource would take too long.
- description string
- Description
- domain
Ocid string - Oracle Cloud Infrastructure Domain Id (ocid) in which the resource lives.
- enabled boolean
- Set to true to indicate Partner enabled.
- encryption
Certificate string - Encryption certificate
- external
Id string - An identifier for the Resource as defined by the Service Consumer. The externalId may simplify identification of the Resource between Service Consumer and Service Provider by allowing the Consumer to refer to the Resource with its own identifier, obviating the need to store a local mapping between the local identifier of the Resource and the identifier used by the Service Provider. Each Resource MAY include a non-empty externalId value. The value of the externalId attribute is always issued by the Service Consumer and can never be specified by the Service Provider. The Service Provider MUST always interpret the externalId as scoped to the Service Consumer's tenant.
- icon
Url string - Identity Provider Icon URL.
- id string
- Unique identifier for the SCIM Resource as defined by the Service Provider. Each representation of the Resource MUST include a non-empty id value. This identifier MUST be unique across the Service Provider's entire set of Resources. It MUST be a stable, non-reassignable identifier that does not change when the same Resource is returned in subsequent requests. The value of the id attribute is always issued by the Service Provider and MUST never be specified by the Service Consumer. bulkId: is a reserved keyword and MUST NOT be used in the unique identifier.
- idcs
Created GetBies Domains Identity Provider Idcs Created By[] - The User or App who created the Resource
- idcs
Endpoint string - idcs
Last GetModified Bies Domains Identity Provider Idcs Last Modified By[] - The User or App who modified the Resource
- idcs
Last stringUpgraded In Release - The release number when the resource was upgraded.
- idcs
Prevented string[]Operations - Each value of this attribute specifies an operation that only an internal client may perform on this particular resource.
- identity
Provider stringId - idp
Sso stringUrl - Identity Provider SSO URL
- include
Signing booleanCert In Signature - Set to true to include the signing certificate in the signature.
- jit
User GetProv Assigned Groups Domains Identity Provider Jit User Prov Assigned Group[] - Refers to every group of which a JIT-provisioned User should be a member. Just-in-Time user-provisioning applies this static list when jitUserProvGroupStaticListEnabled:true.
- jit
User booleanProv Attribute Update Enabled - Set to true to indicate JIT User Creation is enabled
- jit
User GetProv Attributes Domains Identity Provider Jit User Prov Attribute[] - Assertion To User Mapping
- jit
User booleanProv Create User Enabled - Set to true to indicate JIT User Creation is enabled
- jit
User booleanProv Enabled - Set to true to indicate JIT User Provisioning is enabled
- jit
User booleanProv Group Assertion Attribute Enabled - Set to true to indicate JIT User Provisioning Groups should be assigned based on assertion attribute
- jit
User stringProv Group Assignment Method - The default value is 'Overwrite', which tells Just-In-Time user-provisioning to replace any current group-assignments for a User with those assigned by assertions and/or those assigned statically. Specify 'Merge' if you want Just-In-Time user-provisioning to combine its group-assignments with those the user already has.
- jit
User stringProv Group Mapping Mode - Property to indicate the mode of group mapping
- jit
User GetProv Group Mappings Domains Identity Provider Jit User Prov Group Mapping[] - The list of mappings between the Identity Domain Group and the IDP group.
- jit
User stringProv Group Saml Attribute Name - Name of the assertion attribute containing the users groups
- jit
User booleanProv Group Static List Enabled - Set to true to indicate JIT User Provisioning Groups should be assigned from a static list
- jit
User booleanProv Ignore Error On Absent Groups - Set to true to indicate ignoring absence of group while provisioning
- last
Notification stringSent Time - Records the notification timestamp for the IdP whose signing certificate is about to expire
- logout
Binding string - HTTP binding to use for logout.
- logout
Enabled boolean - Set to true to enable logout.
- logout
Request stringUrl - Logout request URL
- logout
Response stringUrl - Logout response URL
- metadata string
- Metadata
- metas
Get
Domains Identity Provider Meta[] - A complex attribute that contains resource metadata. All sub-attributes are OPTIONAL.
- name
Id stringFormat - Default authentication request name ID format.
- ocid string
- Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.
- partner
Name string - Unique name of the trusted Identity Provider.
- partner
Provider stringId - Provider ID
- requested
Authentication string[]Contexts - SAML SP authentication type.
- require
Force booleanAuthn - This SP requires requests SAML IdP to enforce re-authentication.
- requires
Encrypted booleanAssertion - SAML SP must accept encrypted assertion only.
- saml
Ho booleanKrequired - SAML SP HoK Enabled.
- schemas string[]
- REQUIRED. The schemas attribute is an array of Strings which allows introspection of the supported schema version for a SCIM representation as well any schema extensions supported by that representation. Each String value must be a unique URI. This specification defines URIs for User, Group, and a standard "enterprise" extension. All representations of SCIM schema MUST include a non-zero value array with value(s) of the URIs supported by that representation. Duplicate values MUST NOT be included. Value order is not specified and MUST not impact behavior.
- service
Instance stringIdentifier - The serviceInstanceIdentifier of the App that hosts this IdP. This value will match the opcServiceInstanceGUID of any service-instance that the IdP represents.
- shown
On booleanLogin Page - Set to true to indicate whether to show IdP in login page or not.
- signature
Hash stringAlgorithm - Signature hash algorithm.
- signing
Certificate string - Signing certificate
- succinct
Id string - Succinct ID
- Get
Domains Identity Provider Tag[] - A list of tags on this resource.
- tenancy
Ocid string - Oracle Cloud Infrastructure Tenant Id (ocid) in which the resource lives.
- tenant
Provider stringId - The alternate Provider ID to be used as the Oracle Identity Cloud Service providerID (instead of the one in SamlSettings) when interacting with this IdP.
- type string
- Identity Provider Type
- Get
Domains Identity Provider Urnietfparamsscimschemasoracleidcsextensionsocial Identity Provider[] - Social Identity Provider Extension Schema
- urnietfparamsscimschemasoracleidcsextensionx509identity
Providers GetDomains Identity Provider Urnietfparamsscimschemasoracleidcsextensionx509identity Provider[] - X509 Identity Provider Extension Schema
- user
Mapping stringMethod - User mapping method.
- user
Mapping stringStore Attribute - This property specifies the userstore attribute value that must match the incoming assertion attribute value or the incoming nameid attribute value in order to identify the user during SSO.You can construct the userMappingStoreAttribute value by specifying attributes from the Oracle Identity Cloud Service Core Users schema. For examples of how to construct the userMappingStoreAttribute value, see the Example of a Request Body section of the Examples tab for the POST and PUT methods of the /IdentityProviders endpoint.
- attribute
Sets string[] - attributes string
- string
- resource
Type stringSchema Version
- assertion_
attribute str - Assertion attribute name.
- authn_
request_ strbinding - HTTP binding to use for authentication requests.
- compartment_
ocid str - Oracle Cloud Infrastructure Compartment Id (ocid) in which the resource lives.
- correlation_
policies Sequence[identity.Get Domains Identity Provider Correlation Policy] - Correlation policy
- delete_
in_ boolprogress - A boolean flag indicating this resource in the process of being deleted. Usually set to true when synchronous deletion of the resource would take too long.
- description str
- Description
- domain_
ocid str - Oracle Cloud Infrastructure Domain Id (ocid) in which the resource lives.
- enabled bool
- Set to true to indicate Partner enabled.
- encryption_
certificate str - Encryption certificate
- external_
id str - An identifier for the Resource as defined by the Service Consumer. The externalId may simplify identification of the Resource between Service Consumer and Service Provider by allowing the Consumer to refer to the Resource with its own identifier, obviating the need to store a local mapping between the local identifier of the Resource and the identifier used by the Service Provider. Each Resource MAY include a non-empty externalId value. The value of the externalId attribute is always issued by the Service Consumer and can never be specified by the Service Provider. The Service Provider MUST always interpret the externalId as scoped to the Service Consumer's tenant.
- icon_
url str - Identity Provider Icon URL.
- id str
- Unique identifier for the SCIM Resource as defined by the Service Provider. Each representation of the Resource MUST include a non-empty id value. This identifier MUST be unique across the Service Provider's entire set of Resources. It MUST be a stable, non-reassignable identifier that does not change when the same Resource is returned in subsequent requests. The value of the id attribute is always issued by the Service Provider and MUST never be specified by the Service Consumer. bulkId: is a reserved keyword and MUST NOT be used in the unique identifier.
- idcs_
created_ Sequence[identity.bies Get Domains Identity Provider Idcs Created By] - The User or App who created the Resource
- idcs_
endpoint str - idcs_
last_ Sequence[identity.modified_ bies Get Domains Identity Provider Idcs Last Modified By] - The User or App who modified the Resource
- idcs_
last_ strupgraded_ in_ release - The release number when the resource was upgraded.
- idcs_
prevented_ Sequence[str]operations - Each value of this attribute specifies an operation that only an internal client may perform on this particular resource.
- identity_
provider_ strid - idp_
sso_ strurl - Identity Provider SSO URL
- include_
signing_ boolcert_ in_ signature - Set to true to include the signing certificate in the signature.
- jit_
user_ Sequence[identity.prov_ assigned_ groups Get Domains Identity Provider Jit User Prov Assigned Group] - Refers to every group of which a JIT-provisioned User should be a member. Just-in-Time user-provisioning applies this static list when jitUserProvGroupStaticListEnabled:true.
- jit_
user_ boolprov_ attribute_ update_ enabled - Set to true to indicate JIT User Creation is enabled
- jit_
user_ Sequence[identity.prov_ attributes Get Domains Identity Provider Jit User Prov Attribute] - Assertion To User Mapping
- jit_
user_ boolprov_ create_ user_ enabled - Set to true to indicate JIT User Creation is enabled
- jit_
user_ boolprov_ enabled - Set to true to indicate JIT User Provisioning is enabled
- jit_
user_ boolprov_ group_ assertion_ attribute_ enabled - Set to true to indicate JIT User Provisioning Groups should be assigned based on assertion attribute
- jit_
user_ strprov_ group_ assignment_ method - The default value is 'Overwrite', which tells Just-In-Time user-provisioning to replace any current group-assignments for a User with those assigned by assertions and/or those assigned statically. Specify 'Merge' if you want Just-In-Time user-provisioning to combine its group-assignments with those the user already has.
- jit_
user_ strprov_ group_ mapping_ mode - Property to indicate the mode of group mapping
- jit_
user_ Sequence[identity.prov_ group_ mappings Get Domains Identity Provider Jit User Prov Group Mapping] - The list of mappings between the Identity Domain Group and the IDP group.
- jit_
user_ strprov_ group_ saml_ attribute_ name - Name of the assertion attribute containing the users groups
- jit_
user_ boolprov_ group_ static_ list_ enabled - Set to true to indicate JIT User Provisioning Groups should be assigned from a static list
- jit_
user_ boolprov_ ignore_ error_ on_ absent_ groups - Set to true to indicate ignoring absence of group while provisioning
- last_
notification_ strsent_ time - Records the notification timestamp for the IdP whose signing certificate is about to expire
- logout_
binding str - HTTP binding to use for logout.
- logout_
enabled bool - Set to true to enable logout.
- logout_
request_ strurl - Logout request URL
- logout_
response_ strurl - Logout response URL
- metadata str
- Metadata
- metas
Sequence[identity.
Get Domains Identity Provider Meta] - A complex attribute that contains resource metadata. All sub-attributes are OPTIONAL.
- name_
id_ strformat - Default authentication request name ID format.
- ocid str
- Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.
- partner_
name str - Unique name of the trusted Identity Provider.
- partner_
provider_ strid - Provider ID
- requested_
authentication_ Sequence[str]contexts - SAML SP authentication type.
- require_
force_ boolauthn - This SP requires requests SAML IdP to enforce re-authentication.
- requires_
encrypted_ boolassertion - SAML SP must accept encrypted assertion only.
- saml_
ho_ boolkrequired - SAML SP HoK Enabled.
- schemas Sequence[str]
- REQUIRED. The schemas attribute is an array of Strings which allows introspection of the supported schema version for a SCIM representation as well any schema extensions supported by that representation. Each String value must be a unique URI. This specification defines URIs for User, Group, and a standard "enterprise" extension. All representations of SCIM schema MUST include a non-zero value array with value(s) of the URIs supported by that representation. Duplicate values MUST NOT be included. Value order is not specified and MUST not impact behavior.
- service_
instance_ stridentifier - The serviceInstanceIdentifier of the App that hosts this IdP. This value will match the opcServiceInstanceGUID of any service-instance that the IdP represents.
- shown_
on_ boollogin_ page - Set to true to indicate whether to show IdP in login page or not.
- signature_
hash_ stralgorithm - Signature hash algorithm.
- signing_
certificate str - Signing certificate
- succinct_
id str - Succinct ID
- Sequence[identity.
Get Domains Identity Provider Tag] - A list of tags on this resource.
- tenancy_
ocid str - Oracle Cloud Infrastructure Tenant Id (ocid) in which the resource lives.
- tenant_
provider_ strid - The alternate Provider ID to be used as the Oracle Identity Cloud Service providerID (instead of the one in SamlSettings) when interacting with this IdP.
- type str
- Identity Provider Type
- Sequence[identity.
Get Domains Identity Provider Urnietfparamsscimschemasoracleidcsextensionsocial Identity Provider] - Social Identity Provider Extension Schema
- urnietfparamsscimschemasoracleidcsextensionx509identity_
providers Sequence[identity.Get Domains Identity Provider Urnietfparamsscimschemasoracleidcsextensionx509identity Provider] - X509 Identity Provider Extension Schema
- user_
mapping_ strmethod - User mapping method.
- user_
mapping_ strstore_ attribute - This property specifies the userstore attribute value that must match the incoming assertion attribute value or the incoming nameid attribute value in order to identify the user during SSO.You can construct the userMappingStoreAttribute value by specifying attributes from the Oracle Identity Cloud Service Core Users schema. For examples of how to construct the userMappingStoreAttribute value, see the Example of a Request Body section of the Examples tab for the POST and PUT methods of the /IdentityProviders endpoint.
- attribute_
sets Sequence[str] - attributes str
- str
- resource_
type_ strschema_ version
- assertion
Attribute String - Assertion attribute name.
- authn
Request StringBinding - HTTP binding to use for authentication requests.
- compartment
Ocid String - Oracle Cloud Infrastructure Compartment Id (ocid) in which the resource lives.
- correlation
Policies List<Property Map> - Correlation policy
- delete
In BooleanProgress - A boolean flag indicating this resource in the process of being deleted. Usually set to true when synchronous deletion of the resource would take too long.
- description String
- Description
- domain
Ocid String - Oracle Cloud Infrastructure Domain Id (ocid) in which the resource lives.
- enabled Boolean
- Set to true to indicate Partner enabled.
- encryption
Certificate String - Encryption certificate
- external
Id String - An identifier for the Resource as defined by the Service Consumer. The externalId may simplify identification of the Resource between Service Consumer and Service Provider by allowing the Consumer to refer to the Resource with its own identifier, obviating the need to store a local mapping between the local identifier of the Resource and the identifier used by the Service Provider. Each Resource MAY include a non-empty externalId value. The value of the externalId attribute is always issued by the Service Consumer and can never be specified by the Service Provider. The Service Provider MUST always interpret the externalId as scoped to the Service Consumer's tenant.
- icon
Url String - Identity Provider Icon URL.
- id String
- Unique identifier for the SCIM Resource as defined by the Service Provider. Each representation of the Resource MUST include a non-empty id value. This identifier MUST be unique across the Service Provider's entire set of Resources. It MUST be a stable, non-reassignable identifier that does not change when the same Resource is returned in subsequent requests. The value of the id attribute is always issued by the Service Provider and MUST never be specified by the Service Consumer. bulkId: is a reserved keyword and MUST NOT be used in the unique identifier.
- idcs
Created List<Property Map>Bies - The User or App who created the Resource
- idcs
Endpoint String - idcs
Last List<Property Map>Modified Bies - The User or App who modified the Resource
- idcs
Last StringUpgraded In Release - The release number when the resource was upgraded.
- idcs
Prevented List<String>Operations - Each value of this attribute specifies an operation that only an internal client may perform on this particular resource.
- identity
Provider StringId - idp
Sso StringUrl - Identity Provider SSO URL
- include
Signing BooleanCert In Signature - Set to true to include the signing certificate in the signature.
- jit
User List<Property Map>Prov Assigned Groups - Refers to every group of which a JIT-provisioned User should be a member. Just-in-Time user-provisioning applies this static list when jitUserProvGroupStaticListEnabled:true.
- jit
User BooleanProv Attribute Update Enabled - Set to true to indicate JIT User Creation is enabled
- jit
User List<Property Map>Prov Attributes - Assertion To User Mapping
- jit
User BooleanProv Create User Enabled - Set to true to indicate JIT User Creation is enabled
- jit
User BooleanProv Enabled - Set to true to indicate JIT User Provisioning is enabled
- jit
User BooleanProv Group Assertion Attribute Enabled - Set to true to indicate JIT User Provisioning Groups should be assigned based on assertion attribute
- jit
User StringProv Group Assignment Method - The default value is 'Overwrite', which tells Just-In-Time user-provisioning to replace any current group-assignments for a User with those assigned by assertions and/or those assigned statically. Specify 'Merge' if you want Just-In-Time user-provisioning to combine its group-assignments with those the user already has.
- jit
User StringProv Group Mapping Mode - Property to indicate the mode of group mapping
- jit
User List<Property Map>Prov Group Mappings - The list of mappings between the Identity Domain Group and the IDP group.
- jit
User StringProv Group Saml Attribute Name - Name of the assertion attribute containing the users groups
- jit
User BooleanProv Group Static List Enabled - Set to true to indicate JIT User Provisioning Groups should be assigned from a static list
- jit
User BooleanProv Ignore Error On Absent Groups - Set to true to indicate ignoring absence of group while provisioning
- last
Notification StringSent Time - Records the notification timestamp for the IdP whose signing certificate is about to expire
- logout
Binding String - HTTP binding to use for logout.
- logout
Enabled Boolean - Set to true to enable logout.
- logout
Request StringUrl - Logout request URL
- logout
Response StringUrl - Logout response URL
- metadata String
- Metadata
- metas List<Property Map>
- A complex attribute that contains resource metadata. All sub-attributes are OPTIONAL.
- name
Id StringFormat - Default authentication request name ID format.
- ocid String
- Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.
- partner
Name String - Unique name of the trusted Identity Provider.
- partner
Provider StringId - Provider ID
- requested
Authentication List<String>Contexts - SAML SP authentication type.
- require
Force BooleanAuthn - This SP requires requests SAML IdP to enforce re-authentication.
- requires
Encrypted BooleanAssertion - SAML SP must accept encrypted assertion only.
- saml
Ho BooleanKrequired - SAML SP HoK Enabled.
- schemas List<String>
- REQUIRED. The schemas attribute is an array of Strings which allows introspection of the supported schema version for a SCIM representation as well any schema extensions supported by that representation. Each String value must be a unique URI. This specification defines URIs for User, Group, and a standard "enterprise" extension. All representations of SCIM schema MUST include a non-zero value array with value(s) of the URIs supported by that representation. Duplicate values MUST NOT be included. Value order is not specified and MUST not impact behavior.
- service
Instance StringIdentifier - The serviceInstanceIdentifier of the App that hosts this IdP. This value will match the opcServiceInstanceGUID of any service-instance that the IdP represents.
- shown
On BooleanLogin Page - Set to true to indicate whether to show IdP in login page or not.
- signature
Hash StringAlgorithm - Signature hash algorithm.
- signing
Certificate String - Signing certificate
- succinct
Id String - Succinct ID
- List<Property Map>
- A list of tags on this resource.
- tenancy
Ocid String - Oracle Cloud Infrastructure Tenant Id (ocid) in which the resource lives.
- tenant
Provider StringId - The alternate Provider ID to be used as the Oracle Identity Cloud Service providerID (instead of the one in SamlSettings) when interacting with this IdP.
- type String
- Identity Provider Type
- List<Property Map>
- Social Identity Provider Extension Schema
- urnietfparamsscimschemasoracleidcsextensionx509identity
Providers List<Property Map> - X509 Identity Provider Extension Schema
- user
Mapping StringMethod - User mapping method.
- user
Mapping StringStore Attribute - This property specifies the userstore attribute value that must match the incoming assertion attribute value or the incoming nameid attribute value in order to identify the user during SSO.You can construct the userMappingStoreAttribute value by specifying attributes from the Oracle Identity Cloud Service Core Users schema. For examples of how to construct the userMappingStoreAttribute value, see the Example of a Request Body section of the Examples tab for the POST and PUT methods of the /IdentityProviders endpoint.
- attribute
Sets List<String> - attributes String
- String
- resource
Type StringSchema Version
Supporting Types
GetDomainsIdentityProviderCorrelationPolicy
GetDomainsIdentityProviderIdcsCreatedBy
- Display
This property is required. string - A human readable name, primarily used for display purposes. READ-ONLY.
- Ocid
This property is required. string - Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.
- Ref
This property is required. string - Group URI
- Type
This property is required. string - Identity Provider Type
- Value
This property is required. string - Group identifier
- Display
This property is required. string - A human readable name, primarily used for display purposes. READ-ONLY.
- Ocid
This property is required. string - Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.
- Ref
This property is required. string - Group URI
- Type
This property is required. string - Identity Provider Type
- Value
This property is required. string - Group identifier
- display
This property is required. String - A human readable name, primarily used for display purposes. READ-ONLY.
- ocid
This property is required. String - Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.
- ref
This property is required. String - Group URI
- type
This property is required. String - Identity Provider Type
- value
This property is required. String - Group identifier
- display
This property is required. string - A human readable name, primarily used for display purposes. READ-ONLY.
- ocid
This property is required. string - Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.
- ref
This property is required. string - Group URI
- type
This property is required. string - Identity Provider Type
- value
This property is required. string - Group identifier
- display
This property is required. str - A human readable name, primarily used for display purposes. READ-ONLY.
- ocid
This property is required. str - Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.
- ref
This property is required. str - Group URI
- type
This property is required. str - Identity Provider Type
- value
This property is required. str - Group identifier
- display
This property is required. String - A human readable name, primarily used for display purposes. READ-ONLY.
- ocid
This property is required. String - Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.
- ref
This property is required. String - Group URI
- type
This property is required. String - Identity Provider Type
- value
This property is required. String - Group identifier
GetDomainsIdentityProviderIdcsLastModifiedBy
- Display
This property is required. string - A human readable name, primarily used for display purposes. READ-ONLY.
- Ocid
This property is required. string - Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.
- Ref
This property is required. string - Group URI
- Type
This property is required. string - Identity Provider Type
- Value
This property is required. string - Group identifier
- Display
This property is required. string - A human readable name, primarily used for display purposes. READ-ONLY.
- Ocid
This property is required. string - Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.
- Ref
This property is required. string - Group URI
- Type
This property is required. string - Identity Provider Type
- Value
This property is required. string - Group identifier
- display
This property is required. String - A human readable name, primarily used for display purposes. READ-ONLY.
- ocid
This property is required. String - Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.
- ref
This property is required. String - Group URI
- type
This property is required. String - Identity Provider Type
- value
This property is required. String - Group identifier
- display
This property is required. string - A human readable name, primarily used for display purposes. READ-ONLY.
- ocid
This property is required. string - Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.
- ref
This property is required. string - Group URI
- type
This property is required. string - Identity Provider Type
- value
This property is required. string - Group identifier
- display
This property is required. str - A human readable name, primarily used for display purposes. READ-ONLY.
- ocid
This property is required. str - Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.
- ref
This property is required. str - Group URI
- type
This property is required. str - Identity Provider Type
- value
This property is required. str - Group identifier
- display
This property is required. String - A human readable name, primarily used for display purposes. READ-ONLY.
- ocid
This property is required. String - Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.
- ref
This property is required. String - Group URI
- type
This property is required. String - Identity Provider Type
- value
This property is required. String - Group identifier
GetDomainsIdentityProviderJitUserProvAssignedGroup
GetDomainsIdentityProviderJitUserProvAttribute
GetDomainsIdentityProviderJitUserProvGroupMapping
GetDomainsIdentityProviderMeta
- Created
This property is required. string - The DateTime the Resource was added to the Service Provider
- Last
Modified This property is required. string - The most recent DateTime that the details of this Resource were updated at the Service Provider. If this Resource has never been modified since its initial creation, the value MUST be the same as the value of created. The attribute MUST be a DateTime.
- Location
This property is required. string - The URI of the Resource being returned. This value MUST be the same as the Location HTTP response header.
- Resource
Type This property is required. string - Name of the resource type of the resource--for example, Users or Groups
- Version
This property is required. string - The version of the Resource being returned. This value must be the same as the ETag HTTP response header.
- Created
This property is required. string - The DateTime the Resource was added to the Service Provider
- Last
Modified This property is required. string - The most recent DateTime that the details of this Resource were updated at the Service Provider. If this Resource has never been modified since its initial creation, the value MUST be the same as the value of created. The attribute MUST be a DateTime.
- Location
This property is required. string - The URI of the Resource being returned. This value MUST be the same as the Location HTTP response header.
- Resource
Type This property is required. string - Name of the resource type of the resource--for example, Users or Groups
- Version
This property is required. string - The version of the Resource being returned. This value must be the same as the ETag HTTP response header.
- created
This property is required. String - The DateTime the Resource was added to the Service Provider
- last
Modified This property is required. String - The most recent DateTime that the details of this Resource were updated at the Service Provider. If this Resource has never been modified since its initial creation, the value MUST be the same as the value of created. The attribute MUST be a DateTime.
- location
This property is required. String - The URI of the Resource being returned. This value MUST be the same as the Location HTTP response header.
- resource
Type This property is required. String - Name of the resource type of the resource--for example, Users or Groups
- version
This property is required. String - The version of the Resource being returned. This value must be the same as the ETag HTTP response header.
- created
This property is required. string - The DateTime the Resource was added to the Service Provider
- last
Modified This property is required. string - The most recent DateTime that the details of this Resource were updated at the Service Provider. If this Resource has never been modified since its initial creation, the value MUST be the same as the value of created. The attribute MUST be a DateTime.
- location
This property is required. string - The URI of the Resource being returned. This value MUST be the same as the Location HTTP response header.
- resource
Type This property is required. string - Name of the resource type of the resource--for example, Users or Groups
- version
This property is required. string - The version of the Resource being returned. This value must be the same as the ETag HTTP response header.
- created
This property is required. str - The DateTime the Resource was added to the Service Provider
- last_
modified This property is required. str - The most recent DateTime that the details of this Resource were updated at the Service Provider. If this Resource has never been modified since its initial creation, the value MUST be the same as the value of created. The attribute MUST be a DateTime.
- location
This property is required. str - The URI of the Resource being returned. This value MUST be the same as the Location HTTP response header.
- resource_
type This property is required. str - Name of the resource type of the resource--for example, Users or Groups
- version
This property is required. str - The version of the Resource being returned. This value must be the same as the ETag HTTP response header.
- created
This property is required. String - The DateTime the Resource was added to the Service Provider
- last
Modified This property is required. String - The most recent DateTime that the details of this Resource were updated at the Service Provider. If this Resource has never been modified since its initial creation, the value MUST be the same as the value of created. The attribute MUST be a DateTime.
- location
This property is required. String - The URI of the Resource being returned. This value MUST be the same as the Location HTTP response header.
- resource
Type This property is required. String - Name of the resource type of the resource--for example, Users or Groups
- version
This property is required. String - The version of the Resource being returned. This value must be the same as the ETag HTTP response header.
GetDomainsIdentityProviderTag
GetDomainsIdentityProviderUrnietfparamsscimschemasoracleidcsextensionsocialIdentityProvider
- Access
Token Url This property is required. string - Social IDP Access token URL
- Account
Linking Enabled This property is required. bool - Whether account linking is enabled
- Admin
Scopes This property is required. List<string> - Admin scope to request
- Authz
Url This property is required. string - Social IDP Authorization URL
- Auto
Redirect Enabled This property is required. bool - Whether social auto redirect is enabled. The IDP policy should be configured with only one Social IDP, and without username/password selected.
- Client
Credential In Payload This property is required. bool - Whether the client credential is contained in payload
- Clock
Skew In Seconds This property is required. int - Social IDP allowed clock skew time
- Consumer
Key This property is required. string - Social IDP Client Application Client ID
- Consumer
Secret This property is required. string - Social IDP Client Application Client Secret
- Discovery
Url This property is required. string - Discovery URL
- Id
Attribute This property is required. string - Id attribute used for account linking
- Jit
Prov Assigned Groups This property is required. List<GetDomains Identity Provider Urnietfparamsscimschemasoracleidcsextensionsocial Identity Provider Jit Prov Assigned Group> - Lists the groups each social JIT-provisioned user is a member. Just-in-Time user-provisioning applies this static list when jitProvGroupStaticListEnabled:true.
- Jit
Prov Group Static List Enabled This property is required. bool - Set to true to indicate Social JIT User Provisioning Groups should be assigned from a static list
- Profile
Url This property is required. string - Social IDP User profile URL
- Redirect
Url This property is required. string - redirect URL for social idp
- Registration
Enabled This property is required. bool - Whether registration is enabled
- Scopes
This property is required. List<string> - Scope to request
- Service
Provider Name This property is required. string - Service Provider Name
This property is required. bool- Whether Social JIT Provisioning is enabled
- Status
This property is required. string - Status
- Access
Token Url This property is required. string - Social IDP Access token URL
- Account
Linking Enabled This property is required. bool - Whether account linking is enabled
- Admin
Scopes This property is required. []string - Admin scope to request
- Authz
Url This property is required. string - Social IDP Authorization URL
- Auto
Redirect Enabled This property is required. bool - Whether social auto redirect is enabled. The IDP policy should be configured with only one Social IDP, and without username/password selected.
- Client
Credential In Payload This property is required. bool - Whether the client credential is contained in payload
- Clock
Skew In Seconds This property is required. int - Social IDP allowed clock skew time
- Consumer
Key This property is required. string - Social IDP Client Application Client ID
- Consumer
Secret This property is required. string - Social IDP Client Application Client Secret
- Discovery
Url This property is required. string - Discovery URL
- Id
Attribute This property is required. string - Id attribute used for account linking
- Jit
Prov Assigned Groups This property is required. []GetDomains Identity Provider Urnietfparamsscimschemasoracleidcsextensionsocial Identity Provider Jit Prov Assigned Group - Lists the groups each social JIT-provisioned user is a member. Just-in-Time user-provisioning applies this static list when jitProvGroupStaticListEnabled:true.
- Jit
Prov Group Static List Enabled This property is required. bool - Set to true to indicate Social JIT User Provisioning Groups should be assigned from a static list
- Profile
Url This property is required. string - Social IDP User profile URL
- Redirect
Url This property is required. string - redirect URL for social idp
- Registration
Enabled This property is required. bool - Whether registration is enabled
- Scopes
This property is required. []string - Scope to request
- Service
Provider Name This property is required. string - Service Provider Name
This property is required. bool- Whether Social JIT Provisioning is enabled
- Status
This property is required. string - Status
- access
Token Url This property is required. String - Social IDP Access token URL
- account
Linking Enabled This property is required. Boolean - Whether account linking is enabled
- admin
Scopes This property is required. List<String> - Admin scope to request
- authz
Url This property is required. String - Social IDP Authorization URL
- auto
Redirect Enabled This property is required. Boolean - Whether social auto redirect is enabled. The IDP policy should be configured with only one Social IDP, and without username/password selected.
- client
Credential In Payload This property is required. Boolean - Whether the client credential is contained in payload
- clock
Skew In Seconds This property is required. Integer - Social IDP allowed clock skew time
- consumer
Key This property is required. String - Social IDP Client Application Client ID
- consumer
Secret This property is required. String - Social IDP Client Application Client Secret
- discovery
Url This property is required. String - Discovery URL
- id
Attribute This property is required. String - Id attribute used for account linking
- jit
Prov Assigned Groups This property is required. List<GetDomains Provider Urnietfparamsscimschemasoracleidcsextensionsocial Provider Jit Prov Assigned Group> - Lists the groups each social JIT-provisioned user is a member. Just-in-Time user-provisioning applies this static list when jitProvGroupStaticListEnabled:true.
- jit
Prov Group Static List Enabled This property is required. Boolean - Set to true to indicate Social JIT User Provisioning Groups should be assigned from a static list
- profile
Url This property is required. String - Social IDP User profile URL
- redirect
Url This property is required. String - redirect URL for social idp
- registration
Enabled This property is required. Boolean - Whether registration is enabled
- scopes
This property is required. List<String> - Scope to request
- service
Provider Name This property is required. String - Service Provider Name
This property is required. Boolean- Whether Social JIT Provisioning is enabled
- status
This property is required. String - Status
- access
Token Url This property is required. string - Social IDP Access token URL
- account
Linking Enabled This property is required. boolean - Whether account linking is enabled
- admin
Scopes This property is required. string[] - Admin scope to request
- authz
Url This property is required. string - Social IDP Authorization URL
- auto
Redirect Enabled This property is required. boolean - Whether social auto redirect is enabled. The IDP policy should be configured with only one Social IDP, and without username/password selected.
- client
Credential In Payload This property is required. boolean - Whether the client credential is contained in payload
- clock
Skew In Seconds This property is required. number - Social IDP allowed clock skew time
- consumer
Key This property is required. string - Social IDP Client Application Client ID
- consumer
Secret This property is required. string - Social IDP Client Application Client Secret
- discovery
Url This property is required. string - Discovery URL
- id
Attribute This property is required. string - Id attribute used for account linking
- jit
Prov Assigned Groups This property is required. GetDomains Identity Provider Urnietfparamsscimschemasoracleidcsextensionsocial Identity Provider Jit Prov Assigned Group[] - Lists the groups each social JIT-provisioned user is a member. Just-in-Time user-provisioning applies this static list when jitProvGroupStaticListEnabled:true.
- jit
Prov Group Static List Enabled This property is required. boolean - Set to true to indicate Social JIT User Provisioning Groups should be assigned from a static list
- profile
Url This property is required. string - Social IDP User profile URL
- redirect
Url This property is required. string - redirect URL for social idp
- registration
Enabled This property is required. boolean - Whether registration is enabled
- scopes
This property is required. string[] - Scope to request
- service
Provider Name This property is required. string - Service Provider Name
This property is required. boolean- Whether Social JIT Provisioning is enabled
- status
This property is required. string - Status
- access_
token_ url This property is required. str - Social IDP Access token URL
- account_
linking_ enabled This property is required. bool - Whether account linking is enabled
- admin_
scopes This property is required. Sequence[str] - Admin scope to request
- authz_
url This property is required. str - Social IDP Authorization URL
- auto_
redirect_ enabled This property is required. bool - Whether social auto redirect is enabled. The IDP policy should be configured with only one Social IDP, and without username/password selected.
- client_
credential_ in_ payload This property is required. bool - Whether the client credential is contained in payload
- clock_
skew_ in_ seconds This property is required. int - Social IDP allowed clock skew time
- consumer_
key This property is required. str - Social IDP Client Application Client ID
- consumer_
secret This property is required. str - Social IDP Client Application Client Secret
- discovery_
url This property is required. str - Discovery URL
- id_
attribute This property is required. str - Id attribute used for account linking
- jit_
prov_ assigned_ groups This property is required. Sequence[identity.Get Domains Identity Provider Urnietfparamsscimschemasoracleidcsextensionsocial Identity Provider Jit Prov Assigned Group] - Lists the groups each social JIT-provisioned user is a member. Just-in-Time user-provisioning applies this static list when jitProvGroupStaticListEnabled:true.
- jit_
prov_ group_ static_ list_ enabled This property is required. bool - Set to true to indicate Social JIT User Provisioning Groups should be assigned from a static list
- profile_
url This property is required. str - Social IDP User profile URL
- redirect_
url This property is required. str - redirect URL for social idp
- registration_
enabled This property is required. bool - Whether registration is enabled
- scopes
This property is required. Sequence[str] - Scope to request
- service_
provider_ name This property is required. str - Service Provider Name
This property is required. bool- Whether Social JIT Provisioning is enabled
- status
This property is required. str - Status
- access
Token Url This property is required. String - Social IDP Access token URL
- account
Linking Enabled This property is required. Boolean - Whether account linking is enabled
- admin
Scopes This property is required. List<String> - Admin scope to request
- authz
Url This property is required. String - Social IDP Authorization URL
- auto
Redirect Enabled This property is required. Boolean - Whether social auto redirect is enabled. The IDP policy should be configured with only one Social IDP, and without username/password selected.
- client
Credential In Payload This property is required. Boolean - Whether the client credential is contained in payload
- clock
Skew In Seconds This property is required. Number - Social IDP allowed clock skew time
- consumer
Key This property is required. String - Social IDP Client Application Client ID
- consumer
Secret This property is required. String - Social IDP Client Application Client Secret
- discovery
Url This property is required. String - Discovery URL
- id
Attribute This property is required. String - Id attribute used for account linking
- jit
Prov Assigned Groups This property is required. List<Property Map> - Lists the groups each social JIT-provisioned user is a member. Just-in-Time user-provisioning applies this static list when jitProvGroupStaticListEnabled:true.
- jit
Prov Group Static List Enabled This property is required. Boolean - Set to true to indicate Social JIT User Provisioning Groups should be assigned from a static list
- profile
Url This property is required. String - Social IDP User profile URL
- redirect
Url This property is required. String - redirect URL for social idp
- registration
Enabled This property is required. Boolean - Whether registration is enabled
- scopes
This property is required. List<String> - Scope to request
- service
Provider Name This property is required. String - Service Provider Name
This property is required. Boolean- Whether Social JIT Provisioning is enabled
- status
This property is required. String - Status
GetDomainsIdentityProviderUrnietfparamsscimschemasoracleidcsextensionsocialIdentityProviderJitProvAssignedGroup
GetDomainsIdentityProviderUrnietfparamsscimschemasoracleidcsextensionx509identityProvider
- Cert
Match Attribute This property is required. string - X509 Certificate Matching Attribute
- Crl
Check On Ocsp Failure Enabled This property is required. bool - Fallback on CRL Validation if OCSP fails.
- Crl
Enabled This property is required. bool - Set to true to enable CRL Validation
- Crl
Location This property is required. string - CRL Location URL
- Crl
Reload Duration This property is required. int - Fetch the CRL contents every X minutes
- Eku
Validation Enabled This property is required. bool - Set to true to enable EKU Validation
- Eku
Values This property is required. List<string> - List of EKU which needs to be validated
- Ocsp
Allow Unknown Response Status This property is required. bool - Allow access if OCSP response is UNKNOWN or OCSP Responder does not respond within the timeout duration
- Ocsp
Enable Signed Response This property is required. bool - Describes if the OCSP response is signed
- Ocsp
Enabled This property is required. bool - Set to true to enable OCSP Validation
- Ocsp
Responder Url This property is required. string - This property specifies OCSP Responder URL.
- Ocsp
Revalidate Time This property is required. int - Revalidate OCSP status for user after X hours
- Ocsp
Server Name This property is required. string - This property specifies the OCSP Server alias name
- Ocsp
Trust Cert Chains This property is required. List<string> - OCSP Trusted Certificate Chain
- Other
Cert Match Attribute This property is required. string - Check for specific conditions of other certificate attributes
- Signing
Certificate Chains This property is required. List<string> - Certificate alias list to create a chain for the incoming client certificate
- User
Match Attribute This property is required. string - This property specifies the userstore attribute value that must match the incoming certificate attribute.
- Cert
Match Attribute This property is required. string - X509 Certificate Matching Attribute
- Crl
Check On Ocsp Failure Enabled This property is required. bool - Fallback on CRL Validation if OCSP fails.
- Crl
Enabled This property is required. bool - Set to true to enable CRL Validation
- Crl
Location This property is required. string - CRL Location URL
- Crl
Reload Duration This property is required. int - Fetch the CRL contents every X minutes
- Eku
Validation Enabled This property is required. bool - Set to true to enable EKU Validation
- Eku
Values This property is required. []string - List of EKU which needs to be validated
- Ocsp
Allow Unknown Response Status This property is required. bool - Allow access if OCSP response is UNKNOWN or OCSP Responder does not respond within the timeout duration
- Ocsp
Enable Signed Response This property is required. bool - Describes if the OCSP response is signed
- Ocsp
Enabled This property is required. bool - Set to true to enable OCSP Validation
- Ocsp
Responder Url This property is required. string - This property specifies OCSP Responder URL.
- Ocsp
Revalidate Time This property is required. int - Revalidate OCSP status for user after X hours
- Ocsp
Server Name This property is required. string - This property specifies the OCSP Server alias name
- Ocsp
Trust Cert Chains This property is required. []string - OCSP Trusted Certificate Chain
- Other
Cert Match Attribute This property is required. string - Check for specific conditions of other certificate attributes
- Signing
Certificate Chains This property is required. []string - Certificate alias list to create a chain for the incoming client certificate
- User
Match Attribute This property is required. string - This property specifies the userstore attribute value that must match the incoming certificate attribute.
- cert
Match Attribute This property is required. String - X509 Certificate Matching Attribute
- crl
Check On Ocsp Failure Enabled This property is required. Boolean - Fallback on CRL Validation if OCSP fails.
- crl
Enabled This property is required. Boolean - Set to true to enable CRL Validation
- crl
Location This property is required. String - CRL Location URL
- crl
Reload Duration This property is required. Integer - Fetch the CRL contents every X minutes
- eku
Validation Enabled This property is required. Boolean - Set to true to enable EKU Validation
- eku
Values This property is required. List<String> - List of EKU which needs to be validated
- ocsp
Allow Unknown Response Status This property is required. Boolean - Allow access if OCSP response is UNKNOWN or OCSP Responder does not respond within the timeout duration
- ocsp
Enable Signed Response This property is required. Boolean - Describes if the OCSP response is signed
- ocsp
Enabled This property is required. Boolean - Set to true to enable OCSP Validation
- ocsp
Responder Url This property is required. String - This property specifies OCSP Responder URL.
- ocsp
Revalidate Time This property is required. Integer - Revalidate OCSP status for user after X hours
- ocsp
Server Name This property is required. String - This property specifies the OCSP Server alias name
- ocsp
Trust Cert Chains This property is required. List<String> - OCSP Trusted Certificate Chain
- other
Cert Match Attribute This property is required. String - Check for specific conditions of other certificate attributes
- signing
Certificate Chains This property is required. List<String> - Certificate alias list to create a chain for the incoming client certificate
- user
Match Attribute This property is required. String - This property specifies the userstore attribute value that must match the incoming certificate attribute.
- cert
Match Attribute This property is required. string - X509 Certificate Matching Attribute
- crl
Check On Ocsp Failure Enabled This property is required. boolean - Fallback on CRL Validation if OCSP fails.
- crl
Enabled This property is required. boolean - Set to true to enable CRL Validation
- crl
Location This property is required. string - CRL Location URL
- crl
Reload Duration This property is required. number - Fetch the CRL contents every X minutes
- eku
Validation Enabled This property is required. boolean - Set to true to enable EKU Validation
- eku
Values This property is required. string[] - List of EKU which needs to be validated
- ocsp
Allow Unknown Response Status This property is required. boolean - Allow access if OCSP response is UNKNOWN or OCSP Responder does not respond within the timeout duration
- ocsp
Enable Signed Response This property is required. boolean - Describes if the OCSP response is signed
- ocsp
Enabled This property is required. boolean - Set to true to enable OCSP Validation
- ocsp
Responder Url This property is required. string - This property specifies OCSP Responder URL.
- ocsp
Revalidate Time This property is required. number - Revalidate OCSP status for user after X hours
- ocsp
Server Name This property is required. string - This property specifies the OCSP Server alias name
- ocsp
Trust Cert Chains This property is required. string[] - OCSP Trusted Certificate Chain
- other
Cert Match Attribute This property is required. string - Check for specific conditions of other certificate attributes
- signing
Certificate Chains This property is required. string[] - Certificate alias list to create a chain for the incoming client certificate
- user
Match Attribute This property is required. string - This property specifies the userstore attribute value that must match the incoming certificate attribute.
- cert_
match_ attribute This property is required. str - X509 Certificate Matching Attribute
- crl_
check_ on_ ocsp_ failure_ enabled This property is required. bool - Fallback on CRL Validation if OCSP fails.
- crl_
enabled This property is required. bool - Set to true to enable CRL Validation
- crl_
location This property is required. str - CRL Location URL
- crl_
reload_ duration This property is required. int - Fetch the CRL contents every X minutes
- eku_
validation_ enabled This property is required. bool - Set to true to enable EKU Validation
- eku_
values This property is required. Sequence[str] - List of EKU which needs to be validated
- ocsp_
allow_ unknown_ response_ status This property is required. bool - Allow access if OCSP response is UNKNOWN or OCSP Responder does not respond within the timeout duration
- ocsp_
enable_ signed_ response This property is required. bool - Describes if the OCSP response is signed
- ocsp_
enabled This property is required. bool - Set to true to enable OCSP Validation
- ocsp_
responder_ url This property is required. str - This property specifies OCSP Responder URL.
- ocsp_
revalidate_ time This property is required. int - Revalidate OCSP status for user after X hours
- ocsp_
server_ name This property is required. str - This property specifies the OCSP Server alias name
- ocsp_
trust_ cert_ chains This property is required. Sequence[str] - OCSP Trusted Certificate Chain
- other_
cert_ match_ attribute This property is required. str - Check for specific conditions of other certificate attributes
- signing_
certificate_ chains This property is required. Sequence[str] - Certificate alias list to create a chain for the incoming client certificate
- user_
match_ attribute This property is required. str - This property specifies the userstore attribute value that must match the incoming certificate attribute.
- cert
Match Attribute This property is required. String - X509 Certificate Matching Attribute
- crl
Check On Ocsp Failure Enabled This property is required. Boolean - Fallback on CRL Validation if OCSP fails.
- crl
Enabled This property is required. Boolean - Set to true to enable CRL Validation
- crl
Location This property is required. String - CRL Location URL
- crl
Reload Duration This property is required. Number - Fetch the CRL contents every X minutes
- eku
Validation Enabled This property is required. Boolean - Set to true to enable EKU Validation
- eku
Values This property is required. List<String> - List of EKU which needs to be validated
- ocsp
Allow Unknown Response Status This property is required. Boolean - Allow access if OCSP response is UNKNOWN or OCSP Responder does not respond within the timeout duration
- ocsp
Enable Signed Response This property is required. Boolean - Describes if the OCSP response is signed
- ocsp
Enabled This property is required. Boolean - Set to true to enable OCSP Validation
- ocsp
Responder Url This property is required. String - This property specifies OCSP Responder URL.
- ocsp
Revalidate Time This property is required. Number - Revalidate OCSP status for user after X hours
- ocsp
Server Name This property is required. String - This property specifies the OCSP Server alias name
- ocsp
Trust Cert Chains This property is required. List<String> - OCSP Trusted Certificate Chain
- other
Cert Match Attribute This property is required. String - Check for specific conditions of other certificate attributes
- signing
Certificate Chains This property is required. List<String> - Certificate alias list to create a chain for the incoming client certificate
- user
Match Attribute This property is required. String - This property specifies the userstore attribute value that must match the incoming certificate attribute.
Package Details
- Repository
- oci pulumi/pulumi-oci
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
oci
Terraform Provider.