1. Packages
  2. Oracle Cloud Infrastructure
  3. API Docs
  4. Identity
  5. getDomainsIdentityProvider
Oracle Cloud Infrastructure v2.31.0 published on Thursday, Apr 17, 2025 by Pulumi

oci.Identity.getDomainsIdentityProvider

Explore with Pulumi AI

Oracle Cloud Infrastructure v2.31.0 published on Thursday, Apr 17, 2025 by Pulumi

This data source provides details about a specific Identity Provider resource in Oracle Cloud Infrastructure Identity Domains service.

Get an Identity Provider

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as oci from "@pulumi/oci";

const testIdentityProvider = oci.Identity.getDomainsIdentityProvider({
    idcsEndpoint: testDomain.url,
    identityProviderId: testIdentityProviderOciIdentityIdentityProvider.id,
    attributeSets: [],
    attributes: "",
    authorization: identityProviderAuthorization,
    resourceTypeSchemaVersion: identityProviderResourceTypeSchemaVersion,
});
Copy
import pulumi
import pulumi_oci as oci

test_identity_provider = oci.Identity.get_domains_identity_provider(idcs_endpoint=test_domain["url"],
    identity_provider_id=test_identity_provider_oci_identity_identity_provider["id"],
    attribute_sets=[],
    attributes="",
    authorization=identity_provider_authorization,
    resource_type_schema_version=identity_provider_resource_type_schema_version)
Copy
package main

import (
	"github.com/pulumi/pulumi-oci/sdk/v2/go/oci/identity"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := identity.GetDomainsIdentityProvider(ctx, &identity.GetDomainsIdentityProviderArgs{
			IdcsEndpoint:              testDomain.Url,
			IdentityProviderId:        testIdentityProviderOciIdentityIdentityProvider.Id,
			AttributeSets:             []interface{}{},
			Attributes:                pulumi.StringRef(""),
			Authorization:             pulumi.StringRef(identityProviderAuthorization),
			ResourceTypeSchemaVersion: pulumi.StringRef(identityProviderResourceTypeSchemaVersion),
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}
Copy
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Oci = Pulumi.Oci;

return await Deployment.RunAsync(() => 
{
    var testIdentityProvider = Oci.Identity.GetDomainsIdentityProvider.Invoke(new()
    {
        IdcsEndpoint = testDomain.Url,
        IdentityProviderId = testIdentityProviderOciIdentityIdentityProvider.Id,
        AttributeSets = new() { },
        Attributes = "",
        Authorization = identityProviderAuthorization,
        ResourceTypeSchemaVersion = identityProviderResourceTypeSchemaVersion,
    });

});
Copy
package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.oci.Identity.IdentityFunctions;
import com.pulumi.oci.Identity.inputs.GetDomainsIdentityProviderArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        final var testIdentityProvider = IdentityFunctions.getDomainsIdentityProvider(GetDomainsIdentityProviderArgs.builder()
            .idcsEndpoint(testDomain.url())
            .identityProviderId(testIdentityProviderOciIdentityIdentityProvider.id())
            .attributeSets()
            .attributes("")
            .authorization(identityProviderAuthorization)
            .resourceTypeSchemaVersion(identityProviderResourceTypeSchemaVersion)
            .build());

    }
}
Copy
variables:
  testIdentityProvider:
    fn::invoke:
      function: oci:Identity:getDomainsIdentityProvider
      arguments:
        idcsEndpoint: ${testDomain.url}
        identityProviderId: ${testIdentityProviderOciIdentityIdentityProvider.id}
        attributeSets: []
        attributes: ""
        authorization: ${identityProviderAuthorization}
        resourceTypeSchemaVersion: ${identityProviderResourceTypeSchemaVersion}
Copy

Using getDomainsIdentityProvider

Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.

function getDomainsIdentityProvider(args: GetDomainsIdentityProviderArgs, opts?: InvokeOptions): Promise<GetDomainsIdentityProviderResult>
function getDomainsIdentityProviderOutput(args: GetDomainsIdentityProviderOutputArgs, opts?: InvokeOptions): Output<GetDomainsIdentityProviderResult>
Copy
def get_domains_identity_provider(attribute_sets: Optional[Sequence[str]] = None,
                                  attributes: Optional[str] = None,
                                  authorization: Optional[str] = None,
                                  idcs_endpoint: Optional[str] = None,
                                  identity_provider_id: Optional[str] = None,
                                  resource_type_schema_version: Optional[str] = None,
                                  opts: Optional[InvokeOptions] = None) -> GetDomainsIdentityProviderResult
def get_domains_identity_provider_output(attribute_sets: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
                                  attributes: Optional[pulumi.Input[str]] = None,
                                  authorization: Optional[pulumi.Input[str]] = None,
                                  idcs_endpoint: Optional[pulumi.Input[str]] = None,
                                  identity_provider_id: Optional[pulumi.Input[str]] = None,
                                  resource_type_schema_version: Optional[pulumi.Input[str]] = None,
                                  opts: Optional[InvokeOptions] = None) -> Output[GetDomainsIdentityProviderResult]
Copy
func GetDomainsIdentityProvider(ctx *Context, args *GetDomainsIdentityProviderArgs, opts ...InvokeOption) (*GetDomainsIdentityProviderResult, error)
func GetDomainsIdentityProviderOutput(ctx *Context, args *GetDomainsIdentityProviderOutputArgs, opts ...InvokeOption) GetDomainsIdentityProviderResultOutput
Copy

> Note: This function is named GetDomainsIdentityProvider in the Go SDK.

public static class GetDomainsIdentityProvider 
{
    public static Task<GetDomainsIdentityProviderResult> InvokeAsync(GetDomainsIdentityProviderArgs args, InvokeOptions? opts = null)
    public static Output<GetDomainsIdentityProviderResult> Invoke(GetDomainsIdentityProviderInvokeArgs args, InvokeOptions? opts = null)
}
Copy
public static CompletableFuture<GetDomainsIdentityProviderResult> getDomainsIdentityProvider(GetDomainsIdentityProviderArgs args, InvokeOptions options)
public static Output<GetDomainsIdentityProviderResult> getDomainsIdentityProvider(GetDomainsIdentityProviderArgs args, InvokeOptions options)
Copy
fn::invoke:
  function: oci:Identity/getDomainsIdentityProvider:getDomainsIdentityProvider
  arguments:
    # arguments dictionary
Copy

The following arguments are supported:

IdcsEndpoint This property is required. string
The basic endpoint for the identity domain
IdentityProviderId This property is required. string
ID of the resource
AttributeSets List<string>
A multi-valued list of strings indicating the return type of attribute definition. The specified set of attributes can be fetched by the return type of the attribute. One or more values can be given together to fetch more than one group of attributes. If 'attributes' query parameter is also available, union of the two is fetched. Valid values - all, always, never, request, default. Values are case-insensitive.
Attributes string
A comma-delimited string that specifies the names of resource attributes that should be returned in the response. By default, a response that contains resource attributes contains only attributes that are defined in the schema for that resource type as returned=always or returned=default. An attribute that is defined as returned=request is returned in a response only if the request specifies its name in the value of this query parameter. If a request specifies this query parameter, the response contains the attributes that this query parameter specifies, as well as any attribute that is defined as returned=always.
Authorization string
The Authorization field value consists of credentials containing the authentication information of the user agent for the realm of the resource being requested.
ResourceTypeSchemaVersion string
An endpoint-specific schema version number to use in the Request. Allowed version values are Earliest Version or Latest Version as specified in each REST API endpoint description, or any sequential number inbetween. All schema attributes/body parameters are a part of version 1. After version 1, any attributes added or deprecated will be tagged with the version that they were added to or deprecated in. If no version is provided, the latest schema version is returned.
IdcsEndpoint This property is required. string
The basic endpoint for the identity domain
IdentityProviderId This property is required. string
ID of the resource
AttributeSets []string
A multi-valued list of strings indicating the return type of attribute definition. The specified set of attributes can be fetched by the return type of the attribute. One or more values can be given together to fetch more than one group of attributes. If 'attributes' query parameter is also available, union of the two is fetched. Valid values - all, always, never, request, default. Values are case-insensitive.
Attributes string
A comma-delimited string that specifies the names of resource attributes that should be returned in the response. By default, a response that contains resource attributes contains only attributes that are defined in the schema for that resource type as returned=always or returned=default. An attribute that is defined as returned=request is returned in a response only if the request specifies its name in the value of this query parameter. If a request specifies this query parameter, the response contains the attributes that this query parameter specifies, as well as any attribute that is defined as returned=always.
Authorization string
The Authorization field value consists of credentials containing the authentication information of the user agent for the realm of the resource being requested.
ResourceTypeSchemaVersion string
An endpoint-specific schema version number to use in the Request. Allowed version values are Earliest Version or Latest Version as specified in each REST API endpoint description, or any sequential number inbetween. All schema attributes/body parameters are a part of version 1. After version 1, any attributes added or deprecated will be tagged with the version that they were added to or deprecated in. If no version is provided, the latest schema version is returned.
idcsEndpoint This property is required. String
The basic endpoint for the identity domain
identityProviderId This property is required. String
ID of the resource
attributeSets List<String>
A multi-valued list of strings indicating the return type of attribute definition. The specified set of attributes can be fetched by the return type of the attribute. One or more values can be given together to fetch more than one group of attributes. If 'attributes' query parameter is also available, union of the two is fetched. Valid values - all, always, never, request, default. Values are case-insensitive.
attributes String
A comma-delimited string that specifies the names of resource attributes that should be returned in the response. By default, a response that contains resource attributes contains only attributes that are defined in the schema for that resource type as returned=always or returned=default. An attribute that is defined as returned=request is returned in a response only if the request specifies its name in the value of this query parameter. If a request specifies this query parameter, the response contains the attributes that this query parameter specifies, as well as any attribute that is defined as returned=always.
authorization String
The Authorization field value consists of credentials containing the authentication information of the user agent for the realm of the resource being requested.
resourceTypeSchemaVersion String
An endpoint-specific schema version number to use in the Request. Allowed version values are Earliest Version or Latest Version as specified in each REST API endpoint description, or any sequential number inbetween. All schema attributes/body parameters are a part of version 1. After version 1, any attributes added or deprecated will be tagged with the version that they were added to or deprecated in. If no version is provided, the latest schema version is returned.
idcsEndpoint This property is required. string
The basic endpoint for the identity domain
identityProviderId This property is required. string
ID of the resource
attributeSets string[]
A multi-valued list of strings indicating the return type of attribute definition. The specified set of attributes can be fetched by the return type of the attribute. One or more values can be given together to fetch more than one group of attributes. If 'attributes' query parameter is also available, union of the two is fetched. Valid values - all, always, never, request, default. Values are case-insensitive.
attributes string
A comma-delimited string that specifies the names of resource attributes that should be returned in the response. By default, a response that contains resource attributes contains only attributes that are defined in the schema for that resource type as returned=always or returned=default. An attribute that is defined as returned=request is returned in a response only if the request specifies its name in the value of this query parameter. If a request specifies this query parameter, the response contains the attributes that this query parameter specifies, as well as any attribute that is defined as returned=always.
authorization string
The Authorization field value consists of credentials containing the authentication information of the user agent for the realm of the resource being requested.
resourceTypeSchemaVersion string
An endpoint-specific schema version number to use in the Request. Allowed version values are Earliest Version or Latest Version as specified in each REST API endpoint description, or any sequential number inbetween. All schema attributes/body parameters are a part of version 1. After version 1, any attributes added or deprecated will be tagged with the version that they were added to or deprecated in. If no version is provided, the latest schema version is returned.
idcs_endpoint This property is required. str
The basic endpoint for the identity domain
identity_provider_id This property is required. str
ID of the resource
attribute_sets Sequence[str]
A multi-valued list of strings indicating the return type of attribute definition. The specified set of attributes can be fetched by the return type of the attribute. One or more values can be given together to fetch more than one group of attributes. If 'attributes' query parameter is also available, union of the two is fetched. Valid values - all, always, never, request, default. Values are case-insensitive.
attributes str
A comma-delimited string that specifies the names of resource attributes that should be returned in the response. By default, a response that contains resource attributes contains only attributes that are defined in the schema for that resource type as returned=always or returned=default. An attribute that is defined as returned=request is returned in a response only if the request specifies its name in the value of this query parameter. If a request specifies this query parameter, the response contains the attributes that this query parameter specifies, as well as any attribute that is defined as returned=always.
authorization str
The Authorization field value consists of credentials containing the authentication information of the user agent for the realm of the resource being requested.
resource_type_schema_version str
An endpoint-specific schema version number to use in the Request. Allowed version values are Earliest Version or Latest Version as specified in each REST API endpoint description, or any sequential number inbetween. All schema attributes/body parameters are a part of version 1. After version 1, any attributes added or deprecated will be tagged with the version that they were added to or deprecated in. If no version is provided, the latest schema version is returned.
idcsEndpoint This property is required. String
The basic endpoint for the identity domain
identityProviderId This property is required. String
ID of the resource
attributeSets List<String>
A multi-valued list of strings indicating the return type of attribute definition. The specified set of attributes can be fetched by the return type of the attribute. One or more values can be given together to fetch more than one group of attributes. If 'attributes' query parameter is also available, union of the two is fetched. Valid values - all, always, never, request, default. Values are case-insensitive.
attributes String
A comma-delimited string that specifies the names of resource attributes that should be returned in the response. By default, a response that contains resource attributes contains only attributes that are defined in the schema for that resource type as returned=always or returned=default. An attribute that is defined as returned=request is returned in a response only if the request specifies its name in the value of this query parameter. If a request specifies this query parameter, the response contains the attributes that this query parameter specifies, as well as any attribute that is defined as returned=always.
authorization String
The Authorization field value consists of credentials containing the authentication information of the user agent for the realm of the resource being requested.
resourceTypeSchemaVersion String
An endpoint-specific schema version number to use in the Request. Allowed version values are Earliest Version or Latest Version as specified in each REST API endpoint description, or any sequential number inbetween. All schema attributes/body parameters are a part of version 1. After version 1, any attributes added or deprecated will be tagged with the version that they were added to or deprecated in. If no version is provided, the latest schema version is returned.

getDomainsIdentityProvider Result

The following output properties are available:

AssertionAttribute string
Assertion attribute name.
AuthnRequestBinding string
HTTP binding to use for authentication requests.
CompartmentOcid string
Oracle Cloud Infrastructure Compartment Id (ocid) in which the resource lives.
CorrelationPolicies List<GetDomainsIdentityProviderCorrelationPolicy>
Correlation policy
DeleteInProgress bool
A boolean flag indicating this resource in the process of being deleted. Usually set to true when synchronous deletion of the resource would take too long.
Description string
Description
DomainOcid string
Oracle Cloud Infrastructure Domain Id (ocid) in which the resource lives.
Enabled bool
Set to true to indicate Partner enabled.
EncryptionCertificate string
Encryption certificate
ExternalId string
An identifier for the Resource as defined by the Service Consumer. The externalId may simplify identification of the Resource between Service Consumer and Service Provider by allowing the Consumer to refer to the Resource with its own identifier, obviating the need to store a local mapping between the local identifier of the Resource and the identifier used by the Service Provider. Each Resource MAY include a non-empty externalId value. The value of the externalId attribute is always issued by the Service Consumer and can never be specified by the Service Provider. The Service Provider MUST always interpret the externalId as scoped to the Service Consumer's tenant.
IconUrl string
Identity Provider Icon URL.
Id string
Unique identifier for the SCIM Resource as defined by the Service Provider. Each representation of the Resource MUST include a non-empty id value. This identifier MUST be unique across the Service Provider's entire set of Resources. It MUST be a stable, non-reassignable identifier that does not change when the same Resource is returned in subsequent requests. The value of the id attribute is always issued by the Service Provider and MUST never be specified by the Service Consumer. bulkId: is a reserved keyword and MUST NOT be used in the unique identifier.
IdcsCreatedBies List<GetDomainsIdentityProviderIdcsCreatedBy>
The User or App who created the Resource
IdcsEndpoint string
IdcsLastModifiedBies List<GetDomainsIdentityProviderIdcsLastModifiedBy>
The User or App who modified the Resource
IdcsLastUpgradedInRelease string
The release number when the resource was upgraded.
IdcsPreventedOperations List<string>
Each value of this attribute specifies an operation that only an internal client may perform on this particular resource.
IdentityProviderId string
IdpSsoUrl string
Identity Provider SSO URL
IncludeSigningCertInSignature bool
Set to true to include the signing certificate in the signature.
JitUserProvAssignedGroups List<GetDomainsIdentityProviderJitUserProvAssignedGroup>
Refers to every group of which a JIT-provisioned User should be a member. Just-in-Time user-provisioning applies this static list when jitUserProvGroupStaticListEnabled:true.
JitUserProvAttributeUpdateEnabled bool
Set to true to indicate JIT User Creation is enabled
JitUserProvAttributes List<GetDomainsIdentityProviderJitUserProvAttribute>
Assertion To User Mapping
JitUserProvCreateUserEnabled bool
Set to true to indicate JIT User Creation is enabled
JitUserProvEnabled bool
Set to true to indicate JIT User Provisioning is enabled
JitUserProvGroupAssertionAttributeEnabled bool
Set to true to indicate JIT User Provisioning Groups should be assigned based on assertion attribute
JitUserProvGroupAssignmentMethod string
The default value is 'Overwrite', which tells Just-In-Time user-provisioning to replace any current group-assignments for a User with those assigned by assertions and/or those assigned statically. Specify 'Merge' if you want Just-In-Time user-provisioning to combine its group-assignments with those the user already has.
JitUserProvGroupMappingMode string
Property to indicate the mode of group mapping
JitUserProvGroupMappings List<GetDomainsIdentityProviderJitUserProvGroupMapping>
The list of mappings between the Identity Domain Group and the IDP group.
JitUserProvGroupSamlAttributeName string
Name of the assertion attribute containing the users groups
JitUserProvGroupStaticListEnabled bool
Set to true to indicate JIT User Provisioning Groups should be assigned from a static list
JitUserProvIgnoreErrorOnAbsentGroups bool
Set to true to indicate ignoring absence of group while provisioning
LastNotificationSentTime string
Records the notification timestamp for the IdP whose signing certificate is about to expire
LogoutBinding string
HTTP binding to use for logout.
LogoutEnabled bool
Set to true to enable logout.
LogoutRequestUrl string
Logout request URL
LogoutResponseUrl string
Logout response URL
Metadata string
Metadata
Metas List<GetDomainsIdentityProviderMeta>
A complex attribute that contains resource metadata. All sub-attributes are OPTIONAL.
NameIdFormat string
Default authentication request name ID format.
Ocid string
Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.
PartnerName string
Unique name of the trusted Identity Provider.
PartnerProviderId string
Provider ID
RequestedAuthenticationContexts List<string>
SAML SP authentication type.
RequireForceAuthn bool
This SP requires requests SAML IdP to enforce re-authentication.
RequiresEncryptedAssertion bool
SAML SP must accept encrypted assertion only.
SamlHoKrequired bool
SAML SP HoK Enabled.
Schemas List<string>
REQUIRED. The schemas attribute is an array of Strings which allows introspection of the supported schema version for a SCIM representation as well any schema extensions supported by that representation. Each String value must be a unique URI. This specification defines URIs for User, Group, and a standard "enterprise" extension. All representations of SCIM schema MUST include a non-zero value array with value(s) of the URIs supported by that representation. Duplicate values MUST NOT be included. Value order is not specified and MUST not impact behavior.
ServiceInstanceIdentifier string
The serviceInstanceIdentifier of the App that hosts this IdP. This value will match the opcServiceInstanceGUID of any service-instance that the IdP represents.
ShownOnLoginPage bool
Set to true to indicate whether to show IdP in login page or not.
SignatureHashAlgorithm string
Signature hash algorithm.
SigningCertificate string
Signing certificate
SuccinctId string
Succinct ID
Tags List<GetDomainsIdentityProviderTag>
A list of tags on this resource.
TenancyOcid string
Oracle Cloud Infrastructure Tenant Id (ocid) in which the resource lives.
TenantProviderId string
The alternate Provider ID to be used as the Oracle Identity Cloud Service providerID (instead of the one in SamlSettings) when interacting with this IdP.
Type string
Identity Provider Type
UrnietfparamsscimschemasoracleidcsextensionsocialIdentityProviders List<GetDomainsIdentityProviderUrnietfparamsscimschemasoracleidcsextensionsocialIdentityProvider>
Social Identity Provider Extension Schema
Urnietfparamsscimschemasoracleidcsextensionx509identityProviders List<GetDomainsIdentityProviderUrnietfparamsscimschemasoracleidcsextensionx509identityProvider>
X509 Identity Provider Extension Schema
UserMappingMethod string
User mapping method.
UserMappingStoreAttribute string
This property specifies the userstore attribute value that must match the incoming assertion attribute value or the incoming nameid attribute value in order to identify the user during SSO.You can construct the userMappingStoreAttribute value by specifying attributes from the Oracle Identity Cloud Service Core Users schema. For examples of how to construct the userMappingStoreAttribute value, see the Example of a Request Body section of the Examples tab for the POST and PUT methods of the /IdentityProviders endpoint.
AttributeSets List<string>
Attributes string
Authorization string
ResourceTypeSchemaVersion string
AssertionAttribute string
Assertion attribute name.
AuthnRequestBinding string
HTTP binding to use for authentication requests.
CompartmentOcid string
Oracle Cloud Infrastructure Compartment Id (ocid) in which the resource lives.
CorrelationPolicies []GetDomainsIdentityProviderCorrelationPolicy
Correlation policy
DeleteInProgress bool
A boolean flag indicating this resource in the process of being deleted. Usually set to true when synchronous deletion of the resource would take too long.
Description string
Description
DomainOcid string
Oracle Cloud Infrastructure Domain Id (ocid) in which the resource lives.
Enabled bool
Set to true to indicate Partner enabled.
EncryptionCertificate string
Encryption certificate
ExternalId string
An identifier for the Resource as defined by the Service Consumer. The externalId may simplify identification of the Resource between Service Consumer and Service Provider by allowing the Consumer to refer to the Resource with its own identifier, obviating the need to store a local mapping between the local identifier of the Resource and the identifier used by the Service Provider. Each Resource MAY include a non-empty externalId value. The value of the externalId attribute is always issued by the Service Consumer and can never be specified by the Service Provider. The Service Provider MUST always interpret the externalId as scoped to the Service Consumer's tenant.
IconUrl string
Identity Provider Icon URL.
Id string
Unique identifier for the SCIM Resource as defined by the Service Provider. Each representation of the Resource MUST include a non-empty id value. This identifier MUST be unique across the Service Provider's entire set of Resources. It MUST be a stable, non-reassignable identifier that does not change when the same Resource is returned in subsequent requests. The value of the id attribute is always issued by the Service Provider and MUST never be specified by the Service Consumer. bulkId: is a reserved keyword and MUST NOT be used in the unique identifier.
IdcsCreatedBies []GetDomainsIdentityProviderIdcsCreatedBy
The User or App who created the Resource
IdcsEndpoint string
IdcsLastModifiedBies []GetDomainsIdentityProviderIdcsLastModifiedBy
The User or App who modified the Resource
IdcsLastUpgradedInRelease string
The release number when the resource was upgraded.
IdcsPreventedOperations []string
Each value of this attribute specifies an operation that only an internal client may perform on this particular resource.
IdentityProviderId string
IdpSsoUrl string
Identity Provider SSO URL
IncludeSigningCertInSignature bool
Set to true to include the signing certificate in the signature.
JitUserProvAssignedGroups []GetDomainsIdentityProviderJitUserProvAssignedGroup
Refers to every group of which a JIT-provisioned User should be a member. Just-in-Time user-provisioning applies this static list when jitUserProvGroupStaticListEnabled:true.
JitUserProvAttributeUpdateEnabled bool
Set to true to indicate JIT User Creation is enabled
JitUserProvAttributes []GetDomainsIdentityProviderJitUserProvAttribute
Assertion To User Mapping
JitUserProvCreateUserEnabled bool
Set to true to indicate JIT User Creation is enabled
JitUserProvEnabled bool
Set to true to indicate JIT User Provisioning is enabled
JitUserProvGroupAssertionAttributeEnabled bool
Set to true to indicate JIT User Provisioning Groups should be assigned based on assertion attribute
JitUserProvGroupAssignmentMethod string
The default value is 'Overwrite', which tells Just-In-Time user-provisioning to replace any current group-assignments for a User with those assigned by assertions and/or those assigned statically. Specify 'Merge' if you want Just-In-Time user-provisioning to combine its group-assignments with those the user already has.
JitUserProvGroupMappingMode string
Property to indicate the mode of group mapping
JitUserProvGroupMappings []GetDomainsIdentityProviderJitUserProvGroupMapping
The list of mappings between the Identity Domain Group and the IDP group.
JitUserProvGroupSamlAttributeName string
Name of the assertion attribute containing the users groups
JitUserProvGroupStaticListEnabled bool
Set to true to indicate JIT User Provisioning Groups should be assigned from a static list
JitUserProvIgnoreErrorOnAbsentGroups bool
Set to true to indicate ignoring absence of group while provisioning
LastNotificationSentTime string
Records the notification timestamp for the IdP whose signing certificate is about to expire
LogoutBinding string
HTTP binding to use for logout.
LogoutEnabled bool
Set to true to enable logout.
LogoutRequestUrl string
Logout request URL
LogoutResponseUrl string
Logout response URL
Metadata string
Metadata
Metas []GetDomainsIdentityProviderMeta
A complex attribute that contains resource metadata. All sub-attributes are OPTIONAL.
NameIdFormat string
Default authentication request name ID format.
Ocid string
Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.
PartnerName string
Unique name of the trusted Identity Provider.
PartnerProviderId string
Provider ID
RequestedAuthenticationContexts []string
SAML SP authentication type.
RequireForceAuthn bool
This SP requires requests SAML IdP to enforce re-authentication.
RequiresEncryptedAssertion bool
SAML SP must accept encrypted assertion only.
SamlHoKrequired bool
SAML SP HoK Enabled.
Schemas []string
REQUIRED. The schemas attribute is an array of Strings which allows introspection of the supported schema version for a SCIM representation as well any schema extensions supported by that representation. Each String value must be a unique URI. This specification defines URIs for User, Group, and a standard "enterprise" extension. All representations of SCIM schema MUST include a non-zero value array with value(s) of the URIs supported by that representation. Duplicate values MUST NOT be included. Value order is not specified and MUST not impact behavior.
ServiceInstanceIdentifier string
The serviceInstanceIdentifier of the App that hosts this IdP. This value will match the opcServiceInstanceGUID of any service-instance that the IdP represents.
ShownOnLoginPage bool
Set to true to indicate whether to show IdP in login page or not.
SignatureHashAlgorithm string
Signature hash algorithm.
SigningCertificate string
Signing certificate
SuccinctId string
Succinct ID
Tags []GetDomainsIdentityProviderTag
A list of tags on this resource.
TenancyOcid string
Oracle Cloud Infrastructure Tenant Id (ocid) in which the resource lives.
TenantProviderId string
The alternate Provider ID to be used as the Oracle Identity Cloud Service providerID (instead of the one in SamlSettings) when interacting with this IdP.
Type string
Identity Provider Type
UrnietfparamsscimschemasoracleidcsextensionsocialIdentityProviders []GetDomainsIdentityProviderUrnietfparamsscimschemasoracleidcsextensionsocialIdentityProvider
Social Identity Provider Extension Schema
Urnietfparamsscimschemasoracleidcsextensionx509identityProviders []GetDomainsIdentityProviderUrnietfparamsscimschemasoracleidcsextensionx509identityProvider
X509 Identity Provider Extension Schema
UserMappingMethod string
User mapping method.
UserMappingStoreAttribute string
This property specifies the userstore attribute value that must match the incoming assertion attribute value or the incoming nameid attribute value in order to identify the user during SSO.You can construct the userMappingStoreAttribute value by specifying attributes from the Oracle Identity Cloud Service Core Users schema. For examples of how to construct the userMappingStoreAttribute value, see the Example of a Request Body section of the Examples tab for the POST and PUT methods of the /IdentityProviders endpoint.
AttributeSets []string
Attributes string
Authorization string
ResourceTypeSchemaVersion string
assertionAttribute String
Assertion attribute name.
authnRequestBinding String
HTTP binding to use for authentication requests.
compartmentOcid String
Oracle Cloud Infrastructure Compartment Id (ocid) in which the resource lives.
correlationPolicies List<GetDomainsProviderCorrelationPolicy>
Correlation policy
deleteInProgress Boolean
A boolean flag indicating this resource in the process of being deleted. Usually set to true when synchronous deletion of the resource would take too long.
description String
Description
domainOcid String
Oracle Cloud Infrastructure Domain Id (ocid) in which the resource lives.
enabled Boolean
Set to true to indicate Partner enabled.
encryptionCertificate String
Encryption certificate
externalId String
An identifier for the Resource as defined by the Service Consumer. The externalId may simplify identification of the Resource between Service Consumer and Service Provider by allowing the Consumer to refer to the Resource with its own identifier, obviating the need to store a local mapping between the local identifier of the Resource and the identifier used by the Service Provider. Each Resource MAY include a non-empty externalId value. The value of the externalId attribute is always issued by the Service Consumer and can never be specified by the Service Provider. The Service Provider MUST always interpret the externalId as scoped to the Service Consumer's tenant.
iconUrl String
Identity Provider Icon URL.
id String
Unique identifier for the SCIM Resource as defined by the Service Provider. Each representation of the Resource MUST include a non-empty id value. This identifier MUST be unique across the Service Provider's entire set of Resources. It MUST be a stable, non-reassignable identifier that does not change when the same Resource is returned in subsequent requests. The value of the id attribute is always issued by the Service Provider and MUST never be specified by the Service Consumer. bulkId: is a reserved keyword and MUST NOT be used in the unique identifier.
idcsCreatedBies List<GetDomainsProviderIdcsCreatedBy>
The User or App who created the Resource
idcsEndpoint String
idcsLastModifiedBies List<GetDomainsProviderIdcsLastModifiedBy>
The User or App who modified the Resource
idcsLastUpgradedInRelease String
The release number when the resource was upgraded.
idcsPreventedOperations List<String>
Each value of this attribute specifies an operation that only an internal client may perform on this particular resource.
identityProviderId String
idpSsoUrl String
Identity Provider SSO URL
includeSigningCertInSignature Boolean
Set to true to include the signing certificate in the signature.
jitUserProvAssignedGroups List<GetDomainsProviderJitUserProvAssignedGroup>
Refers to every group of which a JIT-provisioned User should be a member. Just-in-Time user-provisioning applies this static list when jitUserProvGroupStaticListEnabled:true.
jitUserProvAttributeUpdateEnabled Boolean
Set to true to indicate JIT User Creation is enabled
jitUserProvAttributes List<GetDomainsProviderJitUserProvAttribute>
Assertion To User Mapping
jitUserProvCreateUserEnabled Boolean
Set to true to indicate JIT User Creation is enabled
jitUserProvEnabled Boolean
Set to true to indicate JIT User Provisioning is enabled
jitUserProvGroupAssertionAttributeEnabled Boolean
Set to true to indicate JIT User Provisioning Groups should be assigned based on assertion attribute
jitUserProvGroupAssignmentMethod String
The default value is 'Overwrite', which tells Just-In-Time user-provisioning to replace any current group-assignments for a User with those assigned by assertions and/or those assigned statically. Specify 'Merge' if you want Just-In-Time user-provisioning to combine its group-assignments with those the user already has.
jitUserProvGroupMappingMode String
Property to indicate the mode of group mapping
jitUserProvGroupMappings List<GetDomainsProviderJitUserProvGroupMapping>
The list of mappings between the Identity Domain Group and the IDP group.
jitUserProvGroupSamlAttributeName String
Name of the assertion attribute containing the users groups
jitUserProvGroupStaticListEnabled Boolean
Set to true to indicate JIT User Provisioning Groups should be assigned from a static list
jitUserProvIgnoreErrorOnAbsentGroups Boolean
Set to true to indicate ignoring absence of group while provisioning
lastNotificationSentTime String
Records the notification timestamp for the IdP whose signing certificate is about to expire
logoutBinding String
HTTP binding to use for logout.
logoutEnabled Boolean
Set to true to enable logout.
logoutRequestUrl String
Logout request URL
logoutResponseUrl String
Logout response URL
metadata String
Metadata
metas List<GetDomainsProviderMeta>
A complex attribute that contains resource metadata. All sub-attributes are OPTIONAL.
nameIdFormat String
Default authentication request name ID format.
ocid String
Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.
partnerName String
Unique name of the trusted Identity Provider.
partnerProviderId String
Provider ID
requestedAuthenticationContexts List<String>
SAML SP authentication type.
requireForceAuthn Boolean
This SP requires requests SAML IdP to enforce re-authentication.
requiresEncryptedAssertion Boolean
SAML SP must accept encrypted assertion only.
samlHoKrequired Boolean
SAML SP HoK Enabled.
schemas List<String>
REQUIRED. The schemas attribute is an array of Strings which allows introspection of the supported schema version for a SCIM representation as well any schema extensions supported by that representation. Each String value must be a unique URI. This specification defines URIs for User, Group, and a standard "enterprise" extension. All representations of SCIM schema MUST include a non-zero value array with value(s) of the URIs supported by that representation. Duplicate values MUST NOT be included. Value order is not specified and MUST not impact behavior.
serviceInstanceIdentifier String
The serviceInstanceIdentifier of the App that hosts this IdP. This value will match the opcServiceInstanceGUID of any service-instance that the IdP represents.
shownOnLoginPage Boolean
Set to true to indicate whether to show IdP in login page or not.
signatureHashAlgorithm String
Signature hash algorithm.
signingCertificate String
Signing certificate
succinctId String
Succinct ID
tags List<GetDomainsProviderTag>
A list of tags on this resource.
tenancyOcid String
Oracle Cloud Infrastructure Tenant Id (ocid) in which the resource lives.
tenantProviderId String
The alternate Provider ID to be used as the Oracle Identity Cloud Service providerID (instead of the one in SamlSettings) when interacting with this IdP.
type String
Identity Provider Type
urnietfparamsscimschemasoracleidcsextensionsocialIdentityProviders List<GetDomainsProviderUrnietfparamsscimschemasoracleidcsextensionsocialProvider>
Social Identity Provider Extension Schema
urnietfparamsscimschemasoracleidcsextensionx509identityProviders List<GetDomainsProviderUrnietfparamsscimschemasoracleidcsextensionx509identityProvider>
X509 Identity Provider Extension Schema
userMappingMethod String
User mapping method.
userMappingStoreAttribute String
This property specifies the userstore attribute value that must match the incoming assertion attribute value or the incoming nameid attribute value in order to identify the user during SSO.You can construct the userMappingStoreAttribute value by specifying attributes from the Oracle Identity Cloud Service Core Users schema. For examples of how to construct the userMappingStoreAttribute value, see the Example of a Request Body section of the Examples tab for the POST and PUT methods of the /IdentityProviders endpoint.
attributeSets List<String>
attributes String
authorization String
resourceTypeSchemaVersion String
assertionAttribute string
Assertion attribute name.
authnRequestBinding string
HTTP binding to use for authentication requests.
compartmentOcid string
Oracle Cloud Infrastructure Compartment Id (ocid) in which the resource lives.
correlationPolicies GetDomainsIdentityProviderCorrelationPolicy[]
Correlation policy
deleteInProgress boolean
A boolean flag indicating this resource in the process of being deleted. Usually set to true when synchronous deletion of the resource would take too long.
description string
Description
domainOcid string
Oracle Cloud Infrastructure Domain Id (ocid) in which the resource lives.
enabled boolean
Set to true to indicate Partner enabled.
encryptionCertificate string
Encryption certificate
externalId string
An identifier for the Resource as defined by the Service Consumer. The externalId may simplify identification of the Resource between Service Consumer and Service Provider by allowing the Consumer to refer to the Resource with its own identifier, obviating the need to store a local mapping between the local identifier of the Resource and the identifier used by the Service Provider. Each Resource MAY include a non-empty externalId value. The value of the externalId attribute is always issued by the Service Consumer and can never be specified by the Service Provider. The Service Provider MUST always interpret the externalId as scoped to the Service Consumer's tenant.
iconUrl string
Identity Provider Icon URL.
id string
Unique identifier for the SCIM Resource as defined by the Service Provider. Each representation of the Resource MUST include a non-empty id value. This identifier MUST be unique across the Service Provider's entire set of Resources. It MUST be a stable, non-reassignable identifier that does not change when the same Resource is returned in subsequent requests. The value of the id attribute is always issued by the Service Provider and MUST never be specified by the Service Consumer. bulkId: is a reserved keyword and MUST NOT be used in the unique identifier.
idcsCreatedBies GetDomainsIdentityProviderIdcsCreatedBy[]
The User or App who created the Resource
idcsEndpoint string
idcsLastModifiedBies GetDomainsIdentityProviderIdcsLastModifiedBy[]
The User or App who modified the Resource
idcsLastUpgradedInRelease string
The release number when the resource was upgraded.
idcsPreventedOperations string[]
Each value of this attribute specifies an operation that only an internal client may perform on this particular resource.
identityProviderId string
idpSsoUrl string
Identity Provider SSO URL
includeSigningCertInSignature boolean
Set to true to include the signing certificate in the signature.
jitUserProvAssignedGroups GetDomainsIdentityProviderJitUserProvAssignedGroup[]
Refers to every group of which a JIT-provisioned User should be a member. Just-in-Time user-provisioning applies this static list when jitUserProvGroupStaticListEnabled:true.
jitUserProvAttributeUpdateEnabled boolean
Set to true to indicate JIT User Creation is enabled
jitUserProvAttributes GetDomainsIdentityProviderJitUserProvAttribute[]
Assertion To User Mapping
jitUserProvCreateUserEnabled boolean
Set to true to indicate JIT User Creation is enabled
jitUserProvEnabled boolean
Set to true to indicate JIT User Provisioning is enabled
jitUserProvGroupAssertionAttributeEnabled boolean
Set to true to indicate JIT User Provisioning Groups should be assigned based on assertion attribute
jitUserProvGroupAssignmentMethod string
The default value is 'Overwrite', which tells Just-In-Time user-provisioning to replace any current group-assignments for a User with those assigned by assertions and/or those assigned statically. Specify 'Merge' if you want Just-In-Time user-provisioning to combine its group-assignments with those the user already has.
jitUserProvGroupMappingMode string
Property to indicate the mode of group mapping
jitUserProvGroupMappings GetDomainsIdentityProviderJitUserProvGroupMapping[]
The list of mappings between the Identity Domain Group and the IDP group.
jitUserProvGroupSamlAttributeName string
Name of the assertion attribute containing the users groups
jitUserProvGroupStaticListEnabled boolean
Set to true to indicate JIT User Provisioning Groups should be assigned from a static list
jitUserProvIgnoreErrorOnAbsentGroups boolean
Set to true to indicate ignoring absence of group while provisioning
lastNotificationSentTime string
Records the notification timestamp for the IdP whose signing certificate is about to expire
logoutBinding string
HTTP binding to use for logout.
logoutEnabled boolean
Set to true to enable logout.
logoutRequestUrl string
Logout request URL
logoutResponseUrl string
Logout response URL
metadata string
Metadata
metas GetDomainsIdentityProviderMeta[]
A complex attribute that contains resource metadata. All sub-attributes are OPTIONAL.
nameIdFormat string
Default authentication request name ID format.
ocid string
Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.
partnerName string
Unique name of the trusted Identity Provider.
partnerProviderId string
Provider ID
requestedAuthenticationContexts string[]
SAML SP authentication type.
requireForceAuthn boolean
This SP requires requests SAML IdP to enforce re-authentication.
requiresEncryptedAssertion boolean
SAML SP must accept encrypted assertion only.
samlHoKrequired boolean
SAML SP HoK Enabled.
schemas string[]
REQUIRED. The schemas attribute is an array of Strings which allows introspection of the supported schema version for a SCIM representation as well any schema extensions supported by that representation. Each String value must be a unique URI. This specification defines URIs for User, Group, and a standard "enterprise" extension. All representations of SCIM schema MUST include a non-zero value array with value(s) of the URIs supported by that representation. Duplicate values MUST NOT be included. Value order is not specified and MUST not impact behavior.
serviceInstanceIdentifier string
The serviceInstanceIdentifier of the App that hosts this IdP. This value will match the opcServiceInstanceGUID of any service-instance that the IdP represents.
shownOnLoginPage boolean
Set to true to indicate whether to show IdP in login page or not.
signatureHashAlgorithm string
Signature hash algorithm.
signingCertificate string
Signing certificate
succinctId string
Succinct ID
tags GetDomainsIdentityProviderTag[]
A list of tags on this resource.
tenancyOcid string
Oracle Cloud Infrastructure Tenant Id (ocid) in which the resource lives.
tenantProviderId string
The alternate Provider ID to be used as the Oracle Identity Cloud Service providerID (instead of the one in SamlSettings) when interacting with this IdP.
type string
Identity Provider Type
urnietfparamsscimschemasoracleidcsextensionsocialIdentityProviders GetDomainsIdentityProviderUrnietfparamsscimschemasoracleidcsextensionsocialIdentityProvider[]
Social Identity Provider Extension Schema
urnietfparamsscimschemasoracleidcsextensionx509identityProviders GetDomainsIdentityProviderUrnietfparamsscimschemasoracleidcsextensionx509identityProvider[]
X509 Identity Provider Extension Schema
userMappingMethod string
User mapping method.
userMappingStoreAttribute string
This property specifies the userstore attribute value that must match the incoming assertion attribute value or the incoming nameid attribute value in order to identify the user during SSO.You can construct the userMappingStoreAttribute value by specifying attributes from the Oracle Identity Cloud Service Core Users schema. For examples of how to construct the userMappingStoreAttribute value, see the Example of a Request Body section of the Examples tab for the POST and PUT methods of the /IdentityProviders endpoint.
attributeSets string[]
attributes string
authorization string
resourceTypeSchemaVersion string
assertion_attribute str
Assertion attribute name.
authn_request_binding str
HTTP binding to use for authentication requests.
compartment_ocid str
Oracle Cloud Infrastructure Compartment Id (ocid) in which the resource lives.
correlation_policies Sequence[identity.GetDomainsIdentityProviderCorrelationPolicy]
Correlation policy
delete_in_progress bool
A boolean flag indicating this resource in the process of being deleted. Usually set to true when synchronous deletion of the resource would take too long.
description str
Description
domain_ocid str
Oracle Cloud Infrastructure Domain Id (ocid) in which the resource lives.
enabled bool
Set to true to indicate Partner enabled.
encryption_certificate str
Encryption certificate
external_id str
An identifier for the Resource as defined by the Service Consumer. The externalId may simplify identification of the Resource between Service Consumer and Service Provider by allowing the Consumer to refer to the Resource with its own identifier, obviating the need to store a local mapping between the local identifier of the Resource and the identifier used by the Service Provider. Each Resource MAY include a non-empty externalId value. The value of the externalId attribute is always issued by the Service Consumer and can never be specified by the Service Provider. The Service Provider MUST always interpret the externalId as scoped to the Service Consumer's tenant.
icon_url str
Identity Provider Icon URL.
id str
Unique identifier for the SCIM Resource as defined by the Service Provider. Each representation of the Resource MUST include a non-empty id value. This identifier MUST be unique across the Service Provider's entire set of Resources. It MUST be a stable, non-reassignable identifier that does not change when the same Resource is returned in subsequent requests. The value of the id attribute is always issued by the Service Provider and MUST never be specified by the Service Consumer. bulkId: is a reserved keyword and MUST NOT be used in the unique identifier.
idcs_created_bies Sequence[identity.GetDomainsIdentityProviderIdcsCreatedBy]
The User or App who created the Resource
idcs_endpoint str
idcs_last_modified_bies Sequence[identity.GetDomainsIdentityProviderIdcsLastModifiedBy]
The User or App who modified the Resource
idcs_last_upgraded_in_release str
The release number when the resource was upgraded.
idcs_prevented_operations Sequence[str]
Each value of this attribute specifies an operation that only an internal client may perform on this particular resource.
identity_provider_id str
idp_sso_url str
Identity Provider SSO URL
include_signing_cert_in_signature bool
Set to true to include the signing certificate in the signature.
jit_user_prov_assigned_groups Sequence[identity.GetDomainsIdentityProviderJitUserProvAssignedGroup]
Refers to every group of which a JIT-provisioned User should be a member. Just-in-Time user-provisioning applies this static list when jitUserProvGroupStaticListEnabled:true.
jit_user_prov_attribute_update_enabled bool
Set to true to indicate JIT User Creation is enabled
jit_user_prov_attributes Sequence[identity.GetDomainsIdentityProviderJitUserProvAttribute]
Assertion To User Mapping
jit_user_prov_create_user_enabled bool
Set to true to indicate JIT User Creation is enabled
jit_user_prov_enabled bool
Set to true to indicate JIT User Provisioning is enabled
jit_user_prov_group_assertion_attribute_enabled bool
Set to true to indicate JIT User Provisioning Groups should be assigned based on assertion attribute
jit_user_prov_group_assignment_method str
The default value is 'Overwrite', which tells Just-In-Time user-provisioning to replace any current group-assignments for a User with those assigned by assertions and/or those assigned statically. Specify 'Merge' if you want Just-In-Time user-provisioning to combine its group-assignments with those the user already has.
jit_user_prov_group_mapping_mode str
Property to indicate the mode of group mapping
jit_user_prov_group_mappings Sequence[identity.GetDomainsIdentityProviderJitUserProvGroupMapping]
The list of mappings between the Identity Domain Group and the IDP group.
jit_user_prov_group_saml_attribute_name str
Name of the assertion attribute containing the users groups
jit_user_prov_group_static_list_enabled bool
Set to true to indicate JIT User Provisioning Groups should be assigned from a static list
jit_user_prov_ignore_error_on_absent_groups bool
Set to true to indicate ignoring absence of group while provisioning
last_notification_sent_time str
Records the notification timestamp for the IdP whose signing certificate is about to expire
logout_binding str
HTTP binding to use for logout.
logout_enabled bool
Set to true to enable logout.
logout_request_url str
Logout request URL
logout_response_url str
Logout response URL
metadata str
Metadata
metas Sequence[identity.GetDomainsIdentityProviderMeta]
A complex attribute that contains resource metadata. All sub-attributes are OPTIONAL.
name_id_format str
Default authentication request name ID format.
ocid str
Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.
partner_name str
Unique name of the trusted Identity Provider.
partner_provider_id str
Provider ID
requested_authentication_contexts Sequence[str]
SAML SP authentication type.
require_force_authn bool
This SP requires requests SAML IdP to enforce re-authentication.
requires_encrypted_assertion bool
SAML SP must accept encrypted assertion only.
saml_ho_krequired bool
SAML SP HoK Enabled.
schemas Sequence[str]
REQUIRED. The schemas attribute is an array of Strings which allows introspection of the supported schema version for a SCIM representation as well any schema extensions supported by that representation. Each String value must be a unique URI. This specification defines URIs for User, Group, and a standard "enterprise" extension. All representations of SCIM schema MUST include a non-zero value array with value(s) of the URIs supported by that representation. Duplicate values MUST NOT be included. Value order is not specified and MUST not impact behavior.
service_instance_identifier str
The serviceInstanceIdentifier of the App that hosts this IdP. This value will match the opcServiceInstanceGUID of any service-instance that the IdP represents.
shown_on_login_page bool
Set to true to indicate whether to show IdP in login page or not.
signature_hash_algorithm str
Signature hash algorithm.
signing_certificate str
Signing certificate
succinct_id str
Succinct ID
tags Sequence[identity.GetDomainsIdentityProviderTag]
A list of tags on this resource.
tenancy_ocid str
Oracle Cloud Infrastructure Tenant Id (ocid) in which the resource lives.
tenant_provider_id str
The alternate Provider ID to be used as the Oracle Identity Cloud Service providerID (instead of the one in SamlSettings) when interacting with this IdP.
type str
Identity Provider Type
urnietfparamsscimschemasoracleidcsextensionsocial_identity_providers Sequence[identity.GetDomainsIdentityProviderUrnietfparamsscimschemasoracleidcsextensionsocialIdentityProvider]
Social Identity Provider Extension Schema
urnietfparamsscimschemasoracleidcsextensionx509identity_providers Sequence[identity.GetDomainsIdentityProviderUrnietfparamsscimschemasoracleidcsextensionx509identityProvider]
X509 Identity Provider Extension Schema
user_mapping_method str
User mapping method.
user_mapping_store_attribute str
This property specifies the userstore attribute value that must match the incoming assertion attribute value or the incoming nameid attribute value in order to identify the user during SSO.You can construct the userMappingStoreAttribute value by specifying attributes from the Oracle Identity Cloud Service Core Users schema. For examples of how to construct the userMappingStoreAttribute value, see the Example of a Request Body section of the Examples tab for the POST and PUT methods of the /IdentityProviders endpoint.
attribute_sets Sequence[str]
attributes str
authorization str
resource_type_schema_version str
assertionAttribute String
Assertion attribute name.
authnRequestBinding String
HTTP binding to use for authentication requests.
compartmentOcid String
Oracle Cloud Infrastructure Compartment Id (ocid) in which the resource lives.
correlationPolicies List<Property Map>
Correlation policy
deleteInProgress Boolean
A boolean flag indicating this resource in the process of being deleted. Usually set to true when synchronous deletion of the resource would take too long.
description String
Description
domainOcid String
Oracle Cloud Infrastructure Domain Id (ocid) in which the resource lives.
enabled Boolean
Set to true to indicate Partner enabled.
encryptionCertificate String
Encryption certificate
externalId String
An identifier for the Resource as defined by the Service Consumer. The externalId may simplify identification of the Resource between Service Consumer and Service Provider by allowing the Consumer to refer to the Resource with its own identifier, obviating the need to store a local mapping between the local identifier of the Resource and the identifier used by the Service Provider. Each Resource MAY include a non-empty externalId value. The value of the externalId attribute is always issued by the Service Consumer and can never be specified by the Service Provider. The Service Provider MUST always interpret the externalId as scoped to the Service Consumer's tenant.
iconUrl String
Identity Provider Icon URL.
id String
Unique identifier for the SCIM Resource as defined by the Service Provider. Each representation of the Resource MUST include a non-empty id value. This identifier MUST be unique across the Service Provider's entire set of Resources. It MUST be a stable, non-reassignable identifier that does not change when the same Resource is returned in subsequent requests. The value of the id attribute is always issued by the Service Provider and MUST never be specified by the Service Consumer. bulkId: is a reserved keyword and MUST NOT be used in the unique identifier.
idcsCreatedBies List<Property Map>
The User or App who created the Resource
idcsEndpoint String
idcsLastModifiedBies List<Property Map>
The User or App who modified the Resource
idcsLastUpgradedInRelease String
The release number when the resource was upgraded.
idcsPreventedOperations List<String>
Each value of this attribute specifies an operation that only an internal client may perform on this particular resource.
identityProviderId String
idpSsoUrl String
Identity Provider SSO URL
includeSigningCertInSignature Boolean
Set to true to include the signing certificate in the signature.
jitUserProvAssignedGroups List<Property Map>
Refers to every group of which a JIT-provisioned User should be a member. Just-in-Time user-provisioning applies this static list when jitUserProvGroupStaticListEnabled:true.
jitUserProvAttributeUpdateEnabled Boolean
Set to true to indicate JIT User Creation is enabled
jitUserProvAttributes List<Property Map>
Assertion To User Mapping
jitUserProvCreateUserEnabled Boolean
Set to true to indicate JIT User Creation is enabled
jitUserProvEnabled Boolean
Set to true to indicate JIT User Provisioning is enabled
jitUserProvGroupAssertionAttributeEnabled Boolean
Set to true to indicate JIT User Provisioning Groups should be assigned based on assertion attribute
jitUserProvGroupAssignmentMethod String
The default value is 'Overwrite', which tells Just-In-Time user-provisioning to replace any current group-assignments for a User with those assigned by assertions and/or those assigned statically. Specify 'Merge' if you want Just-In-Time user-provisioning to combine its group-assignments with those the user already has.
jitUserProvGroupMappingMode String
Property to indicate the mode of group mapping
jitUserProvGroupMappings List<Property Map>
The list of mappings between the Identity Domain Group and the IDP group.
jitUserProvGroupSamlAttributeName String
Name of the assertion attribute containing the users groups
jitUserProvGroupStaticListEnabled Boolean
Set to true to indicate JIT User Provisioning Groups should be assigned from a static list
jitUserProvIgnoreErrorOnAbsentGroups Boolean
Set to true to indicate ignoring absence of group while provisioning
lastNotificationSentTime String
Records the notification timestamp for the IdP whose signing certificate is about to expire
logoutBinding String
HTTP binding to use for logout.
logoutEnabled Boolean
Set to true to enable logout.
logoutRequestUrl String
Logout request URL
logoutResponseUrl String
Logout response URL
metadata String
Metadata
metas List<Property Map>
A complex attribute that contains resource metadata. All sub-attributes are OPTIONAL.
nameIdFormat String
Default authentication request name ID format.
ocid String
Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.
partnerName String
Unique name of the trusted Identity Provider.
partnerProviderId String
Provider ID
requestedAuthenticationContexts List<String>
SAML SP authentication type.
requireForceAuthn Boolean
This SP requires requests SAML IdP to enforce re-authentication.
requiresEncryptedAssertion Boolean
SAML SP must accept encrypted assertion only.
samlHoKrequired Boolean
SAML SP HoK Enabled.
schemas List<String>
REQUIRED. The schemas attribute is an array of Strings which allows introspection of the supported schema version for a SCIM representation as well any schema extensions supported by that representation. Each String value must be a unique URI. This specification defines URIs for User, Group, and a standard "enterprise" extension. All representations of SCIM schema MUST include a non-zero value array with value(s) of the URIs supported by that representation. Duplicate values MUST NOT be included. Value order is not specified and MUST not impact behavior.
serviceInstanceIdentifier String
The serviceInstanceIdentifier of the App that hosts this IdP. This value will match the opcServiceInstanceGUID of any service-instance that the IdP represents.
shownOnLoginPage Boolean
Set to true to indicate whether to show IdP in login page or not.
signatureHashAlgorithm String
Signature hash algorithm.
signingCertificate String
Signing certificate
succinctId String
Succinct ID
tags List<Property Map>
A list of tags on this resource.
tenancyOcid String
Oracle Cloud Infrastructure Tenant Id (ocid) in which the resource lives.
tenantProviderId String
The alternate Provider ID to be used as the Oracle Identity Cloud Service providerID (instead of the one in SamlSettings) when interacting with this IdP.
type String
Identity Provider Type
urnietfparamsscimschemasoracleidcsextensionsocialIdentityProviders List<Property Map>
Social Identity Provider Extension Schema
urnietfparamsscimschemasoracleidcsextensionx509identityProviders List<Property Map>
X509 Identity Provider Extension Schema
userMappingMethod String
User mapping method.
userMappingStoreAttribute String
This property specifies the userstore attribute value that must match the incoming assertion attribute value or the incoming nameid attribute value in order to identify the user during SSO.You can construct the userMappingStoreAttribute value by specifying attributes from the Oracle Identity Cloud Service Core Users schema. For examples of how to construct the userMappingStoreAttribute value, see the Example of a Request Body section of the Examples tab for the POST and PUT methods of the /IdentityProviders endpoint.
attributeSets List<String>
attributes String
authorization String
resourceTypeSchemaVersion String

Supporting Types

GetDomainsIdentityProviderCorrelationPolicy

Display This property is required. string
A human readable name, primarily used for display purposes. READ-ONLY.
Ref This property is required. string
Group URI
Type This property is required. string
Identity Provider Type
Value This property is required. string
Group identifier
Display This property is required. string
A human readable name, primarily used for display purposes. READ-ONLY.
Ref This property is required. string
Group URI
Type This property is required. string
Identity Provider Type
Value This property is required. string
Group identifier
display This property is required. String
A human readable name, primarily used for display purposes. READ-ONLY.
ref This property is required. String
Group URI
type This property is required. String
Identity Provider Type
value This property is required. String
Group identifier
display This property is required. string
A human readable name, primarily used for display purposes. READ-ONLY.
ref This property is required. string
Group URI
type This property is required. string
Identity Provider Type
value This property is required. string
Group identifier
display This property is required. str
A human readable name, primarily used for display purposes. READ-ONLY.
ref This property is required. str
Group URI
type This property is required. str
Identity Provider Type
value This property is required. str
Group identifier
display This property is required. String
A human readable name, primarily used for display purposes. READ-ONLY.
ref This property is required. String
Group URI
type This property is required. String
Identity Provider Type
value This property is required. String
Group identifier

GetDomainsIdentityProviderIdcsCreatedBy

Display This property is required. string
A human readable name, primarily used for display purposes. READ-ONLY.
Ocid This property is required. string
Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.
Ref This property is required. string
Group URI
Type This property is required. string
Identity Provider Type
Value This property is required. string
Group identifier
Display This property is required. string
A human readable name, primarily used for display purposes. READ-ONLY.
Ocid This property is required. string
Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.
Ref This property is required. string
Group URI
Type This property is required. string
Identity Provider Type
Value This property is required. string
Group identifier
display This property is required. String
A human readable name, primarily used for display purposes. READ-ONLY.
ocid This property is required. String
Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.
ref This property is required. String
Group URI
type This property is required. String
Identity Provider Type
value This property is required. String
Group identifier
display This property is required. string
A human readable name, primarily used for display purposes. READ-ONLY.
ocid This property is required. string
Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.
ref This property is required. string
Group URI
type This property is required. string
Identity Provider Type
value This property is required. string
Group identifier
display This property is required. str
A human readable name, primarily used for display purposes. READ-ONLY.
ocid This property is required. str
Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.
ref This property is required. str
Group URI
type This property is required. str
Identity Provider Type
value This property is required. str
Group identifier
display This property is required. String
A human readable name, primarily used for display purposes. READ-ONLY.
ocid This property is required. String
Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.
ref This property is required. String
Group URI
type This property is required. String
Identity Provider Type
value This property is required. String
Group identifier

GetDomainsIdentityProviderIdcsLastModifiedBy

Display This property is required. string
A human readable name, primarily used for display purposes. READ-ONLY.
Ocid This property is required. string
Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.
Ref This property is required. string
Group URI
Type This property is required. string
Identity Provider Type
Value This property is required. string
Group identifier
Display This property is required. string
A human readable name, primarily used for display purposes. READ-ONLY.
Ocid This property is required. string
Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.
Ref This property is required. string
Group URI
Type This property is required. string
Identity Provider Type
Value This property is required. string
Group identifier
display This property is required. String
A human readable name, primarily used for display purposes. READ-ONLY.
ocid This property is required. String
Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.
ref This property is required. String
Group URI
type This property is required. String
Identity Provider Type
value This property is required. String
Group identifier
display This property is required. string
A human readable name, primarily used for display purposes. READ-ONLY.
ocid This property is required. string
Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.
ref This property is required. string
Group URI
type This property is required. string
Identity Provider Type
value This property is required. string
Group identifier
display This property is required. str
A human readable name, primarily used for display purposes. READ-ONLY.
ocid This property is required. str
Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.
ref This property is required. str
Group URI
type This property is required. str
Identity Provider Type
value This property is required. str
Group identifier
display This property is required. String
A human readable name, primarily used for display purposes. READ-ONLY.
ocid This property is required. String
Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.
ref This property is required. String
Group URI
type This property is required. String
Identity Provider Type
value This property is required. String
Group identifier

GetDomainsIdentityProviderJitUserProvAssignedGroup

Display This property is required. string
A human readable name, primarily used for display purposes. READ-ONLY.
Ref This property is required. string
Group URI
Value This property is required. string
Group identifier
Display This property is required. string
A human readable name, primarily used for display purposes. READ-ONLY.
Ref This property is required. string
Group URI
Value This property is required. string
Group identifier
display This property is required. String
A human readable name, primarily used for display purposes. READ-ONLY.
ref This property is required. String
Group URI
value This property is required. String
Group identifier
display This property is required. string
A human readable name, primarily used for display purposes. READ-ONLY.
ref This property is required. string
Group URI
value This property is required. string
Group identifier
display This property is required. str
A human readable name, primarily used for display purposes. READ-ONLY.
ref This property is required. str
Group URI
value This property is required. str
Group identifier
display This property is required. String
A human readable name, primarily used for display purposes. READ-ONLY.
ref This property is required. String
Group URI
value This property is required. String
Group identifier

GetDomainsIdentityProviderJitUserProvAttribute

Ref This property is required. string
Group URI
Value This property is required. string
Group identifier
Ref This property is required. string
Group URI
Value This property is required. string
Group identifier
ref This property is required. String
Group URI
value This property is required. String
Group identifier
ref This property is required. string
Group URI
value This property is required. string
Group identifier
ref This property is required. str
Group URI
value This property is required. str
Group identifier
ref This property is required. String
Group URI
value This property is required. String
Group identifier

GetDomainsIdentityProviderJitUserProvGroupMapping

IdpGroup This property is required. string
IDP Group Name
Ref This property is required. string
Group URI
Value This property is required. string
Group identifier
IdpGroup This property is required. string
IDP Group Name
Ref This property is required. string
Group URI
Value This property is required. string
Group identifier
idpGroup This property is required. String
IDP Group Name
ref This property is required. String
Group URI
value This property is required. String
Group identifier
idpGroup This property is required. string
IDP Group Name
ref This property is required. string
Group URI
value This property is required. string
Group identifier
idp_group This property is required. str
IDP Group Name
ref This property is required. str
Group URI
value This property is required. str
Group identifier
idpGroup This property is required. String
IDP Group Name
ref This property is required. String
Group URI
value This property is required. String
Group identifier

GetDomainsIdentityProviderMeta

Created This property is required. string
The DateTime the Resource was added to the Service Provider
LastModified This property is required. string
The most recent DateTime that the details of this Resource were updated at the Service Provider. If this Resource has never been modified since its initial creation, the value MUST be the same as the value of created. The attribute MUST be a DateTime.
Location This property is required. string
The URI of the Resource being returned. This value MUST be the same as the Location HTTP response header.
ResourceType This property is required. string
Name of the resource type of the resource--for example, Users or Groups
Version This property is required. string
The version of the Resource being returned. This value must be the same as the ETag HTTP response header.
Created This property is required. string
The DateTime the Resource was added to the Service Provider
LastModified This property is required. string
The most recent DateTime that the details of this Resource were updated at the Service Provider. If this Resource has never been modified since its initial creation, the value MUST be the same as the value of created. The attribute MUST be a DateTime.
Location This property is required. string
The URI of the Resource being returned. This value MUST be the same as the Location HTTP response header.
ResourceType This property is required. string
Name of the resource type of the resource--for example, Users or Groups
Version This property is required. string
The version of the Resource being returned. This value must be the same as the ETag HTTP response header.
created This property is required. String
The DateTime the Resource was added to the Service Provider
lastModified This property is required. String
The most recent DateTime that the details of this Resource were updated at the Service Provider. If this Resource has never been modified since its initial creation, the value MUST be the same as the value of created. The attribute MUST be a DateTime.
location This property is required. String
The URI of the Resource being returned. This value MUST be the same as the Location HTTP response header.
resourceType This property is required. String
Name of the resource type of the resource--for example, Users or Groups
version This property is required. String
The version of the Resource being returned. This value must be the same as the ETag HTTP response header.
created This property is required. string
The DateTime the Resource was added to the Service Provider
lastModified This property is required. string
The most recent DateTime that the details of this Resource were updated at the Service Provider. If this Resource has never been modified since its initial creation, the value MUST be the same as the value of created. The attribute MUST be a DateTime.
location This property is required. string
The URI of the Resource being returned. This value MUST be the same as the Location HTTP response header.
resourceType This property is required. string
Name of the resource type of the resource--for example, Users or Groups
version This property is required. string
The version of the Resource being returned. This value must be the same as the ETag HTTP response header.
created This property is required. str
The DateTime the Resource was added to the Service Provider
last_modified This property is required. str
The most recent DateTime that the details of this Resource were updated at the Service Provider. If this Resource has never been modified since its initial creation, the value MUST be the same as the value of created. The attribute MUST be a DateTime.
location This property is required. str
The URI of the Resource being returned. This value MUST be the same as the Location HTTP response header.
resource_type This property is required. str
Name of the resource type of the resource--for example, Users or Groups
version This property is required. str
The version of the Resource being returned. This value must be the same as the ETag HTTP response header.
created This property is required. String
The DateTime the Resource was added to the Service Provider
lastModified This property is required. String
The most recent DateTime that the details of this Resource were updated at the Service Provider. If this Resource has never been modified since its initial creation, the value MUST be the same as the value of created. The attribute MUST be a DateTime.
location This property is required. String
The URI of the Resource being returned. This value MUST be the same as the Location HTTP response header.
resourceType This property is required. String
Name of the resource type of the resource--for example, Users or Groups
version This property is required. String
The version of the Resource being returned. This value must be the same as the ETag HTTP response header.

GetDomainsIdentityProviderTag

Key This property is required. string
Key or name of the tag.
Value This property is required. string
Group identifier
Key This property is required. string
Key or name of the tag.
Value This property is required. string
Group identifier
key This property is required. String
Key or name of the tag.
value This property is required. String
Group identifier
key This property is required. string
Key or name of the tag.
value This property is required. string
Group identifier
key This property is required. str
Key or name of the tag.
value This property is required. str
Group identifier
key This property is required. String
Key or name of the tag.
value This property is required. String
Group identifier

GetDomainsIdentityProviderUrnietfparamsscimschemasoracleidcsextensionsocialIdentityProvider

AccessTokenUrl This property is required. string
Social IDP Access token URL
AccountLinkingEnabled This property is required. bool
Whether account linking is enabled
AdminScopes This property is required. List<string>
Admin scope to request
AuthzUrl This property is required. string
Social IDP Authorization URL
AutoRedirectEnabled This property is required. bool
Whether social auto redirect is enabled. The IDP policy should be configured with only one Social IDP, and without username/password selected.
ClientCredentialInPayload This property is required. bool
Whether the client credential is contained in payload
ClockSkewInSeconds This property is required. int
Social IDP allowed clock skew time
ConsumerKey This property is required. string
Social IDP Client Application Client ID
ConsumerSecret This property is required. string
Social IDP Client Application Client Secret
DiscoveryUrl This property is required. string
Discovery URL
IdAttribute This property is required. string
Id attribute used for account linking
JitProvAssignedGroups This property is required. List<GetDomainsIdentityProviderUrnietfparamsscimschemasoracleidcsextensionsocialIdentityProviderJitProvAssignedGroup>
Lists the groups each social JIT-provisioned user is a member. Just-in-Time user-provisioning applies this static list when jitProvGroupStaticListEnabled:true.
JitProvGroupStaticListEnabled This property is required. bool
Set to true to indicate Social JIT User Provisioning Groups should be assigned from a static list
ProfileUrl This property is required. string
Social IDP User profile URL
RedirectUrl This property is required. string
redirect URL for social idp
RegistrationEnabled This property is required. bool
Whether registration is enabled
Scopes This property is required. List<string>
Scope to request
ServiceProviderName This property is required. string
Service Provider Name
SocialJitProvisioningEnabled This property is required. bool
Whether Social JIT Provisioning is enabled
Status This property is required. string
Status
AccessTokenUrl This property is required. string
Social IDP Access token URL
AccountLinkingEnabled This property is required. bool
Whether account linking is enabled
AdminScopes This property is required. []string
Admin scope to request
AuthzUrl This property is required. string
Social IDP Authorization URL
AutoRedirectEnabled This property is required. bool
Whether social auto redirect is enabled. The IDP policy should be configured with only one Social IDP, and without username/password selected.
ClientCredentialInPayload This property is required. bool
Whether the client credential is contained in payload
ClockSkewInSeconds This property is required. int
Social IDP allowed clock skew time
ConsumerKey This property is required. string
Social IDP Client Application Client ID
ConsumerSecret This property is required. string
Social IDP Client Application Client Secret
DiscoveryUrl This property is required. string
Discovery URL
IdAttribute This property is required. string
Id attribute used for account linking
JitProvAssignedGroups This property is required. []GetDomainsIdentityProviderUrnietfparamsscimschemasoracleidcsextensionsocialIdentityProviderJitProvAssignedGroup
Lists the groups each social JIT-provisioned user is a member. Just-in-Time user-provisioning applies this static list when jitProvGroupStaticListEnabled:true.
JitProvGroupStaticListEnabled This property is required. bool
Set to true to indicate Social JIT User Provisioning Groups should be assigned from a static list
ProfileUrl This property is required. string
Social IDP User profile URL
RedirectUrl This property is required. string
redirect URL for social idp
RegistrationEnabled This property is required. bool
Whether registration is enabled
Scopes This property is required. []string
Scope to request
ServiceProviderName This property is required. string
Service Provider Name
SocialJitProvisioningEnabled This property is required. bool
Whether Social JIT Provisioning is enabled
Status This property is required. string
Status
accessTokenUrl This property is required. String
Social IDP Access token URL
accountLinkingEnabled This property is required. Boolean
Whether account linking is enabled
adminScopes This property is required. List<String>
Admin scope to request
authzUrl This property is required. String
Social IDP Authorization URL
autoRedirectEnabled This property is required. Boolean
Whether social auto redirect is enabled. The IDP policy should be configured with only one Social IDP, and without username/password selected.
clientCredentialInPayload This property is required. Boolean
Whether the client credential is contained in payload
clockSkewInSeconds This property is required. Integer
Social IDP allowed clock skew time
consumerKey This property is required. String
Social IDP Client Application Client ID
consumerSecret This property is required. String
Social IDP Client Application Client Secret
discoveryUrl This property is required. String
Discovery URL
idAttribute This property is required. String
Id attribute used for account linking
jitProvAssignedGroups This property is required. List<GetDomainsProviderUrnietfparamsscimschemasoracleidcsextensionsocialProviderJitProvAssignedGroup>
Lists the groups each social JIT-provisioned user is a member. Just-in-Time user-provisioning applies this static list when jitProvGroupStaticListEnabled:true.
jitProvGroupStaticListEnabled This property is required. Boolean
Set to true to indicate Social JIT User Provisioning Groups should be assigned from a static list
profileUrl This property is required. String
Social IDP User profile URL
redirectUrl This property is required. String
redirect URL for social idp
registrationEnabled This property is required. Boolean
Whether registration is enabled
scopes This property is required. List<String>
Scope to request
serviceProviderName This property is required. String
Service Provider Name
socialJitProvisioningEnabled This property is required. Boolean
Whether Social JIT Provisioning is enabled
status This property is required. String
Status
accessTokenUrl This property is required. string
Social IDP Access token URL
accountLinkingEnabled This property is required. boolean
Whether account linking is enabled
adminScopes This property is required. string[]
Admin scope to request
authzUrl This property is required. string
Social IDP Authorization URL
autoRedirectEnabled This property is required. boolean
Whether social auto redirect is enabled. The IDP policy should be configured with only one Social IDP, and without username/password selected.
clientCredentialInPayload This property is required. boolean
Whether the client credential is contained in payload
clockSkewInSeconds This property is required. number
Social IDP allowed clock skew time
consumerKey This property is required. string
Social IDP Client Application Client ID
consumerSecret This property is required. string
Social IDP Client Application Client Secret
discoveryUrl This property is required. string
Discovery URL
idAttribute This property is required. string
Id attribute used for account linking
jitProvAssignedGroups This property is required. GetDomainsIdentityProviderUrnietfparamsscimschemasoracleidcsextensionsocialIdentityProviderJitProvAssignedGroup[]
Lists the groups each social JIT-provisioned user is a member. Just-in-Time user-provisioning applies this static list when jitProvGroupStaticListEnabled:true.
jitProvGroupStaticListEnabled This property is required. boolean
Set to true to indicate Social JIT User Provisioning Groups should be assigned from a static list
profileUrl This property is required. string
Social IDP User profile URL
redirectUrl This property is required. string
redirect URL for social idp
registrationEnabled This property is required. boolean
Whether registration is enabled
scopes This property is required. string[]
Scope to request
serviceProviderName This property is required. string
Service Provider Name
socialJitProvisioningEnabled This property is required. boolean
Whether Social JIT Provisioning is enabled
status This property is required. string
Status
access_token_url This property is required. str
Social IDP Access token URL
account_linking_enabled This property is required. bool
Whether account linking is enabled
admin_scopes This property is required. Sequence[str]
Admin scope to request
authz_url This property is required. str
Social IDP Authorization URL
auto_redirect_enabled This property is required. bool
Whether social auto redirect is enabled. The IDP policy should be configured with only one Social IDP, and without username/password selected.
client_credential_in_payload This property is required. bool
Whether the client credential is contained in payload
clock_skew_in_seconds This property is required. int
Social IDP allowed clock skew time
consumer_key This property is required. str
Social IDP Client Application Client ID
consumer_secret This property is required. str
Social IDP Client Application Client Secret
discovery_url This property is required. str
Discovery URL
id_attribute This property is required. str
Id attribute used for account linking
jit_prov_assigned_groups This property is required. Sequence[identity.GetDomainsIdentityProviderUrnietfparamsscimschemasoracleidcsextensionsocialIdentityProviderJitProvAssignedGroup]
Lists the groups each social JIT-provisioned user is a member. Just-in-Time user-provisioning applies this static list when jitProvGroupStaticListEnabled:true.
jit_prov_group_static_list_enabled This property is required. bool
Set to true to indicate Social JIT User Provisioning Groups should be assigned from a static list
profile_url This property is required. str
Social IDP User profile URL
redirect_url This property is required. str
redirect URL for social idp
registration_enabled This property is required. bool
Whether registration is enabled
scopes This property is required. Sequence[str]
Scope to request
service_provider_name This property is required. str
Service Provider Name
social_jit_provisioning_enabled This property is required. bool
Whether Social JIT Provisioning is enabled
status This property is required. str
Status
accessTokenUrl This property is required. String
Social IDP Access token URL
accountLinkingEnabled This property is required. Boolean
Whether account linking is enabled
adminScopes This property is required. List<String>
Admin scope to request
authzUrl This property is required. String
Social IDP Authorization URL
autoRedirectEnabled This property is required. Boolean
Whether social auto redirect is enabled. The IDP policy should be configured with only one Social IDP, and without username/password selected.
clientCredentialInPayload This property is required. Boolean
Whether the client credential is contained in payload
clockSkewInSeconds This property is required. Number
Social IDP allowed clock skew time
consumerKey This property is required. String
Social IDP Client Application Client ID
consumerSecret This property is required. String
Social IDP Client Application Client Secret
discoveryUrl This property is required. String
Discovery URL
idAttribute This property is required. String
Id attribute used for account linking
jitProvAssignedGroups This property is required. List<Property Map>
Lists the groups each social JIT-provisioned user is a member. Just-in-Time user-provisioning applies this static list when jitProvGroupStaticListEnabled:true.
jitProvGroupStaticListEnabled This property is required. Boolean
Set to true to indicate Social JIT User Provisioning Groups should be assigned from a static list
profileUrl This property is required. String
Social IDP User profile URL
redirectUrl This property is required. String
redirect URL for social idp
registrationEnabled This property is required. Boolean
Whether registration is enabled
scopes This property is required. List<String>
Scope to request
serviceProviderName This property is required. String
Service Provider Name
socialJitProvisioningEnabled This property is required. Boolean
Whether Social JIT Provisioning is enabled
status This property is required. String
Status

GetDomainsIdentityProviderUrnietfparamsscimschemasoracleidcsextensionsocialIdentityProviderJitProvAssignedGroup

Display This property is required. string
A human readable name, primarily used for display purposes. READ-ONLY.
Ref This property is required. string
Group URI
Value This property is required. string
Group identifier
Display This property is required. string
A human readable name, primarily used for display purposes. READ-ONLY.
Ref This property is required. string
Group URI
Value This property is required. string
Group identifier
display This property is required. String
A human readable name, primarily used for display purposes. READ-ONLY.
ref This property is required. String
Group URI
value This property is required. String
Group identifier
display This property is required. string
A human readable name, primarily used for display purposes. READ-ONLY.
ref This property is required. string
Group URI
value This property is required. string
Group identifier
display This property is required. str
A human readable name, primarily used for display purposes. READ-ONLY.
ref This property is required. str
Group URI
value This property is required. str
Group identifier
display This property is required. String
A human readable name, primarily used for display purposes. READ-ONLY.
ref This property is required. String
Group URI
value This property is required. String
Group identifier

GetDomainsIdentityProviderUrnietfparamsscimschemasoracleidcsextensionx509identityProvider

CertMatchAttribute This property is required. string
X509 Certificate Matching Attribute
CrlCheckOnOcspFailureEnabled This property is required. bool
Fallback on CRL Validation if OCSP fails.
CrlEnabled This property is required. bool
Set to true to enable CRL Validation
CrlLocation This property is required. string
CRL Location URL
CrlReloadDuration This property is required. int
Fetch the CRL contents every X minutes
EkuValidationEnabled This property is required. bool
Set to true to enable EKU Validation
EkuValues This property is required. List<string>
List of EKU which needs to be validated
OcspAllowUnknownResponseStatus This property is required. bool
Allow access if OCSP response is UNKNOWN or OCSP Responder does not respond within the timeout duration
OcspEnableSignedResponse This property is required. bool
Describes if the OCSP response is signed
OcspEnabled This property is required. bool
Set to true to enable OCSP Validation
OcspResponderUrl This property is required. string
This property specifies OCSP Responder URL.
OcspRevalidateTime This property is required. int
Revalidate OCSP status for user after X hours
OcspServerName This property is required. string
This property specifies the OCSP Server alias name
OcspTrustCertChains This property is required. List<string>
OCSP Trusted Certificate Chain
OtherCertMatchAttribute This property is required. string
Check for specific conditions of other certificate attributes
SigningCertificateChains This property is required. List<string>
Certificate alias list to create a chain for the incoming client certificate
UserMatchAttribute This property is required. string
This property specifies the userstore attribute value that must match the incoming certificate attribute.
CertMatchAttribute This property is required. string
X509 Certificate Matching Attribute
CrlCheckOnOcspFailureEnabled This property is required. bool
Fallback on CRL Validation if OCSP fails.
CrlEnabled This property is required. bool
Set to true to enable CRL Validation
CrlLocation This property is required. string
CRL Location URL
CrlReloadDuration This property is required. int
Fetch the CRL contents every X minutes
EkuValidationEnabled This property is required. bool
Set to true to enable EKU Validation
EkuValues This property is required. []string
List of EKU which needs to be validated
OcspAllowUnknownResponseStatus This property is required. bool
Allow access if OCSP response is UNKNOWN or OCSP Responder does not respond within the timeout duration
OcspEnableSignedResponse This property is required. bool
Describes if the OCSP response is signed
OcspEnabled This property is required. bool
Set to true to enable OCSP Validation
OcspResponderUrl This property is required. string
This property specifies OCSP Responder URL.
OcspRevalidateTime This property is required. int
Revalidate OCSP status for user after X hours
OcspServerName This property is required. string
This property specifies the OCSP Server alias name
OcspTrustCertChains This property is required. []string
OCSP Trusted Certificate Chain
OtherCertMatchAttribute This property is required. string
Check for specific conditions of other certificate attributes
SigningCertificateChains This property is required. []string
Certificate alias list to create a chain for the incoming client certificate
UserMatchAttribute This property is required. string
This property specifies the userstore attribute value that must match the incoming certificate attribute.
certMatchAttribute This property is required. String
X509 Certificate Matching Attribute
crlCheckOnOcspFailureEnabled This property is required. Boolean
Fallback on CRL Validation if OCSP fails.
crlEnabled This property is required. Boolean
Set to true to enable CRL Validation
crlLocation This property is required. String
CRL Location URL
crlReloadDuration This property is required. Integer
Fetch the CRL contents every X minutes
ekuValidationEnabled This property is required. Boolean
Set to true to enable EKU Validation
ekuValues This property is required. List<String>
List of EKU which needs to be validated
ocspAllowUnknownResponseStatus This property is required. Boolean
Allow access if OCSP response is UNKNOWN or OCSP Responder does not respond within the timeout duration
ocspEnableSignedResponse This property is required. Boolean
Describes if the OCSP response is signed
ocspEnabled This property is required. Boolean
Set to true to enable OCSP Validation
ocspResponderUrl This property is required. String
This property specifies OCSP Responder URL.
ocspRevalidateTime This property is required. Integer
Revalidate OCSP status for user after X hours
ocspServerName This property is required. String
This property specifies the OCSP Server alias name
ocspTrustCertChains This property is required. List<String>
OCSP Trusted Certificate Chain
otherCertMatchAttribute This property is required. String
Check for specific conditions of other certificate attributes
signingCertificateChains This property is required. List<String>
Certificate alias list to create a chain for the incoming client certificate
userMatchAttribute This property is required. String
This property specifies the userstore attribute value that must match the incoming certificate attribute.
certMatchAttribute This property is required. string
X509 Certificate Matching Attribute
crlCheckOnOcspFailureEnabled This property is required. boolean
Fallback on CRL Validation if OCSP fails.
crlEnabled This property is required. boolean
Set to true to enable CRL Validation
crlLocation This property is required. string
CRL Location URL
crlReloadDuration This property is required. number
Fetch the CRL contents every X minutes
ekuValidationEnabled This property is required. boolean
Set to true to enable EKU Validation
ekuValues This property is required. string[]
List of EKU which needs to be validated
ocspAllowUnknownResponseStatus This property is required. boolean
Allow access if OCSP response is UNKNOWN or OCSP Responder does not respond within the timeout duration
ocspEnableSignedResponse This property is required. boolean
Describes if the OCSP response is signed
ocspEnabled This property is required. boolean
Set to true to enable OCSP Validation
ocspResponderUrl This property is required. string
This property specifies OCSP Responder URL.
ocspRevalidateTime This property is required. number
Revalidate OCSP status for user after X hours
ocspServerName This property is required. string
This property specifies the OCSP Server alias name
ocspTrustCertChains This property is required. string[]
OCSP Trusted Certificate Chain
otherCertMatchAttribute This property is required. string
Check for specific conditions of other certificate attributes
signingCertificateChains This property is required. string[]
Certificate alias list to create a chain for the incoming client certificate
userMatchAttribute This property is required. string
This property specifies the userstore attribute value that must match the incoming certificate attribute.
cert_match_attribute This property is required. str
X509 Certificate Matching Attribute
crl_check_on_ocsp_failure_enabled This property is required. bool
Fallback on CRL Validation if OCSP fails.
crl_enabled This property is required. bool
Set to true to enable CRL Validation
crl_location This property is required. str
CRL Location URL
crl_reload_duration This property is required. int
Fetch the CRL contents every X minutes
eku_validation_enabled This property is required. bool
Set to true to enable EKU Validation
eku_values This property is required. Sequence[str]
List of EKU which needs to be validated
ocsp_allow_unknown_response_status This property is required. bool
Allow access if OCSP response is UNKNOWN or OCSP Responder does not respond within the timeout duration
ocsp_enable_signed_response This property is required. bool
Describes if the OCSP response is signed
ocsp_enabled This property is required. bool
Set to true to enable OCSP Validation
ocsp_responder_url This property is required. str
This property specifies OCSP Responder URL.
ocsp_revalidate_time This property is required. int
Revalidate OCSP status for user after X hours
ocsp_server_name This property is required. str
This property specifies the OCSP Server alias name
ocsp_trust_cert_chains This property is required. Sequence[str]
OCSP Trusted Certificate Chain
other_cert_match_attribute This property is required. str
Check for specific conditions of other certificate attributes
signing_certificate_chains This property is required. Sequence[str]
Certificate alias list to create a chain for the incoming client certificate
user_match_attribute This property is required. str
This property specifies the userstore attribute value that must match the incoming certificate attribute.
certMatchAttribute This property is required. String
X509 Certificate Matching Attribute
crlCheckOnOcspFailureEnabled This property is required. Boolean
Fallback on CRL Validation if OCSP fails.
crlEnabled This property is required. Boolean
Set to true to enable CRL Validation
crlLocation This property is required. String
CRL Location URL
crlReloadDuration This property is required. Number
Fetch the CRL contents every X minutes
ekuValidationEnabled This property is required. Boolean
Set to true to enable EKU Validation
ekuValues This property is required. List<String>
List of EKU which needs to be validated
ocspAllowUnknownResponseStatus This property is required. Boolean
Allow access if OCSP response is UNKNOWN or OCSP Responder does not respond within the timeout duration
ocspEnableSignedResponse This property is required. Boolean
Describes if the OCSP response is signed
ocspEnabled This property is required. Boolean
Set to true to enable OCSP Validation
ocspResponderUrl This property is required. String
This property specifies OCSP Responder URL.
ocspRevalidateTime This property is required. Number
Revalidate OCSP status for user after X hours
ocspServerName This property is required. String
This property specifies the OCSP Server alias name
ocspTrustCertChains This property is required. List<String>
OCSP Trusted Certificate Chain
otherCertMatchAttribute This property is required. String
Check for specific conditions of other certificate attributes
signingCertificateChains This property is required. List<String>
Certificate alias list to create a chain for the incoming client certificate
userMatchAttribute This property is required. String
This property specifies the userstore attribute value that must match the incoming certificate attribute.

Package Details

Repository
oci pulumi/pulumi-oci
License
Apache-2.0
Notes
This Pulumi package is based on the oci Terraform Provider.
Oracle Cloud Infrastructure v2.31.0 published on Thursday, Apr 17, 2025 by Pulumi