Oracle Cloud Infrastructure v2.33.0 published on Thursday, May 1, 2025 by Pulumi
oci.Identity.getDomainsApp
Explore with Pulumi AI
This data source provides details about a specific App resource in Oracle Cloud Infrastructure Identity Domains service.
Get an App
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as oci from "@pulumi/oci";
const testApp = oci.Identity.getDomainsApp({
    appId: testAppOciIdentityDomainsApp.id,
    idcsEndpoint: testDomain.url,
    attributeSets: ["all"],
    attributes: "",
    authorization: appAuthorization,
    resourceTypeSchemaVersion: appResourceTypeSchemaVersion,
});
import pulumi
import pulumi_oci as oci
test_app = oci.Identity.get_domains_app(app_id=test_app_oci_identity_domains_app["id"],
    idcs_endpoint=test_domain["url"],
    attribute_sets=["all"],
    attributes="",
    authorization=app_authorization,
    resource_type_schema_version=app_resource_type_schema_version)
package main
import (
	"github.com/pulumi/pulumi-oci/sdk/v2/go/oci/identity"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := identity.GetDomainsApp(ctx, &identity.GetDomainsAppArgs{
			AppId:        testAppOciIdentityDomainsApp.Id,
			IdcsEndpoint: testDomain.Url,
			AttributeSets: []string{
				"all",
			},
			Attributes:                pulumi.StringRef(""),
			Authorization:             pulumi.StringRef(appAuthorization),
			ResourceTypeSchemaVersion: pulumi.StringRef(appResourceTypeSchemaVersion),
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Oci = Pulumi.Oci;
return await Deployment.RunAsync(() => 
{
    var testApp = Oci.Identity.GetDomainsApp.Invoke(new()
    {
        AppId = testAppOciIdentityDomainsApp.Id,
        IdcsEndpoint = testDomain.Url,
        AttributeSets = new[]
        {
            "all",
        },
        Attributes = "",
        Authorization = appAuthorization,
        ResourceTypeSchemaVersion = appResourceTypeSchemaVersion,
    });
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.oci.Identity.IdentityFunctions;
import com.pulumi.oci.Identity.inputs.GetDomainsAppArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        final var testApp = IdentityFunctions.getDomainsApp(GetDomainsAppArgs.builder()
            .appId(testAppOciIdentityDomainsApp.id())
            .idcsEndpoint(testDomain.url())
            .attributeSets("all")
            .attributes("")
            .authorization(appAuthorization)
            .resourceTypeSchemaVersion(appResourceTypeSchemaVersion)
            .build());
    }
}
variables:
  testApp:
    fn::invoke:
      function: oci:Identity:getDomainsApp
      arguments:
        appId: ${testAppOciIdentityDomainsApp.id}
        idcsEndpoint: ${testDomain.url}
        attributeSets:
          - all
        attributes: ""
        authorization: ${appAuthorization}
        resourceTypeSchemaVersion: ${appResourceTypeSchemaVersion}
Using getDomainsApp
Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.
function getDomainsApp(args: GetDomainsAppArgs, opts?: InvokeOptions): Promise<GetDomainsAppResult>
function getDomainsAppOutput(args: GetDomainsAppOutputArgs, opts?: InvokeOptions): Output<GetDomainsAppResult>def get_domains_app(app_id: Optional[str] = None,
                    attribute_sets: Optional[Sequence[str]] = None,
                    attributes: Optional[str] = None,
                    authorization: Optional[str] = None,
                    idcs_endpoint: Optional[str] = None,
                    resource_type_schema_version: Optional[str] = None,
                    opts: Optional[InvokeOptions] = None) -> GetDomainsAppResult
def get_domains_app_output(app_id: Optional[pulumi.Input[str]] = None,
                    attribute_sets: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
                    attributes: Optional[pulumi.Input[str]] = None,
                    authorization: Optional[pulumi.Input[str]] = None,
                    idcs_endpoint: Optional[pulumi.Input[str]] = None,
                    resource_type_schema_version: Optional[pulumi.Input[str]] = None,
                    opts: Optional[InvokeOptions] = None) -> Output[GetDomainsAppResult]func LookupDomainsApp(ctx *Context, args *LookupDomainsAppArgs, opts ...InvokeOption) (*LookupDomainsAppResult, error)
func LookupDomainsAppOutput(ctx *Context, args *LookupDomainsAppOutputArgs, opts ...InvokeOption) LookupDomainsAppResultOutput> Note: This function is named LookupDomainsApp in the Go SDK.
public static class GetDomainsApp 
{
    public static Task<GetDomainsAppResult> InvokeAsync(GetDomainsAppArgs args, InvokeOptions? opts = null)
    public static Output<GetDomainsAppResult> Invoke(GetDomainsAppInvokeArgs args, InvokeOptions? opts = null)
}public static CompletableFuture<GetDomainsAppResult> getDomainsApp(GetDomainsAppArgs args, InvokeOptions options)
public static Output<GetDomainsAppResult> getDomainsApp(GetDomainsAppArgs args, InvokeOptions options)
fn::invoke:
  function: oci:Identity/getDomainsApp:getDomainsApp
  arguments:
    # arguments dictionaryThe following arguments are supported:
- AppId string
- ID of the resource
- IdcsEndpoint string
- The basic endpoint for the identity domain
- AttributeSets List<string>
- A multi-valued list of strings indicating the return type of attribute definition. The specified set of attributes can be fetched by the return type of the attribute. One or more values can be given together to fetch more than one group of attributes. If 'attributes' query parameter is also available, union of the two is fetched. Valid values - all, always, never, request, default. Values are case-insensitive.
- Attributes string
- A comma-delimited string that specifies the names of resource attributes that should be returned in the response. By default, a response that contains resource attributes contains only attributes that are defined in the schema for that resource type as returned=always or returned=default. An attribute that is defined as returned=request is returned in a response only if the request specifies its name in the value of this query parameter. If a request specifies this query parameter, the response contains the attributes that this query parameter specifies, as well as any attribute that is defined as returned=always.
- string
- The Authorization field value consists of credentials containing the authentication information of the user agent for the realm of the resource being requested.
- ResourceType stringSchema Version 
- An endpoint-specific schema version number to use in the Request. Allowed version values are Earliest Version or Latest Version as specified in each REST API endpoint description, or any sequential number inbetween. All schema attributes/body parameters are a part of version 1. After version 1, any attributes added or deprecated will be tagged with the version that they were added to or deprecated in. If no version is provided, the latest schema version is returned.
- AppId string
- ID of the resource
- IdcsEndpoint string
- The basic endpoint for the identity domain
- AttributeSets []string
- A multi-valued list of strings indicating the return type of attribute definition. The specified set of attributes can be fetched by the return type of the attribute. One or more values can be given together to fetch more than one group of attributes. If 'attributes' query parameter is also available, union of the two is fetched. Valid values - all, always, never, request, default. Values are case-insensitive.
- Attributes string
- A comma-delimited string that specifies the names of resource attributes that should be returned in the response. By default, a response that contains resource attributes contains only attributes that are defined in the schema for that resource type as returned=always or returned=default. An attribute that is defined as returned=request is returned in a response only if the request specifies its name in the value of this query parameter. If a request specifies this query parameter, the response contains the attributes that this query parameter specifies, as well as any attribute that is defined as returned=always.
- string
- The Authorization field value consists of credentials containing the authentication information of the user agent for the realm of the resource being requested.
- ResourceType stringSchema Version 
- An endpoint-specific schema version number to use in the Request. Allowed version values are Earliest Version or Latest Version as specified in each REST API endpoint description, or any sequential number inbetween. All schema attributes/body parameters are a part of version 1. After version 1, any attributes added or deprecated will be tagged with the version that they were added to or deprecated in. If no version is provided, the latest schema version is returned.
- appId String
- ID of the resource
- idcsEndpoint String
- The basic endpoint for the identity domain
- attributeSets List<String>
- A multi-valued list of strings indicating the return type of attribute definition. The specified set of attributes can be fetched by the return type of the attribute. One or more values can be given together to fetch more than one group of attributes. If 'attributes' query parameter is also available, union of the two is fetched. Valid values - all, always, never, request, default. Values are case-insensitive.
- attributes String
- A comma-delimited string that specifies the names of resource attributes that should be returned in the response. By default, a response that contains resource attributes contains only attributes that are defined in the schema for that resource type as returned=always or returned=default. An attribute that is defined as returned=request is returned in a response only if the request specifies its name in the value of this query parameter. If a request specifies this query parameter, the response contains the attributes that this query parameter specifies, as well as any attribute that is defined as returned=always.
- String
- The Authorization field value consists of credentials containing the authentication information of the user agent for the realm of the resource being requested.
- resourceType StringSchema Version 
- An endpoint-specific schema version number to use in the Request. Allowed version values are Earliest Version or Latest Version as specified in each REST API endpoint description, or any sequential number inbetween. All schema attributes/body parameters are a part of version 1. After version 1, any attributes added or deprecated will be tagged with the version that they were added to or deprecated in. If no version is provided, the latest schema version is returned.
- appId string
- ID of the resource
- idcsEndpoint string
- The basic endpoint for the identity domain
- attributeSets string[]
- A multi-valued list of strings indicating the return type of attribute definition. The specified set of attributes can be fetched by the return type of the attribute. One or more values can be given together to fetch more than one group of attributes. If 'attributes' query parameter is also available, union of the two is fetched. Valid values - all, always, never, request, default. Values are case-insensitive.
- attributes string
- A comma-delimited string that specifies the names of resource attributes that should be returned in the response. By default, a response that contains resource attributes contains only attributes that are defined in the schema for that resource type as returned=always or returned=default. An attribute that is defined as returned=request is returned in a response only if the request specifies its name in the value of this query parameter. If a request specifies this query parameter, the response contains the attributes that this query parameter specifies, as well as any attribute that is defined as returned=always.
- string
- The Authorization field value consists of credentials containing the authentication information of the user agent for the realm of the resource being requested.
- resourceType stringSchema Version 
- An endpoint-specific schema version number to use in the Request. Allowed version values are Earliest Version or Latest Version as specified in each REST API endpoint description, or any sequential number inbetween. All schema attributes/body parameters are a part of version 1. After version 1, any attributes added or deprecated will be tagged with the version that they were added to or deprecated in. If no version is provided, the latest schema version is returned.
- app_id str
- ID of the resource
- idcs_endpoint str
- The basic endpoint for the identity domain
- attribute_sets Sequence[str]
- A multi-valued list of strings indicating the return type of attribute definition. The specified set of attributes can be fetched by the return type of the attribute. One or more values can be given together to fetch more than one group of attributes. If 'attributes' query parameter is also available, union of the two is fetched. Valid values - all, always, never, request, default. Values are case-insensitive.
- attributes str
- A comma-delimited string that specifies the names of resource attributes that should be returned in the response. By default, a response that contains resource attributes contains only attributes that are defined in the schema for that resource type as returned=always or returned=default. An attribute that is defined as returned=request is returned in a response only if the request specifies its name in the value of this query parameter. If a request specifies this query parameter, the response contains the attributes that this query parameter specifies, as well as any attribute that is defined as returned=always.
- str
- The Authorization field value consists of credentials containing the authentication information of the user agent for the realm of the resource being requested.
- resource_type_ strschema_ version 
- An endpoint-specific schema version number to use in the Request. Allowed version values are Earliest Version or Latest Version as specified in each REST API endpoint description, or any sequential number inbetween. All schema attributes/body parameters are a part of version 1. After version 1, any attributes added or deprecated will be tagged with the version that they were added to or deprecated in. If no version is provided, the latest schema version is returned.
- appId String
- ID of the resource
- idcsEndpoint String
- The basic endpoint for the identity domain
- attributeSets List<String>
- A multi-valued list of strings indicating the return type of attribute definition. The specified set of attributes can be fetched by the return type of the attribute. One or more values can be given together to fetch more than one group of attributes. If 'attributes' query parameter is also available, union of the two is fetched. Valid values - all, always, never, request, default. Values are case-insensitive.
- attributes String
- A comma-delimited string that specifies the names of resource attributes that should be returned in the response. By default, a response that contains resource attributes contains only attributes that are defined in the schema for that resource type as returned=always or returned=default. An attribute that is defined as returned=request is returned in a response only if the request specifies its name in the value of this query parameter. If a request specifies this query parameter, the response contains the attributes that this query parameter specifies, as well as any attribute that is defined as returned=always.
- String
- The Authorization field value consists of credentials containing the authentication information of the user agent for the realm of the resource being requested.
- resourceType StringSchema Version 
- An endpoint-specific schema version number to use in the Request. Allowed version values are Earliest Version or Latest Version as specified in each REST API endpoint description, or any sequential number inbetween. All schema attributes/body parameters are a part of version 1. After version 1, any attributes added or deprecated will be tagged with the version that they were added to or deprecated in. If no version is provided, the latest schema version is returned.
getDomainsApp Result
The following output properties are available:
- AccessToken intExpiry 
- Access token expiry
- Accounts
List<GetDomains App Account> 
- Accounts of App
- Active bool
- If true, this App is able to participate in runtime services, such as automatic-login, OAuth, and SAML. If false, all runtime services are disabled for this App, and only administrative operations can be performed.
- AdminRoles List<GetDomains App Admin Role> 
- A list of AppRoles defined by this UnmanagedApp. Membership in each of these AppRoles confers administrative privilege within this App.
- AliasApps List<GetDomains App Alias App> 
- Each value of this internal attribute refers to an Oracle Public Cloud infrastructure App on which this App depends.
- AllUrl boolSchemes Allowed 
- If true, indicates that the system should allow all URL-schemes within each value of the 'redirectUris' attribute. Also indicates that the system should not attempt to confirm that each value of the 'redirectUris' attribute is a valid URI. In particular, the system should not confirm that the domain component of the URI is a top-level domain and the system should not confirm that the hostname portion is a valid system that is reachable over the network.
- AllowAccess boolControl 
- If true, any managed App that is based on this template is checked for access control that is, access to this app is subject to successful authorization at SSO service, viz. app grants to start with.
- AllowOffline bool
- If true, indicates that the Refresh Token is allowed when this App acts as an OAuth Resource.
- AllowedGrants List<string>
- List of grant-types that this App is allowed to use when it acts as an OAuthClient.
- AllowedOperations List<string>
- OPTIONAL. Required only when this App acts as an OAuthClient. Supported values are 'introspect' and 'onBehalfOfUser'. The value 'introspect' allows the client to look inside the access-token. The value 'onBehalfOfUser' overrides how the client's privileges are combined with the privileges of the Subject User. Ordinarily, authorization calculates the set of effective privileges as the intersection of the client's privileges and the user's privileges. The value 'onBehalfOf' indicates that authorization should ignore the privileges of the client and use only the user's privileges to calculate the effective privileges.
- AllowedScopes List<GetDomains App Allowed Scope> 
- A list of scopes (exposed by this App or by other Apps) that this App is allowed to access when it acts as an OAuthClient.
- 
List<GetDomains App Allowed Tag> 
- A list of tags, acting as an OAuthClient, this App is allowed to access.
- AppIcon string
- Application icon.
- AppId string
- The id of the App that defines this AppRole, which is granted to this App. The App that defines the AppRole acts as the producer; the App to which the AppRole is granted acts as a consumer.
- AppSignon List<GetPolicies Domains App App Signon Policy> 
- App Sign-on Policy.
- AppThumbnail string
- Application thumbnail.
- AppsNetwork List<GetPerimeters Domains App Apps Network Perimeter> 
- Network Perimeter
- AsOpc List<GetServices Domains App As Opc Service> 
- OPCService facet of the application.
- AttrRendering List<GetMetadatas Domains App Attr Rendering Metadata> 
- Label for the attribute to be shown in the UI.
- Audience string
- The base URI for all of the scopes defined in this App. The value of 'audience' is combined with the 'value' of each scope to form an 'fqs' or fully qualified scope.
- BasedOn List<GetTemplates Domains App Based On Template> 
- Application template on which the application is based.
- BypassConsent bool
- If true, indicates that consent should be skipped for all scopes
- CallbackService stringUrl 
- Callback Service URL
- Certificates
List<GetDomains App Certificate> 
- Each value of this attribute represent a certificate that this App uses when it acts as an OAuthClient.
- ClientIp stringChecking 
- Network Perimeters checking mode
- ClientSecret string
- This value is the credential of this App, which this App supplies as a password when this App authenticates to the Oracle Public Cloud infrastructure. This value is also the client secret of this App when it acts as an OAuthClient.
- ClientType string
- Specifies the type of access that this App has when it acts as an OAuthClient.
- CloudControl List<GetProperties Domains App Cloud Control Property> 
- A collection of arbitrary properties that scope the privileges of a cloud-control App.
- CompartmentOcid string
- Oracle Cloud Infrastructure Compartment Id (ocid) in which the resource lives.
- ContactEmail stringAddress 
- Contact Email Address
- DelegatedService List<string>Names 
- Service Names allow to use Oracle Cloud Infrastructure signature for client authentication instead of client credentials
- DeleteIn boolProgress 
- A boolean flag indicating this resource in the process of being deleted. Usually set to true when synchronous deletion of the resource would take too long.
- Description string
- The description of the AppRole.
- DisableKmsi boolToken Authentication 
- Indicates whether the application is allowed to be access using kmsi token.
- DisplayName string
- Display name of the flatfile bundle configuration property. This attribute maps to "displayName" attribute in "ConfigurationProperty" in ICF.
- DomainOcid string
- Oracle Cloud Infrastructure Domain Id (ocid) in which the resource lives.
- EditableAttributes List<GetDomains App Editable Attribute> 
- App attributes editable by subject
- ErrorPage stringUrl 
- This attribute specifies the URL of the page to which an application will redirect an end-user in case of error.
- ForceDelete bool
- GrantedApp List<GetRoles Domains App Granted App Role> 
- A list of AppRoles that are granted to this App (and that are defined by other Apps). Within the Oracle Public Cloud infrastructure, this allows AppID-based association. Such an association allows this App to act as a consumer and thus to access resources of another App that acts as a producer.
- Grants
List<GetDomains App Grant> 
- Grants assigned to the app
- HashedClient stringSecret 
- Hashed Client Secret. This hash-value is used to verify the 'clientSecret' credential of this App
- HomePage stringUrl 
- Home Page URL
- Icon string
- URL of application icon.
- Id string
- Unique identifier for the SCIM Resource as defined by the Service Provider. Each representation of the Resource MUST include a non-empty id value. This identifier MUST be unique across the Service Provider's entire set of Resources. It MUST be a stable, non-reassignable identifier that does not change when the same Resource is returned in subsequent requests. The value of the id attribute is always issued by the Service Provider and MUST never be specified by the Service Consumer. bulkId: is a reserved keyword and MUST NOT be used in the unique identifier.
- IdToken stringEnc Algo 
- Encryption Alogrithm to use for encrypting ID token.
- IdcsCreated List<GetBies Domains App Idcs Created By> 
- The User or App who created the Resource
- IdcsEndpoint string
- IdcsLast List<GetModified Bies Domains App Idcs Last Modified By> 
- The User or App who modified the Resource
- IdcsLast stringUpgraded In Release 
- The release number when the resource was upgraded.
- IdcsPrevented List<string>Operations 
- Each value of this attribute specifies an operation that only an internal client may perform on this particular resource.
- IdentityProviders List<GetDomains App Identity Provider> 
- A list of IdentityProvider assigned to app. A user trying to access this app will be automatically redirected to configured IdP during the authentication phase, before being able to access App.
- IdpPolicies List<GetDomains App Idp Policy> 
- IDP Policy.
- Infrastructure bool
- If true, this App is an internal infrastructure App.
- IsAlias boolApp 
- If true, this App is an AliasApp and it cannot be granted to an end-user directly.
- IsDatabase boolService 
- If true, this application acts as database service Application
- IsEnterprise boolApp 
- If true, this app acts as Enterprise app with Authentication and URL Authz policy.
- IsForm boolFill 
- If true, this application acts as FormFill Application
- IsKerberos boolRealm 
- If true, indicates that this App supports Kerberos Authentication
- IsLogin boolTarget 
- If true, this App allows runtime services to log end users into this App automatically.
- IsManaged boolApp 
- If true, indicates that access to this App requires an account. That is, in order to log in to the App, a User must use an application-specific identity that is maintained in the remote identity-repository of that App.
- IsMobile boolTarget 
- If true, indicates that the App should be visible in each end-user's mobile application.
- IsMulticloud boolService App 
- If true, indicates the app is used for multicloud service integration.
- IsOauth boolClient 
- If true, this application acts as an OAuth Client
- IsOauth boolResource 
- If true, indicates that this application acts as an OAuth Resource.
- IsObligation boolCapable 
- This flag indicates if the App is capable of validating obligations with the token for allowing access to the App.
- IsOpc boolService 
- If true, this application is an Oracle Public Cloud service-instance.
- IsRadius boolApp 
- If true, this application acts as an Radius App
- IsSaml boolService Provider 
- If true, then this App acts as a SAML Service Provider.
- IsUnmanaged boolApp 
- If true, indicates that this application accepts an Oracle Cloud Identity Service User as a login-identity (does not require an account) and relies for authorization on the User's memberships in AppRoles.
- IsWeb boolTier Policy 
- If true, the webtier policy is active
- LandingPage stringUrl 
- The URL of the landing page for this App, which is the first page that an end user should see if runtime services log that end user in to this App automatically.
- LinkingCallback stringUrl 
- This attribute specifies the callback URL for the social linking operation.
- LoginMechanism string
- The protocol that runtime services will use to log end users in to this App automatically. If 'OIDC', then runtime services use the OpenID Connect protocol. If 'SAML', then runtime services use Security Assertion Markup Language protocol.
- LoginPage stringUrl 
- This attribute specifies the URL of the page that the App uses when an end-user signs in to that App.
- LogoutPage stringUrl 
- This attribute specifies the URL of the page that the App uses when an end-user signs out.
- LogoutUri string
- OAuth will use this URI to logout if this App wants to participate in SSO, and if this App's session gets cleared as part of global logout. Note: This attribute is used only if this App acts as an OAuthClient.
- Metas
List<GetDomains App Meta> 
- A complex attribute that contains resource metadata. All sub-attributes are OPTIONAL.
- MeterAs boolOpc Service 
- Indicates whether the application is billed as an OPCService. If true, customer is not billed for runtime operations of the app.
- Migrated bool
- If true, this App was migrated from an earlier version of Oracle Public Cloud infrastructure (and may therefore require special handling from runtime services such as OAuth or SAML). If false, this App requires no special handling from runtime services.
- Name string
- The attribute represents the name of the attribute that will be used in the Security Assertion Markup Language (SAML) assertion
- Ocid string
- Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.
- PostLogout List<string>Redirect Uris 
- Each value of this attribute is the URI of a landing page within this App. It is used only when this App, acting as an OAuthClient, initiates the logout flow and wants to be redirected back to one of its landing pages.
- PrivacyPolicy stringUrl 
- Privacy Policy URL
- ProductLogo stringUrl 
- Application Logo URL
- ProductName string
- Product Name
- ProtectableSecondary List<GetAudiences Domains App Protectable Secondary Audience> 
- A list of secondary audiences--additional URIs to be added automatically to any OAuth token that allows access to this App. Note: This attribute is used mainly for backward compatibility in certain Oracle Public Cloud Apps.
- RadiusPolicies List<GetDomains App Radius Policy> 
- RADIUS Policy assigned to this application.
- ReadyTo boolUpgrade 
- If true, this App requires an upgrade and mandates attention from application administrator. The flag is used by UI to indicate this app is ready to upgrade.
- RedirectUris List<string>
- OPTIONAL. Each value is a URI within this App. This attribute is required when this App acts as an OAuthClient and is involved in three-legged flows (authorization-code flows).
- RefreshToken intExpiry 
- Expiry-time in seconds for a Refresh Token. Any token that allows access to this App, once refreshed, will expire after the specified duration.
- SamlService List<GetProviders Domains App Saml Service Provider> 
- An attribute that refers to the SAML Service Provider that runtime services will use to log an end user in to this App automatically. Note that this will be used only if the loginMechanism is 'SAML'.
- Schemas List<string>
- REQUIRED. The schemas attribute is an array of Strings which allows introspection of the supported schema version for a SCIM representation as well any schema extensions supported by that representation. Each String value must be a unique URI. This specification defines URIs for User, Group, and a standard "enterprise" extension. All representations of SCIM schema MUST include a non-zero value array with value(s) of the URIs supported by that representation. Duplicate values MUST NOT be included. Value order is not specified and MUST not impact behavior.
- Scopes
List<GetDomains App Scope> 
- Scopes defined by this App. Used when this App acts as an OAuth Resource.
- SecondaryAudiences List<string>
- A list of secondary audiences--additional URIs to be added automatically to any OAuth token that allows access to this App. Note: This attribute is used mainly for backward compatibility in certain Oracle Public Cloud Apps.
- ServiceParams List<GetDomains App Service Param> 
- Custom attribute that is required to compute other attribute values during app creation.
- ServiceType stringUrn 
- This Uniform Resource Name (URN) value identifies the type of Oracle Public Cloud service of which this app is an instance.
- ServiceType stringVersion 
- This value specifies the version of the Oracle Public Cloud service of which this App is an instance
- ShowIn boolMy Apps 
- If true, this app will be displayed in the MyApps page of each end-user who has access to the App.
- SignonPolicies List<GetDomains App Signon Policy> 
- Sign-on Policy.
- 
List<GetDomains App Tag> 
- A list of tags on this resource.
- TenancyOcid string
- Oracle Cloud Infrastructure Tenant Id (ocid) in which the resource lives.
- TermsOf stringService Url 
- Terms of Service URL
- TermsOf List<GetUses Domains App Terms Of Use> 
- Terms Of Use.
- TrustPolicies List<GetDomains App Trust Policy> 
- Trust Policies.
- TrustScope string
- Indicates the scope of trust for this App when acting as an OAuthClient. A value of 'Explicit' indicates that the App is allowed to access only the scopes of OAuthResources that are explicitly specified as 'allowedScopes'. A value of 'Account' indicates that the App is allowed implicitly to access any scope of any OAuthResource within the same Oracle Cloud Account. A value of 'Tags' indicates that the App is allowed to access any scope of any OAuthResource with a matching tag within the same Oracle Cloud Account. A value of 'Default' indicates that the Tenant default trust scope configured in the Tenant Settings is used.
- 
List<GetDomains App Urnietfparamsscimschemasoracleidcsextension Oci Tag> 
- Oracle Cloud Infrastructure Tags.
- UrnietfparamsscimschemasoracleidcsextensiondbcsApps List<GetDomains App Urnietfparamsscimschemasoracleidcsextensiondbcs App> 
- This extension provides attributes for database service facet of an App
- UrnietfparamsscimschemasoracleidcsextensionenterpriseApp List<GetApps Domains App Urnietfparamsscimschemasoracleidcsextensionenterprise App App> 
- This extension defines the Enterprise App related attributes.
- UrnietfparamsscimschemasoracleidcsextensionformFill List<GetApp Apps Domains App Urnietfparamsscimschemasoracleidcsextensionform Fill App App> 
- This extension provides attributes for Form-Fill facet of App
- UrnietfparamsscimschemasoracleidcsextensionformFill List<GetApp Template App Templates Domains App Urnietfparamsscimschemasoracleidcsextensionform Fill App Template App Template> 
- This extension provides attributes for Form-Fill facet of AppTemplate
- UrnietfparamsscimschemasoracleidcsextensionkerberosRealm List<GetApps Domains App Urnietfparamsscimschemasoracleidcsextensionkerberos Realm App> 
- Kerberos Realm
- UrnietfparamsscimschemasoracleidcsextensionmanagedappApps List<GetDomains App Urnietfparamsscimschemasoracleidcsextensionmanagedapp App> 
- Managed App
- UrnietfparamsscimschemasoracleidcsextensionmulticloudService List<GetApp Apps Domains App Urnietfparamsscimschemasoracleidcsextensionmulticloud Service App App> 
- This extension defines attributes specific to Apps that represent instances of Multicloud Service App
- UrnietfparamsscimschemasoracleidcsextensionopcService List<GetApps Domains App Urnietfparamsscimschemasoracleidcsextensionopc Service App> 
- This extension defines attributes specific to Apps that represent instances of an Oracle Public Cloud (OPC) service.
- UrnietfparamsscimschemasoracleidcsextensionradiusApp List<GetApps Domains App Urnietfparamsscimschemasoracleidcsextensionradius App App> 
- This extension defines attributes specific to Apps that represent instances of Radius App.
- UrnietfparamsscimschemasoracleidcsextensionrequestableApps List<GetDomains App Urnietfparamsscimschemasoracleidcsextensionrequestable App> 
- Requestable App
- UrnietfparamsscimschemasoracleidcsextensionsamlService List<GetProvider Apps Domains App Urnietfparamsscimschemasoracleidcsextensionsaml Service Provider App> 
- This extension defines attributes related to the Service Providers configuration.
- UrnietfparamsscimschemasoracleidcsextensionwebTier List<GetPolicy Apps Domains App Urnietfparamsscimschemasoracleidcsextensionweb Tier Policy App> 
- WebTier Policy
- UserRoles List<GetDomains App User Role> 
- A list of AppRoles defined by this UnmanagedApp. Membership in each of these AppRoles confers end-user privilege within this App.
- AttributeSets List<string>
- Attributes string
- string
- ResourceType stringSchema Version 
- AccessToken intExpiry 
- Access token expiry
- Accounts
[]GetDomains App Account 
- Accounts of App
- Active bool
- If true, this App is able to participate in runtime services, such as automatic-login, OAuth, and SAML. If false, all runtime services are disabled for this App, and only administrative operations can be performed.
- AdminRoles []GetDomains App Admin Role 
- A list of AppRoles defined by this UnmanagedApp. Membership in each of these AppRoles confers administrative privilege within this App.
- AliasApps []GetDomains App Alias App 
- Each value of this internal attribute refers to an Oracle Public Cloud infrastructure App on which this App depends.
- AllUrl boolSchemes Allowed 
- If true, indicates that the system should allow all URL-schemes within each value of the 'redirectUris' attribute. Also indicates that the system should not attempt to confirm that each value of the 'redirectUris' attribute is a valid URI. In particular, the system should not confirm that the domain component of the URI is a top-level domain and the system should not confirm that the hostname portion is a valid system that is reachable over the network.
- AllowAccess boolControl 
- If true, any managed App that is based on this template is checked for access control that is, access to this app is subject to successful authorization at SSO service, viz. app grants to start with.
- AllowOffline bool
- If true, indicates that the Refresh Token is allowed when this App acts as an OAuth Resource.
- AllowedGrants []string
- List of grant-types that this App is allowed to use when it acts as an OAuthClient.
- AllowedOperations []string
- OPTIONAL. Required only when this App acts as an OAuthClient. Supported values are 'introspect' and 'onBehalfOfUser'. The value 'introspect' allows the client to look inside the access-token. The value 'onBehalfOfUser' overrides how the client's privileges are combined with the privileges of the Subject User. Ordinarily, authorization calculates the set of effective privileges as the intersection of the client's privileges and the user's privileges. The value 'onBehalfOf' indicates that authorization should ignore the privileges of the client and use only the user's privileges to calculate the effective privileges.
- AllowedScopes []GetDomains App Allowed Scope 
- A list of scopes (exposed by this App or by other Apps) that this App is allowed to access when it acts as an OAuthClient.
- 
[]GetDomains App Allowed Tag 
- A list of tags, acting as an OAuthClient, this App is allowed to access.
- AppIcon string
- Application icon.
- AppId string
- The id of the App that defines this AppRole, which is granted to this App. The App that defines the AppRole acts as the producer; the App to which the AppRole is granted acts as a consumer.
- AppSignon []GetPolicies Domains App App Signon Policy 
- App Sign-on Policy.
- AppThumbnail string
- Application thumbnail.
- AppsNetwork []GetPerimeters Domains App Apps Network Perimeter 
- Network Perimeter
- AsOpc []GetServices Domains App As Opc Service 
- OPCService facet of the application.
- AttrRendering []GetMetadatas Domains App Attr Rendering Metadata 
- Label for the attribute to be shown in the UI.
- Audience string
- The base URI for all of the scopes defined in this App. The value of 'audience' is combined with the 'value' of each scope to form an 'fqs' or fully qualified scope.
- BasedOn []GetTemplates Domains App Based On Template 
- Application template on which the application is based.
- BypassConsent bool
- If true, indicates that consent should be skipped for all scopes
- CallbackService stringUrl 
- Callback Service URL
- Certificates
[]GetDomains App Certificate 
- Each value of this attribute represent a certificate that this App uses when it acts as an OAuthClient.
- ClientIp stringChecking 
- Network Perimeters checking mode
- ClientSecret string
- This value is the credential of this App, which this App supplies as a password when this App authenticates to the Oracle Public Cloud infrastructure. This value is also the client secret of this App when it acts as an OAuthClient.
- ClientType string
- Specifies the type of access that this App has when it acts as an OAuthClient.
- CloudControl []GetProperties Domains App Cloud Control Property 
- A collection of arbitrary properties that scope the privileges of a cloud-control App.
- CompartmentOcid string
- Oracle Cloud Infrastructure Compartment Id (ocid) in which the resource lives.
- ContactEmail stringAddress 
- Contact Email Address
- DelegatedService []stringNames 
- Service Names allow to use Oracle Cloud Infrastructure signature for client authentication instead of client credentials
- DeleteIn boolProgress 
- A boolean flag indicating this resource in the process of being deleted. Usually set to true when synchronous deletion of the resource would take too long.
- Description string
- The description of the AppRole.
- DisableKmsi boolToken Authentication 
- Indicates whether the application is allowed to be access using kmsi token.
- DisplayName string
- Display name of the flatfile bundle configuration property. This attribute maps to "displayName" attribute in "ConfigurationProperty" in ICF.
- DomainOcid string
- Oracle Cloud Infrastructure Domain Id (ocid) in which the resource lives.
- EditableAttributes []GetDomains App Editable Attribute 
- App attributes editable by subject
- ErrorPage stringUrl 
- This attribute specifies the URL of the page to which an application will redirect an end-user in case of error.
- ForceDelete bool
- GrantedApp []GetRoles Domains App Granted App Role 
- A list of AppRoles that are granted to this App (and that are defined by other Apps). Within the Oracle Public Cloud infrastructure, this allows AppID-based association. Such an association allows this App to act as a consumer and thus to access resources of another App that acts as a producer.
- Grants
[]GetDomains App Grant 
- Grants assigned to the app
- HashedClient stringSecret 
- Hashed Client Secret. This hash-value is used to verify the 'clientSecret' credential of this App
- HomePage stringUrl 
- Home Page URL
- Icon string
- URL of application icon.
- Id string
- Unique identifier for the SCIM Resource as defined by the Service Provider. Each representation of the Resource MUST include a non-empty id value. This identifier MUST be unique across the Service Provider's entire set of Resources. It MUST be a stable, non-reassignable identifier that does not change when the same Resource is returned in subsequent requests. The value of the id attribute is always issued by the Service Provider and MUST never be specified by the Service Consumer. bulkId: is a reserved keyword and MUST NOT be used in the unique identifier.
- IdToken stringEnc Algo 
- Encryption Alogrithm to use for encrypting ID token.
- IdcsCreated []GetBies Domains App Idcs Created By 
- The User or App who created the Resource
- IdcsEndpoint string
- IdcsLast []GetModified Bies Domains App Idcs Last Modified By 
- The User or App who modified the Resource
- IdcsLast stringUpgraded In Release 
- The release number when the resource was upgraded.
- IdcsPrevented []stringOperations 
- Each value of this attribute specifies an operation that only an internal client may perform on this particular resource.
- IdentityProviders []GetDomains App Identity Provider 
- A list of IdentityProvider assigned to app. A user trying to access this app will be automatically redirected to configured IdP during the authentication phase, before being able to access App.
- IdpPolicies []GetDomains App Idp Policy 
- IDP Policy.
- Infrastructure bool
- If true, this App is an internal infrastructure App.
- IsAlias boolApp 
- If true, this App is an AliasApp and it cannot be granted to an end-user directly.
- IsDatabase boolService 
- If true, this application acts as database service Application
- IsEnterprise boolApp 
- If true, this app acts as Enterprise app with Authentication and URL Authz policy.
- IsForm boolFill 
- If true, this application acts as FormFill Application
- IsKerberos boolRealm 
- If true, indicates that this App supports Kerberos Authentication
- IsLogin boolTarget 
- If true, this App allows runtime services to log end users into this App automatically.
- IsManaged boolApp 
- If true, indicates that access to this App requires an account. That is, in order to log in to the App, a User must use an application-specific identity that is maintained in the remote identity-repository of that App.
- IsMobile boolTarget 
- If true, indicates that the App should be visible in each end-user's mobile application.
- IsMulticloud boolService App 
- If true, indicates the app is used for multicloud service integration.
- IsOauth boolClient 
- If true, this application acts as an OAuth Client
- IsOauth boolResource 
- If true, indicates that this application acts as an OAuth Resource.
- IsObligation boolCapable 
- This flag indicates if the App is capable of validating obligations with the token for allowing access to the App.
- IsOpc boolService 
- If true, this application is an Oracle Public Cloud service-instance.
- IsRadius boolApp 
- If true, this application acts as an Radius App
- IsSaml boolService Provider 
- If true, then this App acts as a SAML Service Provider.
- IsUnmanaged boolApp 
- If true, indicates that this application accepts an Oracle Cloud Identity Service User as a login-identity (does not require an account) and relies for authorization on the User's memberships in AppRoles.
- IsWeb boolTier Policy 
- If true, the webtier policy is active
- LandingPage stringUrl 
- The URL of the landing page for this App, which is the first page that an end user should see if runtime services log that end user in to this App automatically.
- LinkingCallback stringUrl 
- This attribute specifies the callback URL for the social linking operation.
- LoginMechanism string
- The protocol that runtime services will use to log end users in to this App automatically. If 'OIDC', then runtime services use the OpenID Connect protocol. If 'SAML', then runtime services use Security Assertion Markup Language protocol.
- LoginPage stringUrl 
- This attribute specifies the URL of the page that the App uses when an end-user signs in to that App.
- LogoutPage stringUrl 
- This attribute specifies the URL of the page that the App uses when an end-user signs out.
- LogoutUri string
- OAuth will use this URI to logout if this App wants to participate in SSO, and if this App's session gets cleared as part of global logout. Note: This attribute is used only if this App acts as an OAuthClient.
- Metas
[]GetDomains App Meta 
- A complex attribute that contains resource metadata. All sub-attributes are OPTIONAL.
- MeterAs boolOpc Service 
- Indicates whether the application is billed as an OPCService. If true, customer is not billed for runtime operations of the app.
- Migrated bool
- If true, this App was migrated from an earlier version of Oracle Public Cloud infrastructure (and may therefore require special handling from runtime services such as OAuth or SAML). If false, this App requires no special handling from runtime services.
- Name string
- The attribute represents the name of the attribute that will be used in the Security Assertion Markup Language (SAML) assertion
- Ocid string
- Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.
- PostLogout []stringRedirect Uris 
- Each value of this attribute is the URI of a landing page within this App. It is used only when this App, acting as an OAuthClient, initiates the logout flow and wants to be redirected back to one of its landing pages.
- PrivacyPolicy stringUrl 
- Privacy Policy URL
- ProductLogo stringUrl 
- Application Logo URL
- ProductName string
- Product Name
- ProtectableSecondary []GetAudiences Domains App Protectable Secondary Audience 
- A list of secondary audiences--additional URIs to be added automatically to any OAuth token that allows access to this App. Note: This attribute is used mainly for backward compatibility in certain Oracle Public Cloud Apps.
- RadiusPolicies []GetDomains App Radius Policy 
- RADIUS Policy assigned to this application.
- ReadyTo boolUpgrade 
- If true, this App requires an upgrade and mandates attention from application administrator. The flag is used by UI to indicate this app is ready to upgrade.
- RedirectUris []string
- OPTIONAL. Each value is a URI within this App. This attribute is required when this App acts as an OAuthClient and is involved in three-legged flows (authorization-code flows).
- RefreshToken intExpiry 
- Expiry-time in seconds for a Refresh Token. Any token that allows access to this App, once refreshed, will expire after the specified duration.
- SamlService []GetProviders Domains App Saml Service Provider 
- An attribute that refers to the SAML Service Provider that runtime services will use to log an end user in to this App automatically. Note that this will be used only if the loginMechanism is 'SAML'.
- Schemas []string
- REQUIRED. The schemas attribute is an array of Strings which allows introspection of the supported schema version for a SCIM representation as well any schema extensions supported by that representation. Each String value must be a unique URI. This specification defines URIs for User, Group, and a standard "enterprise" extension. All representations of SCIM schema MUST include a non-zero value array with value(s) of the URIs supported by that representation. Duplicate values MUST NOT be included. Value order is not specified and MUST not impact behavior.
- Scopes
[]GetDomains App Scope 
- Scopes defined by this App. Used when this App acts as an OAuth Resource.
- SecondaryAudiences []string
- A list of secondary audiences--additional URIs to be added automatically to any OAuth token that allows access to this App. Note: This attribute is used mainly for backward compatibility in certain Oracle Public Cloud Apps.
- ServiceParams []GetDomains App Service Param 
- Custom attribute that is required to compute other attribute values during app creation.
- ServiceType stringUrn 
- This Uniform Resource Name (URN) value identifies the type of Oracle Public Cloud service of which this app is an instance.
- ServiceType stringVersion 
- This value specifies the version of the Oracle Public Cloud service of which this App is an instance
- ShowIn boolMy Apps 
- If true, this app will be displayed in the MyApps page of each end-user who has access to the App.
- SignonPolicies []GetDomains App Signon Policy 
- Sign-on Policy.
- 
[]GetDomains App Tag 
- A list of tags on this resource.
- TenancyOcid string
- Oracle Cloud Infrastructure Tenant Id (ocid) in which the resource lives.
- TermsOf stringService Url 
- Terms of Service URL
- TermsOf []GetUses Domains App Terms Of Use 
- Terms Of Use.
- TrustPolicies []GetDomains App Trust Policy 
- Trust Policies.
- TrustScope string
- Indicates the scope of trust for this App when acting as an OAuthClient. A value of 'Explicit' indicates that the App is allowed to access only the scopes of OAuthResources that are explicitly specified as 'allowedScopes'. A value of 'Account' indicates that the App is allowed implicitly to access any scope of any OAuthResource within the same Oracle Cloud Account. A value of 'Tags' indicates that the App is allowed to access any scope of any OAuthResource with a matching tag within the same Oracle Cloud Account. A value of 'Default' indicates that the Tenant default trust scope configured in the Tenant Settings is used.
- 
[]GetDomains App Urnietfparamsscimschemasoracleidcsextension Oci Tag 
- Oracle Cloud Infrastructure Tags.
- UrnietfparamsscimschemasoracleidcsextensiondbcsApps []GetDomains App Urnietfparamsscimschemasoracleidcsextensiondbcs App 
- This extension provides attributes for database service facet of an App
- UrnietfparamsscimschemasoracleidcsextensionenterpriseApp []GetApps Domains App Urnietfparamsscimschemasoracleidcsextensionenterprise App App 
- This extension defines the Enterprise App related attributes.
- UrnietfparamsscimschemasoracleidcsextensionformFill []GetApp Apps Domains App Urnietfparamsscimschemasoracleidcsextensionform Fill App App 
- This extension provides attributes for Form-Fill facet of App
- UrnietfparamsscimschemasoracleidcsextensionformFill []GetApp Template App Templates Domains App Urnietfparamsscimschemasoracleidcsextensionform Fill App Template App Template 
- This extension provides attributes for Form-Fill facet of AppTemplate
- UrnietfparamsscimschemasoracleidcsextensionkerberosRealm []GetApps Domains App Urnietfparamsscimschemasoracleidcsextensionkerberos Realm App 
- Kerberos Realm
- UrnietfparamsscimschemasoracleidcsextensionmanagedappApps []GetDomains App Urnietfparamsscimschemasoracleidcsextensionmanagedapp App 
- Managed App
- UrnietfparamsscimschemasoracleidcsextensionmulticloudService []GetApp Apps Domains App Urnietfparamsscimschemasoracleidcsextensionmulticloud Service App App 
- This extension defines attributes specific to Apps that represent instances of Multicloud Service App
- UrnietfparamsscimschemasoracleidcsextensionopcService []GetApps Domains App Urnietfparamsscimschemasoracleidcsextensionopc Service App 
- This extension defines attributes specific to Apps that represent instances of an Oracle Public Cloud (OPC) service.
- UrnietfparamsscimschemasoracleidcsextensionradiusApp []GetApps Domains App Urnietfparamsscimschemasoracleidcsextensionradius App App 
- This extension defines attributes specific to Apps that represent instances of Radius App.
- UrnietfparamsscimschemasoracleidcsextensionrequestableApps []GetDomains App Urnietfparamsscimschemasoracleidcsextensionrequestable App 
- Requestable App
- UrnietfparamsscimschemasoracleidcsextensionsamlService []GetProvider Apps Domains App Urnietfparamsscimschemasoracleidcsextensionsaml Service Provider App 
- This extension defines attributes related to the Service Providers configuration.
- UrnietfparamsscimschemasoracleidcsextensionwebTier []GetPolicy Apps Domains App Urnietfparamsscimschemasoracleidcsextensionweb Tier Policy App 
- WebTier Policy
- UserRoles []GetDomains App User Role 
- A list of AppRoles defined by this UnmanagedApp. Membership in each of these AppRoles confers end-user privilege within this App.
- AttributeSets []string
- Attributes string
- string
- ResourceType stringSchema Version 
- accessToken IntegerExpiry 
- Access token expiry
- accounts
List<GetDomains App Account> 
- Accounts of App
- active Boolean
- If true, this App is able to participate in runtime services, such as automatic-login, OAuth, and SAML. If false, all runtime services are disabled for this App, and only administrative operations can be performed.
- adminRoles List<GetDomains App Admin Role> 
- A list of AppRoles defined by this UnmanagedApp. Membership in each of these AppRoles confers administrative privilege within this App.
- aliasApps List<GetDomains App Alias App> 
- Each value of this internal attribute refers to an Oracle Public Cloud infrastructure App on which this App depends.
- allUrl BooleanSchemes Allowed 
- If true, indicates that the system should allow all URL-schemes within each value of the 'redirectUris' attribute. Also indicates that the system should not attempt to confirm that each value of the 'redirectUris' attribute is a valid URI. In particular, the system should not confirm that the domain component of the URI is a top-level domain and the system should not confirm that the hostname portion is a valid system that is reachable over the network.
- allowAccess BooleanControl 
- If true, any managed App that is based on this template is checked for access control that is, access to this app is subject to successful authorization at SSO service, viz. app grants to start with.
- allowOffline Boolean
- If true, indicates that the Refresh Token is allowed when this App acts as an OAuth Resource.
- allowedGrants List<String>
- List of grant-types that this App is allowed to use when it acts as an OAuthClient.
- allowedOperations List<String>
- OPTIONAL. Required only when this App acts as an OAuthClient. Supported values are 'introspect' and 'onBehalfOfUser'. The value 'introspect' allows the client to look inside the access-token. The value 'onBehalfOfUser' overrides how the client's privileges are combined with the privileges of the Subject User. Ordinarily, authorization calculates the set of effective privileges as the intersection of the client's privileges and the user's privileges. The value 'onBehalfOf' indicates that authorization should ignore the privileges of the client and use only the user's privileges to calculate the effective privileges.
- allowedScopes List<GetDomains App Allowed Scope> 
- A list of scopes (exposed by this App or by other Apps) that this App is allowed to access when it acts as an OAuthClient.
- 
List<GetDomains App Allowed Tag> 
- A list of tags, acting as an OAuthClient, this App is allowed to access.
- appIcon String
- Application icon.
- appId String
- The id of the App that defines this AppRole, which is granted to this App. The App that defines the AppRole acts as the producer; the App to which the AppRole is granted acts as a consumer.
- appSignon List<GetPolicies Domains App App Signon Policy> 
- App Sign-on Policy.
- appThumbnail String
- Application thumbnail.
- appsNetwork List<GetPerimeters Domains App Apps Network Perimeter> 
- Network Perimeter
- asOpc List<GetServices Domains App As Opc Service> 
- OPCService facet of the application.
- attrRendering List<GetMetadatas Domains App Attr Rendering Metadata> 
- Label for the attribute to be shown in the UI.
- audience String
- The base URI for all of the scopes defined in this App. The value of 'audience' is combined with the 'value' of each scope to form an 'fqs' or fully qualified scope.
- basedOn List<GetTemplates Domains App Based On Template> 
- Application template on which the application is based.
- bypassConsent Boolean
- If true, indicates that consent should be skipped for all scopes
- callbackService StringUrl 
- Callback Service URL
- certificates
List<GetDomains App Certificate> 
- Each value of this attribute represent a certificate that this App uses when it acts as an OAuthClient.
- clientIp StringChecking 
- Network Perimeters checking mode
- clientSecret String
- This value is the credential of this App, which this App supplies as a password when this App authenticates to the Oracle Public Cloud infrastructure. This value is also the client secret of this App when it acts as an OAuthClient.
- clientType String
- Specifies the type of access that this App has when it acts as an OAuthClient.
- cloudControl List<GetProperties Domains App Cloud Control Property> 
- A collection of arbitrary properties that scope the privileges of a cloud-control App.
- compartmentOcid String
- Oracle Cloud Infrastructure Compartment Id (ocid) in which the resource lives.
- contactEmail StringAddress 
- Contact Email Address
- delegatedService List<String>Names 
- Service Names allow to use Oracle Cloud Infrastructure signature for client authentication instead of client credentials
- deleteIn BooleanProgress 
- A boolean flag indicating this resource in the process of being deleted. Usually set to true when synchronous deletion of the resource would take too long.
- description String
- The description of the AppRole.
- disableKmsi BooleanToken Authentication 
- Indicates whether the application is allowed to be access using kmsi token.
- displayName String
- Display name of the flatfile bundle configuration property. This attribute maps to "displayName" attribute in "ConfigurationProperty" in ICF.
- domainOcid String
- Oracle Cloud Infrastructure Domain Id (ocid) in which the resource lives.
- editableAttributes List<GetDomains App Editable Attribute> 
- App attributes editable by subject
- errorPage StringUrl 
- This attribute specifies the URL of the page to which an application will redirect an end-user in case of error.
- forceDelete Boolean
- grantedApp List<GetRoles Domains App Granted App Role> 
- A list of AppRoles that are granted to this App (and that are defined by other Apps). Within the Oracle Public Cloud infrastructure, this allows AppID-based association. Such an association allows this App to act as a consumer and thus to access resources of another App that acts as a producer.
- grants
List<GetDomains App Grant> 
- Grants assigned to the app
- hashedClient StringSecret 
- Hashed Client Secret. This hash-value is used to verify the 'clientSecret' credential of this App
- homePage StringUrl 
- Home Page URL
- icon String
- URL of application icon.
- id String
- Unique identifier for the SCIM Resource as defined by the Service Provider. Each representation of the Resource MUST include a non-empty id value. This identifier MUST be unique across the Service Provider's entire set of Resources. It MUST be a stable, non-reassignable identifier that does not change when the same Resource is returned in subsequent requests. The value of the id attribute is always issued by the Service Provider and MUST never be specified by the Service Consumer. bulkId: is a reserved keyword and MUST NOT be used in the unique identifier.
- idToken StringEnc Algo 
- Encryption Alogrithm to use for encrypting ID token.
- idcsCreated List<GetBies Domains App Idcs Created By> 
- The User or App who created the Resource
- idcsEndpoint String
- idcsLast List<GetModified Bies Domains App Idcs Last Modified By> 
- The User or App who modified the Resource
- idcsLast StringUpgraded In Release 
- The release number when the resource was upgraded.
- idcsPrevented List<String>Operations 
- Each value of this attribute specifies an operation that only an internal client may perform on this particular resource.
- identityProviders List<GetDomains App Provider> 
- A list of IdentityProvider assigned to app. A user trying to access this app will be automatically redirected to configured IdP during the authentication phase, before being able to access App.
- idpPolicies List<GetDomains App Idp Policy> 
- IDP Policy.
- infrastructure Boolean
- If true, this App is an internal infrastructure App.
- isAlias BooleanApp 
- If true, this App is an AliasApp and it cannot be granted to an end-user directly.
- isDatabase BooleanService 
- If true, this application acts as database service Application
- isEnterprise BooleanApp 
- If true, this app acts as Enterprise app with Authentication and URL Authz policy.
- isForm BooleanFill 
- If true, this application acts as FormFill Application
- isKerberos BooleanRealm 
- If true, indicates that this App supports Kerberos Authentication
- isLogin BooleanTarget 
- If true, this App allows runtime services to log end users into this App automatically.
- isManaged BooleanApp 
- If true, indicates that access to this App requires an account. That is, in order to log in to the App, a User must use an application-specific identity that is maintained in the remote identity-repository of that App.
- isMobile BooleanTarget 
- If true, indicates that the App should be visible in each end-user's mobile application.
- isMulticloud BooleanService App 
- If true, indicates the app is used for multicloud service integration.
- isOauth BooleanClient 
- If true, this application acts as an OAuth Client
- isOauth BooleanResource 
- If true, indicates that this application acts as an OAuth Resource.
- isObligation BooleanCapable 
- This flag indicates if the App is capable of validating obligations with the token for allowing access to the App.
- isOpc BooleanService 
- If true, this application is an Oracle Public Cloud service-instance.
- isRadius BooleanApp 
- If true, this application acts as an Radius App
- isSaml BooleanService Provider 
- If true, then this App acts as a SAML Service Provider.
- isUnmanaged BooleanApp 
- If true, indicates that this application accepts an Oracle Cloud Identity Service User as a login-identity (does not require an account) and relies for authorization on the User's memberships in AppRoles.
- isWeb BooleanTier Policy 
- If true, the webtier policy is active
- landingPage StringUrl 
- The URL of the landing page for this App, which is the first page that an end user should see if runtime services log that end user in to this App automatically.
- linkingCallback StringUrl 
- This attribute specifies the callback URL for the social linking operation.
- loginMechanism String
- The protocol that runtime services will use to log end users in to this App automatically. If 'OIDC', then runtime services use the OpenID Connect protocol. If 'SAML', then runtime services use Security Assertion Markup Language protocol.
- loginPage StringUrl 
- This attribute specifies the URL of the page that the App uses when an end-user signs in to that App.
- logoutPage StringUrl 
- This attribute specifies the URL of the page that the App uses when an end-user signs out.
- logoutUri String
- OAuth will use this URI to logout if this App wants to participate in SSO, and if this App's session gets cleared as part of global logout. Note: This attribute is used only if this App acts as an OAuthClient.
- metas
List<GetDomains App Meta> 
- A complex attribute that contains resource metadata. All sub-attributes are OPTIONAL.
- meterAs BooleanOpc Service 
- Indicates whether the application is billed as an OPCService. If true, customer is not billed for runtime operations of the app.
- migrated Boolean
- If true, this App was migrated from an earlier version of Oracle Public Cloud infrastructure (and may therefore require special handling from runtime services such as OAuth or SAML). If false, this App requires no special handling from runtime services.
- name String
- The attribute represents the name of the attribute that will be used in the Security Assertion Markup Language (SAML) assertion
- ocid String
- Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.
- postLogout List<String>Redirect Uris 
- Each value of this attribute is the URI of a landing page within this App. It is used only when this App, acting as an OAuthClient, initiates the logout flow and wants to be redirected back to one of its landing pages.
- privacyPolicy StringUrl 
- Privacy Policy URL
- productLogo StringUrl 
- Application Logo URL
- productName String
- Product Name
- protectableSecondary List<GetAudiences Domains App Protectable Secondary Audience> 
- A list of secondary audiences--additional URIs to be added automatically to any OAuth token that allows access to this App. Note: This attribute is used mainly for backward compatibility in certain Oracle Public Cloud Apps.
- radiusPolicies List<GetDomains App Radius Policy> 
- RADIUS Policy assigned to this application.
- readyTo BooleanUpgrade 
- If true, this App requires an upgrade and mandates attention from application administrator. The flag is used by UI to indicate this app is ready to upgrade.
- redirectUris List<String>
- OPTIONAL. Each value is a URI within this App. This attribute is required when this App acts as an OAuthClient and is involved in three-legged flows (authorization-code flows).
- refreshToken IntegerExpiry 
- Expiry-time in seconds for a Refresh Token. Any token that allows access to this App, once refreshed, will expire after the specified duration.
- samlService List<GetProviders Domains App Saml Service Provider> 
- An attribute that refers to the SAML Service Provider that runtime services will use to log an end user in to this App automatically. Note that this will be used only if the loginMechanism is 'SAML'.
- schemas List<String>
- REQUIRED. The schemas attribute is an array of Strings which allows introspection of the supported schema version for a SCIM representation as well any schema extensions supported by that representation. Each String value must be a unique URI. This specification defines URIs for User, Group, and a standard "enterprise" extension. All representations of SCIM schema MUST include a non-zero value array with value(s) of the URIs supported by that representation. Duplicate values MUST NOT be included. Value order is not specified and MUST not impact behavior.
- scopes
List<GetDomains App Scope> 
- Scopes defined by this App. Used when this App acts as an OAuth Resource.
- secondaryAudiences List<String>
- A list of secondary audiences--additional URIs to be added automatically to any OAuth token that allows access to this App. Note: This attribute is used mainly for backward compatibility in certain Oracle Public Cloud Apps.
- serviceParams List<GetDomains App Service Param> 
- Custom attribute that is required to compute other attribute values during app creation.
- serviceType StringUrn 
- This Uniform Resource Name (URN) value identifies the type of Oracle Public Cloud service of which this app is an instance.
- serviceType StringVersion 
- This value specifies the version of the Oracle Public Cloud service of which this App is an instance
- showIn BooleanMy Apps 
- If true, this app will be displayed in the MyApps page of each end-user who has access to the App.
- signonPolicies List<GetDomains App Signon Policy> 
- Sign-on Policy.
- 
List<GetDomains App Tag> 
- A list of tags on this resource.
- tenancyOcid String
- Oracle Cloud Infrastructure Tenant Id (ocid) in which the resource lives.
- termsOf StringService Url 
- Terms of Service URL
- termsOf List<GetUses Domains App Terms Of Use> 
- Terms Of Use.
- trustPolicies List<GetDomains App Trust Policy> 
- Trust Policies.
- trustScope String
- Indicates the scope of trust for this App when acting as an OAuthClient. A value of 'Explicit' indicates that the App is allowed to access only the scopes of OAuthResources that are explicitly specified as 'allowedScopes'. A value of 'Account' indicates that the App is allowed implicitly to access any scope of any OAuthResource within the same Oracle Cloud Account. A value of 'Tags' indicates that the App is allowed to access any scope of any OAuthResource with a matching tag within the same Oracle Cloud Account. A value of 'Default' indicates that the Tenant default trust scope configured in the Tenant Settings is used.
- 
List<GetDomains App Urnietfparamsscimschemasoracleidcsextension Oci Tag> 
- Oracle Cloud Infrastructure Tags.
- urnietfparamsscimschemasoracleidcsextensiondbcsApps List<GetDomains App Urnietfparamsscimschemasoracleidcsextensiondbcs App> 
- This extension provides attributes for database service facet of an App
- urnietfparamsscimschemasoracleidcsextensionenterpriseApp List<GetApps Domains App Urnietfparamsscimschemasoracleidcsextensionenterprise App App> 
- This extension defines the Enterprise App related attributes.
- urnietfparamsscimschemasoracleidcsextensionformFill List<GetApp Apps Domains App Urnietfparamsscimschemasoracleidcsextensionform Fill App App> 
- This extension provides attributes for Form-Fill facet of App
- urnietfparamsscimschemasoracleidcsextensionformFill List<GetApp Template App Templates Domains App Urnietfparamsscimschemasoracleidcsextensionform Fill App Template App Template> 
- This extension provides attributes for Form-Fill facet of AppTemplate
- urnietfparamsscimschemasoracleidcsextensionkerberosRealm List<GetApps Domains App Urnietfparamsscimschemasoracleidcsextensionkerberos Realm App> 
- Kerberos Realm
- urnietfparamsscimschemasoracleidcsextensionmanagedappApps List<GetDomains App Urnietfparamsscimschemasoracleidcsextensionmanagedapp App> 
- Managed App
- urnietfparamsscimschemasoracleidcsextensionmulticloudService List<GetApp Apps Domains App Urnietfparamsscimschemasoracleidcsextensionmulticloud Service App App> 
- This extension defines attributes specific to Apps that represent instances of Multicloud Service App
- urnietfparamsscimschemasoracleidcsextensionopcService List<GetApps Domains App Urnietfparamsscimschemasoracleidcsextensionopc Service App> 
- This extension defines attributes specific to Apps that represent instances of an Oracle Public Cloud (OPC) service.
- urnietfparamsscimschemasoracleidcsextensionradiusApp List<GetApps Domains App Urnietfparamsscimschemasoracleidcsextensionradius App App> 
- This extension defines attributes specific to Apps that represent instances of Radius App.
- urnietfparamsscimschemasoracleidcsextensionrequestableApps List<GetDomains App Urnietfparamsscimschemasoracleidcsextensionrequestable App> 
- Requestable App
- urnietfparamsscimschemasoracleidcsextensionsamlService List<GetProvider Apps Domains App Urnietfparamsscimschemasoracleidcsextensionsaml Service Provider App> 
- This extension defines attributes related to the Service Providers configuration.
- urnietfparamsscimschemasoracleidcsextensionwebTier List<GetPolicy Apps Domains App Urnietfparamsscimschemasoracleidcsextensionweb Tier Policy App> 
- WebTier Policy
- userRoles List<GetDomains App User Role> 
- A list of AppRoles defined by this UnmanagedApp. Membership in each of these AppRoles confers end-user privilege within this App.
- attributeSets List<String>
- attributes String
- String
- resourceType StringSchema Version 
- accessToken numberExpiry 
- Access token expiry
- accounts
GetDomains App Account[] 
- Accounts of App
- active boolean
- If true, this App is able to participate in runtime services, such as automatic-login, OAuth, and SAML. If false, all runtime services are disabled for this App, and only administrative operations can be performed.
- adminRoles GetDomains App Admin Role[] 
- A list of AppRoles defined by this UnmanagedApp. Membership in each of these AppRoles confers administrative privilege within this App.
- aliasApps GetDomains App Alias App[] 
- Each value of this internal attribute refers to an Oracle Public Cloud infrastructure App on which this App depends.
- allUrl booleanSchemes Allowed 
- If true, indicates that the system should allow all URL-schemes within each value of the 'redirectUris' attribute. Also indicates that the system should not attempt to confirm that each value of the 'redirectUris' attribute is a valid URI. In particular, the system should not confirm that the domain component of the URI is a top-level domain and the system should not confirm that the hostname portion is a valid system that is reachable over the network.
- allowAccess booleanControl 
- If true, any managed App that is based on this template is checked for access control that is, access to this app is subject to successful authorization at SSO service, viz. app grants to start with.
- allowOffline boolean
- If true, indicates that the Refresh Token is allowed when this App acts as an OAuth Resource.
- allowedGrants string[]
- List of grant-types that this App is allowed to use when it acts as an OAuthClient.
- allowedOperations string[]
- OPTIONAL. Required only when this App acts as an OAuthClient. Supported values are 'introspect' and 'onBehalfOfUser'. The value 'introspect' allows the client to look inside the access-token. The value 'onBehalfOfUser' overrides how the client's privileges are combined with the privileges of the Subject User. Ordinarily, authorization calculates the set of effective privileges as the intersection of the client's privileges and the user's privileges. The value 'onBehalfOf' indicates that authorization should ignore the privileges of the client and use only the user's privileges to calculate the effective privileges.
- allowedScopes GetDomains App Allowed Scope[] 
- A list of scopes (exposed by this App or by other Apps) that this App is allowed to access when it acts as an OAuthClient.
- 
GetDomains App Allowed Tag[] 
- A list of tags, acting as an OAuthClient, this App is allowed to access.
- appIcon string
- Application icon.
- appId string
- The id of the App that defines this AppRole, which is granted to this App. The App that defines the AppRole acts as the producer; the App to which the AppRole is granted acts as a consumer.
- appSignon GetPolicies Domains App App Signon Policy[] 
- App Sign-on Policy.
- appThumbnail string
- Application thumbnail.
- appsNetwork GetPerimeters Domains App Apps Network Perimeter[] 
- Network Perimeter
- asOpc GetServices Domains App As Opc Service[] 
- OPCService facet of the application.
- attrRendering GetMetadatas Domains App Attr Rendering Metadata[] 
- Label for the attribute to be shown in the UI.
- audience string
- The base URI for all of the scopes defined in this App. The value of 'audience' is combined with the 'value' of each scope to form an 'fqs' or fully qualified scope.
- basedOn GetTemplates Domains App Based On Template[] 
- Application template on which the application is based.
- bypassConsent boolean
- If true, indicates that consent should be skipped for all scopes
- callbackService stringUrl 
- Callback Service URL
- certificates
GetDomains App Certificate[] 
- Each value of this attribute represent a certificate that this App uses when it acts as an OAuthClient.
- clientIp stringChecking 
- Network Perimeters checking mode
- clientSecret string
- This value is the credential of this App, which this App supplies as a password when this App authenticates to the Oracle Public Cloud infrastructure. This value is also the client secret of this App when it acts as an OAuthClient.
- clientType string
- Specifies the type of access that this App has when it acts as an OAuthClient.
- cloudControl GetProperties Domains App Cloud Control Property[] 
- A collection of arbitrary properties that scope the privileges of a cloud-control App.
- compartmentOcid string
- Oracle Cloud Infrastructure Compartment Id (ocid) in which the resource lives.
- contactEmail stringAddress 
- Contact Email Address
- delegatedService string[]Names 
- Service Names allow to use Oracle Cloud Infrastructure signature for client authentication instead of client credentials
- deleteIn booleanProgress 
- A boolean flag indicating this resource in the process of being deleted. Usually set to true when synchronous deletion of the resource would take too long.
- description string
- The description of the AppRole.
- disableKmsi booleanToken Authentication 
- Indicates whether the application is allowed to be access using kmsi token.
- displayName string
- Display name of the flatfile bundle configuration property. This attribute maps to "displayName" attribute in "ConfigurationProperty" in ICF.
- domainOcid string
- Oracle Cloud Infrastructure Domain Id (ocid) in which the resource lives.
- editableAttributes GetDomains App Editable Attribute[] 
- App attributes editable by subject
- errorPage stringUrl 
- This attribute specifies the URL of the page to which an application will redirect an end-user in case of error.
- forceDelete boolean
- grantedApp GetRoles Domains App Granted App Role[] 
- A list of AppRoles that are granted to this App (and that are defined by other Apps). Within the Oracle Public Cloud infrastructure, this allows AppID-based association. Such an association allows this App to act as a consumer and thus to access resources of another App that acts as a producer.
- grants
GetDomains App Grant[] 
- Grants assigned to the app
- hashedClient stringSecret 
- Hashed Client Secret. This hash-value is used to verify the 'clientSecret' credential of this App
- homePage stringUrl 
- Home Page URL
- icon string
- URL of application icon.
- id string
- Unique identifier for the SCIM Resource as defined by the Service Provider. Each representation of the Resource MUST include a non-empty id value. This identifier MUST be unique across the Service Provider's entire set of Resources. It MUST be a stable, non-reassignable identifier that does not change when the same Resource is returned in subsequent requests. The value of the id attribute is always issued by the Service Provider and MUST never be specified by the Service Consumer. bulkId: is a reserved keyword and MUST NOT be used in the unique identifier.
- idToken stringEnc Algo 
- Encryption Alogrithm to use for encrypting ID token.
- idcsCreated GetBies Domains App Idcs Created By[] 
- The User or App who created the Resource
- idcsEndpoint string
- idcsLast GetModified Bies Domains App Idcs Last Modified By[] 
- The User or App who modified the Resource
- idcsLast stringUpgraded In Release 
- The release number when the resource was upgraded.
- idcsPrevented string[]Operations 
- Each value of this attribute specifies an operation that only an internal client may perform on this particular resource.
- identityProviders GetDomains App Identity Provider[] 
- A list of IdentityProvider assigned to app. A user trying to access this app will be automatically redirected to configured IdP during the authentication phase, before being able to access App.
- idpPolicies GetDomains App Idp Policy[] 
- IDP Policy.
- infrastructure boolean
- If true, this App is an internal infrastructure App.
- isAlias booleanApp 
- If true, this App is an AliasApp and it cannot be granted to an end-user directly.
- isDatabase booleanService 
- If true, this application acts as database service Application
- isEnterprise booleanApp 
- If true, this app acts as Enterprise app with Authentication and URL Authz policy.
- isForm booleanFill 
- If true, this application acts as FormFill Application
- isKerberos booleanRealm 
- If true, indicates that this App supports Kerberos Authentication
- isLogin booleanTarget 
- If true, this App allows runtime services to log end users into this App automatically.
- isManaged booleanApp 
- If true, indicates that access to this App requires an account. That is, in order to log in to the App, a User must use an application-specific identity that is maintained in the remote identity-repository of that App.
- isMobile booleanTarget 
- If true, indicates that the App should be visible in each end-user's mobile application.
- isMulticloud booleanService App 
- If true, indicates the app is used for multicloud service integration.
- isOauth booleanClient 
- If true, this application acts as an OAuth Client
- isOauth booleanResource 
- If true, indicates that this application acts as an OAuth Resource.
- isObligation booleanCapable 
- This flag indicates if the App is capable of validating obligations with the token for allowing access to the App.
- isOpc booleanService 
- If true, this application is an Oracle Public Cloud service-instance.
- isRadius booleanApp 
- If true, this application acts as an Radius App
- isSaml booleanService Provider 
- If true, then this App acts as a SAML Service Provider.
- isUnmanaged booleanApp 
- If true, indicates that this application accepts an Oracle Cloud Identity Service User as a login-identity (does not require an account) and relies for authorization on the User's memberships in AppRoles.
- isWeb booleanTier Policy 
- If true, the webtier policy is active
- landingPage stringUrl 
- The URL of the landing page for this App, which is the first page that an end user should see if runtime services log that end user in to this App automatically.
- linkingCallback stringUrl 
- This attribute specifies the callback URL for the social linking operation.
- loginMechanism string
- The protocol that runtime services will use to log end users in to this App automatically. If 'OIDC', then runtime services use the OpenID Connect protocol. If 'SAML', then runtime services use Security Assertion Markup Language protocol.
- loginPage stringUrl 
- This attribute specifies the URL of the page that the App uses when an end-user signs in to that App.
- logoutPage stringUrl 
- This attribute specifies the URL of the page that the App uses when an end-user signs out.
- logoutUri string
- OAuth will use this URI to logout if this App wants to participate in SSO, and if this App's session gets cleared as part of global logout. Note: This attribute is used only if this App acts as an OAuthClient.
- metas
GetDomains App Meta[] 
- A complex attribute that contains resource metadata. All sub-attributes are OPTIONAL.
- meterAs booleanOpc Service 
- Indicates whether the application is billed as an OPCService. If true, customer is not billed for runtime operations of the app.
- migrated boolean
- If true, this App was migrated from an earlier version of Oracle Public Cloud infrastructure (and may therefore require special handling from runtime services such as OAuth or SAML). If false, this App requires no special handling from runtime services.
- name string
- The attribute represents the name of the attribute that will be used in the Security Assertion Markup Language (SAML) assertion
- ocid string
- Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.
- postLogout string[]Redirect Uris 
- Each value of this attribute is the URI of a landing page within this App. It is used only when this App, acting as an OAuthClient, initiates the logout flow and wants to be redirected back to one of its landing pages.
- privacyPolicy stringUrl 
- Privacy Policy URL
- productLogo stringUrl 
- Application Logo URL
- productName string
- Product Name
- protectableSecondary GetAudiences Domains App Protectable Secondary Audience[] 
- A list of secondary audiences--additional URIs to be added automatically to any OAuth token that allows access to this App. Note: This attribute is used mainly for backward compatibility in certain Oracle Public Cloud Apps.
- radiusPolicies GetDomains App Radius Policy[] 
- RADIUS Policy assigned to this application.
- readyTo booleanUpgrade 
- If true, this App requires an upgrade and mandates attention from application administrator. The flag is used by UI to indicate this app is ready to upgrade.
- redirectUris string[]
- OPTIONAL. Each value is a URI within this App. This attribute is required when this App acts as an OAuthClient and is involved in three-legged flows (authorization-code flows).
- refreshToken numberExpiry 
- Expiry-time in seconds for a Refresh Token. Any token that allows access to this App, once refreshed, will expire after the specified duration.
- samlService GetProviders Domains App Saml Service Provider[] 
- An attribute that refers to the SAML Service Provider that runtime services will use to log an end user in to this App automatically. Note that this will be used only if the loginMechanism is 'SAML'.
- schemas string[]
- REQUIRED. The schemas attribute is an array of Strings which allows introspection of the supported schema version for a SCIM representation as well any schema extensions supported by that representation. Each String value must be a unique URI. This specification defines URIs for User, Group, and a standard "enterprise" extension. All representations of SCIM schema MUST include a non-zero value array with value(s) of the URIs supported by that representation. Duplicate values MUST NOT be included. Value order is not specified and MUST not impact behavior.
- scopes
GetDomains App Scope[] 
- Scopes defined by this App. Used when this App acts as an OAuth Resource.
- secondaryAudiences string[]
- A list of secondary audiences--additional URIs to be added automatically to any OAuth token that allows access to this App. Note: This attribute is used mainly for backward compatibility in certain Oracle Public Cloud Apps.
- serviceParams GetDomains App Service Param[] 
- Custom attribute that is required to compute other attribute values during app creation.
- serviceType stringUrn 
- This Uniform Resource Name (URN) value identifies the type of Oracle Public Cloud service of which this app is an instance.
- serviceType stringVersion 
- This value specifies the version of the Oracle Public Cloud service of which this App is an instance
- showIn booleanMy Apps 
- If true, this app will be displayed in the MyApps page of each end-user who has access to the App.
- signonPolicies GetDomains App Signon Policy[] 
- Sign-on Policy.
- 
GetDomains App Tag[] 
- A list of tags on this resource.
- tenancyOcid string
- Oracle Cloud Infrastructure Tenant Id (ocid) in which the resource lives.
- termsOf stringService Url 
- Terms of Service URL
- termsOf GetUses Domains App Terms Of Use[] 
- Terms Of Use.
- trustPolicies GetDomains App Trust Policy[] 
- Trust Policies.
- trustScope string
- Indicates the scope of trust for this App when acting as an OAuthClient. A value of 'Explicit' indicates that the App is allowed to access only the scopes of OAuthResources that are explicitly specified as 'allowedScopes'. A value of 'Account' indicates that the App is allowed implicitly to access any scope of any OAuthResource within the same Oracle Cloud Account. A value of 'Tags' indicates that the App is allowed to access any scope of any OAuthResource with a matching tag within the same Oracle Cloud Account. A value of 'Default' indicates that the Tenant default trust scope configured in the Tenant Settings is used.
- 
GetDomains App Urnietfparamsscimschemasoracleidcsextension Oci Tag[] 
- Oracle Cloud Infrastructure Tags.
- urnietfparamsscimschemasoracleidcsextensiondbcsApps GetDomains App Urnietfparamsscimschemasoracleidcsextensiondbcs App[] 
- This extension provides attributes for database service facet of an App
- urnietfparamsscimschemasoracleidcsextensionenterpriseApp GetApps Domains App Urnietfparamsscimschemasoracleidcsextensionenterprise App App[] 
- This extension defines the Enterprise App related attributes.
- urnietfparamsscimschemasoracleidcsextensionformFill GetApp Apps Domains App Urnietfparamsscimschemasoracleidcsextensionform Fill App App[] 
- This extension provides attributes for Form-Fill facet of App
- urnietfparamsscimschemasoracleidcsextensionformFill GetApp Template App Templates Domains App Urnietfparamsscimschemasoracleidcsextensionform Fill App Template App Template[] 
- This extension provides attributes for Form-Fill facet of AppTemplate
- urnietfparamsscimschemasoracleidcsextensionkerberosRealm GetApps Domains App Urnietfparamsscimschemasoracleidcsextensionkerberos Realm App[] 
- Kerberos Realm
- urnietfparamsscimschemasoracleidcsextensionmanagedappApps GetDomains App Urnietfparamsscimschemasoracleidcsextensionmanagedapp App[] 
- Managed App
- urnietfparamsscimschemasoracleidcsextensionmulticloudService GetApp Apps Domains App Urnietfparamsscimschemasoracleidcsextensionmulticloud Service App App[] 
- This extension defines attributes specific to Apps that represent instances of Multicloud Service App
- urnietfparamsscimschemasoracleidcsextensionopcService GetApps Domains App Urnietfparamsscimschemasoracleidcsextensionopc Service App[] 
- This extension defines attributes specific to Apps that represent instances of an Oracle Public Cloud (OPC) service.
- urnietfparamsscimschemasoracleidcsextensionradiusApp GetApps Domains App Urnietfparamsscimschemasoracleidcsextensionradius App App[] 
- This extension defines attributes specific to Apps that represent instances of Radius App.
- urnietfparamsscimschemasoracleidcsextensionrequestableApps GetDomains App Urnietfparamsscimschemasoracleidcsextensionrequestable App[] 
- Requestable App
- urnietfparamsscimschemasoracleidcsextensionsamlService GetProvider Apps Domains App Urnietfparamsscimschemasoracleidcsextensionsaml Service Provider App[] 
- This extension defines attributes related to the Service Providers configuration.
- urnietfparamsscimschemasoracleidcsextensionwebTier GetPolicy Apps Domains App Urnietfparamsscimschemasoracleidcsextensionweb Tier Policy App[] 
- WebTier Policy
- userRoles GetDomains App User Role[] 
- A list of AppRoles defined by this UnmanagedApp. Membership in each of these AppRoles confers end-user privilege within this App.
- attributeSets string[]
- attributes string
- string
- resourceType stringSchema Version 
- access_token_ intexpiry 
- Access token expiry
- accounts
Sequence[GetDomains App Account] 
- Accounts of App
- active bool
- If true, this App is able to participate in runtime services, such as automatic-login, OAuth, and SAML. If false, all runtime services are disabled for this App, and only administrative operations can be performed.
- admin_roles Sequence[GetDomains App Admin Role] 
- A list of AppRoles defined by this UnmanagedApp. Membership in each of these AppRoles confers administrative privilege within this App.
- alias_apps Sequence[GetDomains App Alias App] 
- Each value of this internal attribute refers to an Oracle Public Cloud infrastructure App on which this App depends.
- all_url_ boolschemes_ allowed 
- If true, indicates that the system should allow all URL-schemes within each value of the 'redirectUris' attribute. Also indicates that the system should not attempt to confirm that each value of the 'redirectUris' attribute is a valid URI. In particular, the system should not confirm that the domain component of the URI is a top-level domain and the system should not confirm that the hostname portion is a valid system that is reachable over the network.
- allow_access_ boolcontrol 
- If true, any managed App that is based on this template is checked for access control that is, access to this app is subject to successful authorization at SSO service, viz. app grants to start with.
- allow_offline bool
- If true, indicates that the Refresh Token is allowed when this App acts as an OAuth Resource.
- allowed_grants Sequence[str]
- List of grant-types that this App is allowed to use when it acts as an OAuthClient.
- allowed_operations Sequence[str]
- OPTIONAL. Required only when this App acts as an OAuthClient. Supported values are 'introspect' and 'onBehalfOfUser'. The value 'introspect' allows the client to look inside the access-token. The value 'onBehalfOfUser' overrides how the client's privileges are combined with the privileges of the Subject User. Ordinarily, authorization calculates the set of effective privileges as the intersection of the client's privileges and the user's privileges. The value 'onBehalfOf' indicates that authorization should ignore the privileges of the client and use only the user's privileges to calculate the effective privileges.
- allowed_scopes Sequence[GetDomains App Allowed Scope] 
- A list of scopes (exposed by this App or by other Apps) that this App is allowed to access when it acts as an OAuthClient.
- 
Sequence[GetDomains App Allowed Tag] 
- A list of tags, acting as an OAuthClient, this App is allowed to access.
- app_icon str
- Application icon.
- app_id str
- The id of the App that defines this AppRole, which is granted to this App. The App that defines the AppRole acts as the producer; the App to which the AppRole is granted acts as a consumer.
- app_signon_ Sequence[Getpolicies Domains App App Signon Policy] 
- App Sign-on Policy.
- app_thumbnail str
- Application thumbnail.
- apps_network_ Sequence[Getperimeters Domains App Apps Network Perimeter] 
- Network Perimeter
- as_opc_ Sequence[Getservices Domains App As Opc Service] 
- OPCService facet of the application.
- attr_rendering_ Sequence[Getmetadatas Domains App Attr Rendering Metadata] 
- Label for the attribute to be shown in the UI.
- audience str
- The base URI for all of the scopes defined in this App. The value of 'audience' is combined with the 'value' of each scope to form an 'fqs' or fully qualified scope.
- based_on_ Sequence[Gettemplates Domains App Based On Template] 
- Application template on which the application is based.
- bypass_consent bool
- If true, indicates that consent should be skipped for all scopes
- callback_service_ strurl 
- Callback Service URL
- certificates
Sequence[GetDomains App Certificate] 
- Each value of this attribute represent a certificate that this App uses when it acts as an OAuthClient.
- client_ip_ strchecking 
- Network Perimeters checking mode
- client_secret str
- This value is the credential of this App, which this App supplies as a password when this App authenticates to the Oracle Public Cloud infrastructure. This value is also the client secret of this App when it acts as an OAuthClient.
- client_type str
- Specifies the type of access that this App has when it acts as an OAuthClient.
- cloud_control_ Sequence[Getproperties Domains App Cloud Control Property] 
- A collection of arbitrary properties that scope the privileges of a cloud-control App.
- compartment_ocid str
- Oracle Cloud Infrastructure Compartment Id (ocid) in which the resource lives.
- contact_email_ straddress 
- Contact Email Address
- delegated_service_ Sequence[str]names 
- Service Names allow to use Oracle Cloud Infrastructure signature for client authentication instead of client credentials
- delete_in_ boolprogress 
- A boolean flag indicating this resource in the process of being deleted. Usually set to true when synchronous deletion of the resource would take too long.
- description str
- The description of the AppRole.
- disable_kmsi_ booltoken_ authentication 
- Indicates whether the application is allowed to be access using kmsi token.
- display_name str
- Display name of the flatfile bundle configuration property. This attribute maps to "displayName" attribute in "ConfigurationProperty" in ICF.
- domain_ocid str
- Oracle Cloud Infrastructure Domain Id (ocid) in which the resource lives.
- editable_attributes Sequence[GetDomains App Editable Attribute] 
- App attributes editable by subject
- error_page_ strurl 
- This attribute specifies the URL of the page to which an application will redirect an end-user in case of error.
- force_delete bool
- granted_app_ Sequence[Getroles Domains App Granted App Role] 
- A list of AppRoles that are granted to this App (and that are defined by other Apps). Within the Oracle Public Cloud infrastructure, this allows AppID-based association. Such an association allows this App to act as a consumer and thus to access resources of another App that acts as a producer.
- grants
Sequence[GetDomains App Grant] 
- Grants assigned to the app
- hashed_client_ strsecret 
- Hashed Client Secret. This hash-value is used to verify the 'clientSecret' credential of this App
- home_page_ strurl 
- Home Page URL
- icon str
- URL of application icon.
- id str
- Unique identifier for the SCIM Resource as defined by the Service Provider. Each representation of the Resource MUST include a non-empty id value. This identifier MUST be unique across the Service Provider's entire set of Resources. It MUST be a stable, non-reassignable identifier that does not change when the same Resource is returned in subsequent requests. The value of the id attribute is always issued by the Service Provider and MUST never be specified by the Service Consumer. bulkId: is a reserved keyword and MUST NOT be used in the unique identifier.
- id_token_ strenc_ algo 
- Encryption Alogrithm to use for encrypting ID token.
- idcs_created_ Sequence[Getbies Domains App Idcs Created By] 
- The User or App who created the Resource
- idcs_endpoint str
- idcs_last_ Sequence[Getmodified_ bies Domains App Idcs Last Modified By] 
- The User or App who modified the Resource
- idcs_last_ strupgraded_ in_ release 
- The release number when the resource was upgraded.
- idcs_prevented_ Sequence[str]operations 
- Each value of this attribute specifies an operation that only an internal client may perform on this particular resource.
- identity_providers Sequence[GetDomains App Identity Provider] 
- A list of IdentityProvider assigned to app. A user trying to access this app will be automatically redirected to configured IdP during the authentication phase, before being able to access App.
- idp_policies Sequence[GetDomains App Idp Policy] 
- IDP Policy.
- infrastructure bool
- If true, this App is an internal infrastructure App.
- is_alias_ boolapp 
- If true, this App is an AliasApp and it cannot be granted to an end-user directly.
- is_database_ boolservice 
- If true, this application acts as database service Application
- is_enterprise_ boolapp 
- If true, this app acts as Enterprise app with Authentication and URL Authz policy.
- is_form_ boolfill 
- If true, this application acts as FormFill Application
- is_kerberos_ boolrealm 
- If true, indicates that this App supports Kerberos Authentication
- is_login_ booltarget 
- If true, this App allows runtime services to log end users into this App automatically.
- is_managed_ boolapp 
- If true, indicates that access to this App requires an account. That is, in order to log in to the App, a User must use an application-specific identity that is maintained in the remote identity-repository of that App.
- is_mobile_ booltarget 
- If true, indicates that the App should be visible in each end-user's mobile application.
- is_multicloud_ boolservice_ app 
- If true, indicates the app is used for multicloud service integration.
- is_oauth_ boolclient 
- If true, this application acts as an OAuth Client
- is_oauth_ boolresource 
- If true, indicates that this application acts as an OAuth Resource.
- is_obligation_ boolcapable 
- This flag indicates if the App is capable of validating obligations with the token for allowing access to the App.
- is_opc_ boolservice 
- If true, this application is an Oracle Public Cloud service-instance.
- is_radius_ boolapp 
- If true, this application acts as an Radius App
- is_saml_ boolservice_ provider 
- If true, then this App acts as a SAML Service Provider.
- is_unmanaged_ boolapp 
- If true, indicates that this application accepts an Oracle Cloud Identity Service User as a login-identity (does not require an account) and relies for authorization on the User's memberships in AppRoles.
- is_web_ booltier_ policy 
- If true, the webtier policy is active
- landing_page_ strurl 
- The URL of the landing page for this App, which is the first page that an end user should see if runtime services log that end user in to this App automatically.
- linking_callback_ strurl 
- This attribute specifies the callback URL for the social linking operation.
- login_mechanism str
- The protocol that runtime services will use to log end users in to this App automatically. If 'OIDC', then runtime services use the OpenID Connect protocol. If 'SAML', then runtime services use Security Assertion Markup Language protocol.
- login_page_ strurl 
- This attribute specifies the URL of the page that the App uses when an end-user signs in to that App.
- logout_page_ strurl 
- This attribute specifies the URL of the page that the App uses when an end-user signs out.
- logout_uri str
- OAuth will use this URI to logout if this App wants to participate in SSO, and if this App's session gets cleared as part of global logout. Note: This attribute is used only if this App acts as an OAuthClient.
- metas
Sequence[GetDomains App Meta] 
- A complex attribute that contains resource metadata. All sub-attributes are OPTIONAL.
- meter_as_ boolopc_ service 
- Indicates whether the application is billed as an OPCService. If true, customer is not billed for runtime operations of the app.
- migrated bool
- If true, this App was migrated from an earlier version of Oracle Public Cloud infrastructure (and may therefore require special handling from runtime services such as OAuth or SAML). If false, this App requires no special handling from runtime services.
- name str
- The attribute represents the name of the attribute that will be used in the Security Assertion Markup Language (SAML) assertion
- ocid str
- Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.
- post_logout_ Sequence[str]redirect_ uris 
- Each value of this attribute is the URI of a landing page within this App. It is used only when this App, acting as an OAuthClient, initiates the logout flow and wants to be redirected back to one of its landing pages.
- privacy_policy_ strurl 
- Privacy Policy URL
- product_logo_ strurl 
- Application Logo URL
- product_name str
- Product Name
- protectable_secondary_ Sequence[Getaudiences Domains App Protectable Secondary Audience] 
- A list of secondary audiences--additional URIs to be added automatically to any OAuth token that allows access to this App. Note: This attribute is used mainly for backward compatibility in certain Oracle Public Cloud Apps.
- radius_policies Sequence[GetDomains App Radius Policy] 
- RADIUS Policy assigned to this application.
- ready_to_ boolupgrade 
- If true, this App requires an upgrade and mandates attention from application administrator. The flag is used by UI to indicate this app is ready to upgrade.
- redirect_uris Sequence[str]
- OPTIONAL. Each value is a URI within this App. This attribute is required when this App acts as an OAuthClient and is involved in three-legged flows (authorization-code flows).
- refresh_token_ intexpiry 
- Expiry-time in seconds for a Refresh Token. Any token that allows access to this App, once refreshed, will expire after the specified duration.
- saml_service_ Sequence[Getproviders Domains App Saml Service Provider] 
- An attribute that refers to the SAML Service Provider that runtime services will use to log an end user in to this App automatically. Note that this will be used only if the loginMechanism is 'SAML'.
- schemas Sequence[str]
- REQUIRED. The schemas attribute is an array of Strings which allows introspection of the supported schema version for a SCIM representation as well any schema extensions supported by that representation. Each String value must be a unique URI. This specification defines URIs for User, Group, and a standard "enterprise" extension. All representations of SCIM schema MUST include a non-zero value array with value(s) of the URIs supported by that representation. Duplicate values MUST NOT be included. Value order is not specified and MUST not impact behavior.
- scopes
Sequence[GetDomains App Scope] 
- Scopes defined by this App. Used when this App acts as an OAuth Resource.
- secondary_audiences Sequence[str]
- A list of secondary audiences--additional URIs to be added automatically to any OAuth token that allows access to this App. Note: This attribute is used mainly for backward compatibility in certain Oracle Public Cloud Apps.
- service_params Sequence[GetDomains App Service Param] 
- Custom attribute that is required to compute other attribute values during app creation.
- service_type_ strurn 
- This Uniform Resource Name (URN) value identifies the type of Oracle Public Cloud service of which this app is an instance.
- service_type_ strversion 
- This value specifies the version of the Oracle Public Cloud service of which this App is an instance
- show_in_ boolmy_ apps 
- If true, this app will be displayed in the MyApps page of each end-user who has access to the App.
- signon_policies Sequence[GetDomains App Signon Policy] 
- Sign-on Policy.
- 
Sequence[GetDomains App Tag] 
- A list of tags on this resource.
- tenancy_ocid str
- Oracle Cloud Infrastructure Tenant Id (ocid) in which the resource lives.
- terms_of_ strservice_ url 
- Terms of Service URL
- terms_of_ Sequence[Getuses Domains App Terms Of Use] 
- Terms Of Use.
- trust_policies Sequence[GetDomains App Trust Policy] 
- Trust Policies.
- trust_scope str
- Indicates the scope of trust for this App when acting as an OAuthClient. A value of 'Explicit' indicates that the App is allowed to access only the scopes of OAuthResources that are explicitly specified as 'allowedScopes'. A value of 'Account' indicates that the App is allowed implicitly to access any scope of any OAuthResource within the same Oracle Cloud Account. A value of 'Tags' indicates that the App is allowed to access any scope of any OAuthResource with a matching tag within the same Oracle Cloud Account. A value of 'Default' indicates that the Tenant default trust scope configured in the Tenant Settings is used.
- 
Sequence[GetDomains App Urnietfparamsscimschemasoracleidcsextension Oci Tag] 
- Oracle Cloud Infrastructure Tags.
- urnietfparamsscimschemasoracleidcsextensiondbcs_apps Sequence[GetDomains App Urnietfparamsscimschemasoracleidcsextensiondbcs App] 
- This extension provides attributes for database service facet of an App
- urnietfparamsscimschemasoracleidcsextensionenterprise_app_ Sequence[Getapps Domains App Urnietfparamsscimschemasoracleidcsextensionenterprise App App] 
- This extension defines the Enterprise App related attributes.
- urnietfparamsscimschemasoracleidcsextensionform_fill_ Sequence[Getapp_ apps Domains App Urnietfparamsscimschemasoracleidcsextensionform Fill App App] 
- This extension provides attributes for Form-Fill facet of App
- urnietfparamsscimschemasoracleidcsextensionform_fill_ Sequence[Getapp_ template_ app_ templates Domains App Urnietfparamsscimschemasoracleidcsextensionform Fill App Template App Template] 
- This extension provides attributes for Form-Fill facet of AppTemplate
- urnietfparamsscimschemasoracleidcsextensionkerberos_realm_ Sequence[Getapps Domains App Urnietfparamsscimschemasoracleidcsextensionkerberos Realm App] 
- Kerberos Realm
- urnietfparamsscimschemasoracleidcsextensionmanagedapp_apps Sequence[GetDomains App Urnietfparamsscimschemasoracleidcsextensionmanagedapp App] 
- Managed App
- urnietfparamsscimschemasoracleidcsextensionmulticloud_service_ Sequence[Getapp_ apps Domains App Urnietfparamsscimschemasoracleidcsextensionmulticloud Service App App] 
- This extension defines attributes specific to Apps that represent instances of Multicloud Service App
- urnietfparamsscimschemasoracleidcsextensionopc_service_ Sequence[Getapps Domains App Urnietfparamsscimschemasoracleidcsextensionopc Service App] 
- This extension defines attributes specific to Apps that represent instances of an Oracle Public Cloud (OPC) service.
- urnietfparamsscimschemasoracleidcsextensionradius_app_ Sequence[Getapps Domains App Urnietfparamsscimschemasoracleidcsextensionradius App App] 
- This extension defines attributes specific to Apps that represent instances of Radius App.
- urnietfparamsscimschemasoracleidcsextensionrequestable_apps Sequence[GetDomains App Urnietfparamsscimschemasoracleidcsextensionrequestable App] 
- Requestable App
- urnietfparamsscimschemasoracleidcsextensionsaml_service_ Sequence[Getprovider_ apps Domains App Urnietfparamsscimschemasoracleidcsextensionsaml Service Provider App] 
- This extension defines attributes related to the Service Providers configuration.
- urnietfparamsscimschemasoracleidcsextensionweb_tier_ Sequence[Getpolicy_ apps Domains App Urnietfparamsscimschemasoracleidcsextensionweb Tier Policy App] 
- WebTier Policy
- user_roles Sequence[GetDomains App User Role] 
- A list of AppRoles defined by this UnmanagedApp. Membership in each of these AppRoles confers end-user privilege within this App.
- attribute_sets Sequence[str]
- attributes str
- str
- resource_type_ strschema_ version 
- accessToken NumberExpiry 
- Access token expiry
- accounts List<Property Map>
- Accounts of App
- active Boolean
- If true, this App is able to participate in runtime services, such as automatic-login, OAuth, and SAML. If false, all runtime services are disabled for this App, and only administrative operations can be performed.
- adminRoles List<Property Map>
- A list of AppRoles defined by this UnmanagedApp. Membership in each of these AppRoles confers administrative privilege within this App.
- aliasApps List<Property Map>
- Each value of this internal attribute refers to an Oracle Public Cloud infrastructure App on which this App depends.
- allUrl BooleanSchemes Allowed 
- If true, indicates that the system should allow all URL-schemes within each value of the 'redirectUris' attribute. Also indicates that the system should not attempt to confirm that each value of the 'redirectUris' attribute is a valid URI. In particular, the system should not confirm that the domain component of the URI is a top-level domain and the system should not confirm that the hostname portion is a valid system that is reachable over the network.
- allowAccess BooleanControl 
- If true, any managed App that is based on this template is checked for access control that is, access to this app is subject to successful authorization at SSO service, viz. app grants to start with.
- allowOffline Boolean
- If true, indicates that the Refresh Token is allowed when this App acts as an OAuth Resource.
- allowedGrants List<String>
- List of grant-types that this App is allowed to use when it acts as an OAuthClient.
- allowedOperations List<String>
- OPTIONAL. Required only when this App acts as an OAuthClient. Supported values are 'introspect' and 'onBehalfOfUser'. The value 'introspect' allows the client to look inside the access-token. The value 'onBehalfOfUser' overrides how the client's privileges are combined with the privileges of the Subject User. Ordinarily, authorization calculates the set of effective privileges as the intersection of the client's privileges and the user's privileges. The value 'onBehalfOf' indicates that authorization should ignore the privileges of the client and use only the user's privileges to calculate the effective privileges.
- allowedScopes List<Property Map>
- A list of scopes (exposed by this App or by other Apps) that this App is allowed to access when it acts as an OAuthClient.
- List<Property Map>
- A list of tags, acting as an OAuthClient, this App is allowed to access.
- appIcon String
- Application icon.
- appId String
- The id of the App that defines this AppRole, which is granted to this App. The App that defines the AppRole acts as the producer; the App to which the AppRole is granted acts as a consumer.
- appSignon List<Property Map>Policies 
- App Sign-on Policy.
- appThumbnail String
- Application thumbnail.
- appsNetwork List<Property Map>Perimeters 
- Network Perimeter
- asOpc List<Property Map>Services 
- OPCService facet of the application.
- attrRendering List<Property Map>Metadatas 
- Label for the attribute to be shown in the UI.
- audience String
- The base URI for all of the scopes defined in this App. The value of 'audience' is combined with the 'value' of each scope to form an 'fqs' or fully qualified scope.
- basedOn List<Property Map>Templates 
- Application template on which the application is based.
- bypassConsent Boolean
- If true, indicates that consent should be skipped for all scopes
- callbackService StringUrl 
- Callback Service URL
- certificates List<Property Map>
- Each value of this attribute represent a certificate that this App uses when it acts as an OAuthClient.
- clientIp StringChecking 
- Network Perimeters checking mode
- clientSecret String
- This value is the credential of this App, which this App supplies as a password when this App authenticates to the Oracle Public Cloud infrastructure. This value is also the client secret of this App when it acts as an OAuthClient.
- clientType String
- Specifies the type of access that this App has when it acts as an OAuthClient.
- cloudControl List<Property Map>Properties 
- A collection of arbitrary properties that scope the privileges of a cloud-control App.
- compartmentOcid String
- Oracle Cloud Infrastructure Compartment Id (ocid) in which the resource lives.
- contactEmail StringAddress 
- Contact Email Address
- delegatedService List<String>Names 
- Service Names allow to use Oracle Cloud Infrastructure signature for client authentication instead of client credentials
- deleteIn BooleanProgress 
- A boolean flag indicating this resource in the process of being deleted. Usually set to true when synchronous deletion of the resource would take too long.
- description String
- The description of the AppRole.
- disableKmsi BooleanToken Authentication 
- Indicates whether the application is allowed to be access using kmsi token.
- displayName String
- Display name of the flatfile bundle configuration property. This attribute maps to "displayName" attribute in "ConfigurationProperty" in ICF.
- domainOcid String
- Oracle Cloud Infrastructure Domain Id (ocid) in which the resource lives.
- editableAttributes List<Property Map>
- App attributes editable by subject
- errorPage StringUrl 
- This attribute specifies the URL of the page to which an application will redirect an end-user in case of error.
- forceDelete Boolean
- grantedApp List<Property Map>Roles 
- A list of AppRoles that are granted to this App (and that are defined by other Apps). Within the Oracle Public Cloud infrastructure, this allows AppID-based association. Such an association allows this App to act as a consumer and thus to access resources of another App that acts as a producer.
- grants List<Property Map>
- Grants assigned to the app
- hashedClient StringSecret 
- Hashed Client Secret. This hash-value is used to verify the 'clientSecret' credential of this App
- homePage StringUrl 
- Home Page URL
- icon String
- URL of application icon.
- id String
- Unique identifier for the SCIM Resource as defined by the Service Provider. Each representation of the Resource MUST include a non-empty id value. This identifier MUST be unique across the Service Provider's entire set of Resources. It MUST be a stable, non-reassignable identifier that does not change when the same Resource is returned in subsequent requests. The value of the id attribute is always issued by the Service Provider and MUST never be specified by the Service Consumer. bulkId: is a reserved keyword and MUST NOT be used in the unique identifier.
- idToken StringEnc Algo 
- Encryption Alogrithm to use for encrypting ID token.
- idcsCreated List<Property Map>Bies 
- The User or App who created the Resource
- idcsEndpoint String
- idcsLast List<Property Map>Modified Bies 
- The User or App who modified the Resource
- idcsLast StringUpgraded In Release 
- The release number when the resource was upgraded.
- idcsPrevented List<String>Operations 
- Each value of this attribute specifies an operation that only an internal client may perform on this particular resource.
- identityProviders List<Property Map>
- A list of IdentityProvider assigned to app. A user trying to access this app will be automatically redirected to configured IdP during the authentication phase, before being able to access App.
- idpPolicies List<Property Map>
- IDP Policy.
- infrastructure Boolean
- If true, this App is an internal infrastructure App.
- isAlias BooleanApp 
- If true, this App is an AliasApp and it cannot be granted to an end-user directly.
- isDatabase BooleanService 
- If true, this application acts as database service Application
- isEnterprise BooleanApp 
- If true, this app acts as Enterprise app with Authentication and URL Authz policy.
- isForm BooleanFill 
- If true, this application acts as FormFill Application
- isKerberos BooleanRealm 
- If true, indicates that this App supports Kerberos Authentication
- isLogin BooleanTarget 
- If true, this App allows runtime services to log end users into this App automatically.
- isManaged BooleanApp 
- If true, indicates that access to this App requires an account. That is, in order to log in to the App, a User must use an application-specific identity that is maintained in the remote identity-repository of that App.
- isMobile BooleanTarget 
- If true, indicates that the App should be visible in each end-user's mobile application.
- isMulticloud BooleanService App 
- If true, indicates the app is used for multicloud service integration.
- isOauth BooleanClient 
- If true, this application acts as an OAuth Client
- isOauth BooleanResource 
- If true, indicates that this application acts as an OAuth Resource.
- isObligation BooleanCapable 
- This flag indicates if the App is capable of validating obligations with the token for allowing access to the App.
- isOpc BooleanService 
- If true, this application is an Oracle Public Cloud service-instance.
- isRadius BooleanApp 
- If true, this application acts as an Radius App
- isSaml BooleanService Provider 
- If true, then this App acts as a SAML Service Provider.
- isUnmanaged BooleanApp 
- If true, indicates that this application accepts an Oracle Cloud Identity Service User as a login-identity (does not require an account) and relies for authorization on the User's memberships in AppRoles.
- isWeb BooleanTier Policy 
- If true, the webtier policy is active
- landingPage StringUrl 
- The URL of the landing page for this App, which is the first page that an end user should see if runtime services log that end user in to this App automatically.
- linkingCallback StringUrl 
- This attribute specifies the callback URL for the social linking operation.
- loginMechanism String
- The protocol that runtime services will use to log end users in to this App automatically. If 'OIDC', then runtime services use the OpenID Connect protocol. If 'SAML', then runtime services use Security Assertion Markup Language protocol.
- loginPage StringUrl 
- This attribute specifies the URL of the page that the App uses when an end-user signs in to that App.
- logoutPage StringUrl 
- This attribute specifies the URL of the page that the App uses when an end-user signs out.
- logoutUri String
- OAuth will use this URI to logout if this App wants to participate in SSO, and if this App's session gets cleared as part of global logout. Note: This attribute is used only if this App acts as an OAuthClient.
- metas List<Property Map>
- A complex attribute that contains resource metadata. All sub-attributes are OPTIONAL.
- meterAs BooleanOpc Service 
- Indicates whether the application is billed as an OPCService. If true, customer is not billed for runtime operations of the app.
- migrated Boolean
- If true, this App was migrated from an earlier version of Oracle Public Cloud infrastructure (and may therefore require special handling from runtime services such as OAuth or SAML). If false, this App requires no special handling from runtime services.
- name String
- The attribute represents the name of the attribute that will be used in the Security Assertion Markup Language (SAML) assertion
- ocid String
- Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.
- postLogout List<String>Redirect Uris 
- Each value of this attribute is the URI of a landing page within this App. It is used only when this App, acting as an OAuthClient, initiates the logout flow and wants to be redirected back to one of its landing pages.
- privacyPolicy StringUrl 
- Privacy Policy URL
- productLogo StringUrl 
- Application Logo URL
- productName String
- Product Name
- protectableSecondary List<Property Map>Audiences 
- A list of secondary audiences--additional URIs to be added automatically to any OAuth token that allows access to this App. Note: This attribute is used mainly for backward compatibility in certain Oracle Public Cloud Apps.
- radiusPolicies List<Property Map>
- RADIUS Policy assigned to this application.
- readyTo BooleanUpgrade 
- If true, this App requires an upgrade and mandates attention from application administrator. The flag is used by UI to indicate this app is ready to upgrade.
- redirectUris List<String>
- OPTIONAL. Each value is a URI within this App. This attribute is required when this App acts as an OAuthClient and is involved in three-legged flows (authorization-code flows).
- refreshToken NumberExpiry 
- Expiry-time in seconds for a Refresh Token. Any token that allows access to this App, once refreshed, will expire after the specified duration.
- samlService List<Property Map>Providers 
- An attribute that refers to the SAML Service Provider that runtime services will use to log an end user in to this App automatically. Note that this will be used only if the loginMechanism is 'SAML'.
- schemas List<String>
- REQUIRED. The schemas attribute is an array of Strings which allows introspection of the supported schema version for a SCIM representation as well any schema extensions supported by that representation. Each String value must be a unique URI. This specification defines URIs for User, Group, and a standard "enterprise" extension. All representations of SCIM schema MUST include a non-zero value array with value(s) of the URIs supported by that representation. Duplicate values MUST NOT be included. Value order is not specified and MUST not impact behavior.
- scopes List<Property Map>
- Scopes defined by this App. Used when this App acts as an OAuth Resource.
- secondaryAudiences List<String>
- A list of secondary audiences--additional URIs to be added automatically to any OAuth token that allows access to this App. Note: This attribute is used mainly for backward compatibility in certain Oracle Public Cloud Apps.
- serviceParams List<Property Map>
- Custom attribute that is required to compute other attribute values during app creation.
- serviceType StringUrn 
- This Uniform Resource Name (URN) value identifies the type of Oracle Public Cloud service of which this app is an instance.
- serviceType StringVersion 
- This value specifies the version of the Oracle Public Cloud service of which this App is an instance
- showIn BooleanMy Apps 
- If true, this app will be displayed in the MyApps page of each end-user who has access to the App.
- signonPolicies List<Property Map>
- Sign-on Policy.
- List<Property Map>
- A list of tags on this resource.
- tenancyOcid String
- Oracle Cloud Infrastructure Tenant Id (ocid) in which the resource lives.
- termsOf StringService Url 
- Terms of Service URL
- termsOf List<Property Map>Uses 
- Terms Of Use.
- trustPolicies List<Property Map>
- Trust Policies.
- trustScope String
- Indicates the scope of trust for this App when acting as an OAuthClient. A value of 'Explicit' indicates that the App is allowed to access only the scopes of OAuthResources that are explicitly specified as 'allowedScopes'. A value of 'Account' indicates that the App is allowed implicitly to access any scope of any OAuthResource within the same Oracle Cloud Account. A value of 'Tags' indicates that the App is allowed to access any scope of any OAuthResource with a matching tag within the same Oracle Cloud Account. A value of 'Default' indicates that the Tenant default trust scope configured in the Tenant Settings is used.
- List<Property Map>
- Oracle Cloud Infrastructure Tags.
- urnietfparamsscimschemasoracleidcsextensiondbcsApps List<Property Map>
- This extension provides attributes for database service facet of an App
- urnietfparamsscimschemasoracleidcsextensionenterpriseApp List<Property Map>Apps 
- This extension defines the Enterprise App related attributes.
- urnietfparamsscimschemasoracleidcsextensionformFill List<Property Map>App Apps 
- This extension provides attributes for Form-Fill facet of App
- urnietfparamsscimschemasoracleidcsextensionformFill List<Property Map>App Template App Templates 
- This extension provides attributes for Form-Fill facet of AppTemplate
- urnietfparamsscimschemasoracleidcsextensionkerberosRealm List<Property Map>Apps 
- Kerberos Realm
- urnietfparamsscimschemasoracleidcsextensionmanagedappApps List<Property Map>
- Managed App
- urnietfparamsscimschemasoracleidcsextensionmulticloudService List<Property Map>App Apps 
- This extension defines attributes specific to Apps that represent instances of Multicloud Service App
- urnietfparamsscimschemasoracleidcsextensionopcService List<Property Map>Apps 
- This extension defines attributes specific to Apps that represent instances of an Oracle Public Cloud (OPC) service.
- urnietfparamsscimschemasoracleidcsextensionradiusApp List<Property Map>Apps 
- This extension defines attributes specific to Apps that represent instances of Radius App.
- urnietfparamsscimschemasoracleidcsextensionrequestableApps List<Property Map>
- Requestable App
- urnietfparamsscimschemasoracleidcsextensionsamlService List<Property Map>Provider Apps 
- This extension defines attributes related to the Service Providers configuration.
- urnietfparamsscimschemasoracleidcsextensionwebTier List<Property Map>Policy Apps 
- WebTier Policy
- userRoles List<Property Map>
- A list of AppRoles defined by this UnmanagedApp. Membership in each of these AppRoles confers end-user privilege within this App.
- attributeSets List<String>
- attributes String
- String
- resourceType StringSchema Version 
Supporting Types
GetDomainsAppAccount   
- Active bool
- If true, this App is able to participate in runtime services, such as automatic-login, OAuth, and SAML. If false, all runtime services are disabled for this App, and only administrative operations can be performed.
- Name string
- The attribute represents the name of the attribute that will be used in the Security Assertion Markup Language (SAML) assertion
- OwnerId string
- Owner identifier
- Ref string
- URI of the AppRole.
- Value string
- ID of the AppRole.
- Active bool
- If true, this App is able to participate in runtime services, such as automatic-login, OAuth, and SAML. If false, all runtime services are disabled for this App, and only administrative operations can be performed.
- Name string
- The attribute represents the name of the attribute that will be used in the Security Assertion Markup Language (SAML) assertion
- OwnerId string
- Owner identifier
- Ref string
- URI of the AppRole.
- Value string
- ID of the AppRole.
- active Boolean
- If true, this App is able to participate in runtime services, such as automatic-login, OAuth, and SAML. If false, all runtime services are disabled for this App, and only administrative operations can be performed.
- name String
- The attribute represents the name of the attribute that will be used in the Security Assertion Markup Language (SAML) assertion
- ownerId String
- Owner identifier
- ref String
- URI of the AppRole.
- value String
- ID of the AppRole.
- active boolean
- If true, this App is able to participate in runtime services, such as automatic-login, OAuth, and SAML. If false, all runtime services are disabled for this App, and only administrative operations can be performed.
- name string
- The attribute represents the name of the attribute that will be used in the Security Assertion Markup Language (SAML) assertion
- ownerId string
- Owner identifier
- ref string
- URI of the AppRole.
- value string
- ID of the AppRole.
- active bool
- If true, this App is able to participate in runtime services, such as automatic-login, OAuth, and SAML. If false, all runtime services are disabled for this App, and only administrative operations can be performed.
- name str
- The attribute represents the name of the attribute that will be used in the Security Assertion Markup Language (SAML) assertion
- owner_id str
- Owner identifier
- ref str
- URI of the AppRole.
- value str
- ID of the AppRole.
- active Boolean
- If true, this App is able to participate in runtime services, such as automatic-login, OAuth, and SAML. If false, all runtime services are disabled for this App, and only administrative operations can be performed.
- name String
- The attribute represents the name of the attribute that will be used in the Security Assertion Markup Language (SAML) assertion
- ownerId String
- Owner identifier
- ref String
- URI of the AppRole.
- value String
- ID of the AppRole.
GetDomainsAppAdminRole    
- Description string
- The description of the AppRole.
- Display string
- Display-name of the AppRole.
- Ref string
- URI of the AppRole.
- Value string
- ID of the AppRole.
- Description string
- The description of the AppRole.
- Display string
- Display-name of the AppRole.
- Ref string
- URI of the AppRole.
- Value string
- ID of the AppRole.
- description String
- The description of the AppRole.
- display String
- Display-name of the AppRole.
- ref String
- URI of the AppRole.
- value String
- ID of the AppRole.
- description string
- The description of the AppRole.
- display string
- Display-name of the AppRole.
- ref string
- URI of the AppRole.
- value string
- ID of the AppRole.
- description str
- The description of the AppRole.
- display str
- Display-name of the AppRole.
- ref str
- URI of the AppRole.
- value str
- ID of the AppRole.
- description String
- The description of the AppRole.
- display String
- Display-name of the AppRole.
- ref String
- URI of the AppRole.
- value String
- ID of the AppRole.
GetDomainsAppAliasApp    
- Description string
- The description of the AppRole.
- Display string
- Display-name of the AppRole.
- Ref string
- URI of the AppRole.
- Value string
- ID of the AppRole.
- Description string
- The description of the AppRole.
- Display string
- Display-name of the AppRole.
- Ref string
- URI of the AppRole.
- Value string
- ID of the AppRole.
- description String
- The description of the AppRole.
- display String
- Display-name of the AppRole.
- ref String
- URI of the AppRole.
- value String
- ID of the AppRole.
- description string
- The description of the AppRole.
- display string
- Display-name of the AppRole.
- ref string
- URI of the AppRole.
- value string
- ID of the AppRole.
- description str
- The description of the AppRole.
- display str
- Display-name of the AppRole.
- ref str
- URI of the AppRole.
- value str
- ID of the AppRole.
- description String
- The description of the AppRole.
- display String
- Display-name of the AppRole.
- ref String
- URI of the AppRole.
- value String
- ID of the AppRole.
GetDomainsAppAllowedScope    
- Fqs string
- The fully qualified value of this scope within this App. A fully qualified scope combines the 'value' of each scope with the value of 'audience'. Each value of 'fqs' must be unique across the system. Used only when this App acts as an OAuth Resource.
- IdOf stringDefining App 
- The ID of the App that defines this scope.
- ReadOnly bool
- If true, indicates that this value must be protected.
- Fqs string
- The fully qualified value of this scope within this App. A fully qualified scope combines the 'value' of each scope with the value of 'audience'. Each value of 'fqs' must be unique across the system. Used only when this App acts as an OAuth Resource.
- IdOf stringDefining App 
- The ID of the App that defines this scope.
- ReadOnly bool
- If true, indicates that this value must be protected.
- fqs String
- The fully qualified value of this scope within this App. A fully qualified scope combines the 'value' of each scope with the value of 'audience'. Each value of 'fqs' must be unique across the system. Used only when this App acts as an OAuth Resource.
- idOf StringDefining App 
- The ID of the App that defines this scope.
- readOnly Boolean
- If true, indicates that this value must be protected.
- fqs string
- The fully qualified value of this scope within this App. A fully qualified scope combines the 'value' of each scope with the value of 'audience'. Each value of 'fqs' must be unique across the system. Used only when this App acts as an OAuth Resource.
- idOf stringDefining App 
- The ID of the App that defines this scope.
- readOnly boolean
- If true, indicates that this value must be protected.
- fqs str
- The fully qualified value of this scope within this App. A fully qualified scope combines the 'value' of each scope with the value of 'audience'. Each value of 'fqs' must be unique across the system. Used only when this App acts as an OAuth Resource.
- id_of_ strdefining_ app 
- The ID of the App that defines this scope.
- read_only bool
- If true, indicates that this value must be protected.
- fqs String
- The fully qualified value of this scope within this App. A fully qualified scope combines the 'value' of each scope with the value of 'audience'. Each value of 'fqs' must be unique across the system. Used only when this App acts as an OAuth Resource.
- idOf StringDefining App 
- The ID of the App that defines this scope.
- readOnly Boolean
- If true, indicates that this value must be protected.
GetDomainsAppAllowedTag    
GetDomainsAppAppSignonPolicy     
GetDomainsAppAppsNetworkPerimeter     
GetDomainsAppAsOpcService     
GetDomainsAppAttrRenderingMetadata     
- Datatype string
- Data type of the attribute.
- Helptext string
- Help text for the attribute. It can contain HTML tags.
- Label string
- Label for the attribute to be shown in the UI.
- MaxLength int
- Maximum length of the attribute.
- MaxSize int
- Maximum size of the attribute.
- MinLength int
- Minimum length of the attribute.
- MinSize int
- Minimum size of the attribute..
- Name string
- The attribute represents the name of the attribute that will be used in the Security Assertion Markup Language (SAML) assertion
- Order int
- Display sequence of the bundle configuration property.
- ReadOnly bool
- If true, indicates that this value must be protected.
- Regexp string
- Regular expression of the attribute for validation.
- Required bool
- If true, this flatfile bundle configuration property is required to connect to the target connected managed app. This attribute maps to "isRequired" attribute in "ConfigurationProperty" in ICF.
- Section string
- UI widget to use for the attribute.
- Visible bool
- Indicates whether the attribute is to be shown on the application creation UI.
- Widget string
- UI widget to use for the attribute.
- Datatype string
- Data type of the attribute.
- Helptext string
- Help text for the attribute. It can contain HTML tags.
- Label string
- Label for the attribute to be shown in the UI.
- MaxLength int
- Maximum length of the attribute.
- MaxSize int
- Maximum size of the attribute.
- MinLength int
- Minimum length of the attribute.
- MinSize int
- Minimum size of the attribute..
- Name string
- The attribute represents the name of the attribute that will be used in the Security Assertion Markup Language (SAML) assertion
- Order int
- Display sequence of the bundle configuration property.
- ReadOnly bool
- If true, indicates that this value must be protected.
- Regexp string
- Regular expression of the attribute for validation.
- Required bool
- If true, this flatfile bundle configuration property is required to connect to the target connected managed app. This attribute maps to "isRequired" attribute in "ConfigurationProperty" in ICF.
- Section string
- UI widget to use for the attribute.
- Visible bool
- Indicates whether the attribute is to be shown on the application creation UI.
- Widget string
- UI widget to use for the attribute.
- datatype String
- Data type of the attribute.
- helptext String
- Help text for the attribute. It can contain HTML tags.
- label String
- Label for the attribute to be shown in the UI.
- maxLength Integer
- Maximum length of the attribute.
- maxSize Integer
- Maximum size of the attribute.
- minLength Integer
- Minimum length of the attribute.
- minSize Integer
- Minimum size of the attribute..
- name String
- The attribute represents the name of the attribute that will be used in the Security Assertion Markup Language (SAML) assertion
- order Integer
- Display sequence of the bundle configuration property.
- readOnly Boolean
- If true, indicates that this value must be protected.
- regexp String
- Regular expression of the attribute for validation.
- required Boolean
- If true, this flatfile bundle configuration property is required to connect to the target connected managed app. This attribute maps to "isRequired" attribute in "ConfigurationProperty" in ICF.
- section String
- UI widget to use for the attribute.
- visible Boolean
- Indicates whether the attribute is to be shown on the application creation UI.
- widget String
- UI widget to use for the attribute.
- datatype string
- Data type of the attribute.
- helptext string
- Help text for the attribute. It can contain HTML tags.
- label string
- Label for the attribute to be shown in the UI.
- maxLength number
- Maximum length of the attribute.
- maxSize number
- Maximum size of the attribute.
- minLength number
- Minimum length of the attribute.
- minSize number
- Minimum size of the attribute..
- name string
- The attribute represents the name of the attribute that will be used in the Security Assertion Markup Language (SAML) assertion
- order number
- Display sequence of the bundle configuration property.
- readOnly boolean
- If true, indicates that this value must be protected.
- regexp string
- Regular expression of the attribute for validation.
- required boolean
- If true, this flatfile bundle configuration property is required to connect to the target connected managed app. This attribute maps to "isRequired" attribute in "ConfigurationProperty" in ICF.
- section string
- UI widget to use for the attribute.
- visible boolean
- Indicates whether the attribute is to be shown on the application creation UI.
- widget string
- UI widget to use for the attribute.
- datatype str
- Data type of the attribute.
- helptext str
- Help text for the attribute. It can contain HTML tags.
- label str
- Label for the attribute to be shown in the UI.
- max_length int
- Maximum length of the attribute.
- max_size int
- Maximum size of the attribute.
- min_length int
- Minimum length of the attribute.
- min_size int
- Minimum size of the attribute..
- name str
- The attribute represents the name of the attribute that will be used in the Security Assertion Markup Language (SAML) assertion
- order int
- Display sequence of the bundle configuration property.
- read_only bool
- If true, indicates that this value must be protected.
- regexp str
- Regular expression of the attribute for validation.
- required bool
- If true, this flatfile bundle configuration property is required to connect to the target connected managed app. This attribute maps to "isRequired" attribute in "ConfigurationProperty" in ICF.
- section str
- UI widget to use for the attribute.
- visible bool
- Indicates whether the attribute is to be shown on the application creation UI.
- widget str
- UI widget to use for the attribute.
- datatype String
- Data type of the attribute.
- helptext String
- Help text for the attribute. It can contain HTML tags.
- label String
- Label for the attribute to be shown in the UI.
- maxLength Number
- Maximum length of the attribute.
- maxSize Number
- Maximum size of the attribute.
- minLength Number
- Minimum length of the attribute.
- minSize Number
- Minimum size of the attribute..
- name String
- The attribute represents the name of the attribute that will be used in the Security Assertion Markup Language (SAML) assertion
- order Number
- Display sequence of the bundle configuration property.
- readOnly Boolean
- If true, indicates that this value must be protected.
- regexp String
- Regular expression of the attribute for validation.
- required Boolean
- If true, this flatfile bundle configuration property is required to connect to the target connected managed app. This attribute maps to "isRequired" attribute in "ConfigurationProperty" in ICF.
- section String
- UI widget to use for the attribute.
- visible Boolean
- Indicates whether the attribute is to be shown on the application creation UI.
- widget String
- UI widget to use for the attribute.
GetDomainsAppBasedOnTemplate     
- LastModified string
- The most recent DateTime that the details of this Resource were updated at the Service Provider. If this Resource has never been modified since its initial creation, the value MUST be the same as the value of created. The attribute MUST be a DateTime.
- Ref string
- URI of the AppRole.
- Value string
- ID of the AppRole.
- WellKnown stringId 
- Unique well-known identifier used to reference connector bundle.
- LastModified string
- The most recent DateTime that the details of this Resource were updated at the Service Provider. If this Resource has never been modified since its initial creation, the value MUST be the same as the value of created. The attribute MUST be a DateTime.
- Ref string
- URI of the AppRole.
- Value string
- ID of the AppRole.
- WellKnown stringId 
- Unique well-known identifier used to reference connector bundle.
- lastModified String
- The most recent DateTime that the details of this Resource were updated at the Service Provider. If this Resource has never been modified since its initial creation, the value MUST be the same as the value of created. The attribute MUST be a DateTime.
- ref String
- URI of the AppRole.
- value String
- ID of the AppRole.
- wellKnown StringId 
- Unique well-known identifier used to reference connector bundle.
- lastModified string
- The most recent DateTime that the details of this Resource were updated at the Service Provider. If this Resource has never been modified since its initial creation, the value MUST be the same as the value of created. The attribute MUST be a DateTime.
- ref string
- URI of the AppRole.
- value string
- ID of the AppRole.
- wellKnown stringId 
- Unique well-known identifier used to reference connector bundle.
- last_modified str
- The most recent DateTime that the details of this Resource were updated at the Service Provider. If this Resource has never been modified since its initial creation, the value MUST be the same as the value of created. The attribute MUST be a DateTime.
- ref str
- URI of the AppRole.
- value str
- ID of the AppRole.
- well_known_ strid 
- Unique well-known identifier used to reference connector bundle.
- lastModified String
- The most recent DateTime that the details of this Resource were updated at the Service Provider. If this Resource has never been modified since its initial creation, the value MUST be the same as the value of created. The attribute MUST be a DateTime.
- ref String
- URI of the AppRole.
- value String
- ID of the AppRole.
- wellKnown StringId 
- Unique well-known identifier used to reference connector bundle.
GetDomainsAppCertificate   
- CertAlias string
- Certificate alias
- Kid string
- Certificate kid
- Sha1thumbprint string
- sha1Thumbprint
- X509base64certificate string
- Base-64-encoded certificate.
- X5t string
- Certificate x5t
- CertAlias string
- Certificate alias
- Kid string
- Certificate kid
- Sha1thumbprint string
- sha1Thumbprint
- X509base64certificate string
- Base-64-encoded certificate.
- X5t string
- Certificate x5t
- certAlias String
- Certificate alias
- kid String
- Certificate kid
- sha1thumbprint String
- sha1Thumbprint
- x509base64certificate String
- Base-64-encoded certificate.
- x5t String
- Certificate x5t
- certAlias string
- Certificate alias
- kid string
- Certificate kid
- sha1thumbprint string
- sha1Thumbprint
- x509base64certificate string
- Base-64-encoded certificate.
- x5t string
- Certificate x5t
- cert_alias str
- Certificate alias
- kid str
- Certificate kid
- sha1thumbprint str
- sha1Thumbprint
- x509base64certificate str
- Base-64-encoded certificate.
- x5t str
- Certificate x5t
- certAlias String
- Certificate alias
- kid String
- Certificate kid
- sha1thumbprint String
- sha1Thumbprint
- x509base64certificate String
- Base-64-encoded certificate.
- x5t String
- Certificate x5t
GetDomainsAppCloudControlProperty     
GetDomainsAppEditableAttribute    
- Name string
- The attribute represents the name of the attribute that will be used in the Security Assertion Markup Language (SAML) assertion
- Name string
- The attribute represents the name of the attribute that will be used in the Security Assertion Markup Language (SAML) assertion
- name String
- The attribute represents the name of the attribute that will be used in the Security Assertion Markup Language (SAML) assertion
- name string
- The attribute represents the name of the attribute that will be used in the Security Assertion Markup Language (SAML) assertion
- name str
- The attribute represents the name of the attribute that will be used in the Security Assertion Markup Language (SAML) assertion
- name String
- The attribute represents the name of the attribute that will be used in the Security Assertion Markup Language (SAML) assertion
GetDomainsAppGrant   
- GrantMechanism string
- Each value of grantMechanism indicates how (or by what component) some App (or App-Entitlement) was granted. A customer or the UI should use only grantMechanism values that start with 'ADMINISTRATOR':- 'ADMINISTRATOR_TO_USER' is for a direct grant to a specific User.
- 'ADMINISTRATOR_TO_GROUP' is for a grant to a specific Group, which results in indirect grants to Users who are members of that Group.
- 'ADMINISTRATOR_TO_APP' is for a grant to a specific App. The grantee (client) App gains access to the granted (server) App.
 
- GranteeId string
- Grantee identifier
- GranteeType string
- Grantee resource type. Allowed values are User and Group.
- Ref string
- URI of the AppRole.
- Value string
- ID of the AppRole.
- GrantMechanism string
- Each value of grantMechanism indicates how (or by what component) some App (or App-Entitlement) was granted. A customer or the UI should use only grantMechanism values that start with 'ADMINISTRATOR':- 'ADMINISTRATOR_TO_USER' is for a direct grant to a specific User.
- 'ADMINISTRATOR_TO_GROUP' is for a grant to a specific Group, which results in indirect grants to Users who are members of that Group.
- 'ADMINISTRATOR_TO_APP' is for a grant to a specific App. The grantee (client) App gains access to the granted (server) App.
 
- GranteeId string
- Grantee identifier
- GranteeType string
- Grantee resource type. Allowed values are User and Group.
- Ref string
- URI of the AppRole.
- Value string
- ID of the AppRole.
- grantMechanism String
- Each value of grantMechanism indicates how (or by what component) some App (or App-Entitlement) was granted. A customer or the UI should use only grantMechanism values that start with 'ADMINISTRATOR':- 'ADMINISTRATOR_TO_USER' is for a direct grant to a specific User.
- 'ADMINISTRATOR_TO_GROUP' is for a grant to a specific Group, which results in indirect grants to Users who are members of that Group.
- 'ADMINISTRATOR_TO_APP' is for a grant to a specific App. The grantee (client) App gains access to the granted (server) App.
 
- granteeId String
- Grantee identifier
- granteeType String
- Grantee resource type. Allowed values are User and Group.
- ref String
- URI of the AppRole.
- value String
- ID of the AppRole.
- grantMechanism string
- Each value of grantMechanism indicates how (or by what component) some App (or App-Entitlement) was granted. A customer or the UI should use only grantMechanism values that start with 'ADMINISTRATOR':- 'ADMINISTRATOR_TO_USER' is for a direct grant to a specific User.
- 'ADMINISTRATOR_TO_GROUP' is for a grant to a specific Group, which results in indirect grants to Users who are members of that Group.
- 'ADMINISTRATOR_TO_APP' is for a grant to a specific App. The grantee (client) App gains access to the granted (server) App.
 
- granteeId string
- Grantee identifier
- granteeType string
- Grantee resource type. Allowed values are User and Group.
- ref string
- URI of the AppRole.
- value string
- ID of the AppRole.
- grant_mechanism str
- Each value of grantMechanism indicates how (or by what component) some App (or App-Entitlement) was granted. A customer or the UI should use only grantMechanism values that start with 'ADMINISTRATOR':- 'ADMINISTRATOR_TO_USER' is for a direct grant to a specific User.
- 'ADMINISTRATOR_TO_GROUP' is for a grant to a specific Group, which results in indirect grants to Users who are members of that Group.
- 'ADMINISTRATOR_TO_APP' is for a grant to a specific App. The grantee (client) App gains access to the granted (server) App.
 
- grantee_id str
- Grantee identifier
- grantee_type str
- Grantee resource type. Allowed values are User and Group.
- ref str
- URI of the AppRole.
- value str
- ID of the AppRole.
- grantMechanism String
- Each value of grantMechanism indicates how (or by what component) some App (or App-Entitlement) was granted. A customer or the UI should use only grantMechanism values that start with 'ADMINISTRATOR':- 'ADMINISTRATOR_TO_USER' is for a direct grant to a specific User.
- 'ADMINISTRATOR_TO_GROUP' is for a grant to a specific Group, which results in indirect grants to Users who are members of that Group.
- 'ADMINISTRATOR_TO_APP' is for a grant to a specific App. The grantee (client) App gains access to the granted (server) App.
 
- granteeId String
- Grantee identifier
- granteeType String
- Grantee resource type. Allowed values are User and Group.
- ref String
- URI of the AppRole.
- value String
- ID of the AppRole.
GetDomainsAppGrantedAppRole     
- AdminRole bool
- If true, then this granted AppRole confers administrative privileges within the App that defines it. Otherwise, the granted AppRole confers only functional privileges.
- AppId string
- ID of the resource
- AppName string
- The name of the App that defines this AppRole, which is granted to this App. The App that defines the AppRole acts as the producer; the App to which the AppRole is granted acts as a consumer.
- Display string
- Display-name of the AppRole.
- LegacyGroup stringName 
- The name of the legacy group associated with this AppRole.
- ReadOnly bool
- If true, indicates that this value must be protected.
- Ref string
- URI of the AppRole.
- Type string
- Object Class type. Allowed values are AccountObjectClass, ManagedObjectClass.
- Value string
- ID of the AppRole.
- AdminRole bool
- If true, then this granted AppRole confers administrative privileges within the App that defines it. Otherwise, the granted AppRole confers only functional privileges.
- AppId string
- ID of the resource
- AppName string
- The name of the App that defines this AppRole, which is granted to this App. The App that defines the AppRole acts as the producer; the App to which the AppRole is granted acts as a consumer.
- Display string
- Display-name of the AppRole.
- LegacyGroup stringName 
- The name of the legacy group associated with this AppRole.
- ReadOnly bool
- If true, indicates that this value must be protected.
- Ref string
- URI of the AppRole.
- Type string
- Object Class type. Allowed values are AccountObjectClass, ManagedObjectClass.
- Value string
- ID of the AppRole.
- adminRole Boolean
- If true, then this granted AppRole confers administrative privileges within the App that defines it. Otherwise, the granted AppRole confers only functional privileges.
- appId String
- ID of the resource
- appName String
- The name of the App that defines this AppRole, which is granted to this App. The App that defines the AppRole acts as the producer; the App to which the AppRole is granted acts as a consumer.
- display String
- Display-name of the AppRole.
- legacyGroup StringName 
- The name of the legacy group associated with this AppRole.
- readOnly Boolean
- If true, indicates that this value must be protected.
- ref String
- URI of the AppRole.
- type String
- Object Class type. Allowed values are AccountObjectClass, ManagedObjectClass.
- value String
- ID of the AppRole.
- adminRole boolean
- If true, then this granted AppRole confers administrative privileges within the App that defines it. Otherwise, the granted AppRole confers only functional privileges.
- appId string
- ID of the resource
- appName string
- The name of the App that defines this AppRole, which is granted to this App. The App that defines the AppRole acts as the producer; the App to which the AppRole is granted acts as a consumer.
- display string
- Display-name of the AppRole.
- legacyGroup stringName 
- The name of the legacy group associated with this AppRole.
- readOnly boolean
- If true, indicates that this value must be protected.
- ref string
- URI of the AppRole.
- type string
- Object Class type. Allowed values are AccountObjectClass, ManagedObjectClass.
- value string
- ID of the AppRole.
- admin_role bool
- If true, then this granted AppRole confers administrative privileges within the App that defines it. Otherwise, the granted AppRole confers only functional privileges.
- app_id str
- ID of the resource
- app_name str
- The name of the App that defines this AppRole, which is granted to this App. The App that defines the AppRole acts as the producer; the App to which the AppRole is granted acts as a consumer.
- display str
- Display-name of the AppRole.
- legacy_group_ strname 
- The name of the legacy group associated with this AppRole.
- read_only bool
- If true, indicates that this value must be protected.
- ref str
- URI of the AppRole.
- type str
- Object Class type. Allowed values are AccountObjectClass, ManagedObjectClass.
- value str
- ID of the AppRole.
- adminRole Boolean
- If true, then this granted AppRole confers administrative privileges within the App that defines it. Otherwise, the granted AppRole confers only functional privileges.
- appId String
- ID of the resource
- appName String
- The name of the App that defines this AppRole, which is granted to this App. The App that defines the AppRole acts as the producer; the App to which the AppRole is granted acts as a consumer.
- display String
- Display-name of the AppRole.
- legacyGroup StringName 
- The name of the legacy group associated with this AppRole.
- readOnly Boolean
- If true, indicates that this value must be protected.
- ref String
- URI of the AppRole.
- type String
- Object Class type. Allowed values are AccountObjectClass, ManagedObjectClass.
- value String
- ID of the AppRole.
GetDomainsAppIdcsCreatedBy     
GetDomainsAppIdcsLastModifiedBy      
GetDomainsAppIdentityProvider    
GetDomainsAppIdpPolicy    
GetDomainsAppMeta   
- Created string
- The DateTime the Resource was added to the Service Provider
- LastModified string
- The most recent DateTime that the details of this Resource were updated at the Service Provider. If this Resource has never been modified since its initial creation, the value MUST be the same as the value of created. The attribute MUST be a DateTime.
- Location string
- The URI of the Resource being returned. This value MUST be the same as the Location HTTP response header.
- ResourceType string
- Object class resource type
- Version string
- The version of the Resource being returned. This value must be the same as the ETag HTTP response header.
- Created string
- The DateTime the Resource was added to the Service Provider
- LastModified string
- The most recent DateTime that the details of this Resource were updated at the Service Provider. If this Resource has never been modified since its initial creation, the value MUST be the same as the value of created. The attribute MUST be a DateTime.
- Location string
- The URI of the Resource being returned. This value MUST be the same as the Location HTTP response header.
- ResourceType string
- Object class resource type
- Version string
- The version of the Resource being returned. This value must be the same as the ETag HTTP response header.
- created String
- The DateTime the Resource was added to the Service Provider
- lastModified String
- The most recent DateTime that the details of this Resource were updated at the Service Provider. If this Resource has never been modified since its initial creation, the value MUST be the same as the value of created. The attribute MUST be a DateTime.
- location String
- The URI of the Resource being returned. This value MUST be the same as the Location HTTP response header.
- resourceType String
- Object class resource type
- version String
- The version of the Resource being returned. This value must be the same as the ETag HTTP response header.
- created string
- The DateTime the Resource was added to the Service Provider
- lastModified string
- The most recent DateTime that the details of this Resource were updated at the Service Provider. If this Resource has never been modified since its initial creation, the value MUST be the same as the value of created. The attribute MUST be a DateTime.
- location string
- The URI of the Resource being returned. This value MUST be the same as the Location HTTP response header.
- resourceType string
- Object class resource type
- version string
- The version of the Resource being returned. This value must be the same as the ETag HTTP response header.
- created str
- The DateTime the Resource was added to the Service Provider
- last_modified str
- The most recent DateTime that the details of this Resource were updated at the Service Provider. If this Resource has never been modified since its initial creation, the value MUST be the same as the value of created. The attribute MUST be a DateTime.
- location str
- The URI of the Resource being returned. This value MUST be the same as the Location HTTP response header.
- resource_type str
- Object class resource type
- version str
- The version of the Resource being returned. This value must be the same as the ETag HTTP response header.
- created String
- The DateTime the Resource was added to the Service Provider
- lastModified String
- The most recent DateTime that the details of this Resource were updated at the Service Provider. If this Resource has never been modified since its initial creation, the value MUST be the same as the value of created. The attribute MUST be a DateTime.
- location String
- The URI of the Resource being returned. This value MUST be the same as the Location HTTP response header.
- resourceType String
- Object class resource type
- version String
- The version of the Resource being returned. This value must be the same as the ETag HTTP response header.
GetDomainsAppProtectableSecondaryAudience     
GetDomainsAppRadiusPolicy    
GetDomainsAppSamlServiceProvider     
GetDomainsAppScope   
- Description string
- The description of the AppRole.
- DisplayName string
- Display name of the flatfile bundle configuration property. This attribute maps to "displayName" attribute in "ConfigurationProperty" in ICF.
- Fqs string
- The fully qualified value of this scope within this App. A fully qualified scope combines the 'value' of each scope with the value of 'audience'. Each value of 'fqs' must be unique across the system. Used only when this App acts as an OAuth Resource.
- ReadOnly bool
- If true, indicates that this value must be protected.
- RequiresConsent bool
- If true, indicates that a user must provide consent to access this scope. Note: Used only when this App acts as an OAuth Resource.
- Value string
- ID of the AppRole.
- Description string
- The description of the AppRole.
- DisplayName string
- Display name of the flatfile bundle configuration property. This attribute maps to "displayName" attribute in "ConfigurationProperty" in ICF.
- Fqs string
- The fully qualified value of this scope within this App. A fully qualified scope combines the 'value' of each scope with the value of 'audience'. Each value of 'fqs' must be unique across the system. Used only when this App acts as an OAuth Resource.
- ReadOnly bool
- If true, indicates that this value must be protected.
- RequiresConsent bool
- If true, indicates that a user must provide consent to access this scope. Note: Used only when this App acts as an OAuth Resource.
- Value string
- ID of the AppRole.
- description String
- The description of the AppRole.
- displayName String
- Display name of the flatfile bundle configuration property. This attribute maps to "displayName" attribute in "ConfigurationProperty" in ICF.
- fqs String
- The fully qualified value of this scope within this App. A fully qualified scope combines the 'value' of each scope with the value of 'audience'. Each value of 'fqs' must be unique across the system. Used only when this App acts as an OAuth Resource.
- readOnly Boolean
- If true, indicates that this value must be protected.
- requiresConsent Boolean
- If true, indicates that a user must provide consent to access this scope. Note: Used only when this App acts as an OAuth Resource.
- value String
- ID of the AppRole.
- description string
- The description of the AppRole.
- displayName string
- Display name of the flatfile bundle configuration property. This attribute maps to "displayName" attribute in "ConfigurationProperty" in ICF.
- fqs string
- The fully qualified value of this scope within this App. A fully qualified scope combines the 'value' of each scope with the value of 'audience'. Each value of 'fqs' must be unique across the system. Used only when this App acts as an OAuth Resource.
- readOnly boolean
- If true, indicates that this value must be protected.
- requiresConsent boolean
- If true, indicates that a user must provide consent to access this scope. Note: Used only when this App acts as an OAuth Resource.
- value string
- ID of the AppRole.
- description str
- The description of the AppRole.
- display_name str
- Display name of the flatfile bundle configuration property. This attribute maps to "displayName" attribute in "ConfigurationProperty" in ICF.
- fqs str
- The fully qualified value of this scope within this App. A fully qualified scope combines the 'value' of each scope with the value of 'audience'. Each value of 'fqs' must be unique across the system. Used only when this App acts as an OAuth Resource.
- read_only bool
- If true, indicates that this value must be protected.
- requires_consent bool
- If true, indicates that a user must provide consent to access this scope. Note: Used only when this App acts as an OAuth Resource.
- value str
- ID of the AppRole.
- description String
- The description of the AppRole.
- displayName String
- Display name of the flatfile bundle configuration property. This attribute maps to "displayName" attribute in "ConfigurationProperty" in ICF.
- fqs String
- The fully qualified value of this scope within this App. A fully qualified scope combines the 'value' of each scope with the value of 'audience'. Each value of 'fqs' must be unique across the system. Used only when this App acts as an OAuth Resource.
- readOnly Boolean
- If true, indicates that this value must be protected.
- requiresConsent Boolean
- If true, indicates that a user must provide consent to access this scope. Note: Used only when this App acts as an OAuth Resource.
- value String
- ID of the AppRole.
GetDomainsAppServiceParam    
GetDomainsAppSignonPolicy    
GetDomainsAppTag   
GetDomainsAppTermsOfUse     
GetDomainsAppTrustPolicy    
GetDomainsAppUrnietfparamsscimschemasoracleidcsextensionOciTag     
- 
List<GetDomains App Urnietfparamsscimschemasoracleidcsextension Oci Tag Defined Tag> 
- Oracle Cloud Infrastructure Defined Tags
- 
List<GetDomains App Urnietfparamsscimschemasoracleidcsextension Oci Tag Freeform Tag> 
- Oracle Cloud Infrastructure Freeform Tags
- string
- Oracle Cloud Infrastructure Tag slug
- 
[]GetDomains App Urnietfparamsscimschemasoracleidcsextension Oci Tag Defined Tag 
- Oracle Cloud Infrastructure Defined Tags
- 
[]GetDomains App Urnietfparamsscimschemasoracleidcsextension Oci Tag Freeform Tag 
- Oracle Cloud Infrastructure Freeform Tags
- string
- Oracle Cloud Infrastructure Tag slug
- 
List<GetDomains App Urnietfparamsscimschemasoracleidcsextension Oci Tag Defined Tag> 
- Oracle Cloud Infrastructure Defined Tags
- 
List<GetDomains App Urnietfparamsscimschemasoracleidcsextension Oci Tag Freeform Tag> 
- Oracle Cloud Infrastructure Freeform Tags
- String
- Oracle Cloud Infrastructure Tag slug
- 
GetDomains App Urnietfparamsscimschemasoracleidcsextension Oci Tag Defined Tag[] 
- Oracle Cloud Infrastructure Defined Tags
- 
GetDomains App Urnietfparamsscimschemasoracleidcsextension Oci Tag Freeform Tag[] 
- Oracle Cloud Infrastructure Freeform Tags
- string
- Oracle Cloud Infrastructure Tag slug
- 
Sequence[GetDomains App Urnietfparamsscimschemasoracleidcsextension Oci Tag Defined Tag] 
- Oracle Cloud Infrastructure Defined Tags
- 
Sequence[GetDomains App Urnietfparamsscimschemasoracleidcsextension Oci Tag Freeform Tag] 
- Oracle Cloud Infrastructure Freeform Tags
- tag_slug str
- Oracle Cloud Infrastructure Tag slug
- List<Property Map>
- Oracle Cloud Infrastructure Defined Tags
- List<Property Map>
- Oracle Cloud Infrastructure Freeform Tags
- String
- Oracle Cloud Infrastructure Tag slug
GetDomainsAppUrnietfparamsscimschemasoracleidcsextensionOciTagDefinedTag       
GetDomainsAppUrnietfparamsscimschemasoracleidcsextensionOciTagFreeformTag       
GetDomainsAppUrnietfparamsscimschemasoracleidcsextensiondbcsApp    
- DomainApps List<GetDomains App Urnietfparamsscimschemasoracleidcsextensiondbcs App Domain App> 
- Description:
- DomainName string
- The name of the Enterprise Domain that contains any number of DBInstances. If specified, the value must be unique. A non-null value indicates that App represents a DBDomain. A value of null indicates that the App represents an DB-instance.
- DomainApps []GetDomains App Urnietfparamsscimschemasoracleidcsextensiondbcs App Domain App 
- Description:
- DomainName string
- The name of the Enterprise Domain that contains any number of DBInstances. If specified, the value must be unique. A non-null value indicates that App represents a DBDomain. A value of null indicates that the App represents an DB-instance.
- domainApps List<GetDomains App Urnietfparamsscimschemasoracleidcsextensiondbcs App Domain App> 
- Description:
- domainName String
- The name of the Enterprise Domain that contains any number of DBInstances. If specified, the value must be unique. A non-null value indicates that App represents a DBDomain. A value of null indicates that the App represents an DB-instance.
- domainApps GetDomains App Urnietfparamsscimschemasoracleidcsextensiondbcs App Domain App[] 
- Description:
- domainName string
- The name of the Enterprise Domain that contains any number of DBInstances. If specified, the value must be unique. A non-null value indicates that App represents a DBDomain. A value of null indicates that the App represents an DB-instance.
- domain_apps Sequence[GetDomains App Urnietfparamsscimschemasoracleidcsextensiondbcs App Domain App] 
- Description:
- domain_name str
- The name of the Enterprise Domain that contains any number of DBInstances. If specified, the value must be unique. A non-null value indicates that App represents a DBDomain. A value of null indicates that the App represents an DB-instance.
- domainApps List<Property Map>
- Description:
- domainName String
- The name of the Enterprise Domain that contains any number of DBInstances. If specified, the value must be unique. A non-null value indicates that App represents a DBDomain. A value of null indicates that the App represents an DB-instance.
GetDomainsAppUrnietfparamsscimschemasoracleidcsextensiondbcsAppDomainApp      
GetDomainsAppUrnietfparamsscimschemasoracleidcsextensionenterpriseAppApp     
- AllowAuthz intDecision Ttl 
- Allow Authz policy decision expiry time in seconds.
- AllowAuthz List<GetPolicies Domains App Urnietfparamsscimschemasoracleidcsextensionenterprise App App Allow Authz Policy> 
- Allow Authz Policy.
- AppResources List<GetDomains App Urnietfparamsscimschemasoracleidcsextensionenterprise App App App Resource> 
- A list of AppResources of this App.
- DenyAuthz intDecision Ttl 
- Deny Authz policy decision expiry time in seconds.
- DenyAuthz List<GetPolicies Domains App Urnietfparamsscimschemasoracleidcsextensionenterprise App App Deny Authz Policy> 
- Deny Authz Policy.
- AllowAuthz intDecision Ttl 
- Allow Authz policy decision expiry time in seconds.
- AllowAuthz []GetPolicies Domains App Urnietfparamsscimschemasoracleidcsextensionenterprise App App Allow Authz Policy 
- Allow Authz Policy.
- AppResources []GetDomains App Urnietfparamsscimschemasoracleidcsextensionenterprise App App App Resource 
- A list of AppResources of this App.
- DenyAuthz intDecision Ttl 
- Deny Authz policy decision expiry time in seconds.
- DenyAuthz []GetPolicies Domains App Urnietfparamsscimschemasoracleidcsextensionenterprise App App Deny Authz Policy 
- Deny Authz Policy.
- allowAuthz IntegerDecision Ttl 
- Allow Authz policy decision expiry time in seconds.
- allowAuthz List<GetPolicies Domains App Urnietfparamsscimschemasoracleidcsextensionenterprise App App Allow Authz Policy> 
- Allow Authz Policy.
- appResources List<GetDomains App Urnietfparamsscimschemasoracleidcsextensionenterprise App App App Resource> 
- A list of AppResources of this App.
- denyAuthz IntegerDecision Ttl 
- Deny Authz policy decision expiry time in seconds.
- denyAuthz List<GetPolicies Domains App Urnietfparamsscimschemasoracleidcsextensionenterprise App App Deny Authz Policy> 
- Deny Authz Policy.
- allowAuthz numberDecision Ttl 
- Allow Authz policy decision expiry time in seconds.
- allowAuthz GetPolicies Domains App Urnietfparamsscimschemasoracleidcsextensionenterprise App App Allow Authz Policy[] 
- Allow Authz Policy.
- appResources GetDomains App Urnietfparamsscimschemasoracleidcsextensionenterprise App App App Resource[] 
- A list of AppResources of this App.
- denyAuthz numberDecision Ttl 
- Deny Authz policy decision expiry time in seconds.
- denyAuthz GetPolicies Domains App Urnietfparamsscimschemasoracleidcsextensionenterprise App App Deny Authz Policy[] 
- Deny Authz Policy.
- allow_authz_ intdecision_ ttl 
- Allow Authz policy decision expiry time in seconds.
- allow_authz_ Sequence[Getpolicies Domains App Urnietfparamsscimschemasoracleidcsextensionenterprise App App Allow Authz Policy] 
- Allow Authz Policy.
- app_resources Sequence[GetDomains App Urnietfparamsscimschemasoracleidcsextensionenterprise App App App Resource] 
- A list of AppResources of this App.
- deny_authz_ intdecision_ ttl 
- Deny Authz policy decision expiry time in seconds.
- deny_authz_ Sequence[Getpolicies Domains App Urnietfparamsscimschemasoracleidcsextensionenterprise App App Deny Authz Policy] 
- Deny Authz Policy.
- allowAuthz NumberDecision Ttl 
- Allow Authz policy decision expiry time in seconds.
- allowAuthz List<Property Map>Policies 
- Allow Authz Policy.
- appResources List<Property Map>
- A list of AppResources of this App.
- denyAuthz NumberDecision Ttl 
- Deny Authz policy decision expiry time in seconds.
- denyAuthz List<Property Map>Policies 
- Deny Authz Policy.
GetDomainsAppUrnietfparamsscimschemasoracleidcsextensionenterpriseAppAppAllowAuthzPolicy        
GetDomainsAppUrnietfparamsscimschemasoracleidcsextensionenterpriseAppAppAppResource       
GetDomainsAppUrnietfparamsscimschemasoracleidcsextensionenterpriseAppAppDenyAuthzPolicy        
GetDomainsAppUrnietfparamsscimschemasoracleidcsextensionformFillAppApp      
- Configuration string
- FormFill Application Configuration CLOB which has to be maintained in Form-Fill APP for legacy code to do Form-Fill injection
- FormCred stringMethod 
- Indicates how FormFill obtains the username and password of the account that FormFill will use to sign into the target App.
- FormCredential stringSharing Group Id 
- Credential Sharing Group to which this form-fill application belongs.
- FormFill List<GetUrl Matches Domains App Urnietfparamsscimschemasoracleidcsextensionform Fill App App Form Fill Url Match> 
- A list of application-formURLs that FormFill should match against any formUrl that the user-specifies when signing in to the target service. Each item in the list also indicates how FormFill should interpret that formUrl.
- FormType string
- Type of the FormFill application like WebApplication, MainFrameApplication, WindowsApplication. Initially, we will support only WebApplication.
- RevealPassword boolOn Form 
- If true, indicates that system is allowed to show the password in plain-text for this account after re-authentication.
- SyncFrom boolTemplate 
- If true, indicates that each of the Form-Fill-related attributes that can be inherited from the template actually will be inherited from the template. If false, indicates that the AppTemplate disabled inheritance for these Form-Fill-related attributes.
- UserName stringForm Expression 
- Indicates the custom expression, which can combine concat and substring operations with literals and with any attribute of the Oracle Identity Cloud Service User
- UserName stringForm Template 
- Format for generating a username. This value can be Username or Email Address; any other value will be treated as a custom expression. A custom expression may combine 'concat' and 'substring' operations with literals and with any attribute of the Oracle Identity Cloud Service user.
- Configuration string
- FormFill Application Configuration CLOB which has to be maintained in Form-Fill APP for legacy code to do Form-Fill injection
- FormCred stringMethod 
- Indicates how FormFill obtains the username and password of the account that FormFill will use to sign into the target App.
- FormCredential stringSharing Group Id 
- Credential Sharing Group to which this form-fill application belongs.
- FormFill []GetUrl Matches Domains App Urnietfparamsscimschemasoracleidcsextensionform Fill App App Form Fill Url Match 
- A list of application-formURLs that FormFill should match against any formUrl that the user-specifies when signing in to the target service. Each item in the list also indicates how FormFill should interpret that formUrl.
- FormType string
- Type of the FormFill application like WebApplication, MainFrameApplication, WindowsApplication. Initially, we will support only WebApplication.
- RevealPassword boolOn Form 
- If true, indicates that system is allowed to show the password in plain-text for this account after re-authentication.
- SyncFrom boolTemplate 
- If true, indicates that each of the Form-Fill-related attributes that can be inherited from the template actually will be inherited from the template. If false, indicates that the AppTemplate disabled inheritance for these Form-Fill-related attributes.
- UserName stringForm Expression 
- Indicates the custom expression, which can combine concat and substring operations with literals and with any attribute of the Oracle Identity Cloud Service User
- UserName stringForm Template 
- Format for generating a username. This value can be Username or Email Address; any other value will be treated as a custom expression. A custom expression may combine 'concat' and 'substring' operations with literals and with any attribute of the Oracle Identity Cloud Service user.
- configuration String
- FormFill Application Configuration CLOB which has to be maintained in Form-Fill APP for legacy code to do Form-Fill injection
- formCred StringMethod 
- Indicates how FormFill obtains the username and password of the account that FormFill will use to sign into the target App.
- formCredential StringSharing Group Id 
- Credential Sharing Group to which this form-fill application belongs.
- formFill List<GetUrl Matches Domains App Urnietfparamsscimschemasoracleidcsextensionform Fill App App Form Fill Url Match> 
- A list of application-formURLs that FormFill should match against any formUrl that the user-specifies when signing in to the target service. Each item in the list also indicates how FormFill should interpret that formUrl.
- formType String
- Type of the FormFill application like WebApplication, MainFrameApplication, WindowsApplication. Initially, we will support only WebApplication.
- revealPassword BooleanOn Form 
- If true, indicates that system is allowed to show the password in plain-text for this account after re-authentication.
- syncFrom BooleanTemplate 
- If true, indicates that each of the Form-Fill-related attributes that can be inherited from the template actually will be inherited from the template. If false, indicates that the AppTemplate disabled inheritance for these Form-Fill-related attributes.
- userName StringForm Expression 
- Indicates the custom expression, which can combine concat and substring operations with literals and with any attribute of the Oracle Identity Cloud Service User
- userName StringForm Template 
- Format for generating a username. This value can be Username or Email Address; any other value will be treated as a custom expression. A custom expression may combine 'concat' and 'substring' operations with literals and with any attribute of the Oracle Identity Cloud Service user.
- configuration string
- FormFill Application Configuration CLOB which has to be maintained in Form-Fill APP for legacy code to do Form-Fill injection
- formCred stringMethod 
- Indicates how FormFill obtains the username and password of the account that FormFill will use to sign into the target App.
- formCredential stringSharing Group Id 
- Credential Sharing Group to which this form-fill application belongs.
- formFill GetUrl Matches Domains App Urnietfparamsscimschemasoracleidcsextensionform Fill App App Form Fill Url Match[] 
- A list of application-formURLs that FormFill should match against any formUrl that the user-specifies when signing in to the target service. Each item in the list also indicates how FormFill should interpret that formUrl.
- formType string
- Type of the FormFill application like WebApplication, MainFrameApplication, WindowsApplication. Initially, we will support only WebApplication.
- revealPassword booleanOn Form 
- If true, indicates that system is allowed to show the password in plain-text for this account after re-authentication.
- syncFrom booleanTemplate 
- If true, indicates that each of the Form-Fill-related attributes that can be inherited from the template actually will be inherited from the template. If false, indicates that the AppTemplate disabled inheritance for these Form-Fill-related attributes.
- userName stringForm Expression 
- Indicates the custom expression, which can combine concat and substring operations with literals and with any attribute of the Oracle Identity Cloud Service User
- userName stringForm Template 
- Format for generating a username. This value can be Username or Email Address; any other value will be treated as a custom expression. A custom expression may combine 'concat' and 'substring' operations with literals and with any attribute of the Oracle Identity Cloud Service user.
- configuration str
- FormFill Application Configuration CLOB which has to be maintained in Form-Fill APP for legacy code to do Form-Fill injection
- form_cred_ strmethod 
- Indicates how FormFill obtains the username and password of the account that FormFill will use to sign into the target App.
- form_credential_ strsharing_ group_ id 
- Credential Sharing Group to which this form-fill application belongs.
- form_fill_ Sequence[Geturl_ matches Domains App Urnietfparamsscimschemasoracleidcsextensionform Fill App App Form Fill Url Match] 
- A list of application-formURLs that FormFill should match against any formUrl that the user-specifies when signing in to the target service. Each item in the list also indicates how FormFill should interpret that formUrl.
- form_type str
- Type of the FormFill application like WebApplication, MainFrameApplication, WindowsApplication. Initially, we will support only WebApplication.
- reveal_password_ boolon_ form 
- If true, indicates that system is allowed to show the password in plain-text for this account after re-authentication.
- sync_from_ booltemplate 
- If true, indicates that each of the Form-Fill-related attributes that can be inherited from the template actually will be inherited from the template. If false, indicates that the AppTemplate disabled inheritance for these Form-Fill-related attributes.
- user_name_ strform_ expression 
- Indicates the custom expression, which can combine concat and substring operations with literals and with any attribute of the Oracle Identity Cloud Service User
- user_name_ strform_ template 
- Format for generating a username. This value can be Username or Email Address; any other value will be treated as a custom expression. A custom expression may combine 'concat' and 'substring' operations with literals and with any attribute of the Oracle Identity Cloud Service user.
- configuration String
- FormFill Application Configuration CLOB which has to be maintained in Form-Fill APP for legacy code to do Form-Fill injection
- formCred StringMethod 
- Indicates how FormFill obtains the username and password of the account that FormFill will use to sign into the target App.
- formCredential StringSharing Group Id 
- Credential Sharing Group to which this form-fill application belongs.
- formFill List<Property Map>Url Matches 
- A list of application-formURLs that FormFill should match against any formUrl that the user-specifies when signing in to the target service. Each item in the list also indicates how FormFill should interpret that formUrl.
- formType String
- Type of the FormFill application like WebApplication, MainFrameApplication, WindowsApplication. Initially, we will support only WebApplication.
- revealPassword BooleanOn Form 
- If true, indicates that system is allowed to show the password in plain-text for this account after re-authentication.
- syncFrom BooleanTemplate 
- If true, indicates that each of the Form-Fill-related attributes that can be inherited from the template actually will be inherited from the template. If false, indicates that the AppTemplate disabled inheritance for these Form-Fill-related attributes.
- userName StringForm Expression 
- Indicates the custom expression, which can combine concat and substring operations with literals and with any attribute of the Oracle Identity Cloud Service User
- userName StringForm Template 
- Format for generating a username. This value can be Username or Email Address; any other value will be treated as a custom expression. A custom expression may combine 'concat' and 'substring' operations with literals and with any attribute of the Oracle Identity Cloud Service user.
GetDomainsAppUrnietfparamsscimschemasoracleidcsextensionformFillAppAppFormFillUrlMatch          
- FormUrl string
- An application formUrl that FormFill will match against any formUrl that a User enters in trying to access the target-service which this App represents.
- FormUrl stringMatch Type 
- Indicates how to interpret the value of 'formUrl' when matching against a user-specified formUrl. The system currently supports only 'Exact', which indicates that the value of 'formUrl' should be treated as a literal value.
- FormUrl string
- An application formUrl that FormFill will match against any formUrl that a User enters in trying to access the target-service which this App represents.
- FormUrl stringMatch Type 
- Indicates how to interpret the value of 'formUrl' when matching against a user-specified formUrl. The system currently supports only 'Exact', which indicates that the value of 'formUrl' should be treated as a literal value.
- formUrl String
- An application formUrl that FormFill will match against any formUrl that a User enters in trying to access the target-service which this App represents.
- formUrl StringMatch Type 
- Indicates how to interpret the value of 'formUrl' when matching against a user-specified formUrl. The system currently supports only 'Exact', which indicates that the value of 'formUrl' should be treated as a literal value.
- formUrl string
- An application formUrl that FormFill will match against any formUrl that a User enters in trying to access the target-service which this App represents.
- formUrl stringMatch Type 
- Indicates how to interpret the value of 'formUrl' when matching against a user-specified formUrl. The system currently supports only 'Exact', which indicates that the value of 'formUrl' should be treated as a literal value.
- form_url str
- An application formUrl that FormFill will match against any formUrl that a User enters in trying to access the target-service which this App represents.
- form_url_ strmatch_ type 
- Indicates how to interpret the value of 'formUrl' when matching against a user-specified formUrl. The system currently supports only 'Exact', which indicates that the value of 'formUrl' should be treated as a literal value.
- formUrl String
- An application formUrl that FormFill will match against any formUrl that a User enters in trying to access the target-service which this App represents.
- formUrl StringMatch Type 
- Indicates how to interpret the value of 'formUrl' when matching against a user-specified formUrl. The system currently supports only 'Exact', which indicates that the value of 'formUrl' should be treated as a literal value.
GetDomainsAppUrnietfparamsscimschemasoracleidcsextensionformFillAppTemplateAppTemplate        
- Configuration string
- FormFill Application Configuration CLOB which has to be maintained in Form-Fill APP for legacy code to do Form-Fill injection
- FormCred stringMethod 
- Indicates how FormFill obtains the username and password of the account that FormFill will use to sign into the target App.
- FormCredential stringSharing Group Id 
- Credential Sharing Group to which this form-fill application belongs.
- FormFill List<GetUrl Matches Domains App Urnietfparamsscimschemasoracleidcsextensionform Fill App Template App Template Form Fill Url Match> 
- A list of application-formURLs that FormFill should match against any formUrl that the user-specifies when signing in to the target service. Each item in the list also indicates how FormFill should interpret that formUrl.
- FormType string
- Type of the FormFill application like WebApplication, MainFrameApplication, WindowsApplication. Initially, we will support only WebApplication.
- RevealPassword boolOn Form 
- If true, indicates that system is allowed to show the password in plain-text for this account after re-authentication.
- SyncFrom boolTemplate 
- If true, indicates that each of the Form-Fill-related attributes that can be inherited from the template actually will be inherited from the template. If false, indicates that the AppTemplate disabled inheritance for these Form-Fill-related attributes.
- UserName stringForm Expression 
- Indicates the custom expression, which can combine concat and substring operations with literals and with any attribute of the Oracle Identity Cloud Service User
- UserName stringForm Template 
- Format for generating a username. This value can be Username or Email Address; any other value will be treated as a custom expression. A custom expression may combine 'concat' and 'substring' operations with literals and with any attribute of the Oracle Identity Cloud Service user.
- Configuration string
- FormFill Application Configuration CLOB which has to be maintained in Form-Fill APP for legacy code to do Form-Fill injection
- FormCred stringMethod 
- Indicates how FormFill obtains the username and password of the account that FormFill will use to sign into the target App.
- FormCredential stringSharing Group Id 
- Credential Sharing Group to which this form-fill application belongs.
- FormFill []GetUrl Matches Domains App Urnietfparamsscimschemasoracleidcsextensionform Fill App Template App Template Form Fill Url Match 
- A list of application-formURLs that FormFill should match against any formUrl that the user-specifies when signing in to the target service. Each item in the list also indicates how FormFill should interpret that formUrl.
- FormType string
- Type of the FormFill application like WebApplication, MainFrameApplication, WindowsApplication. Initially, we will support only WebApplication.
- RevealPassword boolOn Form 
- If true, indicates that system is allowed to show the password in plain-text for this account after re-authentication.
- SyncFrom boolTemplate 
- If true, indicates that each of the Form-Fill-related attributes that can be inherited from the template actually will be inherited from the template. If false, indicates that the AppTemplate disabled inheritance for these Form-Fill-related attributes.
- UserName stringForm Expression 
- Indicates the custom expression, which can combine concat and substring operations with literals and with any attribute of the Oracle Identity Cloud Service User
- UserName stringForm Template 
- Format for generating a username. This value can be Username or Email Address; any other value will be treated as a custom expression. A custom expression may combine 'concat' and 'substring' operations with literals and with any attribute of the Oracle Identity Cloud Service user.
- configuration String
- FormFill Application Configuration CLOB which has to be maintained in Form-Fill APP for legacy code to do Form-Fill injection
- formCred StringMethod 
- Indicates how FormFill obtains the username and password of the account that FormFill will use to sign into the target App.
- formCredential StringSharing Group Id 
- Credential Sharing Group to which this form-fill application belongs.
- formFill List<GetUrl Matches Domains App Urnietfparamsscimschemasoracleidcsextensionform Fill App Template App Template Form Fill Url Match> 
- A list of application-formURLs that FormFill should match against any formUrl that the user-specifies when signing in to the target service. Each item in the list also indicates how FormFill should interpret that formUrl.
- formType String
- Type of the FormFill application like WebApplication, MainFrameApplication, WindowsApplication. Initially, we will support only WebApplication.
- revealPassword BooleanOn Form 
- If true, indicates that system is allowed to show the password in plain-text for this account after re-authentication.
- syncFrom BooleanTemplate 
- If true, indicates that each of the Form-Fill-related attributes that can be inherited from the template actually will be inherited from the template. If false, indicates that the AppTemplate disabled inheritance for these Form-Fill-related attributes.
- userName StringForm Expression 
- Indicates the custom expression, which can combine concat and substring operations with literals and with any attribute of the Oracle Identity Cloud Service User
- userName StringForm Template 
- Format for generating a username. This value can be Username or Email Address; any other value will be treated as a custom expression. A custom expression may combine 'concat' and 'substring' operations with literals and with any attribute of the Oracle Identity Cloud Service user.
- configuration string
- FormFill Application Configuration CLOB which has to be maintained in Form-Fill APP for legacy code to do Form-Fill injection
- formCred stringMethod 
- Indicates how FormFill obtains the username and password of the account that FormFill will use to sign into the target App.
- formCredential stringSharing Group Id 
- Credential Sharing Group to which this form-fill application belongs.
- formFill GetUrl Matches Domains App Urnietfparamsscimschemasoracleidcsextensionform Fill App Template App Template Form Fill Url Match[] 
- A list of application-formURLs that FormFill should match against any formUrl that the user-specifies when signing in to the target service. Each item in the list also indicates how FormFill should interpret that formUrl.
- formType string
- Type of the FormFill application like WebApplication, MainFrameApplication, WindowsApplication. Initially, we will support only WebApplication.
- revealPassword booleanOn Form 
- If true, indicates that system is allowed to show the password in plain-text for this account after re-authentication.
- syncFrom booleanTemplate 
- If true, indicates that each of the Form-Fill-related attributes that can be inherited from the template actually will be inherited from the template. If false, indicates that the AppTemplate disabled inheritance for these Form-Fill-related attributes.
- userName stringForm Expression 
- Indicates the custom expression, which can combine concat and substring operations with literals and with any attribute of the Oracle Identity Cloud Service User
- userName stringForm Template 
- Format for generating a username. This value can be Username or Email Address; any other value will be treated as a custom expression. A custom expression may combine 'concat' and 'substring' operations with literals and with any attribute of the Oracle Identity Cloud Service user.
- configuration str
- FormFill Application Configuration CLOB which has to be maintained in Form-Fill APP for legacy code to do Form-Fill injection
- form_cred_ strmethod 
- Indicates how FormFill obtains the username and password of the account that FormFill will use to sign into the target App.
- form_credential_ strsharing_ group_ id 
- Credential Sharing Group to which this form-fill application belongs.
- form_fill_ Sequence[Geturl_ matches Domains App Urnietfparamsscimschemasoracleidcsextensionform Fill App Template App Template Form Fill Url Match] 
- A list of application-formURLs that FormFill should match against any formUrl that the user-specifies when signing in to the target service. Each item in the list also indicates how FormFill should interpret that formUrl.
- form_type str
- Type of the FormFill application like WebApplication, MainFrameApplication, WindowsApplication. Initially, we will support only WebApplication.
- reveal_password_ boolon_ form 
- If true, indicates that system is allowed to show the password in plain-text for this account after re-authentication.
- sync_from_ booltemplate 
- If true, indicates that each of the Form-Fill-related attributes that can be inherited from the template actually will be inherited from the template. If false, indicates that the AppTemplate disabled inheritance for these Form-Fill-related attributes.
- user_name_ strform_ expression 
- Indicates the custom expression, which can combine concat and substring operations with literals and with any attribute of the Oracle Identity Cloud Service User
- user_name_ strform_ template 
- Format for generating a username. This value can be Username or Email Address; any other value will be treated as a custom expression. A custom expression may combine 'concat' and 'substring' operations with literals and with any attribute of the Oracle Identity Cloud Service user.
- configuration String
- FormFill Application Configuration CLOB which has to be maintained in Form-Fill APP for legacy code to do Form-Fill injection
- formCred StringMethod 
- Indicates how FormFill obtains the username and password of the account that FormFill will use to sign into the target App.
- formCredential StringSharing Group Id 
- Credential Sharing Group to which this form-fill application belongs.
- formFill List<Property Map>Url Matches 
- A list of application-formURLs that FormFill should match against any formUrl that the user-specifies when signing in to the target service. Each item in the list also indicates how FormFill should interpret that formUrl.
- formType String
- Type of the FormFill application like WebApplication, MainFrameApplication, WindowsApplication. Initially, we will support only WebApplication.
- revealPassword BooleanOn Form 
- If true, indicates that system is allowed to show the password in plain-text for this account after re-authentication.
- syncFrom BooleanTemplate 
- If true, indicates that each of the Form-Fill-related attributes that can be inherited from the template actually will be inherited from the template. If false, indicates that the AppTemplate disabled inheritance for these Form-Fill-related attributes.
- userName StringForm Expression 
- Indicates the custom expression, which can combine concat and substring operations with literals and with any attribute of the Oracle Identity Cloud Service User
- userName StringForm Template 
- Format for generating a username. This value can be Username or Email Address; any other value will be treated as a custom expression. A custom expression may combine 'concat' and 'substring' operations with literals and with any attribute of the Oracle Identity Cloud Service user.
GetDomainsAppUrnietfparamsscimschemasoracleidcsextensionformFillAppTemplateAppTemplateFormFillUrlMatch            
- FormUrl string
- An application formUrl that FormFill will match against any formUrl that a User enters in trying to access the target-service which this App represents.
- FormUrl stringMatch Type 
- Indicates how to interpret the value of 'formUrl' when matching against a user-specified formUrl. The system currently supports only 'Exact', which indicates that the value of 'formUrl' should be treated as a literal value.
- FormUrl string
- An application formUrl that FormFill will match against any formUrl that a User enters in trying to access the target-service which this App represents.
- FormUrl stringMatch Type 
- Indicates how to interpret the value of 'formUrl' when matching against a user-specified formUrl. The system currently supports only 'Exact', which indicates that the value of 'formUrl' should be treated as a literal value.
- formUrl String
- An application formUrl that FormFill will match against any formUrl that a User enters in trying to access the target-service which this App represents.
- formUrl StringMatch Type 
- Indicates how to interpret the value of 'formUrl' when matching against a user-specified formUrl. The system currently supports only 'Exact', which indicates that the value of 'formUrl' should be treated as a literal value.
- formUrl string
- An application formUrl that FormFill will match against any formUrl that a User enters in trying to access the target-service which this App represents.
- formUrl stringMatch Type 
- Indicates how to interpret the value of 'formUrl' when matching against a user-specified formUrl. The system currently supports only 'Exact', which indicates that the value of 'formUrl' should be treated as a literal value.
- form_url str
- An application formUrl that FormFill will match against any formUrl that a User enters in trying to access the target-service which this App represents.
- form_url_ strmatch_ type 
- Indicates how to interpret the value of 'formUrl' when matching against a user-specified formUrl. The system currently supports only 'Exact', which indicates that the value of 'formUrl' should be treated as a literal value.
- formUrl String
- An application formUrl that FormFill will match against any formUrl that a User enters in trying to access the target-service which this App represents.
- formUrl StringMatch Type 
- Indicates how to interpret the value of 'formUrl' when matching against a user-specified formUrl. The system currently supports only 'Exact', which indicates that the value of 'formUrl' should be treated as a literal value.
GetDomainsAppUrnietfparamsscimschemasoracleidcsextensionkerberosRealmApp     
- DefaultEncryption stringSalt Type 
- The type of salt that the system will use to encrypt Kerberos-specific artifacts of this App unless another type of salt is specified.
- MasterKey string
- The primary key that the system should use to encrypt artifacts that are specific to this Kerberos realm -- for example, to encrypt the Principal Key in each KerberosRealmUser.
- MaxRenewable intAge 
- Max Renewable Age in seconds
- MaxTicket intLife 
- Max Ticket Life in seconds
- RealmName string
- The name of the Kerberos Realm that this App uses for authentication.
- SupportedEncryption List<string>Salt Types 
- The types of salt that are available for the system to use when encrypting Kerberos-specific artifacts for this App.
- TicketFlags int
- Ticket Flags
- DefaultEncryption stringSalt Type 
- The type of salt that the system will use to encrypt Kerberos-specific artifacts of this App unless another type of salt is specified.
- MasterKey string
- The primary key that the system should use to encrypt artifacts that are specific to this Kerberos realm -- for example, to encrypt the Principal Key in each KerberosRealmUser.
- MaxRenewable intAge 
- Max Renewable Age in seconds
- MaxTicket intLife 
- Max Ticket Life in seconds
- RealmName string
- The name of the Kerberos Realm that this App uses for authentication.
- SupportedEncryption []stringSalt Types 
- The types of salt that are available for the system to use when encrypting Kerberos-specific artifacts for this App.
- TicketFlags int
- Ticket Flags
- defaultEncryption StringSalt Type 
- The type of salt that the system will use to encrypt Kerberos-specific artifacts of this App unless another type of salt is specified.
- masterKey String
- The primary key that the system should use to encrypt artifacts that are specific to this Kerberos realm -- for example, to encrypt the Principal Key in each KerberosRealmUser.
- maxRenewable IntegerAge 
- Max Renewable Age in seconds
- maxTicket IntegerLife 
- Max Ticket Life in seconds
- realmName String
- The name of the Kerberos Realm that this App uses for authentication.
- supportedEncryption List<String>Salt Types 
- The types of salt that are available for the system to use when encrypting Kerberos-specific artifacts for this App.
- ticketFlags Integer
- Ticket Flags
- defaultEncryption stringSalt Type 
- The type of salt that the system will use to encrypt Kerberos-specific artifacts of this App unless another type of salt is specified.
- masterKey string
- The primary key that the system should use to encrypt artifacts that are specific to this Kerberos realm -- for example, to encrypt the Principal Key in each KerberosRealmUser.
- maxRenewable numberAge 
- Max Renewable Age in seconds
- maxTicket numberLife 
- Max Ticket Life in seconds
- realmName string
- The name of the Kerberos Realm that this App uses for authentication.
- supportedEncryption string[]Salt Types 
- The types of salt that are available for the system to use when encrypting Kerberos-specific artifacts for this App.
- ticketFlags number
- Ticket Flags
- default_encryption_ strsalt_ type 
- The type of salt that the system will use to encrypt Kerberos-specific artifacts of this App unless another type of salt is specified.
- master_key str
- The primary key that the system should use to encrypt artifacts that are specific to this Kerberos realm -- for example, to encrypt the Principal Key in each KerberosRealmUser.
- max_renewable_ intage 
- Max Renewable Age in seconds
- max_ticket_ intlife 
- Max Ticket Life in seconds
- realm_name str
- The name of the Kerberos Realm that this App uses for authentication.
- supported_encryption_ Sequence[str]salt_ types 
- The types of salt that are available for the system to use when encrypting Kerberos-specific artifacts for this App.
- ticket_flags int
- Ticket Flags
- defaultEncryption StringSalt Type 
- The type of salt that the system will use to encrypt Kerberos-specific artifacts of this App unless another type of salt is specified.
- masterKey String
- The primary key that the system should use to encrypt artifacts that are specific to this Kerberos realm -- for example, to encrypt the Principal Key in each KerberosRealmUser.
- maxRenewable NumberAge 
- Max Renewable Age in seconds
- maxTicket NumberLife 
- Max Ticket Life in seconds
- realmName String
- The name of the Kerberos Realm that this App uses for authentication.
- supportedEncryption List<String>Salt Types 
- The types of salt that are available for the system to use when encrypting Kerberos-specific artifacts for this App.
- ticketFlags Number
- Ticket Flags
GetDomainsAppUrnietfparamsscimschemasoracleidcsextensionmanagedappApp    
- AccountForm boolVisible 
- If true, then the account form will be displayed in the Oracle Identity Cloud Service UI to interactively create or update an account for this App. If a value is not specified for this attribute, a default value of "false" will be assumed as the value for this attribute.
- AdminConsent boolGranted 
- If true, admin has granted consent to perform managed app run-time operations.
- BundleConfiguration List<GetProperties Domains App Urnietfparamsscimschemasoracleidcsextensionmanagedapp App Bundle Configuration Property> 
- ConnectorBundle configuration properties
- BundlePool List<GetConfigurations Domains App Urnietfparamsscimschemasoracleidcsextensionmanagedapp App Bundle Pool Configuration> 
- Configurable options maintaining a pool of ICF connector instances. Values for sub attributes can be set only if the ConnectorBundle referenced in the App has connectorPoolingSupported set to true
- bool
- If true, the managed app can be authoritative.
- Connected bool
- If true, the accounts of the application are managed through an ICF connector bundle
- ConnectorBundles List<GetDomains App Urnietfparamsscimschemasoracleidcsextensionmanagedapp App Connector Bundle> 
- ConnectorBundle
- EnableAuth boolSync New User Notification 
- If true, send activation email to new users created from authoritative sync.
- EnableSync bool
- If true, sync run-time operations are enabled for this App.
- EnableSync boolSummary Report Notification 
- If true, send sync summary as notification upon job completion.
- FlatFile List<GetBundle Configuration Properties Domains App Urnietfparamsscimschemasoracleidcsextensionmanagedapp App Flat File Bundle Configuration Property> 
- Flat file connector bundle configuration properties
- FlatFile List<GetConnector Bundles Domains App Urnietfparamsscimschemasoracleidcsextensionmanagedapp App Flat File Connector Bundle> 
- Flat file connector bundle to sync from a flat file.
- IdentityBridges List<GetDomains App Urnietfparamsscimschemasoracleidcsextensionmanagedapp App Identity Bridge> 
- IdentityBridges associated with this App
- bool
- If true, sync from the managed app will be performed as authoritative sync.
- IsDirectory bool
- If true, the managed app is a directory.
- IsOn boolPremise App 
- If true, the managed app is an On-Premise app.
- IsSchema boolCustomization Supported 
- If true, the managed app supports schema customization.
- IsSchema boolDiscovery Supported 
- If true, the managed app supports schema discovery.
- IsThree boolLegged Oauth Enabled 
- If true, the managed app requires 3-legged OAuth for authorization.
- IsTwo boolLegged Oauth Enabled 
- If true, indicates that Oracle Identity Cloud Service can use two-legged OAuth to connect to this ManagedApp.
- ObjectClasses List<GetDomains App Urnietfparamsscimschemasoracleidcsextensionmanagedapp App Object Class> 
- Object classes
- SyncConfig stringLast Modified 
- The most recent DateTime that the configuration of this App was updated. AppServices updates this timestamp whenever AppServices updates an App's configuration with respect to synchronization.
- ThreeLegged List<GetOauth Credentials Domains App Urnietfparamsscimschemasoracleidcsextensionmanagedapp App Three Legged Oauth Credential> 
- The value of this attribute persists any OAuth access token that the system uses to connect to this ManagedApp. The system obtains this access token using an OAuth protocol flow that could be two-legged or three-legged. A two-legged flow involves only the requester and the server. A three-legged flow also requires the consent of a user -- in this case the consent of an administrator.
- ThreeLegged stringOauth Provider Name 
- Three legged OAuth provider name in Oracle Identity Cloud Service.
- AccountForm boolVisible 
- If true, then the account form will be displayed in the Oracle Identity Cloud Service UI to interactively create or update an account for this App. If a value is not specified for this attribute, a default value of "false" will be assumed as the value for this attribute.
- AdminConsent boolGranted 
- If true, admin has granted consent to perform managed app run-time operations.
- BundleConfiguration []GetProperties Domains App Urnietfparamsscimschemasoracleidcsextensionmanagedapp App Bundle Configuration Property 
- ConnectorBundle configuration properties
- BundlePool []GetConfigurations Domains App Urnietfparamsscimschemasoracleidcsextensionmanagedapp App Bundle Pool Configuration 
- Configurable options maintaining a pool of ICF connector instances. Values for sub attributes can be set only if the ConnectorBundle referenced in the App has connectorPoolingSupported set to true
- bool
- If true, the managed app can be authoritative.
- Connected bool
- If true, the accounts of the application are managed through an ICF connector bundle
- ConnectorBundles []GetDomains App Urnietfparamsscimschemasoracleidcsextensionmanagedapp App Connector Bundle 
- ConnectorBundle
- EnableAuth boolSync New User Notification 
- If true, send activation email to new users created from authoritative sync.
- EnableSync bool
- If true, sync run-time operations are enabled for this App.
- EnableSync boolSummary Report Notification 
- If true, send sync summary as notification upon job completion.
- FlatFile []GetBundle Configuration Properties Domains App Urnietfparamsscimschemasoracleidcsextensionmanagedapp App Flat File Bundle Configuration Property 
- Flat file connector bundle configuration properties
- FlatFile []GetConnector Bundles Domains App Urnietfparamsscimschemasoracleidcsextensionmanagedapp App Flat File Connector Bundle 
- Flat file connector bundle to sync from a flat file.
- IdentityBridges []GetDomains App Urnietfparamsscimschemasoracleidcsextensionmanagedapp App Identity Bridge 
- IdentityBridges associated with this App
- bool
- If true, sync from the managed app will be performed as authoritative sync.
- IsDirectory bool
- If true, the managed app is a directory.
- IsOn boolPremise App 
- If true, the managed app is an On-Premise app.
- IsSchema boolCustomization Supported 
- If true, the managed app supports schema customization.
- IsSchema boolDiscovery Supported 
- If true, the managed app supports schema discovery.
- IsThree boolLegged Oauth Enabled 
- If true, the managed app requires 3-legged OAuth for authorization.
- IsTwo boolLegged Oauth Enabled 
- If true, indicates that Oracle Identity Cloud Service can use two-legged OAuth to connect to this ManagedApp.
- ObjectClasses []GetDomains App Urnietfparamsscimschemasoracleidcsextensionmanagedapp App Object Class 
- Object classes
- SyncConfig stringLast Modified 
- The most recent DateTime that the configuration of this App was updated. AppServices updates this timestamp whenever AppServices updates an App's configuration with respect to synchronization.
- ThreeLegged []GetOauth Credentials Domains App Urnietfparamsscimschemasoracleidcsextensionmanagedapp App Three Legged Oauth Credential 
- The value of this attribute persists any OAuth access token that the system uses to connect to this ManagedApp. The system obtains this access token using an OAuth protocol flow that could be two-legged or three-legged. A two-legged flow involves only the requester and the server. A three-legged flow also requires the consent of a user -- in this case the consent of an administrator.
- ThreeLegged stringOauth Provider Name 
- Three legged OAuth provider name in Oracle Identity Cloud Service.
- accountForm BooleanVisible 
- If true, then the account form will be displayed in the Oracle Identity Cloud Service UI to interactively create or update an account for this App. If a value is not specified for this attribute, a default value of "false" will be assumed as the value for this attribute.
- adminConsent BooleanGranted 
- If true, admin has granted consent to perform managed app run-time operations.
- bundleConfiguration List<GetProperties Domains App Urnietfparamsscimschemasoracleidcsextensionmanagedapp App Bundle Configuration Property> 
- ConnectorBundle configuration properties
- bundlePool List<GetConfigurations Domains App Urnietfparamsscimschemasoracleidcsextensionmanagedapp App Bundle Pool Configuration> 
- Configurable options maintaining a pool of ICF connector instances. Values for sub attributes can be set only if the ConnectorBundle referenced in the App has connectorPoolingSupported set to true
- Boolean
- If true, the managed app can be authoritative.
- connected Boolean
- If true, the accounts of the application are managed through an ICF connector bundle
- connectorBundles List<GetDomains App Urnietfparamsscimschemasoracleidcsextensionmanagedapp App Connector Bundle> 
- ConnectorBundle
- enableAuth BooleanSync New User Notification 
- If true, send activation email to new users created from authoritative sync.
- enableSync Boolean
- If true, sync run-time operations are enabled for this App.
- enableSync BooleanSummary Report Notification 
- If true, send sync summary as notification upon job completion.
- flatFile List<GetBundle Configuration Properties Domains App Urnietfparamsscimschemasoracleidcsextensionmanagedapp App Flat File Bundle Configuration Property> 
- Flat file connector bundle configuration properties
- flatFile List<GetConnector Bundles Domains App Urnietfparamsscimschemasoracleidcsextensionmanagedapp App Flat File Connector Bundle> 
- Flat file connector bundle to sync from a flat file.
- identityBridges List<GetDomains App Urnietfparamsscimschemasoracleidcsextensionmanagedapp App Bridge> 
- IdentityBridges associated with this App
- Boolean
- If true, sync from the managed app will be performed as authoritative sync.
- isDirectory Boolean
- If true, the managed app is a directory.
- isOn BooleanPremise App 
- If true, the managed app is an On-Premise app.
- isSchema BooleanCustomization Supported 
- If true, the managed app supports schema customization.
- isSchema BooleanDiscovery Supported 
- If true, the managed app supports schema discovery.
- isThree BooleanLegged Oauth Enabled 
- If true, the managed app requires 3-legged OAuth for authorization.
- isTwo BooleanLegged Oauth Enabled 
- If true, indicates that Oracle Identity Cloud Service can use two-legged OAuth to connect to this ManagedApp.
- objectClasses List<GetDomains App Urnietfparamsscimschemasoracleidcsextensionmanagedapp App Object Class> 
- Object classes
- syncConfig StringLast Modified 
- The most recent DateTime that the configuration of this App was updated. AppServices updates this timestamp whenever AppServices updates an App's configuration with respect to synchronization.
- threeLegged List<GetOauth Credentials Domains App Urnietfparamsscimschemasoracleidcsextensionmanagedapp App Three Legged Oauth Credential> 
- The value of this attribute persists any OAuth access token that the system uses to connect to this ManagedApp. The system obtains this access token using an OAuth protocol flow that could be two-legged or three-legged. A two-legged flow involves only the requester and the server. A three-legged flow also requires the consent of a user -- in this case the consent of an administrator.
- threeLegged StringOauth Provider Name 
- Three legged OAuth provider name in Oracle Identity Cloud Service.
- accountForm booleanVisible 
- If true, then the account form will be displayed in the Oracle Identity Cloud Service UI to interactively create or update an account for this App. If a value is not specified for this attribute, a default value of "false" will be assumed as the value for this attribute.
- adminConsent booleanGranted 
- If true, admin has granted consent to perform managed app run-time operations.
- bundleConfiguration GetProperties Domains App Urnietfparamsscimschemasoracleidcsextensionmanagedapp App Bundle Configuration Property[] 
- ConnectorBundle configuration properties
- bundlePool GetConfigurations Domains App Urnietfparamsscimschemasoracleidcsextensionmanagedapp App Bundle Pool Configuration[] 
- Configurable options maintaining a pool of ICF connector instances. Values for sub attributes can be set only if the ConnectorBundle referenced in the App has connectorPoolingSupported set to true
- boolean
- If true, the managed app can be authoritative.
- connected boolean
- If true, the accounts of the application are managed through an ICF connector bundle
- connectorBundles GetDomains App Urnietfparamsscimschemasoracleidcsextensionmanagedapp App Connector Bundle[] 
- ConnectorBundle
- enableAuth booleanSync New User Notification 
- If true, send activation email to new users created from authoritative sync.
- enableSync boolean
- If true, sync run-time operations are enabled for this App.
- enableSync booleanSummary Report Notification 
- If true, send sync summary as notification upon job completion.
- flatFile GetBundle Configuration Properties Domains App Urnietfparamsscimschemasoracleidcsextensionmanagedapp App Flat File Bundle Configuration Property[] 
- Flat file connector bundle configuration properties
- flatFile GetConnector Bundles Domains App Urnietfparamsscimschemasoracleidcsextensionmanagedapp App Flat File Connector Bundle[] 
- Flat file connector bundle to sync from a flat file.
- identityBridges GetDomains App Urnietfparamsscimschemasoracleidcsextensionmanagedapp App Identity Bridge[] 
- IdentityBridges associated with this App
- boolean
- If true, sync from the managed app will be performed as authoritative sync.
- isDirectory boolean
- If true, the managed app is a directory.
- isOn booleanPremise App 
- If true, the managed app is an On-Premise app.
- isSchema booleanCustomization Supported 
- If true, the managed app supports schema customization.
- isSchema booleanDiscovery Supported 
- If true, the managed app supports schema discovery.
- isThree booleanLegged Oauth Enabled 
- If true, the managed app requires 3-legged OAuth for authorization.
- isTwo booleanLegged Oauth Enabled 
- If true, indicates that Oracle Identity Cloud Service can use two-legged OAuth to connect to this ManagedApp.
- objectClasses GetDomains App Urnietfparamsscimschemasoracleidcsextensionmanagedapp App Object Class[] 
- Object classes
- syncConfig stringLast Modified 
- The most recent DateTime that the configuration of this App was updated. AppServices updates this timestamp whenever AppServices updates an App's configuration with respect to synchronization.
- threeLegged GetOauth Credentials Domains App Urnietfparamsscimschemasoracleidcsextensionmanagedapp App Three Legged Oauth Credential[] 
- The value of this attribute persists any OAuth access token that the system uses to connect to this ManagedApp. The system obtains this access token using an OAuth protocol flow that could be two-legged or three-legged. A two-legged flow involves only the requester and the server. A three-legged flow also requires the consent of a user -- in this case the consent of an administrator.
- threeLegged stringOauth Provider Name 
- Three legged OAuth provider name in Oracle Identity Cloud Service.
- account_form_ boolvisible 
- If true, then the account form will be displayed in the Oracle Identity Cloud Service UI to interactively create or update an account for this App. If a value is not specified for this attribute, a default value of "false" will be assumed as the value for this attribute.
- admin_consent_ boolgranted 
- If true, admin has granted consent to perform managed app run-time operations.
- bundle_configuration_ Sequence[Getproperties Domains App Urnietfparamsscimschemasoracleidcsextensionmanagedapp App Bundle Configuration Property] 
- ConnectorBundle configuration properties
- bundle_pool_ Sequence[Getconfigurations Domains App Urnietfparamsscimschemasoracleidcsextensionmanagedapp App Bundle Pool Configuration] 
- Configurable options maintaining a pool of ICF connector instances. Values for sub attributes can be set only if the ConnectorBundle referenced in the App has connectorPoolingSupported set to true
- bool
- If true, the managed app can be authoritative.
- connected bool
- If true, the accounts of the application are managed through an ICF connector bundle
- connector_bundles Sequence[GetDomains App Urnietfparamsscimschemasoracleidcsextensionmanagedapp App Connector Bundle] 
- ConnectorBundle
- enable_auth_ boolsync_ new_ user_ notification 
- If true, send activation email to new users created from authoritative sync.
- enable_sync bool
- If true, sync run-time operations are enabled for this App.
- enable_sync_ boolsummary_ report_ notification 
- If true, send sync summary as notification upon job completion.
- flat_file_ Sequence[Getbundle_ configuration_ properties Domains App Urnietfparamsscimschemasoracleidcsextensionmanagedapp App Flat File Bundle Configuration Property] 
- Flat file connector bundle configuration properties
- flat_file_ Sequence[Getconnector_ bundles Domains App Urnietfparamsscimschemasoracleidcsextensionmanagedapp App Flat File Connector Bundle] 
- Flat file connector bundle to sync from a flat file.
- identity_bridges Sequence[GetDomains App Urnietfparamsscimschemasoracleidcsextensionmanagedapp App Identity Bridge] 
- IdentityBridges associated with this App
- bool
- If true, sync from the managed app will be performed as authoritative sync.
- is_directory bool
- If true, the managed app is a directory.
- is_on_ boolpremise_ app 
- If true, the managed app is an On-Premise app.
- is_schema_ boolcustomization_ supported 
- If true, the managed app supports schema customization.
- is_schema_ booldiscovery_ supported 
- If true, the managed app supports schema discovery.
- is_three_ boollegged_ oauth_ enabled 
- If true, the managed app requires 3-legged OAuth for authorization.
- is_two_ boollegged_ oauth_ enabled 
- If true, indicates that Oracle Identity Cloud Service can use two-legged OAuth to connect to this ManagedApp.
- object_classes Sequence[GetDomains App Urnietfparamsscimschemasoracleidcsextensionmanagedapp App Object Class] 
- Object classes
- sync_config_ strlast_ modified 
- The most recent DateTime that the configuration of this App was updated. AppServices updates this timestamp whenever AppServices updates an App's configuration with respect to synchronization.
- three_legged_ Sequence[Getoauth_ credentials Domains App Urnietfparamsscimschemasoracleidcsextensionmanagedapp App Three Legged Oauth Credential] 
- The value of this attribute persists any OAuth access token that the system uses to connect to this ManagedApp. The system obtains this access token using an OAuth protocol flow that could be two-legged or three-legged. A two-legged flow involves only the requester and the server. A three-legged flow also requires the consent of a user -- in this case the consent of an administrator.
- three_legged_ stroauth_ provider_ name 
- Three legged OAuth provider name in Oracle Identity Cloud Service.
- accountForm BooleanVisible 
- If true, then the account form will be displayed in the Oracle Identity Cloud Service UI to interactively create or update an account for this App. If a value is not specified for this attribute, a default value of "false" will be assumed as the value for this attribute.
- adminConsent BooleanGranted 
- If true, admin has granted consent to perform managed app run-time operations.
- bundleConfiguration List<Property Map>Properties 
- ConnectorBundle configuration properties
- bundlePool List<Property Map>Configurations 
- Configurable options maintaining a pool of ICF connector instances. Values for sub attributes can be set only if the ConnectorBundle referenced in the App has connectorPoolingSupported set to true
- Boolean
- If true, the managed app can be authoritative.
- connected Boolean
- If true, the accounts of the application are managed through an ICF connector bundle
- connectorBundles List<Property Map>
- ConnectorBundle
- enableAuth BooleanSync New User Notification 
- If true, send activation email to new users created from authoritative sync.
- enableSync Boolean
- If true, sync run-time operations are enabled for this App.
- enableSync BooleanSummary Report Notification 
- If true, send sync summary as notification upon job completion.
- flatFile List<Property Map>Bundle Configuration Properties 
- Flat file connector bundle configuration properties
- flatFile List<Property Map>Connector Bundles 
- Flat file connector bundle to sync from a flat file.
- identityBridges List<Property Map>
- IdentityBridges associated with this App
- Boolean
- If true, sync from the managed app will be performed as authoritative sync.
- isDirectory Boolean
- If true, the managed app is a directory.
- isOn BooleanPremise App 
- If true, the managed app is an On-Premise app.
- isSchema BooleanCustomization Supported 
- If true, the managed app supports schema customization.
- isSchema BooleanDiscovery Supported 
- If true, the managed app supports schema discovery.
- isThree BooleanLegged Oauth Enabled 
- If true, the managed app requires 3-legged OAuth for authorization.
- isTwo BooleanLegged Oauth Enabled 
- If true, indicates that Oracle Identity Cloud Service can use two-legged OAuth to connect to this ManagedApp.
- objectClasses List<Property Map>
- Object classes
- syncConfig StringLast Modified 
- The most recent DateTime that the configuration of this App was updated. AppServices updates this timestamp whenever AppServices updates an App's configuration with respect to synchronization.
- threeLegged List<Property Map>Oauth Credentials 
- The value of this attribute persists any OAuth access token that the system uses to connect to this ManagedApp. The system obtains this access token using an OAuth protocol flow that could be two-legged or three-legged. A two-legged flow involves only the requester and the server. A three-legged flow also requires the consent of a user -- in this case the consent of an administrator.
- threeLegged StringOauth Provider Name 
- Three legged OAuth provider name in Oracle Identity Cloud Service.
GetDomainsAppUrnietfparamsscimschemasoracleidcsextensionmanagedappAppBundleConfigurationProperty       
- Confidential bool
- If true, this flatfile bundle configuration property value is confidential and will be encrypted in Oracle Identity Cloud Service. This attribute maps to "isConfidential" attribute in "ConfigurationProperty" in ICF.
- DisplayName string
- Display name of the flatfile bundle configuration property. This attribute maps to "displayName" attribute in "ConfigurationProperty" in ICF.
- HelpMessage string
- Help message of the flatfile bundle configuration property. This attribute maps to "helpMessage" attribute in "ConfigurationProperty" in ICF.
- IcfType string
- ICF data type of flatfile the bundle configuration property. This attribute maps to "type" attribute in "ConfigurationProperty" in ICF.
- Name string
- The attribute represents the name of the attribute that will be used in the Security Assertion Markup Language (SAML) assertion
- Order int
- Display sequence of the bundle configuration property.
- Required bool
- If true, this flatfile bundle configuration property is required to connect to the target connected managed app. This attribute maps to "isRequired" attribute in "ConfigurationProperty" in ICF.
- Values List<string>
- ID of the AppRole.
- Confidential bool
- If true, this flatfile bundle configuration property value is confidential and will be encrypted in Oracle Identity Cloud Service. This attribute maps to "isConfidential" attribute in "ConfigurationProperty" in ICF.
- DisplayName string
- Display name of the flatfile bundle configuration property. This attribute maps to "displayName" attribute in "ConfigurationProperty" in ICF.
- HelpMessage string
- Help message of the flatfile bundle configuration property. This attribute maps to "helpMessage" attribute in "ConfigurationProperty" in ICF.
- IcfType string
- ICF data type of flatfile the bundle configuration property. This attribute maps to "type" attribute in "ConfigurationProperty" in ICF.
- Name string
- The attribute represents the name of the attribute that will be used in the Security Assertion Markup Language (SAML) assertion
- Order int
- Display sequence of the bundle configuration property.
- Required bool
- If true, this flatfile bundle configuration property is required to connect to the target connected managed app. This attribute maps to "isRequired" attribute in "ConfigurationProperty" in ICF.
- Values []string
- ID of the AppRole.
- confidential Boolean
- If true, this flatfile bundle configuration property value is confidential and will be encrypted in Oracle Identity Cloud Service. This attribute maps to "isConfidential" attribute in "ConfigurationProperty" in ICF.
- displayName String
- Display name of the flatfile bundle configuration property. This attribute maps to "displayName" attribute in "ConfigurationProperty" in ICF.
- helpMessage String
- Help message of the flatfile bundle configuration property. This attribute maps to "helpMessage" attribute in "ConfigurationProperty" in ICF.
- icfType String
- ICF data type of flatfile the bundle configuration property. This attribute maps to "type" attribute in "ConfigurationProperty" in ICF.
- name String
- The attribute represents the name of the attribute that will be used in the Security Assertion Markup Language (SAML) assertion
- order Integer
- Display sequence of the bundle configuration property.
- required Boolean
- If true, this flatfile bundle configuration property is required to connect to the target connected managed app. This attribute maps to "isRequired" attribute in "ConfigurationProperty" in ICF.
- values List<String>
- ID of the AppRole.
- confidential boolean
- If true, this flatfile bundle configuration property value is confidential and will be encrypted in Oracle Identity Cloud Service. This attribute maps to "isConfidential" attribute in "ConfigurationProperty" in ICF.
- displayName string
- Display name of the flatfile bundle configuration property. This attribute maps to "displayName" attribute in "ConfigurationProperty" in ICF.
- helpMessage string
- Help message of the flatfile bundle configuration property. This attribute maps to "helpMessage" attribute in "ConfigurationProperty" in ICF.
- icfType string
- ICF data type of flatfile the bundle configuration property. This attribute maps to "type" attribute in "ConfigurationProperty" in ICF.
- name string
- The attribute represents the name of the attribute that will be used in the Security Assertion Markup Language (SAML) assertion
- order number
- Display sequence of the bundle configuration property.
- required boolean
- If true, this flatfile bundle configuration property is required to connect to the target connected managed app. This attribute maps to "isRequired" attribute in "ConfigurationProperty" in ICF.
- values string[]
- ID of the AppRole.
- confidential bool
- If true, this flatfile bundle configuration property value is confidential and will be encrypted in Oracle Identity Cloud Service. This attribute maps to "isConfidential" attribute in "ConfigurationProperty" in ICF.
- display_name str
- Display name of the flatfile bundle configuration property. This attribute maps to "displayName" attribute in "ConfigurationProperty" in ICF.
- help_message str
- Help message of the flatfile bundle configuration property. This attribute maps to "helpMessage" attribute in "ConfigurationProperty" in ICF.
- icf_type str
- ICF data type of flatfile the bundle configuration property. This attribute maps to "type" attribute in "ConfigurationProperty" in ICF.
- name str
- The attribute represents the name of the attribute that will be used in the Security Assertion Markup Language (SAML) assertion
- order int
- Display sequence of the bundle configuration property.
- required bool
- If true, this flatfile bundle configuration property is required to connect to the target connected managed app. This attribute maps to "isRequired" attribute in "ConfigurationProperty" in ICF.
- values Sequence[str]
- ID of the AppRole.
- confidential Boolean
- If true, this flatfile bundle configuration property value is confidential and will be encrypted in Oracle Identity Cloud Service. This attribute maps to "isConfidential" attribute in "ConfigurationProperty" in ICF.
- displayName String
- Display name of the flatfile bundle configuration property. This attribute maps to "displayName" attribute in "ConfigurationProperty" in ICF.
- helpMessage String
- Help message of the flatfile bundle configuration property. This attribute maps to "helpMessage" attribute in "ConfigurationProperty" in ICF.
- icfType String
- ICF data type of flatfile the bundle configuration property. This attribute maps to "type" attribute in "ConfigurationProperty" in ICF.
- name String
- The attribute represents the name of the attribute that will be used in the Security Assertion Markup Language (SAML) assertion
- order Number
- Display sequence of the bundle configuration property.
- required Boolean
- If true, this flatfile bundle configuration property is required to connect to the target connected managed app. This attribute maps to "isRequired" attribute in "ConfigurationProperty" in ICF.
- values List<String>
- ID of the AppRole.
GetDomainsAppUrnietfparamsscimschemasoracleidcsextensionmanagedappAppBundlePoolConfiguration       
- MaxIdle int
- Maximum number of connector instances in the pool that are idle and active.
- MaxObjects int
- Maximum number of connector instances in the pool that are idle and active.
- MaxWait int
- Maximum time (in milliseconds) to wait for a free connector instance to become available before failing.
- MinEvictable intIdle Time Millis 
- Minimum time (in milliseconds) to wait before evicting an idle conenctor instance from the pool.
- MinIdle int
- Minimum number of idle connector instances in the pool.
- MaxIdle int
- Maximum number of connector instances in the pool that are idle and active.
- MaxObjects int
- Maximum number of connector instances in the pool that are idle and active.
- MaxWait int
- Maximum time (in milliseconds) to wait for a free connector instance to become available before failing.
- MinEvictable intIdle Time Millis 
- Minimum time (in milliseconds) to wait before evicting an idle conenctor instance from the pool.
- MinIdle int
- Minimum number of idle connector instances in the pool.
- maxIdle Integer
- Maximum number of connector instances in the pool that are idle and active.
- maxObjects Integer
- Maximum number of connector instances in the pool that are idle and active.
- maxWait Integer
- Maximum time (in milliseconds) to wait for a free connector instance to become available before failing.
- minEvictable IntegerIdle Time Millis 
- Minimum time (in milliseconds) to wait before evicting an idle conenctor instance from the pool.
- minIdle Integer
- Minimum number of idle connector instances in the pool.
- maxIdle number
- Maximum number of connector instances in the pool that are idle and active.
- maxObjects number
- Maximum number of connector instances in the pool that are idle and active.
- maxWait number
- Maximum time (in milliseconds) to wait for a free connector instance to become available before failing.
- minEvictable numberIdle Time Millis 
- Minimum time (in milliseconds) to wait before evicting an idle conenctor instance from the pool.
- minIdle number
- Minimum number of idle connector instances in the pool.
- max_idle int
- Maximum number of connector instances in the pool that are idle and active.
- max_objects int
- Maximum number of connector instances in the pool that are idle and active.
- max_wait int
- Maximum time (in milliseconds) to wait for a free connector instance to become available before failing.
- min_evictable_ intidle_ time_ millis 
- Minimum time (in milliseconds) to wait before evicting an idle conenctor instance from the pool.
- min_idle int
- Minimum number of idle connector instances in the pool.
- maxIdle Number
- Maximum number of connector instances in the pool that are idle and active.
- maxObjects Number
- Maximum number of connector instances in the pool that are idle and active.
- maxWait Number
- Maximum time (in milliseconds) to wait for a free connector instance to become available before failing.
- minEvictable NumberIdle Time Millis 
- Minimum time (in milliseconds) to wait before evicting an idle conenctor instance from the pool.
- minIdle Number
- Minimum number of idle connector instances in the pool.
GetDomainsAppUrnietfparamsscimschemasoracleidcsextensionmanagedappAppConnectorBundle      
- Display string
- Display-name of the AppRole.
- Ref string
- URI of the AppRole.
- Type string
- Object Class type. Allowed values are AccountObjectClass, ManagedObjectClass.
- Value string
- ID of the AppRole.
- WellKnown stringId 
- Unique well-known identifier used to reference connector bundle.
- Display string
- Display-name of the AppRole.
- Ref string
- URI of the AppRole.
- Type string
- Object Class type. Allowed values are AccountObjectClass, ManagedObjectClass.
- Value string
- ID of the AppRole.
- WellKnown stringId 
- Unique well-known identifier used to reference connector bundle.
- display String
- Display-name of the AppRole.
- ref String
- URI of the AppRole.
- type String
- Object Class type. Allowed values are AccountObjectClass, ManagedObjectClass.
- value String
- ID of the AppRole.
- wellKnown StringId 
- Unique well-known identifier used to reference connector bundle.
- display string
- Display-name of the AppRole.
- ref string
- URI of the AppRole.
- type string
- Object Class type. Allowed values are AccountObjectClass, ManagedObjectClass.
- value string
- ID of the AppRole.
- wellKnown stringId 
- Unique well-known identifier used to reference connector bundle.
- display str
- Display-name of the AppRole.
- ref str
- URI of the AppRole.
- type str
- Object Class type. Allowed values are AccountObjectClass, ManagedObjectClass.
- value str
- ID of the AppRole.
- well_known_ strid 
- Unique well-known identifier used to reference connector bundle.
- display String
- Display-name of the AppRole.
- ref String
- URI of the AppRole.
- type String
- Object Class type. Allowed values are AccountObjectClass, ManagedObjectClass.
- value String
- ID of the AppRole.
- wellKnown StringId 
- Unique well-known identifier used to reference connector bundle.
GetDomainsAppUrnietfparamsscimschemasoracleidcsextensionmanagedappAppFlatFileBundleConfigurationProperty         
- Confidential bool
- If true, this flatfile bundle configuration property value is confidential and will be encrypted in Oracle Identity Cloud Service. This attribute maps to "isConfidential" attribute in "ConfigurationProperty" in ICF.
- DisplayName string
- Display name of the flatfile bundle configuration property. This attribute maps to "displayName" attribute in "ConfigurationProperty" in ICF.
- HelpMessage string
- Help message of the flatfile bundle configuration property. This attribute maps to "helpMessage" attribute in "ConfigurationProperty" in ICF.
- IcfType string
- ICF data type of flatfile the bundle configuration property. This attribute maps to "type" attribute in "ConfigurationProperty" in ICF.
- Name string
- The attribute represents the name of the attribute that will be used in the Security Assertion Markup Language (SAML) assertion
- Order int
- Display sequence of the bundle configuration property.
- Required bool
- If true, this flatfile bundle configuration property is required to connect to the target connected managed app. This attribute maps to "isRequired" attribute in "ConfigurationProperty" in ICF.
- Values List<string>
- ID of the AppRole.
- Confidential bool
- If true, this flatfile bundle configuration property value is confidential and will be encrypted in Oracle Identity Cloud Service. This attribute maps to "isConfidential" attribute in "ConfigurationProperty" in ICF.
- DisplayName string
- Display name of the flatfile bundle configuration property. This attribute maps to "displayName" attribute in "ConfigurationProperty" in ICF.
- HelpMessage string
- Help message of the flatfile bundle configuration property. This attribute maps to "helpMessage" attribute in "ConfigurationProperty" in ICF.
- IcfType string
- ICF data type of flatfile the bundle configuration property. This attribute maps to "type" attribute in "ConfigurationProperty" in ICF.
- Name string
- The attribute represents the name of the attribute that will be used in the Security Assertion Markup Language (SAML) assertion
- Order int
- Display sequence of the bundle configuration property.
- Required bool
- If true, this flatfile bundle configuration property is required to connect to the target connected managed app. This attribute maps to "isRequired" attribute in "ConfigurationProperty" in ICF.
- Values []string
- ID of the AppRole.
- confidential Boolean
- If true, this flatfile bundle configuration property value is confidential and will be encrypted in Oracle Identity Cloud Service. This attribute maps to "isConfidential" attribute in "ConfigurationProperty" in ICF.
- displayName String
- Display name of the flatfile bundle configuration property. This attribute maps to "displayName" attribute in "ConfigurationProperty" in ICF.
- helpMessage String
- Help message of the flatfile bundle configuration property. This attribute maps to "helpMessage" attribute in "ConfigurationProperty" in ICF.
- icfType String
- ICF data type of flatfile the bundle configuration property. This attribute maps to "type" attribute in "ConfigurationProperty" in ICF.
- name String
- The attribute represents the name of the attribute that will be used in the Security Assertion Markup Language (SAML) assertion
- order Integer
- Display sequence of the bundle configuration property.
- required Boolean
- If true, this flatfile bundle configuration property is required to connect to the target connected managed app. This attribute maps to "isRequired" attribute in "ConfigurationProperty" in ICF.
- values List<String>
- ID of the AppRole.
- confidential boolean
- If true, this flatfile bundle configuration property value is confidential and will be encrypted in Oracle Identity Cloud Service. This attribute maps to "isConfidential" attribute in "ConfigurationProperty" in ICF.
- displayName string
- Display name of the flatfile bundle configuration property. This attribute maps to "displayName" attribute in "ConfigurationProperty" in ICF.
- helpMessage string
- Help message of the flatfile bundle configuration property. This attribute maps to "helpMessage" attribute in "ConfigurationProperty" in ICF.
- icfType string
- ICF data type of flatfile the bundle configuration property. This attribute maps to "type" attribute in "ConfigurationProperty" in ICF.
- name string
- The attribute represents the name of the attribute that will be used in the Security Assertion Markup Language (SAML) assertion
- order number
- Display sequence of the bundle configuration property.
- required boolean
- If true, this flatfile bundle configuration property is required to connect to the target connected managed app. This attribute maps to "isRequired" attribute in "ConfigurationProperty" in ICF.
- values string[]
- ID of the AppRole.
- confidential bool
- If true, this flatfile bundle configuration property value is confidential and will be encrypted in Oracle Identity Cloud Service. This attribute maps to "isConfidential" attribute in "ConfigurationProperty" in ICF.
- display_name str
- Display name of the flatfile bundle configuration property. This attribute maps to "displayName" attribute in "ConfigurationProperty" in ICF.
- help_message str
- Help message of the flatfile bundle configuration property. This attribute maps to "helpMessage" attribute in "ConfigurationProperty" in ICF.
- icf_type str
- ICF data type of flatfile the bundle configuration property. This attribute maps to "type" attribute in "ConfigurationProperty" in ICF.
- name str
- The attribute represents the name of the attribute that will be used in the Security Assertion Markup Language (SAML) assertion
- order int
- Display sequence of the bundle configuration property.
- required bool
- If true, this flatfile bundle configuration property is required to connect to the target connected managed app. This attribute maps to "isRequired" attribute in "ConfigurationProperty" in ICF.
- values Sequence[str]
- ID of the AppRole.
- confidential Boolean
- If true, this flatfile bundle configuration property value is confidential and will be encrypted in Oracle Identity Cloud Service. This attribute maps to "isConfidential" attribute in "ConfigurationProperty" in ICF.
- displayName String
- Display name of the flatfile bundle configuration property. This attribute maps to "displayName" attribute in "ConfigurationProperty" in ICF.
- helpMessage String
- Help message of the flatfile bundle configuration property. This attribute maps to "helpMessage" attribute in "ConfigurationProperty" in ICF.
- icfType String
- ICF data type of flatfile the bundle configuration property. This attribute maps to "type" attribute in "ConfigurationProperty" in ICF.
- name String
- The attribute represents the name of the attribute that will be used in the Security Assertion Markup Language (SAML) assertion
- order Number
- Display sequence of the bundle configuration property.
- required Boolean
- If true, this flatfile bundle configuration property is required to connect to the target connected managed app. This attribute maps to "isRequired" attribute in "ConfigurationProperty" in ICF.
- values List<String>
- ID of the AppRole.
GetDomainsAppUrnietfparamsscimschemasoracleidcsextensionmanagedappAppFlatFileConnectorBundle        
- Display string
- Display-name of the AppRole.
- Ref string
- URI of the AppRole.
- Value string
- ID of the AppRole.
- WellKnown stringId 
- Unique well-known identifier used to reference connector bundle.
- Display string
- Display-name of the AppRole.
- Ref string
- URI of the AppRole.
- Value string
- ID of the AppRole.
- WellKnown stringId 
- Unique well-known identifier used to reference connector bundle.
- display String
- Display-name of the AppRole.
- ref String
- URI of the AppRole.
- value String
- ID of the AppRole.
- wellKnown StringId 
- Unique well-known identifier used to reference connector bundle.
- display string
- Display-name of the AppRole.
- ref string
- URI of the AppRole.
- value string
- ID of the AppRole.
- wellKnown stringId 
- Unique well-known identifier used to reference connector bundle.
- display str
- Display-name of the AppRole.
- ref str
- URI of the AppRole.
- value str
- ID of the AppRole.
- well_known_ strid 
- Unique well-known identifier used to reference connector bundle.
- display String
- Display-name of the AppRole.
- ref String
- URI of the AppRole.
- value String
- ID of the AppRole.
- wellKnown StringId 
- Unique well-known identifier used to reference connector bundle.
GetDomainsAppUrnietfparamsscimschemasoracleidcsextensionmanagedappAppIdentityBridge      
GetDomainsAppUrnietfparamsscimschemasoracleidcsextensionmanagedappAppObjectClass      
- Display string
- Display-name of the AppRole.
- IsAccount boolObject Class 
- If true, the object class represents an account. The isAccountObjectClass attribute value 'true' MUST appear no more than once.
- Ref string
- URI of the AppRole.
- ResourceType string
- Object class resource type
- Type string
- Object Class type. Allowed values are AccountObjectClass, ManagedObjectClass.
- Value string
- ID of the AppRole.
- Display string
- Display-name of the AppRole.
- IsAccount boolObject Class 
- If true, the object class represents an account. The isAccountObjectClass attribute value 'true' MUST appear no more than once.
- Ref string
- URI of the AppRole.
- ResourceType string
- Object class resource type
- Type string
- Object Class type. Allowed values are AccountObjectClass, ManagedObjectClass.
- Value string
- ID of the AppRole.
- display String
- Display-name of the AppRole.
- isAccount BooleanObject Class 
- If true, the object class represents an account. The isAccountObjectClass attribute value 'true' MUST appear no more than once.
- ref String
- URI of the AppRole.
- resourceType String
- Object class resource type
- type String
- Object Class type. Allowed values are AccountObjectClass, ManagedObjectClass.
- value String
- ID of the AppRole.
- display string
- Display-name of the AppRole.
- isAccount booleanObject Class 
- If true, the object class represents an account. The isAccountObjectClass attribute value 'true' MUST appear no more than once.
- ref string
- URI of the AppRole.
- resourceType string
- Object class resource type
- type string
- Object Class type. Allowed values are AccountObjectClass, ManagedObjectClass.
- value string
- ID of the AppRole.
- display str
- Display-name of the AppRole.
- is_account_ boolobject_ class 
- If true, the object class represents an account. The isAccountObjectClass attribute value 'true' MUST appear no more than once.
- ref str
- URI of the AppRole.
- resource_type str
- Object class resource type
- type str
- Object Class type. Allowed values are AccountObjectClass, ManagedObjectClass.
- value str
- ID of the AppRole.
- display String
- Display-name of the AppRole.
- isAccount BooleanObject Class 
- If true, the object class represents an account. The isAccountObjectClass attribute value 'true' MUST appear no more than once.
- ref String
- URI of the AppRole.
- resourceType String
- Object class resource type
- type String
- Object Class type. Allowed values are AccountObjectClass, ManagedObjectClass.
- value String
- ID of the AppRole.
GetDomainsAppUrnietfparamsscimschemasoracleidcsextensionmanagedappAppThreeLeggedOauthCredential        
- AccessToken string
- Access Token
- AccessToken stringExpiry 
- Access token expiry
- RefreshToken string
- Refresh Token
- AccessToken string
- Access Token
- AccessToken stringExpiry 
- Access token expiry
- RefreshToken string
- Refresh Token
- accessToken String
- Access Token
- accessToken StringExpiry 
- Access token expiry
- refreshToken String
- Refresh Token
- accessToken string
- Access Token
- accessToken stringExpiry 
- Access token expiry
- refreshToken string
- Refresh Token
- access_token str
- Access Token
- access_token_ strexpiry 
- Access token expiry
- refresh_token str
- Refresh Token
- accessToken String
- Access Token
- accessToken StringExpiry 
- Access token expiry
- refreshToken String
- Refresh Token
GetDomainsAppUrnietfparamsscimschemasoracleidcsextensionmulticloudServiceAppApp      
- MulticloudPlatform stringUrl 
- The multicloud platform service URL which the application will invoke for runtime operations such as AWSCredentials api invocation
- MulticloudService stringType 
- Specifies the service type for which the application is configured for multicloud integration. For applicable external service types, app will invoke multicloud service for runtime operations
- MulticloudPlatform stringUrl 
- The multicloud platform service URL which the application will invoke for runtime operations such as AWSCredentials api invocation
- MulticloudService stringType 
- Specifies the service type for which the application is configured for multicloud integration. For applicable external service types, app will invoke multicloud service for runtime operations
- multicloudPlatform StringUrl 
- The multicloud platform service URL which the application will invoke for runtime operations such as AWSCredentials api invocation
- multicloudService StringType 
- Specifies the service type for which the application is configured for multicloud integration. For applicable external service types, app will invoke multicloud service for runtime operations
- multicloudPlatform stringUrl 
- The multicloud platform service URL which the application will invoke for runtime operations such as AWSCredentials api invocation
- multicloudService stringType 
- Specifies the service type for which the application is configured for multicloud integration. For applicable external service types, app will invoke multicloud service for runtime operations
- multicloud_platform_ strurl 
- The multicloud platform service URL which the application will invoke for runtime operations such as AWSCredentials api invocation
- multicloud_service_ strtype 
- Specifies the service type for which the application is configured for multicloud integration. For applicable external service types, app will invoke multicloud service for runtime operations
- multicloudPlatform StringUrl 
- The multicloud platform service URL which the application will invoke for runtime operations such as AWSCredentials api invocation
- multicloudService StringType 
- Specifies the service type for which the application is configured for multicloud integration. For applicable external service types, app will invoke multicloud service for runtime operations
GetDomainsAppUrnietfparamsscimschemasoracleidcsextensionopcServiceApp     
- CurrentFederation stringMode 
- Current Federation Mode
- CurrentSynchronization stringMode 
- Current Synchronization Mode
- EnablingNext boolFed Sync Modes 
- If true, indicates that enablement is in progress started but not completed
- NextFederation stringMode 
- Next Federation Mode
- NextSynchronization stringMode 
- Next Synchronization Mode
- Region string
- This value identifies the OPC region in which the service is running.
- ServiceInstance stringIdentifier 
- This value specifies the unique identifier assigned to an instance of an Oracle Public Cloud service app.
- CurrentFederation stringMode 
- Current Federation Mode
- CurrentSynchronization stringMode 
- Current Synchronization Mode
- EnablingNext boolFed Sync Modes 
- If true, indicates that enablement is in progress started but not completed
- NextFederation stringMode 
- Next Federation Mode
- NextSynchronization stringMode 
- Next Synchronization Mode
- Region string
- This value identifies the OPC region in which the service is running.
- ServiceInstance stringIdentifier 
- This value specifies the unique identifier assigned to an instance of an Oracle Public Cloud service app.
- currentFederation StringMode 
- Current Federation Mode
- currentSynchronization StringMode 
- Current Synchronization Mode
- enablingNext BooleanFed Sync Modes 
- If true, indicates that enablement is in progress started but not completed
- nextFederation StringMode 
- Next Federation Mode
- nextSynchronization StringMode 
- Next Synchronization Mode
- region String
- This value identifies the OPC region in which the service is running.
- serviceInstance StringIdentifier 
- This value specifies the unique identifier assigned to an instance of an Oracle Public Cloud service app.
- currentFederation stringMode 
- Current Federation Mode
- currentSynchronization stringMode 
- Current Synchronization Mode
- enablingNext booleanFed Sync Modes 
- If true, indicates that enablement is in progress started but not completed
- nextFederation stringMode 
- Next Federation Mode
- nextSynchronization stringMode 
- Next Synchronization Mode
- region string
- This value identifies the OPC region in which the service is running.
- serviceInstance stringIdentifier 
- This value specifies the unique identifier assigned to an instance of an Oracle Public Cloud service app.
- current_federation_ strmode 
- Current Federation Mode
- current_synchronization_ strmode 
- Current Synchronization Mode
- enabling_next_ boolfed_ sync_ modes 
- If true, indicates that enablement is in progress started but not completed
- next_federation_ strmode 
- Next Federation Mode
- next_synchronization_ strmode 
- Next Synchronization Mode
- region str
- This value identifies the OPC region in which the service is running.
- service_instance_ stridentifier 
- This value specifies the unique identifier assigned to an instance of an Oracle Public Cloud service app.
- currentFederation StringMode 
- Current Federation Mode
- currentSynchronization StringMode 
- Current Synchronization Mode
- enablingNext BooleanFed Sync Modes 
- If true, indicates that enablement is in progress started but not completed
- nextFederation StringMode 
- Next Federation Mode
- nextSynchronization StringMode 
- Next Synchronization Mode
- region String
- This value identifies the OPC region in which the service is running.
- serviceInstance StringIdentifier 
- This value specifies the unique identifier assigned to an instance of an Oracle Public Cloud service app.
GetDomainsAppUrnietfparamsscimschemasoracleidcsextensionradiusAppApp     
- CaptureClient boolIp 
- If true, capture the client IP address from the RADIUS request packet. IP Address is used for auditing, policy-evaluation and country-code calculation.
- ClientIp string
- This is the IP address of the RADIUS Client like Oracle Database server. It can be only IP address and not hostname.
- CountryCode stringResponse Attribute Id 
- Vendor-specific identifier of the attribute in the RADIUS response that will contain the end-user's country code. This is an integer-value in the range 1 to 255
- EndUser stringIp Attribute 
- The name of the attribute that contains the Internet Protocol address of the end-user.
- GroupMembership stringRadius Attribute 
- RADIUS attribute that RADIUS-enabled system uses to pass the group membership
- GroupMembership List<GetTo Returns Domains App Urnietfparamsscimschemasoracleidcsextensionradius App App Group Membership To Return> 
- In a successful authentication response, Oracle Identity Cloud Service will pass user's group information restricted to groups persisted in this attribute, in the specified RADIUS attribute.
- GroupName stringFormat 
- Configure the groupNameFormat based on vendor in order to pass it to RADIUS infra
- IncludeGroup boolIn Response 
- Indicates to include groups in RADIUS response
- PasswordAnd boolOtp Together 
- Indicates if password and OTP are passed in the same sign-in request or not.
- Port string
- This is the port of RADIUS Proxy which RADIUS client will connect to.
- RadiusVendor stringSpecific Id 
- ID used to identify a particular vendor.
- ResponseFormat string
- Configure the responseFormat based on vendor in order to pass it to RADIUS infra
- ResponseFormat stringDelimiter 
- The delimiter used if group membership responseFormat is a delimited list instead of repeating attributes
- SecretKey string
- Secret key used to secure communication between RADIUS Proxy and RADIUS client
- TypeOf stringRadius App 
- Value consists of type of RADIUS App. Type can be Oracle Database, VPN etc
- CaptureClient boolIp 
- If true, capture the client IP address from the RADIUS request packet. IP Address is used for auditing, policy-evaluation and country-code calculation.
- ClientIp string
- This is the IP address of the RADIUS Client like Oracle Database server. It can be only IP address and not hostname.
- CountryCode stringResponse Attribute Id 
- Vendor-specific identifier of the attribute in the RADIUS response that will contain the end-user's country code. This is an integer-value in the range 1 to 255
- EndUser stringIp Attribute 
- The name of the attribute that contains the Internet Protocol address of the end-user.
- GroupMembership stringRadius Attribute 
- RADIUS attribute that RADIUS-enabled system uses to pass the group membership
- GroupMembership []GetTo Returns Domains App Urnietfparamsscimschemasoracleidcsextensionradius App App Group Membership To Return 
- In a successful authentication response, Oracle Identity Cloud Service will pass user's group information restricted to groups persisted in this attribute, in the specified RADIUS attribute.
- GroupName stringFormat 
- Configure the groupNameFormat based on vendor in order to pass it to RADIUS infra
- IncludeGroup boolIn Response 
- Indicates to include groups in RADIUS response
- PasswordAnd boolOtp Together 
- Indicates if password and OTP are passed in the same sign-in request or not.
- Port string
- This is the port of RADIUS Proxy which RADIUS client will connect to.
- RadiusVendor stringSpecific Id 
- ID used to identify a particular vendor.
- ResponseFormat string
- Configure the responseFormat based on vendor in order to pass it to RADIUS infra
- ResponseFormat stringDelimiter 
- The delimiter used if group membership responseFormat is a delimited list instead of repeating attributes
- SecretKey string
- Secret key used to secure communication between RADIUS Proxy and RADIUS client
- TypeOf stringRadius App 
- Value consists of type of RADIUS App. Type can be Oracle Database, VPN etc
- captureClient BooleanIp 
- If true, capture the client IP address from the RADIUS request packet. IP Address is used for auditing, policy-evaluation and country-code calculation.
- clientIp String
- This is the IP address of the RADIUS Client like Oracle Database server. It can be only IP address and not hostname.
- countryCode StringResponse Attribute Id 
- Vendor-specific identifier of the attribute in the RADIUS response that will contain the end-user's country code. This is an integer-value in the range 1 to 255
- endUser StringIp Attribute 
- The name of the attribute that contains the Internet Protocol address of the end-user.
- groupMembership StringRadius Attribute 
- RADIUS attribute that RADIUS-enabled system uses to pass the group membership
- groupMembership List<GetTo Returns Domains App Urnietfparamsscimschemasoracleidcsextensionradius App App Group Membership To Return> 
- In a successful authentication response, Oracle Identity Cloud Service will pass user's group information restricted to groups persisted in this attribute, in the specified RADIUS attribute.
- groupName StringFormat 
- Configure the groupNameFormat based on vendor in order to pass it to RADIUS infra
- includeGroup BooleanIn Response 
- Indicates to include groups in RADIUS response
- passwordAnd BooleanOtp Together 
- Indicates if password and OTP are passed in the same sign-in request or not.
- port String
- This is the port of RADIUS Proxy which RADIUS client will connect to.
- radiusVendor StringSpecific Id 
- ID used to identify a particular vendor.
- responseFormat String
- Configure the responseFormat based on vendor in order to pass it to RADIUS infra
- responseFormat StringDelimiter 
- The delimiter used if group membership responseFormat is a delimited list instead of repeating attributes
- secretKey String
- Secret key used to secure communication between RADIUS Proxy and RADIUS client
- typeOf StringRadius App 
- Value consists of type of RADIUS App. Type can be Oracle Database, VPN etc
- captureClient booleanIp 
- If true, capture the client IP address from the RADIUS request packet. IP Address is used for auditing, policy-evaluation and country-code calculation.
- clientIp string
- This is the IP address of the RADIUS Client like Oracle Database server. It can be only IP address and not hostname.
- countryCode stringResponse Attribute Id 
- Vendor-specific identifier of the attribute in the RADIUS response that will contain the end-user's country code. This is an integer-value in the range 1 to 255
- endUser stringIp Attribute 
- The name of the attribute that contains the Internet Protocol address of the end-user.
- groupMembership stringRadius Attribute 
- RADIUS attribute that RADIUS-enabled system uses to pass the group membership
- groupMembership GetTo Returns Domains App Urnietfparamsscimschemasoracleidcsextensionradius App App Group Membership To Return[] 
- In a successful authentication response, Oracle Identity Cloud Service will pass user's group information restricted to groups persisted in this attribute, in the specified RADIUS attribute.
- groupName stringFormat 
- Configure the groupNameFormat based on vendor in order to pass it to RADIUS infra
- includeGroup booleanIn Response 
- Indicates to include groups in RADIUS response
- passwordAnd booleanOtp Together 
- Indicates if password and OTP are passed in the same sign-in request or not.
- port string
- This is the port of RADIUS Proxy which RADIUS client will connect to.
- radiusVendor stringSpecific Id 
- ID used to identify a particular vendor.
- responseFormat string
- Configure the responseFormat based on vendor in order to pass it to RADIUS infra
- responseFormat stringDelimiter 
- The delimiter used if group membership responseFormat is a delimited list instead of repeating attributes
- secretKey string
- Secret key used to secure communication between RADIUS Proxy and RADIUS client
- typeOf stringRadius App 
- Value consists of type of RADIUS App. Type can be Oracle Database, VPN etc
- capture_client_ boolip 
- If true, capture the client IP address from the RADIUS request packet. IP Address is used for auditing, policy-evaluation and country-code calculation.
- client_ip str
- This is the IP address of the RADIUS Client like Oracle Database server. It can be only IP address and not hostname.
- country_code_ strresponse_ attribute_ id 
- Vendor-specific identifier of the attribute in the RADIUS response that will contain the end-user's country code. This is an integer-value in the range 1 to 255
- end_user_ strip_ attribute 
- The name of the attribute that contains the Internet Protocol address of the end-user.
- group_membership_ strradius_ attribute 
- RADIUS attribute that RADIUS-enabled system uses to pass the group membership
- group_membership_ Sequence[Getto_ returns Domains App Urnietfparamsscimschemasoracleidcsextensionradius App App Group Membership To Return] 
- In a successful authentication response, Oracle Identity Cloud Service will pass user's group information restricted to groups persisted in this attribute, in the specified RADIUS attribute.
- group_name_ strformat 
- Configure the groupNameFormat based on vendor in order to pass it to RADIUS infra
- include_group_ boolin_ response 
- Indicates to include groups in RADIUS response
- password_and_ boolotp_ together 
- Indicates if password and OTP are passed in the same sign-in request or not.
- port str
- This is the port of RADIUS Proxy which RADIUS client will connect to.
- radius_vendor_ strspecific_ id 
- ID used to identify a particular vendor.
- response_format str
- Configure the responseFormat based on vendor in order to pass it to RADIUS infra
- response_format_ strdelimiter 
- The delimiter used if group membership responseFormat is a delimited list instead of repeating attributes
- secret_key str
- Secret key used to secure communication between RADIUS Proxy and RADIUS client
- type_of_ strradius_ app 
- Value consists of type of RADIUS App. Type can be Oracle Database, VPN etc
- captureClient BooleanIp 
- If true, capture the client IP address from the RADIUS request packet. IP Address is used for auditing, policy-evaluation and country-code calculation.
- clientIp String
- This is the IP address of the RADIUS Client like Oracle Database server. It can be only IP address and not hostname.
- countryCode StringResponse Attribute Id 
- Vendor-specific identifier of the attribute in the RADIUS response that will contain the end-user's country code. This is an integer-value in the range 1 to 255
- endUser StringIp Attribute 
- The name of the attribute that contains the Internet Protocol address of the end-user.
- groupMembership StringRadius Attribute 
- RADIUS attribute that RADIUS-enabled system uses to pass the group membership
- groupMembership List<Property Map>To Returns 
- In a successful authentication response, Oracle Identity Cloud Service will pass user's group information restricted to groups persisted in this attribute, in the specified RADIUS attribute.
- groupName StringFormat 
- Configure the groupNameFormat based on vendor in order to pass it to RADIUS infra
- includeGroup BooleanIn Response 
- Indicates to include groups in RADIUS response
- passwordAnd BooleanOtp Together 
- Indicates if password and OTP are passed in the same sign-in request or not.
- port String
- This is the port of RADIUS Proxy which RADIUS client will connect to.
- radiusVendor StringSpecific Id 
- ID used to identify a particular vendor.
- responseFormat String
- Configure the responseFormat based on vendor in order to pass it to RADIUS infra
- responseFormat StringDelimiter 
- The delimiter used if group membership responseFormat is a delimited list instead of repeating attributes
- secretKey String
- Secret key used to secure communication between RADIUS Proxy and RADIUS client
- typeOf StringRadius App 
- Value consists of type of RADIUS App. Type can be Oracle Database, VPN etc
GetDomainsAppUrnietfparamsscimschemasoracleidcsextensionradiusAppAppGroupMembershipToReturn         
GetDomainsAppUrnietfparamsscimschemasoracleidcsextensionrequestableApp    
- Requestable bool
- Flag controlling whether resource can be request by user through self service console.
- Requestable bool
- Flag controlling whether resource can be request by user through self service console.
- requestable Boolean
- Flag controlling whether resource can be request by user through self service console.
- requestable boolean
- Flag controlling whether resource can be request by user through self service console.
- requestable bool
- Flag controlling whether resource can be request by user through self service console.
- requestable Boolean
- Flag controlling whether resource can be request by user through self service console.
GetDomainsAppUrnietfparamsscimschemasoracleidcsextensionsamlServiceProviderApp      
- AssertionConsumer stringUrl 
- The attribute represents the URL to which the SAML Assertions will be sent by the SAML IdP.
- EncryptAssertion bool
- If true, indicates that the system must encrypt the Security Assertion Markup Language (SAML) assertion.
- EncryptionAlgorithm string
- This attribute indicates the encryption algorithm used to encrypt the SAML assertion.
- EncryptionCertificate string
- This attribute represents the encryption certificate that an App uses to encrypt the Security Assertion Markup Language (SAML) assertion.
- FederationProtocol string
- Specifies the preferred federation protocol (SAML2.0 or WS-Fed1.1).
- GroupAssertion List<GetAttributes Domains App Urnietfparamsscimschemasoracleidcsextensionsaml Service Provider App Group Assertion Attribute> 
- Each value of this attribute describes an attribute of Group that will be sent in a Security Assertion Markup Language (SAML) assertion.
- HokAcs stringUrl 
- Hok Assertion Consumer Service Url
- HokRequired bool
- If enabled, then the SAML Service supports Hok for this App.
- IncludeSigning boolCert In Signature 
- If true, then the signing certificate is included in the signature.
- KeyEncryption stringAlgorithm 
- This attribute indicates the key encryption algorithm.
- LastNotification stringSent Time 
- Records the notification timestamp for the SP whose signing certificate is about to expire.
- LogoutBinding string
- This attribute represents the HTTP binding that would be used while logout.
- LogoutEnabled bool
- If true, then the SAML Service supports logout for this App.
- LogoutRequest stringUrl 
- The URL to which the partner sends the logout request.
- LogoutResponse stringUrl 
- The URL to which the partner sends the logout response.
- Metadata string
- This attribute represents the metadata of a Security Provider in the Security Assertion Markup Language protocol.
- NameId stringFormat 
- This can be any string, but there are a set of standard nameIdFormats. If a nameIdFormat other than the standard list is chosen, it will be considered a custom nameidformat. The standard nameidformats include: saml-x509, saml-emailaddress, saml-windowsnamequalifier, saml-kerberos, saml-persistent, saml-transient, saml-unspecified, saml-none, and saml-persistent-opaque.
- NameId stringUserstore Attribute 
- Deprecated Since: 18.2.2
- OutboundAssertion List<GetAttributes Domains App Urnietfparamsscimschemasoracleidcsextensionsaml Service Provider App Outbound Assertion Attribute> 
- Use to construct the outgoing SAML attributes
- PartnerProvider stringId 
- The ID of the Provider. This value corresponds to the entityID from the Service Provider metadata.
- PartnerProvider stringPattern 
- The pattern of the Provider. This value corresponds to the entityID from the Service Provider metadata.
- SignResponse stringOr Assertion 
- Indicates which part of the response should be signed. A value of "Assertion" indicates that the Assertion should be signed. A value of "Response" indicates that the SSO Response should be signed. A value of "AssertionAndResponse" indicates that both the Assertion and the SSO Response should be signed.
- SignatureHash stringAlgorithm 
- This attribute represents the algorithm used to hash the signature.
- SigningCertificate string
- This attribute represents the signing certificate that an App uses to verify the signed authentication request.
- SuccinctId string
- This attribute represents the Succinct ID.
- TenantProvider stringId 
- The alternate Provider ID to be used as the Oracle Identity Cloud Service providerID (instead of the one in SamlSettings) when interacting with this SP.
- UserAssertion List<GetAttributes Domains App Urnietfparamsscimschemasoracleidcsextensionsaml Service Provider App User Assertion Attribute> 
- Each value of this attribute describes an attribute of User that will be sent in a Security Assertion Markup Language (SAML) assertion.
- AssertionConsumer stringUrl 
- The attribute represents the URL to which the SAML Assertions will be sent by the SAML IdP.
- EncryptAssertion bool
- If true, indicates that the system must encrypt the Security Assertion Markup Language (SAML) assertion.
- EncryptionAlgorithm string
- This attribute indicates the encryption algorithm used to encrypt the SAML assertion.
- EncryptionCertificate string
- This attribute represents the encryption certificate that an App uses to encrypt the Security Assertion Markup Language (SAML) assertion.
- FederationProtocol string
- Specifies the preferred federation protocol (SAML2.0 or WS-Fed1.1).
- GroupAssertion []GetAttributes Domains App Urnietfparamsscimschemasoracleidcsextensionsaml Service Provider App Group Assertion Attribute 
- Each value of this attribute describes an attribute of Group that will be sent in a Security Assertion Markup Language (SAML) assertion.
- HokAcs stringUrl 
- Hok Assertion Consumer Service Url
- HokRequired bool
- If enabled, then the SAML Service supports Hok for this App.
- IncludeSigning boolCert In Signature 
- If true, then the signing certificate is included in the signature.
- KeyEncryption stringAlgorithm 
- This attribute indicates the key encryption algorithm.
- LastNotification stringSent Time 
- Records the notification timestamp for the SP whose signing certificate is about to expire.
- LogoutBinding string
- This attribute represents the HTTP binding that would be used while logout.
- LogoutEnabled bool
- If true, then the SAML Service supports logout for this App.
- LogoutRequest stringUrl 
- The URL to which the partner sends the logout request.
- LogoutResponse stringUrl 
- The URL to which the partner sends the logout response.
- Metadata string
- This attribute represents the metadata of a Security Provider in the Security Assertion Markup Language protocol.
- NameId stringFormat 
- This can be any string, but there are a set of standard nameIdFormats. If a nameIdFormat other than the standard list is chosen, it will be considered a custom nameidformat. The standard nameidformats include: saml-x509, saml-emailaddress, saml-windowsnamequalifier, saml-kerberos, saml-persistent, saml-transient, saml-unspecified, saml-none, and saml-persistent-opaque.
- NameId stringUserstore Attribute 
- Deprecated Since: 18.2.2
- OutboundAssertion []GetAttributes Domains App Urnietfparamsscimschemasoracleidcsextensionsaml Service Provider App Outbound Assertion Attribute 
- Use to construct the outgoing SAML attributes
- PartnerProvider stringId 
- The ID of the Provider. This value corresponds to the entityID from the Service Provider metadata.
- PartnerProvider stringPattern 
- The pattern of the Provider. This value corresponds to the entityID from the Service Provider metadata.
- SignResponse stringOr Assertion 
- Indicates which part of the response should be signed. A value of "Assertion" indicates that the Assertion should be signed. A value of "Response" indicates that the SSO Response should be signed. A value of "AssertionAndResponse" indicates that both the Assertion and the SSO Response should be signed.
- SignatureHash stringAlgorithm 
- This attribute represents the algorithm used to hash the signature.
- SigningCertificate string
- This attribute represents the signing certificate that an App uses to verify the signed authentication request.
- SuccinctId string
- This attribute represents the Succinct ID.
- TenantProvider stringId 
- The alternate Provider ID to be used as the Oracle Identity Cloud Service providerID (instead of the one in SamlSettings) when interacting with this SP.
- UserAssertion []GetAttributes Domains App Urnietfparamsscimschemasoracleidcsextensionsaml Service Provider App User Assertion Attribute 
- Each value of this attribute describes an attribute of User that will be sent in a Security Assertion Markup Language (SAML) assertion.
- assertionConsumer StringUrl 
- The attribute represents the URL to which the SAML Assertions will be sent by the SAML IdP.
- encryptAssertion Boolean
- If true, indicates that the system must encrypt the Security Assertion Markup Language (SAML) assertion.
- encryptionAlgorithm String
- This attribute indicates the encryption algorithm used to encrypt the SAML assertion.
- encryptionCertificate String
- This attribute represents the encryption certificate that an App uses to encrypt the Security Assertion Markup Language (SAML) assertion.
- federationProtocol String
- Specifies the preferred federation protocol (SAML2.0 or WS-Fed1.1).
- groupAssertion List<GetAttributes Domains App Urnietfparamsscimschemasoracleidcsextensionsaml Service Provider App Group Assertion Attribute> 
- Each value of this attribute describes an attribute of Group that will be sent in a Security Assertion Markup Language (SAML) assertion.
- hokAcs StringUrl 
- Hok Assertion Consumer Service Url
- hokRequired Boolean
- If enabled, then the SAML Service supports Hok for this App.
- includeSigning BooleanCert In Signature 
- If true, then the signing certificate is included in the signature.
- keyEncryption StringAlgorithm 
- This attribute indicates the key encryption algorithm.
- lastNotification StringSent Time 
- Records the notification timestamp for the SP whose signing certificate is about to expire.
- logoutBinding String
- This attribute represents the HTTP binding that would be used while logout.
- logoutEnabled Boolean
- If true, then the SAML Service supports logout for this App.
- logoutRequest StringUrl 
- The URL to which the partner sends the logout request.
- logoutResponse StringUrl 
- The URL to which the partner sends the logout response.
- metadata String
- This attribute represents the metadata of a Security Provider in the Security Assertion Markup Language protocol.
- nameId StringFormat 
- This can be any string, but there are a set of standard nameIdFormats. If a nameIdFormat other than the standard list is chosen, it will be considered a custom nameidformat. The standard nameidformats include: saml-x509, saml-emailaddress, saml-windowsnamequalifier, saml-kerberos, saml-persistent, saml-transient, saml-unspecified, saml-none, and saml-persistent-opaque.
- nameId StringUserstore Attribute 
- Deprecated Since: 18.2.2
- outboundAssertion List<GetAttributes Domains App Urnietfparamsscimschemasoracleidcsextensionsaml Service Provider App Outbound Assertion Attribute> 
- Use to construct the outgoing SAML attributes
- partnerProvider StringId 
- The ID of the Provider. This value corresponds to the entityID from the Service Provider metadata.
- partnerProvider StringPattern 
- The pattern of the Provider. This value corresponds to the entityID from the Service Provider metadata.
- signResponse StringOr Assertion 
- Indicates which part of the response should be signed. A value of "Assertion" indicates that the Assertion should be signed. A value of "Response" indicates that the SSO Response should be signed. A value of "AssertionAndResponse" indicates that both the Assertion and the SSO Response should be signed.
- signatureHash StringAlgorithm 
- This attribute represents the algorithm used to hash the signature.
- signingCertificate String
- This attribute represents the signing certificate that an App uses to verify the signed authentication request.
- succinctId String
- This attribute represents the Succinct ID.
- tenantProvider StringId 
- The alternate Provider ID to be used as the Oracle Identity Cloud Service providerID (instead of the one in SamlSettings) when interacting with this SP.
- userAssertion List<GetAttributes Domains App Urnietfparamsscimschemasoracleidcsextensionsaml Service Provider App User Assertion Attribute> 
- Each value of this attribute describes an attribute of User that will be sent in a Security Assertion Markup Language (SAML) assertion.
- assertionConsumer stringUrl 
- The attribute represents the URL to which the SAML Assertions will be sent by the SAML IdP.
- encryptAssertion boolean
- If true, indicates that the system must encrypt the Security Assertion Markup Language (SAML) assertion.
- encryptionAlgorithm string
- This attribute indicates the encryption algorithm used to encrypt the SAML assertion.
- encryptionCertificate string
- This attribute represents the encryption certificate that an App uses to encrypt the Security Assertion Markup Language (SAML) assertion.
- federationProtocol string
- Specifies the preferred federation protocol (SAML2.0 or WS-Fed1.1).
- groupAssertion GetAttributes Domains App Urnietfparamsscimschemasoracleidcsextensionsaml Service Provider App Group Assertion Attribute[] 
- Each value of this attribute describes an attribute of Group that will be sent in a Security Assertion Markup Language (SAML) assertion.
- hokAcs stringUrl 
- Hok Assertion Consumer Service Url
- hokRequired boolean
- If enabled, then the SAML Service supports Hok for this App.
- includeSigning booleanCert In Signature 
- If true, then the signing certificate is included in the signature.
- keyEncryption stringAlgorithm 
- This attribute indicates the key encryption algorithm.
- lastNotification stringSent Time 
- Records the notification timestamp for the SP whose signing certificate is about to expire.
- logoutBinding string
- This attribute represents the HTTP binding that would be used while logout.
- logoutEnabled boolean
- If true, then the SAML Service supports logout for this App.
- logoutRequest stringUrl 
- The URL to which the partner sends the logout request.
- logoutResponse stringUrl 
- The URL to which the partner sends the logout response.
- metadata string
- This attribute represents the metadata of a Security Provider in the Security Assertion Markup Language protocol.
- nameId stringFormat 
- This can be any string, but there are a set of standard nameIdFormats. If a nameIdFormat other than the standard list is chosen, it will be considered a custom nameidformat. The standard nameidformats include: saml-x509, saml-emailaddress, saml-windowsnamequalifier, saml-kerberos, saml-persistent, saml-transient, saml-unspecified, saml-none, and saml-persistent-opaque.
- nameId stringUserstore Attribute 
- Deprecated Since: 18.2.2
- outboundAssertion GetAttributes Domains App Urnietfparamsscimschemasoracleidcsextensionsaml Service Provider App Outbound Assertion Attribute[] 
- Use to construct the outgoing SAML attributes
- partnerProvider stringId 
- The ID of the Provider. This value corresponds to the entityID from the Service Provider metadata.
- partnerProvider stringPattern 
- The pattern of the Provider. This value corresponds to the entityID from the Service Provider metadata.
- signResponse stringOr Assertion 
- Indicates which part of the response should be signed. A value of "Assertion" indicates that the Assertion should be signed. A value of "Response" indicates that the SSO Response should be signed. A value of "AssertionAndResponse" indicates that both the Assertion and the SSO Response should be signed.
- signatureHash stringAlgorithm 
- This attribute represents the algorithm used to hash the signature.
- signingCertificate string
- This attribute represents the signing certificate that an App uses to verify the signed authentication request.
- succinctId string
- This attribute represents the Succinct ID.
- tenantProvider stringId 
- The alternate Provider ID to be used as the Oracle Identity Cloud Service providerID (instead of the one in SamlSettings) when interacting with this SP.
- userAssertion GetAttributes Domains App Urnietfparamsscimschemasoracleidcsextensionsaml Service Provider App User Assertion Attribute[] 
- Each value of this attribute describes an attribute of User that will be sent in a Security Assertion Markup Language (SAML) assertion.
- assertion_consumer_ strurl 
- The attribute represents the URL to which the SAML Assertions will be sent by the SAML IdP.
- encrypt_assertion bool
- If true, indicates that the system must encrypt the Security Assertion Markup Language (SAML) assertion.
- encryption_algorithm str
- This attribute indicates the encryption algorithm used to encrypt the SAML assertion.
- encryption_certificate str
- This attribute represents the encryption certificate that an App uses to encrypt the Security Assertion Markup Language (SAML) assertion.
- federation_protocol str
- Specifies the preferred federation protocol (SAML2.0 or WS-Fed1.1).
- group_assertion_ Sequence[Getattributes Domains App Urnietfparamsscimschemasoracleidcsextensionsaml Service Provider App Group Assertion Attribute] 
- Each value of this attribute describes an attribute of Group that will be sent in a Security Assertion Markup Language (SAML) assertion.
- hok_acs_ strurl 
- Hok Assertion Consumer Service Url
- hok_required bool
- If enabled, then the SAML Service supports Hok for this App.
- include_signing_ boolcert_ in_ signature 
- If true, then the signing certificate is included in the signature.
- key_encryption_ stralgorithm 
- This attribute indicates the key encryption algorithm.
- last_notification_ strsent_ time 
- Records the notification timestamp for the SP whose signing certificate is about to expire.
- logout_binding str
- This attribute represents the HTTP binding that would be used while logout.
- logout_enabled bool
- If true, then the SAML Service supports logout for this App.
- logout_request_ strurl 
- The URL to which the partner sends the logout request.
- logout_response_ strurl 
- The URL to which the partner sends the logout response.
- metadata str
- This attribute represents the metadata of a Security Provider in the Security Assertion Markup Language protocol.
- name_id_ strformat 
- This can be any string, but there are a set of standard nameIdFormats. If a nameIdFormat other than the standard list is chosen, it will be considered a custom nameidformat. The standard nameidformats include: saml-x509, saml-emailaddress, saml-windowsnamequalifier, saml-kerberos, saml-persistent, saml-transient, saml-unspecified, saml-none, and saml-persistent-opaque.
- name_id_ struserstore_ attribute 
- Deprecated Since: 18.2.2
- outbound_assertion_ Sequence[Getattributes Domains App Urnietfparamsscimschemasoracleidcsextensionsaml Service Provider App Outbound Assertion Attribute] 
- Use to construct the outgoing SAML attributes
- partner_provider_ strid 
- The ID of the Provider. This value corresponds to the entityID from the Service Provider metadata.
- partner_provider_ strpattern 
- The pattern of the Provider. This value corresponds to the entityID from the Service Provider metadata.
- sign_response_ stror_ assertion 
- Indicates which part of the response should be signed. A value of "Assertion" indicates that the Assertion should be signed. A value of "Response" indicates that the SSO Response should be signed. A value of "AssertionAndResponse" indicates that both the Assertion and the SSO Response should be signed.
- signature_hash_ stralgorithm 
- This attribute represents the algorithm used to hash the signature.
- signing_certificate str
- This attribute represents the signing certificate that an App uses to verify the signed authentication request.
- succinct_id str
- This attribute represents the Succinct ID.
- tenant_provider_ strid 
- The alternate Provider ID to be used as the Oracle Identity Cloud Service providerID (instead of the one in SamlSettings) when interacting with this SP.
- user_assertion_ Sequence[Getattributes Domains App Urnietfparamsscimschemasoracleidcsextensionsaml Service Provider App User Assertion Attribute] 
- Each value of this attribute describes an attribute of User that will be sent in a Security Assertion Markup Language (SAML) assertion.
- assertionConsumer StringUrl 
- The attribute represents the URL to which the SAML Assertions will be sent by the SAML IdP.
- encryptAssertion Boolean
- If true, indicates that the system must encrypt the Security Assertion Markup Language (SAML) assertion.
- encryptionAlgorithm String
- This attribute indicates the encryption algorithm used to encrypt the SAML assertion.
- encryptionCertificate String
- This attribute represents the encryption certificate that an App uses to encrypt the Security Assertion Markup Language (SAML) assertion.
- federationProtocol String
- Specifies the preferred federation protocol (SAML2.0 or WS-Fed1.1).
- groupAssertion List<Property Map>Attributes 
- Each value of this attribute describes an attribute of Group that will be sent in a Security Assertion Markup Language (SAML) assertion.
- hokAcs StringUrl 
- Hok Assertion Consumer Service Url
- hokRequired Boolean
- If enabled, then the SAML Service supports Hok for this App.
- includeSigning BooleanCert In Signature 
- If true, then the signing certificate is included in the signature.
- keyEncryption StringAlgorithm 
- This attribute indicates the key encryption algorithm.
- lastNotification StringSent Time 
- Records the notification timestamp for the SP whose signing certificate is about to expire.
- logoutBinding String
- This attribute represents the HTTP binding that would be used while logout.
- logoutEnabled Boolean
- If true, then the SAML Service supports logout for this App.
- logoutRequest StringUrl 
- The URL to which the partner sends the logout request.
- logoutResponse StringUrl 
- The URL to which the partner sends the logout response.
- metadata String
- This attribute represents the metadata of a Security Provider in the Security Assertion Markup Language protocol.
- nameId StringFormat 
- This can be any string, but there are a set of standard nameIdFormats. If a nameIdFormat other than the standard list is chosen, it will be considered a custom nameidformat. The standard nameidformats include: saml-x509, saml-emailaddress, saml-windowsnamequalifier, saml-kerberos, saml-persistent, saml-transient, saml-unspecified, saml-none, and saml-persistent-opaque.
- nameId StringUserstore Attribute 
- Deprecated Since: 18.2.2
- outboundAssertion List<Property Map>Attributes 
- Use to construct the outgoing SAML attributes
- partnerProvider StringId 
- The ID of the Provider. This value corresponds to the entityID from the Service Provider metadata.
- partnerProvider StringPattern 
- The pattern of the Provider. This value corresponds to the entityID from the Service Provider metadata.
- signResponse StringOr Assertion 
- Indicates which part of the response should be signed. A value of "Assertion" indicates that the Assertion should be signed. A value of "Response" indicates that the SSO Response should be signed. A value of "AssertionAndResponse" indicates that both the Assertion and the SSO Response should be signed.
- signatureHash StringAlgorithm 
- This attribute represents the algorithm used to hash the signature.
- signingCertificate String
- This attribute represents the signing certificate that an App uses to verify the signed authentication request.
- succinctId String
- This attribute represents the Succinct ID.
- tenantProvider StringId 
- The alternate Provider ID to be used as the Oracle Identity Cloud Service providerID (instead of the one in SamlSettings) when interacting with this SP.
- userAssertion List<Property Map>Attributes 
- Each value of this attribute describes an attribute of User that will be sent in a Security Assertion Markup Language (SAML) assertion.
GetDomainsAppUrnietfparamsscimschemasoracleidcsextensionsamlServiceProviderAppGroupAssertionAttribute         
- Condition string
- Indicates the filter types that are supported for the Group assertion attributes.
- Format string
- Indicates the format of the assertion attribute.
- GroupName string
- Indicates the group name that are supported for the group assertion attributes.
- Name string
- The attribute represents the name of the attribute that will be used in the Security Assertion Markup Language (SAML) assertion
- Condition string
- Indicates the filter types that are supported for the Group assertion attributes.
- Format string
- Indicates the format of the assertion attribute.
- GroupName string
- Indicates the group name that are supported for the group assertion attributes.
- Name string
- The attribute represents the name of the attribute that will be used in the Security Assertion Markup Language (SAML) assertion
- condition String
- Indicates the filter types that are supported for the Group assertion attributes.
- format String
- Indicates the format of the assertion attribute.
- groupName String
- Indicates the group name that are supported for the group assertion attributes.
- name String
- The attribute represents the name of the attribute that will be used in the Security Assertion Markup Language (SAML) assertion
- condition string
- Indicates the filter types that are supported for the Group assertion attributes.
- format string
- Indicates the format of the assertion attribute.
- groupName string
- Indicates the group name that are supported for the group assertion attributes.
- name string
- The attribute represents the name of the attribute that will be used in the Security Assertion Markup Language (SAML) assertion
- condition str
- Indicates the filter types that are supported for the Group assertion attributes.
- format str
- Indicates the format of the assertion attribute.
- group_name str
- Indicates the group name that are supported for the group assertion attributes.
- name str
- The attribute represents the name of the attribute that will be used in the Security Assertion Markup Language (SAML) assertion
- condition String
- Indicates the filter types that are supported for the Group assertion attributes.
- format String
- Indicates the format of the assertion attribute.
- groupName String
- Indicates the group name that are supported for the group assertion attributes.
- name String
- The attribute represents the name of the attribute that will be used in the Security Assertion Markup Language (SAML) assertion
GetDomainsAppUrnietfparamsscimschemasoracleidcsextensionsamlServiceProviderAppOutboundAssertionAttribute         
GetDomainsAppUrnietfparamsscimschemasoracleidcsextensionsamlServiceProviderAppUserAssertionAttribute         
- Format string
- Indicates the format of the assertion attribute.
- Name string
- The attribute represents the name of the attribute that will be used in the Security Assertion Markup Language (SAML) assertion
- UserStore stringAttribute Name 
- This attribute specifies which user attribute should be used to create the value of the SAML assertion attribute. The userstore attribute can be constructed by using attributes from the Oracle Identity Cloud Service Core Users schema. Note: Attributes from extensions to the Core User schema are not supported in v1.0.
- Format string
- Indicates the format of the assertion attribute.
- Name string
- The attribute represents the name of the attribute that will be used in the Security Assertion Markup Language (SAML) assertion
- UserStore stringAttribute Name 
- This attribute specifies which user attribute should be used to create the value of the SAML assertion attribute. The userstore attribute can be constructed by using attributes from the Oracle Identity Cloud Service Core Users schema. Note: Attributes from extensions to the Core User schema are not supported in v1.0.
- format String
- Indicates the format of the assertion attribute.
- name String
- The attribute represents the name of the attribute that will be used in the Security Assertion Markup Language (SAML) assertion
- userStore StringAttribute Name 
- This attribute specifies which user attribute should be used to create the value of the SAML assertion attribute. The userstore attribute can be constructed by using attributes from the Oracle Identity Cloud Service Core Users schema. Note: Attributes from extensions to the Core User schema are not supported in v1.0.
- format string
- Indicates the format of the assertion attribute.
- name string
- The attribute represents the name of the attribute that will be used in the Security Assertion Markup Language (SAML) assertion
- userStore stringAttribute Name 
- This attribute specifies which user attribute should be used to create the value of the SAML assertion attribute. The userstore attribute can be constructed by using attributes from the Oracle Identity Cloud Service Core Users schema. Note: Attributes from extensions to the Core User schema are not supported in v1.0.
- format str
- Indicates the format of the assertion attribute.
- name str
- The attribute represents the name of the attribute that will be used in the Security Assertion Markup Language (SAML) assertion
- user_store_ strattribute_ name 
- This attribute specifies which user attribute should be used to create the value of the SAML assertion attribute. The userstore attribute can be constructed by using attributes from the Oracle Identity Cloud Service Core Users schema. Note: Attributes from extensions to the Core User schema are not supported in v1.0.
- format String
- Indicates the format of the assertion attribute.
- name String
- The attribute represents the name of the attribute that will be used in the Security Assertion Markup Language (SAML) assertion
- userStore StringAttribute Name 
- This attribute specifies which user attribute should be used to create the value of the SAML assertion attribute. The userstore attribute can be constructed by using attributes from the Oracle Identity Cloud Service Core Users schema. Note: Attributes from extensions to the Core User schema are not supported in v1.0.
GetDomainsAppUrnietfparamsscimschemasoracleidcsextensionwebTierPolicyApp      
- ResourceRef bool
- If this Attribute is true, resource ref id and resource ref name attributes will we included in wtp json response.
- WebTier stringPolicy Az Control 
- Webtier policy AZ Control
- WebTier stringPolicy Json 
- Store the web tier policy for an application as a string in Javascript Object Notification (JSON) format.
- ResourceRef bool
- If this Attribute is true, resource ref id and resource ref name attributes will we included in wtp json response.
- WebTier stringPolicy Az Control 
- Webtier policy AZ Control
- WebTier stringPolicy Json 
- Store the web tier policy for an application as a string in Javascript Object Notification (JSON) format.
- resourceRef Boolean
- If this Attribute is true, resource ref id and resource ref name attributes will we included in wtp json response.
- webTier StringPolicy Az Control 
- Webtier policy AZ Control
- webTier StringPolicy Json 
- Store the web tier policy for an application as a string in Javascript Object Notification (JSON) format.
- resourceRef boolean
- If this Attribute is true, resource ref id and resource ref name attributes will we included in wtp json response.
- webTier stringPolicy Az Control 
- Webtier policy AZ Control
- webTier stringPolicy Json 
- Store the web tier policy for an application as a string in Javascript Object Notification (JSON) format.
- resource_ref bool
- If this Attribute is true, resource ref id and resource ref name attributes will we included in wtp json response.
- web_tier_ strpolicy_ az_ control 
- Webtier policy AZ Control
- web_tier_ strpolicy_ json 
- Store the web tier policy for an application as a string in Javascript Object Notification (JSON) format.
- resourceRef Boolean
- If this Attribute is true, resource ref id and resource ref name attributes will we included in wtp json response.
- webTier StringPolicy Az Control 
- Webtier policy AZ Control
- webTier StringPolicy Json 
- Store the web tier policy for an application as a string in Javascript Object Notification (JSON) format.
GetDomainsAppUserRole    
- Description string
- The description of the AppRole.
- Display string
- Display-name of the AppRole.
- Ref string
- URI of the AppRole.
- Value string
- ID of the AppRole.
- Description string
- The description of the AppRole.
- Display string
- Display-name of the AppRole.
- Ref string
- URI of the AppRole.
- Value string
- ID of the AppRole.
- description String
- The description of the AppRole.
- display String
- Display-name of the AppRole.
- ref String
- URI of the AppRole.
- value String
- ID of the AppRole.
- description string
- The description of the AppRole.
- display string
- Display-name of the AppRole.
- ref string
- URI of the AppRole.
- value string
- ID of the AppRole.
- description str
- The description of the AppRole.
- display str
- Display-name of the AppRole.
- ref str
- URI of the AppRole.
- value str
- ID of the AppRole.
- description String
- The description of the AppRole.
- display String
- Display-name of the AppRole.
- ref String
- URI of the AppRole.
- value String
- ID of the AppRole.
Package Details
- Repository
- oci pulumi/pulumi-oci
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the ociTerraform Provider.