oci_identity_domains_setting
This resource provides the Setting resource in Oracle Cloud Infrastructure Identity Domains service.
Replace Settings
Example Usage
resource "oci_identity_domains_setting" "test_setting" {
#Required
csr_access = var.setting_csr_access
idcs_endpoint = data.oci_identity_domain.test_domain.url
schemas = ["urn:ietf:params:scim:schemas:oracle:idcs:Settings"]
setting_id = "Settings"
#Optional
account_always_trust_scope = var.setting_account_always_trust_scope
allowed_domains = ["test.com"]
allowed_forgot_password_flow_return_urls = var.setting_allowed_forgot_password_flow_return_urls
allowed_notification_redirect_urls = var.setting_allowed_notification_redirect_urls
attribute_sets = ["all"]
attributes = ""
audit_event_retention_period = var.setting_audit_event_retention_period
authorization = var.setting_authorization
certificate_validation {
#Optional
crl_check_on_ocsp_failure_enabled = var.setting_certificate_validation_crl_check_on_ocsp_failure_enabled
crl_enabled = var.setting_certificate_validation_crl_enabled
crl_location = var.setting_certificate_validation_crl_location
crl_refresh_interval = var.setting_certificate_validation_crl_refresh_interval
ocsp_enabled = var.setting_certificate_validation_ocsp_enabled
ocsp_responder_url = var.setting_certificate_validation_ocsp_responder_url
ocsp_settings_responder_url_preferred = var.setting_certificate_validation_ocsp_settings_responder_url_preferred
ocsp_signing_certificate_alias = var.setting_certificate_validation_ocsp_signing_certificate_alias
ocsp_timeout_duration = var.setting_certificate_validation_ocsp_timeout_duration
ocsp_unknown_response_status_allowed = var.setting_certificate_validation_ocsp_unknown_response_status_allowed
}
cloud_gate_cors_settings {
#Optional
cloud_gate_cors_allow_null_origin = var.setting_cloud_gate_cors_settings_cloud_gate_cors_allow_null_origin
cloud_gate_cors_allowed_origins = ["https://test.com"]
cloud_gate_cors_enabled = var.setting_cloud_gate_cors_settings_cloud_gate_cors_enabled
cloud_gate_cors_exposed_headers = var.setting_cloud_gate_cors_settings_cloud_gate_cors_exposed_headers
cloud_gate_cors_max_age = var.setting_cloud_gate_cors_settings_cloud_gate_cors_max_age
}
cloud_migration_custom_url = var.setting_cloud_migration_custom_url
cloud_migration_url_enabled = var.setting_cloud_migration_url_enabled
company_names {
#Required
locale = var.setting_company_names_locale
value = var.setting_company_names_value
}
contact_emails = ["contactEmails@test.com"]
custom_branding = var.setting_custom_branding
custom_css_location = var.setting_custom_css_location
custom_html_location = var.setting_custom_html_location
custom_translation = var.setting_custom_translation
default_trust_scope = var.setting_default_trust_scope
diagnostic_level = var.setting_diagnostic_level
diagnostic_record_for_search_identifies_returned_resources = var.setting_diagnostic_record_for_search_identifies_returned_resources
enable_terms_of_use = var.setting_enable_terms_of_use
external_id = "externalId"
iam_upst_session_expiry = var.setting_iam_upst_session_expiry
id = var.setting_id
images {
#Required
type = var.setting_images_type
value = var.setting_images_value
#Optional
display = var.setting_images_display
}
is_hosted_page = var.setting_is_hosted_page
issuer = var.setting_issuer
locale = var.setting_locale
login_texts {
#Required
locale = var.setting_login_texts_locale
value = var.setting_login_texts_value
}
max_no_of_app_cmva_to_return = var.setting_max_no_of_app_cmva_to_return
max_no_of_app_role_members_to_return = var.setting_max_no_of_app_role_members_to_return
ocid = var.setting_ocid
preferred_language = var.setting_preferred_language
prev_issuer = var.setting_prev_issuer
privacy_policy_url = var.setting_privacy_policy_url
purge_configs {
#Required
resource_name = "resourceName"
retention_period = var.setting_purge_configs_retention_period
}
re_auth_factor = ["password"]
re_auth_when_changing_my_authentication_factors = var.setting_re_auth_when_changing_my_authentication_factors
resource_type_schema_version = var.setting_resource_type_schema_version
service_admin_cannot_list_other_users = var.setting_service_admin_cannot_list_other_users
signing_cert_public_access = var.setting_signing_cert_public_access
sub_mapping_attr = var.setting_sub_mapping_attr
tags {
#Required
key = var.setting_tags_key
value = var.setting_tags_value
}
tenant_custom_claims {
#Required
all_scopes = var.setting_tenant_custom_claims_all_scopes
expression = var.setting_tenant_custom_claims_expression
mode = var.setting_tenant_custom_claims_mode
name = var.setting_tenant_custom_claims_name
token_type = var.setting_tenant_custom_claims_token_type
value = var.setting_tenant_custom_claims_value
#Optional
scopes = ["scopes"]
}
terms_of_use_url = var.setting_terms_of_use_url
timezone = var.setting_timezone
}
Argument Reference
The following arguments are supported:
account_always_trust_scope
- (Optional) (Updatable) Indicates whether all the Apps in this customer tenancy should trust each other. A value of true overrides the ‘defaultTrustScope’ attribute here in Settings, as well as any App-specific ‘trustScope’ attribute, to force in effect ‘trustScope=Account’ for every App in this customer tenancy.Added In: 18.1.6
SCIM++ Properties:
- multiValued: false
- mutability: readWrite
- required: false
- returned: default
- type: boolean
allowed_domains
- (Optional) (Updatable) One or more email domains allowed in a user’s email field. If unassigned, any domain is allowed.SCIM++ Properties:
- caseExact: false
- multiValued: true
- mutability: readWrite
- required: false
- returned: default
- type: string
- uniqueness: none
allowed_forgot_password_flow_return_urls
- (Optional) (Updatable) If specified, indicates the set of Urls which can be returned to after successful forgot password flowAdded In: 19.3.3
SCIM++ Properties:
- type: string
- multiValued: true
- required: false
- mutability: readWrite
- returned: default
- uniqueness: none
- caseExact: false
allowed_notification_redirect_urls
- (Optional) (Updatable) If specified, indicates the set of allowed notification redirect Urls which can be specified as the value of \“notificationRedirectUrl\” in the POST …/admin/v1/MePasswordResetRequestor request payload, which will then be included in the reset password email notification sent to a user as part of the forgot password / password reset flow.Added In: 2009041201
SCIM++ Properties:
- type: string
- multiValued: true
- required: false
- mutability: readWrite
- returned: default
- uniqueness: none
- caseExact: false
attribute_sets
- (Optional) (Updatable) A multi-valued list of strings indicating the return type of attribute definition. The specified set of attributes can be fetched by the return type of the attribute. One or more values can be given together to fetch more than one group of attributes. If ‘attributes’ query parameter is also available, union of the two is fetched. Valid values - all, always, never, request, default. Values are case-insensitive.attributes
- (Optional) (Updatable) A comma-delimited string that specifies the names of resource attributes that should be returned in the response. By default, a response that contains resource attributes contains only attributes that are defined in the schema for that resource type as returned=always or returned=default. An attribute that is defined as returned=request is returned in a response only if the request specifies its name in the value of this query parameter. If a request specifies this query parameter, the response contains the attributes that this query parameter specifies, as well as any attribute that is defined as returned=always.audit_event_retention_period
- (Optional) (Updatable) Audit Event retention period. If set, overrides default of 30 days after which Audit Events will be purgedAdded In: 19.2.1
SCIM++ Properties:
- multiValued: false
- mutability: readWrite
- required: false
- returned: default
- type: integer
authorization
- (Optional) (Updatable) The Authorization field value consists of credentials containing the authentication information of the user agent for the realm of the resource being requested.certificate_validation
- (Optional) (Updatable) Certificate Validation ConfigAdded In: 2010242156
SCIM++ Properties:
caseExact: false
multiValued: false
mutability: readWrite
required: false
returned: default
type: complex
uniqueness: none
crl_check_on_ocsp_failure_enabled
- (Optional) (Updatable) Use CRL as Fallback.Added In: 2010242156
SCIM++ Properties:
- multiValued: false
- mutability: readWrite
- required: false
- returned: default
- type: boolean
- uniqueness: none
crl_enabled
- (Optional) (Updatable) CRL is enabled ConfigurationAdded In: 2010242156
SCIM++ Properties:
- multiValued: false
- mutability: readWrite
- required: false
- returned: default
- type: boolean
- uniqueness: none
crl_location
- (Optional) (Updatable) CRL Location.Added In: 2010242156
SCIM++ Properties:
- multiValued: false
- mutability: readWrite
- required: false
- returned: default
- type: string
- uniqueness: none
crl_refresh_interval
- (Optional) (Updatable) The CRL refresh interval in minutesAdded In: 2010242156
SCIM++ Properties:
- multiValued: false
- mutability: readWrite
- required: false
- returned: default
- type: integer
- uniqueness: none
ocsp_enabled
- (Optional) (Updatable) OCSP is enabled ConfigurationAdded In: 2010242156
SCIM++ Properties:
- multiValued: false
- mutability: readWrite
- required: false
- returned: default
- type: boolean
- uniqueness: none
ocsp_responder_url
- (Optional) (Updatable) OCSP Responder URLAdded In: 2010242156
SCIM++ Properties:
- multiValued: false
- mutability: readWrite
- required: false
- returned: default
- type: string
- uniqueness: none
ocsp_settings_responder_url_preferred
- (Optional) (Updatable) This setting says, OCSP Responder URL present in the issued certificate must be used. Otherwise, OCSP Responder URL from IDP or Settings.Added In: 2010242156
SCIM++ Properties:
- multiValued: false
- mutability: readWrite
- required: false
- returned: default
- type: boolean
- uniqueness: none
ocsp_signing_certificate_alias
- (Optional) (Updatable) OCSP Signing Certificate AliasAdded In: 2010242156
SCIM++ Properties:
- multiValued: false
- mutability: readWrite
- required: false
- returned: default
- type: string
- uniqueness: none
ocsp_timeout_duration
- (Optional) (Updatable) The OCSP Timeout duration in minutesAdded In: 2010242156
SCIM++ Properties:
- idcsMaxValue: 10
- idcsMinValue: 1
- multiValued: false
- mutability: readWrite
- required: false
- returned: default
- type: integer
- uniqueness: none
ocsp_unknown_response_status_allowed
- (Optional) (Updatable) OCSP Accept unknown response status from ocsp responder.Added In: 2010242156
SCIM++ Properties:
- multiValued: false
- mutability: readWrite
- required: false
- returned: default
- type: boolean
- uniqueness: none
cloud_account_name
- (Optional) (Updatable) The attribute to store the cloud account nameDeprecated Since: 2011192329
SCIM++ Properties:
- caseExact: false
- multiValued: false
- mutability: readOnly
- required: false
- returned: default
- type: string
- uniqueness: none
cloud_gate_cors_settings
- (Optional) (Updatable) A complex attribute that specifies the Cloud Gate cross origin resource sharing settings.Added In: 2011192329
SCIM++ Properties:
caseExact: false
idcsSearchable: false
multiValued: false
mutability: readWrite
required: false
returned: default
type: complex
uniqueness: none
cloud_gate_cors_allow_null_origin
- (Optional) (Updatable) Allow Null Origin (CORS) for this tenant.Added In: 2011192329
SCIM++ Properties:
- idcsSearchable: false
- multiValued: false
- mutability: readWrite
- required: false
- returned: default
- type: boolean
- uniqueness: none
cloud_gate_cors_allowed_origins
- (Optional) (Updatable) Cloud Gate Allowed Cross-Origin Resource Sharing (CORS) Origins for this tenant.Added In: 2011192329
SCIM++ Properties:
- idcsSearchable: false
- multiValued: true
- mutability: readWrite
- required: false
- returned: default
- type: string
- uniqueness: none
cloud_gate_cors_enabled
- (Optional) (Updatable) Enable Cloud Gate Cross-Origin Resource Sharing (CORS) for this tenant.Added In: 2011192329
SCIM++ Properties:
- idcsSearchable: false
- multiValued: false
- mutability: readWrite
- required: false
- returned: default
- type: boolean
- uniqueness: none
cloud_gate_cors_exposed_headers
- (Optional) (Updatable) List of Response Headers Cloud Gate is allowed to expose in the CORS Response Header: Access-Control-Expose-Headers.Added In: 2205182039
SCIM++ Properties:
- idcsSearchable: false
- multiValued: true
- mutability: readWrite
- required: false
- returned: default
- type: string
- uniqueness: none
cloud_gate_cors_max_age
- (Optional) (Updatable) Maximum number of seconds a CORS Pre-flight Response may be cached by client.Added In: 2205182039
SCIM++ Properties:
- idcsSearchable: false
- multiValued: false
- mutability: readWrite
- required: false
- returned: default
- type: integer
- uniqueness: none
cloud_migration_custom_url
- (Optional) (Updatable) If specified, indicates the custom SIM Migrator Url which can be used while SIM to Oracle Identity Cloud Service CloudAccount Migration.Added In: 2012271618
SCIM++ Properties:
- type: string
- multiValued: false
- required: false
- mutability: readWrite
- returned: default
- uniqueness: none
- caseExact: false
cloud_migration_url_enabled
- (Optional) (Updatable) CloudAccountMigration: Enable Custom SIM Migrator Url.Added In: 2012271618
SCIM++ Properties:
- caseExact: false
- multiValued: false
- mutability: readWrite
- required: false
- returned: default
- type: boolean
- uniqueness: none
company_names
- (Optional) (Updatable) Name of the company in different localesSCIM++ Properties:
idcsCompositeKey: [locale]
multiValued: true
mutability: readWrite
required: false
returned: default
type: complex
locale
- (Required) (Updatable) LocaleSCIM++ Properties:
- idcsCanonicalValueSourceFilter: attrName eq “locales” and attrValues.value eq “$(companyNames.locale)”
- idcsCanonicalValueSourceResourceType: AllowedValue
- multiValued: false
- mutability: readWrite
- required: true
- returned: default
- type: string
value
- (Required) (Updatable) Company nameSCIM++ Properties:
- multiValued: false
- mutability: readWrite
- required: true
- returned: default
- type: string
compartment_ocid
- (Optional) (Updatable) Oracle Cloud Infrastructure Compartment Id (ocid) in which the resource lives.SCIM++ Properties:
- caseExact: false
- idcsSearchable: false
- multiValued: false
- mutability: readOnly
- required: false
- returned: default
- type: string
- uniqueness: none
contact_emails
- (Optional) (Updatable) Contact emails used to notify tenants. Can be one or more user or group alias emails.SCIM++ Properties:
- caseExact: false
- multiValued: true
- mutability: readWrite
- required: false
- returned: default
- type: string
- uniqueness: none
csr_access
- (Required) (Updatable) This value indicates whether Customer Service Representatives can login and have readOnly or readWrite access. A value of ‘none’ means CSR cannot login to the services.SCIM++ Properties:
- multiValued: false
- mutability: readWrite
- required: true
- returned: default
- type: string
custom_branding
- (Optional) (Updatable) Indicates if the branding is default or customSCIM++ Properties:
- multiValued: false
- mutability: readWrite
- required: false
- returned: default
- type: boolean
custom_css_location
- (Optional) (Updatable) Storage URL location where the sanitized custom css is locatedAdded In: 20.1.3
SCIM++ Properties:
- caseExact: false
- multiValued: false
- mutability: readWrite
- required: false
- returned: default
- type: string
- uniqueness: none
custom_html_location
- (Optional) (Updatable) Storage URL location where the sanitized custom html is locatedAdded In: 20.1.3
SCIM++ Properties:
- caseExact: false
- multiValued: false
- mutability: readWrite
- required: false
- returned: default
- type: string
- uniqueness: none
custom_translation
- (Optional) (Updatable) Custom translations (JSON String)Added In: 20.1.3
SCIM++ Properties:
- caseExact: false
- multiValued: false
- mutability: readWrite
- required: false
- returned: default
- type: string
- uniqueness: none
default_company_names
- (Optional) (Updatable) Default name of the Company in different localesAdded In: 18.2.2
SCIM++ Properties:
idcsCompositeKey: [locale]
multiValued: true
mutability: readOnly
required: false
returned: default
type: complex
locale
- (Required) (Updatable) LocaleAdded In: 18.2.2
SCIM++ Properties:
- idcsCanonicalValueSourceFilter: attrName eq “locales” and attrValues.value eq “$(companyNames.locale)”
- idcsCanonicalValueSourceResourceType: AllowedValue
- multiValued: false
- mutability: readOnly
- required: true
- returned: default
- type: string
value
- (Required) (Updatable) Company nameAdded In: 18.2.2
SCIM++ Properties:
- multiValued: false
- mutability: readOnly
- required: true
- returned: default
- type: string
default_images
- (Optional) (Updatable) References to various imagesAdded In: 18.2.2
SCIM++ Properties:
idcsCompositeKey: [type]
multiValued: true
mutability: readOnly
required: false
returned: default
type: complex
display
- (Optional) (Updatable) A human-readable name, primarily used for display purposesAdded In: 18.2.2
SCIM++ Properties:
- multiValued: false
- mutability: readOnly
- required: false
- returned: default
- type: string
type
- (Required) (Updatable) Indicates the image typeAdded In: 18.2.2
SCIM++ Properties:
- multiValued: false
- mutability: readOnly
- required: true
- returned: default
- type: string
value
- (Required) (Updatable) Image URIAdded In: 18.2.2
SCIM++ Properties:
- multiValued: false
- mutability: readOnly
- required: true
- returned: default
- type: reference
default_login_texts
- (Optional) (Updatable) Default Login text in different localesAdded In: 18.2.2
SCIM++ Properties:
idcsCompositeKey: [locale]
multiValued: true
mutability: readOnly
required: false
returned: default
type: complex
locale
- (Required) (Updatable) LocaleAdded In: 18.2.2
SCIM++ Properties:
- idcsCanonicalValueSourceFilter: attrName eq “locales” and attrValues.value eq “$(loginTexts.locale)”
- idcsCanonicalValueSourceResourceType: AllowedValue
- multiValued: false
- mutability: readOnly
- required: true
- returned: default
- type: string
value
- (Required) (Updatable) Login textAdded In: 18.2.2
SCIM++ Properties:
- multiValued: false
- mutability: readOnly
- required: true
- returned: default
- type: string
- idcsSanitize: true
default_trust_scope
- (Optional) (Updatable) Deprecated Since: 18.3.6SCIM++ Properties:
- multiValued: false
- mutability: readWrite
- required: false
- returned: default
- type: string Indicates the default trust scope for all apps
delete_in_progress
- (Optional) (Updatable) A boolean flag indicating this resource in the process of being deleted. Usually set to true when synchronous deletion of the resource would take too long.SCIM++ Properties:
- caseExact: false
- idcsSearchable: true
- multiValued: false
- mutability: readOnly
- required: false
- returned: default
- type: boolean
- uniqueness: none
diagnostic_level
- (Optional) (Updatable) The level of diagnostic logging that is currently in effect. A level of 0 (zero) indicates that diagnostic logging is disabled. A level of 1 (one) indicates that diagnostic logging is enabled.SCIM++ Properties:
- caseExact: false
- idcsSearchable: false
- multiValued: false
- mutability: readWrite
- required: false
- returned: default
- type: integer
- uniqueness: none
diagnostic_record_for_search_identifies_returned_resources
- (Optional) (Updatable) Controls whether DiagnosticRecords for external search-operations (against SCIM resource-types in the Admin service) identify returned resources. If true, indicates that for each successful external search-operation at least one DiagnosticRecord will include at least one identifier for each matching resource that is returned in that search-response. If false, no DiagnosticRecord should be expected to identify returned resources for a search-operation. The default value is false.Added In: 2011192329
SCIM++ Properties:
- caseExact: false
- multiValued: false
- mutability: readWrite
- required: false
- returned: default
- type: boolean
- uniqueness: none
diagnostic_tracing_upto
- (Optional) (Updatable) The end time up to which diagnostic recording is switched onSCIM++ Properties:
- caseExact: false
- idcsSearchable: false
- multiValued: false
- mutability: readOnly
- required: false
- returned: default
- type: dateTime
- uniqueness: none
domain_ocid
- (Optional) (Updatable) Oracle Cloud Infrastructure Domain Id (ocid) in which the resource lives.SCIM++ Properties:
- caseExact: false
- idcsSearchable: false
- multiValued: false
- mutability: readOnly
- required: false
- returned: default
- type: string
- uniqueness: none
enable_terms_of_use
- (Optional) (Updatable) Indicates if Terms of Use is enabled in UIAdded In: 18.2.4
SCIM++ Properties:
- caseExact: false
- multiValued: false
- mutability: readWrite
- required: false
- returned: default
- type: boolean
- uniqueness: none
external_id
- (Optional) (Updatable) An identifier for the Resource as defined by the Service Consumer. The externalId may simplify identification of the Resource between Service Consumer and Service Provider by allowing the Consumer to refer to the Resource with its own identifier, obviating the need to store a local mapping between the local identifier of the Resource and the identifier used by the Service Provider. Each Resource MAY include a non-empty externalId value. The value of the externalId attribute is always issued by the Service Consumer and can never be specified by the Service Provider. The Service Provider MUST always interpret the externalId as scoped to the Service Consumer’s tenant.SCIM++ Properties:
- caseExact: false
- multiValued: false
- mutability: readWrite
- required: false
- returned: default
- type: string
- uniqueness: none
iam_upst_session_expiry
- (Optional) (Updatable) Maximum duration for IAM User Principal Session Token expiryAdded In: 2307071836
SCIM++ Properties:
- idcsSearchable: false
- multiValued: false
- mutability: readWrite
- required: false
- returned: default
- type: integer
- uniqueness: none
id
- (Optional) (Updatable) Unique identifier for the SCIM Resource as defined by the Service Provider. Each representation of the Resource MUST include a non-empty id value. This identifier MUST be unique across the Service Provider’s entire set of Resources. It MUST be a stable, non-reassignable identifier that does not change when the same Resource is returned in subsequent requests. The value of the id attribute is always issued by the Service Provider and MUST never be specified by the Service Consumer. bulkId: is a reserved keyword and MUST NOT be used in the unique identifier.SCIM++ Properties:
- caseExact: false
- idcsSearchable: true
- multiValued: false
- mutability: readOnly
- required: false
- returned: always
- type: string
- uniqueness: global
idcs_created_by
- (Optional) (Updatable) The User or App who created the ResourceSCIM++ Properties:
idcsSearchable: true
multiValued: false
mutability: readOnly
required: true
returned: default
type: complex
ref
- (Optional) (Updatable) The URI of the SCIM resource that represents the User or App who created this ResourceSCIM++ Properties:
- caseExact: true
- idcsSearchable: false
- multiValued: false
- mutability: readOnly
- required: false
- returned: default
- type: reference
- uniqueness: none
display
- (Optional) (Updatable) The displayName of the User or App who created this ResourceSCIM++ Properties:
- caseExact: true
- idcsSearchable: false
- multiValued: false
- mutability: readOnly
- required: false
- returned: default
- type: string
- uniqueness: none
ocid
- (Optional) (Updatable) The OCID of the SCIM resource that represents the User or App who created this ResourceSCIM++ Properties:
- caseExact: true
- idcsSearchable: true
- multiValued: false
- mutability: readOnly
- returned: default
- type: string
- uniqueness: none
type
- (Optional) (Updatable) The type of resource, User or App, that created this ResourceSCIM++ Properties:
- caseExact: false
- idcsSearchable: false
- multiValued: false
- mutability: readOnly
- required: false
- returned: default
- type: string
- uniqueness: none
value
- (Required) (Updatable) The ID of the SCIM resource that represents the User or App who created this ResourceSCIM++ Properties:
- caseExact: true
- idcsSearchable: true
- multiValued: false
- mutability: readOnly
- required: true
- returned: default
- type: string
- uniqueness: none
idcs_endpoint
- (Required) The basic endpoint for the identity domainidcs_last_modified_by
- (Optional) (Updatable) The User or App who modified the ResourceSCIM++ Properties:
idcsSearchable: true
multiValued: false
mutability: readOnly
required: false
returned: default
type: complex
ref
- (Optional) (Updatable) The URI of the SCIM resource that represents the User or App who modified this ResourceSCIM++ Properties:
- caseExact: true
- idcsSearchable: false
- multiValued: false
- mutability: readOnly
- required: false
- returned: default
- type: reference
- uniqueness: none
display
- (Optional) (Updatable) The displayName of the User or App who modified this ResourceSCIM++ Properties:
- caseExact: true
- idcsSearchable: false
- multiValued: false
- mutability: readOnly
- required: false
- returned: default
- type: string
- uniqueness: none
ocid
- (Optional) (Updatable) The OCID of the SCIM resource that represents the User or App who modified this ResourceSCIM++ Properties:
- caseExact: true
- idcsSearchable: true
- multiValued: false
- mutability: readOnly
- returned: default
- type: string
- uniqueness: none
type
- (Optional) (Updatable) The type of resource, User or App, that modified this ResourceSCIM++ Properties:
- caseExact: false
- idcsSearchable: false
- multiValued: false
- mutability: readOnly
- required: false
- returned: default
- type: string
- uniqueness: none
value
- (Required) (Updatable) The ID of the SCIM resource that represents the User or App who modified this ResourceSCIM++ Properties:
- caseExact: true
- idcsSearchable: true
- multiValued: false
- mutability: readOnly
- required: true
- returned: default
- type: string
- uniqueness: none
idcs_last_upgraded_in_release
- (Optional) (Updatable) The release number when the resource was upgraded.SCIM++ Properties:
- caseExact: false
- idcsSearchable: false
- multiValued: false
- mutability: readOnly
- required: false
- returned: request
- type: string
- uniqueness: none
idcs_prevented_operations
- (Optional) (Updatable) Each value of this attribute specifies an operation that only an internal client may perform on this particular resource.SCIM++ Properties:
- idcsSearchable: false
- multiValued: true
- mutability: readOnly
- required: false
- returned: request
- type: string
- uniqueness: none
images
- (Optional) (Updatable) References to various imagesSCIM++ Properties:
idcsCompositeKey: [type]
multiValued: true
mutability: readWrite
required: false
returned: default
type: complex
display
- (Optional) (Updatable) A human-readable name, primarily used for display purposesSCIM++ Properties:
- multiValued: false
- mutability: readWrite
- required: false
- returned: default
- type: string
type
- (Required) (Updatable) Indicates the image typeSCIM++ Properties:
- multiValued: false
- mutability: readWrite
- required: true
- returned: default
- type: string
value
- (Required) (Updatable) Image URISCIM++ Properties:
- multiValued: false
- mutability: readWrite
- required: true
- returned: default
- type: reference
is_hosted_page
- (Optional) (Updatable) Indicates if ‘hosted’ option was selectedAdded In: 20.1.3
SCIM++ Properties:
- caseExact: false
- multiValued: false
- mutability: readWrite
- required: false
- returned: default
- type: boolean
- uniqueness: none
issuer
- (Optional) (Updatable) Tenant issuer.Added In: 20.1.3
SCIM++ Properties:
- caseExact: false
- multiValued: false
- mutability: readWrite
- required: false
- returned: default
- type: string
- uniqueness: none
locale
- (Optional) (Updatable) Default location for purposes of localizing items such as currency, date and time format, numerical representations, and so on.SCIM++ Properties:
- caseExact: false
- idcsCanonicalValueSourceFilter: attrName eq “locales” and attrValues.value eq “$(locale)”
- idcsCanonicalValueSourceResourceType: AllowedValue
- multiValued: false
- mutability: readWrite
- required: false
- returned: default
- type: string
- uniqueness: none
login_texts
- (Optional) (Updatable) Login text in different localesSCIM++ Properties:
idcsCompositeKey: [locale]
multiValued: true
mutability: readWrite
required: false
returned: default
type: complex
locale
- (Required) (Updatable) LocaleSCIM++ Properties:
- idcsCanonicalValueSourceFilter: attrName eq “locales” and attrValues.value eq “$(loginTexts.locale)”
- idcsCanonicalValueSourceResourceType: AllowedValue
- multiValued: false
- mutability: readWrite
- required: true
- returned: default
- type: string
value
- (Required) (Updatable) Login textSCIM++ Properties:
- multiValued: false
- mutability: readWrite
- required: true
- returned: default
- idcsSanitize: true
- type: string
max_no_of_app_cmva_to_return
- (Optional) (Updatable) Limit the maximum return of CMVA for an AppAdded In: 2111112015
SCIM++ Properties:
- idcsMinValue: 0
- multiValued: false
- mutability: readWrite
- required: false
- returned: default
- type: integer
- uniqueness: none
max_no_of_app_role_members_to_return
- (Optional) (Updatable) Limit the maximum return of members for an AppRoleAdded In: 2111112015
SCIM++ Properties:
- idcsMinValue: 0
- multiValued: false
- mutability: readWrite
- required: false
- returned: default
- type: integer
- uniqueness: none
meta
- (Optional) (Updatable) A complex attribute that contains resource metadata. All sub-attributes are OPTIONAL.SCIM++ Properties:
caseExact: false
idcsSearchable: true
multiValued: false
mutability: readOnly
required: false
returned: default
idcsCsvAttributeNameMappings: [[columnHeaderName:Created Date, mapsTo:meta.created]]
type: complex
created
- (Optional) (Updatable) The DateTime the Resource was added to the Service ProviderSCIM++ Properties:
- caseExact: false
- idcsSearchable: true
- multiValued: false
- mutability: readOnly
- required: false
- returned: default
- type: dateTime
- uniqueness: none
last_modified
- (Optional) (Updatable) The most recent DateTime that the details of this Resource were updated at the Service Provider. If this Resource has never been modified since its initial creation, the value MUST be the same as the value of created. The attribute MUST be a DateTime.SCIM++ Properties:
- caseExact: false
- idcsSearchable: true
- multiValued: false
- mutability: readOnly
- required: false
- returned: default
- type: dateTime
- uniqueness: none
location
- (Optional) (Updatable) The URI of the Resource being returned. This value MUST be the same as the Location HTTP response header.SCIM++ Properties:
- caseExact: false
- idcsSearchable: false
- multiValued: false
- mutability: readOnly
- required: false
- returned: default
- type: string
- uniqueness: none
resource_type
- (Optional) (Updatable) Name of the resource type of the resource–for example, Users or GroupsSCIM++ Properties:
- caseExact: false
- idcsSearchable: false
- multiValued: false
- mutability: readOnly
- required: false
- returned: default
- type: string
- uniqueness: none
version
- (Optional) (Updatable) The version of the Resource being returned. This value must be the same as the ETag HTTP response header.SCIM++ Properties:
- caseExact: false
- idcsSearchable: false
- multiValued: false
- mutability: readOnly
- required: false
- returned: default
- type: string
- uniqueness: none
migration_status
- (Optional) (Updatable) Database Migration StatusAdded In: 19.2.1
SCIM++ Properties:
- caseExact: true
- multiValued: false
- mutability: readOnly
- required: false
- returned: default
- type: string
- uniqueness: none
ocid
- (Optional) (Updatable) Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.SCIM++ Properties:
- caseExact: true
- idcsSearchable: true
- multiValued: false
- mutability: immutable
- required: false
- returned: default
- type: string
- uniqueness: global
on_premises_provisioning
- (Optional) (Updatable) On-Premises provisioning feature toggle.Added In: 19.2.1
SCIM++ Properties:
- caseExact: false
- multiValued: false
- mutability: readOnly
- required: false
- returned: default
- type: boolean
- uniqueness: none
preferred_language
- (Optional) (Updatable) Preferred written or spoken language used for localized user interfacesSCIM++ Properties:
- caseExact: false
- idcsCanonicalValueSourceFilter: attrName eq “languages” and attrValues.value eq “$(preferredLanguage)”
- idcsCanonicalValueSourceResourceType: AllowedValue
- multiValued: false
- mutability: readWrite
- required: false
- returned: default
- type: string
- uniqueness: none
prev_issuer
- (Optional) (Updatable) Previous Tenant issuer. This is an Oracle Identity Cloud Service internal attribute which is not meant to be directly modified by ID Admin. Even if the request body (Settings) contains this attribute, the actual value will be set according to the Oracle Identity Cloud Service internal logic rather than solely based on the value provided in the request payload.Added In: 20.1.3
SCIM++ Properties:
- caseExact: false
- multiValued: false
- mutability: readWrite
- required: false
- returned: request
- type: string
- uniqueness: none
privacy_policy_url
- (Optional) (Updatable) Privacy Policy URLAdded In: 18.2.4
SCIM++ Properties:
- caseExact: false
- multiValued: false
- mutability: readWrite
- required: false
- returned: default
- type: string
- uniqueness: none
purge_configs
- (Optional) (Updatable) Purge Configs for different Resource TypesDeprecated Since: 19.1.6
SCIM++ Properties:
idcsCompositeKey: [resourceName]
multiValued: true
mutability: readWrite
required: false
returned: default
type: complex
resource_name
- (Required) (Updatable) Resource NameDeprecated Since: 19.1.6
SCIM++ Properties:
- multiValued: false
- mutability: readWrite
- required: true
- returned: default
- type: string
retention_period
- (Required) (Updatable) Retention PeriodDeprecated Since: 19.1.6
SCIM++ Properties:
- multiValued: false
- mutability: readWrite
- required: true
- returned: default
- type: integer
re_auth_factor
- (Optional) (Updatable) If reAuthWhenChangingMyAuthenticationFactors is true (default), this attribute specifies which re-authentication factor to use. Allowed value is \“password\”.Added In: 20.1.3
SCIM++ Properties:
- multiValued: true
- mutability: readWrite
- required: false
- returned: default
- type: string
re_auth_when_changing_my_authentication_factors
- (Optional) (Updatable) Specifies whether re-authentication is required or not when a user changes one of their security factors such as password or email. Default is true to ensure more secure behavior.Added In: 20.1.3
SCIM++ Properties:
- caseExact: false
- multiValued: false
- mutability: readWrite
- required: false
- returned: default
- type: boolean
- uniqueness: none
resource_type_schema_version
- (Optional) (Updatable) An endpoint-specific schema version number to use in the Request. Allowed version values are Earliest Version or Latest Version as specified in each REST API endpoint description, or any sequential number inbetween. All schema attributes/body parameters are a part of version 1. After version 1, any attributes added or deprecated will be tagged with the version that they were added to or deprecated in. If no version is provided, the latest schema version is returned.schemas
- (Required) (Updatable) REQUIRED. The schemas attribute is an array of Strings which allows introspection of the supported schema version for a SCIM representation as well any schema extensions supported by that representation. Each String value must be a unique URI. This specification defines URIs for User, Group, and a standard \“enterprise\” extension. All representations of SCIM schema MUST include a non-zero value array with value(s) of the URIs supported by that representation. Duplicate values MUST NOT be included. Value order is not specified and MUST not impact behavior.SCIM++ Properties:
- caseExact: false
- idcsSearchable: false
- multiValued: true
- mutability: readWrite
- required: true
- returned: default
- type: string
- uniqueness: none
service_admin_cannot_list_other_users
- (Optional) (Updatable) By default, a service admin can list all users in stripe. If true, a service admin cannot list other users.Added In: 2108190438
SCIM++ Properties:
- caseExact: false
- multiValued: false
- mutability: readWrite
- required: false
- returned: default
- type: boolean
setting_id
- (Required) ID of the resourcesigning_cert_public_access
- (Optional) (Updatable) Indicates if access on SigningCert is allowed to public or notAdded In: 17.3.4
SCIM++ Properties:
- multiValued: false
- mutability: readWrite
- required: false
- returned: default
- type: boolean
sub_mapping_attr
- (Optional) (Updatable) Added In: 20.1.3SCIM++ Properties:
- caseExact: false
- multiValued: false
- mutability: readWrite
- required: false
- returned: default
- type: string
- uniqueness: none Subject mapping user profile attribute. The input format should be SCIM compliant. This attribute should be of type String and multivalued to false.
tags
- (Optional) (Updatable) A list of tags on this resource.SCIM++ Properties:
idcsCompositeKey: [key, value]
idcsSearchable: true
multiValued: true
mutability: readWrite
required: false
returned: request
type: complex
uniqueness: none
key
- (Required) (Updatable) Key or name of the tag.SCIM++ Properties:
- caseExact: false
- idcsSearchable: true
- multiValued: false
- mutability: readWrite
- required: true
- returned: default
- type: string
- uniqueness: none
value
- (Required) (Updatable) Value of the tag.SCIM++ Properties:
- caseExact: false
- idcsSearchable: true
- multiValued: false
- mutability: readWrite
- required: true
- returned: default
- type: string
- uniqueness: none
tenancy_ocid
- (Optional) (Updatable) Oracle Cloud Infrastructure Tenant Id (ocid) in which the resource lives.SCIM++ Properties:
- caseExact: false
- idcsSearchable: false
- multiValued: false
- mutability: readOnly
- required: false
- returned: default
- type: string
- uniqueness: none
tenant_custom_claims
- (Optional) (Updatable) Custom claims associated with the specific tenantAdded In: 18.4.2
SCIM++ Properties:
idcsCompositeKey: [name]
multiValued: true
mutability: readWrite
required: false
returned: default
type: complex
uniqueness: none
all_scopes
- (Required) (Updatable) Indicates if the custom claim is associated with all scopesAdded In: 18.4.2
SCIM++ Properties:
- multiValued: false
- mutability: readWrite
- required: true
- returned: default
- type: boolean
- uniqueness: none
expression
- (Required) (Updatable) Indicates if the custom claim is an expressionAdded In: 18.4.2
SCIM++ Properties:
- multiValued: false
- mutability: readWrite
- required: true
- returned: default
- type: boolean
- uniqueness: none
mode
- (Required) (Updatable) Indicates under what scenario the custom claim will be returnAdded In: 18.4.2
SCIM++ Properties:
- multiValued: false
- mutability: readWrite
- required: true
- returned: default
- type: string
- uniqueness: none
name
- (Required) (Updatable) Custom claim nameAdded In: 18.4.2
SCIM++ Properties:
- multiValued: false
- mutability: readWrite
- required: true
- returned: default
- type: string
- uniqueness: server
scopes
- (Optional) (Updatable) Scopes associated with a specific custom claimAdded In: 18.4.2
SCIM++ Properties:
- multiValued: true
- mutability: readWrite
- required: false
- returned: default
- type: string
- uniqueness: none
token_type
- (Required) (Updatable) Indicates what type of token the custom claim will be embeddedAdded In: 18.4.2
SCIM++ Properties:
- multiValued: false
- mutability: readWrite
- required: true
- returned: default
- type: string
- uniqueness: none
value
- (Required) (Updatable) Custom claim valueAdded In: 18.4.2
SCIM++ Properties:
- multiValued: false
- mutability: readWrite
- required: true
- returned: default
- type: string
- uniqueness: none
terms_of_use_url
- (Optional) (Updatable) Terms of Use URLAdded In: 18.2.4
SCIM++ Properties:
- caseExact: false
- multiValued: false
- mutability: readWrite
- required: false
- returned: default
- type: string
- uniqueness: none
timezone
- (Optional) (Updatable) User’s timezoneSCIM++ Properties:
- caseExact: false
- idcsCanonicalValueSourceFilter: attrName eq “timezones” and attrValues.value eq “$(timezone)”
- idcsCanonicalValueSourceResourceType: AllowedValue
- multiValued: false
- mutability: readWrite
- required: false
- returned: default
- type: string
- uniqueness: none
** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values
Attributes Reference
The following attributes are exported:
account_always_trust_scope
- Indicates whether all the Apps in this customer tenancy should trust each other. A value of true overrides the ‘defaultTrustScope’ attribute here in Settings, as well as any App-specific ‘trustScope’ attribute, to force in effect ‘trustScope=Account’ for every App in this customer tenancy.Added In: 18.1.6
SCIM++ Properties:
- multiValued: false
- mutability: readWrite
- required: false
- returned: default
- type: boolean
allowed_domains
- One or more email domains allowed in a user’s email field. If unassigned, any domain is allowed.SCIM++ Properties:
- caseExact: false
- multiValued: true
- mutability: readWrite
- required: false
- returned: default
- type: string
- uniqueness: none
allowed_forgot_password_flow_return_urls
- If specified, indicates the set of Urls which can be returned to after successful forgot password flowAdded In: 19.3.3
SCIM++ Properties:
- type: string
- multiValued: true
- required: false
- mutability: readWrite
- returned: default
- uniqueness: none
- caseExact: false
allowed_notification_redirect_urls
- If specified, indicates the set of allowed notification redirect Urls which can be specified as the value of \“notificationRedirectUrl\” in the POST …/admin/v1/MePasswordResetRequestor request payload, which will then be included in the reset password email notification sent to a user as part of the forgot password / password reset flow.Added In: 2009041201
SCIM++ Properties:
- type: string
- multiValued: true
- required: false
- mutability: readWrite
- returned: default
- uniqueness: none
- caseExact: false
audit_event_retention_period
- Audit Event retention period. If set, overrides default of 30 days after which Audit Events will be purgedAdded In: 19.2.1
SCIM++ Properties:
- multiValued: false
- mutability: readWrite
- required: false
- returned: default
- type: integer
certificate_validation
- Certificate Validation ConfigAdded In: 2010242156
SCIM++ Properties:
caseExact: false
multiValued: false
mutability: readWrite
required: false
returned: default
type: complex
uniqueness: none
crl_check_on_ocsp_failure_enabled
- Use CRL as Fallback.Added In: 2010242156
SCIM++ Properties:
- multiValued: false
- mutability: readWrite
- required: false
- returned: default
- type: boolean
- uniqueness: none
crl_enabled
- CRL is enabled ConfigurationAdded In: 2010242156
SCIM++ Properties:
- multiValued: false
- mutability: readWrite
- required: false
- returned: default
- type: boolean
- uniqueness: none
crl_location
- CRL Location.Added In: 2010242156
SCIM++ Properties:
- multiValued: false
- mutability: readWrite
- required: false
- returned: default
- type: string
- uniqueness: none
crl_refresh_interval
- The CRL refresh interval in minutesAdded In: 2010242156
SCIM++ Properties:
- multiValued: false
- mutability: readWrite
- required: false
- returned: default
- type: integer
- uniqueness: none
ocsp_enabled
- OCSP is enabled ConfigurationAdded In: 2010242156
SCIM++ Properties:
- multiValued: false
- mutability: readWrite
- required: false
- returned: default
- type: boolean
- uniqueness: none
ocsp_responder_url
- OCSP Responder URLAdded In: 2010242156
SCIM++ Properties:
- multiValued: false
- mutability: readWrite
- required: false
- returned: default
- type: string
- uniqueness: none
ocsp_settings_responder_url_preferred
- This setting says, OCSP Responder URL present in the issued certificate must be used. Otherwise, OCSP Responder URL from IDP or Settings.Added In: 2010242156
SCIM++ Properties:
- multiValued: false
- mutability: readWrite
- required: false
- returned: default
- type: boolean
- uniqueness: none
ocsp_signing_certificate_alias
- OCSP Signing Certificate AliasAdded In: 2010242156
SCIM++ Properties:
- multiValued: false
- mutability: readWrite
- required: false
- returned: default
- type: string
- uniqueness: none
ocsp_timeout_duration
- The OCSP Timeout duration in minutesAdded In: 2010242156
SCIM++ Properties:
- idcsMaxValue: 10
- idcsMinValue: 1
- multiValued: false
- mutability: readWrite
- required: false
- returned: default
- type: integer
- uniqueness: none
ocsp_unknown_response_status_allowed
- OCSP Accept unknown response status from ocsp responder.Added In: 2010242156
SCIM++ Properties:
- multiValued: false
- mutability: readWrite
- required: false
- returned: default
- type: boolean
- uniqueness: none
cloud_account_name
- The attribute to store the cloud account nameDeprecated Since: 2011192329
SCIM++ Properties:
- caseExact: false
- multiValued: false
- mutability: readOnly
- required: false
- returned: default
- type: string
- uniqueness: none
cloud_gate_cors_settings
- A complex attribute that specifies the Cloud Gate cross origin resource sharing settings.Added In: 2011192329
SCIM++ Properties:
caseExact: false
idcsSearchable: false
multiValued: false
mutability: readWrite
required: false
returned: default
type: complex
uniqueness: none
cloud_gate_cors_allow_null_origin
- Allow Null Origin (CORS) for this tenant.Added In: 2011192329
SCIM++ Properties:
- idcsSearchable: false
- multiValued: false
- mutability: readWrite
- required: false
- returned: default
- type: boolean
- uniqueness: none
cloud_gate_cors_allowed_origins
- Cloud Gate Allowed Cross-Origin Resource Sharing (CORS) Origins for this tenant.Added In: 2011192329
SCIM++ Properties:
- idcsSearchable: false
- multiValued: true
- mutability: readWrite
- required: false
- returned: default
- type: string
- uniqueness: none
cloud_gate_cors_enabled
- Enable Cloud Gate Cross-Origin Resource Sharing (CORS) for this tenant.Added In: 2011192329
SCIM++ Properties:
- idcsSearchable: false
- multiValued: false
- mutability: readWrite
- required: false
- returned: default
- type: boolean
- uniqueness: none
cloud_gate_cors_exposed_headers
- List of Response Headers Cloud Gate is allowed to expose in the CORS Response Header: Access-Control-Expose-Headers.Added In: 2205182039
SCIM++ Properties:
- idcsSearchable: false
- multiValued: true
- mutability: readWrite
- required: false
- returned: default
- type: string
- uniqueness: none
cloud_gate_cors_max_age
- Maximum number of seconds a CORS Pre-flight Response may be cached by client.Added In: 2205182039
SCIM++ Properties:
- idcsSearchable: false
- multiValued: false
- mutability: readWrite
- required: false
- returned: default
- type: integer
- uniqueness: none
cloud_migration_custom_url
- If specified, indicates the custom SIM Migrator Url which can be used while SIM to Oracle Identity Cloud Service CloudAccount Migration.Added In: 2012271618
SCIM++ Properties:
- type: string
- multiValued: false
- required: false
- mutability: readWrite
- returned: default
- uniqueness: none
- caseExact: false
cloud_migration_url_enabled
- CloudAccountMigration: Enable Custom SIM Migrator Url.Added In: 2012271618
SCIM++ Properties:
- caseExact: false
- multiValued: false
- mutability: readWrite
- required: false
- returned: default
- type: boolean
- uniqueness: none
company_names
- Name of the company in different localesSCIM++ Properties:
idcsCompositeKey: [locale]
multiValued: true
mutability: readWrite
required: false
returned: default
type: complex
locale
- LocaleSCIM++ Properties:
- idcsCanonicalValueSourceFilter: attrName eq “locales” and attrValues.value eq “$(companyNames.locale)”
- idcsCanonicalValueSourceResourceType: AllowedValue
- multiValued: false
- mutability: readWrite
- required: true
- returned: default
- type: string
value
- Company nameSCIM++ Properties:
- multiValued: false
- mutability: readWrite
- required: true
- returned: default
- type: string
compartment_ocid
- Oracle Cloud Infrastructure Compartment Id (ocid) in which the resource lives.SCIM++ Properties:
- caseExact: false
- idcsSearchable: false
- multiValued: false
- mutability: readOnly
- required: false
- returned: default
- type: string
- uniqueness: none
contact_emails
- Contact emails used to notify tenants. Can be one or more user or group alias emails.SCIM++ Properties:
- caseExact: false
- multiValued: true
- mutability: readWrite
- required: false
- returned: default
- type: string
- uniqueness: none
csr_access
- This value indicates whether Customer Service Representatives can login and have readOnly or readWrite access. A value of ‘none’ means CSR cannot login to the services.SCIM++ Properties:
- multiValued: false
- mutability: readWrite
- required: true
- returned: default
- type: string
custom_branding
- Indicates if the branding is default or customSCIM++ Properties:
- multiValued: false
- mutability: readWrite
- required: false
- returned: default
- type: boolean
custom_css_location
- Storage URL location where the sanitized custom css is locatedAdded In: 20.1.3
SCIM++ Properties:
- caseExact: false
- multiValued: false
- mutability: readWrite
- required: false
- returned: default
- type: string
- uniqueness: none
custom_html_location
- Storage URL location where the sanitized custom html is locatedAdded In: 20.1.3
SCIM++ Properties:
- caseExact: false
- multiValued: false
- mutability: readWrite
- required: false
- returned: default
- type: string
- uniqueness: none
custom_translation
- Custom translations (JSON String)Added In: 20.1.3
SCIM++ Properties:
- caseExact: false
- multiValued: false
- mutability: readWrite
- required: false
- returned: default
- type: string
- uniqueness: none
default_company_names
- Default name of the Company in different localesAdded In: 18.2.2
SCIM++ Properties:
idcsCompositeKey: [locale]
multiValued: true
mutability: readOnly
required: false
returned: default
type: complex
locale
- LocaleAdded In: 18.2.2
SCIM++ Properties:
- idcsCanonicalValueSourceFilter: attrName eq “locales” and attrValues.value eq “$(companyNames.locale)”
- idcsCanonicalValueSourceResourceType: AllowedValue
- multiValued: false
- mutability: readOnly
- required: true
- returned: default
- type: string
value
- Company nameAdded In: 18.2.2
SCIM++ Properties:
- multiValued: false
- mutability: readOnly
- required: true
- returned: default
- type: string
default_images
- References to various imagesAdded In: 18.2.2
SCIM++ Properties:
idcsCompositeKey: [type]
multiValued: true
mutability: readOnly
required: false
returned: default
type: complex
display
- A human-readable name, primarily used for display purposesAdded In: 18.2.2
SCIM++ Properties:
- multiValued: false
- mutability: readOnly
- required: false
- returned: default
- type: string
type
- Indicates the image typeAdded In: 18.2.2
SCIM++ Properties:
- multiValued: false
- mutability: readOnly
- required: true
- returned: default
- type: string
value
- Image URIAdded In: 18.2.2
SCIM++ Properties:
- multiValued: false
- mutability: readOnly
- required: true
- returned: default
- type: reference
default_login_texts
- Default Login text in different localesAdded In: 18.2.2
SCIM++ Properties:
idcsCompositeKey: [locale]
multiValued: true
mutability: readOnly
required: false
returned: default
type: complex
locale
- LocaleAdded In: 18.2.2
SCIM++ Properties:
- idcsCanonicalValueSourceFilter: attrName eq “locales” and attrValues.value eq “$(loginTexts.locale)”
- idcsCanonicalValueSourceResourceType: AllowedValue
- multiValued: false
- mutability: readOnly
- required: true
- returned: default
- type: string
value
- Login textAdded In: 18.2.2
SCIM++ Properties:
- multiValued: false
- mutability: readOnly
- required: true
- returned: default
- type: string
- idcsSanitize: true
default_trust_scope
- Deprecated Since: 18.3.6SCIM++ Properties:
- multiValued: false
- mutability: readWrite
- required: false
- returned: default
- type: string Indicates the default trust scope for all apps
delete_in_progress
- A boolean flag indicating this resource in the process of being deleted. Usually set to true when synchronous deletion of the resource would take too long.SCIM++ Properties:
- caseExact: false
- idcsSearchable: true
- multiValued: false
- mutability: readOnly
- required: false
- returned: default
- type: boolean
- uniqueness: none
diagnostic_level
- The level of diagnostic logging that is currently in effect. A level of 0 (zero) indicates that diagnostic logging is disabled. A level of 1 (one) indicates that diagnostic logging is enabled.SCIM++ Properties:
- caseExact: false
- idcsSearchable: false
- multiValued: false
- mutability: readWrite
- required: false
- returned: default
- type: integer
- uniqueness: none
diagnostic_record_for_search_identifies_returned_resources
- Controls whether DiagnosticRecords for external search-operations (against SCIM resource-types in the Admin service) identify returned resources. If true, indicates that for each successful external search-operation at least one DiagnosticRecord will include at least one identifier for each matching resource that is returned in that search-response. If false, no DiagnosticRecord should be expected to identify returned resources for a search-operation. The default value is false.Added In: 2011192329
SCIM++ Properties:
- caseExact: false
- multiValued: false
- mutability: readWrite
- required: false
- returned: default
- type: boolean
- uniqueness: none
diagnostic_tracing_upto
- The end time up to which diagnostic recording is switched onSCIM++ Properties:
- caseExact: false
- idcsSearchable: false
- multiValued: false
- mutability: readOnly
- required: false
- returned: default
- type: dateTime
- uniqueness: none
domain_ocid
- Oracle Cloud Infrastructure Domain Id (ocid) in which the resource lives.SCIM++ Properties:
- caseExact: false
- idcsSearchable: false
- multiValued: false
- mutability: readOnly
- required: false
- returned: default
- type: string
- uniqueness: none
enable_terms_of_use
- Indicates if Terms of Use is enabled in UIAdded In: 18.2.4
SCIM++ Properties:
- caseExact: false
- multiValued: false
- mutability: readWrite
- required: false
- returned: default
- type: boolean
- uniqueness: none
external_id
- An identifier for the Resource as defined by the Service Consumer. The externalId may simplify identification of the Resource between Service Consumer and Service Provider by allowing the Consumer to refer to the Resource with its own identifier, obviating the need to store a local mapping between the local identifier of the Resource and the identifier used by the Service Provider. Each Resource MAY include a non-empty externalId value. The value of the externalId attribute is always issued by the Service Consumer and can never be specified by the Service Provider. The Service Provider MUST always interpret the externalId as scoped to the Service Consumer’s tenant.SCIM++ Properties:
- caseExact: false
- multiValued: false
- mutability: readWrite
- required: false
- returned: default
- type: string
- uniqueness: none
iam_upst_session_expiry
- Maximum duration for IAM User Principal Session Token expiryAdded In: 2307071836
SCIM++ Properties:
- idcsSearchable: false
- multiValued: false
- mutability: readWrite
- required: false
- returned: default
- type: integer
- uniqueness: none
id
- Unique identifier for the SCIM Resource as defined by the Service Provider. Each representation of the Resource MUST include a non-empty id value. This identifier MUST be unique across the Service Provider’s entire set of Resources. It MUST be a stable, non-reassignable identifier that does not change when the same Resource is returned in subsequent requests. The value of the id attribute is always issued by the Service Provider and MUST never be specified by the Service Consumer. bulkId: is a reserved keyword and MUST NOT be used in the unique identifier.SCIM++ Properties:
- caseExact: false
- idcsSearchable: true
- multiValued: false
- mutability: readOnly
- required: false
- returned: always
- type: string
- uniqueness: global
idcs_created_by
- The User or App who created the ResourceSCIM++ Properties:
idcsSearchable: true
multiValued: false
mutability: readOnly
required: true
returned: default
type: complex
ref
- The URI of the SCIM resource that represents the User or App who created this ResourceSCIM++ Properties:
- caseExact: true
- idcsSearchable: false
- multiValued: false
- mutability: readOnly
- required: false
- returned: default
- type: reference
- uniqueness: none
display
- The displayName of the User or App who created this ResourceSCIM++ Properties:
- caseExact: true
- idcsSearchable: false
- multiValued: false
- mutability: readOnly
- required: false
- returned: default
- type: string
- uniqueness: none
ocid
- The OCID of the SCIM resource that represents the User or App who created this ResourceSCIM++ Properties:
- caseExact: true
- idcsSearchable: true
- multiValued: false
- mutability: readOnly
- returned: default
- type: string
- uniqueness: none
type
- The type of resource, User or App, that created this ResourceSCIM++ Properties:
- caseExact: false
- idcsSearchable: false
- multiValued: false
- mutability: readOnly
- required: false
- returned: default
- type: string
- uniqueness: none
value
- The ID of the SCIM resource that represents the User or App who created this ResourceSCIM++ Properties:
- caseExact: true
- idcsSearchable: true
- multiValued: false
- mutability: readOnly
- required: true
- returned: default
- type: string
- uniqueness: none
idcs_last_modified_by
- The User or App who modified the ResourceSCIM++ Properties:
idcsSearchable: true
multiValued: false
mutability: readOnly
required: false
returned: default
type: complex
ref
- The URI of the SCIM resource that represents the User or App who modified this ResourceSCIM++ Properties:
- caseExact: true
- idcsSearchable: false
- multiValued: false
- mutability: readOnly
- required: false
- returned: default
- type: reference
- uniqueness: none
display
- The displayName of the User or App who modified this ResourceSCIM++ Properties:
- caseExact: true
- idcsSearchable: false
- multiValued: false
- mutability: readOnly
- required: false
- returned: default
- type: string
- uniqueness: none
ocid
- The OCID of the SCIM resource that represents the User or App who modified this ResourceSCIM++ Properties:
- caseExact: true
- idcsSearchable: true
- multiValued: false
- mutability: readOnly
- returned: default
- type: string
- uniqueness: none
type
- The type of resource, User or App, that modified this ResourceSCIM++ Properties:
- caseExact: false
- idcsSearchable: false
- multiValued: false
- mutability: readOnly
- required: false
- returned: default
- type: string
- uniqueness: none
value
- The ID of the SCIM resource that represents the User or App who modified this ResourceSCIM++ Properties:
- caseExact: true
- idcsSearchable: true
- multiValued: false
- mutability: readOnly
- required: true
- returned: default
- type: string
- uniqueness: none
idcs_last_upgraded_in_release
- The release number when the resource was upgraded.SCIM++ Properties:
- caseExact: false
- idcsSearchable: false
- multiValued: false
- mutability: readOnly
- required: false
- returned: request
- type: string
- uniqueness: none
idcs_prevented_operations
- Each value of this attribute specifies an operation that only an internal client may perform on this particular resource.SCIM++ Properties:
- idcsSearchable: false
- multiValued: true
- mutability: readOnly
- required: false
- returned: request
- type: string
- uniqueness: none
images
- References to various imagesSCIM++ Properties:
idcsCompositeKey: [type]
multiValued: true
mutability: readWrite
required: false
returned: default
type: complex
display
- A human-readable name, primarily used for display purposesSCIM++ Properties:
- multiValued: false
- mutability: readWrite
- required: false
- returned: default
- type: string
type
- Indicates the image typeSCIM++ Properties:
- multiValued: false
- mutability: readWrite
- required: true
- returned: default
- type: string
value
- Image URISCIM++ Properties:
- multiValued: false
- mutability: readWrite
- required: true
- returned: default
- type: reference
is_hosted_page
- Indicates if ‘hosted’ option was selectedAdded In: 20.1.3
SCIM++ Properties:
- caseExact: false
- multiValued: false
- mutability: readWrite
- required: false
- returned: default
- type: boolean
- uniqueness: none
issuer
- Tenant issuer.Added In: 20.1.3
SCIM++ Properties:
- caseExact: false
- multiValued: false
- mutability: readWrite
- required: false
- returned: default
- type: string
- uniqueness: none
locale
- Default location for purposes of localizing items such as currency, date and time format, numerical representations, and so on.SCIM++ Properties:
- caseExact: false
- idcsCanonicalValueSourceFilter: attrName eq “locales” and attrValues.value eq “$(locale)”
- idcsCanonicalValueSourceResourceType: AllowedValue
- multiValued: false
- mutability: readWrite
- required: false
- returned: default
- type: string
- uniqueness: none
login_texts
- Login text in different localesSCIM++ Properties:
idcsCompositeKey: [locale]
multiValued: true
mutability: readWrite
required: false
returned: default
type: complex
locale
- LocaleSCIM++ Properties:
- idcsCanonicalValueSourceFilter: attrName eq “locales” and attrValues.value eq “$(loginTexts.locale)”
- idcsCanonicalValueSourceResourceType: AllowedValue
- multiValued: false
- mutability: readWrite
- required: true
- returned: default
- type: string
value
- Login textSCIM++ Properties:
- multiValued: false
- mutability: readWrite
- required: true
- returned: default
- idcsSanitize: true
- type: string
max_no_of_app_cmva_to_return
- Limit the maximum return of CMVA for an AppAdded In: 2111112015
SCIM++ Properties:
- idcsMinValue: 0
- multiValued: false
- mutability: readWrite
- required: false
- returned: default
- type: integer
- uniqueness: none
max_no_of_app_role_members_to_return
- Limit the maximum return of members for an AppRoleAdded In: 2111112015
SCIM++ Properties:
- idcsMinValue: 0
- multiValued: false
- mutability: readWrite
- required: false
- returned: default
- type: integer
- uniqueness: none
meta
- A complex attribute that contains resource metadata. All sub-attributes are OPTIONAL.SCIM++ Properties:
caseExact: false
idcsSearchable: true
multiValued: false
mutability: readOnly
required: false
returned: default
idcsCsvAttributeNameMappings: [[columnHeaderName:Created Date, mapsTo:meta.created]]
type: complex
created
- The DateTime the Resource was added to the Service ProviderSCIM++ Properties:
- caseExact: false
- idcsSearchable: true
- multiValued: false
- mutability: readOnly
- required: false
- returned: default
- type: dateTime
- uniqueness: none
last_modified
- The most recent DateTime that the details of this Resource were updated at the Service Provider. If this Resource has never been modified since its initial creation, the value MUST be the same as the value of created. The attribute MUST be a DateTime.SCIM++ Properties:
- caseExact: false
- idcsSearchable: true
- multiValued: false
- mutability: readOnly
- required: false
- returned: default
- type: dateTime
- uniqueness: none
location
- The URI of the Resource being returned. This value MUST be the same as the Location HTTP response header.SCIM++ Properties:
- caseExact: false
- idcsSearchable: false
- multiValued: false
- mutability: readOnly
- required: false
- returned: default
- type: string
- uniqueness: none
resource_type
- Name of the resource type of the resource–for example, Users or GroupsSCIM++ Properties:
- caseExact: false
- idcsSearchable: false
- multiValued: false
- mutability: readOnly
- required: false
- returned: default
- type: string
- uniqueness: none
version
- The version of the Resource being returned. This value must be the same as the ETag HTTP response header.SCIM++ Properties:
- caseExact: false
- idcsSearchable: false
- multiValued: false
- mutability: readOnly
- required: false
- returned: default
- type: string
- uniqueness: none
migration_status
- Database Migration StatusAdded In: 19.2.1
SCIM++ Properties:
- caseExact: true
- multiValued: false
- mutability: readOnly
- required: false
- returned: default
- type: string
- uniqueness: none
ocid
- Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.SCIM++ Properties:
- caseExact: true
- idcsSearchable: true
- multiValued: false
- mutability: immutable
- required: false
- returned: default
- type: string
- uniqueness: global
on_premises_provisioning
- On-Premises provisioning feature toggle.Added In: 19.2.1
SCIM++ Properties:
- caseExact: false
- multiValued: false
- mutability: readOnly
- required: false
- returned: default
- type: boolean
- uniqueness: none
preferred_language
- Preferred written or spoken language used for localized user interfacesSCIM++ Properties:
- caseExact: false
- idcsCanonicalValueSourceFilter: attrName eq “languages” and attrValues.value eq “$(preferredLanguage)”
- idcsCanonicalValueSourceResourceType: AllowedValue
- multiValued: false
- mutability: readWrite
- required: false
- returned: default
- type: string
- uniqueness: none
prev_issuer
- Previous Tenant issuer. This is an Oracle Identity Cloud Service internal attribute which is not meant to be directly modified by ID Admin. Even if the request body (Settings) contains this attribute, the actual value will be set according to the Oracle Identity Cloud Service internal logic rather than solely based on the value provided in the request payload.Added In: 20.1.3
SCIM++ Properties:
- caseExact: false
- multiValued: false
- mutability: readWrite
- required: false
- returned: request
- type: string
- uniqueness: none
privacy_policy_url
- Privacy Policy URLAdded In: 18.2.4
SCIM++ Properties:
- caseExact: false
- multiValued: false
- mutability: readWrite
- required: false
- returned: default
- type: string
- uniqueness: none
purge_configs
- Purge Configs for different Resource TypesDeprecated Since: 19.1.6
SCIM++ Properties:
idcsCompositeKey: [resourceName]
multiValued: true
mutability: readWrite
required: false
returned: default
type: complex
resource_name
- Resource NameDeprecated Since: 19.1.6
SCIM++ Properties:
- multiValued: false
- mutability: readWrite
- required: true
- returned: default
- type: string
retention_period
- Retention PeriodDeprecated Since: 19.1.6
SCIM++ Properties:
- multiValued: false
- mutability: readWrite
- required: true
- returned: default
- type: integer
re_auth_factor
- If reAuthWhenChangingMyAuthenticationFactors is true (default), this attribute specifies which re-authentication factor to use. Allowed value is \“password\”.Added In: 20.1.3
SCIM++ Properties:
- multiValued: true
- mutability: readWrite
- required: false
- returned: default
- type: string
re_auth_when_changing_my_authentication_factors
- Specifies whether re-authentication is required or not when a user changes one of their security factors such as password or email. Default is true to ensure more secure behavior.Added In: 20.1.3
SCIM++ Properties:
- caseExact: false
- multiValued: false
- mutability: readWrite
- required: false
- returned: default
- type: boolean
- uniqueness: none
schemas
- REQUIRED. The schemas attribute is an array of Strings which allows introspection of the supported schema version for a SCIM representation as well any schema extensions supported by that representation. Each String value must be a unique URI. This specification defines URIs for User, Group, and a standard \“enterprise\” extension. All representations of SCIM schema MUST include a non-zero value array with value(s) of the URIs supported by that representation. Duplicate values MUST NOT be included. Value order is not specified and MUST not impact behavior.SCIM++ Properties:
- caseExact: false
- idcsSearchable: false
- multiValued: true
- mutability: readWrite
- required: true
- returned: default
- type: string
- uniqueness: none
service_admin_cannot_list_other_users
- By default, a service admin can list all users in stripe. If true, a service admin cannot list other users.Added In: 2108190438
SCIM++ Properties:
- caseExact: false
- multiValued: false
- mutability: readWrite
- required: false
- returned: default
- type: boolean
signing_cert_public_access
- Indicates if access on SigningCert is allowed to public or notAdded In: 17.3.4
SCIM++ Properties:
- multiValued: false
- mutability: readWrite
- required: false
- returned: default
- type: boolean
sub_mapping_attr
- Added In: 20.1.3SCIM++ Properties:
- caseExact: false
- multiValued: false
- mutability: readWrite
- required: false
- returned: default
- type: string
- uniqueness: none Subject mapping user profile attribute. The input format should be SCIM compliant. This attribute should be of type String and multivalued to false.
tags
- A list of tags on this resource.SCIM++ Properties:
idcsCompositeKey: [key, value]
idcsSearchable: true
multiValued: true
mutability: readWrite
required: false
returned: request
type: complex
uniqueness: none
key
- Key or name of the tag.SCIM++ Properties:
- caseExact: false
- idcsSearchable: true
- multiValued: false
- mutability: readWrite
- required: true
- returned: default
- type: string
- uniqueness: none
value
- Value of the tag.SCIM++ Properties:
- caseExact: false
- idcsSearchable: true
- multiValued: false
- mutability: readWrite
- required: true
- returned: default
- type: string
- uniqueness: none
tenancy_ocid
- Oracle Cloud Infrastructure Tenant Id (ocid) in which the resource lives.SCIM++ Properties:
- caseExact: false
- idcsSearchable: false
- multiValued: false
- mutability: readOnly
- required: false
- returned: default
- type: string
- uniqueness: none
tenant_custom_claims
- Custom claims associated with the specific tenantAdded In: 18.4.2
SCIM++ Properties:
idcsCompositeKey: [name]
multiValued: true
mutability: readWrite
required: false
returned: default
type: complex
uniqueness: none
all_scopes
- Indicates if the custom claim is associated with all scopesAdded In: 18.4.2
SCIM++ Properties:
- multiValued: false
- mutability: readWrite
- required: true
- returned: default
- type: boolean
- uniqueness: none
expression
- Indicates if the custom claim is an expressionAdded In: 18.4.2
SCIM++ Properties:
- multiValued: false
- mutability: readWrite
- required: true
- returned: default
- type: boolean
- uniqueness: none
mode
- Indicates under what scenario the custom claim will be returnAdded In: 18.4.2
SCIM++ Properties:
- multiValued: false
- mutability: readWrite
- required: true
- returned: default
- type: string
- uniqueness: none
name
- Custom claim nameAdded In: 18.4.2
SCIM++ Properties:
- multiValued: false
- mutability: readWrite
- required: true
- returned: default
- type: string
- uniqueness: server
scopes
- Scopes associated with a specific custom claimAdded In: 18.4.2
SCIM++ Properties:
- multiValued: true
- mutability: readWrite
- required: false
- returned: default
- type: string
- uniqueness: none
token_type
- Indicates what type of token the custom claim will be embeddedAdded In: 18.4.2
SCIM++ Properties:
- multiValued: false
- mutability: readWrite
- required: true
- returned: default
- type: string
- uniqueness: none
value
- Custom claim valueAdded In: 18.4.2
SCIM++ Properties:
- multiValued: false
- mutability: readWrite
- required: true
- returned: default
- type: string
- uniqueness: none
terms_of_use_url
- Terms of Use URLAdded In: 18.2.4
SCIM++ Properties:
- caseExact: false
- multiValued: false
- mutability: readWrite
- required: false
- returned: default
- type: string
- uniqueness: none
timezone
- User’s timezoneSCIM++ Properties:
- caseExact: false
- idcsCanonicalValueSourceFilter: attrName eq “timezones” and attrValues.value eq “$(timezone)”
- idcsCanonicalValueSourceResourceType: AllowedValue
- multiValued: false
- mutability: readWrite
- required: false
- returned: default
- type: string
- uniqueness: none
Timeouts
The timeouts
block allows you to specify timeouts for certain operations:
* create
- (Defaults to 20 minutes), when creating the Setting
* update
- (Defaults to 20 minutes), when updating the Setting
* delete
- (Defaults to 20 minutes), when destroying the Setting
Import
Settings can be imported using the id
, e.g.
$ terraform import oci_identity_domains_setting.test_setting "idcsEndpoint/{idcsEndpoint}/settings/{settingId}"