The OCID of the tenancy containing the user.
DB username of the DB credential. Has to be unique across the tenancy.
Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. Example: {@code {"Operations": {"CostCenter": "42"}}}
The description you assign to the user. Does not have to be unique, and it's changeable.
(For tenancies that support identity domains) You can have an empty description.
The email address you assign to the user. The email address must be unique across all users in the tenancy.
(For tenancies that support identity domains) The email address is required unless the requirement is disabled at the tenancy level.
Whether the email address has been validated.
Identifier of the user in the identity provider
Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags.
Example: {@code {\"Department\": \"Finance\"}}
The OCID of the user.
The OCID of the {@code IdentityProvider} this user belongs to.
Returned only if the user's {@code lifecycleState} is INACTIVE. A 16-bit value showing the reason why the user is inactive:
- bit 0: SUSPENDED (reserved for future use) - bit 1: DISABLED (reserved for future use) - bit 2: BLOCKED (the user has exceeded the maximum number of failed login attempts for the Console) Note: Numbers greater than Number.MAX_SAFE_INTEGER will result in rounding issues.
Flag indicates if MFA has been activated for the user.
The date and time of when the user most recently logged in the format defined by RFC3339 (ex. {@code 2016-08-25T21:10:29.600Z}). If there is no login history, this field is null.
For illustrative purposes, suppose we have a user who has logged in at July 1st, 2020 at 1200 PST and logged out 30 minutes later. They then login again on July 2nd, 2020 at 1500 PST.
Their previousSuccessfulLoginTime would be {@code 2020-07-01:19:00.000Z}.
Their lastSuccessfulLoginTime would be {@code 2020-07-02:22:00.000Z}.
The user's current state. After creating a user, make sure its {@code lifecycleState} changes from CREATING to ACTIVE before using it.
The name you assign to the user during creation. This is the user's login for the Console. The name must be unique across all users in the tenancy and cannot be changed.
The date and time of when the user most recently logged in the format defined by RFC3339 (ex. {@code 2016-08-25T21:10:29.600Z}). If there is no login history, this field is null.
For illustrative purposes, suppose we have a user who has logged in at July 1st, 2020 at 1200 PST and logged out 30 minutes later. They then login again on July 2nd, 2020 at 1500 PST.
Their previousSuccessfulLoginTime would be {@code 2020-07-01:19:00.000Z}.
Their lastSuccessfulLoginTime would be {@code 2020-07-02:22:00.000Z}.
Date and time the user was created, in the format defined by RFC3339.
Example: {@code 2016-08-25T21:10:29.600Z}
An individual employee or system that needs to manage or use your company's Oracle Cloud Infrastructure resources. Users might need to launch instances, manage remote disks, work with your cloud network, etc. Users have one or more IAM Service credentials (ApiKey, UIPassword, SwiftPassword and AuthToken). For more information, see User Credentials). End users of your application are not typically IAM Service users, but for tenancies that have identity domains, they might be. For conceptual information about users and other IAM Service components, see Overview of IAM.
These users are created directly within the Oracle Cloud Infrastructure system, via the IAM service. They are different from *federated users*, who authenticate themselves to the Oracle Cloud Infrastructure Console via an identity provider. For more information, see [Identity Providers and Federation](https://docs.cloud.oracle.com/Content/Identity/Concepts/federation.htm).
To use any of the API operations, you must be authorized in an IAM policy. If you're not authorized, talk to an administrator. If you're an administrator who needs to write policies to give users access, see [Get Started with Policies](https://docs.cloud.oracle.com/Content/Identity/policiesgs/get-started-with-policies.htm).
*Warning:** Oracle recommends that you avoid using any confidential information when you supply string values using the API.