Expiry-time in seconds for an Access Token. Any token that allows access to this App will expire after the specified duration.
*SCIM++ Properties:** - idcsSearchable: false - multiValued: false - mutability: readWrite - required: false - returned: default - type: integer - uniqueness: none Note: Numbers greater than Number.MAX_SAFE_INTEGER will result in rounding issues.
Accounts of App
*SCIM++ Properties:** - idcsCompositeKey: [value] - idcsSearchable: true - multiValued: true - mutability: readOnly - required: false - returned: request - type: complex - uniqueness: none
If true, this App is able to participate in runtime services, such as automatic-login, OAuth, and SAML. If false, all runtime services are disabled for this App, and only administrative operations can be performed.
*SCIM++ Properties:** - idcsSearchable: true - multiValued: false - mutability: readWrite - required: false - returned: default - type: boolean - uniqueness: none
A list of AppRoles defined by this UnmanagedApp. Membership in each of these AppRoles confers administrative privilege within this App.
*SCIM++ Properties:** - idcsCompositeKey: [value] - idcsSearchable: false - multiValued: true - mutability: readOnly - required: false - returned: request - type: complex
Each value of this internal attribute refers to an Oracle Public Cloud infrastructure App on which this App depends.
*SCIM++ Properties:** - caseExact: true - idcsCompositeKey: [value] - idcsSearchable: true - multiValued: true - mutability: readWrite - required: false - returned: default - type: complex - uniqueness: none
If true, indicates that the system should allow all URL-schemes within each value of the 'redirectUris' attribute. Also indicates that the system should not attempt to confirm that each value of the 'redirectUris' attribute is a valid URI. In particular, the system should not confirm that the domain component of the URI is a top-level domain and the system should not confirm that the hostname portion is a valid system that is reachable over the network.
*SCIM++ Properties:** - idcsSearchable: true - multiValued: false - mutability: readWrite - required: false - returned: default - type: boolean - uniqueness: none
If true, any managed App that is based on this template is checked for access control that is, access to this app is subject to successful authorization at SSO service, viz. app grants to start with.
*SCIM++ Properties:** - idcsSearchable: true - multiValued: false - mutability: readWrite - required: false - returned: default - type: boolean - uniqueness: none
If true, indicates that the Refresh Token is allowed when this App acts as an OAuth Resource.
*SCIM++ Properties:** - idcsSearchable: true - multiValued: false - mutability: readWrite - required: false - returned: default - type: boolean - uniqueness: none
List of grant-types that this App is allowed to use when it acts as an OAuthClient.
*SCIM++ Properties:** - caseExact: true - idcsSearchable: true - multiValued: true - mutability: readWrite - required: false - returned: default - type: string - uniqueness: none
OPTIONAL. Required only when this App acts as an OAuthClient. Supported values are 'introspect' and 'onBehalfOfUser'. The value 'introspect' allows the client to look inside the access-token. The value 'onBehalfOfUser' overrides how the client's privileges are combined with the privileges of the Subject User. Ordinarily, authorization calculates the set of effective privileges as the intersection of the client's privileges and the user's privileges. The value 'onBehalfOf' indicates that authorization should ignore the privileges of the client and use only the user's privileges to calculate the effective privileges.
*SCIM++ Properties:** - caseExact: true - idcsSearchable: true - multiValued: true - mutability: readWrite - required: false - returned: default - type: string - uniqueness: none
A list of scopes (exposed by this App or by other Apps) that this App is allowed to access when it acts as an OAuthClient.
*SCIM++ Properties:** - caseExact: true - idcsCompositeKey: [fqs] - idcsSearchable: true - multiValued: true - mutability: readWrite - required: false - returned: default - type: complex - uniqueness: none
A list of tags, acting as an OAuthClient, this App is allowed to access.
*Added In:** 17.4.6
*SCIM++ Properties:** - idcsCompositeKey: [key, value] - idcsSearchable: true - multiValued: true - mutability: readWrite - required: false - returned: default - type: complex - uniqueness: none
Application icon.
*SCIM++ Properties:** - idcsSearchable: false - multiValued: false - mutability: readWrite - required: false - returned: request - type: string - uniqueness: none
Application thumbnail.
*SCIM++ Properties:** - idcsSearchable: false - multiValued: false - mutability: readWrite - required: false - returned: request - type: string - uniqueness: none
Network Perimeter
*Added In:** 2010242156
*SCIM++ Properties:** - idcsCompositeKey: [value] - multiValued: true - mutability: readWrite - required: false - returned: default - type: complex
Label for the attribute to be shown in the UI.
*SCIM++ Properties:** - idcsCompositeKey: [name] - idcsSearchable: false - multiValued: true - mutability: immutable - required: false - returned: default - type: complex - uniqueness: none
The base URI for all of the scopes defined in this App. The value of 'audience' is combined with the 'value' of each scope to form an 'fqs' or fully qualified scope.
*SCIM++ Properties:** - caseExact: false - idcsSearchable: false - multiValued: false - mutability: readWrite - required: false - returned: default - type: string - uniqueness: none
If true, indicates that consent should be skipped for all scopes
*Added In:** 19.2.1
*SCIM++ Properties:** - caseExact: false - idcsSearchable: false - multiValued: false - mutability: readWrite - required: false - returned: default - type: boolean - uniqueness: none
Callback Service URL
*SCIM++ Properties:** - caseExact: false - idcsSearchable: false - multiValued: false - mutability: readOnly - required: false - returned: default - type: string - uniqueness: none
Each value of this attribute represent a certificate that this App uses when it acts as an OAuthClient.
*SCIM++ Properties:** - caseExact: false - idcsCompositeKey: [certAlias] - idcsSearchable: false - multiValued: true - mutability: readWrite - required: false - returned: default - type: complex - uniqueness: none
Network Perimeters checking mode
*Added In:** 2010242156
*SCIM++ Properties:** - caseExact: true - idcsSearchable: false - multiValued: false - mutability: readWrite - required: false - returned: default - type: string - uniqueness: none
This value is the credential of this App, which this App supplies as a password when this App authenticates to the Oracle Public Cloud infrastructure. This value is also the client secret of this App when it acts as an OAuthClient.
*SCIM++ Properties:** - caseExact: false - idcsSearchable: false - idcsSensitive: none - multiValued: false - mutability: readOnly - required: false - returned: default - type: string - uniqueness: none
Specifies the type of access that this App has when it acts as an OAuthClient.
*SCIM++ Properties:** - caseExact: false - idcsSearchable: false - multiValued: false - mutability: readWrite - required: false - returned: default - type: string - uniqueness: none
A collection of arbitrary properties that scope the privileges of a cloud-control App.
*Added In:** 18.4.2
*SCIM++ Properties:** - idcsCompositeKey: [name] - idcsSearchable: false - multiValued: true - mutability: readOnly - required: false - returned: request - type: complex - uniqueness: none
OCI Compartment Id (ocid) in which the resource lives.
*SCIM++ Properties:** - caseExact: false - idcsSearchable: false - multiValued: false - mutability: readOnly - required: false - returned: default - type: string - uniqueness: none
Contact Email Address
*Added In:** 19.2.1
*SCIM++ Properties:** - idcsSearchable: false - multiValued: false - mutability: readWrite - required: false - returned: default - type: string - uniqueness: none
Service Names allow to use OCI signature for client authentication instead of client credentials
*Added In:** 2207040824
*SCIM++ Properties:** - caseExact: true - idcsSearchable: false - multiValued: true - mutability: readWrite - required: false - returned: default - type: string - uniqueness: none
A boolean flag indicating this resource in the process of being deleted. Usually set to true when synchronous deletion of the resource would take too long.
*SCIM++ Properties:** - caseExact: false - idcsSearchable: true - multiValued: false - mutability: readOnly - required: false - returned: default - type: boolean - uniqueness: none
Description of the application.
*SCIM++ Properties:** - caseExact: false - idcsSearchable: true - multiValued: false - mutability: readWrite - required: false - returned: default - type: string - uniqueness: none
Indicates whether the application is allowed to be access using kmsi token.
*Added In:** 2111190457
*SCIM++ Properties:** - idcsSearchable: false - multiValued: false - mutability: readWrite - required: false - returned: always - type: boolean - uniqueness: none
Display name of the application. Display name is intended to be user-friendly, and an administrator can change the value at any time.
*SCIM++ Properties:** - caseExact: false - idcsSearchable: true - multiValued: false - mutability: readWrite - required: true - returned: always - type: string - uniqueness: server
OCI Domain Id (ocid) in which the resource lives.
*SCIM++ Properties:** - caseExact: false - idcsSearchable: false - multiValued: false - mutability: readOnly - required: false - returned: default - type: string - uniqueness: none
App attributes editable by subject
*Added In:** 18.2.6
*SCIM++ Properties:** - caseExact: false - idcsCompositeKey: [name] - idcsSearchable: false - multiValued: true - mutability: readOnly - required: false - returned: request - type: complex - uniqueness: none
This attribute specifies the URL of the page to which an application will redirect an end-user in case of error.
*SCIM++ Properties:** - caseExact: false - idcsSearchable: false - multiValued: false - mutability: readWrite - required: false - returned: default - type: string - uniqueness: none
A list of AppRoles that are granted to this App (and that are defined by other Apps). Within the Oracle Public Cloud infrastructure, this allows AppID-based association. Such an association allows this App to act as a consumer and thus to access resources of another App that acts as a producer.
*SCIM++ Properties:** - caseExact: true - idcsCompositeKey: [value] - idcsSearchable: true - multiValued: true - mutability: readOnly - required: false - returned: default - type: complex - uniqueness: none
Grants assigned to the app
*SCIM++ Properties:** - idcsCompositeKey: [value] - idcsSearchable: true - multiValued: true - mutability: readOnly - required: false - returned: request - type: complex - uniqueness: none
Hashed Client Secret. This hash-value is used to verify the 'clientSecret' credential of this App
*Added In:** 2106240046
*SCIM++ Properties:** - idcsSearchable: false - idcsSensitive: hash_sc - multiValued: false - mutability: readOnly - required: false - returned: request - type: string - uniqueness: none
Home Page URL
*Added In:** 19.2.1
*SCIM++ Properties:** - idcsSearchable: false - multiValued: false - mutability: readWrite - required: false - returned: default - type: string - uniqueness: none
URL of application icon.
*SCIM++ Properties:** - idcsSearchable: false - multiValued: false - mutability: readWrite - required: false - returned: default - type: reference - uniqueness: none
Unique identifier for the SCIM Resource as defined by the Service Provider. Each representation of the Resource MUST include a non-empty id value. This identifier MUST be unique across the Service Provider's entire set of Resources. It MUST be a stable, non-reassignable identifier that does not change when the same Resource is returned in subsequent requests. The value of the id attribute is always issued by the Service Provider and MUST never be specified by the Service Consumer. bulkId: is a reserved keyword and MUST NOT be used in the unique identifier.
*SCIM++ Properties:** - caseExact: false - idcsSearchable: true - multiValued: false - mutability: readOnly - required: false - returned: always - type: string - uniqueness: global
Encryption Alogrithm to use for encrypting ID token.
*Added In:** 2010242156
*SCIM++ Properties:** - caseExact: false - idcsSearchable: false - multiValued: false - mutability: readWrite - required: false - returned: default - type: string - uniqueness: none
The release number when the resource was upgraded.
*SCIM++ Properties:** - caseExact: false - idcsSearchable: false - multiValued: false - mutability: readOnly - required: false - returned: request - type: string - uniqueness: none
Each value of this attribute specifies an operation that only an internal client may perform on this particular resource.
*SCIM++ Properties:** - idcsSearchable: false - multiValued: true - mutability: readOnly - required: false - returned: request - type: string - uniqueness: none
A list of IdentityProvider assigned to app. A user trying to access this app will be automatically redirected to configured IdP during the authentication phase, before being able to access App.
*SCIM++ Properties:** - idcsCompositeKey: [value] - idcsSearchable: false - multiValued: true - mutability: readWrite - required: false - returned: request - type: complex
If true, this App is an internal infrastructure App.
*SCIM++ Properties:** - idcsSearchable: true - multiValued: false - mutability: readOnly - required: false - returned: default - type: boolean - uniqueness: none
If true, this App is an AliasApp and it cannot be granted to an end-user directly.
*SCIM++ Properties:** - idcsSearchable: true - multiValued: false - mutability: immutable - required: false - returned: always - type: boolean - uniqueness: none
If true, this application acts as database service Application
*Added In:** 18.2.2
*SCIM++ Properties:** - idcsSearchable: true - multiValued: false - mutability: readOnly - required: false - type: boolean
If true, this app acts as Enterprise app with Authentication and URL Authz policy.
*Added In:** 19.2.1
*SCIM++ Properties:** - idcsSearchable: true - multiValued: false - mutability: readWrite - required: false - returned: default - type: boolean - uniqueness: none
If true, this application acts as FormFill Application
*SCIM++ Properties:** - idcsSearchable: true - multiValued: false - mutability: readWrite - required: false - returned: default - type: boolean - uniqueness: none
If true, indicates that this App supports Kerberos Authentication
*SCIM++ Properties:** - idcsSearchable: true - multiValued: false - mutability: readWrite - required: false - returned: default - type: boolean - uniqueness: none
If true, this App allows runtime services to log end users into this App automatically.
*SCIM++ Properties:** - idcsSearchable: true - multiValued: false - mutability: readWrite - required: false - returned: default - type: boolean - uniqueness: none
If true, indicates that access to this App requires an account. That is, in order to log in to the App, a User must use an application-specific identity that is maintained in the remote identity-repository of that App.
*SCIM++ Properties:** - idcsSearchable: true - multiValued: false - mutability: readOnly - required: false - returned: default - type: boolean - uniqueness: none
If true, indicates that the App should be visible in each end-user's mobile application.
*SCIM++ Properties:** - idcsSearchable: true - multiValued: false - mutability: readWrite - required: false - returned: default - type: boolean - uniqueness: none
If true, indicates the app is used for multicloud service integration.
*Added In:** 2301202328
*SCIM++ Properties:** - idcsSearchable: true - multiValued: false - mutability: immutable - required: false - returned: default - type: boolean - uniqueness: none
If true, this application acts as an OAuth Client
*SCIM++ Properties:** - idcsSearchable: true - multiValued: false - mutability: readWrite - required: false - returned: default - type: boolean - uniqueness: none
If true, indicates that this application acts as an OAuth Resource.
*SCIM++ Properties:** - idcsSearchable: true - multiValued: false - mutability: readWrite - required: false - returned: default - type: boolean - uniqueness: none
If true, this application is an Oracle Public Cloud service-instance.
*SCIM++ Properties:** - idcsSearchable: true - multiValued: false - mutability: readOnly - required: false - returned: default - type: boolean - uniqueness: none
This flag indicates if the App is capable of validating obligations with the token for allowing access to the App.
*SCIM++ Properties:** - caseExact: false - idcsSearchable: true - multiValued: false - mutability: readWrite - required: false - returned: default - type: boolean - uniqueness: none
If true, this application acts as an Radius App
*Added In:** 20.1.3
*SCIM++ Properties:** - idcsSearchable: true - multiValued: false - mutability: readWrite - required: false - returned: default - type: boolean - uniqueness: none
If true, then this App acts as a SAML Service Provider.
*SCIM++ Properties:** - idcsSearchable: true - multiValued: false - mutability: readWrite - required: false - returned: default - type: boolean - uniqueness: none
If true, indicates that this application accepts an Oracle Cloud Identity Service User as a login-identity (does not require an account) and relies for authorization on the User's memberships in AppRoles.
*SCIM++ Properties:** - idcsSearchable: true - multiValued: false - mutability: immutable - required: false - returned: default - type: boolean - uniqueness: none
If true, the webtier policy is active
*SCIM++ Properties:** - idcsSearchable: true - multiValued: false - mutability: readWrite - required: false - returned: default - type: boolean - uniqueness: none
The URL of the landing page for this App, which is the first page that an end user should see if runtime services log that end user in to this App automatically.
*SCIM++ Properties:** - idcsSearchable: false - multiValued: false - mutability: readWrite - required: false - returned: default - type: string - uniqueness: none
This attribute specifies the callback URL for the social linking operation.
*Added In:** 18.2.4
*SCIM++ Properties:** - caseExact: false - idcsSearchable: false - multiValued: false - mutability: readWrite - required: false - returned: default - type: string - uniqueness: none
The protocol that runtime services will use to log end users in to this App automatically. If 'OIDC', then runtime services use the OpenID Connect protocol. If 'SAML', then runtime services use Security Assertion Markup Language protocol.
*SCIM++ Properties:** - caseExact: true - idcsSearchable: true - multiValued: false - mutability: readWrite - required: false - returned: default - type: string - uniqueness: none
This attribute specifies the URL of the page that the App uses when an end-user signs in to that App.
*SCIM++ Properties:** - caseExact: false - idcsSearchable: false - multiValued: false - mutability: readWrite - required: false - returned: default - type: string - uniqueness: none
This attribute specifies the URL of the page that the App uses when an end-user signs out.
*Added In:** 17.4.2
*SCIM++ Properties:** - caseExact: false - idcsSearchable: false - multiValued: false - mutability: readWrite - required: false - returned: default - type: string - uniqueness: none
OAuth will use this URI to logout if this App wants to participate in SSO, and if this App's session gets cleared as part of global logout. Note: This attribute is used only if this App acts as an OAuthClient.
*SCIM++ Properties:** - caseExact: false - idcsSearchable: false - multiValued: false - mutability: readWrite - required: false - returned: default - type: string - uniqueness: none
Indicates whether the application is billed as an OPCService. If true, customer is not billed for runtime operations of the app.
*Added In:** 18.4.2
*SCIM++ Properties:** - idcsSearchable: false - multiValued: false - mutability: readOnly - required: false - returned: always - type: boolean - uniqueness: none
If true, this App was migrated from an earlier version of Oracle Public Cloud infrastructure (and may therefore require special handling from runtime services such as OAuth or SAML). If false, this App requires no special handling from runtime services.
*SCIM++ Properties:** - idcsSearchable: true - multiValued: false - mutability: readOnly - required: false - returned: default - type: boolean - uniqueness: none
Name of the application. Also serves as username if the application authenticates to Oracle Public Cloud infrastructure. This name may not be user-friendly and cannot be changed once an App is created.
*SCIM++ Properties:** - caseExact: false - idcsSearchable: true - multiValued: false - mutability: immutable - required: false - returned: default - type: string - uniqueness: server
Unique OCI identifier for the SCIM Resource.
*SCIM++ Properties:** - caseExact: true - idcsSearchable: true - multiValued: false - mutability: immutable - required: false - returned: default - type: string - uniqueness: global
Each value of this attribute is the URI of a landing page within this App. It is used only when this App, acting as an OAuthClient, initiates the logout flow and wants to be redirected back to one of its landing pages.
*SCIM++ Properties:** - caseExact: false - idcsSearchable: false - multiValued: true - mutability: readWrite - required: false - returned: default - type: string - uniqueness: none
Privacy Policy URL
*Added In:** 19.2.1
*SCIM++ Properties:** - idcsSearchable: false - multiValued: false - mutability: readWrite - required: false - returned: default - type: string - uniqueness: none
Application Logo URL
*Added In:** 19.2.1
*SCIM++ Properties:** - idcsSearchable: false - multiValued: false - mutability: readWrite - required: false - returned: default - type: string - uniqueness: none
Product Name
*Added In:** 19.2.1
*SCIM++ Properties:** - idcsSearchable: false - multiValued: false - mutability: readWrite - required: false - returned: default - type: string - uniqueness: none
A list of secondary audiences--additional URIs to be added automatically to any OAuth token that allows access to this App. Note: This attribute is used mainly for backward compatibility in certain Oracle Public Cloud Apps.
*Added In:** 18.2.2
*SCIM++ Properties:** - caseExact: false - idcsCompositeKey: [value] - idcsSearchable: false - multiValued: true - mutability: readWrite - required: false - returned: default - type: complex - uniqueness: none
If true, this App requires an upgrade and mandates attention from application administrator. The flag is used by UI to indicate this app is ready to upgrade.
*SCIM++ Properties:** - idcsSearchable: true - multiValued: false - mutability: readOnly - required: false - returned: default - type: boolean - uniqueness: none
OPTIONAL. Each value is a URI within this App. This attribute is required when this App acts as an OAuthClient and is involved in three-legged flows (authorization-code flows).
*SCIM++ Properties:** - caseExact: false - idcsSearchable: false - multiValued: true - mutability: readWrite - required: false - returned: default - type: string - uniqueness: none
Expiry-time in seconds for a Refresh Token. Any token that allows access to this App, once refreshed, will expire after the specified duration.
*SCIM++ Properties:** - idcsSearchable: false - multiValued: false - mutability: readWrite - required: false - returned: default - type: integer - uniqueness: none Note: Numbers greater than Number.MAX_SAFE_INTEGER will result in rounding issues.
REQUIRED. The schemas attribute is an array of Strings which allows introspection of the supported schema version for a SCIM representation as well any schema extensions supported by that representation. Each String value must be a unique URI. This specification defines URIs for User, Group, and a standard \"enterprise\" extension. All representations of SCIM schema MUST include a non-zero value array with value(s) of the URIs supported by that representation. Duplicate values MUST NOT be included. Value order is not specified and MUST not impact behavior.
*SCIM++ Properties:** - caseExact: false - idcsSearchable: false - multiValued: true - mutability: readWrite - required: true - returned: default - type: string - uniqueness: none
Scopes defined by this App. Used when this App acts as an OAuth Resource.
*SCIM++ Properties:** - caseExact: true - idcsCompositeKey: [value] - idcsSearchable: true - multiValued: true - mutability: readWrite - required: false - returned: default - type: complex - uniqueness: none
A list of secondary audiences--additional URIs to be added automatically to any OAuth token that allows access to this App. Note: This attribute is used mainly for backward compatibility in certain Oracle Public Cloud Apps.
*Deprecated Since: 18.2.6**
*SCIM++ Properties:** - caseExact: false - idcsSearchable: false - multiValued: true - mutability: readWrite - required: false - returned: default - type: string - uniqueness: none
Custom attribute that is required to compute other attribute values during app creation.
*SCIM++ Properties:** - idcsCompositeKey: [name] - idcsSearchable: false - multiValued: true - mutability: readWrite - required: false - returned: always - type: complex - uniqueness: none
This Uniform Resource Name (URN) value identifies the type of Oracle Public Cloud service of which this app is an instance.
*SCIM++ Properties:** - caseExact: false - idcsSearchable: true - multiValued: false - mutability: readWrite - required: false - returned: default - type: string - uniqueness: none
This value specifies the version of the Oracle Public Cloud service of which this App is an instance
*SCIM++ Properties:** - caseExact: false - idcsSearchable: true - multiValued: false - mutability: readWrite - required: false - returned: default - type: string - uniqueness: none
If true, this app will be displayed in the MyApps page of each end-user who has access to the App.
*Added In:** 18.1.2
*SCIM++ Properties:** - idcsSearchable: true - multiValued: false - mutability: readWrite - required: false - returned: default - type: boolean - uniqueness: none
A list of tags on this resource.
*SCIM++ Properties:** - idcsCompositeKey: [key, value] - idcsSearchable: true - multiValued: true - mutability: readWrite - required: false - returned: request - type: complex - uniqueness: none
OCI Tenant Id (ocid) in which the resource lives.
*SCIM++ Properties:** - caseExact: false - idcsSearchable: false - multiValued: false - mutability: readOnly - required: false - returned: default - type: string - uniqueness: none
Terms of Service URL
*Added In:** 19.2.1
*SCIM++ Properties:** - idcsSearchable: false - multiValued: false - mutability: readWrite - required: false - returned: default - type: string - uniqueness: none
Trust Policies.
*SCIM++ Properties:** - idcsCompositeKey: [value] - idcsSearchable: true - multiValued: true - mutability: readWrite - required: false - returned: default - type: complex
Indicates the scope of trust for this App when acting as an OAuthClient. A value of 'Explicit' indicates that the App is allowed to access only the scopes of OAuthResources that are explicitly specified as 'allowedScopes'. A value of 'Account' indicates that the App is allowed implicitly to access any scope of any OAuthResource within the same Oracle Cloud Account. A value of 'Tags' indicates that the App is allowed to access any scope of any OAuthResource with a matching tag within the same Oracle Cloud Account. A value of 'Default' indicates that the Tenant default trust scope configured in the Tenant Settings is used.
*Added In:** 17.4.2
*SCIM++ Properties:** - caseExact: true - idcsSearchable: false - multiValued: false - mutability: readWrite - required: false - returned: default - type: string - uniqueness: none
A list of AppRoles defined by this UnmanagedApp. Membership in each of these AppRoles confers end-user privilege within this App.
*SCIM++ Properties:** - idcsCompositeKey: [value] - idcsSearchable: false - multiValued: true - mutability: readOnly - required: false - returned: request - type: complex
Schema for App resource.