IdentityClient¶

class oci.identity.IdentityClient(config, **kwargs)¶

Use the Identity and Access Management Service API to manage users, groups, identity domains, compartments, policies, tagging, and limits. For information about managing users, groups, compartments, and policies, see [Identity and Access Management (without identity domains)](/iaas/Content/Identity/Concepts/overview.htm). For information about tagging and service limits, see [Tagging](/iaas/Content/Tagging/Concepts/taggingoverview.htm) and [Service Limits](/iaas/Content/General/Concepts/servicelimits.htm). For information about creating, modifying, and deleting identity domains, see [Identity and Access Management (with identity domains)](/iaas/Content/Identity/home.htm).

Methods

`__init__`(config, **kwargs)	Creates a new service client
`activate_domain`(domain_id, **kwargs)	(For tenancies that support identity domains) Activates a deactivated identity domain. You can only activate identity domains that your user account is not a part of.
`activate_mfa_totp_device`(user_id, …)	Activates the specified MFA TOTP device for the user.
`add_tag_default_lock`(tag_default_id, …)	Add a resource lock to a tag default.
`add_tag_namespace_lock`(tag_namespace_id, …)	Add a resource lock to a tag namespace.
`add_user_to_group`(add_user_to_group_details, …)	Adds the specified user to the specified group and returns a UserGroupMembership object with its own OCID.
`assemble_effective_tag_set`(compartment_id, …)	Assembles tag defaults in the specified compartment and any parent compartments to determine the tags to apply.
`bulk_delete_resources`(compartment_id, …)	Deletes multiple resources in the compartment.
`bulk_delete_tags`(bulk_delete_tags_details, …)	Deletes the specified tag key definitions.
`bulk_edit_tags`(**kwargs)	Edits the specified list of tag key definitions for the selected resources.
`bulk_move_resources`(compartment_id, …)	Moves multiple resources from one compartment to another.
`cascade_delete_tag_namespace`(…)	Deletes the specified tag namespace.
`change_domain_compartment`(domain_id, …)	(For tenancies that support identity domains) Moves the identity domain to a different compartment in the tenancy.
`change_domain_license_type`(domain_id, …)	(For tenancies that support identity domains) Changes the license type of the given identity domain. The identity domain’s
`change_tag_namespace_compartment`(…)	Moves the specified tag namespace to the specified compartment within the same tenancy.
`create_auth_token`(create_auth_token_details, …)	Creates a new auth token for the specified user.
`create_compartment`(…)	Creates a new compartment in the specified compartment.
`create_customer_secret_key`(…)	Creates a new secret key for the specified user.
`create_db_credential`(…)	Creates a new DB credential for the specified user.
`create_domain`(create_domain_details, **kwargs)	(For tenancies that support identity domains) Creates a new identity domain in the tenancy with the identity domain home in homeRegion.
`create_dynamic_group`(…)	Creates a new dynamic group in your tenancy.
`create_group`(create_group_details, **kwargs)	Creates a new group in your tenancy.
`create_identity_provider`(…)	Deprecated. For more information, see `Deprecated IAM Service APIs`__.
`create_idp_group_mapping`(…)	Deprecated. For more information, see `Deprecated IAM Service APIs`__.
`create_mfa_totp_device`(user_id, **kwargs)	Creates a new MFA TOTP device for the user.
`create_network_source`(…)	Creates a new network source in your tenancy.
`create_o_auth_client_credential`(user_id, …)	Creates Oauth token for the user
`create_or_reset_ui_password`(user_id, **kwargs)	Creates a new Console one-time password for the specified user.
`create_policy`(create_policy_details, **kwargs)	Creates a new policy in the specified compartment (either the tenancy or another of your compartments).
`create_region_subscription`(…)	Creates a subscription to a region for a tenancy.
`create_smtp_credential`(…)	Creates a new SMTP credential for the specified user.
`create_swift_password`(…)	Deprecated. Use :func:`create_auth_token` instead.
`create_tag`(tag_namespace_id, …)	Creates a new tag in the specified tag namespace.
`create_tag_default`(…)	Creates a new tag default in the specified compartment for the specified tag definition.
`create_tag_namespace`(…)	Creates a new tag namespace in the specified compartment.
`create_user`(create_user_details, **kwargs)	Creates a new user in your tenancy.
`deactivate_domain`(domain_id, **kwargs)	(For tenancies that support identity domains) Deactivates the specified identity domain. Identity domains must be in an ACTIVE
`delete_api_key`(user_id, fingerprint, **kwargs)	Deletes the specified API signing key for the specified user.
`delete_auth_token`(user_id, auth_token_id, …)	Deletes the specified auth token for the specified user.
`delete_compartment`(compartment_id, **kwargs)	Deletes the specified compartment.
`delete_customer_secret_key`(user_id, …)	Deletes the specified secret key for the specified user.
`delete_db_credential`(user_id, …)	Deletes the specified DB credential for the specified user.
`delete_domain`(domain_id, **kwargs)	(For tenancies that support identity domains) Deletes an identity domain. The identity domain must have no active apps present in
`delete_dynamic_group`(dynamic_group_id, **kwargs)	Deletes the specified dynamic group.
`delete_group`(group_id, **kwargs)	Deletes the specified group.
`delete_identity_provider`(…)	Deprecated. For more information, see `Deprecated IAM Service APIs`__.
`delete_idp_group_mapping`(…)	Deprecated. For more information, see `Deprecated IAM Service APIs`__.
`delete_mfa_totp_device`(user_id, …)	Deletes the specified MFA TOTP device for the specified user.
`delete_network_source`(network_source_id, …)	Deletes the specified network source.
`delete_o_auth_client_credential`(user_id, …)	Delete Oauth token for the user
`delete_policy`(policy_id, **kwargs)	Deletes the specified policy.
`delete_smtp_credential`(user_id, …)	Deletes the specified SMTP credential for the specified user.
`delete_swift_password`(user_id, …)	Deprecated. Use :func:`delete_auth_token` instead.
`delete_tag`(tag_namespace_id, tag_name, **kwargs)	Deletes the specified tag definition.
`delete_tag_default`(tag_default_id, **kwargs)	Deletes the the specified tag default.
`delete_tag_namespace`(tag_namespace_id, **kwargs)	Deletes the specified tag namespace.
`delete_user`(user_id, **kwargs)	Deletes the specified user.
`enable_replication_to_region`(domain_id, …)	(For tenancies that support identity domains) Replicates the identity domain to a new region (provided that the region is the
`generate_totp_seed`(user_id, …)	Generate seed for the MFA TOTP device.
`get_authentication_policy`(compartment_id, …)	Gets the authentication policy for the given tenancy.
`get_compartment`(compartment_id, **kwargs)	Gets the specified compartment’s information.
`get_domain`(domain_id, **kwargs)	(For tenancies that support identity domains) Gets the specified identity domain’s information.
`get_dynamic_group`(dynamic_group_id, **kwargs)	Gets the specified dynamic group’s information.
`get_group`(group_id, **kwargs)	Gets the specified group’s information.
`get_iam_work_request`(iam_work_request_id, …)	Gets the details of a specified IAM work request.
`get_identity_provider`(identity_provider_id, …)	Deprecated. For more information, see `Deprecated IAM Service APIs`__.
`get_idp_group_mapping`(identity_provider_id, …)	Deprecated. For more information, see `Deprecated IAM Service APIs`__.
`get_mfa_totp_device`(user_id, …)	Get the specified MFA TOTP device for the specified user.
`get_network_source`(network_source_id, **kwargs)	Gets the specified network source’s information.
`get_policy`(policy_id, **kwargs)	Gets the specified policy’s information.
`get_standard_tag_template`(compartment_id, …)	Retrieve the standard tag namespace template given the standard tag namespace name.
`get_tag`(tag_namespace_id, tag_name, **kwargs)	Gets the specified tag’s information.
`get_tag_default`(tag_default_id, **kwargs)	Retrieves the specified tag default.
`get_tag_namespace`(tag_namespace_id, **kwargs)	Gets the specified tag namespace’s information.
`get_tagging_work_request`(work_request_id, …)	Gets details on a specified work request.
`get_tenancy`(tenancy_id, **kwargs)	Get the specified tenancy’s information.
`get_user`(user_id, **kwargs)	Gets the specified user’s information.
`get_user_group_membership`(…)	Gets the specified UserGroupMembership’s information.
`get_user_ui_password_information`(user_id, …)	Gets the specified user’s console password information.
`get_work_request`(work_request_id, **kwargs)	Gets details on a specified work request.
`import_standard_tags`(**kwargs)	OCI will release Tag Namespaces that our customers can import.
`list_allowed_domain_license_types`(**kwargs)	(For tenancies that support identity domains) Lists the license types for identity domains supported by Oracle Cloud Infrastructure.
`list_api_keys`(user_id, **kwargs)	Lists the API signing keys for the specified user.
`list_auth_tokens`(user_id, **kwargs)	Lists the auth tokens for the specified user.
`list_availability_domains`(compartment_id, …)	Lists the availability domains in your tenancy.
`list_bulk_action_resource_types`(…)	Lists the resource-types supported by compartment bulk actions.
`list_bulk_edit_tags_resource_types`(**kwargs)	Lists the resource types that support bulk tag editing.
`list_compartments`(compartment_id, **kwargs)	Lists the compartments in a specified compartment.
`list_cost_tracking_tags`(compartment_id, **kwargs)	Lists all the tags enabled for cost-tracking in the specified tenancy.
`list_customer_secret_keys`(user_id, **kwargs)	Lists the secret keys for the specified user.
`list_db_credentials`(user_id, **kwargs)	Lists the DB credentials for the specified user.
`list_domains`(compartment_id, **kwargs)	(For tenancies that support identity domains) Lists all identity domains within a tenancy.
`list_dynamic_groups`(compartment_id, **kwargs)	Lists the dynamic groups in your tenancy.
`list_fault_domains`(compartment_id, …)	Lists the Fault Domains in your tenancy.
`list_groups`(compartment_id, **kwargs)	Lists the groups in your tenancy.
`list_iam_work_request_errors`(…)	Gets error details for a specified IAM work request.
`list_iam_work_request_logs`(…)	Gets logs for a specified IAM work request.
`list_iam_work_requests`(compartment_id, **kwargs)	Lists the IAM work requests in compartment.
`list_identity_provider_groups`(…)	Deprecated. For more information, see `Deprecated IAM Service APIs`__.
`list_identity_providers`(protocol, …)	Deprecated. For more information, see `Deprecated IAM Service APIs`__.
`list_idp_group_mappings`(…)	Deprecated. For more information, see `Deprecated IAM Service APIs`__.
`list_mfa_totp_devices`(user_id, **kwargs)	Lists the MFA TOTP devices for the specified user.
`list_network_sources`(compartment_id, **kwargs)	Lists the network sources in your tenancy.
`list_o_auth_client_credentials`(user_id, **kwargs)	List of Oauth tokens for the user
`list_policies`(compartment_id, **kwargs)	Lists the policies in the specified compartment (either the tenancy or another of your compartments).
`list_region_subscriptions`(tenancy_id, **kwargs)	Lists the region subscriptions for the specified tenancy.
`list_regions`(**kwargs)	Lists all the regions offered by Oracle Cloud Infrastructure.
`list_smtp_credentials`(user_id, **kwargs)	Lists the SMTP credentials for the specified user.
`list_standard_tag_namespaces`(compartment_id, …)	Lists available standard tag namespaces that users can create.
`list_swift_passwords`(user_id, **kwargs)	Deprecated. Use :func:`list_auth_tokens` instead.
`list_tag_defaults`(**kwargs)	Lists the tag defaults for tag definitions in the specified compartment.
`list_tag_namespaces`(compartment_id, **kwargs)	Lists the tag namespaces in the specified compartment.
`list_tagging_work_request_errors`(…)	Gets the errors for a work request.
`list_tagging_work_request_logs`(…)	Gets the logs for a work request.
`list_tagging_work_requests`(compartment_id, …)	Lists the tagging work requests in compartment.
`list_tags`(tag_namespace_id, **kwargs)	Lists the tag definitions in the specified tag namespace.
`list_user_group_memberships`(compartment_id, …)	Lists the UserGroupMembership objects in your tenancy.
`list_users`(compartment_id, **kwargs)	Lists the users in your tenancy.
`list_work_requests`(compartment_id, **kwargs)	Lists the work requests in compartment.
`move_compartment`(compartment_id, …)	Move the compartment to a different parent compartment in the same tenancy.
`recover_compartment`(compartment_id, **kwargs)	Recover the compartment from DELETED state to ACTIVE state.
`remove_tag_default_lock`(tag_default_id, …)	Remove a resource lock from a tag default.
`remove_tag_namespace_lock`(tag_namespace_id, …)	Remove a resource lock from a tag namespace.
`remove_user_from_group`(…)	Removes a user from a group by deleting the corresponding UserGroupMembership.
`reset_idp_scim_client`(identity_provider_id, …)	Resets the OAuth2 client credentials for the SCIM client associated with this identity provider.
`update_auth_token`(user_id, auth_token_id, …)	Updates the specified auth token’s description.
`update_authentication_policy`(compartment_id, …)	Updates authentication policy for the specified tenancy.
`update_compartment`(compartment_id, …)	Updates the specified compartment’s description or name.
`update_customer_secret_key`(user_id, …)	Updates the specified secret key’s description.
`update_domain`(domain_id, …)	(For tenancies that support identity domains) Updates identity domain information and the associated Identity Cloud Service (IDCS) stripe.
`update_dynamic_group`(dynamic_group_id, …)	Updates the specified dynamic group.
`update_group`(group_id, update_group_details, …)	Updates the specified group.
`update_identity_provider`(…)	Deprecated. For more information, see `Deprecated IAM Service APIs`__.
`update_idp_group_mapping`(…)	Deprecated. For more information, see `Deprecated IAM Service APIs`__.
`update_network_source`(network_source_id, …)	Updates the specified network source.
`update_o_auth_client_credential`(user_id, …)	Updates Oauth token for the user
`update_policy`(policy_id, …)	Updates the specified policy.
`update_smtp_credential`(user_id, …)	Updates the specified SMTP credential’s description.
`update_swift_password`(user_id, …)	Deprecated. Use :func:`update_auth_token` instead.
`update_tag`(tag_namespace_id, tag_name, …)	Updates the specified tag definition.
`update_tag_default`(tag_default_id, …)	Updates the specified tag default.
`update_tag_namespace`(tag_namespace_id, …)	Updates the the specified tag namespace.
`update_user`(user_id, update_user_details, …)	Updates the description of the specified user.
`update_user_capabilities`(user_id, …)	Updates the capabilities of the specified user.
`update_user_state`(user_id, …)	Updates the state of the specified user.
`upload_api_key`(user_id, …)	Uploads an API signing key for the specified user.

__init__(config, **kwargs)¶

Creates a new service client

Parameters:

config (dict) – Configuration keys and values as per SDK and Tool Configuration. The from_file() method can be used to load configuration from a file. Alternatively, a dict can be passed. You can validate_config the dict using validate_config()
service_endpoint (str) – (optional) The endpoint of the service to call using this client. For example https://iaas.us-ashburn-1.oraclecloud.com. If this keyword argument is not provided then it will be derived using the region in the config parameter. You should only provide this keyword argument if you have an explicit need to specify a service endpoint.
timeout (float or tuple(float, float)) – (optional) The connection and read timeouts for the client. The default values are connection timeout 10 seconds and read timeout 60 seconds. This keyword argument can be provided as a single float, in which case the value provided is used for both the read and connection timeouts, or as a tuple of two floats. If a tuple is provided then the first value is used as the connection timeout and the second value as the read timeout.
signer (AbstractBaseSigner) –
(optional) The signer to use when signing requests made by the service client. The default is to use a Signer based on the values provided in the config parameter.

One use case for this parameter is for Instance Principals authentication by passing an instance of InstancePrincipalsSecurityTokenSigner as the value for this keyword argument
retry_strategy (obj) –
(optional) A retry strategy to apply to all calls made by this service client (i.e. at the client level). There is no retry strategy applied by default. Retry strategies can also be applied at the operation level by passing a retry_strategy keyword argument as part of calling the operation. Any value provided at the operation level will override whatever is specified at the client level.

This should be one of the strategies available in the retry module. A convenience DEFAULT_RETRY_STRATEGY is also available. The specifics of the default retry strategy are described here.
circuit_breaker_strategy (obj) – (optional) A circuit breaker strategy to apply to all calls made by this service client (i.e. at the client level). This client uses DEFAULT_CIRCUIT_BREAKER_STRATEGY as default if no circuit breaker strategy is provided. The specifics of circuit breaker strategy are described here.
circuit_breaker_callback (function) – (optional) Callback function to receive any exceptions triggerred by the circuit breaker.
client_level_realm_specific_endpoint_template_enabled (bool) – (optional) A boolean flag to indicate whether or not this client should be created with realm specific endpoint template enabled or disable. By default, this will be set as None.
allow_control_chars – (optional) allow_control_chars is a boolean to indicate whether or not this client should allow control characters in the response object. By default, the client will not allow control characters to be in the response object.

activate_domain(domain_id, **kwargs)¶

(For tenancies that support identity domains) Activates a deactivated identity domain. You can only activate identity domains that your user account is not a part of.

After you send the request, the lifecycleDetails of the identity domain is set to ACTIVATING. When the operation completes, the lifecycleDetails is set to null and the lifecycleState of the identity domain is set to ACTIVE.

To track the progress of the request, submitting an HTTP GET on the /iamWorkRequests/{iamWorkRequestsId} endpoint retrieves the operation’s status.

Parameters:	domain_id (str) – (required) The OCID of the identity domain. opc_request_id (str) – (optional) Unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID. opc_retry_token (str) – (optional) A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations (e.g., if a resource has been deleted and purged from the system, then a retry of the original creation request may be rejected). if_match (str) – (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value. retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type None
Return type:	`Response`
Example:

Click here to see an example of how to use activate_domain API.

activate_mfa_totp_device(user_id, mfa_totp_device_id, mfa_totp_token, **kwargs)¶

Activates the specified MFA TOTP device for the user. Activation requires manual interaction with the Console.

Parameters:	user_id (str) – (required) The OCID of the user. mfa_totp_device_id (str) – (required) The OCID of the MFA TOTP device. mfa_totp_token (oci.identity.models.MfaTotpToken) – (required) MFA TOTP token if_match (str) – (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value. opc_retry_token (str) – (optional) A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations (e.g., if a resource has been deleted and purged from the system, then a retry of the original creation request may be rejected). retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type `MfaTotpDeviceSummary`
Return type:	`Response`
Example:

Click here to see an example of how to use activate_mfa_totp_device API.

add_tag_default_lock(tag_default_id, add_lock_details, **kwargs)¶

Add a resource lock to a tag default.

Parameters:	tag_default_id (str) – (required) The OCID of the tag default. add_lock_details (oci.identity.models.AddLockDetails) – (required) Lock that is going to be added to resource if_match (str) – (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value. opc_request_id (str) – (optional) Unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID. opc_retry_token (str) – (optional) A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations (e.g., if a resource has been deleted and purged from the system, then a retry of the original creation request may be rejected). retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type `TagDefault`
Return type:	`Response`
Example:

Click here to see an example of how to use add_tag_default_lock API.

add_tag_namespace_lock(tag_namespace_id, add_lock_details, **kwargs)¶

Add a resource lock to a tag namespace.

Parameters:	tag_namespace_id (str) – (required) The OCID of the tag namespace. add_lock_details (oci.identity.models.AddLockDetails) – (required) Lock that is going to be added to resource if_match (str) – (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value. opc_request_id (str) – (optional) Unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID. opc_retry_token (str) – (optional) A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations (e.g., if a resource has been deleted and purged from the system, then a retry of the original creation request may be rejected). retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type `TagNamespace`
Return type:	`Response`
Example:

Click here to see an example of how to use add_tag_namespace_lock API.

add_user_to_group(add_user_to_group_details, **kwargs)¶

Adds the specified user to the specified group and returns a UserGroupMembership object with its own OCID.

After you send your request, the new object’s lifecycleState will temporarily be CREATING. Before using the object, first make sure its lifecycleState has changed to ACTIVE.

Parameters:	add_user_to_group_details (oci.identity.models.AddUserToGroupDetails) – (required) Request object for adding a user to a group. opc_retry_token (str) – (optional) A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations (e.g., if a resource has been deleted and purged from the system, then a retry of the original creation request may be rejected). retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type `UserGroupMembership`
Return type:	`Response`
Example:

Click here to see an example of how to use add_user_to_group API.

assemble_effective_tag_set(compartment_id, **kwargs)¶

Assembles tag defaults in the specified compartment and any parent compartments to determine the tags to apply. Tag defaults from parent compartments do not override tag defaults referencing the same tag in a compartment lower down the hierarchy. This set of tag defaults includes all tag defaults from the current compartment back to the root compartment.

Parameters:	compartment_id (str) – (required) The OCID of the compartment (remember that the tenancy is simply the root compartment). lifecycle_state (str) – (optional) A filter to only return resources that match the given lifecycle state. The state value is case-insensitive. Allowed values are: “ACTIVE” retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type list of `TagDefaultSummary`
Return type:	`Response`
Example:

Click here to see an example of how to use assemble_effective_tag_set API.

bulk_delete_resources(compartment_id, bulk_delete_resources_details, **kwargs)¶

Deletes multiple resources in the compartment. All resources must be in the same compartment. You must have the appropriate permissions to delete the resources in the request. This API can only be invoked from the tenancy’s `home region`__. This operation creates a WorkRequest. Use the get_work_request() API to monitor the status of the bulk action.

Parameters:	compartment_id (str) – (required) The OCID of the compartment. bulk_delete_resources_details (oci.identity.models.BulkDeleteResourcesDetails) – (required) Request object for bulk delete resources in a compartment. opc_request_id (str) – (optional) Unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID. opc_retry_token (str) – (optional) A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations (e.g., if a resource has been deleted and purged from the system, then a retry of the original creation request may be rejected). retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type None
Return type:	`Response`
Example:

Click here to see an example of how to use bulk_delete_resources API.

bulk_delete_tags(bulk_delete_tags_details, **kwargs)¶

Deletes the specified tag key definitions. This operation triggers a process that removes the tags from all resources in your tenancy. The tag key definitions must be within the same tag namespace.

The following actions happen immediately:

If the tag is a cost-tracking tag, the tag no longer counts against your

10 cost-tracking tags limit, even if you do not disable the tag before running this operation. * If the tag is used with dynamic groups, the rules that contain the tag are no longer evaluated against the tag.

After you start this operation, the state of the tag changes to DELETING, and tag removal from resources begins. This process can take up to 48 hours depending on the number of resources that are tagged and the regions in which those resources reside.

When all tags have been removed, the state changes to DELETED. You cannot restore a deleted tag. After the tag state changes to DELETED, you can use the same tag name again.

After you start this operation, you cannot start either the delete_tag() or the cascade_delete_tag_namespace() operation until this process completes.

In order to delete tags, you must first retire the tags. Use update_tag() to retire a tag.

Parameters:	bulk_delete_tags_details (oci.identity.models.BulkDeleteTagsDetails) – (required) Request object for deleting tags in bulk. opc_request_id (str) – (optional) Unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID. opc_retry_token (str) – (optional) A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations (e.g., if a resource has been deleted and purged from the system, then a retry of the original creation request may be rejected). is_lock_override (bool) – (optional) Whether to override locks (if any exist). retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type None
Return type:	`Response`
Example:

Click here to see an example of how to use bulk_delete_tags API.

bulk_edit_tags(**kwargs)¶

Edits the specified list of tag key definitions for the selected resources. This operation triggers a process that edits the tags on all selected resources. The possible actions are:

Add a defined tag when the tag does not already exist on the resource.

Update the value for a defined tag when the tag is present on the resource.

Add a defined tag when it does not already exist on the resource or update the value for a defined tag when the tag is present on the resource.

Remove a defined tag from a resource. The tag is removed from the resource regardless of the tag value.

See bulk_edit_operation_details() for more information.

The edits can include a combination of operations and tag sets. However, multiple operations cannot apply to one key definition in the same request. For example, if one request adds tag set-1 to a resource and sets a tag value to tag set-2, tag set-1 and tag set-2 cannot have any common tag definitions.

Parameters:	opc_request_id (str) – (optional) Unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID. opc_retry_token (str) – (optional) A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations (e.g., if a resource has been deleted and purged from the system, then a retry of the original creation request may be rejected). bulk_edit_tags_details (oci.identity.models.BulkEditTagsDetails) – (optional) The request object for bulk editing tags on resources in the compartment. retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type None
Return type:	`Response`
Example:

Click here to see an example of how to use bulk_edit_tags API.

bulk_move_resources(compartment_id, bulk_move_resources_details, **kwargs)¶

Moves multiple resources from one compartment to another. All resources must be in the same compartment. This API can only be invoked from the tenancy’s `home region`__. To move resources, you must have the appropriate permissions to move the resource in both the source and target compartments. This operation creates a WorkRequest. Use the get_work_request() API to monitor the status of the bulk action.

Parameters:	compartment_id (str) – (required) The OCID of the compartment. bulk_move_resources_details (oci.identity.models.BulkMoveResourcesDetails) – (required) Request object for bulk move resources in the compartment. opc_request_id (str) – (optional) Unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID. opc_retry_token (str) – (optional) A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations (e.g., if a resource has been deleted and purged from the system, then a retry of the original creation request may be rejected). retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type None
Return type:	`Response`
Example:

Click here to see an example of how to use bulk_move_resources API.

cascade_delete_tag_namespace(tag_namespace_id, **kwargs)¶

Deletes the specified tag namespace. This operation triggers a process that removes all of the tags defined in the specified tag namespace from all resources in your tenancy and then deletes the tag namespace.

After you start the delete operation:

New tag key definitions cannot be created under the namespace.

The state of the tag namespace changes to DELETING.

Tag removal from the resources begins.

This process can take up to 48 hours depending on the number of tag definitions in the namespace, the number of resources that are tagged, and the locations of the regions in which those resources reside.

After all tags are removed, the state changes to DELETED. You cannot restore a deleted tag namespace. After the deleted tag namespace changes its state to DELETED, you can use the name of the deleted tag namespace again.

After you start this operation, you cannot start either the delete_tag() or the bulk_delete_tags() operation until this process completes.

To delete a tag namespace, you must first retire it. Use update_tag_namespace() to retire a tag namespace.

Parameters:	tag_namespace_id (str) – (required) The OCID of the tag namespace. if_match (str) – (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value. opc_request_id (str) – (optional) Unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID. opc_retry_token (str) – (optional) A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations (e.g., if a resource has been deleted and purged from the system, then a retry of the original creation request may be rejected). is_lock_override (bool) – (optional) Whether to override locks (if any exist). retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type None
Return type:	`Response`
Example:

Click here to see an example of how to use cascade_delete_tag_namespace API.

change_domain_compartment(domain_id, change_domain_compartment_details, **kwargs)¶

(For tenancies that support identity domains) Moves the identity domain to a different compartment in the tenancy.

To track the progress of the request, submitting an HTTP GET on the /iamWorkRequests/{iamWorkRequestsId} endpoint retrieves the operation’s status.

Parameters:	domain_id (str) – (required) The OCID of the identity domain. change_domain_compartment_details (oci.identity.models.ChangeDomainCompartmentDetails) – (required) The request object for moving the identity domain to a different compartment. opc_request_id (str) – (optional) Unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID. opc_retry_token (str) – (optional) A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations (e.g., if a resource has been deleted and purged from the system, then a retry of the original creation request may be rejected). if_match (str) – (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value. retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type None
Return type:	`Response`
Example:

Click here to see an example of how to use change_domain_compartment API.

change_domain_license_type(domain_id, change_domain_license_type_details, **kwargs)¶

(For tenancies that support identity domains) Changes the license type of the given identity domain. The identity domain’s lifecycleState must be set to ACTIVE and the requested licenseType must be allowed. To retrieve the allowed licenseType for the identity domain, use list_allowed_domain_license_types().

After you send your request, the lifecycleDetails of this identity domain is set to UPDATING. When the update of the identity domain completes, then the lifecycleDetails is set to null.

To track the progress of the request, submitting an HTTP GET on the /iamWorkRequests/{iamWorkRequestsId} endpoint retrieves the operation’s status.

Parameters:	domain_id (str) – (required) The OCID of the identity domain. change_domain_license_type_details (oci.identity.models.ChangeDomainLicenseTypeDetails) – (required) The request object for an update to the license type of the identity domain. opc_request_id (str) – (optional) Unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID. opc_retry_token (str) – (optional) A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations (e.g., if a resource has been deleted and purged from the system, then a retry of the original creation request may be rejected). if_match (str) – (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value. retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type None
Return type:	`Response`
Example:

Click here to see an example of how to use change_domain_license_type API.

change_tag_namespace_compartment(tag_namespace_id, change_tag_namespace_compartment_detail, **kwargs)¶

Moves the specified tag namespace to the specified compartment within the same tenancy.

To move the tag namespace, you must have the manage tag-namespaces permission on both compartments. For more information about IAM policies, see `Details for IAM`__.

Moving a tag namespace moves all the tag key definitions contained in the tag namespace.

Parameters:	tag_namespace_id (str) – (required) The OCID of the tag namespace. change_tag_namespace_compartment_detail (oci.identity.models.ChangeTagNamespaceCompartmentDetail) – (required) Request object for changing the compartment of a tag namespace. opc_retry_token (str) – (optional) A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations (e.g., if a resource has been deleted and purged from the system, then a retry of the original creation request may be rejected). is_lock_override (bool) – (optional) Whether to override locks (if any exist). retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type None
Return type:	`Response`
Example:

Click here to see an example of how to use change_tag_namespace_compartment API.

create_auth_token(create_auth_token_details, user_id, **kwargs)¶

Creates a new auth token for the specified user. For information about what auth tokens are for, see `Managing User Credentials`__.

You must specify a description for the auth token (although it can be an empty string). It does not have to be unique, and you can change it anytime with update_auth_token().

Every user has permission to create an auth token for their own user ID. An administrator in your organization does not need to write a policy to give users this ability. To compare, administrators who have permission to the tenancy can use this operation to create an auth token for any user, including themselves.

Parameters:	create_auth_token_details (oci.identity.models.CreateAuthTokenDetails) – (required) Request object for creating a new auth token. user_id (str) – (required) The OCID of the user. opc_retry_token (str) – (optional) A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations (e.g., if a resource has been deleted and purged from the system, then a retry of the original creation request may be rejected). retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type `AuthToken`
Return type:	`Response`
Example:

Click here to see an example of how to use create_auth_token API.

create_compartment(create_compartment_details, **kwargs)¶

Creates a new compartment in the specified compartment.

Specify the parent compartment’s OCID as the compartment ID in the request object. Remember that the tenancy is simply the root compartment. For information about OCIDs, see `Resource Identifiers`__.

You must also specify a name for the compartment, which must be unique across all compartments in your tenancy. You can use this name or the OCID when writing policies that apply to the compartment. For more information about policies, see `How Policies Work`__.

You must also specify a description for the compartment (although it can be an empty string). It does not have to be unique, and you can change it anytime with update_compartment().

After you send your request, the new object’s lifecycleState will temporarily be CREATING. Before using the object, first make sure its lifecycleState has changed to ACTIVE.

Parameters:	create_compartment_details (oci.identity.models.CreateCompartmentDetails) – (required) Request object for creating a new compartment. opc_retry_token (str) – (optional) A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations (e.g., if a resource has been deleted and purged from the system, then a retry of the original creation request may be rejected). retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type `Compartment`
Return type:	`Response`
Example:

Click here to see an example of how to use create_compartment API.

create_customer_secret_key(create_customer_secret_key_details, user_id, **kwargs)¶

Creates a new secret key for the specified user. Secret keys are used for authentication with the Object Storage Service’s Amazon S3 compatible API. The secret key consists of an Access Key/Secret Key pair. For information, see `Managing User Credentials`__.

You must specify a description for the secret key (although it can be an empty string). It does not have to be unique, and you can change it anytime with update_customer_secret_key().

Every user has permission to create a secret key for their own user ID. An administrator in your organization does not need to write a policy to give users this ability. To compare, administrators who have permission to the tenancy can use this operation to create a secret key for any user, including themselves.

Parameters:	create_customer_secret_key_details (oci.identity.models.CreateCustomerSecretKeyDetails) – (required) Request object for creating a new secret key. user_id (str) – (required) The OCID of the user. opc_retry_token (str) – (optional) A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations (e.g., if a resource has been deleted and purged from the system, then a retry of the original creation request may be rejected). retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type `CustomerSecretKey`
Return type:	`Response`
Example:

Click here to see an example of how to use create_customer_secret_key API.

create_db_credential(create_db_credential_details, user_id, **kwargs)¶

Creates a new DB credential for the specified user.

Parameters:	create_db_credential_details (oci.identity.models.CreateDbCredentialDetails) – (required) Request object for creating a new DB credential with the user. user_id (str) – (required) The OCID of the user. opc_request_id (str) – (optional) Unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID. opc_retry_token (str) – (optional) A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations (e.g., if a resource has been deleted and purged from the system, then a retry of the original creation request may be rejected). retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type `DbCredential`
Return type:	`Response`
Example:

Click here to see an example of how to use create_db_credential API.

create_domain(create_domain_details, **kwargs)¶

(For tenancies that support identity domains) Creates a new identity domain in the tenancy with the identity domain home in homeRegion. After you send your request, the temporary lifecycleState of this identity domain is set to CREATING and lifecycleDetails to UPDATING. When creation of the identity domain completes, this identity domain’s lifecycleState is set to ACTIVE and lifecycleDetails to null.

To track the progress of the request, submitting an HTTP GET on the /iamWorkRequests/{iamWorkRequestsId} endpoint retrieves the operation’s status.

After creating an identity domain, first make sure its lifecycleState changes from CREATING to ACTIVE before you use it.

Parameters:	create_domain_details (oci.identity.models.CreateDomainDetails) – (required) The request object for creating a new identity domain. opc_retry_token (str) – (optional) A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations (e.g., if a resource has been deleted and purged from the system, then a retry of the original creation request may be rejected). opc_request_id (str) – (optional) Unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID. retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type None
Return type:	`Response`
Example:

Click here to see an example of how to use create_domain API.

create_dynamic_group(create_dynamic_group_details, **kwargs)¶

Creates a new dynamic group in your tenancy.

You must specify your tenancy’s OCID as the compartment ID in the request object (remember that the tenancy is simply the root compartment). Notice that IAM resources (users, groups, compartments, and some policies) reside within the tenancy itself, unlike cloud resources such as compute instances, which typically reside within compartments inside the tenancy. For information about OCIDs, see `Resource Identifiers`__.

You must also specify a name for the dynamic group, which must be unique across all dynamic groups in your tenancy, and cannot be changed. Note that this name has to be also unique across all groups in your tenancy. You can use this name or the OCID when writing policies that apply to the dynamic group. For more information about policies, see `How Policies Work`__.

You must also specify a description for the dynamic group (although it can be an empty string). It does not have to be unique, and you can change it anytime with update_dynamic_group().

After you send your request, the new object’s lifecycleState will temporarily be CREATING. Before using the object, first make sure its lifecycleState has changed to ACTIVE.

Parameters:	create_dynamic_group_details (oci.identity.models.CreateDynamicGroupDetails) – (required) Request object for creating a new dynamic group. opc_retry_token (str) – (optional) A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations (e.g., if a resource has been deleted and purged from the system, then a retry of the original creation request may be rejected). retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type `DynamicGroup`
Return type:	`Response`
Example:

Click here to see an example of how to use create_dynamic_group API.

create_group(create_group_details, **kwargs)¶

Creates a new group in your tenancy.

You must specify your tenancy’s OCID as the compartment ID in the request object (remember that the tenancy is simply the root compartment). Notice that IAM resources (users, groups, compartments, and some policies) reside within the tenancy itself, unlike cloud resources such as compute instances, which typically reside within compartments inside the tenancy. For information about OCIDs, see `Resource Identifiers`__.

You must also specify a name for the group, which must be unique across all groups in your tenancy and cannot be changed. You can use this name or the OCID when writing policies that apply to the group. For more information about policies, see `How Policies Work`__.

You must also specify a description for the group (although it can be an empty string). It does not have to be unique, and you can change it anytime with update_group().

After you send your request, the new object’s lifecycleState will temporarily be CREATING. Before using the object, first make sure its lifecycleState has changed to ACTIVE.

After creating the group, you need to put users in it and write policies for it. See add_user_to_group() and create_policy().

Parameters:	create_group_details (oci.identity.models.CreateGroupDetails) – (required) Request object for creating a new group. opc_retry_token (str) – (optional) A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations (e.g., if a resource has been deleted and purged from the system, then a retry of the original creation request may be rejected). retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type `Group`
Return type:	`Response`
Example:

Click here to see an example of how to use create_group API.

create_identity_provider(create_identity_provider_details, **kwargs)¶

Deprecated. For more information, see `Deprecated IAM Service APIs`__.

Creates a new identity provider in your tenancy. For more information, see `Identity Providers and Federation`__.

You must specify your tenancy’s OCID as the compartment ID in the request object. Remember that the tenancy is simply the root compartment. For information about OCIDs, see `Resource Identifiers`__.

You must also specify a name for the IdentityProvider, which must be unique across all IdentityProvider objects in your tenancy and cannot be changed.

You must also specify a description for the IdentityProvider (although it can be an empty string). It does not have to be unique, and you can change it anytime with update_identity_provider().

After you send your request, the new object’s lifecycleState will temporarily be CREATING. Before using the object, first make sure its lifecycleState has changed to ACTIVE.

Parameters:	create_identity_provider_details (oci.identity.models.CreateIdentityProviderDetails) – (required) Request object for creating a new SAML2 identity provider. opc_retry_token (str) – (optional) A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations (e.g., if a resource has been deleted and purged from the system, then a retry of the original creation request may be rejected). retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type `IdentityProvider`
Return type:	`Response`
Example:

Click here to see an example of how to use create_identity_provider API.

create_idp_group_mapping(create_idp_group_mapping_details, identity_provider_id, **kwargs)¶

Deprecated. For more information, see `Deprecated IAM Service APIs`__.

Creates a single mapping between an IdP group and an IAM Service Group.

Parameters:	create_idp_group_mapping_details (oci.identity.models.CreateIdpGroupMappingDetails) – (required) Add a mapping from an SAML2.0 identity provider group to a BMC group. identity_provider_id (str) – (required) The OCID of the identity provider. opc_retry_token (str) – (optional) A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations (e.g., if a resource has been deleted and purged from the system, then a retry of the original creation request may be rejected). retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type `IdpGroupMapping`
Return type:	`Response`
Example:

Click here to see an example of how to use create_idp_group_mapping API.

create_mfa_totp_device(user_id, **kwargs)¶

Creates a new MFA TOTP device for the user. A user can have one MFA TOTP device.

Parameters:	user_id (str) – (required) The OCID of the user. opc_retry_token (str) – (optional) A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations (e.g., if a resource has been deleted and purged from the system, then a retry of the original creation request may be rejected). retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type `MfaTotpDevice`
Return type:	`Response`
Example:

Click here to see an example of how to use create_mfa_totp_device API.

create_network_source(create_network_source_details, **kwargs)¶

Creates a new network source in your tenancy.

You must specify your tenancy’s OCID as the compartment ID in the request object (remember that the tenancy is simply the root compartment). Notice that IAM resources (users, groups, compartments, and some policies) reside within the tenancy itself, unlike cloud resources such as compute instances, which typically reside within compartments inside the tenancy. For information about OCIDs, see `Resource Identifiers`__.

You must also specify a name for the network source, which must be unique across all network sources in your tenancy, and cannot be changed. You can use this name or the OCID when writing policies that apply to the network source. For more information about policies, see `How Policies Work`__.

You must also specify a description for the network source (although it can be an empty string). It does not have to be unique, and you can change it anytime with update_network_source().

After you send your request, the new object’s lifecycleState will temporarily be CREATING. Before using the object, first make sure its lifecycleState has changed to ACTIVE.

After your network resource is created, you can use it in policy to restrict access to only requests made from an allowed IP address specified in your network source. For more information, see `Managing Network Sources`__.

Parameters:	create_network_source_details (oci.identity.models.CreateNetworkSourceDetails) – (required) Request object for creating a new network source. opc_retry_token (str) – (optional) A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations (e.g., if a resource has been deleted and purged from the system, then a retry of the original creation request may be rejected). retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type `NetworkSources`
Return type:	`Response`
Example:

Click here to see an example of how to use create_network_source API.

create_o_auth_client_credential(user_id, create_o_auth2_client_credential_details, **kwargs)¶

Creates Oauth token for the user

Parameters:	user_id (str) – (required) The OCID of the user. create_o_auth2_client_credential_details (oci.identity.models.CreateOAuth2ClientCredentialDetails) – (required) Request object containing the information required to generate an Oauth token. opc_retry_token (str) – (optional) A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations (e.g., if a resource has been deleted and purged from the system, then a retry of the original creation request may be rejected). retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type `OAuth2ClientCredential`
Return type:	`Response`
Example:

Click here to see an example of how to use create_o_auth_client_credential API.

create_or_reset_ui_password(user_id, **kwargs)¶

Creates a new Console one-time password for the specified user. For more information about user credentials, see `User Credentials`__.

Use this operation after creating a new user, or if a user forgets their password. The new one-time password is returned to you in the response, and you must securely deliver it to the user. They’ll be prompted to change this password the next time they sign in to the Console. If they don’t change it within 7 days, the password will expire and you’ll need to create a new one-time password for the user.

(For tenancies that support identity domains) Resetting a user’s password generates a reset password email with a link that the user must follow to reset their password. If the user does not reset their password before the link expires, you’ll need to reset the user’s password again.

Note: The user’s Console login is the unique name you specified when you created the user (see create_user()).

Parameters:	user_id (str) – (required) The OCID of the user. opc_retry_token (str) – (optional) A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations (e.g., if a resource has been deleted and purged from the system, then a retry of the original creation request may be rejected). retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type `UIPassword`
Return type:	`Response`
Example:

Click here to see an example of how to use create_or_reset_ui_password API.

create_policy(create_policy_details, **kwargs)¶

Creates a new policy in the specified compartment (either the tenancy or another of your compartments). If you’re new to policies, see `Get Started with Policies`__.

You must specify a name for the policy, which must be unique across all policies in your tenancy and cannot be changed.

You must also specify a description for the policy (although it can be an empty string). It does not have to be unique, and you can change it anytime with update_policy().

You must specify one or more policy statements in the statements array. For information about writing policies, see `How Policies Work`__ and `Common Policies`__.

After you send your request, the new object’s lifecycleState will temporarily be CREATING. Before using the object, first make sure its lifecycleState has changed to ACTIVE.

New policies take effect typically within 10 seconds.

Parameters:	create_policy_details (oci.identity.models.CreatePolicyDetails) – (required) Request object for creating a new policy. opc_retry_token (str) – (optional) A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations (e.g., if a resource has been deleted and purged from the system, then a retry of the original creation request may be rejected). retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type `Policy`
Return type:	`Response`
Example:

Click here to see an example of how to use create_policy API.

create_region_subscription(create_region_subscription_details, tenancy_id, **kwargs)¶

Creates a subscription to a region for a tenancy.

Parameters:	create_region_subscription_details (oci.identity.models.CreateRegionSubscriptionDetails) – (required) Request object for activate a new region. tenancy_id (str) – (required) The OCID of the tenancy. opc_retry_token (str) – (optional) A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations (e.g., if a resource has been deleted and purged from the system, then a retry of the original creation request may be rejected). retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type `RegionSubscription`
Return type:	`Response`
Example:

Click here to see an example of how to use create_region_subscription API.

create_smtp_credential(create_smtp_credential_details, user_id, **kwargs)¶

Creates a new SMTP credential for the specified user. An SMTP credential has an SMTP user name and an SMTP password. You must specify a description for the SMTP credential (although it can be an empty string). It does not have to be unique, and you can change it anytime with update_smtp_credential().

Parameters:	create_smtp_credential_details (oci.identity.models.CreateSmtpCredentialDetails) – (required) Request object for creating a new SMTP credential with the user. user_id (str) – (required) The OCID of the user. opc_retry_token (str) – (optional) A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations (e.g., if a resource has been deleted and purged from the system, then a retry of the original creation request may be rejected). retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type `SmtpCredential`
Return type:	`Response`
Example:

Click here to see an example of how to use create_smtp_credential API.

create_swift_password(create_swift_password_details, user_id, **kwargs)¶

Deprecated. Use :func:`create_auth_token` instead.

Creates a new Swift password for the specified user. For information about what Swift passwords are for, see `Managing User Credentials`__.

You must specify a description for the Swift password (although it can be an empty string). It does not have to be unique, and you can change it anytime with update_swift_password().

Every user has permission to create a Swift password for their own user ID. An administrator in your organization does not need to write a policy to give users this ability. To compare, administrators who have permission to the tenancy can use this operation to create a Swift password for any user, including themselves.

Parameters:	create_swift_password_details (oci.identity.models.CreateSwiftPasswordDetails) – (required) Request object for creating a new swift password. user_id (str) – (required) The OCID of the user. opc_retry_token (str) – (optional) A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations (e.g., if a resource has been deleted and purged from the system, then a retry of the original creation request may be rejected). retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type `SwiftPassword`
Return type:	`Response`
Example:

Click here to see an example of how to use create_swift_password API.

create_tag(tag_namespace_id, create_tag_details, **kwargs)¶

Creates a new tag in the specified tag namespace.

The tag requires either the OCID or the name of the tag namespace that will contain this tag definition.

You must specify a name for the tag, which must be unique across all tags in the tag namespace and cannot be changed. The name can contain any ASCII character except the space (_) or period (.) characters. Names are case insensitive. That means, for example, “myTag” and “mytag” are not allowed in the same namespace. If you specify a name that’s already in use in the tag namespace, a 409 error is returned.

The tag must have a description. It does not have to be unique, and you can change it with update_tag().

The tag must have a value type, which is specified with a validator. Tags can use either a static value or a list of possible values. Static values are entered by a user applying the tag to a resource. Lists are created by you and the user must apply a value from the list. Lists are validiated.

If no validator is set, the user applying the tag to a resource can type in a static

value or leave the tag value empty. * If a validator is set, the user applying the tag to a resource must select from a list of values that you supply with enum_tag_definition_validator().

Parameters:	tag_namespace_id (str) – (required) The OCID of the tag namespace. create_tag_details (oci.identity.models.CreateTagDetails) – (required) Request object for creating a new tag in the specified tag namespace. opc_retry_token (str) – (optional) A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations (e.g., if a resource has been deleted and purged from the system, then a retry of the original creation request may be rejected). is_lock_override (bool) – (optional) Whether to override locks (if any exist). retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type `Tag`
Return type:	`Response`
Example:

Click here to see an example of how to use create_tag API.

create_tag_default(create_tag_default_details, **kwargs)¶

Creates a new tag default in the specified compartment for the specified tag definition.

If you specify that a value is required, a value is set during resource creation (either by the user creating the resource or another tag defualt). If no value is set, resource creation is blocked.

If the isRequired flag is set to “true”, the value is set during resource creation.
If the isRequired flag is set to “false”, the value you enter is set during resource creation.

Parameters:	create_tag_default_details (oci.identity.models.CreateTagDefaultDetails) – (required) Request object for creating a new tag default. opc_retry_token (str) – (optional) A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations (e.g., if a resource has been deleted and purged from the system, then a retry of the original creation request may be rejected). opc_request_id (str) – (optional) Unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID. retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type `TagDefault`
Return type:	`Response`
Example:

Click here to see an example of how to use create_tag_default API.

create_tag_namespace(create_tag_namespace_details, **kwargs)¶

Creates a new tag namespace in the specified compartment.

You must specify the compartment ID in the request object (remember that the tenancy is simply the root compartment).

You must also specify a name for the namespace, which must be unique across all namespaces in your tenancy and cannot be changed. The name can contain any ASCII character except the space (_) or period (.). Names are case insensitive. That means, for example, “myNamespace” and “mynamespace” are not allowed in the same tenancy. Once you created a namespace, you cannot change the name. If you specify a name that’s already in use in the tenancy, a 409 error is returned.

You must also specify a description for the namespace. It does not have to be unique, and you can change it with update_tag_namespace().

Parameters:	create_tag_namespace_details (oci.identity.models.CreateTagNamespaceDetails) – (required) Request object for creating a new tag namespace. opc_retry_token (str) – (optional) A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations (e.g., if a resource has been deleted and purged from the system, then a retry of the original creation request may be rejected). retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type `TagNamespace`
Return type:	`Response`
Example:

Click here to see an example of how to use create_tag_namespace API.

create_user(create_user_details, **kwargs)¶

Creates a new user in your tenancy. For conceptual information about users, your tenancy, and other IAM Service components, see `Overview of IAM`__.

You must specify your tenancy’s OCID as the compartment ID in the request object (remember that the tenancy is simply the root compartment). Notice that IAM resources (users, groups, compartments, and some policies) reside within the tenancy itself, unlike cloud resources such as compute instances, which typically reside within compartments inside the tenancy. For information about OCIDs, see `Resource Identifiers`__.

You must also specify a name for the user, which must be unique across all users in your tenancy and cannot be changed. Allowed characters: No spaces. Only letters, numerals, hyphens, periods, underscores, +, and @. If you specify a name that’s already in use, you’ll get a 409 error. This name will be the user’s login to the Console. You might want to pick a name that your company’s own identity system (e.g., Active Directory, LDAP, etc.) already uses. If you delete a user and then create a new user with the same name, they’ll be considered different users because they have different OCIDs.

You must also specify a description for the user (although it can be an empty string). It does not have to be unique, and you can change it anytime with update_user(). You can use the field to provide the user’s full name, a description, a nickname, or other information to generally identify the user.

After you send your request, the new object’s lifecycleState will temporarily be CREATING. Before using the object, first make sure its lifecycleState has changed to ACTIVE.

A new user has no permissions until you place the user in one or more groups (see add_user_to_group()). If the user needs to access the Console, you need to provide the user a password (see create_or_reset_ui_password()). If the user needs to access the Oracle Cloud Infrastructure REST API, you need to upload a public API signing key for that user (see `Required Keys and OCIDs`__ and also upload_api_key()).

Important: Make sure to inform the new user which compartment(s) they have access to.

Parameters:	create_user_details (oci.identity.models.CreateUserDetails) – (required) Request object for creating a new user. opc_retry_token (str) – (optional) A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations (e.g., if a resource has been deleted and purged from the system, then a retry of the original creation request may be rejected). retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type `User`
Return type:	`Response`
Example:

Click here to see an example of how to use create_user API.

deactivate_domain(domain_id, **kwargs)¶

(For tenancies that support identity domains) Deactivates the specified identity domain. Identity domains must be in an ACTIVE lifecycleState and have no active apps present in the domain or underlying Identity Cloud Service stripe. You cannot deactivate the default identity domain.

After you send your request, the lifecycleDetails of this identity domain is set to DEACTIVATING. When the operation completes, then the lifecycleDetails is set to null and the lifecycleState is set to INACTIVE.

To track the progress of the request, submitting an HTTP GET on the /iamWorkRequests/{iamWorkRequestsId} endpoint retrieves the operation’s status.

Parameters:	domain_id (str) – (required) The OCID of the identity domain. opc_request_id (str) – (optional) Unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID. opc_retry_token (str) – (optional) A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations (e.g., if a resource has been deleted and purged from the system, then a retry of the original creation request may be rejected). if_match (str) – (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value. retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type None
Return type:	`Response`
Example:

Click here to see an example of how to use deactivate_domain API.

delete_api_key(user_id, fingerprint, **kwargs)¶

Deletes the specified API signing key for the specified user.

Every user has permission to use this operation to delete a key for their own user ID. An administrator in your organization does not need to write a policy to give users this ability. To compare, administrators who have permission to the tenancy can use this operation to delete a key for any user, including themselves.

Parameters:	user_id (str) – (required) The OCID of the user. fingerprint (str) – (required) The key’s fingerprint. if_match (str) – (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value. retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type None
Return type:	`Response`
Example:

Click here to see an example of how to use delete_api_key API.

delete_auth_token(user_id, auth_token_id, **kwargs)¶

Deletes the specified auth token for the specified user.

Parameters:	user_id (str) – (required) The OCID of the user. auth_token_id (str) – (required) The OCID of the auth token. if_match (str) – (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value. retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type None
Return type:	`Response`
Example:

Click here to see an example of how to use delete_auth_token API.

delete_compartment(compartment_id, **kwargs)¶

Deletes the specified compartment. The compartment must be empty.

Parameters:	compartment_id (str) – (required) The OCID of the compartment. if_match (str) – (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value. retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type None
Return type:	`Response`
Example:

Click here to see an example of how to use delete_compartment API.

delete_customer_secret_key(user_id, customer_secret_key_id, **kwargs)¶

Deletes the specified secret key for the specified user.

Parameters:	user_id (str) – (required) The OCID of the user. customer_secret_key_id (str) – (required) The access token of the secret key. if_match (str) – (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value. retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type None
Return type:	`Response`
Example:

Click here to see an example of how to use delete_customer_secret_key API.

delete_db_credential(user_id, db_credential_id, **kwargs)¶

Deletes the specified DB credential for the specified user.

Parameters:	user_id (str) – (required) The OCID of the user. db_credential_id (str) – (required) The OCID of the DB credential. opc_request_id (str) – (optional) Unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID. if_match (str) – (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value. retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type None
Return type:	`Response`
Example:

Click here to see an example of how to use delete_db_credential API.

delete_domain(domain_id, **kwargs)¶

(For tenancies that support identity domains) Deletes an identity domain. The identity domain must have no active apps present in the underlying IDCS stripe. You must also deactivate the identity domain, rendering the lifecycleState of the identity domain INACTIVE. Furthermore, as the authenticated user performing the operation, you cannot be a member of the identity domain you are deleting. Lastly, you cannot delete the default identity domain. A tenancy must always have at least the default identity domain.

To track the progress of the request, submitting an HTTP GET on the /iamWorkRequests/{iamWorkRequestsId} endpoint retrieves the operation’s status.

Parameters:	domain_id (str) – (required) The OCID of the identity domain. if_match (str) – (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value. opc_request_id (str) – (optional) Unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID. retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type None
Return type:	`Response`
Example:

Click here to see an example of how to use delete_domain API.

delete_dynamic_group(dynamic_group_id, **kwargs)¶

Deletes the specified dynamic group.

Parameters:	dynamic_group_id (str) – (required) The OCID of the dynamic group. if_match (str) – (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value. retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type None
Return type:	`Response`
Example:

Click here to see an example of how to use delete_dynamic_group API.

delete_group(group_id, **kwargs)¶

Deletes the specified group. The group must be empty.

Parameters:	group_id (str) – (required) The OCID of the group. if_match (str) – (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value. retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type None
Return type:	`Response`
Example:

Click here to see an example of how to use delete_group API.

delete_identity_provider(identity_provider_id, **kwargs)¶

Deprecated. For more information, see `Deprecated IAM Service APIs`__.

Deletes the specified identity provider. The identity provider must not have any group mappings (see IdpGroupMapping).

Parameters:	identity_provider_id (str) – (required) The OCID of the identity provider. if_match (str) – (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value. retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type None
Return type:	`Response`
Example:

Click here to see an example of how to use delete_identity_provider API.

delete_idp_group_mapping(identity_provider_id, mapping_id, **kwargs)¶

Deprecated. For more information, see `Deprecated IAM Service APIs`__.

Deletes the specified group mapping.

Parameters:	identity_provider_id (str) – (required) The OCID of the identity provider. mapping_id (str) – (required) The OCID of the group mapping. if_match (str) – (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value. retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type None
Return type:	`Response`
Example:

Click here to see an example of how to use delete_idp_group_mapping API.

delete_mfa_totp_device(user_id, mfa_totp_device_id, **kwargs)¶

Deletes the specified MFA TOTP device for the specified user.

Parameters:	user_id (str) – (required) The OCID of the user. mfa_totp_device_id (str) – (required) The OCID of the MFA TOTP device. if_match (str) – (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value. retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type None
Return type:	`Response`
Example:

Click here to see an example of how to use delete_mfa_totp_device API.

delete_network_source(network_source_id, **kwargs)¶

Deletes the specified network source.

Parameters:	network_source_id (str) – (required) The OCID of the network source. if_match (str) – (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value. retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type None
Return type:	`Response`
Example:

Click here to see an example of how to use delete_network_source API.

delete_o_auth_client_credential(user_id, oauth2_client_credential_id, **kwargs)¶

Delete Oauth token for the user

Parameters:	user_id (str) – (required) The OCID of the user. oauth2_client_credential_id (str) – (required) The ID of the Oauth credential. if_match (str) – (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value. retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type None
Return type:	`Response`
Example:

Click here to see an example of how to use delete_o_auth_client_credential API.

delete_policy(policy_id, **kwargs)¶

Deletes the specified policy. The deletion takes effect typically within 10 seconds.

Parameters:	policy_id (str) – (required) The OCID of the policy. if_match (str) – (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value. retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type None
Return type:	`Response`
Example:

Click here to see an example of how to use delete_policy API.

delete_smtp_credential(user_id, smtp_credential_id, **kwargs)¶

Deletes the specified SMTP credential for the specified user.

Parameters:	user_id (str) – (required) The OCID of the user. smtp_credential_id (str) – (required) The OCID of the SMTP credential. if_match (str) – (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value. retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type None
Return type:	`Response`
Example:

Click here to see an example of how to use delete_smtp_credential API.

delete_swift_password(user_id, swift_password_id, **kwargs)¶

Deprecated. Use :func:`delete_auth_token` instead.

Deletes the specified Swift password for the specified user.

Parameters:	user_id (str) – (required) The OCID of the user. swift_password_id (str) – (required) The OCID of the Swift password. if_match (str) – (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value. retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type None
Return type:	`Response`
Example:

Click here to see an example of how to use delete_swift_password API.

delete_tag(tag_namespace_id, tag_name, **kwargs)¶

Deletes the specified tag definition. This operation triggers a process that removes the tag from all resources in your tenancy.

These things happen immediately:

If the tag was a cost-tracking tag, it no longer counts against your 10 cost-tracking

tags limit, whether you first disabled it or not. * If the tag was used with dynamic groups, none of the rules that contain the tag will be evaluated against the tag.

When you start the delete operation, the state of the tag changes to DELETING and tag removal from resources begins. This can take up to 48 hours depending on the number of resources that were tagged as well as the regions in which those resources reside.

When all tags have been removed, the state changes to DELETED. You cannot restore a deleted tag. Once the deleted tag changes its state to DELETED, you can use the same tag name again.

After you start this operation, you cannot start either the bulk_delete_tags() or the cascade_delete_tag_namespace() operation until this process completes.

To delete a tag, you must first retire it. Use update_tag() to retire a tag.

Parameters:	tag_namespace_id (str) – (required) The OCID of the tag namespace. tag_name (str) – (required) The name of the tag. if_match (str) – (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value. is_lock_override (bool) – (optional) Whether to override locks (if any exist). retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type None
Return type:	`Response`
Example:

Click here to see an example of how to use delete_tag API.

delete_tag_default(tag_default_id, **kwargs)¶

Deletes the the specified tag default.

Parameters:	tag_default_id (str) – (required) The OCID of the tag default. opc_request_id (str) – (optional) Unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID. if_match (str) – (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value. is_lock_override (bool) – (optional) Whether to override locks (if any exist). retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type None
Return type:	`Response`
Example:

Click here to see an example of how to use delete_tag_default API.

delete_tag_namespace(tag_namespace_id, **kwargs)¶

Deletes the specified tag namespace. Only an empty tag namespace can be deleted with this operation. To use this operation to delete a tag namespace that contains tag definitions, first delete all of its tag definitions.

Use cascade_delete_tag_namespace() to delete a tag namespace along with all of the tag definitions contained within that namespace.

Use delete_tag() to delete a tag definition.

Parameters:	tag_namespace_id (str) – (required) The OCID of the tag namespace. if_match (str) – (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value. opc_request_id (str) – (optional) Unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID. is_lock_override (bool) – (optional) Whether to override locks (if any exist). retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type None
Return type:	`Response`
Example:

Click here to see an example of how to use delete_tag_namespace API.

delete_user(user_id, **kwargs)¶

Deletes the specified user. The user must not be in any groups.

Parameters:	user_id (str) – (required) The OCID of the user. if_match (str) – (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value. retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type None
Return type:	`Response`
Example:

Click here to see an example of how to use delete_user API.

enable_replication_to_region(domain_id, enable_replication_to_region_details, **kwargs)¶

(For tenancies that support identity domains) Replicates the identity domain to a new region (provided that the region is the tenancy home region or other region that the tenancy subscribes to). You can only replicate identity domains that are in an ACTIVE lifecycleState and not currently updating or already replicating. You also can only trigger the replication of secondary identity domains. The default identity domain is automatically replicated to all regions that the tenancy subscribes to.

After you send the request, the state of the identity domain in the replica region is set to ENABLING_REPLICATION. When the operation completes, the state is set to REPLICATION_ENABLED.

To track the progress of the request, submitting an HTTP GET on the /iamWorkRequests/{iamWorkRequestsId} endpoint retrieves the operation’s status.

Parameters:	domain_id (str) – (required) The OCID of the identity domain. enable_replication_to_region_details (oci.identity.models.EnableReplicationToRegionDetails) – (required) The request object for replicating the identity domain to another region. opc_request_id (str) – (optional) Unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID. opc_retry_token (str) – (optional) A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations (e.g., if a resource has been deleted and purged from the system, then a retry of the original creation request may be rejected). if_match (str) – (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value. retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type None
Return type:	`Response`
Example:

Click here to see an example of how to use enable_replication_to_region API.

generate_totp_seed(user_id, mfa_totp_device_id, **kwargs)¶

Generate seed for the MFA TOTP device.

Parameters:	user_id (str) – (required) The OCID of the user. mfa_totp_device_id (str) – (required) The OCID of the MFA TOTP device. if_match (str) – (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value. retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type `MfaTotpDevice`
Return type:	`Response`
Example:

Click here to see an example of how to use generate_totp_seed API.

get_authentication_policy(compartment_id, **kwargs)¶

Gets the authentication policy for the given tenancy. You must specify your tenant’s OCID as the value for the compartment ID (remember that the tenancy is simply the root compartment).

Parameters:	compartment_id (str) – (required) The OCID of the compartment. retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type `AuthenticationPolicy`
Return type:	`Response`
Example:

Click here to see an example of how to use get_authentication_policy API.

get_compartment(compartment_id, **kwargs)¶

Gets the specified compartment’s information.

This operation does not return a list of all the resources inside the compartment. There is no single API operation that does that. Compartments can contain multiple types of resources (instances, block storage volumes, etc.). To find out what’s in a compartment, you must call the “List” operation for each resource type and specify the compartment’s OCID as a query parameter in the request. For example, call the list_instances() operation in the Cloud Compute Service or the list_volumes() operation in Cloud Block Storage.

Parameters:	compartment_id (str) – (required) The OCID of the compartment. retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type `Compartment`
Return type:	`Response`
Example:

Click here to see an example of how to use get_compartment API.

get_domain(domain_id, **kwargs)¶

(For tenancies that support identity domains) Gets the specified identity domain’s information.

Parameters:	domain_id (str) – (required) The OCID of the identity domain. opc_request_id (str) – (optional) Unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID. retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type `Domain`
Return type:	`Response`
Example:

Click here to see an example of how to use get_domain API.

get_dynamic_group(dynamic_group_id, **kwargs)¶

Gets the specified dynamic group’s information.

Parameters:	dynamic_group_id (str) – (required) The OCID of the dynamic group. retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type `DynamicGroup`
Return type:	`Response`
Example:

Click here to see an example of how to use get_dynamic_group API.

get_group(group_id, **kwargs)¶

Gets the specified group’s information.

This operation does not return a list of all the users in the group. To do that, use list_user_group_memberships() and provide the group’s OCID as a query parameter in the request.

Parameters:	group_id (str) – (required) The OCID of the group. retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type `Group`
Return type:	`Response`
Example:

Click here to see an example of how to use get_group API.

get_iam_work_request(iam_work_request_id, **kwargs)¶

Gets the details of a specified IAM work request. The workRequestID is returned in the opc-workrequest-id header for any asynchronous operation in the Identity and Access Management service.

Parameters:	iam_work_request_id (str) – (required) The OCID of the IAM work request. opc_request_id (str) – (optional) Unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID. retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type `IamWorkRequest`
Return type:	`Response`
Example:

Click here to see an example of how to use get_iam_work_request API.

get_identity_provider(identity_provider_id, **kwargs)¶

Deprecated. For more information, see `Deprecated IAM Service APIs`__.

Gets the specified identity provider’s information.

Parameters:	identity_provider_id (str) – (required) The OCID of the identity provider. retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type `IdentityProvider`
Return type:	`Response`
Example:

Click here to see an example of how to use get_identity_provider API.

get_idp_group_mapping(identity_provider_id, mapping_id, **kwargs)¶

Deprecated. For more information, see `Deprecated IAM Service APIs`__.

Gets the specified group mapping.

Parameters:	identity_provider_id (str) – (required) The OCID of the identity provider. mapping_id (str) – (required) The OCID of the group mapping. retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type `IdpGroupMapping`
Return type:	`Response`
Example:

Click here to see an example of how to use get_idp_group_mapping API.

get_mfa_totp_device(user_id, mfa_totp_device_id, **kwargs)¶

Get the specified MFA TOTP device for the specified user.

Parameters:	user_id (str) – (required) The OCID of the user. mfa_totp_device_id (str) – (required) The OCID of the MFA TOTP device. retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type `MfaTotpDeviceSummary`
Return type:	`Response`
Example:

Click here to see an example of how to use get_mfa_totp_device API.

get_network_source(network_source_id, **kwargs)¶

Gets the specified network source’s information.

Parameters:	network_source_id (str) – (required) The OCID of the network source. retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type `NetworkSources`
Return type:	`Response`
Example:

Click here to see an example of how to use get_network_source API.

get_policy(policy_id, **kwargs)¶

Gets the specified policy’s information.

Parameters:	policy_id (str) – (required) The OCID of the policy. retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type `Policy`
Return type:	`Response`
Example:

Click here to see an example of how to use get_policy API.

get_standard_tag_template(compartment_id, standard_tag_namespace_name, **kwargs)¶

Retrieve the standard tag namespace template given the standard tag namespace name.

Parameters:	compartment_id (str) – (required) The OCID of the compartment (remember that the tenancy is simply the root compartment). standard_tag_namespace_name (str) – (required) The name of the standard tag namespace tempate that is requested retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type `StandardTagNamespaceTemplate`
Return type:	`Response`
Example:

Click here to see an example of how to use get_standard_tag_template API.

get_tag(tag_namespace_id, tag_name, **kwargs)¶

Gets the specified tag’s information.

Parameters:	tag_namespace_id (str) – (required) The OCID of the tag namespace. tag_name (str) – (required) The name of the tag. retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type `Tag`
Return type:	`Response`
Example:

Click here to see an example of how to use get_tag API.

get_tag_default(tag_default_id, **kwargs)¶

Retrieves the specified tag default.

Parameters:	tag_default_id (str) – (required) The OCID of the tag default. retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type `TagDefault`
Return type:	`Response`
Example:

Click here to see an example of how to use get_tag_default API.

get_tag_namespace(tag_namespace_id, **kwargs)¶

Gets the specified tag namespace’s information.

Parameters:	tag_namespace_id (str) – (required) The OCID of the tag namespace. retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type `TagNamespace`
Return type:	`Response`
Example:

Click here to see an example of how to use get_tag_namespace API.

get_tagging_work_request(work_request_id, **kwargs)¶

Gets details on a specified work request. The workRequestID is returned in the opc-workrequest-id header for any asynchronous operation in tagging service.

Parameters:	work_request_id (str) – (required) The OCID of the work request. retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type `TaggingWorkRequest`
Return type:	`Response`
Example:

Click here to see an example of how to use get_tagging_work_request API.

get_tenancy(tenancy_id, **kwargs)¶

Get the specified tenancy’s information.

Parameters:	tenancy_id (str) – (required) The OCID of the tenancy. retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type `Tenancy`
Return type:	`Response`
Example:

Click here to see an example of how to use get_tenancy API.

get_user(user_id, **kwargs)¶

Gets the specified user’s information.

Parameters:	user_id (str) – (required) The OCID of the user. retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type `User`
Return type:	`Response`
Example:

Click here to see an example of how to use get_user API.

get_user_group_membership(user_group_membership_id, **kwargs)¶

Gets the specified UserGroupMembership’s information.

Parameters:	user_group_membership_id (str) – (required) The OCID of the userGroupMembership. retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type `UserGroupMembership`
Return type:	`Response`
Example:

Click here to see an example of how to use get_user_group_membership API.

get_user_ui_password_information(user_id, **kwargs)¶

Gets the specified user’s console password information. The returned object contains the user’s OCID, but not the password itself. The actual password is returned only when created or reset.

Parameters:	user_id (str) – (required) The OCID of the user. retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type `UIPasswordInformation`
Return type:	`Response`
Example:

Click here to see an example of how to use get_user_ui_password_information API.

get_work_request(work_request_id, **kwargs)¶

Gets details on a specified work request. The workRequestID is returned in the opc-workrequest-id header for any asynchronous operation in the compartment service.

Parameters:	work_request_id (str) – (required) The OCID of the work request. retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type `WorkRequest`
Return type:	`Response`
Example:

Click here to see an example of how to use get_work_request API.

import_standard_tags(**kwargs)¶

OCI will release Tag Namespaces that our customers can import. These Tag Namespaces will provide Tags for our customers and Partners to provide consistency and enable data reporting.

Parameters:	opc_request_id (str) – (optional) Unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID. opc_retry_token (str) – (optional) A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations (e.g., if a resource has been deleted and purged from the system, then a retry of the original creation request may be rejected). import_standard_tags_details (oci.identity.models.ImportStandardTagsDetails) – (optional) The request object for creating or updating standard tag namespace. retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type None
Return type:	`Response`
Example:

Click here to see an example of how to use import_standard_tags API.

list_allowed_domain_license_types(**kwargs)¶

(For tenancies that support identity domains) Lists the license types for identity domains supported by Oracle Cloud Infrastructure. (License types are also referred to as domain types.)

If currentLicenseTypeName is provided, then the request returns license types that the identity domain with the specified license type name can change to. Otherwise, the request returns all valid license types currently supported.

Parameters:	current_license_type_name (str) – (optional) The license type of the identity domain. opc_request_id (str) – (optional) Unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID. retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type list of `AllowedDomainLicenseTypeSummary`
Return type:	`Response`
Example:

Click here to see an example of how to use list_allowed_domain_license_types API.

list_api_keys(user_id, **kwargs)¶

Lists the API signing keys for the specified user. A user can have a maximum of three keys.

Every user has permission to use this API call for their own user ID. An administrator in your organization does not need to write a policy to give users this ability.

Parameters:	user_id (str) – (required) The OCID of the user. retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type list of `ApiKey`
Return type:	`Response`
Example:

Click here to see an example of how to use list_api_keys API.

list_auth_tokens(user_id, **kwargs)¶

Lists the auth tokens for the specified user. The returned object contains the token’s OCID, but not the token itself. The actual token is returned only upon creation.

Parameters:	user_id (str) – (required) The OCID of the user. retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type list of `AuthToken`
Return type:	`Response`
Example:

Click here to see an example of how to use list_auth_tokens API.

list_availability_domains(compartment_id, **kwargs)¶

Lists the availability domains in your tenancy. Specify the OCID of either the tenancy or another of your compartments as the value for the compartment ID (remember that the tenancy is simply the root compartment). See `Where to Get the Tenancy's OCID and User's OCID`__. Note that the order of the results returned can change if availability domains are added or removed; therefore, do not create a dependency on the list order.

Parameters:	compartment_id (str) – (required) The OCID of the compartment (remember that the tenancy is simply the root compartment). retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type list of `AvailabilityDomain`
Return type:	`Response`
Example:

Click here to see an example of how to use list_availability_domains API.

list_bulk_action_resource_types(bulk_action_type, **kwargs)¶

Lists the resource-types supported by compartment bulk actions. Use this API to help you provide the correct resource-type information to the bulk_delete_resources() and bulk_move_resources() operations. The returned list of resource-types provides the appropriate resource-type names to use with the bulk action operations along with the type of identifying information you’ll need to provide for each resource-type. Most resource-types just require an `OCID`__ to identify a specific resource, but some resource-types, such as buckets, require you to provide other identifying information.

Parameters:	bulk_action_type (str) – (required) The type of bulk action. Allowed values are: “BULK_MOVE_RESOURCES”, “BULK_DELETE_RESOURCES” page (str) – (optional) The value of the opc-next-page response header from the previous “List” call. limit (int) – (optional) The maximum number of items to return in a paginated “List” call. retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type `BulkActionResourceTypeCollection`
Return type:	`Response`
Example:

Click here to see an example of how to use list_bulk_action_resource_types API.

list_bulk_edit_tags_resource_types(**kwargs)¶

Lists the resource types that support bulk tag editing.

Parameters:	page (str) – (optional) The value of the opc-next-page response header from the previous “List” call. limit (int) – (optional) The maximum number of items to return in a paginated “List” call. retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type `BulkEditTagsResourceTypeCollection`
Return type:	`Response`
Example:

Click here to see an example of how to use list_bulk_edit_tags_resource_types API.

list_compartments(compartment_id, **kwargs)¶

Lists the compartments in a specified compartment. The members of the list returned depends on the values set for several parameters.

With the exception of the tenancy (root compartment), the ListCompartments operation returns only the first-level child compartments in the parent compartment specified in compartmentId. The list does not include any subcompartments of the child compartments (grandchildren).

The parameter accessLevel specifies whether to return only those compartments for which the requestor has INSPECT permissions on at least one resource directly or indirectly (the resource can be in a subcompartment).

The parameter compartmentIdInSubtree applies only when you perform ListCompartments on the tenancy (root compartment). When set to true, the entire hierarchy of compartments can be returned. To get a full list of all compartments and subcompartments in the tenancy (root compartment), set the parameter compartmentIdInSubtree to true and accessLevel to ANY.

See `Where to Get the Tenancy's OCID and User's OCID`__.

Parameters:	compartment_id (str) – (required) The OCID of the compartment (remember that the tenancy is simply the root compartment). page (str) – (optional) The value of the opc-next-page response header from the previous “List” call. limit (int) – (optional) The maximum number of items to return in a paginated “List” call. access_level (str) – (optional) Valid values are ANY and ACCESSIBLE. Default is ANY. Setting this to ACCESSIBLE returns only those compartments for which the user has INSPECT permissions directly or indirectly (permissions can be on a resource in a subcompartment). For the compartments on which the user indirectly has INSPECT permissions, a restricted set of fields is returned. When set to ANY permissions are not checked. Allowed values are: “ANY”, “ACCESSIBLE” compartment_id_in_subtree (bool) – (optional) Default is false. Can only be set to true when performing ListCompartments on the tenancy (root compartment). When set to true, the hierarchy of compartments is traversed and all compartments and subcompartments in the tenancy are returned depending on the the setting of accessLevel. name (str) – (optional) A filter to only return resources that match the given name exactly. sort_by (str) – (optional) The field to sort by. You can provide one sort order (sortOrder). Default order for TIMECREATED is descending. Default order for NAME is ascending. The NAME sort order is case sensitive. Note: In general, some “List” operations (for example, ListInstances) let you optionally filter by Availability Domain if the scope of the resource type is within a single Availability Domain. If you call one of these “List” operations without specifying an Availability Domain, the resources are grouped by Availability Domain, then sorted. Allowed values are: “TIMECREATED”, “NAME” sort_order (str) – (optional) The sort order to use, either ascending (ASC) or descending (DESC). The NAME sort order is case sensitive. Allowed values are: “ASC”, “DESC” lifecycle_state (str) – (optional) A filter to only return resources that match the given lifecycle state. The state value is case-insensitive. Allowed values are: “CREATING”, “ACTIVE”, “INACTIVE”, “DELETING”, “DELETED” retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type list of `Compartment`
Return type:	`Response`
Example:

Click here to see an example of how to use list_compartments API.

list_cost_tracking_tags(compartment_id, **kwargs)¶

Lists all the tags enabled for cost-tracking in the specified tenancy. For information about cost-tracking tags, see `Using Cost-tracking Tags`__.

Parameters:	compartment_id (str) – (required) The OCID of the compartment (remember that the tenancy is simply the root compartment). page (str) – (optional) The value of the opc-next-page response header from the previous “List” call. limit (int) – (optional) The maximum number of items to return in a paginated “List” call. retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type list of `Tag`
Return type:	`Response`
Example:

Click here to see an example of how to use list_cost_tracking_tags API.

list_customer_secret_keys(user_id, **kwargs)¶

Lists the secret keys for the specified user. The returned object contains the secret key’s OCID, but not the secret key itself. The actual secret key is returned only upon creation.

Parameters:	user_id (str) – (required) The OCID of the user. retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type list of `CustomerSecretKeySummary`
Return type:	`Response`
Example:

Click here to see an example of how to use list_customer_secret_keys API.

list_db_credentials(user_id, **kwargs)¶

Lists the DB credentials for the specified user. The returned object contains the credential’s OCID

Parameters:	user_id (str) – (required) The OCID of the user. opc_request_id (str) – (optional) Unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID. page (str) – (optional) The value of the opc-next-page response header from the previous “List” call. limit (int) – (optional) The maximum number of items to return in a paginated “List” call. name (str) – (optional) A filter to only return resources that match the given name exactly. sort_by (str) – (optional) The field to sort by. You can provide one sort order (sortOrder). Default order for TIMECREATED is descending. Default order for NAME is ascending. The NAME sort order is case sensitive. Note: In general, some “List” operations (for example, ListInstances) let you optionally filter by Availability Domain if the scope of the resource type is within a single Availability Domain. If you call one of these “List” operations without specifying an Availability Domain, the resources are grouped by Availability Domain, then sorted. Allowed values are: “TIMECREATED”, “NAME” sort_order (str) – (optional) The sort order to use, either ascending (ASC) or descending (DESC). The NAME sort order is case sensitive. Allowed values are: “ASC”, “DESC” lifecycle_state (str) – (optional) A filter to only return resources that match the given lifecycle state. The state value is case-insensitive. Allowed values are: “CREATING”, “ACTIVE”, “DELETING”, “DELETED” retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type list of `DbCredentialSummary`
Return type:	`Response`
Example:

Click here to see an example of how to use list_db_credentials API.

list_domains(compartment_id, **kwargs)¶

(For tenancies that support identity domains) Lists all identity domains within a tenancy.

Parameters:	compartment_id (str) – (required) The OCID of the compartment (remember that the tenancy is simply the root compartment). display_name (str) – (optional) The mutable display name of the identity domain. url (str) – (optional) The region-agnostic identity domain URL. home_region_url (str) – (optional) The region-specific identity domain URL. type (str) – (optional) The identity domain type. license_type (str) – (optional) The license type of the identity domain. is_hidden_on_login (bool) – (optional) Indicates whether or not the identity domain is visible at the sign-in screen. page (str) – (optional) The value of the opc-next-page response header from the previous “List” call. limit (int) – (optional) The maximum number of items to return in a paginated “List” call. name (str) – (optional) A filter to only return resources that match the given name exactly. sort_by (str) – (optional) The field to sort by. You can provide one sort order (sortOrder). Default order for TIMECREATED is descending. Default order for NAME is ascending. The NAME sort order is case sensitive. Note: In general, some “List” operations (for example, ListInstances) let you optionally filter by Availability Domain if the scope of the resource type is within a single Availability Domain. If you call one of these “List” operations without specifying an Availability Domain, the resources are grouped by Availability Domain, then sorted. Allowed values are: “TIMECREATED”, “NAME” sort_order (str) – (optional) The sort order to use, either ascending (ASC) or descending (DESC). The NAME sort order is case sensitive. Allowed values are: “ASC”, “DESC” opc_request_id (str) – (optional) Unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID. lifecycle_state (str) – (optional) A filter to only return resources that match the given lifecycle state. The state value is case-insensitive. Allowed values are: “CREATING”, “ACTIVE”, “DELETING”, “INACTIVE” retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type list of `DomainSummary`
Return type:	`Response`
Example:

Click here to see an example of how to use list_domains API.

list_dynamic_groups(compartment_id, **kwargs)¶

Lists the dynamic groups in your tenancy. You must specify your tenancy’s OCID as the value for the compartment ID (remember that the tenancy is simply the root compartment). See `Where to Get the Tenancy's OCID and User's OCID`__.

Parameters:	compartment_id (str) – (required) The OCID of the compartment (remember that the tenancy is simply the root compartment). page (str) – (optional) The value of the opc-next-page response header from the previous “List” call. limit (int) – (optional) The maximum number of items to return in a paginated “List” call. name (str) – (optional) A filter to only return resources that match the given name exactly. sort_by (str) – (optional) The field to sort by. You can provide one sort order (sortOrder). Default order for TIMECREATED is descending. Default order for NAME is ascending. The NAME sort order is case sensitive. Note: In general, some “List” operations (for example, ListInstances) let you optionally filter by Availability Domain if the scope of the resource type is within a single Availability Domain. If you call one of these “List” operations without specifying an Availability Domain, the resources are grouped by Availability Domain, then sorted. Allowed values are: “TIMECREATED”, “NAME” sort_order (str) – (optional) The sort order to use, either ascending (ASC) or descending (DESC). The NAME sort order is case sensitive. Allowed values are: “ASC”, “DESC” lifecycle_state (str) – (optional) A filter to only return resources that match the given lifecycle state. The state value is case-insensitive. Allowed values are: “CREATING”, “ACTIVE”, “INACTIVE”, “DELETING”, “DELETED” retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type list of `DynamicGroup`
Return type:	`Response`
Example:

Click here to see an example of how to use list_dynamic_groups API.

list_fault_domains(compartment_id, availability_domain, **kwargs)¶

Lists the Fault Domains in your tenancy. Specify the OCID of either the tenancy or another of your compartments as the value for the compartment ID (remember that the tenancy is simply the root compartment). See `Where to Get the Tenancy's OCID and User's OCID`__.

Parameters:	compartment_id (str) – (required) The OCID of the compartment (remember that the tenancy is simply the root compartment). availability_domain (str) – (required) The name of the availabilityDomain. retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type list of `FaultDomain`
Return type:	`Response`
Example:

Click here to see an example of how to use list_fault_domains API.

list_groups(compartment_id, **kwargs)¶

Lists the groups in your tenancy. You must specify your tenancy’s OCID as the value for the compartment ID (remember that the tenancy is simply the root compartment). See `Where to Get the Tenancy's OCID and User's OCID`__.

Parameters:	compartment_id (str) – (required) The OCID of the compartment (remember that the tenancy is simply the root compartment). page (str) – (optional) The value of the opc-next-page response header from the previous “List” call. limit (int) – (optional) The maximum number of items to return in a paginated “List” call. name (str) – (optional) A filter to only return resources that match the given name exactly. sort_by (str) – (optional) The field to sort by. You can provide one sort order (sortOrder). Default order for TIMECREATED is descending. Default order for NAME is ascending. The NAME sort order is case sensitive. Note: In general, some “List” operations (for example, ListInstances) let you optionally filter by Availability Domain if the scope of the resource type is within a single Availability Domain. If you call one of these “List” operations without specifying an Availability Domain, the resources are grouped by Availability Domain, then sorted. Allowed values are: “TIMECREATED”, “NAME” sort_order (str) – (optional) The sort order to use, either ascending (ASC) or descending (DESC). The NAME sort order is case sensitive. Allowed values are: “ASC”, “DESC” lifecycle_state (str) – (optional) A filter to only return resources that match the given lifecycle state. The state value is case-insensitive. Allowed values are: “CREATING”, “ACTIVE”, “INACTIVE”, “DELETING”, “DELETED” retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type list of `Group`
Return type:	`Response`
Example:

Click here to see an example of how to use list_groups API.

list_iam_work_request_errors(iam_work_request_id, **kwargs)¶

Gets error details for a specified IAM work request. The workRequestID is returned in the opc-workrequest-id header for any asynchronous operation in the Identity and Access Management service.

Parameters:	iam_work_request_id (str) – (required) The OCID of the IAM work request. limit (int) – (optional) The maximum number of items to return in a paginated “List” call. page (str) – (optional) The value of the opc-next-page response header from the previous “List” call. sort_order (str) – (optional) The sort order to use, either ascending (ASC) or descending (DESC). The NAME sort order is case sensitive. Allowed values are: “ASC”, “DESC” opc_request_id (str) – (optional) Unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID. retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type list of `IamWorkRequestErrorSummary`
Return type:	`Response`
Example:

Click here to see an example of how to use list_iam_work_request_errors API.

list_iam_work_request_logs(iam_work_request_id, **kwargs)¶

Gets logs for a specified IAM work request. The workRequestID is returned in the opc-workrequest-id header for any asynchronous operation in the Identity and Access Management service.

Parameters:	iam_work_request_id (str) – (required) The OCID of the IAM work request. limit (int) – (optional) The maximum number of items to return in a paginated “List” call. page (str) – (optional) The value of the opc-next-page response header from the previous “List” call. sort_order (str) – (optional) The sort order to use, either ascending (ASC) or descending (DESC). The NAME sort order is case sensitive. Allowed values are: “ASC”, “DESC” opc_request_id (str) – (optional) Unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID. retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type list of `IamWorkRequestLogSummary`
Return type:	`Response`
Example:

Click here to see an example of how to use list_iam_work_request_logs API.

list_iam_work_requests(compartment_id, **kwargs)¶

Lists the IAM work requests in compartment. The workRequestID is returned in the opc-workrequest-id header for any asynchronous operation in the Identity and Access Management service.

Parameters:	compartment_id (str) – (required) The OCID of the compartment (remember that the tenancy is simply the root compartment). page (str) – (optional) The value of the opc-next-page response header from the previous “List” call. limit (int) – (optional) The maximum number of items to return in a paginated “List” call. resource_identifier (str) – (optional) The identifier of the resource the work request affects. opc_request_id (str) – (optional) Unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID. retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type list of `IamWorkRequestSummary`
Return type:	`Response`
Example:

Click here to see an example of how to use list_iam_work_requests API.

list_identity_provider_groups(identity_provider_id, **kwargs)¶

Deprecated. For more information, see `Deprecated IAM Service APIs`__.

Lists the identity provider groups.

Parameters:	identity_provider_id (str) – (required) The OCID of the identity provider. page (str) – (optional) The value of the opc-next-page response header from the previous “List” call. limit (int) – (optional) The maximum number of items to return in a paginated “List” call. name (str) – (optional) A filter to only return resources that match the given name exactly. lifecycle_state (str) – (optional) A filter to only return resources that match the given lifecycle state. The state value is case-insensitive. Allowed values are: “CREATING”, “ACTIVE”, “INACTIVE”, “DELETING”, “DELETED” retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type list of `IdentityProviderGroupSummary`
Return type:	`Response`
Example:

Click here to see an example of how to use list_identity_provider_groups API.

list_identity_providers(protocol, compartment_id, **kwargs)¶

Deprecated. For more information, see `Deprecated IAM Service APIs`__.

Lists all the identity providers in your tenancy. You must specify the identity provider type (e.g., SAML2 for identity providers using the SAML2.0 protocol). You must specify your tenancy’s OCID as the value for the compartment ID (remember that the tenancy is simply the root compartment). See `Where to Get the Tenancy's OCID and User's OCID`__.

Parameters:	protocol (str) – (required) The protocol used for federation. Allowed values are: “SAML2” compartment_id (str) – (required) The OCID of the compartment (remember that the tenancy is simply the root compartment). page (str) – (optional) The value of the opc-next-page response header from the previous “List” call. limit (int) – (optional) The maximum number of items to return in a paginated “List” call. name (str) – (optional) A filter to only return resources that match the given name exactly. sort_by (str) – (optional) The field to sort by. You can provide one sort order (sortOrder). Default order for TIMECREATED is descending. Default order for NAME is ascending. The NAME sort order is case sensitive. Note: In general, some “List” operations (for example, ListInstances) let you optionally filter by Availability Domain if the scope of the resource type is within a single Availability Domain. If you call one of these “List” operations without specifying an Availability Domain, the resources are grouped by Availability Domain, then sorted. Allowed values are: “TIMECREATED”, “NAME” sort_order (str) – (optional) The sort order to use, either ascending (ASC) or descending (DESC). The NAME sort order is case sensitive. Allowed values are: “ASC”, “DESC” lifecycle_state (str) – (optional) A filter to only return resources that match the given lifecycle state. The state value is case-insensitive. Allowed values are: “CREATING”, “ACTIVE”, “INACTIVE”, “DELETING”, “DELETED” retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type list of `IdentityProvider`
Return type:	`Response`
Example:

Click here to see an example of how to use list_identity_providers API.

list_idp_group_mappings(identity_provider_id, **kwargs)¶

Deprecated. For more information, see `Deprecated IAM Service APIs`__.

Lists the group mappings for the specified identity provider.

Parameters:	identity_provider_id (str) – (required) The OCID of the identity provider. page (str) – (optional) The value of the opc-next-page response header from the previous “List” call. limit (int) – (optional) The maximum number of items to return in a paginated “List” call. retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type list of `IdpGroupMapping`
Return type:	`Response`
Example:

Click here to see an example of how to use list_idp_group_mappings API.

list_mfa_totp_devices(user_id, **kwargs)¶

Lists the MFA TOTP devices for the specified user. The returned object contains the device’s OCID, but not the seed. The seed is returned only upon creation or when the IAM service regenerates the MFA seed for the device.

Parameters:	user_id (str) – (required) The OCID of the user. page (str) – (optional) The value of the opc-next-page response header from the previous “List” call. limit (int) – (optional) The maximum number of items to return in a paginated “List” call. sort_by (str) – (optional) The field to sort by. You can provide one sort order (sortOrder). Default order for TIMECREATED is descending. Default order for NAME is ascending. The NAME sort order is case sensitive. Note: In general, some “List” operations (for example, ListInstances) let you optionally filter by Availability Domain if the scope of the resource type is within a single Availability Domain. If you call one of these “List” operations without specifying an Availability Domain, the resources are grouped by Availability Domain, then sorted. Allowed values are: “TIMECREATED”, “NAME” sort_order (str) – (optional) The sort order to use, either ascending (ASC) or descending (DESC). The NAME sort order is case sensitive. Allowed values are: “ASC”, “DESC” retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type list of `MfaTotpDeviceSummary`
Return type:	`Response`
Example:

Click here to see an example of how to use list_mfa_totp_devices API.

list_network_sources(compartment_id, **kwargs)¶

Lists the network sources in your tenancy. You must specify your tenancy’s OCID as the value for the compartment ID (remember that the tenancy is simply the root compartment). See `Where to Get the Tenancy's OCID and User's OCID`__.

Parameters:	compartment_id (str) – (required) The OCID of the compartment (remember that the tenancy is simply the root compartment). page (str) – (optional) The value of the opc-next-page response header from the previous “List” call. limit (int) – (optional) The maximum number of items to return in a paginated “List” call. name (str) – (optional) A filter to only return resources that match the given name exactly. sort_by (str) – (optional) The field to sort by. You can provide one sort order (sortOrder). Default order for TIMECREATED is descending. Default order for NAME is ascending. The NAME sort order is case sensitive. Note: In general, some “List” operations (for example, ListInstances) let you optionally filter by Availability Domain if the scope of the resource type is within a single Availability Domain. If you call one of these “List” operations without specifying an Availability Domain, the resources are grouped by Availability Domain, then sorted. Allowed values are: “TIMECREATED”, “NAME” sort_order (str) – (optional) The sort order to use, either ascending (ASC) or descending (DESC). The NAME sort order is case sensitive. Allowed values are: “ASC”, “DESC” lifecycle_state (str) – (optional) A filter to only return resources that match the given lifecycle state. The state value is case-insensitive. Allowed values are: “CREATING”, “ACTIVE”, “INACTIVE”, “DELETING”, “DELETED” retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type list of `NetworkSourcesSummary`
Return type:	`Response`
Example:

Click here to see an example of how to use list_network_sources API.

list_o_auth_client_credentials(user_id, **kwargs)¶

List of Oauth tokens for the user

Parameters:	user_id (str) – (required) The OCID of the user. page (str) – (optional) The value of the opc-next-page response header from the previous “List” call. limit (int) – (optional) The maximum number of items to return in a paginated “List” call. lifecycle_state (str) – (optional) A filter to only return resources that match the given lifecycle state. The state value is case-insensitive. Allowed values are: “CREATING”, “ACTIVE”, “INACTIVE”, “DELETING”, “DELETED” retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type list of `OAuth2ClientCredentialSummary`
Return type:	`Response`
Example:

Click here to see an example of how to use list_o_auth_client_credentials API.

list_policies(compartment_id, **kwargs)¶

Lists the policies in the specified compartment (either the tenancy or another of your compartments). See `Where to Get the Tenancy's OCID and User's OCID`__.

To determine which policies apply to a particular group or compartment, you must view the individual statements inside all your policies. There isn’t a way to automatically obtain that information via the API.

Parameters:	compartment_id (str) – (required) The OCID of the compartment (remember that the tenancy is simply the root compartment). page (str) – (optional) The value of the opc-next-page response header from the previous “List” call. limit (int) – (optional) The maximum number of items to return in a paginated “List” call. name (str) – (optional) A filter to only return resources that match the given name exactly. sort_by (str) – (optional) The field to sort by. You can provide one sort order (sortOrder). Default order for TIMECREATED is descending. Default order for NAME is ascending. The NAME sort order is case sensitive. Note: In general, some “List” operations (for example, ListInstances) let you optionally filter by Availability Domain if the scope of the resource type is within a single Availability Domain. If you call one of these “List” operations without specifying an Availability Domain, the resources are grouped by Availability Domain, then sorted. Allowed values are: “TIMECREATED”, “NAME” sort_order (str) – (optional) The sort order to use, either ascending (ASC) or descending (DESC). The NAME sort order is case sensitive. Allowed values are: “ASC”, “DESC” lifecycle_state (str) – (optional) A filter to only return resources that match the given lifecycle state. The state value is case-insensitive. Allowed values are: “CREATING”, “ACTIVE”, “INACTIVE”, “DELETING”, “DELETED” retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type list of `Policy`
Return type:	`Response`
Example:

Click here to see an example of how to use list_policies API.

list_region_subscriptions(tenancy_id, **kwargs)¶

Lists the region subscriptions for the specified tenancy.

Parameters:	tenancy_id (str) – (required) The OCID of the tenancy. retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type list of `RegionSubscription`
Return type:	`Response`
Example:

Click here to see an example of how to use list_region_subscriptions API.

list_regions(**kwargs)¶

Lists all the regions offered by Oracle Cloud Infrastructure.

Parameters:	retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type list of `Region`
Return type:	`Response`
Example:

Click here to see an example of how to use list_regions API.

list_smtp_credentials(user_id, **kwargs)¶

Lists the SMTP credentials for the specified user. The returned object contains the credential’s OCID, the SMTP user name but not the SMTP password. The SMTP password is returned only upon creation.

Parameters:	user_id (str) – (required) The OCID of the user. retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type list of `SmtpCredentialSummary`
Return type:	`Response`
Example:

Click here to see an example of how to use list_smtp_credentials API.

list_standard_tag_namespaces(compartment_id, **kwargs)¶

Lists available standard tag namespaces that users can create.

Parameters:	compartment_id (str) – (required) The OCID of the compartment (remember that the tenancy is simply the root compartment). page (str) – (optional) The value of the opc-next-page response header from the previous “List” call. limit (int) – (optional) The maximum number of items to return in a paginated “List” call. retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type list of `StandardTagNamespaceTemplateSummary`
Return type:	`Response`
Example:

Click here to see an example of how to use list_standard_tag_namespaces API.

list_swift_passwords(user_id, **kwargs)¶

Deprecated. Use :func:`list_auth_tokens` instead.

Lists the Swift passwords for the specified user. The returned object contains the password’s OCID, but not the password itself. The actual password is returned only upon creation.

Parameters:	user_id (str) – (required) The OCID of the user. retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type list of `SwiftPassword`
Return type:	`Response`
Example:

Click here to see an example of how to use list_swift_passwords API.

list_tag_defaults(**kwargs)¶

Lists the tag defaults for tag definitions in the specified compartment.

Parameters:	page (str) – (optional) The value of the opc-next-page response header from the previous “List” call. limit (int) – (optional) The maximum number of items to return in a paginated “List” call. id (str) – (optional) A filter to only return resources that match the specified OCID exactly. compartment_id (str) – (optional) The OCID of the compartment (remember that the tenancy is simply the root compartment). tag_definition_id (str) – (optional) The OCID of the tag definition. lifecycle_state (str) – (optional) A filter to only return resources that match the given lifecycle state. The state value is case-insensitive. Allowed values are: “ACTIVE” retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type list of `TagDefaultSummary`
Return type:	`Response`
Example:

Click here to see an example of how to use list_tag_defaults API.

list_tag_namespaces(compartment_id, **kwargs)¶

Lists the tag namespaces in the specified compartment.

Parameters:	compartment_id (str) – (required) The OCID of the compartment (remember that the tenancy is simply the root compartment). page (str) – (optional) The value of the opc-next-page response header from the previous “List” call. limit (int) – (optional) The maximum number of items to return in a paginated “List” call. include_subcompartments (bool) – (optional) An optional boolean parameter indicating whether to retrieve all tag namespaces in subcompartments. If this parameter is not specified, only the tag namespaces defined in the specified compartment are retrieved. lifecycle_state (str) – (optional) A filter to only return resources that match the given lifecycle state. The state value is case-insensitive. Allowed values are: “ACTIVE”, “INACTIVE”, “DELETING”, “DELETED” retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type list of `TagNamespaceSummary`
Return type:	`Response`
Example:

Click here to see an example of how to use list_tag_namespaces API.

list_tagging_work_request_errors(work_request_id, **kwargs)¶

Gets the errors for a work request.

Parameters:	work_request_id (str) – (required) The OCID of the work request. page (str) – (optional) The value of the opc-next-page response header from the previous “List” call. limit (int) – (optional) The maximum number of items to return in a paginated “List” call. retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type list of `TaggingWorkRequestErrorSummary`
Return type:	`Response`
Example:

Click here to see an example of how to use list_tagging_work_request_errors API.

list_tagging_work_request_logs(work_request_id, **kwargs)¶

Gets the logs for a work request.

Parameters:	work_request_id (str) – (required) The OCID of the work request. page (str) – (optional) The value of the opc-next-page response header from the previous “List” call. limit (int) – (optional) The maximum number of items to return in a paginated “List” call. retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type list of `TaggingWorkRequestLogSummary`
Return type:	`Response`
Example:

Click here to see an example of how to use list_tagging_work_request_logs API.

list_tagging_work_requests(compartment_id, **kwargs)¶

Lists the tagging work requests in compartment.

Parameters:	compartment_id (str) – (required) The OCID of the compartment (remember that the tenancy is simply the root compartment). page (str) – (optional) The value of the opc-next-page response header from the previous “List” call. limit (int) – (optional) The maximum number of items to return in a paginated “List” call. resource_identifier (str) – (optional) The identifier of the resource the work request affects. retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type list of `TaggingWorkRequestSummary`
Return type:	`Response`
Example:

Click here to see an example of how to use list_tagging_work_requests API.

list_tags(tag_namespace_id, **kwargs)¶

Lists the tag definitions in the specified tag namespace.

Parameters:	tag_namespace_id (str) – (required) The OCID of the tag namespace. page (str) – (optional) The value of the opc-next-page response header from the previous “List” call. limit (int) – (optional) The maximum number of items to return in a paginated “List” call. lifecycle_state (str) – (optional) A filter to only return resources that match the given lifecycle state. The state value is case-insensitive. Allowed values are: “ACTIVE”, “INACTIVE”, “DELETING”, “DELETED” retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type list of `TagSummary`
Return type:	`Response`
Example:

Click here to see an example of how to use list_tags API.

list_user_group_memberships(compartment_id, **kwargs)¶

Lists the UserGroupMembership objects in your tenancy. You must specify your tenancy’s OCID as the value for the compartment ID (see `Where to Get the Tenancy's OCID and User's OCID`__). You must also then filter the list in one of these ways:

You can limit the results to just the memberships for a given user by specifying a userId.
Similarly, you can limit the results to just the memberships for a given group by specifying a groupId.
You can set both the userId and groupId to determine if the specified user is in the specified group.

If the answer is no, the response is an empty list. - Although`userId` and groupId are not individually required, you must set one of them.

Parameters:	compartment_id (str) – (required) The OCID of the compartment (remember that the tenancy is simply the root compartment). user_id (str) – (optional) The OCID of the user. group_id (str) – (optional) The OCID of the group. page (str) – (optional) The value of the opc-next-page response header from the previous “List” call. limit (int) – (optional) The maximum number of items to return in a paginated “List” call. retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type list of `UserGroupMembership`
Return type:	`Response`
Example:

Click here to see an example of how to use list_user_group_memberships API.

list_users(compartment_id, **kwargs)¶

Lists the users in your tenancy. You must specify your tenancy’s OCID as the value for the compartment ID (remember that the tenancy is simply the root compartment). See `Where to Get the Tenancy's OCID and User's OCID`__.

Parameters:	compartment_id (str) – (required) The OCID of the compartment (remember that the tenancy is simply the root compartment). page (str) – (optional) The value of the opc-next-page response header from the previous “List” call. limit (int) – (optional) The maximum number of items to return in a paginated “List” call. identity_provider_id (str) – (optional) The id of the identity provider. external_identifier (str) – (optional) The id of a user in the identity provider. name (str) – (optional) A filter to only return resources that match the given name exactly. sort_by (str) – (optional) The field to sort by. You can provide one sort order (sortOrder). Default order for TIMECREATED is descending. Default order for NAME is ascending. The NAME sort order is case sensitive. Note: In general, some “List” operations (for example, ListInstances) let you optionally filter by Availability Domain if the scope of the resource type is within a single Availability Domain. If you call one of these “List” operations without specifying an Availability Domain, the resources are grouped by Availability Domain, then sorted. Allowed values are: “TIMECREATED”, “NAME” sort_order (str) – (optional) The sort order to use, either ascending (ASC) or descending (DESC). The NAME sort order is case sensitive. Allowed values are: “ASC”, “DESC” lifecycle_state (str) – (optional) A filter to only return resources that match the given lifecycle state. The state value is case-insensitive. Allowed values are: “CREATING”, “ACTIVE”, “INACTIVE”, “DELETING”, “DELETED” retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type list of `User`
Return type:	`Response`
Example:

Click here to see an example of how to use list_users API.

list_work_requests(compartment_id, **kwargs)¶

Lists the work requests in compartment.

Parameters:	compartment_id (str) – (required) The OCID of the compartment (remember that the tenancy is simply the root compartment). page (str) – (optional) The value of the opc-next-page response header from the previous “List” call. limit (int) – (optional) The maximum number of items to return in a paginated “List” call. resource_identifier (str) – (optional) The identifier of the resource the work request affects. retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type list of `WorkRequestSummary`
Return type:	`Response`
Example:

Click here to see an example of how to use list_work_requests API.

move_compartment(compartment_id, move_compartment_details, **kwargs)¶

Move the compartment to a different parent compartment in the same tenancy. When you move a compartment, all its contents (subcompartments and resources) are moved with it. Note that the CompartmentId that you specify in the path is the compartment that you want to move.

IMPORTANT: After you move a compartment to a new parent compartment, the access policies of the new parent take effect and the policies of the previous parent no longer apply. Ensure that you are aware of the implications for the compartment contents before you move it. For more information, see `Moving a Compartment`__.

Parameters:	compartment_id (str) – (required) The OCID of the compartment. move_compartment_details (oci.identity.models.MoveCompartmentDetails) – (required) Request object for moving a compartment. if_match (str) – (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value. opc_request_id (str) – (optional) Unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID. opc_retry_token (str) – (optional) A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations (e.g., if a resource has been deleted and purged from the system, then a retry of the original creation request may be rejected). retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type None
Return type:	`Response`
Example:

Click here to see an example of how to use move_compartment API.

recover_compartment(compartment_id, **kwargs)¶

Recover the compartment from DELETED state to ACTIVE state.

Parameters:	compartment_id (str) – (required) The OCID of the compartment. if_match (str) – (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value. opc_request_id (str) – (optional) Unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID. retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type `Compartment`
Return type:	`Response`
Example:

Click here to see an example of how to use recover_compartment API.

remove_tag_default_lock(tag_default_id, remove_lock_details, **kwargs)¶

Remove a resource lock from a tag default.

Parameters:	tag_default_id (str) – (required) The OCID of the tag default. remove_lock_details (oci.identity.models.RemoveLockDetails) – (required) Lock that is going to be removed from resource if_match (str) – (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value. opc_request_id (str) – (optional) Unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID. opc_retry_token (str) – (optional) A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations (e.g., if a resource has been deleted and purged from the system, then a retry of the original creation request may be rejected). retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type `TagDefault`
Return type:	`Response`
Example:

Click here to see an example of how to use remove_tag_default_lock API.

remove_tag_namespace_lock(tag_namespace_id, remove_lock_details, **kwargs)¶

Remove a resource lock from a tag namespace.

Parameters:	tag_namespace_id (str) – (required) The OCID of the tag namespace. remove_lock_details (oci.identity.models.RemoveLockDetails) – (required) Lock that is going to be removed from resource if_match (str) – (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value. opc_request_id (str) – (optional) Unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID. opc_retry_token (str) – (optional) A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations (e.g., if a resource has been deleted and purged from the system, then a retry of the original creation request may be rejected). retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type `TagNamespace`
Return type:	`Response`
Example:

Click here to see an example of how to use remove_tag_namespace_lock API.

remove_user_from_group(user_group_membership_id, **kwargs)¶

Removes a user from a group by deleting the corresponding UserGroupMembership.

Parameters:	user_group_membership_id (str) – (required) The OCID of the userGroupMembership. if_match (str) – (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value. retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type None
Return type:	`Response`
Example:

Click here to see an example of how to use remove_user_from_group API.

reset_idp_scim_client(identity_provider_id, **kwargs)¶

Resets the OAuth2 client credentials for the SCIM client associated with this identity provider.

Parameters:	identity_provider_id (str) – (required) The OCID of the identity provider. retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type `ScimClientCredentials`
Return type:	`Response`
Example:

Click here to see an example of how to use reset_idp_scim_client API.

update_auth_token(user_id, auth_token_id, update_auth_token_details, **kwargs)¶

Updates the specified auth token’s description.

Parameters:	user_id (str) – (required) The OCID of the user. auth_token_id (str) – (required) The OCID of the auth token. update_auth_token_details (oci.identity.models.UpdateAuthTokenDetails) – (required) Request object for updating an auth token. if_match (str) – (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value. retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type `AuthToken`
Return type:	`Response`
Example:

Click here to see an example of how to use update_auth_token API.

update_authentication_policy(compartment_id, update_authentication_policy_details, **kwargs)¶

Updates authentication policy for the specified tenancy.

Parameters:	compartment_id (str) – (required) The OCID of the compartment. update_authentication_policy_details (oci.identity.models.UpdateAuthenticationPolicyDetails) – (required) Request object for updating the authentication policy. if_match (str) – (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value. retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type `AuthenticationPolicy`
Return type:	`Response`
Example:

Click here to see an example of how to use update_authentication_policy API.

update_compartment(compartment_id, update_compartment_details, **kwargs)¶

Updates the specified compartment’s description or name. You can’t update the root compartment.

Parameters:	compartment_id (str) – (required) The OCID of the compartment. update_compartment_details (oci.identity.models.UpdateCompartmentDetails) – (required) Request object for updating a compartment. if_match (str) – (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value. retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type `Compartment`
Return type:	`Response`
Example:

Click here to see an example of how to use update_compartment API.

update_customer_secret_key(user_id, customer_secret_key_id, update_customer_secret_key_details, **kwargs)¶

Updates the specified secret key’s description.

Parameters:	user_id (str) – (required) The OCID of the user. customer_secret_key_id (str) – (required) The access token of the secret key. update_customer_secret_key_details (oci.identity.models.UpdateCustomerSecretKeyDetails) – (required) Request object for updating a secret key. if_match (str) – (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value. retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type `CustomerSecretKeySummary`
Return type:	`Response`
Example:

Click here to see an example of how to use update_customer_secret_key API.

update_domain(domain_id, update_domain_details, **kwargs)¶

(For tenancies that support identity domains) Updates identity domain information and the associated Identity Cloud Service (IDCS) stripe.

To track the progress of the request, submitting an HTTP GET on the /iamWorkRequests/{iamWorkRequestsId} endpoint retrieves the operation’s status.

Parameters:	domain_id (str) – (required) The OCID of the identity domain. update_domain_details (oci.identity.models.UpdateDomainDetails) – (required) Request object for updating the identity domain. if_match (str) – (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value. opc_request_id (str) – (optional) Unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID. retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type None
Return type:	`Response`
Example:

Click here to see an example of how to use update_domain API.

update_dynamic_group(dynamic_group_id, update_dynamic_group_details, **kwargs)¶

Updates the specified dynamic group.

Parameters:	dynamic_group_id (str) – (required) The OCID of the dynamic group. update_dynamic_group_details (oci.identity.models.UpdateDynamicGroupDetails) – (required) Request object for updating an dynamic group. if_match (str) – (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value. retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type `DynamicGroup`
Return type:	`Response`
Example:

Click here to see an example of how to use update_dynamic_group API.

update_group(group_id, update_group_details, **kwargs)¶

Updates the specified group.

Parameters:	group_id (str) – (required) The OCID of the group. update_group_details (oci.identity.models.UpdateGroupDetails) – (required) Request object for updating a group. if_match (str) – (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value. retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type `Group`
Return type:	`Response`
Example:

Click here to see an example of how to use update_group API.

update_identity_provider(identity_provider_id, update_identity_provider_details, **kwargs)¶

Deprecated. For more information, see `Deprecated IAM Service APIs`__.

Updates the specified identity provider.

Parameters:	identity_provider_id (str) – (required) The OCID of the identity provider. update_identity_provider_details (oci.identity.models.UpdateIdentityProviderDetails) – (required) Request object for updating a identity provider. if_match (str) – (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value. retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type `IdentityProvider`
Return type:	`Response`
Example:

Click here to see an example of how to use update_identity_provider API.

update_idp_group_mapping(identity_provider_id, mapping_id, update_idp_group_mapping_details, **kwargs)¶

Deprecated. For more information, see `Deprecated IAM Service APIs`__.

Updates the specified group mapping.

Parameters:	identity_provider_id (str) – (required) The OCID of the identity provider. mapping_id (str) – (required) The OCID of the group mapping. update_idp_group_mapping_details (oci.identity.models.UpdateIdpGroupMappingDetails) – (required) Request object for updating an identity provider group mapping if_match (str) – (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value. retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type `IdpGroupMapping`
Return type:	`Response`
Example:

Click here to see an example of how to use update_idp_group_mapping API.

update_network_source(network_source_id, update_network_source_details, **kwargs)¶

Updates the specified network source.

Parameters:	network_source_id (str) – (required) The OCID of the network source. update_network_source_details (oci.identity.models.UpdateNetworkSourceDetails) – (required) Request object for updating a network source. if_match (str) – (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value. retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type `NetworkSources`
Return type:	`Response`
Example:

Click here to see an example of how to use update_network_source API.

update_o_auth_client_credential(user_id, oauth2_client_credential_id, update_o_auth2_client_credential_details, **kwargs)¶

Updates Oauth token for the user

Parameters:	user_id (str) – (required) The OCID of the user. oauth2_client_credential_id (str) – (required) The ID of the Oauth credential. update_o_auth2_client_credential_details (oci.identity.models.UpdateOAuth2ClientCredentialDetails) – (required) Request object containing the information required to generate an Oauth token. if_match (str) – (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value. retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type `OAuth2ClientCredential`
Return type:	`Response`
Example:

Click here to see an example of how to use update_o_auth_client_credential API.

update_policy(policy_id, update_policy_details, **kwargs)¶

Updates the specified policy. You can update the description or the policy statements themselves.

Policy changes take effect typically within 10 seconds.

Parameters:	policy_id (str) – (required) The OCID of the policy. update_policy_details (oci.identity.models.UpdatePolicyDetails) – (required) Request object for updating a policy. if_match (str) – (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value. retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type `Policy`
Return type:	`Response`
Example:

Click here to see an example of how to use update_policy API.

update_smtp_credential(user_id, smtp_credential_id, update_smtp_credential_details, **kwargs)¶

Updates the specified SMTP credential’s description.

Parameters:	user_id (str) – (required) The OCID of the user. smtp_credential_id (str) – (required) The OCID of the SMTP credential. update_smtp_credential_details (oci.identity.models.UpdateSmtpCredentialDetails) – (required) Request object for updating a SMTP credential. if_match (str) – (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value. retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type `SmtpCredentialSummary`
Return type:	`Response`
Example:

Click here to see an example of how to use update_smtp_credential API.

update_swift_password(user_id, swift_password_id, update_swift_password_details, **kwargs)¶

Deprecated. Use :func:`update_auth_token` instead.

Updates the specified Swift password’s description.

Parameters:	user_id (str) – (required) The OCID of the user. swift_password_id (str) – (required) The OCID of the Swift password. update_swift_password_details (oci.identity.models.UpdateSwiftPasswordDetails) – (required) Request object for updating a Swift password. if_match (str) – (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value. retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type `SwiftPassword`
Return type:	`Response`
Example:

Click here to see an example of how to use update_swift_password API.

update_tag(tag_namespace_id, tag_name, update_tag_details, **kwargs)¶

Updates the specified tag definition.

Setting validator determines the value type. Tags can use either a static value or a list of possible values. Static values are entered by a user applying the tag to a resource. Lists are created by you and the user must apply a value from the list. On update, any values in a list that were previously set do not change, but new values must pass validation. Values already applied to a resource do not change.

You cannot remove list values that appear in a TagDefault. To remove a list value that appears in a TagDefault, first update the TagDefault to use a different value.

Parameters:	tag_namespace_id (str) – (required) The OCID of the tag namespace. tag_name (str) – (required) The name of the tag. update_tag_details (oci.identity.models.UpdateTagDetails) – (required) Request object for updating a tag. if_match (str) – (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value. is_lock_override (bool) – (optional) Whether to override locks (if any exist). retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type `Tag`
Return type:	`Response`
Example:

Click here to see an example of how to use update_tag API.

update_tag_default(tag_default_id, update_tag_default_details, **kwargs)¶

Updates the specified tag default. If you specify that a value is required, a value is set during resource creation (either by the user creating the resource or another tag defualt). If no value is set, resource creation is blocked.

If the isRequired flag is set to “true”, the value is set during resource creation.
If the isRequired flag is set to “false”, the value you enter is set during resource creation.

Parameters:	tag_default_id (str) – (required) The OCID of the tag default. update_tag_default_details (oci.identity.models.UpdateTagDefaultDetails) – (required) Request object for updating a tag default. is_lock_override (bool) – (optional) Whether to override locks (if any exist). if_match (str) – (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value. opc_request_id (str) – (optional) Unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID. retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type `TagDefault`
Return type:	`Response`
Example:

Click here to see an example of how to use update_tag_default API.

update_tag_namespace(tag_namespace_id, update_tag_namespace_details, **kwargs)¶

Updates the the specified tag namespace. You can’t update the namespace name.

Updating isRetired to ‘true’ retires the namespace and all the tag definitions in the namespace. Reactivating a namespace (changing isRetired from ‘true’ to ‘false’) does not reactivate tag definitions. To reactivate the tag definitions, you must reactivate each one individually after you reactivate the namespace, using update_tag(). For more information about retiring tag namespaces, see `Retiring Key Definitions and Namespace Definitions`__.

You can’t add a namespace with the same name as a retired namespace in the same tenancy.

Parameters:	tag_namespace_id (str) – (required) The OCID of the tag namespace. update_tag_namespace_details (oci.identity.models.UpdateTagNamespaceDetails) – (required) Request object for updating a namespace. is_lock_override (bool) – (optional) Whether to override locks (if any exist). retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type `TagNamespace`
Return type:	`Response`
Example:

Click here to see an example of how to use update_tag_namespace API.

update_user(user_id, update_user_details, **kwargs)¶

Updates the description of the specified user.

Parameters:	user_id (str) – (required) The OCID of the user. update_user_details (oci.identity.models.UpdateUserDetails) – (required) Request object for updating a user. if_match (str) – (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value. retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type `User`
Return type:	`Response`
Example:

Click here to see an example of how to use update_user API.

update_user_capabilities(user_id, update_user_capabilities_details, **kwargs)¶

Updates the capabilities of the specified user.

Parameters:	user_id (str) – (required) The OCID of the user. update_user_capabilities_details (oci.identity.models.UpdateUserCapabilitiesDetails) – (required) Request object for updating user capabilities. if_match (str) – (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value. retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type `User`
Return type:	`Response`
Example:

Click here to see an example of how to use update_user_capabilities API.

update_user_state(user_id, update_state_details, **kwargs)¶

Updates the state of the specified user.

Parameters:	user_id (str) – (required) The OCID of the user. update_state_details (oci.identity.models.UpdateStateDetails) – (required) Request object for updating a user state. if_match (str) – (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value. retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type `User`
Return type:	`Response`
Example:

Click here to see an example of how to use update_user_state API.

upload_api_key(user_id, create_api_key_details, **kwargs)¶

Uploads an API signing key for the specified user.

Every user has permission to use this operation to upload a key for their own user ID. An administrator in your organization does not need to write a policy to give users this ability. To compare, administrators who have permission to the tenancy can use this operation to upload a key for any user, including themselves.

Important: Even though you have permission to upload an API key, you might not yet have permission to do much else. If you try calling an operation unrelated to your own credential management (e.g., ListUsers, LaunchInstance) and receive an “unauthorized” error, check with an administrator to confirm which IAM Service group(s) you’re in and what access you have. Also confirm you’re working in the correct compartment.

After you send your request, the new object’s lifecycleState will temporarily be CREATING. Before using the object, first make sure its lifecycleState has changed to ACTIVE.

Parameters:	user_id (str) – (required) The OCID of the user. create_api_key_details (oci.identity.models.CreateApiKeyDetails) – (required) Request object for uploading an API key for a user. opc_retry_token (str) – (optional) A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations (e.g., if a resource has been deleted and purged from the system, then a retry of the original creation request may be rejected). retry_strategy (obj) – (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level. This should be one of the strategies available in the `retry` module. This operation uses `DEFAULT_RETRY_STRATEGY` as default if no retry strategy is provided. The specifics of the default retry strategy are described here. To have this operation explicitly not perform any retries, pass an instance of `NoneRetryStrategy`. allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:	A `Response` object with data of type `ApiKey`
Return type:	`Response`
Example:

Click here to see an example of how to use upload_api_key API.