1. Oracle Identity Cloud Service REST APIREST API for Oracle Identity Cloud Service
  2. Managing Authorization
  3. AppRole Permissions
  4. Application Administrator

Application Administrator

To grant an application access to the Oracle Identity Cloud Service REST API, you must first know the allowed operations that you need the application to access. Then, assign the AppRoles with access to those operations to your application.

The following table displays the endpoints and the allowed operations for that endpoint that an Application Administrator AppRole can access.

Endpoint Allowed Operations
AdaptiveAccessSettings GET/<ID>, GET(Search)
AccountMgmtInfos ALL
AccountObjectClasses ALL
AccountObjectClassTemplates GET/<ID>, GET(Search)
AccountOwnerLinker ALL
AccountPasswordResetter ALL
AccountStatusChanger ALL
AnalyticEvents GET/<ID>, GET(Search)
AppAllowedScopesChanger ALL
AppClientSecretRegenerator ALL
AppEntitlementCollections ALL
AppRoleExportJob GET/<ID>, GET(Search)
AppRoleExportJobHistory GET/<ID>, GET(Search)
AppRoleExportJobProgress ALL
AppRoleExportJobReport GET/<ID>, GET(Search)
AppRoleExportJobSchedule ALL
AppRoleImportJob GET/<ID>, GET(Search)
AppRoleImportJobHistory GET/<ID>, GET(Search)
AppRoleImportJobReport GET/<ID>, GET(Search)
AppRoleImportJobProgress ALL
AppRoleImportJobSchedule ALL
AppRoleMembershipImportDetailedJobReports GET/<ID>, GET(Search)
AppRoleMembershipImportSummaryJobReports ALL
AppRoles ALL
Apps ALL
AppStatusChanger ALL
AppTemplates GET/<ID>, GET(Search)
AppTemplateStatusChanger GET/<ID>, GET(Search)
AppUpgrader ALL
AsyncTargetActions ALL
AuditEvents GET/<ID>, GET(Search)
Bulk ALL
ConditionGroups ALL
Conditions ALL
ConnectorBundles GET/<ID>, GET(Search)
CustomAllowedValues ALL
Files ALL
GrantEvaluationJob GET/<ID>, GET(Search)
GrantEvaluationJobHistory GET/<ID>, GET(Search)
GrantEvaluationJobProgress ALL
GrantEvaluationJobReport GET/<ID>, GET(Search)
GrantEvaluationJobSchedule ALL
GrantImportDetailedJobReports GET/<ID>, GET(Search)
GrantImportSummaryJobReports GET/<ID>, GET(Search)
Grants ALL
Groups GET/<ID>, GET(Search)
IDCSGroups GET/<ID>, GET(Search)
IDCSUsers GET/<ID>, GET(Search)
Images GET/<ID>, GET(Search)
Jobs GET/<ID>, GET(Search)
JobHistories GET/<ID>, GET(Search)
JobProgress GET/<ID>, GET(Search)
JobReports GET/<ID>, GET(Search)
JobSchedules GET/<ID>, GET(Search)
ManagedApp ALL
ManagedAppAttributeMappings ALL
ManagedAppConnectionTester ALL
ManagedAppOperations ALL
ManagedAppOperationTemplates GET/<ID>, GET(Search)
ManagedObjectClasses ALL
ManagedObjectClassTemplates GET/<ID>, GET(Search)
ManagedObjectSyncDetailedJobReports GET/<ID>, GET(Search)
ManagedObjectSyncJob GET/<ID>, GET(Search)
ManagedObjectSyncJobHistory GET/<ID>, GET(Search)
ManagedObjectSyncJobProgress ALL
ManagedObjectSyncJobReports GET/<ID>, GET(Search)
ManagedObjectSyncJobSchedule ALL
MappedActions ALL
MappedActionTemplates GET/<ID>, GET(Search)
MappedAttributes ALL
MappedAttributeTemplates GET/<ID>, GET(Search)
NetworkPerimeters ALL
OAuthClientCertificates ALL
ObjectMgmtInfos ALL
Policies ALL
RefreshAccessStatisticsJob GET/<ID>, GET(Search)
RefreshAccessStatisticsJobHistory GET/<ID>, GET(Search)
RefreshAccessStatisticsJobProgres ALL
RefreshAccessStatisticsJobReport GET/<ID>, GET(Search)
RefreshAccessStatisticsJobSchedule ALL
RefreshAppAccessTokensJob GET/<ID>, GET(Search)
RefreshAppAccessTokensJobHistory GET/<ID>, GET(Search)
RefreshAppAccessTokensJobProgress GET/<ID>, GET(Search)
RefreshAppAccessTokensJobSchedule ALL
Reports POST
RiskProviderProflies GET/<ID>, GET(Search)
RiskScoreHistories GET/<ID>, GET(Search)
Rules ALL
SFFCustomApps ALL
SigningCert/jwk GET/<ID>, GET(Search)
SocialAccounts GET/<ID>, GET(Search)
SyncEvents ALL
Tags GET/<ID>, GET(Search), POST/.search
TargetActionResults ALL
TargetActions ALL
TermsOfUseConsents GET/<ID>, GET(Search)
TermsOfUses ALL
TermsOfUseStatements ALL
UserAppsEnabledForAuthentication GET/<ID>, GET(Search)
UserAppsEnabledForDelegatedAuthentication GET/<ID>, GET(Search)
Users GET/<ID>, GET(Search)
WebTierPolicyJsonValidator ALL