To grant an application access to the Oracle Identity Cloud Service REST API, you must first know the allowed operations that you need the application to access. Then, assign the AppRoles with access to those operations to your application.

The following table displays the endpoints and the allowed operations for that endpoint that a Signin AppRole can access.

Endpoint Allowed Operations
AccountRecoverySettings ALL
AllowedValues GET(Search), GET/<ID>
Authenticate ALL
AuthenticationFactorSettings GET(Search), GET/<ID>
BrandingSettings GET(Search), GET/<ID>
SecurityQuestions GET(Search), GET/<ID>
SecurityQuestionSettings GET(Search), GET/<ID>
TermsOfUseStatements GET(Search), GET/<ID>