1. Oracle Identity Cloud Service REST APIREST API for Oracle Identity Cloud Service
  2. Use Cases
  3. Creating an Enterprise Application with Authorization Policy
  4. Create Allow Authorization Policy
  5. Create Allow Authorization Policy Rule

Create Allow Authorization Policy Rule

The following example shows how to create a rule by submitting a POST request on the REST resource using cURL. For more information about cURL, see Use cURL.

cURL Command

Note:

The command in this example uses the URL structure https://tenant-base-url/resource-path, where tenant-base-url represents the Identity Service URL, and the resource path represents the Identity Service API. See Send Requests for the appropriate URL structure to use. 
curl
-X POST
-H "Content-Type:application/scim+json"
-H "Authorization: Bearer <Access Token Value>"
https://tenant-base-url/admin/v1/Rules

Example of Request Body

The following shows an example of the request body in JSON format:

{
    "schemas": [
        "urn:ietf:params:scim:schemas:oracle:idcs:Rule"
    ],
    "name": "Allow Authorization policy rule",
    "policyType": {
        "value": "AllowAuthz"
    },
    "return": [
        {
            "name": "effect",
            "value": "ALLOW"
        },
        {
            "name": "setHeader",
            "value": "USER_NAME=$(user.userName),USER_ID=$(user.id)"
        }
    ],
    "conditionGroup": {
        "value": "<allow authz policy condition group id>",
        "type": "ConditionGroup"
    }
}

Example of Response Body

The following example shows the contents of the response body in JSON format:

{
    "idcsLastModifiedBy": {
        "type": "User",
        "value": "bf11562fd0dd4fda85fde3690b104dd3",
        "display": "admin opc",
        "$ref": "https://tenant-base-url/admin/v1/Users/bf11562fd0dd4fda85fde3690b104dd3"
    },
    "idcsCreatedBy": {
        "type": "User",
        "display": "admin opc",
        "value": "bf11562fd0dd4fda85fde3690b104dd3",
        "$ref": "https://tenant-base-url/admin/v1/Users/bf11562fd0dd4fda85fde3690b104dd3"
    },
    "id": "7a8dfdc5d175418ea7babb63cf0301ee",
    "meta": {
        "created": "2018-10-21T15:39:49.097Z",
        "lastModified": "2018-10-21T15:39:49.097Z",
        "resourceType": "Rule",
        "location": "https://tenant-base-url/admin/v1/Rules/7a8dfdc5d175418ea7babb63cf0301ee"
    },
    "name": "Allow Authorization policy rule",
    "policyType": {
        "value": "AllowAuthz",
        "$ref": "https://tenant-base-url/admin/v1/PolicyTypes/AllowAuthz"
    },
    "conditionGroup": {
        "value": "d073eb1df00f4b388fbb06430b70173e",
        "type": "ConditionGroup",
        "name": "ConditionGroup",
        "$ref": "https://tenant-base-url/admin/v1/ConditionGroups/d073eb1df00f4b388fbb06430b70173e"
    },
    "return": [
        {
            "name": "effect",
            "value": "ALLOW"
        }
    ],
    "schemas": [
        "urn:ietf:params:scim:schemas:oracle:idcs:Rule"
    ]
}