Search IDCS AppRole Grants Using POST

post

/admin/v1/IdcsAppRoleGrants/.search

Request

Supported Media Types
Header Parameters
  • The Authorization field value consists of credentials containing the authentication information of the user agent for the realm of the resource being requested.
  • Media Type
  • An endpoint-specific schema version number to use in the Request. Allowed version values are Earliest Version or Latest Version as specified in each REST API endpoint description, or any sequential number inbetween. All schema attributes/body parameters are a part of version 1. After version 1, any attributes added or deprecated will be tagged with the version that they were added to or deprecated in. If no version is provided, the latest schema version is returned.
Body ()
Root Schema : IdcsAppRoleGrant-SearchRequest
Type: object
Clients MAY execute queries without passing parameters on the URL by using the HTTP POST verb combined with the /.search path extension. The inclusion of /.search on the end of a valid SCIM endpoint SHALL be used to indicate the HTTP POST verb is intended to be a query operation. To create a new query result set, a SCIM client sends an HTTP POST request to the desired SCIM resource endpoint (ending in /.search). The body of the POST request MAY include any of the parameters.
Show Source
  • A multi-valued list of strings indicating the names of resource attributes to return in the response overriding the set of attributes that would be returned by default. Attribute names MUST be in standard attribute notation (Section 3.10) form. See (additional retrieval query parameters). OPTIONAL.
  • Allowed Values: [ "all", "always", "never", "request", "default" ]
    A multi-valued list of strings indicating the return type of attribute definition. The specified set of attributes can be fetched by the return type of the attribute. One or more values can be given together to fetch more than one group of attributes. If "attributes" query parameter is also available, union of the two is fetched. Valid values : all, always, never, request, default. Values are case-insensitive. OPTIONAL.
  • Minimum Length: 1
    Maximum Length: 1000
    An integer that indicates the desired maximum number of query results per page. 1000 is the largest value that you can use. See the Pagination section of the System for Cross-Domain Identity Management Protocol specification for more information. (Section 3.4.2.4). OPTIONAL.
  • The filter string that is used to request a subset of resources. See the Using the Filter Query Parameter section of the Query Parameters page in Getting Started. The filter string MUST be a valid filter expression. See Section 3.4.2.2. OPTIONAL.
  • Allowed Values: [ "urn:ietf:params:scim:api:messages:2.0:SearchRequest" ]
    The schemas attribute is an array of Strings which allows introspection of the supported schema version for a SCIM representation as well any schema extensions supported by that representation. Each String value must be a unique URI. Query requests MUST be identified using the following URI: "urn:ietf:params:scim:api:messages:2.0:SearchRequest" REQUIRED.
  • A string that indicates the attribute whose value SHALL be used to order the returned responses. The sortBy attribute MUST be in standard attribute notation (Section 3.10) form. See Sorting section. OPTIONAL.
  • Allowed Values: [ "ascending", "descending" ]
    A string that indicates the order in which the sortBy parameter is applied. Allowed values are "ascending" and "descending". See (Sorting Section). OPTIONAL.
  • An integer that indicates the 1-based index of the first query result. See Pagination Section. OPTIONAL.
Back to Top

Response

Supported Media Types

200 Response

The request was successful.
Body ()
Root Schema : IdcsAppRoleGrant-ListResponse
Type: object
The SCIM protocol defines a standard set of query parameters that can be used to filter, sort, and paginate to return zero or more resources in a query response. Queries MAY be made against a single resource or a resource type endpoint (e.g., /Users), or the service provider Base URI.
Show Source
  • The number of resources returned in a list response page. REQUIRED when partial results returned due to pagination.
  • Resources
    A multi-valued list of complex objects containing the requested resources. This MAY be a subset of the full set of resources if pagination is requested. REQUIRED if "totalResults" is non-zero.
  • Allowed Values: [ "urn:ietf:params:scim:api:messages:2.0:ListResponse" ]
    The schemas attribute is an array of Strings which allows introspection of the supported schema version for a SCIM representation as well any schema extensions supported by that representation. Each String value must be a unique URI. All representations of SCIM schema MUST include a non-zero value array with value(s) of the URIs supported by that representation. Duplicate values MUST NOT be included. Value order is not specified and MUST not impact behavior. REQUIRED.
  • The 1-based index of the first result in the current set of list results. REQUIRED when partial results returned due to pagination.
  • The total number of results returned by the list or query operation. The value may be larger than the number of resources returned such as when returning a single page of results where multiple pages are available. REQUIRED.
Nested Schema : Resources
Type: array
A multi-valued list of complex objects containing the requested resources. This MAY be a subset of the full set of resources if pagination is requested. REQUIRED if "totalResults" is non-zero.
Show Source
Nested Schema : IdcsAppRoleGrant
Type: object
Schema for Grant Resource
Show Source
  • app
    SCIM++ Properties:
    • idcsCsvAttributeNameMappings: [[columnHeaderName:App Name, defaultValue:jobParam:appDisplayName, mapsTo:app.value]]
    • idcsSearchable: true
    • multiValued: false
    • mutability: immutable
    • required: false
    • returned: default
    • type: complex
    • uniqueness: none
    Application that is being granted. Each Grant must grant either an App or an App-Entitlement-Collection.
  • appEntitlementCollection
    Added In: 18.2.4

    SCIM++ Properties:
    • idcsSearchable: true
    • multiValued: false
    • mutability: immutable
    • required: false
    • returned: default
    • type: complex
    • uniqueness: none
    Application-Entitlement-Collection that is being granted. Each Grant must grant either an App or an App-Entitlement-Collection.
  • Added In: 18.1.2

    SCIM++ Properties:
    • caseExact: true
    • idcsSearchable: true
    • multiValued: false
    • mutability: readOnly
    • required: false
    • returned: request
    • type: string
    • uniqueness: server
    Unique key of grant, composed by combining a subset of app, entitlement, grantee, grantor and grantMechanism. Used to prevent duplicate Grants.
  • SCIM++ Properties:
    • caseExact: false
    • idcsSearchable: true
    • multiValued: false
    • mutability: readOnly
    • required: false
    • returned: default
    • type: boolean
    • uniqueness: none
    A boolean flag indicating this resource in the process of being deleted. Usually set to true when synchronous deletion of the resource would take too long.
  • entitlement
    SCIM++ Properties:
    • idcsCsvAttributeNameMappings: [[columnHeaderName:Entitlement Value, csvColumnForResolvingResourceType:Entitlement Name, mapsTo:entitlement.attributeValue, referencedResourceTypeUniqueAttributeNameMappings:[[mapsFromColumnName:Entitlement Value, resourceTypeAttributeName:displayName], [mapsFromColumnName:App Name, resourceTypeAttributeName:app.display]], resolveValueUsingResourceType:[[resolveBy:AppRole, valueToBeResolved:appRoles]]], [columnHeaderName:Entitlement Name, defaultValue:appRoles, mapsTo:entitlement.attributeName]]
    • idcsSearchable: true
    • multiValued: false
    • mutability: immutable
    • required: false
    • returned: default
    • type: complex
    The entitlement or privilege that is being granted
  • Minimum Length: 1
    Maximum Length: 100000
    Added In: 18.3.4

    SCIM++ Properties:
    • idcsSearchable: false
    • multiValued: false
    • mutability: readWrite
    • required: false
    • returned: default
    • type: string
    • uniqueness: none
    Store granted attribute-values as a string in Javascript Object Notation (JSON) format.
  • grantee
    SCIM++ Properties:
    • idcsCsvAttributeNameMappings: [[columnHeaderName:Grantee Name, csvColumnForResolvingResourceType:Grantee Type, mapsTo:grantee.value], [columnHeaderName:Grantee Type, mapsTo:grantee.type]]
    • idcsSearchable: true
    • multiValued: false
    • mutability: immutable
    • required: true
    • returned: default
    • type: complex
    • uniqueness: none
    Grantee beneficiary. The grantee may be a User, Group or App.
  • Allowed Values: [ "IMPORT_APPROLE_MEMBERS", "ADMINISTRATOR_TO_USER", "ADMINISTRATOR_TO_DELEGATED_USER", "ADMINISTRATOR_TO_GROUP", "SERVICE_MANAGER_TO_USER", "ADMINISTRATOR_TO_APP", "SERVICE_MANAGER_TO_APP", "OPC_INFRA_TO_APP", "GROUP_MEMBERSHIP", "IMPORT_GRANTS", "SYNC_TO_USER", "ACCESS_REQUEST", "APP_ENTITLEMENT_COLLECTION" ]
    SCIM++ Properties:
    • caseExact: true
    • idcsCsvAttributeNameMappings: [[defaultValue:IMPORT_GRANTS]]
    • idcsSearchable: true
    • multiValued: false
    • mutability: immutable
    • required: true
    • returned: default
    • type: string
    • uniqueness: none

    Each value of grantMechanism indicates how (or by what component) some App (or App-Entitlement) was granted.

    A customer or the UI should use only grantMechanism values that start with 'ADMINISTRATOR':

    • 'ADMINISTRATOR_TO_USER' is for a direct grant to a specific User.
    • 'ADMINISTRATOR_TO_GROUP' is for a grant to a specific Group, which results in indirect grants to Users who are members of that Group.
    • 'ADMINISTRATOR_TO_APP' is for a grant to a specific App. The grantee (client) App gains access to the granted (server) App.
  • grantor
    SCIM++ Properties:
    • idcsSearchable: true
    • multiValued: false
    • mutability: readOnly
    • required: false
    • returned: default
    • type: complex
    User conferring the grant to the beneficiary
  • SCIM++ Properties:
    • caseExact: false
    • idcsSearchable: true
    • multiValued: false
    • mutability: readOnly
    • required: false
    • returned: always
    • type: string
    • uniqueness: global
    Unique identifier for the SCIM Resource as defined by the Service Provider. Each representation of the Resource MUST include a non-empty id value. This identifier MUST be unique across the Service Provider's entire set of Resources. It MUST be a stable, non-reassignable identifier that does not change when the same Resource is returned in subsequent requests. The value of the id attribute is always issued by the Service Provider and MUST never be specified by the Service Consumer. bulkId: is a reserved keyword and MUST NOT be used in the unique identifier.
  • idcsCreatedBy
    SCIM++ Properties:
    • idcsSearchable: true
    • multiValued: false
    • mutability: readOnly
    • required: true
    • returned: default
    • type: complex
    The User or App who created the Resource
  • idcsLastModifiedBy
    SCIM++ Properties:
    • idcsSearchable: true
    • multiValued: false
    • mutability: readOnly
    • required: false
    • returned: default
    • type: complex
    The User or App who modified the Resource
  • SCIM++ Properties:
    • caseExact: false
    • idcsSearchable: false
    • multiValued: false
    • mutability: readOnly
    • required: false
    • returned: request
    • type: string
    • uniqueness: none
    The release number when the resource was upgraded.
  • Allowed Values: [ "replace", "update", "delete" ]
    SCIM++ Properties:
    • idcsSearchable: false
    • multiValued: true
    • mutability: readOnly
    • required: false
    • returned: request
    • type: string
    • uniqueness: none
    Each value of this attribute specifies an operation that only an internal client may perform on this particular resource.
  • SCIM++ Properties:
    • idcsSearchable: true
    • multiValued: false
    • mutability: readOnly
    • required: false
    • returned: default
    • type: boolean
    • uniqueness: none
    If true, this Grant has been fulfilled successfully.
  • meta
    SCIM++ Properties:
    • caseExact: false
    • idcsSearchable: true
    • multiValued: false
    • mutability: readOnly
    • required: false
    • returned: default
    • idcsCsvAttributeNameMappings: [[columnHeaderName:Created Date, mapsTo:meta.created]]
    • type: complex
    A complex attribute that contains resource metadata. All sub-attributes are OPTIONAL.
  • SCIM++ Properties:
    • caseExact: false
    • idcsSearchable: false
    • multiValued: true
    • mutability: readWrite
    • required: true
    • returned: default
    • type: string
    • uniqueness: none
    REQUIRED. The schemas attribute is an array of Strings which allows introspection of the supported schema version for a SCIM representation as well any schema extensions supported by that representation. Each String value must be a unique URI. This specification defines URIs for User, Group, and a standard \"enterprise\" extension. All representations of SCIM schema MUST include a non-zero value array with value(s) of the URIs supported by that representation. Duplicate values MUST NOT be included. Value order is not specified and MUST not impact behavior.
  • tags
    SCIM++ Properties:
    • idcsCompositeKey: [key, value]
    • idcsSearchable: true
    • multiValued: true
    • mutability: readWrite
    • required: false
    • returned: request
    • type: complex
    • uniqueness: none
    A list of tags on this resource.
  • urn:ietf:params:scim:schemas:oracle:idcs:extension:idcsAppRole:Grant
    Schema for IDCS AppRole Grant Resource
Nested Schema : app
Type: object
SCIM++ Properties:
  • idcsCsvAttributeNameMappings: [[columnHeaderName:App Name, defaultValue:jobParam:appDisplayName, mapsTo:app.value]]
  • idcsSearchable: true
  • multiValued: false
  • mutability: immutable
  • required: false
  • returned: default
  • type: complex
  • uniqueness: none
Application that is being granted. Each Grant must grant either an App or an App-Entitlement-Collection.
Show Source
  • SCIM++ Properties:
    • idcsSearchable: false
    • multiValued: false
    • mutability: readOnly
    • required: false
    • returned: default
    • type: reference
    • uniqueness: none
    Application URI
  • SCIM++ Properties:
    • idcsSearchable: true
    • multiValued: false
    • mutability: readOnly
    • required: false
    • returned: request
    • type: string
    • uniqueness: none
    Application display name
  • Minimum Length: 1
    Maximum Length: 40
    SCIM++ Properties:
    • caseExact: true
    • idcsSearchable: true
    • multiValued: false
    • mutability: immutable
    • required: true
    • returned: default
    • type: string
    • uniqueness: none
    Application identifier
Nested Schema : appEntitlementCollection
Type: object
Added In: 18.2.4

SCIM++ Properties:
  • idcsSearchable: true
  • multiValued: false
  • mutability: immutable
  • required: false
  • returned: default
  • type: complex
  • uniqueness: none
Application-Entitlement-Collection that is being granted. Each Grant must grant either an App or an App-Entitlement-Collection.
Show Source
  • Added In: 18.2.4

    SCIM++ Properties:
    • idcsSearchable: false
    • multiValued: false
    • mutability: readOnly
    • required: false
    • returned: default
    • type: reference
    • uniqueness: none
    Application Entitlement Collection URI
  • Minimum Length: 1
    Maximum Length: 40
    Added In: 18.2.4

    SCIM++ Properties:
    • caseExact: true
    • idcsSearchable: true
    • multiValued: false
    • mutability: immutable
    • required: true
    • returned: default
    • type: string
    • uniqueness: none
    Application Entitlement Collection identifier
Nested Schema : entitlement
Type: object
SCIM++ Properties:
  • idcsCsvAttributeNameMappings: [[columnHeaderName:Entitlement Value, csvColumnForResolvingResourceType:Entitlement Name, mapsTo:entitlement.attributeValue, referencedResourceTypeUniqueAttributeNameMappings:[[mapsFromColumnName:Entitlement Value, resourceTypeAttributeName:displayName], [mapsFromColumnName:App Name, resourceTypeAttributeName:app.display]], resolveValueUsingResourceType:[[resolveBy:AppRole, valueToBeResolved:appRoles]]], [columnHeaderName:Entitlement Name, defaultValue:appRoles, mapsTo:entitlement.attributeName]]
  • idcsSearchable: true
  • multiValued: false
  • mutability: immutable
  • required: false
  • returned: default
  • type: complex
The entitlement or privilege that is being granted
Show Source
  • Minimum Length: 1
    Maximum Length: 100
    SCIM++ Properties:
    • caseExact: false
    • idcsSearchable: true
    • multiValued: false
    • mutability: immutable
    • required: true
    • returned: default
    • type: string
    • uniqueness: none
    The name of the attribute whose value (specified by attributeValue) confers privilege within the service-instance (specified by app).
  • Minimum Length: 1
    Maximum Length: 200
    SCIM++ Properties:
    • caseExact: true
    • idcsCsvAttributeName: Display Name
    • idcsSearchable: true
    • multiValued: false
    • mutability: immutable
    • required: true
    • returned: default
    • type: string
    • uniqueness: none
    The value of the attribute (specified by attributeName) that confers privilege within the service-instance (specified by app). If attributeName is 'appRoles', then attributeValue is the ID of the AppRole.
Nested Schema : grantee
Type: object
SCIM++ Properties:
  • idcsCsvAttributeNameMappings: [[columnHeaderName:Grantee Name, csvColumnForResolvingResourceType:Grantee Type, mapsTo:grantee.value], [columnHeaderName:Grantee Type, mapsTo:grantee.type]]
  • idcsSearchable: true
  • multiValued: false
  • mutability: immutable
  • required: true
  • returned: default
  • type: complex
  • uniqueness: none
Grantee beneficiary. The grantee may be a User, Group or App.
Show Source
  • SCIM++ Properties:
    • idcsSearchable: false
    • multiValued: false
    • mutability: readOnly
    • required: false
    • returned: default
    • type: reference
    • uniqueness: none
    Grantee URI
  • SCIM++ Properties:
    • idcsSearchable: false
    • multiValued: false
    • mutability: readOnly
    • required: false
    • returned: request
    • type: string
    • uniqueness: none
    Grantee display name
  • Allowed Values: [ "User", "Group", "App" ]
    SCIM++ Properties:
    • caseExact: true
    • idcsCsvAttributeName: Member Type
    • idcsDefaultValue: User
    • idcsSearchable: true
    • multiValued: false
    • mutability: immutable
    • required: true
    • returned: default
    • type: string
    • uniqueness: none
    Grantee resource type. Allowed values are User, Group, and App.
  • Minimum Length: 1
    Maximum Length: 40
    SCIM++ Properties:
    • caseExact: true
    • idcsCsvAttributeName: Member
    • idcsSearchable: true
    • multiValued: false
    • mutability: immutable
    • required: true
    • returned: default
    • type: string
    • uniqueness: none
    Grantee identifier
Nested Schema : grantor
Type: object
SCIM++ Properties:
  • idcsSearchable: true
  • multiValued: false
  • mutability: readOnly
  • required: false
  • returned: default
  • type: complex
User conferring the grant to the beneficiary
Show Source
  • SCIM++ Properties:
    • idcsSearchable: false
    • multiValued: false
    • mutability: readOnly
    • required: false
    • returned: default
    • type: reference
    • uniqueness: none
    Grantor URI
  • SCIM++ Properties:
    • idcsSearchable: false
    • multiValued: false
    • mutability: readOnly
    • required: false
    • returned: request
    • type: string
    • uniqueness: none
    Grantor display name
  • Allowed Values: [ "User", "App", "Group", "AppEntitlementCollection" ]
    SCIM++ Properties:
    • caseExact: true
    • idcsDefaultValue: User
    • idcsSearchable: true
    • multiValued: false
    • mutability: readOnly
    • required: true
    • returned: default
    • type: string
    • uniqueness: none
    Resource type of the grantor. Allowed values are User and App.
  • Minimum Length: 1
    Maximum Length: 40
    SCIM++ Properties:
    • caseExact: true
    • idcsSearchable: true
    • multiValued: false
    • mutability: readOnly
    • required: false
    • returned: default
    • type: string
    • uniqueness: none
    Grantor user identifier
Nested Schema : idcsCreatedBy
Type: object
SCIM++ Properties:
  • idcsSearchable: true
  • multiValued: false
  • mutability: readOnly
  • required: true
  • returned: default
  • type: complex
The User or App who created the Resource
Show Source
  • SCIM++ Properties:
    • caseExact: true
    • idcsSearchable: false
    • multiValued: false
    • mutability: readOnly
    • required: false
    • returned: default
    • type: reference
    • uniqueness: none
    The URI of the SCIM resource that represents the User or App who created this Resource
  • SCIM++ Properties:
    • caseExact: true
    • idcsSearchable: false
    • multiValued: false
    • mutability: readOnly
    • required: false
    • returned: default
    • type: string
    • uniqueness: none
    The displayName of the User or App who created this Resource
  • Allowed Values: [ "User", "App" ]
    SCIM++ Properties:
    • caseExact: false
    • idcsSearchable: false
    • multiValued: false
    • mutability: readOnly
    • required: false
    • returned: default
    • type: string
    • uniqueness: none
    The type of resource, User or App, that created this Resource
  • SCIM++ Properties:
    • caseExact: true
    • idcsSearchable: true
    • multiValued: false
    • mutability: readOnly
    • required: true
    • returned: default
    • type: string
    • uniqueness: none
    The ID of the SCIM resource that represents the User or App who created this Resource
Nested Schema : idcsLastModifiedBy
Type: object
SCIM++ Properties:
  • idcsSearchable: true
  • multiValued: false
  • mutability: readOnly
  • required: false
  • returned: default
  • type: complex
The User or App who modified the Resource
Show Source
  • SCIM++ Properties:
    • caseExact: true
    • idcsSearchable: false
    • multiValued: false
    • mutability: readOnly
    • required: false
    • returned: default
    • type: reference
    • uniqueness: none
    The URI of the SCIM resource that represents the User or App who modified this Resource
  • SCIM++ Properties:
    • caseExact: true
    • idcsSearchable: false
    • multiValued: false
    • mutability: readOnly
    • required: false
    • returned: default
    • type: string
    • uniqueness: none
    The displayName of the User or App who modified this Resource
  • Allowed Values: [ "User", "App" ]
    SCIM++ Properties:
    • caseExact: false
    • idcsSearchable: false
    • multiValued: false
    • mutability: readOnly
    • required: false
    • returned: default
    • type: string
    • uniqueness: none
    The type of resource, User or App, that modified this Resource
  • SCIM++ Properties:
    • caseExact: true
    • idcsSearchable: true
    • multiValued: false
    • mutability: readOnly
    • required: true
    • returned: default
    • type: string
    • uniqueness: none
    The ID of the SCIM resource that represents the User or App who modified this Resource
Nested Schema : meta
Type: object
SCIM++ Properties:
  • caseExact: false
  • idcsSearchable: true
  • multiValued: false
  • mutability: readOnly
  • required: false
  • returned: default
  • idcsCsvAttributeNameMappings: [[columnHeaderName:Created Date, mapsTo:meta.created]]
  • type: complex
A complex attribute that contains resource metadata. All sub-attributes are OPTIONAL.
Show Source
  • SCIM++ Properties:
    • caseExact: false
    • idcsSearchable: true
    • multiValued: false
    • mutability: readOnly
    • required: false
    • returned: default
    • type: dateTime
    • uniqueness: none
    The DateTime the Resource was added to the Service Provider
  • SCIM++ Properties:
    • caseExact: false
    • idcsSearchable: true
    • multiValued: false
    • mutability: readOnly
    • required: false
    • returned: default
    • type: dateTime
    • uniqueness: none
    The most recent DateTime that the details of this Resource were updated at the Service Provider. If this Resource has never been modified since its initial creation, the value MUST be the same as the value of created. The attribute MUST be a DateTime.
  • SCIM++ Properties:
    • caseExact: false
    • idcsSearchable: false
    • multiValued: false
    • mutability: readOnly
    • required: false
    • returned: default
    • type: string
    • uniqueness: none
    The URI of the Resource being returned. This value MUST be the same as the Location HTTP response header.
  • SCIM++ Properties:
    • caseExact: false
    • idcsSearchable: false
    • multiValued: false
    • mutability: readOnly
    • required: false
    • returned: default
    • type: string
    • uniqueness: none
    Name of the resource type of the resource--for example, Users or Groups
  • SCIM++ Properties:
    • caseExact: false
    • idcsSearchable: false
    • multiValued: false
    • mutability: readOnly
    • required: false
    • returned: default
    • type: string
    • uniqueness: none
    The version of the Resource being returned. This value must be the same as the ETag HTTP response header.
Nested Schema : tags
Type: array
SCIM++ Properties:
  • idcsCompositeKey: [key, value]
  • idcsSearchable: true
  • multiValued: true
  • mutability: readWrite
  • required: false
  • returned: request
  • type: complex
  • uniqueness: none
A list of tags on this resource.
Show Source
Nested Schema : urn:ietf:params:scim:schemas:oracle:idcs:extension:idcsAppRole:Grant
Type: object
Schema for IDCS AppRole Grant Resource
Show Source
  • appRoleLimitedTo
    Added In: 19.2.1

    SCIM++ Properties:
    • caseExact: false
    • idcsCompositeKey: [value]
    • idcsSearchable: true
    • multiValued: true
    • mutability: readWrite
    • required: false
    • returned: default
    • type: complex
    • uniqueness: none
    Indicates the set of Groups this Grant is limited to.For example, a User granted this AppRole will only be able to manage users that are members of the Groups specified in this attribute.
Nested Schema : tags
Type: object
A list of tags on this resource.
Show Source
  • Maximum Length: 256
    SCIM++ Properties:
    • caseExact: false
    • idcsSearchable: true
    • multiValued: false
    • mutability: readWrite
    • required: true
    • returned: default
    • type: string
    • uniqueness: none
    Key or name of the tag.
  • Maximum Length: 256
    SCIM++ Properties:
    • caseExact: false
    • idcsSearchable: true
    • multiValued: false
    • mutability: readWrite
    • required: true
    • returned: default
    • type: string
    • uniqueness: none
    Value of the tag.
Nested Schema : appRoleLimitedTo
Type: array
Added In: 19.2.1

SCIM++ Properties:
  • caseExact: false
  • idcsCompositeKey: [value]
  • idcsSearchable: true
  • multiValued: true
  • mutability: readWrite
  • required: false
  • returned: default
  • type: complex
  • uniqueness: none
Indicates the set of Groups this Grant is limited to.For example, a User granted this AppRole will only be able to manage users that are members of the Groups specified in this attribute.
Show Source
  • appRoleLimitedTo
    Added In: 19.2.1

    SCIM++ Properties:
    • caseExact: false
    • idcsCompositeKey: [value]
    • idcsSearchable: true
    • multiValued: true
    • mutability: readWrite
    • required: false
    • returned: default
    • type: complex
    • uniqueness: none
    Indicates the set of Groups this Grant is limited to.For example, a User granted this AppRole will only be able to manage users that are members of the Groups specified in this attribute.
Nested Schema : appRoleLimitedTo
Type: object
Added In: 19.2.1

SCIM++ Properties:
  • caseExact: false
  • idcsCompositeKey: [value]
  • idcsSearchable: true
  • multiValued: true
  • mutability: readWrite
  • required: false
  • returned: default
  • type: complex
  • uniqueness: none
Indicates the set of Groups this Grant is limited to.For example, a User granted this AppRole will only be able to manage users that are members of the Groups specified in this attribute.
Show Source
  • Added In: 19.2.1

    SCIM++ Properties:
    • caseExact: true
    • idcsSearchable: false
    • multiValued: false
    • mutability: readOnly
    • required: false
    • returned: default
    • type: reference
    • uniqueness: none
    The URI that corresponds to the member Resource of this Group
  • Added In: 19.2.1

    SCIM++ Properties:
    • caseExact: false
    • idcsSearchable: false
    • multiValued: false
    • mutability: readOnly
    • required: false
    • returned: default
    • type: string
    • uniqueness: none
    Group display name
  • Maximum Length: 10
    Allowed Values: [ "Group" ]
    Added In: 19.2.1

    SCIM++ Properties:
    • caseExact: true
    • idcsSearchable: true
    • multiValued: false
    • mutability: readWrite
    • required: false
    • returned: default
    • type: string
    • uniqueness: none
    Indicates the type of resource--for example, User or Group
  • Maximum Length: 40
    Added In: 19.2.1

    SCIM++ Properties:
    • caseExact: true
    • idcsSearchable: true
    • multiValued: false
    • mutability: readWrite
    • required: true
    • returned: always
    • type: string
    • uniqueness: none
    ID of the resource to which this Idcs AppRole is limited to

400 Response

Bad or invalid request
Body ()
Root Schema : Error
Type: object
The SCIM Protocol uses the HTTP status response status codes defined in Section 6 [RFC7231] to indicate operation success or failure. Refer the available status codes here : Status Codes.
In addition to returning a HTTP response code implementers MUST return the errors in the body of the response in the client requested format containing the error response and, per the HTTP specification, human- readable explanations.
Show Source
  • A detailed, human readable message. OPTIONAL
  • Allowed Values: [ "urn:ietf:params:scim:api:messages:2.0:Error", "urn:ietf:params:scim:api:oracle:idcs:extension:messages:Error" ]
    The schemas attribute is an array of Strings which allows introspection of the supported schema version for a SCIM representation as well any schema extensions supported by that representation. Each String value must be a unique URI. This specification defines URIs for SCIM specified Error and Extn Error Schema. All representations of SCIM schema MUST include a non-zero value array with value(s) of the URIs supported by that representation. Duplicate values MUST NOT be included. Value order is not specified and MUST not impact behavior. REQUIRED.
  • The HTTP status code (see Section 6 [RFC7231]) expressed as a JSON String
  • urn:ietf:params:scim:api:oracle:idcs:extension:messages:Error
    Extension schema for error messages providing more details with the exception status.
    Returns messageId corresponding to the detailed error message and optionally additional data related to the error condition - for example reason for authentication failure such as user is disabled or locked.
Nested Schema : urn:ietf:params:scim:api:oracle:idcs:extension:messages:Error
Type: object
Extension schema for error messages providing more details with the exception status.
Returns messageId corresponding to the detailed error message and optionally additional data related to the error condition - for example reason for authentication failure such as user is disabled or locked.
Show Source
Nested Schema : additionalData
Type: object
Contains Map based additional data for the exception message (as key-value pair). All keys and values are in string format.

401 Response

The supplied credentials, if any, are not sufficient to access the resource.
Body ()
Root Schema : Error
Type: object
The SCIM Protocol uses the HTTP status response status codes defined in Section 6 [RFC7231] to indicate operation success or failure. Refer the available status codes here : Status Codes.
In addition to returning a HTTP response code implementers MUST return the errors in the body of the response in the client requested format containing the error response and, per the HTTP specification, human- readable explanations.
Show Source
  • A detailed, human readable message. OPTIONAL
  • Allowed Values: [ "urn:ietf:params:scim:api:messages:2.0:Error", "urn:ietf:params:scim:api:oracle:idcs:extension:messages:Error" ]
    The schemas attribute is an array of Strings which allows introspection of the supported schema version for a SCIM representation as well any schema extensions supported by that representation. Each String value must be a unique URI. This specification defines URIs for SCIM specified Error and Extn Error Schema. All representations of SCIM schema MUST include a non-zero value array with value(s) of the URIs supported by that representation. Duplicate values MUST NOT be included. Value order is not specified and MUST not impact behavior. REQUIRED.
  • The HTTP status code (see Section 6 [RFC7231]) expressed as a JSON String
  • urn:ietf:params:scim:api:oracle:idcs:extension:messages:Error
    Extension schema for error messages providing more details with the exception status.
    Returns messageId corresponding to the detailed error message and optionally additional data related to the error condition - for example reason for authentication failure such as user is disabled or locked.
Nested Schema : urn:ietf:params:scim:api:oracle:idcs:extension:messages:Error
Type: object
Extension schema for error messages providing more details with the exception status.
Returns messageId corresponding to the detailed error message and optionally additional data related to the error condition - for example reason for authentication failure such as user is disabled or locked.
Show Source
Nested Schema : additionalData
Type: object
Contains Map based additional data for the exception message (as key-value pair). All keys and values are in string format.

404 Response

The requested resource could not be found.
Body ()
Root Schema : Error
Type: object
The SCIM Protocol uses the HTTP status response status codes defined in Section 6 [RFC7231] to indicate operation success or failure. Refer the available status codes here : Status Codes.
In addition to returning a HTTP response code implementers MUST return the errors in the body of the response in the client requested format containing the error response and, per the HTTP specification, human- readable explanations.
Show Source
  • A detailed, human readable message. OPTIONAL
  • Allowed Values: [ "urn:ietf:params:scim:api:messages:2.0:Error", "urn:ietf:params:scim:api:oracle:idcs:extension:messages:Error" ]
    The schemas attribute is an array of Strings which allows introspection of the supported schema version for a SCIM representation as well any schema extensions supported by that representation. Each String value must be a unique URI. This specification defines URIs for SCIM specified Error and Extn Error Schema. All representations of SCIM schema MUST include a non-zero value array with value(s) of the URIs supported by that representation. Duplicate values MUST NOT be included. Value order is not specified and MUST not impact behavior. REQUIRED.
  • The HTTP status code (see Section 6 [RFC7231]) expressed as a JSON String
  • urn:ietf:params:scim:api:oracle:idcs:extension:messages:Error
    Extension schema for error messages providing more details with the exception status.
    Returns messageId corresponding to the detailed error message and optionally additional data related to the error condition - for example reason for authentication failure such as user is disabled or locked.
Nested Schema : urn:ietf:params:scim:api:oracle:idcs:extension:messages:Error
Type: object
Extension schema for error messages providing more details with the exception status.
Returns messageId corresponding to the detailed error message and optionally additional data related to the error condition - for example reason for authentication failure such as user is disabled or locked.
Show Source
Nested Schema : additionalData
Type: object
Contains Map based additional data for the exception message (as key-value pair). All keys and values are in string format.

500 Response

We couldn't return the representation due to an internal server error.
Body ()
Root Schema : Error
Type: object
The SCIM Protocol uses the HTTP status response status codes defined in Section 6 [RFC7231] to indicate operation success or failure. Refer the available status codes here : Status Codes.
In addition to returning a HTTP response code implementers MUST return the errors in the body of the response in the client requested format containing the error response and, per the HTTP specification, human- readable explanations.
Show Source
  • A detailed, human readable message. OPTIONAL
  • Allowed Values: [ "urn:ietf:params:scim:api:messages:2.0:Error", "urn:ietf:params:scim:api:oracle:idcs:extension:messages:Error" ]
    The schemas attribute is an array of Strings which allows introspection of the supported schema version for a SCIM representation as well any schema extensions supported by that representation. Each String value must be a unique URI. This specification defines URIs for SCIM specified Error and Extn Error Schema. All representations of SCIM schema MUST include a non-zero value array with value(s) of the URIs supported by that representation. Duplicate values MUST NOT be included. Value order is not specified and MUST not impact behavior. REQUIRED.
  • The HTTP status code (see Section 6 [RFC7231]) expressed as a JSON String
  • urn:ietf:params:scim:api:oracle:idcs:extension:messages:Error
    Extension schema for error messages providing more details with the exception status.
    Returns messageId corresponding to the detailed error message and optionally additional data related to the error condition - for example reason for authentication failure such as user is disabled or locked.
Nested Schema : urn:ietf:params:scim:api:oracle:idcs:extension:messages:Error
Type: object
Extension schema for error messages providing more details with the exception status.
Returns messageId corresponding to the detailed error message and optionally additional data related to the error condition - for example reason for authentication failure such as user is disabled or locked.
Show Source
Nested Schema : additionalData
Type: object
Contains Map based additional data for the exception message (as key-value pair). All keys and values are in string format.
Back to Top

Examples

The following example shows how to search for IDCS app role grants by submitting a POST request on the REST resource using cURL. For more information about cURL, see Use cURL.

cURL Command

Note:

The command in this example uses the URL structure https://tenant-base-url/resource-path, where tenant-base-url represents the Identity Service URL, and the resource path represents the Identity Service API. See Send Requests for the appropriate URL structure to use.
curl
-X POST
-H "Content-Type:application/json"
-H "Authorization: Bearer <Access Token Value>
https://tenant-base-url/admin/v1/IdcsAppRoleGrants/.search

Example of Request Body

The following shows an example of the request body in JSON format:

{
    "schemas": [
        "urn:ietf:params:scim:api:messages:2.0:SearchRequest"
    ]
}

Example of Response Body

The following example shows the contents of the response body in JSON format:

{
    "schemas": [
        "urn:ietf:params:scim:api:messages:2.0:ListResponse"
    ],
    "totalResults": 1,
    "Resources": [
        {
            "isFulfilled": true,
            "idcsLastModifiedBy": {
                "type": "User",
                "value": "877a1ef93f6d4eb69fd15107de072bac",
                "display": "admin opc",
                "$ref": "http://host.us.oracle.com:8990/admin/v1/Users/877a1ef93f6d4eb69fd15107de072bac"
            },
            "idcsCreatedBy": {
                "type": "User",
                "display": "admin opc",
                "value": "877a1ef93f6d4eb69fd15107de072bac",
                "$ref": "http://host.us.oracle.com:8990/admin/v1/Users/877a1ef93f6d4eb69fd15107de072bac"
            },
            "id": "1f3aab5d6ac34ee988445d61d0468f83",
            "meta": {
                "created": "2018-10-16T08:27:57.084Z",
                "lastModified": "2018-10-16T08:27:57.084Z",
                "resourceType": "IdcsAppRoleGrant",
                "location": "http://host.us.oracle.com:8990/admin/v1/IdcsAppRoleGrants/1f3aab5d6ac34ee988445d61d0468f83"
            },
            "grantMechanism": "ADMINISTRATOR_TO_USER",
            "app": {
                "value": "IDCSAppId",
                "$ref": "http://host.us.oracle.com:8990/admin/v1/Apps/IDCSAppId"
            },
            "grantee": {
                "type": "User",
                "value": "80d0662933044a4c9b91d853a36aca31",
                "$ref": "http://host.us.oracle.com:8990/admin/v1/Users/80d0662933044a4c9b91d853a36aca31"
            },
            "entitlement": {
                "attributeValue": "49ab481d1afc46cfb8665a29fc305b1d",
                "attributeName": "appRoles"
            },
            "grantor": {
                "type": "User",
                "value": "877a1ef93f6d4eb69fd15107de072bac",
                "$ref": "http://host.us.oracle.com:8990/admin/v1/Users/877a1ef93f6d4eb69fd15107de072bac"
            },
            "urn:ietf:params:scim:schemas:oracle:idcs:extension:idcsAppRole:Grant": {
                "appRoleLimitedTo": [
                    {
                        "value": "e1152cacb0354f769be704733d641a46",
                        "type": "Group",
                        "$ref": "http://host.us.oracle.com:8990/admin/v1/Groups/e1152cacb0354f769be704733d641a46"
                    }
                ]
            },
            "schemas": [
                "urn:ietf:params:scim:schemas:oracle:idcs:Grant",
                "urn:ietf:params:scim:schemas:oracle:idcs:extension:idcsAppRole:Grant"
            ]
        }
    ],
    "startIndex": 1,
    "itemsPerPage": 50
}
Back to Top