ADD AUTHORIZATIONPROFILE
When a profile is created for an Oracle GoldenGate deployment, the content which describes the profile will exist only in that deployment. This applies for both Service Manager deployments and non-Service Manager deployments. Information that is not sensitive will be stored with other configuration data. All profile information will be available throughout the entire Oracle GoldenGate deployment however, the profile information is not shared across deployments.
Note:
You cannot create, modify or delete thelocalCredentialStore
profile. This
profile will always exist.
Syntax:
ADD AUTHORIZATIONPROFILE profile-name
DEPLOYMENT deployment-name
IDCS
ID client-id [ SECRET client-secret ]
DISCOVERYURI discovery-uri
GROUPS
SECURITY security-group
[ ADMINISTRATOR administrator-group ]
[ OPERATOR operator-group ]
[ USER user-group ]
[ TTLSECONDS ttl-number ]
[ DESCRIPTION description ]
-
ID client-id SECRET client-secret
-
Specify the IDP Application's client ID and IDP Application’s Client Secret (securely stored).
-
DISCOVERYURI discovery-uri
-
IDP server's OpenID Discovery Docs endpoint.
-
GROUPS
-
IDP groups to Oracle GoldenGate user roles mapping. Possible values are:
-
SECURITYGROUP security-group
(Mandatory) -
[ADMINGROUP admin-group]
-
[OPERATORGROUP operator-group]
-
[USERGROUP user-group]
See Add New Users to the Deployment to know about Oracle GoldenGate user roles and privileges.
-
Example
ADD AUTHORIZATIONPROFILE apn
DEPLOYMENT IDCS CLIENT ID SECRET DISCOVERYURI
GROUPS SECURITY group_security OPERATOR group_operator
Note:
When you successfully create the authorization profile, the system will not show any success message. This behavior occurs with other commands use for authorization profile management, includingALTER AUTHORIZATIONPROFILE
, VALIDATE AUTHORIZATIONPROFILE
, and
DELETE AUTHORIZATIONPROFILE
.
Parent topic: Admin Client Command Line Interface Commands