@Generated(value="OracleSDKGenerator", comments="API Version: 20160918") public class IdentityClient extends BaseSyncClient implements Identity
Modifier and Type | Class and Description |
---|---|
static class |
IdentityClient.Builder
Builder class for this client.
|
Modifier and Type | Field and Description |
---|---|
String |
clientCommonLibraryVersion
Compatible SDK version, provided by the codegen.
|
Optional<String> |
minimumClientCommonLibraryVersionFromClient
Minimum compatible SDK version, maybe provided by the codegen.
|
static Service |
SERVICE
Service instance for Identity.
|
Constructor and Description |
---|
IdentityClient(AbstractAuthenticationDetailsProvider authenticationDetailsProvider,
ClientConfiguration configuration,
ClientConfigurator clientConfigurator,
RequestSignerFactory defaultRequestSignerFactory)
Deprecated.
Use the
builder instead. |
IdentityClient(AbstractAuthenticationDetailsProvider authenticationDetailsProvider,
ClientConfiguration configuration,
ClientConfigurator clientConfigurator,
RequestSignerFactory defaultRequestSignerFactory,
List<ClientConfigurator> additionalClientConfigurators)
Deprecated.
Use the
builder instead. |
IdentityClient(AbstractAuthenticationDetailsProvider authenticationDetailsProvider,
ClientConfiguration configuration,
ClientConfigurator clientConfigurator,
RequestSignerFactory defaultRequestSignerFactory,
List<ClientConfigurator> additionalClientConfigurators,
String endpoint)
Deprecated.
Use the
builder instead. |
IdentityClient(AbstractAuthenticationDetailsProvider authenticationDetailsProvider,
ClientConfiguration configuration,
ClientConfigurator clientConfigurator,
RequestSignerFactory defaultRequestSignerFactory,
Map<SigningStrategy,RequestSignerFactory> signingStrategyRequestSignerFactories,
List<ClientConfigurator> additionalClientConfigurators,
String endpoint)
Deprecated.
Use the
builder instead. |
IdentityClient(AbstractAuthenticationDetailsProvider authenticationDetailsProvider,
ClientConfiguration configuration,
ClientConfigurator clientConfigurator,
RequestSignerFactory defaultRequestSignerFactory,
Map<SigningStrategy,RequestSignerFactory> signingStrategyRequestSignerFactories,
List<ClientConfigurator> additionalClientConfigurators,
String endpoint,
ExecutorService executorService)
Deprecated.
Use the
builder instead. |
IdentityClient(BasicAuthenticationDetailsProvider authenticationDetailsProvider)
Deprecated.
Use the
builder instead. |
IdentityClient(BasicAuthenticationDetailsProvider authenticationDetailsProvider,
ClientConfiguration configuration)
Deprecated.
Use the
builder instead. |
IdentityClient(BasicAuthenticationDetailsProvider authenticationDetailsProvider,
ClientConfiguration configuration,
ClientConfigurator clientConfigurator)
Deprecated.
Use the
builder instead. |
clientCall
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
getEndpoint, refreshClient, setEndpoint, useRealmSpecificEndpointTemplate
close
public static final Service SERVICE
Service instance for Identity.
public final String clientCommonLibraryVersion
@Deprecated public IdentityClient(BasicAuthenticationDetailsProvider authenticationDetailsProvider)
builder
instead.Create a new client instance.
authenticationDetailsProvider
- The authentication details (see IdentityClient.Builder.build(com.oracle.bmc.auth.AbstractAuthenticationDetailsProvider)
)@Deprecated public IdentityClient(BasicAuthenticationDetailsProvider authenticationDetailsProvider, ClientConfiguration configuration)
builder
instead.Create a new client instance.
authenticationDetailsProvider
- The authentication details (see IdentityClient.Builder.build(com.oracle.bmc.auth.AbstractAuthenticationDetailsProvider)
)configuration
- ClientBuilderBase.configuration
@Deprecated public IdentityClient(BasicAuthenticationDetailsProvider authenticationDetailsProvider, ClientConfiguration configuration, ClientConfigurator clientConfigurator)
builder
instead.Create a new client instance.
authenticationDetailsProvider
- The authentication details (see IdentityClient.Builder.build(com.oracle.bmc.auth.AbstractAuthenticationDetailsProvider)
)configuration
- ClientBuilderBase.configuration
clientConfigurator
- ClientBuilderBase.clientConfigurator(com.oracle.bmc.http.ClientConfigurator)
@Deprecated public IdentityClient(AbstractAuthenticationDetailsProvider authenticationDetailsProvider, ClientConfiguration configuration, ClientConfigurator clientConfigurator, RequestSignerFactory defaultRequestSignerFactory)
builder
instead.Create a new client instance.
authenticationDetailsProvider
- The authentication details (see IdentityClient.Builder.build(com.oracle.bmc.auth.AbstractAuthenticationDetailsProvider)
)configuration
- ClientBuilderBase.configuration
clientConfigurator
- ClientBuilderBase.clientConfigurator(com.oracle.bmc.http.ClientConfigurator)
defaultRequestSignerFactory
- ClientBuilderBase.requestSignerFactory
@Deprecated public IdentityClient(AbstractAuthenticationDetailsProvider authenticationDetailsProvider, ClientConfiguration configuration, ClientConfigurator clientConfigurator, RequestSignerFactory defaultRequestSignerFactory, List<ClientConfigurator> additionalClientConfigurators)
builder
instead.Create a new client instance.
authenticationDetailsProvider
- The authentication details (see IdentityClient.Builder.build(com.oracle.bmc.auth.AbstractAuthenticationDetailsProvider)
)configuration
- ClientBuilderBase.configuration
clientConfigurator
- ClientBuilderBase.clientConfigurator(com.oracle.bmc.http.ClientConfigurator)
defaultRequestSignerFactory
- ClientBuilderBase.requestSignerFactory
additionalClientConfigurators
- ClientBuilderBase.additionalClientConfigurators
@Deprecated public IdentityClient(AbstractAuthenticationDetailsProvider authenticationDetailsProvider, ClientConfiguration configuration, ClientConfigurator clientConfigurator, RequestSignerFactory defaultRequestSignerFactory, List<ClientConfigurator> additionalClientConfigurators, String endpoint)
builder
instead.Create a new client instance.
authenticationDetailsProvider
- The authentication details (see IdentityClient.Builder.build(com.oracle.bmc.auth.AbstractAuthenticationDetailsProvider)
)configuration
- ClientBuilderBase.configuration
clientConfigurator
- ClientBuilderBase.clientConfigurator(com.oracle.bmc.http.ClientConfigurator)
defaultRequestSignerFactory
- ClientBuilderBase.requestSignerFactory
additionalClientConfigurators
- ClientBuilderBase.additionalClientConfigurators
endpoint
- ClientBuilderBase.endpoint(java.lang.String)
@Deprecated public IdentityClient(AbstractAuthenticationDetailsProvider authenticationDetailsProvider, ClientConfiguration configuration, ClientConfigurator clientConfigurator, RequestSignerFactory defaultRequestSignerFactory, Map<SigningStrategy,RequestSignerFactory> signingStrategyRequestSignerFactories, List<ClientConfigurator> additionalClientConfigurators, String endpoint)
builder
instead.Create a new client instance.
authenticationDetailsProvider
- The authentication details (see IdentityClient.Builder.build(com.oracle.bmc.auth.AbstractAuthenticationDetailsProvider)
)configuration
- ClientBuilderBase.configuration
clientConfigurator
- ClientBuilderBase.clientConfigurator(com.oracle.bmc.http.ClientConfigurator)
defaultRequestSignerFactory
- ClientBuilderBase.requestSignerFactory
additionalClientConfigurators
- ClientBuilderBase.additionalClientConfigurators
endpoint
- ClientBuilderBase.endpoint(java.lang.String)
signingStrategyRequestSignerFactories
- ClientBuilderBase.signingStrategyRequestSignerFactories
@Deprecated public IdentityClient(AbstractAuthenticationDetailsProvider authenticationDetailsProvider, ClientConfiguration configuration, ClientConfigurator clientConfigurator, RequestSignerFactory defaultRequestSignerFactory, Map<SigningStrategy,RequestSignerFactory> signingStrategyRequestSignerFactories, List<ClientConfigurator> additionalClientConfigurators, String endpoint, ExecutorService executorService)
builder
instead.Create a new client instance.
authenticationDetailsProvider
- The authentication details (see IdentityClient.Builder.build(com.oracle.bmc.auth.AbstractAuthenticationDetailsProvider)
)configuration
- ClientBuilderBase.configuration
clientConfigurator
- ClientBuilderBase.clientConfigurator(com.oracle.bmc.http.ClientConfigurator)
defaultRequestSignerFactory
- ClientBuilderBase.requestSignerFactory
additionalClientConfigurators
- ClientBuilderBase.additionalClientConfigurators
endpoint
- ClientBuilderBase.endpoint(java.lang.String)
signingStrategyRequestSignerFactories
- ClientBuilderBase.signingStrategyRequestSignerFactories
executorService
- IdentityClient.Builder.executorService
public static IdentityClient.Builder builder()
Create a builder for this client.
public void setRegion(Region region)
Identity
Sets the region to call (ex, Region.US_PHOENIX_1).
Note, this will call setEndpoint
after resolving the
endpoint. If the service is not available in this Region, however, an
IllegalArgumentException will be raised.
public void setRegion(String regionId)
Identity
Sets the region to call (ex, ‘us-phoenix-1’).
Note, this will first try to map the region ID to a known Region and call setRegion
.
If no known Region could be determined, it will create an endpoint based on the default
endpoint format (Region.formatDefaultRegionEndpoint(Service, String)
and then call setEndpoint
.
public ActivateDomainResponse activateDomain(ActivateDomainRequest request)
Identity
(For tenancies that support identity domains) Activates a deactivated identity domain. You can only activate identity domains that your user account is not a part of.
After you send the request, the `lifecycleDetails` of the identity domain is set to ACTIVATING. When the operation completes, the `lifecycleDetails` is set to null and the `lifecycleState` of the identity domain is set to ACTIVE.
To track the progress of the request, submitting an HTTP GET on the /iamWorkRequests/{iamWorkRequestsId} endpoint retrieves the operation's status.
activateDomain
in interface Identity
request
- The request object containing the details to sendpublic ActivateMfaTotpDeviceResponse activateMfaTotpDevice(ActivateMfaTotpDeviceRequest request)
Identity
Activates the specified MFA TOTP device for the user. Activation requires manual interaction with the Console.
activateMfaTotpDevice
in interface Identity
request
- The request object containing the details to sendpublic AddTagDefaultLockResponse addTagDefaultLock(AddTagDefaultLockRequest request)
Identity
Add a resource lock to a tag default.
addTagDefaultLock
in interface Identity
request
- The request object containing the details to sendpublic AddTagNamespaceLockResponse addTagNamespaceLock(AddTagNamespaceLockRequest request)
Identity
Add a resource lock to a tag namespace.
addTagNamespaceLock
in interface Identity
request
- The request object containing the details to sendpublic AddUserToGroupResponse addUserToGroup(AddUserToGroupRequest request)
Identity
Adds the specified user to the specified group and returns a UserGroupMembership
object
with its own OCID.
After you send your request, the new object's `lifecycleState` will temporarily be CREATING. Before using the object, first make sure its `lifecycleState` has changed to ACTIVE.
addUserToGroup
in interface Identity
request
- The request object containing the details to sendpublic AssembleEffectiveTagSetResponse assembleEffectiveTagSet(AssembleEffectiveTagSetRequest request)
Identity
Assembles tag defaults in the specified compartment and any parent compartments to determine the tags to apply. Tag defaults from parent compartments do not override tag defaults referencing the same tag in a compartment lower down the hierarchy. This set of tag defaults includes all tag defaults from the current compartment back to the root compartment.
assembleEffectiveTagSet
in interface Identity
request
- The request object containing the details to sendpublic BulkDeleteResourcesResponse bulkDeleteResources(BulkDeleteResourcesRequest request)
Identity
Deletes multiple resources in the compartment. All resources must be in the same compartment.
You must have the appropriate permissions to delete the resources in the request. This API
can only be invoked from the tenancy’s home
region.
This operation creates a WorkRequest
. Use the getWorkRequest
API to monitor the status of the bulk
action.
bulkDeleteResources
in interface Identity
request
- The request object containing the details to sendpublic BulkDeleteTagsResponse bulkDeleteTags(BulkDeleteTagsRequest request)
Identity
Deletes the specified tag key definitions. This operation triggers a process that removes the tags from all resources in your tenancy. The tag key definitions must be within the same tag namespace.
The following actions happen immediately:
If the tag is a cost-tracking tag, the tag no longer counts against your 10 cost-tracking tags limit, even if you do not disable the tag before running this operation. * If the tag is used with dynamic groups, the rules that contain the tag are no longer evaluated against the tag.
After you start this operation, the state of the tag changes to DELETING, and tag removal from resources begins. This process can take up to 48 hours depending on the number of resources that are tagged and the regions in which those resources reside.
When all tags have been removed, the state changes to DELETED. You cannot restore a deleted tag. After the tag state changes to DELETED, you can use the same tag name again.
After you start this operation, you cannot start either the deleteTag
or the cascadeDeleteTagNamespace
operation until this process completes.
In order to delete tags, you must first retire the tags. Use updateTag
to retire a tag.
bulkDeleteTags
in interface Identity
request
- The request object containing the details to sendpublic BulkEditTagsResponse bulkEditTags(BulkEditTagsRequest request)
Identity
Edits the specified list of tag key definitions for the selected resources. This operation triggers a process that edits the tags on all selected resources. The possible actions are:
Add a defined tag when the tag does not already exist on the resource. * Update the value for a defined tag when the tag is present on the resource. * Add a defined tag when it does not already exist on the resource or update the value for a defined tag when the tag is present on the resource. * Remove a defined tag from a resource. The tag is removed from the resource regardless of the tag value.
See bulkEditOperationDetails
for more information.
The edits can include a combination of operations and tag sets. However, multiple operations cannot apply to one key definition in the same request. For example, if one request adds `tag set-1` to a resource and sets a tag value to `tag set-2`, `tag set-1` and `tag set-2` cannot have any common tag definitions.
bulkEditTags
in interface Identity
request
- The request object containing the details to sendpublic BulkMoveResourcesResponse bulkMoveResources(BulkMoveResourcesRequest request)
Identity
Moves multiple resources from one compartment to another. All resources must be in the same
compartment. This API can only be invoked from the tenancy’s home
region. To
move resources, you must have the appropriate permissions to move the resource in both the
source and target compartments. This operation creates a WorkRequest
. Use the getWorkRequest
API to monitor the status of the bulk
action.
bulkMoveResources
in interface Identity
request
- The request object containing the details to sendpublic CascadeDeleteTagNamespaceResponse cascadeDeleteTagNamespace(CascadeDeleteTagNamespaceRequest request)
Identity
Deletes the specified tag namespace. This operation triggers a process that removes all of the tags defined in the specified tag namespace from all resources in your tenancy and then deletes the tag namespace.
After you start the delete operation:
New tag key definitions cannot be created under the namespace. * The state of the tag namespace changes to DELETING. * Tag removal from the resources begins.
This process can take up to 48 hours depending on the number of tag definitions in the namespace, the number of resources that are tagged, and the locations of the regions in which those resources reside.
After all tags are removed, the state changes to DELETED. You cannot restore a deleted tag namespace. After the deleted tag namespace changes its state to DELETED, you can use the name of the deleted tag namespace again.
After you start this operation, you cannot start either the deleteTag
or the bulkDeleteTags
operation until this process completes.
To delete a tag namespace, you must first retire it. Use updateTagNamespace
to retire a tag namespace.
cascadeDeleteTagNamespace
in interface Identity
request
- The request object containing the details to sendpublic ChangeDomainCompartmentResponse changeDomainCompartment(ChangeDomainCompartmentRequest request)
Identity
(For tenancies that support identity domains) Moves the identity domain to a different compartment in the tenancy.
To track the progress of the request, submitting an HTTP GET on the /iamWorkRequests/{iamWorkRequestsId} endpoint retrieves the operation's status.
changeDomainCompartment
in interface Identity
request
- The request object containing the details to sendpublic ChangeDomainLicenseTypeResponse changeDomainLicenseType(ChangeDomainLicenseTypeRequest request)
Identity
(For tenancies that support identity domains) Changes the license type of the given identity
domain. The identity domain’s lifecycleState
must be set to ACTIVE and the requested
licenseType
must be allowed. To retrieve the allowed licenseType
for the identity domain,
use listAllowedDomainLicenseTypes
.
After you send your request, the `lifecycleDetails` of this identity domain is set to UPDATING. When the update of the identity domain completes, then the `lifecycleDetails` is set to null.
To track the progress of the request, submitting an HTTP GET on the /iamWorkRequests/{iamWorkRequestsId} endpoint retrieves the operation's status.
changeDomainLicenseType
in interface Identity
request
- The request object containing the details to sendpublic ChangeTagNamespaceCompartmentResponse changeTagNamespaceCompartment(ChangeTagNamespaceCompartmentRequest request)
Identity
Moves the specified tag namespace to the specified compartment within the same tenancy.
To move the tag namespace, you must have the manage tag-namespaces permission on both compartments. For more information about IAM policies, see [Details for IAM](https://docs.cloud.oracle.com/Content/Identity/policyreference/iampolicyreference.htm).
Moving a tag namespace moves all the tag key definitions contained in the tag namespace.
changeTagNamespaceCompartment
in interface Identity
request
- The request object containing the details to sendpublic CreateAuthTokenResponse createAuthToken(CreateAuthTokenRequest request)
Identity
Creates a new auth token for the specified user. For information about what auth tokens are for, see Managing User Credentials.
You must specify a *description* for the auth token (although it can be an empty string).
It does not have to be unique, and you can change it anytime with updateAuthToken
.
Every user has permission to create an auth token for *their own user ID*. An administrator in your organization does not need to write a policy to give users this ability. To compare, administrators who have permission to the tenancy can use this operation to create an auth token for any user, including themselves.
createAuthToken
in interface Identity
request
- The request object containing the details to sendpublic CreateCompartmentResponse createCompartment(CreateCompartmentRequest request)
Identity
Creates a new compartment in the specified compartment.
Specify the parent compartment's OCID as the compartment ID in the request object. Remember that the tenancy is simply the root compartment. For information about OCIDs, see [Resource Identifiers](https://docs.cloud.oracle.com/Content/General/Concepts/identifiers.htm).
You must also specify a *name* for the compartment, which must be unique across all compartments in your tenancy. You can use this name or the OCID when writing policies that apply to the compartment. For more information about policies, see [How Policies Work](https://docs.cloud.oracle.com/Content/Identity/policieshow/how-policies-work.htm).
You must also specify a *description* for the compartment (although it can be an empty
string). It does not have to be unique, and you can change it anytime with updateCompartment
.
After you send your request, the new object's `lifecycleState` will temporarily be CREATING. Before using the object, first make sure its `lifecycleState` has changed to ACTIVE.
createCompartment
in interface Identity
request
- The request object containing the details to sendpublic CreateCustomerSecretKeyResponse createCustomerSecretKey(CreateCustomerSecretKeyRequest request)
Identity
Creates a new secret key for the specified user. Secret keys are used for authentication with the Object Storage Service’s Amazon S3 compatible API. The secret key consists of an Access Key/Secret Key pair. For information, see Managing User Credentials.
You must specify a *description* for the secret key (although it can be an empty string).
It does not have to be unique, and you can change it anytime with updateCustomerSecretKey
.
Every user has permission to create a secret key for *their own user ID*. An administrator in your organization does not need to write a policy to give users this ability. To compare, administrators who have permission to the tenancy can use this operation to create a secret key for any user, including themselves.
createCustomerSecretKey
in interface Identity
request
- The request object containing the details to sendpublic CreateDbCredentialResponse createDbCredential(CreateDbCredentialRequest request)
Identity
Creates a new DB credential for the specified user.
createDbCredential
in interface Identity
request
- The request object containing the details to sendpublic CreateDomainResponse createDomain(CreateDomainRequest request)
Identity
(For tenancies that support identity domains) Creates a new identity domain in the tenancy
with the identity domain home in homeRegion
. After you send your request, the temporary
lifecycleState
of this identity domain is set to CREATING and lifecycleDetails
to
UPDATING. When creation of the identity domain completes, this identity domain’s
lifecycleState
is set to ACTIVE and lifecycleDetails
to null.
To track the progress of the request, submitting an HTTP GET on the /iamWorkRequests/{iamWorkRequestsId} endpoint retrieves the operation's status.
After creating an `identity domain`, first make sure its `lifecycleState` changes from CREATING to ACTIVE before you use it.
createDomain
in interface Identity
request
- The request object containing the details to sendpublic CreateDynamicGroupResponse createDynamicGroup(CreateDynamicGroupRequest request)
Identity
Creates a new dynamic group in your tenancy.
You must specify your tenancy's OCID as the compartment ID in the request object (remember that the tenancy is simply the root compartment). Notice that IAM resources (users, groups, compartments, and some policies) reside within the tenancy itself, unlike cloud resources such as compute instances, which typically reside within compartments inside the tenancy. For information about OCIDs, see [Resource Identifiers](https://docs.cloud.oracle.com/Content/General/Concepts/identifiers.htm).
You must also specify a *name* for the dynamic group, which must be unique across all dynamic groups in your tenancy, and cannot be changed. Note that this name has to be also unique across all groups in your tenancy. You can use this name or the OCID when writing policies that apply to the dynamic group. For more information about policies, see [How Policies Work](https://docs.cloud.oracle.com/Content/Identity/policieshow/how-policies-work.htm).
You must also specify a *description* for the dynamic group (although it can be an empty
string). It does not have to be unique, and you can change it anytime with updateDynamicGroup
.
After you send your request, the new object's `lifecycleState` will temporarily be CREATING. Before using the object, first make sure its `lifecycleState` has changed to ACTIVE.
createDynamicGroup
in interface Identity
request
- The request object containing the details to sendpublic CreateGroupResponse createGroup(CreateGroupRequest request)
Identity
Creates a new group in your tenancy.
You must specify your tenancy's OCID as the compartment ID in the request object (remember that the tenancy is simply the root compartment). Notice that IAM resources (users, groups, compartments, and some policies) reside within the tenancy itself, unlike cloud resources such as compute instances, which typically reside within compartments inside the tenancy. For information about OCIDs, see [Resource Identifiers](https://docs.cloud.oracle.com/Content/General/Concepts/identifiers.htm).
You must also specify a *name* for the group, which must be unique across all groups in your tenancy and cannot be changed. You can use this name or the OCID when writing policies that apply to the group. For more information about policies, see [How Policies Work](https://docs.cloud.oracle.com/Content/Identity/policieshow/how-policies-work.htm).
You must also specify a *description* for the group (although it can be an empty string).
It does not have to be unique, and you can change it anytime with updateGroup
.
After you send your request, the new object's `lifecycleState` will temporarily be CREATING. Before using the object, first make sure its `lifecycleState` has changed to ACTIVE.
After creating the group, you need to put users in it and write policies for it. See
addUserToGroup
and createPolicy
.
createGroup
in interface Identity
request
- The request object containing the details to sendpublic CreateIdentityProviderResponse createIdentityProvider(CreateIdentityProviderRequest request)
Identity
Deprecated. For more information, see Deprecated IAM Service APIs.
Creates a new identity provider in your tenancy. For more information, see [Identity Providers and Federation](https://docs.cloud.oracle.com/Content/Identity/Concepts/federation.htm).
You must specify your tenancy's OCID as the compartment ID in the request object. Remember that the tenancy is simply the root compartment. For information about OCIDs, see [Resource Identifiers](https://docs.cloud.oracle.com/Content/General/Concepts/identifiers.htm).
You must also specify a *name* for the `IdentityProvider`, which must be unique across all `IdentityProvider` objects in your tenancy and cannot be changed.
You must also specify a *description* for the `IdentityProvider` (although it can be an
empty string). It does not have to be unique, and you can change it anytime with updateIdentityProvider
.
After you send your request, the new object's `lifecycleState` will temporarily be CREATING. Before using the object, first make sure its `lifecycleState` has changed to ACTIVE.
createIdentityProvider
in interface Identity
request
- The request object containing the details to sendpublic CreateIdpGroupMappingResponse createIdpGroupMapping(CreateIdpGroupMappingRequest request)
Identity
Deprecated. For more information, see Deprecated IAM Service APIs.
Creates a single mapping between an IdP group and an IAM Service Group
.
createIdpGroupMapping
in interface Identity
request
- The request object containing the details to sendpublic CreateMfaTotpDeviceResponse createMfaTotpDevice(CreateMfaTotpDeviceRequest request)
Identity
Creates a new MFA TOTP device for the user. A user can have one MFA TOTP device.
createMfaTotpDevice
in interface Identity
request
- The request object containing the details to sendpublic CreateNetworkSourceResponse createNetworkSource(CreateNetworkSourceRequest request)
Identity
Creates a new network source in your tenancy.
You must specify your tenancy's OCID as the compartment ID in the request object (remember that the tenancy is simply the root compartment). Notice that IAM resources (users, groups, compartments, and some policies) reside within the tenancy itself, unlike cloud resources such as compute instances, which typically reside within compartments inside the tenancy. For information about OCIDs, see [Resource Identifiers](https://docs.cloud.oracle.com/Content/General/Concepts/identifiers.htm).
You must also specify a *name* for the network source, which must be unique across all network sources in your tenancy, and cannot be changed. You can use this name or the OCID when writing policies that apply to the network source. For more information about policies, see [How Policies Work](https://docs.cloud.oracle.com/Content/Identity/policieshow/how-policies-work.htm).
You must also specify a *description* for the network source (although it can be an empty
string). It does not have to be unique, and you can change it anytime with updateNetworkSource
.
After you send your request, the new object's `lifecycleState` will temporarily be CREATING. Before using the object, first make sure its `lifecycleState` has changed to ACTIVE.
After your network resource is created, you can use it in policy to restrict access to only requests made from an allowed IP address specified in your network source. For more information, see [Managing Network Sources](https://docs.cloud.oracle.com/Content/Identity/Tasks/managingnetworksources.htm).
createNetworkSource
in interface Identity
request
- The request object containing the details to sendpublic CreateOAuthClientCredentialResponse createOAuthClientCredential(CreateOAuthClientCredentialRequest request)
Identity
Creates Oauth token for the user
createOAuthClientCredential
in interface Identity
request
- The request object containing the details to sendpublic CreateOrResetUIPasswordResponse createOrResetUIPassword(CreateOrResetUIPasswordRequest request)
Identity
Creates a new Console one-time password for the specified user. For more information about user credentials, see User Credentials.
Use this operation after creating a new user, or if a user forgets their password. The new one-time password is returned to you in the response, and you must securely deliver it to the user. They'll be prompted to change this password the next time they sign in to the Console. If they don't change it within 7 days, the password will expire and you'll need to create a new one-time password for the user.
(For tenancies that support identity domains) Resetting a user's password generates a reset password email with a link that the user must follow to reset their password. If the user does not reset their password before the link expires, you'll need to reset the user's password again.
*Note:** The user's Console login is the unique name you specified when you created the
user (see createUser
).
createOrResetUIPassword
in interface Identity
request
- The request object containing the details to sendpublic CreatePolicyResponse createPolicy(CreatePolicyRequest request)
Identity
Creates a new policy in the specified compartment (either the tenancy or another of your compartments). If you’re new to policies, see Get Started with Policies.
You must specify a *name* for the policy, which must be unique across all policies in your tenancy and cannot be changed.
You must also specify a *description* for the policy (although it can be an empty string).
It does not have to be unique, and you can change it anytime with updatePolicy
.
You must specify one or more policy statements in the statements array. For information about writing policies, see [How Policies Work](https://docs.cloud.oracle.com/Content/Identity/policieshow/how-policies-work.htm) and [Common Policies](https://docs.cloud.oracle.com/Content/Identity/policiescommon/commonpolicies.htm).
After you send your request, the new object's `lifecycleState` will temporarily be CREATING. Before using the object, first make sure its `lifecycleState` has changed to ACTIVE.
New policies take effect typically within 10 seconds.
createPolicy
in interface Identity
request
- The request object containing the details to sendpublic CreateRegionSubscriptionResponse createRegionSubscription(CreateRegionSubscriptionRequest request)
Identity
Creates a subscription to a region for a tenancy.
createRegionSubscription
in interface Identity
request
- The request object containing the details to sendpublic CreateSmtpCredentialResponse createSmtpCredential(CreateSmtpCredentialRequest request)
Identity
Creates a new SMTP credential for the specified user. An SMTP credential has an SMTP user
name and an SMTP password. You must specify a description for the SMTP credential (although
it can be an empty string). It does not have to be unique, and you can change it anytime with
updateSmtpCredential
.
createSmtpCredential
in interface Identity
request
- The request object containing the details to sendpublic CreateSwiftPasswordResponse createSwiftPassword(CreateSwiftPasswordRequest request)
Identity
Deprecated. Use createAuthToken
instead.
Creates a new Swift password for the specified user. For information about what Swift passwords are for, see [Managing User Credentials](https://docs.cloud.oracle.com/Content/Identity/Tasks/managingcredentials.htm).
You must specify a *description* for the Swift password (although it can be an empty
string). It does not have to be unique, and you can change it anytime with updateSwiftPassword
.
Every user has permission to create a Swift password for *their own user ID*. An administrator in your organization does not need to write a policy to give users this ability. To compare, administrators who have permission to the tenancy can use this operation to create a Swift password for any user, including themselves.
createSwiftPassword
in interface Identity
request
- The request object containing the details to sendpublic CreateTagResponse createTag(CreateTagRequest request)
Identity
Creates a new tag in the specified tag namespace.
The tag requires either the OCID or the name of the tag namespace that will contain this tag definition.
You must specify a *name* for the tag, which must be unique across all tags in the tag namespace and cannot be changed. The name can contain any ASCII character except the space (_) or period (.) characters. Names are case insensitive. That means, for example, \"myTag\" and \"mytag\" are not allowed in the same namespace. If you specify a name that's already in use in the tag namespace, a 409 error is returned.
The tag must have a *description*. It does not have to be unique, and you can change it
with updateTag
.
The tag must have a value type, which is specified with a validator. Tags can use either a static value or a list of possible values. Static values are entered by a user applying the tag to a resource. Lists are created by you and the user must apply a value from the list. Lists are validiated.
If no `validator` is set, the user applying the tag to a resource can type in a static
value or leave the tag value empty. * If a `validator` is set, the user applying the tag to a
resource must select from a list of values that you supply with enumTagDefinitionValidator
.
public CreateTagDefaultResponse createTagDefault(CreateTagDefaultRequest request)
Identity
Creates a new tag default in the specified compartment for the specified tag definition.
If you specify that a value is required, a value is set during resource creation (either by the user creating the resource or another tag defualt). If no value is set, resource creation is blocked.
If the `isRequired` flag is set to \"true\", the value is set during resource creation. * If the `isRequired` flag is set to \"false\", the value you enter is set during resource creation.
createTagDefault
in interface Identity
request
- The request object containing the details to sendpublic CreateTagNamespaceResponse createTagNamespace(CreateTagNamespaceRequest request)
Identity
Creates a new tag namespace in the specified compartment.
You must specify the compartment ID in the request object (remember that the tenancy is simply the root compartment).
You must also specify a *name* for the namespace, which must be unique across all namespaces in your tenancy and cannot be changed. The name can contain any ASCII character except the space (_) or period (.). Names are case insensitive. That means, for example, \"myNamespace\" and \"mynamespace\" are not allowed in the same tenancy. Once you created a namespace, you cannot change the name. If you specify a name that's already in use in the tenancy, a 409 error is returned.
You must also specify a *description* for the namespace. It does not have to be unique,
and you can change it with updateTagNamespace
.
createTagNamespace
in interface Identity
request
- The request object containing the details to sendpublic CreateUserResponse createUser(CreateUserRequest request)
Identity
Creates a new user in your tenancy. For conceptual information about users, your tenancy, and other IAM Service components, see Overview of IAM.
You must specify your tenancy's OCID as the compartment ID in the request object (remember that the tenancy is simply the root compartment). Notice that IAM resources (users, groups, compartments, and some policies) reside within the tenancy itself, unlike cloud resources such as compute instances, which typically reside within compartments inside the tenancy. For information about OCIDs, see [Resource Identifiers](https://docs.cloud.oracle.com/Content/General/Concepts/identifiers.htm).
You must also specify a *name* for the user, which must be unique across all users in your tenancy and cannot be changed. Allowed characters: No spaces. Only letters, numerals, hyphens, periods, underscores, +, and @. If you specify a name that's already in use, you'll get a 409 error. This name will be the user's login to the Console. You might want to pick a name that your company's own identity system (e.g., Active Directory, LDAP, etc.) already uses. If you delete a user and then create a new user with the same name, they'll be considered different users because they have different OCIDs.
You must also specify a *description* for the user (although it can be an empty string).
It does not have to be unique, and you can change it anytime with updateUser
. You can use the field to provide the user's full
name, a description, a nickname, or other information to generally identify the user.
After you send your request, the new object's `lifecycleState` will temporarily be CREATING. Before using the object, first make sure its `lifecycleState` has changed to ACTIVE.
A new user has no permissions until you place the user in one or more groups (see addUserToGroup
). If the user needs to access the
Console, you need to provide the user a password (see createOrResetUIPassword
). If the
user needs to access the Oracle Cloud Infrastructure REST API, you need to upload a public
API signing key for that user (see [Required Keys and
OCIDs](https://docs.cloud.oracle.com/Content/API/Concepts/apisigningkey.htm) and also uploadApiKey
).
*Important:** Make sure to inform the new user which compartment(s) they have access to.
createUser
in interface Identity
request
- The request object containing the details to sendpublic DeactivateDomainResponse deactivateDomain(DeactivateDomainRequest request)
Identity
(For tenancies that support identity domains) Deactivates the specified identity domain.
Identity domains must be in an ACTIVE lifecycleState
and have no active apps present in the
domain or underlying Identity Cloud Service stripe. You cannot deactivate the default
identity domain.
After you send your request, the `lifecycleDetails` of this identity domain is set to DEACTIVATING. When the operation completes, then the `lifecycleDetails` is set to null and the `lifecycleState` is set to INACTIVE.
To track the progress of the request, submitting an HTTP GET on the /iamWorkRequests/{iamWorkRequestsId} endpoint retrieves the operation's status.
deactivateDomain
in interface Identity
request
- The request object containing the details to sendpublic DeleteApiKeyResponse deleteApiKey(DeleteApiKeyRequest request)
Identity
Deletes the specified API signing key for the specified user.
Every user has permission to use this operation to delete a key for *their own user ID*. An administrator in your organization does not need to write a policy to give users this ability. To compare, administrators who have permission to the tenancy can use this operation to delete a key for any user, including themselves.
deleteApiKey
in interface Identity
request
- The request object containing the details to sendpublic DeleteAuthTokenResponse deleteAuthToken(DeleteAuthTokenRequest request)
Identity
Deletes the specified auth token for the specified user.
deleteAuthToken
in interface Identity
request
- The request object containing the details to sendpublic DeleteCompartmentResponse deleteCompartment(DeleteCompartmentRequest request)
Identity
Deletes the specified compartment. The compartment must be empty.
deleteCompartment
in interface Identity
request
- The request object containing the details to sendpublic DeleteCustomerSecretKeyResponse deleteCustomerSecretKey(DeleteCustomerSecretKeyRequest request)
Identity
Deletes the specified secret key for the specified user.
deleteCustomerSecretKey
in interface Identity
request
- The request object containing the details to sendpublic DeleteDbCredentialResponse deleteDbCredential(DeleteDbCredentialRequest request)
Identity
Deletes the specified DB credential for the specified user.
deleteDbCredential
in interface Identity
request
- The request object containing the details to sendpublic DeleteDomainResponse deleteDomain(DeleteDomainRequest request)
Identity
(For tenancies that support identity domains) Deletes an identity domain. The identity domain
must have no active apps present in the underlying IDCS stripe. You must also deactivate the
identity domain, rendering the lifecycleState
of the identity domain INACTIVE. Furthermore,
as the authenticated user performing the operation, you cannot be a member of the identity
domain you are deleting. Lastly, you cannot delete the default identity domain. A tenancy
must always have at least the default identity domain.
To track the progress of the request, submitting an HTTP GET on the /iamWorkRequests/{iamWorkRequestsId} endpoint retrieves the operation's status.
deleteDomain
in interface Identity
request
- The request object containing the details to sendpublic DeleteDynamicGroupResponse deleteDynamicGroup(DeleteDynamicGroupRequest request)
Identity
Deletes the specified dynamic group.
deleteDynamicGroup
in interface Identity
request
- The request object containing the details to sendpublic DeleteGroupResponse deleteGroup(DeleteGroupRequest request)
Identity
Deletes the specified group. The group must be empty.
deleteGroup
in interface Identity
request
- The request object containing the details to sendpublic DeleteIdentityProviderResponse deleteIdentityProvider(DeleteIdentityProviderRequest request)
Identity
Deprecated. For more information, see Deprecated IAM Service APIs.
Deletes the specified identity provider. The identity provider must not have any group
mappings (see IdpGroupMapping
).
deleteIdentityProvider
in interface Identity
request
- The request object containing the details to sendpublic DeleteIdpGroupMappingResponse deleteIdpGroupMapping(DeleteIdpGroupMappingRequest request)
Identity
Deprecated. For more information, see Deprecated IAM Service APIs.
Deletes the specified group mapping.
deleteIdpGroupMapping
in interface Identity
request
- The request object containing the details to sendpublic DeleteMfaTotpDeviceResponse deleteMfaTotpDevice(DeleteMfaTotpDeviceRequest request)
Identity
Deletes the specified MFA TOTP device for the specified user.
deleteMfaTotpDevice
in interface Identity
request
- The request object containing the details to sendpublic DeleteNetworkSourceResponse deleteNetworkSource(DeleteNetworkSourceRequest request)
Identity
Deletes the specified network source.
deleteNetworkSource
in interface Identity
request
- The request object containing the details to sendpublic DeleteOAuthClientCredentialResponse deleteOAuthClientCredential(DeleteOAuthClientCredentialRequest request)
Identity
Delete Oauth token for the user
deleteOAuthClientCredential
in interface Identity
request
- The request object containing the details to sendpublic DeletePolicyResponse deletePolicy(DeletePolicyRequest request)
Identity
Deletes the specified policy. The deletion takes effect typically within 10 seconds.
deletePolicy
in interface Identity
request
- The request object containing the details to sendpublic DeleteSmtpCredentialResponse deleteSmtpCredential(DeleteSmtpCredentialRequest request)
Identity
Deletes the specified SMTP credential for the specified user.
deleteSmtpCredential
in interface Identity
request
- The request object containing the details to sendpublic DeleteSwiftPasswordResponse deleteSwiftPassword(DeleteSwiftPasswordRequest request)
Identity
Deprecated. Use deleteAuthToken
instead.
Deletes the specified Swift password for the specified user.
deleteSwiftPassword
in interface Identity
request
- The request object containing the details to sendpublic DeleteTagResponse deleteTag(DeleteTagRequest request)
Identity
Deletes the specified tag definition. This operation triggers a process that removes the tag from all resources in your tenancy.
These things happen immediately: * If the tag was a cost-tracking tag, it no longer counts against your 10 cost-tracking tags limit, whether you first disabled it or not. * If the tag was used with dynamic groups, none of the rules that contain the tag will be evaluated against the tag.
When you start the delete operation, the state of the tag changes to DELETING and tag removal from resources begins. This can take up to 48 hours depending on the number of resources that were tagged as well as the regions in which those resources reside.
When all tags have been removed, the state changes to DELETED. You cannot restore a deleted tag. Once the deleted tag changes its state to DELETED, you can use the same tag name again.
After you start this operation, you cannot start either the bulkDeleteTags
or the cascadeDeleteTagNamespace
operation until this process completes.
To delete a tag, you must first retire it. Use updateTag
to retire a tag.
public DeleteTagDefaultResponse deleteTagDefault(DeleteTagDefaultRequest request)
Identity
Deletes the the specified tag default.
deleteTagDefault
in interface Identity
request
- The request object containing the details to sendpublic DeleteTagNamespaceResponse deleteTagNamespace(DeleteTagNamespaceRequest request)
Identity
Deletes the specified tag namespace. Only an empty tag namespace can be deleted with this operation. To use this operation to delete a tag namespace that contains tag definitions, first delete all of its tag definitions.
Use cascadeDeleteTagNamespace
to delete a tag namespace along with all of the tag definitions
contained within that namespace.
Use deleteTag
to delete a tag definition.
deleteTagNamespace
in interface Identity
request
- The request object containing the details to sendpublic DeleteUserResponse deleteUser(DeleteUserRequest request)
Identity
Deletes the specified user. The user must not be in any groups.
deleteUser
in interface Identity
request
- The request object containing the details to sendpublic EnableReplicationToRegionResponse enableReplicationToRegion(EnableReplicationToRegionRequest request)
Identity
(For tenancies that support identity domains) Replicates the identity domain to a new region
(provided that the region is the tenancy home region or other region that the tenancy
subscribes to). You can only replicate identity domains that are in an ACTIVE
lifecycleState
and not currently updating or already replicating. You also can only trigger
the replication of secondary identity domains. The default identity domain is automatically
replicated to all regions that the tenancy subscribes to.
After you send the request, the `state` of the identity domain in the replica region is set to ENABLING_REPLICATION. When the operation completes, the `state` is set to REPLICATION_ENABLED.
To track the progress of the request, submitting an HTTP GET on the /iamWorkRequests/{iamWorkRequestsId} endpoint retrieves the operation's status.
enableReplicationToRegion
in interface Identity
request
- The request object containing the details to sendpublic GenerateTotpSeedResponse generateTotpSeed(GenerateTotpSeedRequest request)
Identity
Generate seed for the MFA TOTP device.
generateTotpSeed
in interface Identity
request
- The request object containing the details to sendpublic GetAuthenticationPolicyResponse getAuthenticationPolicy(GetAuthenticationPolicyRequest request)
Identity
Gets the authentication policy for the given tenancy. You must specify your tenant’s OCID as the value for the compartment ID (remember that the tenancy is simply the root compartment).
getAuthenticationPolicy
in interface Identity
request
- The request object containing the details to sendpublic GetCompartmentResponse getCompartment(GetCompartmentRequest request)
Identity
Gets the specified compartment’s information.
This operation does not return a list of all the resources inside the compartment. There
is no single API operation that does that. Compartments can contain multiple types of
resources (instances, block storage volumes, etc.). To find out what's in a compartment, you
must call the \"List\" operation for each resource type and specify the compartment's OCID as
a query parameter in the request. For example, call the listInstances
operation in the Cloud Compute Service or
the listVolumes
operation in Cloud Block Storage.
getCompartment
in interface Identity
request
- The request object containing the details to sendpublic GetDomainResponse getDomain(GetDomainRequest request)
Identity
(For tenancies that support identity domains) Gets the specified identity domain’s information.
public GetDynamicGroupResponse getDynamicGroup(GetDynamicGroupRequest request)
Identity
Gets the specified dynamic group’s information.
getDynamicGroup
in interface Identity
request
- The request object containing the details to sendpublic GetGroupResponse getGroup(GetGroupRequest request)
Identity
Gets the specified group’s information.
This operation does not return a list of all the users in the group. To do that, use
listUserGroupMemberships
and provide the group's OCID as a query parameter in the request.
public GetIamWorkRequestResponse getIamWorkRequest(GetIamWorkRequestRequest request)
Identity
Gets the details of a specified IAM work request. The workRequestID is returned in the opc-workrequest-id header for any asynchronous operation in the Identity and Access Management service.
getIamWorkRequest
in interface Identity
request
- The request object containing the details to sendpublic GetIdentityProviderResponse getIdentityProvider(GetIdentityProviderRequest request)
Identity
Deprecated. For more information, see Deprecated IAM Service APIs.
Gets the specified identity provider's information.
getIdentityProvider
in interface Identity
request
- The request object containing the details to sendpublic GetIdpGroupMappingResponse getIdpGroupMapping(GetIdpGroupMappingRequest request)
Identity
Deprecated. For more information, see Deprecated IAM Service APIs.
Gets the specified group mapping.
getIdpGroupMapping
in interface Identity
request
- The request object containing the details to sendpublic GetMfaTotpDeviceResponse getMfaTotpDevice(GetMfaTotpDeviceRequest request)
Identity
Get the specified MFA TOTP device for the specified user.
getMfaTotpDevice
in interface Identity
request
- The request object containing the details to sendpublic GetNetworkSourceResponse getNetworkSource(GetNetworkSourceRequest request)
Identity
Gets the specified network source’s information.
getNetworkSource
in interface Identity
request
- The request object containing the details to sendpublic GetPolicyResponse getPolicy(GetPolicyRequest request)
Identity
Gets the specified policy’s information.
public GetStandardTagTemplateResponse getStandardTagTemplate(GetStandardTagTemplateRequest request)
Identity
Retrieve the standard tag namespace template given the standard tag namespace name.
getStandardTagTemplate
in interface Identity
request
- The request object containing the details to sendpublic GetTagResponse getTag(GetTagRequest request)
Identity
Gets the specified tag’s information.
public GetTagDefaultResponse getTagDefault(GetTagDefaultRequest request)
Identity
Retrieves the specified tag default.
getTagDefault
in interface Identity
request
- The request object containing the details to sendpublic GetTagNamespaceResponse getTagNamespace(GetTagNamespaceRequest request)
Identity
Gets the specified tag namespace’s information.
getTagNamespace
in interface Identity
request
- The request object containing the details to sendpublic GetTaggingWorkRequestResponse getTaggingWorkRequest(GetTaggingWorkRequestRequest request)
Identity
Gets details on a specified work request. The workRequestID is returned in the opc-workrequest-id header for any asynchronous operation in tagging service.
getTaggingWorkRequest
in interface Identity
request
- The request object containing the details to sendpublic GetTenancyResponse getTenancy(GetTenancyRequest request)
Identity
Get the specified tenancy’s information.
getTenancy
in interface Identity
request
- The request object containing the details to sendpublic GetUserResponse getUser(GetUserRequest request)
Identity
Gets the specified user’s information.
public GetUserGroupMembershipResponse getUserGroupMembership(GetUserGroupMembershipRequest request)
Identity
Gets the specified UserGroupMembership’s information.
getUserGroupMembership
in interface Identity
request
- The request object containing the details to sendpublic GetUserUIPasswordInformationResponse getUserUIPasswordInformation(GetUserUIPasswordInformationRequest request)
Identity
Gets the specified user’s console password information. The returned object contains the user’s OCID, but not the password itself. The actual password is returned only when created or reset.
getUserUIPasswordInformation
in interface Identity
request
- The request object containing the details to sendpublic GetWorkRequestResponse getWorkRequest(GetWorkRequestRequest request)
Identity
Gets details on a specified work request. The workRequestID is returned in the opc-workrequest-id header for any asynchronous operation in the compartment service.
getWorkRequest
in interface Identity
request
- The request object containing the details to sendpublic ImportStandardTagsResponse importStandardTags(ImportStandardTagsRequest request)
Identity
OCI will release Tag Namespaces that our customers can import. These Tag Namespaces will provide Tags for our customers and Partners to provide consistency and enable data reporting.
importStandardTags
in interface Identity
request
- The request object containing the details to sendpublic ListAllowedDomainLicenseTypesResponse listAllowedDomainLicenseTypes(ListAllowedDomainLicenseTypesRequest request)
Identity
(For tenancies that support identity domains) Lists the license types for identity domains supported by Oracle Cloud Infrastructure. (License types are also referred to as domain types.)
If `currentLicenseTypeName` is provided, then the request returns license types that the identity domain with the specified license type name can change to. Otherwise, the request returns all valid license types currently supported.
listAllowedDomainLicenseTypes
in interface Identity
request
- The request object containing the details to sendpublic ListApiKeysResponse listApiKeys(ListApiKeysRequest request)
Identity
Lists the API signing keys for the specified user. A user can have a maximum of three keys.
Every user has permission to use this API call for *their own user ID*. An administrator in your organization does not need to write a policy to give users this ability.
listApiKeys
in interface Identity
request
- The request object containing the details to sendpublic ListAuthTokensResponse listAuthTokens(ListAuthTokensRequest request)
Identity
Lists the auth tokens for the specified user. The returned object contains the token’s OCID, but not the token itself. The actual token is returned only upon creation.
listAuthTokens
in interface Identity
request
- The request object containing the details to sendpublic ListAvailabilityDomainsResponse listAvailabilityDomains(ListAvailabilityDomainsRequest request)
Identity
Lists the availability domains in your tenancy. Specify the OCID of either the tenancy or another of your compartments as the value for the compartment ID (remember that the tenancy is simply the root compartment). See Where to Get the Tenancy’s OCID and User’s OCID. Note that the order of the results returned can change if availability domains are added or removed; therefore, do not create a dependency on the list order.
listAvailabilityDomains
in interface Identity
request
- The request object containing the details to sendpublic ListBulkActionResourceTypesResponse listBulkActionResourceTypes(ListBulkActionResourceTypesRequest request)
Identity
Lists the resource-types supported by compartment bulk actions. Use this API to help you
provide the correct resource-type information to the bulkDeleteResources
and bulkMoveResources
operations. The returned list
of resource-types provides the appropriate resource-type names to use with the bulk action
operations along with the type of identifying information you’ll need to provide for each
resource-type. Most resource-types just require an
OCID to identify a
specific resource, but some resource-types, such as buckets, require you to provide other
identifying information.
listBulkActionResourceTypes
in interface Identity
request
- The request object containing the details to sendpublic ListBulkEditTagsResourceTypesResponse listBulkEditTagsResourceTypes(ListBulkEditTagsResourceTypesRequest request)
Identity
Lists the resource types that support bulk tag editing.
listBulkEditTagsResourceTypes
in interface Identity
request
- The request object containing the details to sendpublic ListCompartmentsResponse listCompartments(ListCompartmentsRequest request)
Identity
Lists the compartments in a specified compartment. The members of the list returned depends on the values set for several parameters.
With the exception of the tenancy (root compartment), the ListCompartments operation returns only the first-level child compartments in the parent compartment specified in `compartmentId`. The list does not include any subcompartments of the child compartments (grandchildren).
The parameter `accessLevel` specifies whether to return only those compartments for which the requestor has INSPECT permissions on at least one resource directly or indirectly (the resource can be in a subcompartment).
The parameter `compartmentIdInSubtree` applies only when you perform ListCompartments on the tenancy (root compartment). When set to true, the entire hierarchy of compartments can be returned. To get a full list of all compartments and subcompartments in the tenancy (root compartment), set the parameter `compartmentIdInSubtree` to true and `accessLevel` to ANY.
See [Where to Get the Tenancy's OCID and User's OCID](https://docs.cloud.oracle.com/Content/API/Concepts/apisigningkey.htm#five).
listCompartments
in interface Identity
request
- The request object containing the details to sendpublic ListCostTrackingTagsResponse listCostTrackingTags(ListCostTrackingTagsRequest request)
Identity
Lists all the tags enabled for cost-tracking in the specified tenancy. For information about cost-tracking tags, see Using Cost-tracking Tags.
listCostTrackingTags
in interface Identity
request
- The request object containing the details to sendpublic ListCustomerSecretKeysResponse listCustomerSecretKeys(ListCustomerSecretKeysRequest request)
Identity
Lists the secret keys for the specified user. The returned object contains the secret key’s OCID, but not the secret key itself. The actual secret key is returned only upon creation.
listCustomerSecretKeys
in interface Identity
request
- The request object containing the details to sendpublic ListDbCredentialsResponse listDbCredentials(ListDbCredentialsRequest request)
Identity
Lists the DB credentials for the specified user. The returned object contains the credential’s OCID
listDbCredentials
in interface Identity
request
- The request object containing the details to sendpublic ListDomainsResponse listDomains(ListDomainsRequest request)
Identity
(For tenancies that support identity domains) Lists all identity domains within a tenancy.
listDomains
in interface Identity
request
- The request object containing the details to sendpublic ListDynamicGroupsResponse listDynamicGroups(ListDynamicGroupsRequest request)
Identity
Lists the dynamic groups in your tenancy. You must specify your tenancy’s OCID as the value for the compartment ID (remember that the tenancy is simply the root compartment). See Where to Get the Tenancy’s OCID and User’s OCID.
listDynamicGroups
in interface Identity
request
- The request object containing the details to sendpublic ListFaultDomainsResponse listFaultDomains(ListFaultDomainsRequest request)
Identity
Lists the Fault Domains in your tenancy. Specify the OCID of either the tenancy or another of your compartments as the value for the compartment ID (remember that the tenancy is simply the root compartment). See Where to Get the Tenancy’s OCID and User’s OCID.
listFaultDomains
in interface Identity
request
- The request object containing the details to sendpublic ListGroupsResponse listGroups(ListGroupsRequest request)
Identity
Lists the groups in your tenancy. You must specify your tenancy’s OCID as the value for the compartment ID (remember that the tenancy is simply the root compartment). See Where to Get the Tenancy’s OCID and User’s OCID.
listGroups
in interface Identity
request
- The request object containing the details to sendpublic ListIamWorkRequestErrorsResponse listIamWorkRequestErrors(ListIamWorkRequestErrorsRequest request)
Identity
Gets error details for a specified IAM work request. The workRequestID is returned in the opc-workrequest-id header for any asynchronous operation in the Identity and Access Management service.
listIamWorkRequestErrors
in interface Identity
request
- The request object containing the details to sendpublic ListIamWorkRequestLogsResponse listIamWorkRequestLogs(ListIamWorkRequestLogsRequest request)
Identity
Gets logs for a specified IAM work request. The workRequestID is returned in the opc-workrequest-id header for any asynchronous operation in the Identity and Access Management service.
listIamWorkRequestLogs
in interface Identity
request
- The request object containing the details to sendpublic ListIamWorkRequestsResponse listIamWorkRequests(ListIamWorkRequestsRequest request)
Identity
Lists the IAM work requests in compartment. The workRequestID is returned in the opc-workrequest-id header for any asynchronous operation in the Identity and Access Management service.
listIamWorkRequests
in interface Identity
request
- The request object containing the details to sendpublic ListIdentityProviderGroupsResponse listIdentityProviderGroups(ListIdentityProviderGroupsRequest request)
Identity
Deprecated. For more information, see Deprecated IAM Service APIs.
Lists the identity provider groups.
listIdentityProviderGroups
in interface Identity
request
- The request object containing the details to sendpublic ListIdentityProvidersResponse listIdentityProviders(ListIdentityProvidersRequest request)
Identity
Deprecated. For more information, see Deprecated IAM Service APIs.
Lists all the identity providers in your tenancy. You must specify the identity provider type (e.g., `SAML2` for identity providers using the SAML2.0 protocol). You must specify your tenancy's OCID as the value for the compartment ID (remember that the tenancy is simply the root compartment). See [Where to Get the Tenancy's OCID and User's OCID](https://docs.cloud.oracle.com/Content/API/Concepts/apisigningkey.htm#five).
listIdentityProviders
in interface Identity
request
- The request object containing the details to sendpublic ListIdpGroupMappingsResponse listIdpGroupMappings(ListIdpGroupMappingsRequest request)
Identity
Deprecated. For more information, see Deprecated IAM Service APIs.
Lists the group mappings for the specified identity provider.
listIdpGroupMappings
in interface Identity
request
- The request object containing the details to sendpublic ListMfaTotpDevicesResponse listMfaTotpDevices(ListMfaTotpDevicesRequest request)
Identity
Lists the MFA TOTP devices for the specified user. The returned object contains the device’s OCID, but not the seed. The seed is returned only upon creation or when the IAM service regenerates the MFA seed for the device.
listMfaTotpDevices
in interface Identity
request
- The request object containing the details to sendpublic ListNetworkSourcesResponse listNetworkSources(ListNetworkSourcesRequest request)
Identity
Lists the network sources in your tenancy. You must specify your tenancy’s OCID as the value for the compartment ID (remember that the tenancy is simply the root compartment). See Where to Get the Tenancy’s OCID and User’s OCID.
listNetworkSources
in interface Identity
request
- The request object containing the details to sendpublic ListOAuthClientCredentialsResponse listOAuthClientCredentials(ListOAuthClientCredentialsRequest request)
Identity
List of Oauth tokens for the user
listOAuthClientCredentials
in interface Identity
request
- The request object containing the details to sendpublic ListPoliciesResponse listPolicies(ListPoliciesRequest request)
Identity
Lists the policies in the specified compartment (either the tenancy or another of your compartments). See Where to Get the Tenancy’s OCID and User’s OCID.
To determine which policies apply to a particular group or compartment, you must view the individual statements inside all your policies. There isn't a way to automatically obtain that information via the API.
listPolicies
in interface Identity
request
- The request object containing the details to sendpublic ListRegionSubscriptionsResponse listRegionSubscriptions(ListRegionSubscriptionsRequest request)
Identity
Lists the region subscriptions for the specified tenancy.
listRegionSubscriptions
in interface Identity
request
- The request object containing the details to sendpublic ListRegionsResponse listRegions(ListRegionsRequest request)
Identity
Lists all the regions offered by Oracle Cloud Infrastructure.
listRegions
in interface Identity
request
- The request object containing the details to sendpublic ListSmtpCredentialsResponse listSmtpCredentials(ListSmtpCredentialsRequest request)
Identity
Lists the SMTP credentials for the specified user. The returned object contains the credential’s OCID, the SMTP user name but not the SMTP password. The SMTP password is returned only upon creation.
listSmtpCredentials
in interface Identity
request
- The request object containing the details to sendpublic ListStandardTagNamespacesResponse listStandardTagNamespaces(ListStandardTagNamespacesRequest request)
Identity
Lists available standard tag namespaces that users can create.
listStandardTagNamespaces
in interface Identity
request
- The request object containing the details to sendpublic ListSwiftPasswordsResponse listSwiftPasswords(ListSwiftPasswordsRequest request)
Identity
Deprecated. Use listAuthTokens
instead.
Lists the Swift passwords for the specified user. The returned object contains the password's OCID, but not the password itself. The actual password is returned only upon creation.
listSwiftPasswords
in interface Identity
request
- The request object containing the details to sendpublic ListTagDefaultsResponse listTagDefaults(ListTagDefaultsRequest request)
Identity
Lists the tag defaults for tag definitions in the specified compartment.
listTagDefaults
in interface Identity
request
- The request object containing the details to sendpublic ListTagNamespacesResponse listTagNamespaces(ListTagNamespacesRequest request)
Identity
Lists the tag namespaces in the specified compartment.
listTagNamespaces
in interface Identity
request
- The request object containing the details to sendpublic ListTaggingWorkRequestErrorsResponse listTaggingWorkRequestErrors(ListTaggingWorkRequestErrorsRequest request)
Identity
Gets the errors for a work request.
listTaggingWorkRequestErrors
in interface Identity
request
- The request object containing the details to sendpublic ListTaggingWorkRequestLogsResponse listTaggingWorkRequestLogs(ListTaggingWorkRequestLogsRequest request)
Identity
Gets the logs for a work request.
listTaggingWorkRequestLogs
in interface Identity
request
- The request object containing the details to sendpublic ListTaggingWorkRequestsResponse listTaggingWorkRequests(ListTaggingWorkRequestsRequest request)
Identity
Lists the tagging work requests in compartment.
listTaggingWorkRequests
in interface Identity
request
- The request object containing the details to sendpublic ListTagsResponse listTags(ListTagsRequest request)
Identity
Lists the tag definitions in the specified tag namespace.
public ListUserGroupMembershipsResponse listUserGroupMemberships(ListUserGroupMembershipsRequest request)
Identity
Lists the UserGroupMembership
objects in your tenancy. You must specify your tenancy’s OCID
as the value for the compartment ID (see Where to Get the Tenancy’s OCID and User’s
OCID). You must
also then filter the list in one of these ways:
- You can limit the results to just the memberships for a given user by specifying a `userId`. - Similarly, you can limit the results to just the memberships for a given group by specifying a `groupId`. - You can set both the `userId` and `groupId` to determine if the specified user is in the specified group. If the answer is no, the response is an empty list. - Although`userId` and `groupId` are not individually required, you must set one of them.
listUserGroupMemberships
in interface Identity
request
- The request object containing the details to sendpublic ListUsersResponse listUsers(ListUsersRequest request)
Identity
Lists the users in your tenancy. You must specify your tenancy’s OCID as the value for the compartment ID (remember that the tenancy is simply the root compartment). See Where to Get the Tenancy’s OCID and User’s OCID.
public ListWorkRequestsResponse listWorkRequests(ListWorkRequestsRequest request)
Identity
Lists the work requests in compartment.
listWorkRequests
in interface Identity
request
- The request object containing the details to sendpublic MoveCompartmentResponse moveCompartment(MoveCompartmentRequest request)
Identity
Move the compartment to a different parent compartment in the same tenancy. When you move a
compartment, all its contents (subcompartments and resources) are moved with it. Note that
the CompartmentId
that you specify in the path is the compartment that you want to move.
*IMPORTANT**: After you move a compartment to a new parent compartment, the access policies of the new parent take effect and the policies of the previous parent no longer apply. Ensure that you are aware of the implications for the compartment contents before you move it. For more information, see [Moving a Compartment](https://docs.cloud.oracle.com/Content/Identity/compartments/managingcompartments.htm#MoveCompartment).
moveCompartment
in interface Identity
request
- The request object containing the details to sendpublic RecoverCompartmentResponse recoverCompartment(RecoverCompartmentRequest request)
Identity
Recover the compartment from DELETED state to ACTIVE state.
recoverCompartment
in interface Identity
request
- The request object containing the details to sendpublic RemoveTagDefaultLockResponse removeTagDefaultLock(RemoveTagDefaultLockRequest request)
Identity
Remove a resource lock from a tag default.
removeTagDefaultLock
in interface Identity
request
- The request object containing the details to sendpublic RemoveTagNamespaceLockResponse removeTagNamespaceLock(RemoveTagNamespaceLockRequest request)
Identity
Remove a resource lock from a tag namespace.
removeTagNamespaceLock
in interface Identity
request
- The request object containing the details to sendpublic RemoveUserFromGroupResponse removeUserFromGroup(RemoveUserFromGroupRequest request)
Identity
Removes a user from a group by deleting the corresponding UserGroupMembership
.
removeUserFromGroup
in interface Identity
request
- The request object containing the details to sendpublic ResetIdpScimClientResponse resetIdpScimClient(ResetIdpScimClientRequest request)
Identity
Resets the OAuth2 client credentials for the SCIM client associated with this identity provider.
resetIdpScimClient
in interface Identity
request
- The request object containing the details to sendpublic UpdateAuthTokenResponse updateAuthToken(UpdateAuthTokenRequest request)
Identity
Updates the specified auth token’s description.
updateAuthToken
in interface Identity
request
- The request object containing the details to sendpublic UpdateAuthenticationPolicyResponse updateAuthenticationPolicy(UpdateAuthenticationPolicyRequest request)
Identity
Updates authentication policy for the specified tenancy.
updateAuthenticationPolicy
in interface Identity
request
- The request object containing the details to sendpublic UpdateCompartmentResponse updateCompartment(UpdateCompartmentRequest request)
Identity
Updates the specified compartment’s description or name. You can’t update the root compartment.
updateCompartment
in interface Identity
request
- The request object containing the details to sendpublic UpdateCustomerSecretKeyResponse updateCustomerSecretKey(UpdateCustomerSecretKeyRequest request)
Identity
Updates the specified secret key’s description.
updateCustomerSecretKey
in interface Identity
request
- The request object containing the details to sendpublic UpdateDomainResponse updateDomain(UpdateDomainRequest request)
Identity
(For tenancies that support identity domains) Updates identity domain information and the associated Identity Cloud Service (IDCS) stripe.
To track the progress of the request, submitting an HTTP GET on the /iamWorkRequests/{iamWorkRequestsId} endpoint retrieves the operation's status.
updateDomain
in interface Identity
request
- The request object containing the details to sendpublic UpdateDynamicGroupResponse updateDynamicGroup(UpdateDynamicGroupRequest request)
Identity
Updates the specified dynamic group.
updateDynamicGroup
in interface Identity
request
- The request object containing the details to sendpublic UpdateGroupResponse updateGroup(UpdateGroupRequest request)
Identity
Updates the specified group.
updateGroup
in interface Identity
request
- The request object containing the details to sendpublic UpdateIdentityProviderResponse updateIdentityProvider(UpdateIdentityProviderRequest request)
Identity
Deprecated. For more information, see Deprecated IAM Service APIs.
Updates the specified identity provider.
updateIdentityProvider
in interface Identity
request
- The request object containing the details to sendpublic UpdateIdpGroupMappingResponse updateIdpGroupMapping(UpdateIdpGroupMappingRequest request)
Identity
Deprecated. For more information, see Deprecated IAM Service APIs.
Updates the specified group mapping.
updateIdpGroupMapping
in interface Identity
request
- The request object containing the details to sendpublic UpdateNetworkSourceResponse updateNetworkSource(UpdateNetworkSourceRequest request)
Identity
Updates the specified network source.
updateNetworkSource
in interface Identity
request
- The request object containing the details to sendpublic UpdateOAuthClientCredentialResponse updateOAuthClientCredential(UpdateOAuthClientCredentialRequest request)
Identity
Updates Oauth token for the user
updateOAuthClientCredential
in interface Identity
request
- The request object containing the details to sendpublic UpdatePolicyResponse updatePolicy(UpdatePolicyRequest request)
Identity
Updates the specified policy. You can update the description or the policy statements themselves.
Policy changes take effect typically within 10 seconds.
updatePolicy
in interface Identity
request
- The request object containing the details to sendpublic UpdateSmtpCredentialResponse updateSmtpCredential(UpdateSmtpCredentialRequest request)
Identity
Updates the specified SMTP credential’s description.
updateSmtpCredential
in interface Identity
request
- The request object containing the details to sendpublic UpdateSwiftPasswordResponse updateSwiftPassword(UpdateSwiftPasswordRequest request)
Identity
Deprecated. Use updateAuthToken
instead.
Updates the specified Swift password's description.
updateSwiftPassword
in interface Identity
request
- The request object containing the details to sendpublic UpdateTagResponse updateTag(UpdateTagRequest request)
Identity
Updates the specified tag definition.
Setting `validator` determines the value type. Tags can use either a static value or a list of possible values. Static values are entered by a user applying the tag to a resource. Lists are created by you and the user must apply a value from the list. On update, any values in a list that were previously set do not change, but new values must pass validation. Values already applied to a resource do not change.
You cannot remove list values that appear in a TagDefault. To remove a list value that appears in a TagDefault, first update the TagDefault to use a different value.
public UpdateTagDefaultResponse updateTagDefault(UpdateTagDefaultRequest request)
Identity
Updates the specified tag default. If you specify that a value is required, a value is set during resource creation (either by the user creating the resource or another tag defualt). If no value is set, resource creation is blocked.
If the `isRequired` flag is set to \"true\", the value is set during resource creation. * If the `isRequired` flag is set to \"false\", the value you enter is set during resource creation.
updateTagDefault
in interface Identity
request
- The request object containing the details to sendpublic UpdateTagNamespaceResponse updateTagNamespace(UpdateTagNamespaceRequest request)
Identity
Updates the the specified tag namespace. You can’t update the namespace name.
Updating `isRetired` to 'true' retires the namespace and all the tag definitions in the
namespace. Reactivating a namespace (changing `isRetired` from 'true' to 'false') does not
reactivate tag definitions. To reactivate the tag definitions, you must reactivate each one
individually *after* you reactivate the namespace, using updateTag
. For more information about retiring tag namespaces, see [Retiring Key Definitions
and Namespace
Definitions](https://docs.cloud.oracle.com/Content/Tagging/Tasks/managingtagsandtagnamespaces.htm#retiringkeys).
You can't add a namespace with the same name as a retired namespace in the same tenancy.
updateTagNamespace
in interface Identity
request
- The request object containing the details to sendpublic UpdateUserResponse updateUser(UpdateUserRequest request)
Identity
Updates the description of the specified user.
updateUser
in interface Identity
request
- The request object containing the details to sendpublic UpdateUserCapabilitiesResponse updateUserCapabilities(UpdateUserCapabilitiesRequest request)
Identity
Updates the capabilities of the specified user.
updateUserCapabilities
in interface Identity
request
- The request object containing the details to sendpublic UpdateUserStateResponse updateUserState(UpdateUserStateRequest request)
Identity
Updates the state of the specified user.
updateUserState
in interface Identity
request
- The request object containing the details to sendpublic UploadApiKeyResponse uploadApiKey(UploadApiKeyRequest request)
Identity
Uploads an API signing key for the specified user.
Every user has permission to use this operation to upload a key for *their own user ID*. An administrator in your organization does not need to write a policy to give users this ability. To compare, administrators who have permission to the tenancy can use this operation to upload a key for any user, including themselves.
*Important:** Even though you have permission to upload an API key, you might not yet have permission to do much else. If you try calling an operation unrelated to your own credential management (e.g., `ListUsers`, `LaunchInstance`) and receive an \"unauthorized\" error, check with an administrator to confirm which IAM Service group(s) you're in and what access you have. Also confirm you're working in the correct compartment.
After you send your request, the new object's `lifecycleState` will temporarily be CREATING. Before using the object, first make sure its `lifecycleState` has changed to ACTIVE.
uploadApiKey
in interface Identity
request
- The request object containing the details to sendpublic IdentityWaiters getWaiters()
Identity
Gets the pre-configured waiters available for resources for this service.
getWaiters
in interface Identity
public IdentityPaginators getPaginators()
Identity
Gets the pre-configured paginators available for list operations in this service which may
return multiple pages of data. These paginators provide an Iterable
interface so that service responses, or resources/records, can be iterated through without
having to manually deal with pagination and page tokens.
getPaginators
in interface Identity
protected ClientConfigurator getDefaultConfigurator()
public void useRealmSpecificEndpointTemplate(boolean useOfRealmSpecificEndpointTemplateEnabled)
useOfRealmSpecificEndpointTemplateEnabled
- This flag can be set to true or false to
enable or disable the use of realm-specific endpoint template respectivelypublic final void populateServiceParametersInEndpoint(String endpoint, Map<String,Object> requiredParametersMap)
endpoint
- The endpoint template in userequiredParametersMap
- Map of parameter name as key and value set in request path or
query parameter as valuepublic final void updateBaseEndpoint(String endpoint)
endpoint
- The updated endpoint to usepublic final void setEndpoint(String endpoint)
public final String getEndpoint()
public final void refreshClient()
HttpClient
. This will call ClientConfigurator
s again, and
can be used to e.g. refresh the SSL certificate.public final void close()
close
in interface AutoCloseable
public String getClientCommonLibraryVersion()
Copyright © 2016–2024. All rights reserved.