oci_identity_domains_app

This resource provides the App resource in Oracle Cloud Infrastructure Identity Domains service.

Create an App

Example Usage

resource "oci_identity_domains_app" "test_app" {
	#Required
	based_on_template {
		#Required
		value = var.app_based_on_template_value

		#Optional
		well_known_id = "CustomWebAppTemplateId"
	}
	display_name = var.app_display_name
	idcs_endpoint = data.oci_identity_domain.test_domain.url
	schemas = ["urn:ietf:params:scim:schemas:oracle:idcs:App"]

	#Optional
	access_token_expiry = var.app_access_token_expiry
	active = var.app_active
	alias_apps {
		#Required
		value = var.app_alias_apps_value
	}
	all_url_schemes_allowed = var.app_all_url_schemes_allowed
	allow_access_control = var.app_allow_access_control
	allow_offline = var.app_allow_offline
	allowed_grants = var.app_allowed_grants
	allowed_operations = var.app_allowed_operations
	allowed_scopes {
		#Required
		fqs = var.app_allowed_scopes_fqs
	}
	allowed_tags {
		#Required
		key = var.app_allowed_tags_key
		value = var.app_allowed_tags_value
	}
	app_icon = var.app_app_icon
	app_signon_policy {
		#Required
		value = var.app_app_signon_policy_value
	}
	app_thumbnail = var.app_app_thumbnail
	apps_network_perimeters {
		#Required
		value = var.app_apps_network_perimeters_value
	}
	as_opc_service {
		#Required
		value = var.app_as_opc_service_value
	}
	attr_rendering_metadata {
		#Required
		name = var.app_attr_rendering_metadata_name

		#Optional
		datatype = var.app_attr_rendering_metadata_datatype
		helptext = var.app_attr_rendering_metadata_helptext
		label = var.app_attr_rendering_metadata_label
		max_length = var.app_attr_rendering_metadata_max_length
		max_size = var.app_attr_rendering_metadata_max_size
		min_length = var.app_attr_rendering_metadata_min_length
		min_size = var.app_attr_rendering_metadata_min_size
		order = var.app_attr_rendering_metadata_order
		read_only = var.app_attr_rendering_metadata_read_only
		regexp = var.app_attr_rendering_metadata_regexp
		required = var.app_attr_rendering_metadata_required
		section = var.app_attr_rendering_metadata_section
		visible = var.app_attr_rendering_metadata_visible
		widget = var.app_attr_rendering_metadata_widget
	}
	attribute_sets = ["all"]
	attributes = ""
	audience = var.app_audience
	authorization = var.app_authorization
	bypass_consent = var.app_bypass_consent
	certificates {
		#Required
		cert_alias = var.app_certificates_cert_alias
	}
	client_ip_checking = var.app_client_ip_checking
	client_type = var.app_client_type
	contact_email_address = var.app_contact_email_address
	delegated_service_names = var.app_delegated_service_names
	description = var.app_description
	disable_kmsi_token_authentication = var.app_disable_kmsi_token_authentication
	error_page_url = var.app_error_page_url
	home_page_url = var.app_home_page_url
	icon = var.app_icon
	id = var.app_id
	id_token_enc_algo = var.app_id_token_enc_algo
	identity_providers {
		#Required
		value = var.app_identity_providers_value
	}
	idp_policy {
		#Required
		value = var.app_idp_policy_value
	}
	is_alias_app = var.app_is_alias_app
	is_enterprise_app = var.app_is_enterprise_app
	is_form_fill = var.app_is_form_fill
	is_kerberos_realm = var.app_is_kerberos_realm
	is_login_target = var.app_is_login_target
	is_mobile_target = var.app_is_mobile_target
	is_multicloud_service_app = var.app_is_multicloud_service_app
	is_oauth_client = var.app_is_oauth_client
	is_oauth_resource = var.app_is_oauth_resource
	is_obligation_capable = var.app_is_obligation_capable
	is_radius_app = var.app_is_radius_app
	is_saml_service_provider = var.app_is_saml_service_provider
	is_unmanaged_app = var.app_is_unmanaged_app
	is_web_tier_policy = var.app_is_web_tier_policy
	landing_page_url = var.app_landing_page_url
	linking_callback_url = var.app_linking_callback_url
	login_mechanism = var.app_login_mechanism
	login_page_url = var.app_login_page_url
	logout_page_url = var.app_logout_page_url
	logout_uri = var.app_logout_uri
	name = var.app_name
	ocid = var.app_ocid
	post_logout_redirect_uris = var.app_post_logout_redirect_uris
	privacy_policy_url = var.app_privacy_policy_url
	product_logo_url = var.app_product_logo_url
	product_name = var.app_product_name
	protectable_secondary_audiences {
		#Required
		value = var.app_protectable_secondary_audiences_value
	}
	radius_policy {
		#Required
		value = var.app_radius_policy_value
	}
	redirect_uris = var.app_redirect_uris
	refresh_token_expiry = var.app_refresh_token_expiry
	resource_type_schema_version = var.app_resource_type_schema_version
	saml_service_provider {
		#Required
		value = var.app_saml_service_provider_value
	}
	scopes {
		#Required
		value = var.app_scopes_value

		#Optional
		description = var.app_scopes_description
		display_name = var.app_scopes_display_name
		requires_consent = var.app_scopes_requires_consent
	}
	secondary_audiences = ["secondaryAudiences"]
	service_params {
		#Required
		name = var.app_service_params_name

		#Optional
		value = var.app_service_params_value
	}
	service_type_urn = var.app_service_type_urn
	service_type_version = var.app_service_type_version
	show_in_my_apps = var.app_show_in_my_apps
	signon_policy {
		#Required
		value = var.app_signon_policy_value
	}
	tags {
		#Required
		key = var.app_tags_key
		value = var.app_tags_value
	}
	terms_of_service_url = var.app_terms_of_service_url
	terms_of_use {
		#Required
		value = var.app_terms_of_use_value
	}
	trust_policies {
		#Required
		value = var.app_trust_policies_value
	}
	trust_scope = var.app_trust_scope
	urnietfparamsscimschemasoracleidcsextension_oci_tags {

		#Optional
		defined_tags {
			#Required
			key = var.app_urnietfparamsscimschemasoracleidcsextension_oci_tags_defined_tags_key
			namespace = var.app_urnietfparamsscimschemasoracleidcsextension_oci_tags_defined_tags_namespace
			value = var.app_urnietfparamsscimschemasoracleidcsextension_oci_tags_defined_tags_value
		}
		freeform_tags {
			#Required
			key = var.app_urnietfparamsscimschemasoracleidcsextension_oci_tags_freeform_tags_key
			value = var.app_urnietfparamsscimschemasoracleidcsextension_oci_tags_freeform_tags_value
		}
	}
	urnietfparamsscimschemasoracleidcsextensiondbcs_app {

		#Optional
		domain_app {
			#Required
			value = var.app_urnietfparamsscimschemasoracleidcsextensiondbcs_app_domain_app_value
		}
		domain_name = "domainName"
	}
	urnietfparamsscimschemasoracleidcsextensionenterprise_app_app {

		#Optional
		allow_authz_decision_ttl = var.app_urnietfparamsscimschemasoracleidcsextensionenterprise_app_app_allow_authz_decision_ttl
		allow_authz_policy {
			#Required
			value = var.app_urnietfparamsscimschemasoracleidcsextensionenterprise_app_app_allow_authz_policy_value
		}
		app_resources {
			#Required
			value = var.app_urnietfparamsscimschemasoracleidcsextensionenterprise_app_app_app_resources_value
		}
		deny_authz_decision_ttl = var.app_urnietfparamsscimschemasoracleidcsextensionenterprise_app_app_deny_authz_decision_ttl
		deny_authz_policy {
			#Required
			value = var.app_urnietfparamsscimschemasoracleidcsextensionenterprise_app_app_deny_authz_policy_value
		}
	}
	urnietfparamsscimschemasoracleidcsextensionform_fill_app_app {

		#Optional
		configuration = var.app_urnietfparamsscimschemasoracleidcsextensionform_fill_app_app_configuration
		form_cred_method = var.app_urnietfparamsscimschemasoracleidcsextensionform_fill_app_app_form_cred_method
		form_credential_sharing_group_id = var.app_urnietfparamsscimschemasoracleidcsextensionform_fill_app_app_form_credential_sharing_group_id
		form_fill_url_match {
			#Required
			form_url = var.app_urnietfparamsscimschemasoracleidcsextensionform_fill_app_app_form_fill_url_match_form_url

			#Optional
			form_url_match_type = var.app_urnietfparamsscimschemasoracleidcsextensionform_fill_app_app_form_fill_url_match_form_url_match_type
		}
		form_type = var.app_urnietfparamsscimschemasoracleidcsextensionform_fill_app_app_form_type
		reveal_password_on_form = var.app_urnietfparamsscimschemasoracleidcsextensionform_fill_app_app_reveal_password_on_form
		user_name_form_expression = var.app_urnietfparamsscimschemasoracleidcsextensionform_fill_app_app_user_name_form_expression
		user_name_form_template = var.app_urnietfparamsscimschemasoracleidcsextensionform_fill_app_app_user_name_form_template
	}
	urnietfparamsscimschemasoracleidcsextensionform_fill_app_template_app_template {

		#Optional
		configuration = var.app_urnietfparamsscimschemasoracleidcsextensionform_fill_app_template_app_template_configuration
		form_cred_method = var.app_urnietfparamsscimschemasoracleidcsextensionform_fill_app_template_app_template_form_cred_method
		form_credential_sharing_group_id = var.app_urnietfparamsscimschemasoracleidcsextensionform_fill_app_template_app_template_form_credential_sharing_group_id
		form_fill_url_match {
			#Required
			form_url = var.app_urnietfparamsscimschemasoracleidcsextensionform_fill_app_template_app_template_form_fill_url_match_form_url

			#Optional
			form_url_match_type = var.app_urnietfparamsscimschemasoracleidcsextensionform_fill_app_template_app_template_form_fill_url_match_form_url_match_type
		}
		form_type = var.app_urnietfparamsscimschemasoracleidcsextensionform_fill_app_template_app_template_form_type
		reveal_password_on_form = var.app_urnietfparamsscimschemasoracleidcsextensionform_fill_app_template_app_template_reveal_password_on_form
		sync_from_template = var.app_urnietfparamsscimschemasoracleidcsextensionform_fill_app_template_app_template_sync_from_template
		user_name_form_expression = var.app_urnietfparamsscimschemasoracleidcsextensionform_fill_app_template_app_template_user_name_form_expression
		user_name_form_template = var.app_urnietfparamsscimschemasoracleidcsextensionform_fill_app_template_app_template_user_name_form_template
	}
	urnietfparamsscimschemasoracleidcsextensionkerberos_realm_app {

		#Optional
		default_encryption_salt_type = var.app_urnietfparamsscimschemasoracleidcsextensionkerberos_realm_app_default_encryption_salt_type
		master_key = var.app_urnietfparamsscimschemasoracleidcsextensionkerberos_realm_app_master_key
		max_renewable_age = var.app_urnietfparamsscimschemasoracleidcsextensionkerberos_realm_app_max_renewable_age
		max_ticket_life = var.app_urnietfparamsscimschemasoracleidcsextensionkerberos_realm_app_max_ticket_life
		realm_name = var.app_urnietfparamsscimschemasoracleidcsextensionkerberos_realm_app_realm_name
		supported_encryption_salt_types = var.app_urnietfparamsscimschemasoracleidcsextensionkerberos_realm_app_supported_encryption_salt_types
		ticket_flags = var.app_urnietfparamsscimschemasoracleidcsextensionkerberos_realm_app_ticket_flags
	}
	urnietfparamsscimschemasoracleidcsextensionmanagedapp_app {

		#Optional
		admin_consent_granted = var.app_urnietfparamsscimschemasoracleidcsextensionmanagedapp_app_admin_consent_granted
		bundle_configuration_properties {
			#Required
			icf_type = var.app_urnietfparamsscimschemasoracleidcsextensionmanagedapp_app_bundle_configuration_properties_icf_type
			name = var.app_urnietfparamsscimschemasoracleidcsextensionmanagedapp_app_bundle_configuration_properties_name
			required = var.app_urnietfparamsscimschemasoracleidcsextensionmanagedapp_app_bundle_configuration_properties_required

			#Optional
			confidential = var.app_urnietfparamsscimschemasoracleidcsextensionmanagedapp_app_bundle_configuration_properties_confidential
			display_name = var.app_urnietfparamsscimschemasoracleidcsextensionmanagedapp_app_bundle_configuration_properties_display_name
			help_message = var.app_urnietfparamsscimschemasoracleidcsextensionmanagedapp_app_bundle_configuration_properties_help_message
			order = var.app_urnietfparamsscimschemasoracleidcsextensionmanagedapp_app_bundle_configuration_properties_order
			value = var.app_urnietfparamsscimschemasoracleidcsextensionmanagedapp_app_bundle_configuration_properties_value
		}
		bundle_pool_configuration {

			#Optional
			max_idle = var.app_urnietfparamsscimschemasoracleidcsextensionmanagedapp_app_bundle_pool_configuration_max_idle
			max_objects = var.app_urnietfparamsscimschemasoracleidcsextensionmanagedapp_app_bundle_pool_configuration_max_objects
			max_wait = var.app_urnietfparamsscimschemasoracleidcsextensionmanagedapp_app_bundle_pool_configuration_max_wait
			min_evictable_idle_time_millis = var.app_urnietfparamsscimschemasoracleidcsextensionmanagedapp_app_bundle_pool_configuration_min_evictable_idle_time_millis
			min_idle = var.app_urnietfparamsscimschemasoracleidcsextensionmanagedapp_app_bundle_pool_configuration_min_idle
		}
		connected = var.app_urnietfparamsscimschemasoracleidcsextensionmanagedapp_app_connected
		enable_auth_sync_new_user_notification = var.app_urnietfparamsscimschemasoracleidcsextensionmanagedapp_app_enable_auth_sync_new_user_notification
		enable_sync = var.app_urnietfparamsscimschemasoracleidcsextensionmanagedapp_app_enable_sync
		enable_sync_summary_report_notification = var.app_urnietfparamsscimschemasoracleidcsextensionmanagedapp_app_enable_sync_summary_report_notification
		flat_file_bundle_configuration_properties {
			#Required
			icf_type = var.app_urnietfparamsscimschemasoracleidcsextensionmanagedapp_app_flat_file_bundle_configuration_properties_icf_type
			name = var.app_urnietfparamsscimschemasoracleidcsextensionmanagedapp_app_flat_file_bundle_configuration_properties_name
			required = var.app_urnietfparamsscimschemasoracleidcsextensionmanagedapp_app_flat_file_bundle_configuration_properties_required

			#Optional
			confidential = var.app_urnietfparamsscimschemasoracleidcsextensionmanagedapp_app_flat_file_bundle_configuration_properties_confidential
			display_name = var.app_urnietfparamsscimschemasoracleidcsextensionmanagedapp_app_flat_file_bundle_configuration_properties_display_name
			help_message = var.app_urnietfparamsscimschemasoracleidcsextensionmanagedapp_app_flat_file_bundle_configuration_properties_help_message
			order = var.app_urnietfparamsscimschemasoracleidcsextensionmanagedapp_app_flat_file_bundle_configuration_properties_order
			value = var.app_urnietfparamsscimschemasoracleidcsextensionmanagedapp_app_flat_file_bundle_configuration_properties_value
		}
		flat_file_connector_bundle {
			#Required
			value = var.app_urnietfparamsscimschemasoracleidcsextensionmanagedapp_app_flat_file_connector_bundle_value

			#Optional
			display = var.app_urnietfparamsscimschemasoracleidcsextensionmanagedapp_app_flat_file_connector_bundle_display
			well_known_id = oci_identity_domains_well_known.test_well_known.id
		}
		is_authoritative = var.app_urnietfparamsscimschemasoracleidcsextensionmanagedapp_app_is_authoritative
		three_legged_oauth_credential {

			#Optional
			access_token = var.app_urnietfparamsscimschemasoracleidcsextensionmanagedapp_app_three_legged_oauth_credential_access_token
			access_token_expiry = var.app_urnietfparamsscimschemasoracleidcsextensionmanagedapp_app_three_legged_oauth_credential_access_token_expiry
			refresh_token = var.app_urnietfparamsscimschemasoracleidcsextensionmanagedapp_app_three_legged_oauth_credential_refresh_token
		}
	}
	urnietfparamsscimschemasoracleidcsextensionmulticloud_service_app_app {
		#Required
		multicloud_service_type = var.app_urnietfparamsscimschemasoracleidcsextensionmulticloud_service_app_app_multicloud_service_type

		#Optional
		multicloud_platform_url = var.app_urnietfparamsscimschemasoracleidcsextensionmulticloud_service_app_app_multicloud_platform_url
	}
	urnietfparamsscimschemasoracleidcsextensionopc_service_app {

		#Optional
		service_instance_identifier = var.app_urnietfparamsscimschemasoracleidcsextensionopc_service_app_service_instance_identifier
	}
	urnietfparamsscimschemasoracleidcsextensionradius_app_app {
		#Required
		client_ip = var.app_urnietfparamsscimschemasoracleidcsextensionradius_app_app_client_ip
		include_group_in_response = var.app_urnietfparamsscimschemasoracleidcsextensionradius_app_app_include_group_in_response
		port = var.app_urnietfparamsscimschemasoracleidcsextensionradius_app_app_port
		secret_key = var.app_urnietfparamsscimschemasoracleidcsextensionradius_app_app_secret_key

		#Optional
		capture_client_ip = var.app_urnietfparamsscimschemasoracleidcsextensionradius_app_app_capture_client_ip
		country_code_response_attribute_id = "1"
		end_user_ip_attribute = var.app_urnietfparamsscimschemasoracleidcsextensionradius_app_app_end_user_ip_attribute
		group_membership_radius_attribute = var.app_urnietfparamsscimschemasoracleidcsextensionradius_app_app_group_membership_radius_attribute
		group_membership_to_return {
			#Required
			value = var.app_urnietfparamsscimschemasoracleidcsextensionradius_app_app_group_membership_to_return_value
		}
		group_name_format = var.app_urnietfparamsscimschemasoracleidcsextensionradius_app_app_group_name_format
		password_and_otp_together = var.app_urnietfparamsscimschemasoracleidcsextensionradius_app_app_password_and_otp_together
		radius_vendor_specific_id = "radiusVendorSpecificId"
		response_format = var.app_urnietfparamsscimschemasoracleidcsextensionradius_app_app_response_format
		response_format_delimiter = var.app_urnietfparamsscimschemasoracleidcsextensionradius_app_app_response_format_delimiter
		type_of_radius_app = var.app_urnietfparamsscimschemasoracleidcsextensionradius_app_app_type_of_radius_app
	}
	urnietfparamsscimschemasoracleidcsextensionrequestable_app {

		#Optional
		requestable = var.app_urnietfparamsscimschemasoracleidcsextensionrequestable_app_requestable
	}
	urnietfparamsscimschemasoracleidcsextensionsaml_service_provider_app {

		#Optional
		assertion_consumer_url = var.app_urnietfparamsscimschemasoracleidcsextensionsaml_service_provider_app_assertion_consumer_url
		encrypt_assertion = var.app_urnietfparamsscimschemasoracleidcsextensionsaml_service_provider_app_encrypt_assertion
		encryption_algorithm = var.app_urnietfparamsscimschemasoracleidcsextensionsaml_service_provider_app_encryption_algorithm
		encryption_certificate = "encryptionCertificate"
		federation_protocol = var.app_urnietfparamsscimschemasoracleidcsextensionsaml_service_provider_app_federation_protocol
		group_assertion_attributes {
			#Required
			name = var.app_urnietfparamsscimschemasoracleidcsextensionsaml_service_provider_app_group_assertion_attributes_name

			#Optional
			condition = var.app_urnietfparamsscimschemasoracleidcsextensionsaml_service_provider_app_group_assertion_attributes_condition
			format = var.app_urnietfparamsscimschemasoracleidcsextensionsaml_service_provider_app_group_assertion_attributes_format
			group_name = "groupName"
		}
		hok_acs_url = var.app_urnietfparamsscimschemasoracleidcsextensionsaml_service_provider_app_hok_acs_url
		hok_required = var.app_urnietfparamsscimschemasoracleidcsextensionsaml_service_provider_app_hok_required
		include_signing_cert_in_signature = var.app_urnietfparamsscimschemasoracleidcsextensionsaml_service_provider_app_include_signing_cert_in_signature
		key_encryption_algorithm = var.app_urnietfparamsscimschemasoracleidcsextensionsaml_service_provider_app_key_encryption_algorithm
		logout_binding = var.app_urnietfparamsscimschemasoracleidcsextensionsaml_service_provider_app_logout_binding
		logout_enabled = var.app_urnietfparamsscimschemasoracleidcsextensionsaml_service_provider_app_logout_enabled
		logout_request_url = var.app_urnietfparamsscimschemasoracleidcsextensionsaml_service_provider_app_logout_request_url
		logout_response_url = var.app_urnietfparamsscimschemasoracleidcsextensionsaml_service_provider_app_logout_response_url
		metadata = "metadata"
		name_id_format = var.app_urnietfparamsscimschemasoracleidcsextensionsaml_service_provider_app_name_id_format
		name_id_userstore_attribute = var.app_urnietfparamsscimschemasoracleidcsextensionsaml_service_provider_app_name_id_userstore_attribute
		partner_provider_id = "partnerProviderId"
		partner_provider_pattern = var.app_urnietfparamsscimschemasoracleidcsextensionsaml_service_provider_app_partner_provider_pattern
		sign_response_or_assertion = var.app_urnietfparamsscimschemasoracleidcsextensionsaml_service_provider_app_sign_response_or_assertion
		signature_hash_algorithm = var.app_urnietfparamsscimschemasoracleidcsextensionsaml_service_provider_app_signature_hash_algorithm
		signing_certificate = "signingCertificate"
		succinct_id = "succinctId"
		user_assertion_attributes {
			#Required
			name = var.app_urnietfparamsscimschemasoracleidcsextensionsaml_service_provider_app_user_assertion_attributes_name
			user_store_attribute_name = var.app_urnietfparamsscimschemasoracleidcsextensionsaml_service_provider_app_user_assertion_attributes_user_store_attribute_name

			#Optional
			format = var.app_urnietfparamsscimschemasoracleidcsextensionsaml_service_provider_app_user_assertion_attributes_format
		}
	}
	urnietfparamsscimschemasoracleidcsextensionweb_tier_policy_app {

		#Optional
		resource_ref = var.app_urnietfparamsscimschemasoracleidcsextensionweb_tier_policy_app_resource_ref
		web_tier_policy_az_control = var.app_urnietfparamsscimschemasoracleidcsextensionweb_tier_policy_app_web_tier_policy_az_control
		web_tier_policy_json = var.app_urnietfparamsscimschemasoracleidcsextensionweb_tier_policy_app_web_tier_policy_json
	}
}

Argument Reference

The following arguments are supported:

** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

Attributes Reference

The following attributes are exported:

Timeouts

The timeouts block allows you to specify timeouts for certain operations: * create - (Defaults to 20 minutes), when creating the App * update - (Defaults to 20 minutes), when updating the App * delete - (Defaults to 20 minutes), when destroying the App

Import

Apps can be imported using the id, e.g.

$ terraform import oci_identity_domains_app.test_app "idcsEndpoint/{idcsEndpoint}/apps/{appId}"