Oracle IDCS is a cloud-based identity management service that integrates with existing systems and directories. Users can develop, access and deploy their applications from one platform. It works with both cloud and on-premises applications.
Supervisor configuration parameters
To configure the connector, following parameters are required:
-
Connector name
-
Client Id for the trusted app
-
Client Secret of the trusted app (see https://docs.oracle.com/en/cloud/paas/identity-cloud/rest-api/OATOAuthClientWebApp.html#GUID-51E5C29A-6B7E-487A-8832-5D709410C16A__RegisterAnOAuthClientWebApplication-29DDFF36 for more details).
-
Target URL (Cloud application's instance URL used as target URI in payload - Example: https://{tenant-base-url}/admin/v1)
-
Instance DateTime Offset (refer Configuring additional datetime offset in connectors for more details)
Supported objects and operations
Users
|
Operation |
VERB |
|---|---|
|
Create |
POST |
|
Update |
PUT |
|
Delete |
DELETE |
|
Get all users |
GET |
|
Get user by id |
GET |
| Get users with Pagination | GET |
Groups
|
Operation |
VERB |
|---|---|
|
Create |
POST |
|
Update |
PUT |
|
Delete |
DELETE |
|
Get |
GET |
|
Get |
GET |
Mandatory fields
Users
-
userName
-
emails.value
-
name.familyName
Groups
-
displayName
User and Group mapping
The user and group mappings are listed in the tables below.
| SCIM Parameter | Oracle IDCS parameter |
|---|---|
| Id | id |
| userName | userName |
| externalId | externalId |
| name.givenName | name.givenName |
|
name.familyName |
name.familyName |
| name.middleName | name.middleName |
| name.formatted | name.formatted |
| name.honorificPrefix | name.honorificPrefix |
| name.honorificSuffix | name.honorificSuffix |
| displayName | displayName |
| nickName | nickName |
| emails.value | email.value |
| emails.type | email.type |
| emails.primary | email.primary |
| addresses.formatted | addresses.formatted |
| addresses.streetAddress | addresses.streetAddress |
| addresses.locality | addresses.locality |
| addresses.region | addresses.region |
| addresses.postalCode | addresses.postalCode |
| addresses.country | addresses.country |
| addresses.type | addresses.type |
| phoneNumbers.value | phoneNumbers.value |
| phoneNumbers.type | phoneNumbers.type |
| phoneNumbers.primary | phoneNumbers.primary |
| password | password |
| profileUrl | profileUrl |
| title | title |
| userType | userType |
| preferredLanguage | preferredLanguage |
| locale | locale |
| timezone | timeZone |
| active | active |
| entitlements.value | entitlements.value |
| entitlements.display | entitlements.display |
| entitlements.type | entitlements.type |
| roles.value | roles.value |
| roles.display | roles.display |
| roles.type | roles.type |
| groups.value | groups.value |
|
groups.display |
groups.display |
|
extension.organization |
extension.organization |
|
extension.division |
extension.division |
|
extension.department |
extension.department |
|
extension.manager.value |
extension.manager.value |
|
extension.manager.displayName |
extension.manager.displayName |
|
extension.costCenter |
extension.costCenter |
|
extension.employeeNumber |
extension.employeeNumber |
|
meta.created |
meta.created |
|
meta.lastModified |
meta.lastModified |
| SCIM parameter | Oracle IDCS parameter |
|---|---|
| id | id |
| displayName | displayName |
| Members.value | members.value |
| Members.display | members.display |
| extension.externalId | extension.externalId |
| extension.description | extension.description |
|
meta.created |
meta.created |
|
meta.lastModified |
meta.lastModified |
-
Oracle IDCS does not validate the values provided for the roles in the user request and the same is getting assigned to the user. No validation is performed for the type, value properties for the roles. Same is the case with entitlements.
-
Groups will not be returned with the create user response.
-
Sub-Groups cannot be added in Group Memberships.