Oracle Access Governance REST APIs

Creates a new Identity Collection

post

/access-governance/access-controls/20250331/identityCollections

Request

Header Parameters

opc-request-id: string

The client request ID for tracing. The only valid characters for request IDs are letters, numbers, underscore, and dash.

Details for the new Identity Collection.

Root Schema : CreateIdentityCollectionDetails

Type: object

Model required for creating a new Identity Collection.

Show Source

customAttributes: object customAttributes

Metadata associated with the identity collection.
description: string

Minimum Length: 1

Maximum Length: 255

Description of the Identity Collection.
displayName: string

displayName of the Identity Collection.
excludedIdentities: array excludedIdentities

List of excluded identities.
externalId: string

externalId of the Identity Collection.
includedIdentities: array includedIdentities

List of the included identities.
isManagedAtOrchestratedSystem: boolean

Boolean value checking if IC is shared with Orchestrated System.
membershipRule: string

Minimum Length: 1

Maximum Length: 255

Membership Rule for the Identity Collection, for ex. "all { department EQ AG Department , addresses.country EQ India }".
name(required): string

Minimum Length: 1

Maximum Length: 255

Name of the Identity Collection.
orchestratedSystemId: string

Orchestrated System Id of the Identity Collection.
orchestratedSystemMetadataAttributes: array orchestratedSystemMetadataAttributes

List of Orchestrated System configuration.
owners: array owners

List of owner entities.
tags: array tags

List of tags attached to the Identity Collection.

{
    "type":"object",
    "required":[
        "name"
    ],
    "properties":{
        "name":{
            "type":"string",
            "description":"Name of the Identity Collection.",
            "minLength":1,
            "maxLength":255
        },
        "description":{
            "type":"string",
            "description":"Description of the Identity Collection.",
            "minLength":1,
            "maxLength":255
        },
        "includedIdentities":{
            "type":"array",
            "description":"List of the included identities.",
            "items":{
                "$ref":"#/definitions/IdInfo"
            }
        },
        "excludedIdentities":{
            "type":"array",
            "description":"List of excluded identities.",
            "items":{
                "$ref":"#/definitions/IdInfo"
            }
        },
        "owners":{
            "type":"array",
            "description":"List of owner entities.",
            "items":{
                "$ref":"#/definitions/OwnerSummary"
            }
        },
        "membershipRule":{
            "type":"string",
            "description":"Membership Rule for the Identity Collection, for ex. \"all { department EQ AG Department , addresses.country EQ India }\".",
            "minLength":1,
            "maxLength":255
        },
        "orchestratedSystemId":{
            "type":"string",
            "description":"Orchestrated System Id of the Identity Collection."
        },
        "tags":{
            "type":"array",
            "description":"List of tags attached to the Identity Collection.",
            "items":{
                "type":"string"
            }
        },
        "customAttributes":{
            "type":"object",
            "description":"Metadata associated with the identity collection.",
            "properties":{
            }
        },
        "externalId":{
            "type":"string",
            "description":"externalId of the Identity Collection."
        },
        "displayName":{
            "type":"string",
            "description":"displayName of the Identity Collection."
        },
        "isManagedAtOrchestratedSystem":{
            "type":"boolean",
            "description":"Boolean value checking if IC is shared with Orchestrated System."
        },
        "orchestratedSystemMetadataAttributes":{
            "type":"array",
            "description":"List of Orchestrated System configuration.",
            "items":{
                "$ref":"#/definitions/OrchestratedSystemMetadataAttributes"
            }
        }
    },
    "description":"Model required for creating a new Identity Collection."
}

Nested Schema : customAttributes

Type: object

Metadata associated with the identity collection.

Show Source

{
    "type":"object",
    "description":"Metadata associated with the identity collection.",
    "properties":{
    }
}

Nested Schema : excludedIdentities

Type: array

List of excluded identities.

Show Source

Array of: object IdInfo

Generic identifying information object.

{
    "type":"array",
    "description":"List of excluded identities.",
    "items":{
        "$ref":"#/definitions/IdInfo"
    }
}

Nested Schema : includedIdentities

Type: array

List of the included identities.

Show Source

Array of: object IdInfo

Generic identifying information object.

{
    "type":"array",
    "description":"List of the included identities.",
    "items":{
        "$ref":"#/definitions/IdInfo"
    }
}

Nested Schema : orchestratedSystemMetadataAttributes

Type: array

List of Orchestrated System configuration.

Show Source

Array of: object OrchestratedSystemMetadataAttributes

Orchestrated System Metadata Attributes model.

{
    "type":"array",
    "description":"List of Orchestrated System configuration.",
    "items":{
        "$ref":"#/definitions/OrchestratedSystemMetadataAttributes"
    }
}

Nested Schema : owners

Type: array

List of owner entities.

Show Source

Array of: object OwnerSummary

Owner entity object

{
    "type":"array",
    "description":"List of owner entities.",
    "items":{
        "$ref":"#/definitions/OwnerSummary"
    }
}

Nested Schema : tags

Type: array

List of tags attached to the Identity Collection.

Show Source

Array of: string

{
    "type":"array",
    "description":"List of tags attached to the Identity Collection.",
    "items":{
        "type":"string"
    }
}

Nested Schema : IdInfo

Type: object

Generic identifying information object.

Show Source

displayName: string

Display Name of the entity.
id: string

Id of the entity.
name: string

Name of the entity.

{
    "type":"object",
    "properties":{
        "id":{
            "type":"string",
            "description":"Id of the entity."
        },
        "name":{
            "type":"string",
            "description":"Name of the entity."
        },
        "displayName":{
            "type":"string",
            "description":"Display Name of the entity."
        }
    },
    "description":"Generic identifying information object."
}

Nested Schema : OrchestratedSystemMetadataAttributes

Type: object

Orchestrated System Metadata Attributes model.

Show Source

attributes: object OrchestratedSystemAttributes

The information about Orchestrated System attributes metadata
id(required): string

id of target.
label: string

label of target.

{
    "type":"object",
    "required":[
        "id"
    ],
    "properties":{
        "id":{
            "type":"string",
            "description":"id of target."
        },
        "label":{
            "type":"string",
            "description":"label of target."
        },
        "attributes":{
            "$ref":"#/definitions/OrchestratedSystemAttributes"
        }
    },
    "description":"Orchestrated System Metadata Attributes model."
}

Nested Schema : OrchestratedSystemAttributes

Type: object

The information about Orchestrated System attributes metadata

Show Source

items(required): array items

collection of account & permission attributes

{
    "type":"object",
    "required":[
        "items"
    ],
    "properties":{
        "items":{
            "type":"array",
            "description":"collection of account & permission attributes",
            "items":{
                "$ref":"#/definitions/OrchestratedSystemAttribute"
            }
        }
    },
    "description":"The information about Orchestrated System attributes metadata"
}

Nested Schema : items

Type: array

collection of account & permission attributes

Show Source

Array of: object OrchestratedSystemAttribute

Account & permission attributes

{
    "type":"array",
    "description":"collection of account & permission attributes",
    "items":{
        "$ref":"#/definitions/OrchestratedSystemAttribute"
    }
}

Nested Schema : OrchestratedSystemAttribute

Type: object

Account & permission attributes

Show Source

accountAttributes: array accountAttributes

List of Orchestrated System account attributes
orchestratedSystem: object Info

Generic information object.
permissionAttributes: array permissionAttributes

List of Orchestrated System permission attributes

{
    "type":"object",
    "properties":{
        "orchestratedSystem":{
            "$ref":"#/definitions/Info"
        },
        "accountAttributes":{
            "type":"array",
            "description":"List of Orchestrated System account attributes",
            "items":{
                "$ref":"#/definitions/OrchestratedSystemAttributeData"
            }
        },
        "permissionAttributes":{
            "type":"array",
            "description":"List of Orchestrated System permission attributes",
            "items":{
                "$ref":"#/definitions/OrchestratedSystemAttributeData"
            }
        }
    },
    "description":"Account & permission attributes"
}

Nested Schema : accountAttributes

Type: array

List of Orchestrated System account attributes

Show Source

Array of: object OrchestratedSystemAttributeData

Orchestrated System Attributes

{
    "type":"array",
    "description":"List of Orchestrated System account attributes",
    "items":{
        "$ref":"#/definitions/OrchestratedSystemAttributeData"
    }
}

Nested Schema : Info

Type: object

Generic information object.

Show Source

displayName: string

Display Name of the entity.
id: string

id of the entity.
name: string

name of the entity.

{
    "type":"object",
    "properties":{
        "id":{
            "type":"string",
            "description":"id of the entity."
        },
        "name":{
            "type":"string",
            "description":"name of the entity."
        },
        "displayName":{
            "type":"string",
            "description":"Display Name of the entity."
        }
    },
    "description":"Generic information object."
}

Nested Schema : permissionAttributes

Type: array

List of Orchestrated System permission attributes

Show Source

Array of: object OrchestratedSystemAttributeData

Orchestrated System Attributes

{
    "type":"array",
    "description":"List of Orchestrated System permission attributes",
    "items":{
        "$ref":"#/definitions/OrchestratedSystemAttributeData"
    }
}

Nested Schema : OrchestratedSystemAttributeData

Type: object

Orchestrated System Attributes

Show Source

children: array children

nested attributes
defaultValues: array defaultValues

Attribute Value
discriminator: string

this field signify attribute field is password
lookupType: string

LookupID for the attribute
name: string

Attribute name
permissionType: string

Permission Type
title: string

Display Name for the attribute.
type: string

Type of attribute

{
    "type":"object",
    "properties":{
        "name":{
            "type":"string",
            "description":"Attribute name"
        },
        "type":{
            "type":"string",
            "description":"Type of attribute"
        },
        "title":{
            "type":"string",
            "description":"Display Name for the attribute."
        },
        "children":{
            "type":"array",
            "description":"nested attributes",
            "items":{
                "$ref":"#/definitions/NestedAttributes"
            }
        },
        "lookupType":{
            "type":"string",
            "description":"LookupID for the attribute"
        },
        "defaultValues":{
            "type":"array",
            "description":"Attribute Value",
            "items":{
                "type":"string"
            }
        },
        "permissionType":{
            "type":"string",
            "description":"Permission Type"
        },
        "discriminator":{
            "type":"string",
            "description":"this field signify attribute field is password"
        }
    },
    "description":"Orchestrated System Attributes"
}

Nested Schema : children

Type: array

nested attributes

Show Source

Array of: object NestedAttributes

Nested set of Orchestrated System attributes

{
    "type":"array",
    "description":"nested attributes",
    "items":{
        "$ref":"#/definitions/NestedAttributes"
    }
}

Nested Schema : defaultValues

Type: array

Attribute Value

Show Source

Array of: string

{
    "type":"array",
    "description":"Attribute Value",
    "items":{
        "type":"string"
    }
}

Nested Schema : NestedAttributes

Type: object

Nested set of Orchestrated System attributes

Show Source

items: array items

Orchestrated System attributes

{
    "type":"object",
    "properties":{
        "items":{
            "type":"array",
            "description":"Orchestrated System attributes",
            "items":{
                "$ref":"#/definitions/OrchestratedSystemAttributeData"
            }
        }
    },
    "description":"Nested set of Orchestrated System attributes"
}

Nested Schema : items

Type: array

Orchestrated System attributes

Show Source

Array of: object OrchestratedSystemAttributeData

Orchestrated System Attributes

{
    "type":"array",
    "description":"Orchestrated System attributes",
    "items":{
        "$ref":"#/definitions/OrchestratedSystemAttributeData"
    }
}

Nested Schema : OwnerSummary

Type: object

Owner entity object

Show Source

id(required): string

Unique identifier that is immutable on creation
isPrimary(required): boolean

Is this entity the primary owner?
name(required): string

Name of the owner

{
    "type":"object",
    "required":[
        "id",
        "isPrimary",
        "name"
    ],
    "properties":{
        "id":{
            "type":"string",
            "description":"Unique identifier that is immutable on creation"
        },
        "name":{
            "type":"string",
            "description":"Name of the owner"
        },
        "isPrimary":{
            "type":"boolean",
            "description":"Is this entity the primary owner?"
        }
    },
    "description":"Owner entity object"
}

Response

Supported Media Types

application/json

200 Response

The Identity group was successfully created.

Headers

etag: string

For optimistic concurrency control. See `if-match`.
opc-request-id: string

Unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.

Root Schema : IdentityCollectionResponse

Type: object

Identity Collection model.

Show Source

createdBy: object IdInfo

Generic identifying information object.
customAttributes: object customAttributes

Metadata associated with the policy rule.
description: string

Description of the Identity Collection.
displayName: string

displayName of the Identity Collection.
excludedIdentities: array excludedIdentities

List of the excluded identities.
externalId: string

externalId of the Identity Collection.
finalIdentities: array finalIdentities

List of the final Identities.
id(required): string

Unique identifier that is immutable on creation.
identityGroupType: string

Minimum Length: 1

Maximum Length: 255

Type of the Identity Collection.
includedIdentities: array includedIdentities

List of the included identities.
isManagedAtOrchestratedSystem: boolean

Boolean value checking if IC is shared with Orchestrated Systems.
membershipRule: string

Membership Rule for the Identity Collection, for ex. "all { department EQ AG Department , addresses.country EQ India }".
name: string

Name of the Identity Collection.
orchestratedSystemId: string

Orchestrated System Id associated with the Identity Collection.
orchestratedSystemMetadataAttributes: array orchestratedSystemMetadataAttributes

List of Orchestrated System configuration.
owners: array owners

List of owner entities.
ownershipCollectionId: string

Ownership collection associate with the Identity Collection.
parsedIdentityRule: object ParsedIdentityRuleResponse

Parsed membership rule object.
parsedMembers: array parsedMembers

List of the parsed Identities.
status: string

Allowed Values: [ "ACTIVE", "DRAFT", "INACTIVE", "PENDING", "FAILED", "IN_PROGRESS", "SAVED", "SUCCESS", "TIMEOUT" ]

Status of the Identity Group.
tags: array tags

List of tags attached to the Identity Collection.
timeCreated: string(date-time)

Time when the Identity Collection was created. An RFC3339 formatted datetime string
timeUpdated: string(date-time)

Time when the Identity Collection was last updated. An RFC3339 formatted datetime string
updatedBy: object IdInfo

Generic identifying information object.

{
    "type":"object",
    "required":[
        "id"
    ],
    "properties":{
        "id":{
            "type":"string",
            "description":"Unique identifier that is immutable on creation."
        },
        "name":{
            "type":"string",
            "description":"Name of the Identity Collection."
        },
        "description":{
            "type":"string",
            "description":"Description of the Identity Collection."
        },
        "status":{
            "type":"string",
            "description":"Status of the Identity Group.",
            "enum":[
                "ACTIVE",
                "DRAFT",
                "INACTIVE",
                "PENDING",
                "FAILED",
                "IN_PROGRESS",
                "SAVED",
                "SUCCESS",
                "TIMEOUT"
            ],
            "x-obmcs-top-level-enum":"#/definitions/EntityStatus",
            "x-default-description":"ACTIVE"
        },
        "orchestratedSystemId":{
            "type":"string",
            "description":"Orchestrated System Id associated with the Identity Collection."
        },
        "membershipRule":{
            "type":"string",
            "description":"Membership Rule for the Identity Collection, for ex. \"all { department EQ AG Department , addresses.country EQ India }\"."
        },
        "parsedMembers":{
            "type":"array",
            "description":"List of the parsed Identities.",
            "items":{
                "$ref":"#/definitions/IdentitySummary"
            }
        },
        "parsedIdentityRule":{
            "$ref":"#/definitions/ParsedIdentityRuleResponse"
        },
        "includedIdentities":{
            "type":"array",
            "description":"List of the included identities.",
            "items":{
                "$ref":"#/definitions/IdentitySummary"
            }
        },
        "excludedIdentities":{
            "type":"array",
            "description":"List of the excluded identities.",
            "items":{
                "$ref":"#/definitions/IdentitySummary"
            }
        },
        "ownershipCollectionId":{
            "type":"string",
            "description":"Ownership collection associate with the Identity Collection."
        },
        "owners":{
            "type":"array",
            "description":"List of owner entities.",
            "items":{
                "$ref":"#/definitions/OwnerSummary"
            }
        },
        "createdBy":{
            "$ref":"#/definitions/IdInfo"
        },
        "updatedBy":{
            "$ref":"#/definitions/IdInfo"
        },
        "timeCreated":{
            "type":"string",
            "format":"date-time",
            "description":"Time when the Identity Collection was created. An RFC3339 formatted datetime string"
        },
        "timeUpdated":{
            "type":"string",
            "format":"date-time",
            "description":"Time when the Identity Collection was last updated. An RFC3339 formatted datetime string"
        },
        "identityGroupType":{
            "type":"string",
            "description":"Type of the Identity Collection.",
            "minLength":1,
            "maxLength":255
        },
        "finalIdentities":{
            "type":"array",
            "description":"List of the final Identities.",
            "items":{
                "$ref":"#/definitions/IdentitySummary"
            }
        },
        "tags":{
            "type":"array",
            "description":"List of tags attached to the Identity Collection.",
            "items":{
                "type":"string"
            }
        },
        "customAttributes":{
            "type":"object",
            "description":"Metadata associated with the policy rule.",
            "properties":{
            }
        },
        "externalId":{
            "type":"string",
            "description":"externalId of the Identity Collection."
        },
        "displayName":{
            "type":"string",
            "description":"displayName of the Identity Collection."
        },
        "isManagedAtOrchestratedSystem":{
            "type":"boolean",
            "description":"Boolean value checking if IC is shared with Orchestrated Systems."
        },
        "orchestratedSystemMetadataAttributes":{
            "type":"array",
            "description":"List of Orchestrated System configuration.",
            "items":{
                "$ref":"#/definitions/OrchestratedSystemMetadataAttributes"
            }
        }
    },
    "description":"Identity Collection model."
}

Nested Schema : IdInfo

Type: object

Generic identifying information object.

Show Source

displayName: string

Display Name of the entity.
id: string

Id of the entity.
name: string

Name of the entity.

{
    "type":"object",
    "properties":{
        "id":{
            "type":"string",
            "description":"Id of the entity."
        },
        "name":{
            "type":"string",
            "description":"Name of the entity."
        },
        "displayName":{
            "type":"string",
            "description":"Display Name of the entity."
        }
    },
    "description":"Generic identifying information object."
}

Nested Schema : customAttributes

Type: object

Metadata associated with the policy rule.

Show Source

{
    "type":"object",
    "description":"Metadata associated with the policy rule.",
    "properties":{
    }
}

Nested Schema : excludedIdentities

Type: array

List of the excluded identities.

Show Source

Array of: object IdentitySummary

Identity Summary.

{
    "type":"array",
    "description":"List of the excluded identities.",
    "items":{
        "$ref":"#/definitions/IdentitySummary"
    }
}

Nested Schema : finalIdentities

Type: array

List of the final Identities.

Show Source

Array of: object IdentitySummary

Identity Summary.

{
    "type":"array",
    "description":"List of the final Identities.",
    "items":{
        "$ref":"#/definitions/IdentitySummary"
    }
}

Nested Schema : includedIdentities

Type: array

List of the included identities.

Show Source

Array of: object IdentitySummary

Identity Summary.

{
    "type":"array",
    "description":"List of the included identities.",
    "items":{
        "$ref":"#/definitions/IdentitySummary"
    }
}

Nested Schema : orchestratedSystemMetadataAttributes

Type: array

List of Orchestrated System configuration.

Show Source

Array of: object OrchestratedSystemMetadataAttributes

Orchestrated System Metadata Attributes model.

{
    "type":"array",
    "description":"List of Orchestrated System configuration.",
    "items":{
        "$ref":"#/definitions/OrchestratedSystemMetadataAttributes"
    }
}

Nested Schema : owners

Type: array

List of owner entities.

Show Source

Array of: object OwnerSummary

Owner entity object

{
    "type":"array",
    "description":"List of owner entities.",
    "items":{
        "$ref":"#/definitions/OwnerSummary"
    }
}

Nested Schema : ParsedIdentityRuleResponse

Type: object

Parsed membership rule object.

Show Source

attributeConditions: array attributeConditions

Attribute condition
bindingOperator: string

Binding operator
parsedOn: string

Parsed On timestamp as string.

{
    "type":"object",
    "properties":{
        "bindingOperator":{
            "type":"string",
            "description":"Binding operator"
        },
        "parsedOn":{
            "type":"string",
            "description":"Parsed On timestamp as string."
        },
        "attributeConditions":{
            "type":"array",
            "description":"Attribute condition",
            "items":{
                "$ref":"#/definitions/AttributeConditionResponse"
            }
        }
    },
    "description":"Parsed membership rule object."
}

Nested Schema : parsedMembers

Type: array

List of the parsed Identities.

Show Source

Array of: object IdentitySummary

Identity Summary.

{
    "type":"array",
    "description":"List of the parsed Identities.",
    "items":{
        "$ref":"#/definitions/IdentitySummary"
    }
}

Nested Schema : tags

Type: array

List of tags attached to the Identity Collection.

Show Source

Array of: string

{
    "type":"array",
    "description":"List of tags attached to the Identity Collection.",
    "items":{
        "type":"string"
    }
}

Nested Schema : IdentitySummary

Type: object

Identity Summary.

Show Source

agOrganizations: array agOrganizations

The AGOrganizations of which the identity is part of.
email: string

The Unique Oracle ID (OCID) that is immutable on creation.
employeeType: string

The employeeType of the identitiy.
id(required): string

The Unique Oracle ID (OCID) that is immutable on creation.
isRuleBased: boolean

(optional parameter) Is this identity ruled based.
jobCode: string

The jobCode of the identity.
location: string

The location of the identitiy.
manager: string

The Unique Oracle ID (OCID) that is immutable on creation.
name: string

A user-friendly name. Does not have to be unique, and it's changeable. Avoid entering confidential information.
organization: string

The Unique Oracle ID (OCID) that is immutable on creation.
userLogin: string

The Unique Oracle ID (OCID) that is immutable on creation.

{
    "type":"object",
    "required":[
        "id"
    ],
    "properties":{
        "id":{
            "type":"string",
            "description":"The Unique Oracle ID (OCID) that is immutable on creation."
        },
        "name":{
            "type":"string",
            "description":"A user-friendly name. Does not have to be unique, and it's changeable. Avoid entering confidential information."
        },
        "userLogin":{
            "type":"string",
            "description":"The Unique Oracle ID (OCID) that is immutable on creation."
        },
        "email":{
            "type":"string",
            "description":"The Unique Oracle ID (OCID) that is immutable on creation."
        },
        "manager":{
            "type":"string",
            "description":"The Unique Oracle ID (OCID) that is immutable on creation."
        },
        "organization":{
            "type":"string",
            "description":"The Unique Oracle ID (OCID) that is immutable on creation."
        },
        "isRuleBased":{
            "type":"boolean",
            "description":"(optional parameter) Is this identity ruled based."
        },
        "jobCode":{
            "type":"string",
            "description":"The jobCode of the identity."
        },
        "location":{
            "type":"string",
            "description":"The location of the identitiy."
        },
        "employeeType":{
            "type":"string",
            "description":"The employeeType of the identitiy."
        },
        "agOrganizations":{
            "type":"array",
            "description":"The AGOrganizations of which the identity is part of.",
            "items":{
                "type":"string"
            }
        }
    },
    "description":"Identity Summary."
}

Nested Schema : agOrganizations

Type: array

The AGOrganizations of which the identity is part of.

Show Source

Array of: string

{
    "type":"array",
    "description":"The AGOrganizations of which the identity is part of.",
    "items":{
        "type":"string"
    }
}

Nested Schema : OrchestratedSystemMetadataAttributes

Type: object

Orchestrated System Metadata Attributes model.

Show Source

attributes: object OrchestratedSystemAttributes

The information about Orchestrated System attributes metadata
id(required): string

id of target.
label: string

label of target.

{
    "type":"object",
    "required":[
        "id"
    ],
    "properties":{
        "id":{
            "type":"string",
            "description":"id of target."
        },
        "label":{
            "type":"string",
            "description":"label of target."
        },
        "attributes":{
            "$ref":"#/definitions/OrchestratedSystemAttributes"
        }
    },
    "description":"Orchestrated System Metadata Attributes model."
}

Nested Schema : OrchestratedSystemAttributes

Type: object

The information about Orchestrated System attributes metadata

Show Source

items(required): array items

collection of account & permission attributes

{
    "type":"object",
    "required":[
        "items"
    ],
    "properties":{
        "items":{
            "type":"array",
            "description":"collection of account & permission attributes",
            "items":{
                "$ref":"#/definitions/OrchestratedSystemAttribute"
            }
        }
    },
    "description":"The information about Orchestrated System attributes metadata"
}

Nested Schema : items

Type: array

collection of account & permission attributes

Show Source

Array of: object OrchestratedSystemAttribute

Account & permission attributes

{
    "type":"array",
    "description":"collection of account & permission attributes",
    "items":{
        "$ref":"#/definitions/OrchestratedSystemAttribute"
    }
}

Nested Schema : OrchestratedSystemAttribute

Type: object

Account & permission attributes

Show Source

accountAttributes: array accountAttributes

List of Orchestrated System account attributes
orchestratedSystem: object Info

Generic information object.
permissionAttributes: array permissionAttributes

List of Orchestrated System permission attributes

{
    "type":"object",
    "properties":{
        "orchestratedSystem":{
            "$ref":"#/definitions/Info"
        },
        "accountAttributes":{
            "type":"array",
            "description":"List of Orchestrated System account attributes",
            "items":{
                "$ref":"#/definitions/OrchestratedSystemAttributeData"
            }
        },
        "permissionAttributes":{
            "type":"array",
            "description":"List of Orchestrated System permission attributes",
            "items":{
                "$ref":"#/definitions/OrchestratedSystemAttributeData"
            }
        }
    },
    "description":"Account & permission attributes"
}

Nested Schema : accountAttributes

Type: array

List of Orchestrated System account attributes

Show Source

Array of: object OrchestratedSystemAttributeData

Orchestrated System Attributes

{
    "type":"array",
    "description":"List of Orchestrated System account attributes",
    "items":{
        "$ref":"#/definitions/OrchestratedSystemAttributeData"
    }
}

Nested Schema : Info

Type: object

Generic information object.

Show Source

displayName: string

Display Name of the entity.
id: string

id of the entity.
name: string

name of the entity.

{
    "type":"object",
    "properties":{
        "id":{
            "type":"string",
            "description":"id of the entity."
        },
        "name":{
            "type":"string",
            "description":"name of the entity."
        },
        "displayName":{
            "type":"string",
            "description":"Display Name of the entity."
        }
    },
    "description":"Generic information object."
}

Nested Schema : permissionAttributes

Type: array

List of Orchestrated System permission attributes

Show Source

Array of: object OrchestratedSystemAttributeData

Orchestrated System Attributes

{
    "type":"array",
    "description":"List of Orchestrated System permission attributes",
    "items":{
        "$ref":"#/definitions/OrchestratedSystemAttributeData"
    }
}

Nested Schema : OrchestratedSystemAttributeData

Type: object

Orchestrated System Attributes

Show Source

children: array children

nested attributes
defaultValues: array defaultValues

Attribute Value
discriminator: string

this field signify attribute field is password
lookupType: string

LookupID for the attribute
name: string

Attribute name
permissionType: string

Permission Type
title: string

Display Name for the attribute.
type: string

Type of attribute

{
    "type":"object",
    "properties":{
        "name":{
            "type":"string",
            "description":"Attribute name"
        },
        "type":{
            "type":"string",
            "description":"Type of attribute"
        },
        "title":{
            "type":"string",
            "description":"Display Name for the attribute."
        },
        "children":{
            "type":"array",
            "description":"nested attributes",
            "items":{
                "$ref":"#/definitions/NestedAttributes"
            }
        },
        "lookupType":{
            "type":"string",
            "description":"LookupID for the attribute"
        },
        "defaultValues":{
            "type":"array",
            "description":"Attribute Value",
            "items":{
                "type":"string"
            }
        },
        "permissionType":{
            "type":"string",
            "description":"Permission Type"
        },
        "discriminator":{
            "type":"string",
            "description":"this field signify attribute field is password"
        }
    },
    "description":"Orchestrated System Attributes"
}

Nested Schema : children

Type: array

nested attributes

Show Source

Array of: object NestedAttributes

Nested set of Orchestrated System attributes

{
    "type":"array",
    "description":"nested attributes",
    "items":{
        "$ref":"#/definitions/NestedAttributes"
    }
}

Nested Schema : defaultValues

Type: array

Attribute Value

Show Source

Array of: string

{
    "type":"array",
    "description":"Attribute Value",
    "items":{
        "type":"string"
    }
}

Nested Schema : NestedAttributes

Type: object

Nested set of Orchestrated System attributes

Show Source

items: array items

Orchestrated System attributes

{
    "type":"object",
    "properties":{
        "items":{
            "type":"array",
            "description":"Orchestrated System attributes",
            "items":{
                "$ref":"#/definitions/OrchestratedSystemAttributeData"
            }
        }
    },
    "description":"Nested set of Orchestrated System attributes"
}

Nested Schema : items

Type: array

Orchestrated System attributes

Show Source

Array of: object OrchestratedSystemAttributeData

Orchestrated System Attributes

{
    "type":"array",
    "description":"Orchestrated System attributes",
    "items":{
        "$ref":"#/definitions/OrchestratedSystemAttributeData"
    }
}

Nested Schema : OwnerSummary

Type: object

Owner entity object

Show Source

id(required): string

Unique identifier that is immutable on creation
isPrimary(required): boolean

Is this entity the primary owner?
name(required): string

Name of the owner

{
    "type":"object",
    "required":[
        "id",
        "isPrimary",
        "name"
    ],
    "properties":{
        "id":{
            "type":"string",
            "description":"Unique identifier that is immutable on creation"
        },
        "name":{
            "type":"string",
            "description":"Name of the owner"
        },
        "isPrimary":{
            "type":"boolean",
            "description":"Is this entity the primary owner?"
        }
    },
    "description":"Owner entity object"
}

Nested Schema : attributeConditions

Type: array

Attribute condition

Show Source

Array of: object AttributeConditionResponse

Attribute condition.

{
    "type":"array",
    "description":"Attribute condition",
    "items":{
        "$ref":"#/definitions/AttributeConditionResponse"
    }
}

Nested Schema : AttributeConditionResponse

Type: object

Attribute condition.

Show Source

attrKey: object IdInfo

Generic identifying information object.
attrType: string

Attribute Type
attrValue: string

Attribute Value
operator: object IdInfo

Generic identifying information object.
parentId: string

Parent Id
parentType: string

Parent Type
values: array values

Attribute Values for Multi Value operators

{
    "type":"object",
    "properties":{
        "attrKey":{
            "$ref":"#/definitions/IdInfo"
        },
        "operator":{
            "$ref":"#/definitions/IdInfo"
        },
        "attrValue":{
            "type":"string",
            "description":"Attribute Value"
        },
        "attrType":{
            "type":"string",
            "description":"Attribute Type"
        },
        "parentType":{
            "type":"string",
            "description":"Parent Type"
        },
        "parentId":{
            "type":"string",
            "description":"Parent Id"
        },
        "values":{
            "type":"array",
            "description":"Attribute Values for Multi Value operators",
            "items":{
                "type":"string"
            }
        }
    },
    "description":"Attribute condition."
}

Nested Schema : values

Type: array

Attribute Values for Multi Value operators

Show Source

Array of: string

{
    "type":"array",
    "description":"Attribute Values for Multi Value operators",
    "items":{
        "type":"string"
    }
}

400 Response

Bad Request

Headers

opc-request-id: string

Unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.

Root Schema : Error

Type: object

Error Information.

Show Source

code(required): string

A short error code that defines the error, meant for programmatic parsing.
message(required): string

A human-readable error string.

{
    "required":[
        "code",
        "message"
    ],
    "properties":{
        "code":{
            "type":"string",
            "description":"A short error code that defines the error, meant for programmatic parsing."
        },
        "message":{
            "type":"string",
            "description":"A human-readable error string."
        }
    },
    "description":"Error Information."
}

401 Response

Unauthorized

Headers

opc-request-id: string

Unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.

Root Schema : Error

Type: object

Error Information.

Show Source

code(required): string

A short error code that defines the error, meant for programmatic parsing.
message(required): string

A human-readable error string.

{
    "required":[
        "code",
        "message"
    ],
    "properties":{
        "code":{
            "type":"string",
            "description":"A short error code that defines the error, meant for programmatic parsing."
        },
        "message":{
            "type":"string",
            "description":"A human-readable error string."
        }
    },
    "description":"Error Information."
}

404 Response

Not Found

Headers

opc-request-id: string

Unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.

Root Schema : Error

Type: object

Error Information.

Show Source

code(required): string

A short error code that defines the error, meant for programmatic parsing.
message(required): string

A human-readable error string.

{
    "required":[
        "code",
        "message"
    ],
    "properties":{
        "code":{
            "type":"string",
            "description":"A short error code that defines the error, meant for programmatic parsing."
        },
        "message":{
            "type":"string",
            "description":"A human-readable error string."
        }
    },
    "description":"Error Information."
}

409 Response

Conflict

Headers

opc-request-id: string

Unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.

Root Schema : Error

Type: object

Error Information.

Show Source

code(required): string

A short error code that defines the error, meant for programmatic parsing.
message(required): string

A human-readable error string.

{
    "required":[
        "code",
        "message"
    ],
    "properties":{
        "code":{
            "type":"string",
            "description":"A short error code that defines the error, meant for programmatic parsing."
        },
        "message":{
            "type":"string",
            "description":"A human-readable error string."
        }
    },
    "description":"Error Information."
}

429 Response

Too Many Requests

Headers

opc-request-id: string

Unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.

Root Schema : Error

Type: object

Error Information.

Show Source

code(required): string

A short error code that defines the error, meant for programmatic parsing.
message(required): string

A human-readable error string.

{
    "required":[
        "code",
        "message"
    ],
    "properties":{
        "code":{
            "type":"string",
            "description":"A short error code that defines the error, meant for programmatic parsing."
        },
        "message":{
            "type":"string",
            "description":"A human-readable error string."
        }
    },
    "description":"Error Information."
}

500 Response

Internal Server Error

Headers

opc-request-id: string

Unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.

Root Schema : Error

Type: object

Error Information.

Show Source

code(required): string

A short error code that defines the error, meant for programmatic parsing.
message(required): string

A human-readable error string.

{
    "required":[
        "code",
        "message"
    ],
    "properties":{
        "code":{
            "type":"string",
            "description":"A short error code that defines the error, meant for programmatic parsing."
        },
        "message":{
            "type":"string",
            "description":"A human-readable error string."
        }
    },
    "description":"Error Information."
}

Default Response

Unknown Error

Headers

opc-request-id: string

Unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.

Root Schema : Error

Type: object

Error Information.

Show Source

code(required): string

A short error code that defines the error, meant for programmatic parsing.
message(required): string

A human-readable error string.

{
    "required":[
        "code",
        "message"
    ],
    "properties":{
        "code":{
            "type":"string",
            "description":"A short error code that defines the error, meant for programmatic parsing."
        },
        "message":{
            "type":"string",
            "description":"A human-readable error string."
        }
    },
    "description":"Error Information."
}

Examples

The following example shows how to create an Identity Collection in Oracle Access Governance. Replace placeholder values with actual values before running the sample command. If no identities are included in an identity collection, then a new identity collection is created with the Failed status.

Note:

Generate Access Token using grant_type = password or Authorization code.

Before creating an identity collection, run List Identities - [GET] {BasePath}/identities for fetching the required data.

cURL Request Example - Only Named Identities

curl -i -X POST \
   -H "Authorization:Bearer <your-access-token>" \
   -H "Content-Type:application/json" \
   -d \
'{
  "name": "HR Operations Test Team",
  "description": "Human Resources Operations Department",
  "includedIdentities": [
    {
      "id": "globalId.OCI.f101xxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx.6axxxxxx",
      "name": "john.doe@example.com",
      "displayName": "John Doe"
    },
    {
      "id": "globalId.OCI.f101xxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx.17xxxxxx",
      "name": "emma.smith@example.com",
      "displayName": "Emma Smith"
    }
  ],
  "membershipRule": "",
  "excludedIdentities": [],
  "owners": [
    {
      "id": "globalId.OCI.f101xxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx.daxxxxxx",
      "name": "Sophia Johnson",
      "isPrimary": true
    }
  ],
  "tags": [
    "HR Operations"
  ],
  "displayName": "HR Operations Team",
  "isManagedAtOrchestratedSystem": false
}' \
 '<${service-instance-url}/access-governance/access-controls/${version}/identityCollections>'

Example Request Payload - Only Named Identities

{
  "name": "HR Operations Test Team",
  "description": "Human Resources Operations Department",
  "includedIdentities": [
    {
      "id": "globalId.OCI.f101xxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx.6axxxxxx",
      "name": "john.doe@example.com",
      "displayName": "John Doe"
    },
    {
      "id": "globalId.OCI.f101xxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx.17xxxxxx",
      "name": "emma.smith@example.com",
      "displayName": "Emma Smith"
    }
  ],
  "membershipRule": "",
  "excludedIdentities": [],
  "owners": [
    {
      "id": "globalId.OCI.f101xxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx.daxxxxxx",
      "name": "Sophia Johnson",
      "isPrimary": true
    }
  ],
  "tags": [
    "HR Operations"
  ],
  "displayName": "HR Operations Team",
  "isManagedAtOrchestratedSystem": false
}

Example of the Response Code

It may take a few seconds to create an identity collection. Do not try to abort the request.

You'll receive 200 OK response along with the following response body:

{
    "id": "58e7xxxx-46b9-4f8b-81ee-ed30xxxxxx",
    "name": "HR Operations Team",
    "description": "Human Resources Operations Department",
    "status": "ACTIVE",
    "orchestratedSystemId": null,
    "membershipRule": "",
    "parsedMembers": [],
    "parsedIdentityRule": null,
    "includedIdentities": [
        {
            "id": "globalId.OCI.f101xxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx.6axxxxxx",
            "name": "john.doe@example.com",
            "userLogin": "john.doe@example.com",
            "email": "john.doe@example.com",
            "manager": null,
            "organization": null,
            "isRuleBased": false,
            "jobCode": null,
            "location": null,
            "employeeType": null,
            "agOrganizations": null
        },
        {
            "id": "globalId.OCI.f101xxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx.17xxxxxx",
            "name": "emma.smith@example.com",
            "userLogin": "emma.smith@example.com",
            "email": "emma.smith@example.com",
            "manager": null,
            "organization": null,
            "isRuleBased": false,
            "jobCode": null,
            "location": null,
            "employeeType": null,
            "agOrganizations": null
        }
    ],
    "excludedIdentities": [],
    "ownershipCollectionId": "ff0bxxxx-78a2-4741-88c3-277xxxxx3d4b",
    "owners": [
        {
            "id": "globalId.OCI.f101xxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx.daxxxxxx",
            "name": "Sophia Johnson",
            "isPrimary": true
        }
    ],
    "createdBy": {
        "id": "clientId.AG-xxxxxx-cm-jun-28-xxxxx_APPID.AG-xxxxxx-cm-jun-28-xxxxx",
        "name": "clientId.AG-xxxxxx-cm-jun-28-xxxxx_APPID.AG-xxxxxx-cm-jun-28-xxxxx",
        "displayName": "System Generated"
    },
    "updatedBy": {
        "id": "clientId.AG-xxxxxx-cm-jun-28-xxxxx_APPID.AG-xxxxxx-cm-jun-28-xxxxx",
        "name": "clientId.AG-xxxxxx-cm-jun-28-xxxxx_APPID.AG-xxxxxx-cm-jun-28-xxxxx",
        "displayName": "System Generated"
    },
    "timeCreated": "2025-06-12T16:05:33.569Z",
    "timeUpdated": "2025-06-12T16:05:33.569Z",
    "identityGroupType": "HUMAN",
    "finalIdentities": null,
    "tags": ["HR Operations"],
    "customAttributes": null,
    "externalId": null,
    "displayName": "HR Operations Team",
    "isManagedAtOrchestratedSystem": false,
    "orchestratedSystemMetadataAttributes": []
}

Example Request Payload - Using Membership Rules

{
  "name": "Networking Group",
  "description": "Networking Team for Infrastructure",
  "includedIdentities": [],
  "membershipRule": "all { department EQ 0865 , agOrganizations.displayName EQ Network Administrators }",
  "excludedIdentities": [],
  "owners": [
    {
      "id": "globalId.OCI.f101xxxx-xxxx-xxxx-xxxx-xxxx3765xxxx.daxxxxxx",
      "name": "Ama Maclead",
      "isPrimary": true
    }
  ],
  "tags": [
    "Networking Infrastructure"
  ],
  "displayName": "Networking Team",
  "isManagedAtOrchestratedSystem": false
}

Example of the Response Code

It may take a few seconds to create a role. Do not try to abort the request.

You'll receive 200 OK response along with the following response body:

{
    "id": "1d8fxxxx-acee-45b1-a6ca-18b9xxxxx",
    "name": "Networking Team",
    "description": "Networking Team for Infrastructure",
    "status": "IN_PROGRESS",
    "orchestratedSystemId": null,
    "membershipRule": "all { department EQ 0865 , agOrganizations.displayName EQ Network Administrators }",
    "parsedMembers": null,
    "parsedIdentityRule": {
        "bindingOperator": "ALL",
        "parsedOn": "2549970323079902",
        "attributeConditions": [
            {
                "attrKey": {
                    "id": "department",
                    "name": "Department",
                    "displayName": "Department"
                },
                "operator": {
                    "id": "EQ",
                    "name": "EQ",
                    "displayName": "Equals"
                },
                "attrValue": "0865",
                "attrType": "string",
                "parentType": null,
                "parentId": null,
                "values": null
            },
            {
                "attrKey": {
                    "id": "agOrganizations.displayName",
                    "name": "Organization",
                    "displayName": "Organization"
                },
                "operator": {
                    "id": "EQ",
                    "name": "EQ",
                    "displayName": "Equals"
                },
                "attrValue": "Network Administrators",
                "attrType": "string",
                "parentType": null,
                "parentId": "agOrganizations",
                "values": null
            }
        ]
    },
    "includedIdentities": [],
    "excludedIdentities": [],
    "ownershipCollectionId": "6687xxxx-6db7-4dc4-bb6f-5ceaxxxxx",
    "owners": [
        {
            "id": "globalId.OCI.f101xxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx.daxxxxxx",
            "name": "Sophia Johnson",
            "isPrimary": true
        }
    ],
    "createdBy": {
        "id": "clientId.AG-xxxxxx-cm-jun-28-xxxxx_APPID.AG-xxxxxx-cm-jun-28-xxxxx",
        "name": "clientId.AG-xxxxxx-cm-jun-28-xxxxx_APPID.AG-xxxxxx-cm-jun-28-xxxxx",
        "displayName": "System Generated"
    },
    "updatedBy": {
        "id": "clientId.AG-xxxxxx-cm-jun-28-xxxxx_APPID.AG-xxxxxx-cm-jun-28-xxxxx",
        "name": "clientId.AG-xxxxxx-cm-jun-28-xxxxx_APPID.AG-xxxxxx-cm-jun-28-xxxxx",
        "displayName": "System Generated"
    },
    "timeCreated": "2025-06-13T08:40:44.592Z",
    "timeUpdated": "2025-06-13T08:40:44.592Z",
    "identityGroupType": "HUMAN",
    "finalIdentities": null,
    "tags": [
        "Networking Infrastructure"
    ],
    "customAttributes": null,
    "externalId": null,
    "displayName": "Networking Team",
    "isManagedAtOrchestratedSystem": false,
    "orchestratedSystemMetadataAttributes": []
}