Skip to content

Oracle Digital Assistant: AuthenticationProvider

Manage OCI Digital Assistant resources from Kubernetes. This page is generated from checked-in package metadata, CRD schemas, and sample manifests.

Resource Snapshot

Field Value
Service oda
Resource AuthenticationProvider
API Version oda.oracle.com/v1beta1
Package Oracle Digital Assistant
Support Status Preview
Latest Released Version v2.1.0-alpha
Install Namespace oci-service-operator-oda-system

Spec Fields

This summary shows the top-level spec fields. Use the full API reference for nested fields, defaults, and enum values.

Field Description Type Required
authorizationEndpointUrl The IDPs URL for the page that users authenticate with by entering the user name and password. string No
clientId The client ID for the IDP application (OAuth Client) that was registered as described in Identity Provider Registration. With Microsoft identity platform, use the application ID. string Yes
clientSecret The client secret for the IDP application (OAuth Client) that was registered as described in Identity Provider Registration. With Microsoft identity platform, use the application secret. string Yes
definedTags Usage of predefined tag keys. These predefined keys are scoped to namespaces. Example: {"foo-namespace": {"bar-key": "value"}} map[string, map[string, string]] No
freeformTags Simple key-value pair that is applied without any predefined name, type, or scope. Example: {"bar-key": "value"} map[string, string] No
grantType The grant type for the Authentication Provider. string Yes
identityProvider Which type of Identity Provider (IDP) you are using. string Yes
isVisible Whether this Authentication Provider is visible in the ODA UI. boolean No
name A name to identify the Authentication Provider. string Yes
redirectUrl The OAuth Redirect URL. string No
refreshTokenRetentionPeriodInDays The number of days to keep the refresh token in the Digital Assistant cache. integer No
revokeTokenEndpointUrl If you want to revoke all the refresh tokens and access tokens of the logged-in user from a dialog flow, then you need the IDP's revoke refresh token URL. If you provide this URL, then you can use the System.OAuth2ResetTokens component to revoke the user's tokens for this service. string No
scopes A space-separated list of the scopes that must be included when Digital Assistant requests an access token from the provider. Include all the scopes that are required to access the resources. If refresh tokens are enabled, include the scope that’s necessary to get the refresh token (typically offline_access). string Yes
shortAuthorizationCodeRequestUrl A shortened version of the authorization URL, which you can get from a URL shortener service (one that allows you to send query parameters). You might need this because the generated authorization-code-request URL could be too long for SMS and older smart phones. string No
subjectClaim The access-token profile claim to use to identify the user. string No
tokenEndpointUrl The IDPs URL for requesting access tokens. string Yes

Status Fields

This summary shows the top-level status fields. Use the full API reference for nested fields, defaults, and enum values.

Field Description Type Required
authorizationEndpointUrl The IDPs URL for the page that users authenticate with by entering the user name and password. string No
clientId The client ID for the IDP application (OAuth Client) that was registered as described in Identity Provider Registration. With Microsoft identity platform, use the application ID. string No
definedTags Usage of predefined tag keys. These predefined keys are scoped to namespaces. Example: {"foo-namespace": {"bar-key": "value"}} map[string, map[string, string]] No
freeformTags Simple key-value pair that is applied without any predefined name, type, or scope. Example: {"bar-key": "value"} map[string, string] No
grantType The grant type for the Authentication Provider. string No
id Unique immutable identifier that was assigned when the Authentication Provider was created. string No
identityProvider Which type of Identity Provider (IDP) you are using. string No
isVisible Whether this Authentication Provider is visible in the ODA UI. boolean No
lifecycleState The Authentication Provider's current state. string No
name A name to identify the Authentication Provider. string No
redirectUrl The OAuth Redirect URL. string No
refreshTokenRetentionPeriodInDays The number of days to keep the refresh token in the Digital Assistant cache. integer No
revokeTokenEndpointUrl If you want to revoke all the refresh tokens and access tokens of the logged-in user from a dialog flow, then you need the IDP's revoke refresh token URL. If you provide this URL, then you can use the System.OAuth2ResetTokens component to revoke the user's tokens for this service. string No
scopes A space-separated list of the scopes that must be included when Digital Assistant requests an access token from the provider. Include all the scopes that are required to access the resources. If refresh tokens are enabled, include the scope that’s necessary to get the refresh token (typically offline_access). string No
shortAuthorizationCodeRequestUrl A shortened version of the authorization URL, which you can get from a URL shortener service (one that allows you to send query parameters). You might need this because the generated authorization-code-request URL could be too long for SMS and older smart phones. string No
status - object Yes
subjectClaim The access-token profile claim to use to identify the user. string No
timeCreated When the resource was created. A date-time string as described in RFC 3339 (https://tools.ietf.org/rfc/rfc3339), section 14.29. string No
timeUpdated When the resource was last updated. A date-time string as described in RFC 3339 (https://tools.ietf.org/rfc/rfc3339), section 14.29. string No
tokenEndpointUrl The IDPs URL for requesting access tokens. string No

Sample Manifest

This example is generated from the checked-in sample manifest at config/samples/oda_v1beta1_authenticationprovider.yaml. Replace placeholder values before applying it.

Open the rendered sample page

#
# Copyright (c) 2021, Oracle and/or its affiliates. All rights reserved.
# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl.
#

apiVersion: oda.oracle.com/v1beta1
kind: AuthenticationProvider
metadata:
  name: authenticationprovider-sample
spec: {}