How to update a user's details through Identity Domains on Oracle Cloud CLI
Why Identity Domains
Identity Domains (identity-domains
) in OCI is an upgrade to IAM (iam
), which offers multiple identity domains and more specific change possibilities and conformity to the SCIM user provisioning protocol. Specific details like timezone can only be updated through identity-domains
and this post aims to show you how to do that.
Updating user details
As an example, here is the way to update your timezone of your user using the Identity Domains API to US Eastern time. No IAM policy needed:
oci identity-domains user patch --user-id <YOUR_USER_OCID> --operations '[{"op": "REPLACE","value": {"timezone": "America/New_York"}}]' --schemas '["urn:ietf:params:scim:api:messages:2.0:PatchOp"]' --endpoint <IDENTITY_DOMAIN_ENDPOINT_URL>
For example:
oci identity-domains user patch --user-id ocid1.user.oc1..aaaaaaaaaxxxxxxxxxxx --operations '[{"op": "REPLACE","value": {"timezone": "America/New_York"}}]' --schemas '["urn:ietf:params:scim:api:messages:2.0:PatchOp"]' --endpoint https://idcs-ive7a985hyeakc4wzhrtzvygn.identity.oraclecloud.com:443
Note: Changing your user timezone will have little impact on your view of the OCI tenancy. The vast majority of services will always use UTC as its displayed timezone and as of now, you cannot change that. Some services like Base DB Systems may allow you to use your local browser-detected timezone but that is not related to your user timezone.
How to find list of posible patch keys
OCI Identity Domains follows Section 3.5.2 of the draft-ietf-scim-api-19 RFC preprint³.
You can find the list of possible keys to update for --operations
by retrieving the info of your user using oci identity-domains user patch --user-id <USER_OCID> --endpoint <DOMAIN_ENDPOINT_URL>
. The same info is also outputted after you did your PATCH update operation, hence the similar screenshot:
Alternatively, the oci_identity_domains_user
Terraform resource page can also give you that list:
References
- OCI Python SDK for patch_me
- OCI Patch User Identity Domains API
- OCI Python SDK Identity Domains Operations Model
Safe harbor statement
The information provided on this channel/article/story is solely intended for informational purposes and cannot be used as a part of any contractual agreement. The content does not guarantee the delivery of any material, code, or functionality, and should not be the sole basis for making purchasing decisions. The postings on this site are my own and do not necessarily reflect the views or work of Oracle or Mythics, LLC.
This work is licensed under a Creative Commons Attribution 4.0 International License.
Top comments (0)