@pulumi/oci 0.11.0 → 0.12.0

package/identity/domainsAuthenticationFactorSetting.d.ts

@@ -0,0 +1,527 @@
+import * as pulumi from "@pulumi/pulumi";
+import * as inputs from "../types/input";
+import * as outputs from "../types/output";
+/**
+ * This resource provides the Authentication Factor Setting resource in Oracle Cloud Infrastructure Identity Domains service.
+ *
+ * Replace Authentication Factor Settings
+ *
+ * ## Import
+ *
+ * AuthenticationFactorSettings can be imported using the `id`, e.g.
+ *
+ * ```sh
+ *  $ pulumi import oci:Identity/domainsAuthenticationFactorSetting:DomainsAuthenticationFactorSetting test_authentication_factor_setting "idcsEndpoint/{idcsEndpoint}/authenticationFactorSettings/{authenticationFactorSettingId}"
+ * ```
+ */
+export declare class DomainsAuthenticationFactorSetting extends pulumi.CustomResource {
+    /**
+     * Get an existing DomainsAuthenticationFactorSetting resource's state with the given name, ID, and optional extra
+     * properties used to qualify the lookup.
+     *
+     * @param name The _unique_ name of the resulting resource.
+     * @param id The _unique_ provider ID of the resource to lookup.
+     * @param state Any extra arguments used during the lookup.
+     * @param opts Optional settings to control the behavior of the CustomResource.
+     */
+    static get(name: string, id: pulumi.Input<pulumi.ID>, state?: DomainsAuthenticationFactorSettingState, opts?: pulumi.CustomResourceOptions): DomainsAuthenticationFactorSetting;
+    /**
+     * Returns true if the given object is an instance of DomainsAuthenticationFactorSetting.  This is designed to work even
+     * when multiple copies of the Pulumi SDK have been loaded into the same process.
+     */
+    static isInstance(obj: any): obj is DomainsAuthenticationFactorSetting;
+    /**
+     * (Updatable) A multi-valued list of strings indicating the return type of attribute definition. The specified set of attributes can be fetched by the return type of the attribute. One or more values can be given together to fetch more than one group of attributes. If 'attributes' query parameter is also available, union of the two is fetched. Valid values - all, always, never, request, default. Values are case-insensitive.
+     */
+    readonly attributeSets: pulumi.Output<string[] | undefined>;
+    /**
+     * (Updatable) A comma-delimited string that specifies the names of resource attributes that should be returned in the response. By default, a response that contains resource attributes contains only attributes that are defined in the schema for that resource type as returned=always or returned=default. An attribute that is defined as returned=request is returned in a response only if the request specifies its name in the value of this query parameter. If a request specifies this query parameter, the response contains the attributes that this query parameter specifies, as well as any attribute that is defined as returned=always.
+     */
+    readonly attributes: pulumi.Output<string | undefined>;
+    /**
+     * ID of the resource
+     */
+    readonly authenticationFactorSettingId: pulumi.Output<string>;
+    /**
+     * (Updatable) The Authorization field value consists of credentials containing the authentication information of the user agent for the realm of the resource being requested.
+     */
+    readonly authorization: pulumi.Output<string | undefined>;
+    /**
+     * (Updatable) If true, indicates that email will not be enrolled as a MFA factor automatically if it a account recovery factor
+     */
+    readonly autoEnrollEmailFactorDisabled: pulumi.Output<boolean>;
+    /**
+     * (Updatable) If true, indicates that Bypass Code is enabled for authentication
+     */
+    readonly bypassCodeEnabled: pulumi.Output<boolean>;
+    /**
+     * (Updatable) Settings related to the bypass code, such as bypass code length, bypass code expiry, max active bypass codes, and so on
+     */
+    readonly bypassCodeSettings: pulumi.Output<outputs.Identity.DomainsAuthenticationFactorSettingBypassCodeSettings>;
+    /**
+     * (Updatable) Settings related to compliance, Personal Identification Number (PIN) policy, and so on
+     */
+    readonly clientAppSettings: pulumi.Output<outputs.Identity.DomainsAuthenticationFactorSettingClientAppSettings>;
+    /**
+     * (Updatable) Oracle Cloud Infrastructure Compartment Id (ocid) in which the resource lives.
+     */
+    readonly compartmentOcid: pulumi.Output<string>;
+    /**
+     * (Updatable) Compliance Policy that defines actions to be taken when a condition is violated
+     */
+    readonly compliancePolicies: pulumi.Output<outputs.Identity.DomainsAuthenticationFactorSettingCompliancePolicy[]>;
+    /**
+     * (Updatable) A boolean flag indicating this resource in the process of being deleted. Usually set to true when synchronous deletion of the resource would take too long.
+     */
+    readonly deleteInProgress: pulumi.Output<boolean>;
+    /**
+     * (Updatable) Oracle Cloud Infrastructure Domain Id (ocid) in which the resource lives.
+     */
+    readonly domainOcid: pulumi.Output<string>;
+    /**
+     * (Updatable) If true, indicates that the EMAIL channel is enabled for authentication
+     */
+    readonly emailEnabled: pulumi.Output<boolean>;
+    /**
+     * (Updatable) Settings related to Email Factor, such as enabled email magic link factor, custom url for Email Link
+     */
+    readonly emailSettings: pulumi.Output<outputs.Identity.DomainsAuthenticationFactorSettingEmailSettings>;
+    /**
+     * (Updatable) Settings that describe the set of restrictions that the system should apply to devices and trusted endpoints of a user
+     */
+    readonly endpointRestrictions: pulumi.Output<outputs.Identity.DomainsAuthenticationFactorSettingEndpointRestrictions>;
+    /**
+     * (Updatable) If true, indicates that the Fido Authenticator channels are enabled for authentication
+     */
+    readonly fidoAuthenticatorEnabled: pulumi.Output<boolean>;
+    /**
+     * (Updatable) If true, indicates that 'Show backup factor(s)' button will be hidden during authentication
+     */
+    readonly hideBackupFactorEnabled: pulumi.Output<boolean>;
+    /**
+     * (Updatable) The User or App who created the Resource
+     */
+    readonly idcsCreatedBies: pulumi.Output<outputs.Identity.DomainsAuthenticationFactorSettingIdcsCreatedBy[]>;
+    /**
+     * The basic endpoint for the identity domain
+     */
+    readonly idcsEndpoint: pulumi.Output<string>;
+    /**
+     * (Updatable) The User or App who modified the Resource
+     */
+    readonly idcsLastModifiedBies: pulumi.Output<outputs.Identity.DomainsAuthenticationFactorSettingIdcsLastModifiedBy[]>;
+    /**
+     * (Updatable) The release number when the resource was upgraded.
+     */
+    readonly idcsLastUpgradedInRelease: pulumi.Output<string>;
+    /**
+     * (Updatable) Each value of this attribute specifies an operation that only an internal client may perform on this particular resource.
+     */
+    readonly idcsPreventedOperations: pulumi.Output<string[]>;
+    /**
+     * (Updatable) Settings related to the use of a user's profile details from the identity store
+     */
+    readonly identityStoreSettings: pulumi.Output<outputs.Identity.DomainsAuthenticationFactorSettingIdentityStoreSettings>;
+    /**
+     * (Updatable) A complex attribute that contains resource metadata. All sub-attributes are OPTIONAL.
+     */
+    readonly metas: pulumi.Output<outputs.Identity.DomainsAuthenticationFactorSettingMeta[]>;
+    /**
+     * (Updatable) Specifies the category of people for whom Multi-Factor Authentication is enabled. This is a readOnly attribute which reflects the value of mfaEnabledCategory attribute in SsoSettings
+     */
+    readonly mfaEnabledCategory: pulumi.Output<string>;
+    /**
+     * (Updatable) Specifies if Multi-Factor Authentication enrollment is mandatory or optional for a user
+     */
+    readonly mfaEnrollmentType: pulumi.Output<string>;
+    /**
+     * (Updatable) Settings related to the Mobile App Notification channel, such as pull
+     */
+    readonly notificationSettings: pulumi.Output<outputs.Identity.DomainsAuthenticationFactorSettingNotificationSettings>;
+    /**
+     * (Updatable) Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.
+     */
+    readonly ocid: pulumi.Output<string>;
+    /**
+     * (Updatable) If true, indicates that the phone (PHONE_CALL) channel is enabled for authentication
+     */
+    readonly phoneCallEnabled: pulumi.Output<boolean>;
+    /**
+     * (Updatable) If true, indicates that the Mobile App Push Notification channel is enabled for authentication
+     */
+    readonly pushEnabled: pulumi.Output<boolean>;
+    /**
+     * (Updatable) An endpoint-specific schema version number to use in the Request. Allowed version values are Earliest Version or Latest Version as specified in each REST API endpoint description, or any sequential number inbetween. All schema attributes/body parameters are a part of version 1. After version 1, any attributes added or deprecated will be tagged with the version that they were added to or deprecated in. If no version is provided, the latest schema version is returned.
+     */
+    readonly resourceTypeSchemaVersion: pulumi.Output<string | undefined>;
+    /**
+     * (Updatable) REQUIRED. The schemas attribute is an array of Strings which allows introspection of the supported schema version for a SCIM representation as well any schema extensions supported by that representation. Each String value must be a unique URI. This specification defines URIs for User, Group, and a standard \"enterprise\" extension. All representations of SCIM schema MUST include a non-zero value array with value(s) of the URIs supported by that representation. Duplicate values MUST NOT be included. Value order is not specified and MUST not impact behavior.
+     */
+    readonly schemas: pulumi.Output<string[]>;
+    /**
+     * (Updatable) If true, indicates that Security Questions are enabled for authentication
+     */
+    readonly securityQuestionsEnabled: pulumi.Output<boolean>;
+    /**
+     * (Updatable) If true, indicates that the Short Message Service (SMS) channel is enabled for authentication
+     */
+    readonly smsEnabled: pulumi.Output<boolean>;
+    /**
+     * (Updatable) A list of tags on this resource.
+     */
+    readonly tags: pulumi.Output<outputs.Identity.DomainsAuthenticationFactorSettingTag[]>;
+    /**
+     * (Updatable) Oracle Cloud Infrastructure Tenant Id (ocid) in which the resource lives.
+     */
+    readonly tenancyOcid: pulumi.Output<string>;
+    /**
+     * (Updatable) Settings related to third-party factor
+     */
+    readonly thirdPartyFactor: pulumi.Output<outputs.Identity.DomainsAuthenticationFactorSettingThirdPartyFactor>;
+    /**
+     * (Updatable) If true, indicates that the Mobile App One Time Passcode channel is enabled for authentication
+     */
+    readonly totpEnabled: pulumi.Output<boolean>;
+    /**
+     * (Updatable) Settings related to Time-Based One-Time Passcodes (TOTP), such as hashing algo, totp time step, passcode length, and so on
+     */
+    readonly totpSettings: pulumi.Output<outputs.Identity.DomainsAuthenticationFactorSettingTotpSettings>;
+    /**
+     * (Updatable) This extension defines attributes used to manage Multi-Factor Authentication settings of fido authentication
+     */
+    readonly urnietfparamsscimschemasoracleidcsextensionfidoAuthenticationFactorSettings: pulumi.Output<outputs.Identity.DomainsAuthenticationFactorSettingUrnietfparamsscimschemasoracleidcsextensionfidoAuthenticationFactorSettings>;
+    /**
+     * (Updatable) This extension defines attributes used to manage Multi-Factor Authentication settings of third party provider
+     */
+    readonly urnietfparamsscimschemasoracleidcsextensionthirdPartyAuthenticationFactorSettings: pulumi.Output<outputs.Identity.DomainsAuthenticationFactorSettingUrnietfparamsscimschemasoracleidcsextensionthirdPartyAuthenticationFactorSettings>;
+    /**
+     * (Updatable) Factors for which enrollment should be blocked for End User
+     */
+    readonly userEnrollmentDisabledFactors: pulumi.Output<string[]>;
+    /**
+     * (Updatable) If true, indicates that the Yubico OTP is enabled for authentication
+     */
+    readonly yubicoOtpEnabled: pulumi.Output<boolean>;
+    /**
+     * Create a DomainsAuthenticationFactorSetting resource with the given unique name, arguments, and options.
+     *
+     * @param name The _unique_ name of the resource.
+     * @param args The arguments to use to populate this resource's properties.
+     * @param opts A bag of options that control this resource's behavior.
+     */
+    constructor(name: string, args: DomainsAuthenticationFactorSettingArgs, opts?: pulumi.CustomResourceOptions);
+}
+/**
+ * Input properties used for looking up and filtering DomainsAuthenticationFactorSetting resources.
+ */
+export interface DomainsAuthenticationFactorSettingState {
+    /**
+     * (Updatable) A multi-valued list of strings indicating the return type of attribute definition. The specified set of attributes can be fetched by the return type of the attribute. One or more values can be given together to fetch more than one group of attributes. If 'attributes' query parameter is also available, union of the two is fetched. Valid values - all, always, never, request, default. Values are case-insensitive.
+     */
+    attributeSets?: pulumi.Input<pulumi.Input<string>[]>;
+    /**
+     * (Updatable) A comma-delimited string that specifies the names of resource attributes that should be returned in the response. By default, a response that contains resource attributes contains only attributes that are defined in the schema for that resource type as returned=always or returned=default. An attribute that is defined as returned=request is returned in a response only if the request specifies its name in the value of this query parameter. If a request specifies this query parameter, the response contains the attributes that this query parameter specifies, as well as any attribute that is defined as returned=always.
+     */
+    attributes?: pulumi.Input<string>;
+    /**
+     * ID of the resource
+     */
+    authenticationFactorSettingId?: pulumi.Input<string>;
+    /**
+     * (Updatable) The Authorization field value consists of credentials containing the authentication information of the user agent for the realm of the resource being requested.
+     */
+    authorization?: pulumi.Input<string>;
+    /**
+     * (Updatable) If true, indicates that email will not be enrolled as a MFA factor automatically if it a account recovery factor
+     */
+    autoEnrollEmailFactorDisabled?: pulumi.Input<boolean>;
+    /**
+     * (Updatable) If true, indicates that Bypass Code is enabled for authentication
+     */
+    bypassCodeEnabled?: pulumi.Input<boolean>;
+    /**
+     * (Updatable) Settings related to the bypass code, such as bypass code length, bypass code expiry, max active bypass codes, and so on
+     */
+    bypassCodeSettings?: pulumi.Input<inputs.Identity.DomainsAuthenticationFactorSettingBypassCodeSettings>;
+    /**
+     * (Updatable) Settings related to compliance, Personal Identification Number (PIN) policy, and so on
+     */
+    clientAppSettings?: pulumi.Input<inputs.Identity.DomainsAuthenticationFactorSettingClientAppSettings>;
+    /**
+     * (Updatable) Oracle Cloud Infrastructure Compartment Id (ocid) in which the resource lives.
+     */
+    compartmentOcid?: pulumi.Input<string>;
+    /**
+     * (Updatable) Compliance Policy that defines actions to be taken when a condition is violated
+     */
+    compliancePolicies?: pulumi.Input<pulumi.Input<inputs.Identity.DomainsAuthenticationFactorSettingCompliancePolicy>[]>;
+    /**
+     * (Updatable) A boolean flag indicating this resource in the process of being deleted. Usually set to true when synchronous deletion of the resource would take too long.
+     */
+    deleteInProgress?: pulumi.Input<boolean>;
+    /**
+     * (Updatable) Oracle Cloud Infrastructure Domain Id (ocid) in which the resource lives.
+     */
+    domainOcid?: pulumi.Input<string>;
+    /**
+     * (Updatable) If true, indicates that the EMAIL channel is enabled for authentication
+     */
+    emailEnabled?: pulumi.Input<boolean>;
+    /**
+     * (Updatable) Settings related to Email Factor, such as enabled email magic link factor, custom url for Email Link
+     */
+    emailSettings?: pulumi.Input<inputs.Identity.DomainsAuthenticationFactorSettingEmailSettings>;
+    /**
+     * (Updatable) Settings that describe the set of restrictions that the system should apply to devices and trusted endpoints of a user
+     */
+    endpointRestrictions?: pulumi.Input<inputs.Identity.DomainsAuthenticationFactorSettingEndpointRestrictions>;
+    /**
+     * (Updatable) If true, indicates that the Fido Authenticator channels are enabled for authentication
+     */
+    fidoAuthenticatorEnabled?: pulumi.Input<boolean>;
+    /**
+     * (Updatable) If true, indicates that 'Show backup factor(s)' button will be hidden during authentication
+     */
+    hideBackupFactorEnabled?: pulumi.Input<boolean>;
+    /**
+     * (Updatable) The User or App who created the Resource
+     */
+    idcsCreatedBies?: pulumi.Input<pulumi.Input<inputs.Identity.DomainsAuthenticationFactorSettingIdcsCreatedBy>[]>;
+    /**
+     * The basic endpoint for the identity domain
+     */
+    idcsEndpoint?: pulumi.Input<string>;
+    /**
+     * (Updatable) The User or App who modified the Resource
+     */
+    idcsLastModifiedBies?: pulumi.Input<pulumi.Input<inputs.Identity.DomainsAuthenticationFactorSettingIdcsLastModifiedBy>[]>;
+    /**
+     * (Updatable) The release number when the resource was upgraded.
+     */
+    idcsLastUpgradedInRelease?: pulumi.Input<string>;
+    /**
+     * (Updatable) Each value of this attribute specifies an operation that only an internal client may perform on this particular resource.
+     */
+    idcsPreventedOperations?: pulumi.Input<pulumi.Input<string>[]>;
+    /**
+     * (Updatable) Settings related to the use of a user's profile details from the identity store
+     */
+    identityStoreSettings?: pulumi.Input<inputs.Identity.DomainsAuthenticationFactorSettingIdentityStoreSettings>;
+    /**
+     * (Updatable) A complex attribute that contains resource metadata. All sub-attributes are OPTIONAL.
+     */
+    metas?: pulumi.Input<pulumi.Input<inputs.Identity.DomainsAuthenticationFactorSettingMeta>[]>;
+    /**
+     * (Updatable) Specifies the category of people for whom Multi-Factor Authentication is enabled. This is a readOnly attribute which reflects the value of mfaEnabledCategory attribute in SsoSettings
+     */
+    mfaEnabledCategory?: pulumi.Input<string>;
+    /**
+     * (Updatable) Specifies if Multi-Factor Authentication enrollment is mandatory or optional for a user
+     */
+    mfaEnrollmentType?: pulumi.Input<string>;
+    /**
+     * (Updatable) Settings related to the Mobile App Notification channel, such as pull
+     */
+    notificationSettings?: pulumi.Input<inputs.Identity.DomainsAuthenticationFactorSettingNotificationSettings>;
+    /**
+     * (Updatable) Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.
+     */
+    ocid?: pulumi.Input<string>;
+    /**
+     * (Updatable) If true, indicates that the phone (PHONE_CALL) channel is enabled for authentication
+     */
+    phoneCallEnabled?: pulumi.Input<boolean>;
+    /**
+     * (Updatable) If true, indicates that the Mobile App Push Notification channel is enabled for authentication
+     */
+    pushEnabled?: pulumi.Input<boolean>;
+    /**
+     * (Updatable) An endpoint-specific schema version number to use in the Request. Allowed version values are Earliest Version or Latest Version as specified in each REST API endpoint description, or any sequential number inbetween. All schema attributes/body parameters are a part of version 1. After version 1, any attributes added or deprecated will be tagged with the version that they were added to or deprecated in. If no version is provided, the latest schema version is returned.
+     */
+    resourceTypeSchemaVersion?: pulumi.Input<string>;
+    /**
+     * (Updatable) REQUIRED. The schemas attribute is an array of Strings which allows introspection of the supported schema version for a SCIM representation as well any schema extensions supported by that representation. Each String value must be a unique URI. This specification defines URIs for User, Group, and a standard \"enterprise\" extension. All representations of SCIM schema MUST include a non-zero value array with value(s) of the URIs supported by that representation. Duplicate values MUST NOT be included. Value order is not specified and MUST not impact behavior.
+     */
+    schemas?: pulumi.Input<pulumi.Input<string>[]>;
+    /**
+     * (Updatable) If true, indicates that Security Questions are enabled for authentication
+     */
+    securityQuestionsEnabled?: pulumi.Input<boolean>;
+    /**
+     * (Updatable) If true, indicates that the Short Message Service (SMS) channel is enabled for authentication
+     */
+    smsEnabled?: pulumi.Input<boolean>;
+    /**
+     * (Updatable) A list of tags on this resource.
+     */
+    tags?: pulumi.Input<pulumi.Input<inputs.Identity.DomainsAuthenticationFactorSettingTag>[]>;
+    /**
+     * (Updatable) Oracle Cloud Infrastructure Tenant Id (ocid) in which the resource lives.
+     */
+    tenancyOcid?: pulumi.Input<string>;
+    /**
+     * (Updatable) Settings related to third-party factor
+     */
+    thirdPartyFactor?: pulumi.Input<inputs.Identity.DomainsAuthenticationFactorSettingThirdPartyFactor>;
+    /**
+     * (Updatable) If true, indicates that the Mobile App One Time Passcode channel is enabled for authentication
+     */
+    totpEnabled?: pulumi.Input<boolean>;
+    /**
+     * (Updatable) Settings related to Time-Based One-Time Passcodes (TOTP), such as hashing algo, totp time step, passcode length, and so on
+     */
+    totpSettings?: pulumi.Input<inputs.Identity.DomainsAuthenticationFactorSettingTotpSettings>;
+    /**
+     * (Updatable) This extension defines attributes used to manage Multi-Factor Authentication settings of fido authentication
+     */
+    urnietfparamsscimschemasoracleidcsextensionfidoAuthenticationFactorSettings?: pulumi.Input<inputs.Identity.DomainsAuthenticationFactorSettingUrnietfparamsscimschemasoracleidcsextensionfidoAuthenticationFactorSettings>;
+    /**
+     * (Updatable) This extension defines attributes used to manage Multi-Factor Authentication settings of third party provider
+     */
+    urnietfparamsscimschemasoracleidcsextensionthirdPartyAuthenticationFactorSettings?: pulumi.Input<inputs.Identity.DomainsAuthenticationFactorSettingUrnietfparamsscimschemasoracleidcsextensionthirdPartyAuthenticationFactorSettings>;
+    /**
+     * (Updatable) Factors for which enrollment should be blocked for End User
+     */
+    userEnrollmentDisabledFactors?: pulumi.Input<pulumi.Input<string>[]>;
+    /**
+     * (Updatable) If true, indicates that the Yubico OTP is enabled for authentication
+     */
+    yubicoOtpEnabled?: pulumi.Input<boolean>;
+}
+/**
+ * The set of arguments for constructing a DomainsAuthenticationFactorSetting resource.
+ */
+export interface DomainsAuthenticationFactorSettingArgs {
+    /**
+     * (Updatable) A multi-valued list of strings indicating the return type of attribute definition. The specified set of attributes can be fetched by the return type of the attribute. One or more values can be given together to fetch more than one group of attributes. If 'attributes' query parameter is also available, union of the two is fetched. Valid values - all, always, never, request, default. Values are case-insensitive.
+     */
+    attributeSets?: pulumi.Input<pulumi.Input<string>[]>;
+    /**
+     * (Updatable) A comma-delimited string that specifies the names of resource attributes that should be returned in the response. By default, a response that contains resource attributes contains only attributes that are defined in the schema for that resource type as returned=always or returned=default. An attribute that is defined as returned=request is returned in a response only if the request specifies its name in the value of this query parameter. If a request specifies this query parameter, the response contains the attributes that this query parameter specifies, as well as any attribute that is defined as returned=always.
+     */
+    attributes?: pulumi.Input<string>;
+    /**
+     * ID of the resource
+     */
+    authenticationFactorSettingId: pulumi.Input<string>;
+    /**
+     * (Updatable) The Authorization field value consists of credentials containing the authentication information of the user agent for the realm of the resource being requested.
+     */
+    authorization?: pulumi.Input<string>;
+    /**
+     * (Updatable) If true, indicates that email will not be enrolled as a MFA factor automatically if it a account recovery factor
+     */
+    autoEnrollEmailFactorDisabled?: pulumi.Input<boolean>;
+    /**
+     * (Updatable) If true, indicates that Bypass Code is enabled for authentication
+     */
+    bypassCodeEnabled: pulumi.Input<boolean>;
+    /**
+     * (Updatable) Settings related to the bypass code, such as bypass code length, bypass code expiry, max active bypass codes, and so on
+     */
+    bypassCodeSettings: pulumi.Input<inputs.Identity.DomainsAuthenticationFactorSettingBypassCodeSettings>;
+    /**
+     * (Updatable) Settings related to compliance, Personal Identification Number (PIN) policy, and so on
+     */
+    clientAppSettings: pulumi.Input<inputs.Identity.DomainsAuthenticationFactorSettingClientAppSettings>;
+    /**
+     * (Updatable) Compliance Policy that defines actions to be taken when a condition is violated
+     */
+    compliancePolicies: pulumi.Input<pulumi.Input<inputs.Identity.DomainsAuthenticationFactorSettingCompliancePolicy>[]>;
+    /**
+     * (Updatable) If true, indicates that the EMAIL channel is enabled for authentication
+     */
+    emailEnabled?: pulumi.Input<boolean>;
+    /**
+     * (Updatable) Settings related to Email Factor, such as enabled email magic link factor, custom url for Email Link
+     */
+    emailSettings?: pulumi.Input<inputs.Identity.DomainsAuthenticationFactorSettingEmailSettings>;
+    /**
+     * (Updatable) Settings that describe the set of restrictions that the system should apply to devices and trusted endpoints of a user
+     */
+    endpointRestrictions: pulumi.Input<inputs.Identity.DomainsAuthenticationFactorSettingEndpointRestrictions>;
+    /**
+     * (Updatable) If true, indicates that the Fido Authenticator channels are enabled for authentication
+     */
+    fidoAuthenticatorEnabled?: pulumi.Input<boolean>;
+    /**
+     * (Updatable) If true, indicates that 'Show backup factor(s)' button will be hidden during authentication
+     */
+    hideBackupFactorEnabled?: pulumi.Input<boolean>;
+    /**
+     * The basic endpoint for the identity domain
+     */
+    idcsEndpoint: pulumi.Input<string>;
+    /**
+     * (Updatable) Settings related to the use of a user's profile details from the identity store
+     */
+    identityStoreSettings?: pulumi.Input<inputs.Identity.DomainsAuthenticationFactorSettingIdentityStoreSettings>;
+    /**
+     * (Updatable) Specifies if Multi-Factor Authentication enrollment is mandatory or optional for a user
+     */
+    mfaEnrollmentType: pulumi.Input<string>;
+    /**
+     * (Updatable) Settings related to the Mobile App Notification channel, such as pull
+     */
+    notificationSettings: pulumi.Input<inputs.Identity.DomainsAuthenticationFactorSettingNotificationSettings>;
+    /**
+     * (Updatable) Unique Oracle Cloud Infrastructure identifier for the SCIM Resource.
+     */
+    ocid?: pulumi.Input<string>;
+    /**
+     * (Updatable) If true, indicates that the phone (PHONE_CALL) channel is enabled for authentication
+     */
+    phoneCallEnabled?: pulumi.Input<boolean>;
+    /**
+     * (Updatable) If true, indicates that the Mobile App Push Notification channel is enabled for authentication
+     */
+    pushEnabled: pulumi.Input<boolean>;
+    /**
+     * (Updatable) An endpoint-specific schema version number to use in the Request. Allowed version values are Earliest Version or Latest Version as specified in each REST API endpoint description, or any sequential number inbetween. All schema attributes/body parameters are a part of version 1. After version 1, any attributes added or deprecated will be tagged with the version that they were added to or deprecated in. If no version is provided, the latest schema version is returned.
+     */
+    resourceTypeSchemaVersion?: pulumi.Input<string>;
+    /**
+     * (Updatable) REQUIRED. The schemas attribute is an array of Strings which allows introspection of the supported schema version for a SCIM representation as well any schema extensions supported by that representation. Each String value must be a unique URI. This specification defines URIs for User, Group, and a standard \"enterprise\" extension. All representations of SCIM schema MUST include a non-zero value array with value(s) of the URIs supported by that representation. Duplicate values MUST NOT be included. Value order is not specified and MUST not impact behavior.
+     */
+    schemas: pulumi.Input<pulumi.Input<string>[]>;
+    /**
+     * (Updatable) If true, indicates that Security Questions are enabled for authentication
+     */
+    securityQuestionsEnabled: pulumi.Input<boolean>;
+    /**
+     * (Updatable) If true, indicates that the Short Message Service (SMS) channel is enabled for authentication
+     */
+    smsEnabled: pulumi.Input<boolean>;
+    /**
+     * (Updatable) A list of tags on this resource.
+     */
+    tags?: pulumi.Input<pulumi.Input<inputs.Identity.DomainsAuthenticationFactorSettingTag>[]>;
+    /**
+     * (Updatable) Settings related to third-party factor
+     */
+    thirdPartyFactor?: pulumi.Input<inputs.Identity.DomainsAuthenticationFactorSettingThirdPartyFactor>;
+    /**
+     * (Updatable) If true, indicates that the Mobile App One Time Passcode channel is enabled for authentication
+     */
+    totpEnabled: pulumi.Input<boolean>;
+    /**
+     * (Updatable) Settings related to Time-Based One-Time Passcodes (TOTP), such as hashing algo, totp time step, passcode length, and so on
+     */
+    totpSettings: pulumi.Input<inputs.Identity.DomainsAuthenticationFactorSettingTotpSettings>;
+    /**
+     * (Updatable) This extension defines attributes used to manage Multi-Factor Authentication settings of fido authentication
+     */
+    urnietfparamsscimschemasoracleidcsextensionfidoAuthenticationFactorSettings?: pulumi.Input<inputs.Identity.DomainsAuthenticationFactorSettingUrnietfparamsscimschemasoracleidcsextensionfidoAuthenticationFactorSettings>;
+    /**
+     * (Updatable) This extension defines attributes used to manage Multi-Factor Authentication settings of third party provider
+     */
+    urnietfparamsscimschemasoracleidcsextensionthirdPartyAuthenticationFactorSettings?: pulumi.Input<inputs.Identity.DomainsAuthenticationFactorSettingUrnietfparamsscimschemasoracleidcsextensionthirdPartyAuthenticationFactorSettings>;
+    /**
+     * (Updatable) Factors for which enrollment should be blocked for End User
+     */
+    userEnrollmentDisabledFactors?: pulumi.Input<pulumi.Input<string>[]>;
+    /**
+     * (Updatable) If true, indicates that the Yubico OTP is enabled for authentication
+     */
+    yubicoOtpEnabled?: pulumi.Input<boolean>;
+}