Application Attributes

The Attributes API allows you to retrieve and manage attributes of your applications.

List all attributes

Lists all attributes for a specific application in Access Gateway

Request
path Parameters
applicationId
required
string <uuid>

Identifier of the application

Responses
200

Success

400

Bad Request

401

Unauthorized

403

Forbidden

429

Too Many Requests

get/api/v2/apps/{applicationId}/attributes
Request samples 
Response samples 
application/json
[
  • {
    • "id": "9c471061-8981-43c5-a7bc-deef2150a5a2",
    • "active": true,
    • "name": "sampleheader",
    • "source": "IDP",
    • "value": "firstName",
    • "type": "HEADER"
    }
]
Create an attribute
Creates an attribute for an application in Access Gateway


Request 
path Parameters
applicationId
required
string <uuid> 
Identifier of the application


 
Request Body schema: application/json
required
name
required
string  <= 128 characters 
The name of the attribute


 
source
required
string
The data source for the contents of the attribute


 Enum: Description
IDP
Selecting this data source means that the value that's based on this attribute is sourced from the IdP, your Okta tenant


STATIC
Selecting this data source means that the value of the attribute is fixed and defined by the value property


SECRET
Selecting this data source means that the value of the attribute is a static protected value. It's used as a secret key by the application to trust the headers, which originate from Access Gateway.


APP_CONTEXT
Selecting this data source means that the value of the attribute is based on the application context. This means that the value is dynamically generated based on the application settings.


AUTH_CONTEXT
Selecting this data source means that the value of the attribute comes from the authentication context, which includes the remote address and session ID


OID
Selecting this data source means that the value of the attribute comes from the object identifier (OID) data source. The OID data source is available in the Oracle E-Business Suite and other application types that provide LDAP support. You can use it to retrieve the Oracle GUID.


 
value
required
string
The dynamic value of the attribute that's based on the source


 
type
required
string
The method that's used to pass attributes. You can pass attributes in a header or in a cookie.


 Enum: "HEADER" "COOKIE"  
active
boolean
 Default:  true
Indicates whether to send the attribute to a protected resource. If set to true, the attribute is sent.


 
delimiter
string
 Default:  ":"
The delimiter to use when multiValueProcessor is set to SELECT_ALL. This delimiter is used to concatenate multiple values into a single string.


 
index
integer  [ 0 .. 99 ] 
 Default:  0
The index of the value that's used when multiValueProcessor is set to SELECT_INDEX


The index is zero-based, so the first value has an index of 0, the second value has an index of 1, and so on.


 
multiValueProcessor
string
 Default:  "SELECT_INDEX"
Use this property to process attributes with multiple values that are returned from the source


If the value that's received from the source contains multiple values separated by , (commas), you can use this property to specify which value to send to the protected resource.


 Enum: Description
SELECT_INDEX
This option allows you to select a specific value from a multi-valued attribute based on its index. The index must be specified in the index property.


SELECT_ALL
This option concatenates all values of a multi-valued attribute into a single string, separated by a specified delimiter. The delimiter must be defined in the delimiter property.


RECORD_COUNT
This option returns the count of values in a multi-valued attribute. It provides the total number of records present in the attribute.


 
Responses 
200
Attribute created successfully


400
Bad Request


401
Unauthorized


403
Forbidden


429
Too Many Requests


post/api/v2/apps/{applicationId}/attributes
Request samples 
application/json
{
  • "name": "sampleheader",
  • "source": "IDP",
  • "value": "firstName",
  • "type": "HEADER"
}
Response samples 
application/json
{
  • "id": "9c471061-8981-43c5-a7bc-deef2150a5a2",
  • "active": true,
  • "name": "sampleheader",
  • "source": "IDP",
  • "value": "firstName",
  • "type": "HEADER"
}
Retrieve an attribute
Retrieves details of a specific attribute for an application by applicationId and attributeId


Request 
path Parameters
applicationId
required
string <uuid> 
Identifier of the application


 
attributeId
required
string <uuid> 
Identifier of the attribute


 
Responses 
200
Success


400
Bad Request


401
Unauthorized


403
Forbidden


404
Not Found


429
Too Many Requests


get/api/v2/apps/{applicationId}/attributes/{attributeId}
Request samples 
Response samples 
application/json
{
  • "id": "9c471061-8981-43c5-a7bc-deef2150a5a2",
  • "active": true,
  • "name": "sampleheader",
  • "source": "IDP",
  • "value": "firstName",
  • "type": "HEADER"
}
Replace an attribute
Replaces an existing attribute configuration for an application


Request 
path Parameters
applicationId
required
string <uuid> 
Identifier of the application


 
attributeId
required
string <uuid> 
Identifier of the attribute


 
Request Body schema: application/json
required
active
boolean
 Default:  true
Indicates whether to send the attribute to a protected resource. If set to true, the attribute is sent.


 
delimiter
string
 Default:  ":"
The delimiter to use when multiValueProcessor is set to SELECT_ALL. This delimiter is used to concatenate multiple values into a single string.


 
index
integer  [ 0 .. 99 ] 
 Default:  0
The index of the value that's used when multiValueProcessor is set to SELECT_INDEX


The index is zero-based, so the first value has an index of 0, the second value has an index of 1, and so on.


 
multiValueProcessor
string
 Default:  "SELECT_INDEX"
Use this property to process attributes with multiple values that are returned from the source


If the value that's received from the source contains multiple values separated by , (commas), you can use this property to specify which value to send to the protected resource.


 Enum: Description
SELECT_INDEX
This option allows you to select a specific value from a multi-valued attribute based on its index. The index must be specified in the index property.


SELECT_ALL
This option concatenates all values of a multi-valued attribute into a single string, separated by a specified delimiter. The delimiter must be defined in the delimiter property.


RECORD_COUNT
This option returns the count of values in a multi-valued attribute. It provides the total number of records present in the attribute.


 
name
string  <= 128 characters 
The name of the attribute


 
source
string
The data source for the contents of the attribute


 Enum: Description
IDP
Selecting this data source means that the value that's based on this attribute is sourced from the IdP, your Okta tenant


STATIC
Selecting this data source means that the value of the attribute is fixed and defined by the value property


SECRET
Selecting this data source means that the value of the attribute is a static protected value. It's used as a secret key by the application to trust the headers, which originate from Access Gateway.


APP_CONTEXT
Selecting this data source means that the value of the attribute is based on the application context. This means that the value is dynamically generated based on the application settings.


AUTH_CONTEXT
Selecting this data source means that the value of the attribute comes from the authentication context, which includes the remote address and session ID


OID
Selecting this data source means that the value of the attribute comes from the object identifier (OID) data source. The OID data source is available in the Oracle E-Business Suite and other application types that provide LDAP support. You can use it to retrieve the Oracle GUID.


 
type
string
The method that's used to pass attributes. You can pass attributes in a header or in a cookie.


 Enum: "HEADER" "COOKIE"  
value
string
The dynamic value of the attribute that's based on the source


 
Responses 
200
Attribute updated successfully


400
Bad Request


401
Unauthorized


403
Forbidden


404
Not Found


429
Too Many Requests


put/api/v2/apps/{applicationId}/attributes/{attributeId}
Request samples 
application/json
{
  • "name": "sampleheader",
  • "source": "IDP",
  • "value": "firstName",
  • "type": "HEADER"
}
Response samples 
application/json
{
  • "id": "9c471061-8981-43c5-a7bc-deef2150a5a2",
  • "active": true,
  • "name": "sampleheader",
  • "source": "IDP",
  • "value": "firstName",
  • "type": "HEADER"
}
Delete an attribute
Deletes an attribute for an application by applicationId and attributeId


Request 
path Parameters
applicationId
required
string <uuid> 
Identifier of the application


 
attributeId
required
string <uuid> 
Identifier of the attribute


 
Responses 
204
Attribute deleted successfully


400
Bad Request


401
Unauthorized


403
Forbidden


404
Not Found


429
Too Many Requests


delete/api/v2/apps/{applicationId}/attributes/{attributeId}
Request samples 
Response samples 
application/json
{
  • "details": { },
  • "errorCode": "BAD_REQUEST",
  • "message": "Request validation failed"
}