You're almost there! Please answer a few more questions for access to the Applications content. Complete registration
Interested in joining? Complete your registration by providing Areas of Interest here. Register
Skip to content
  • Register

    • Make sure read policy does not allow to regenerate oauth token

    in Idea Lab – Core Infrastructure

    Organization Name (Required - If you are an Oracle Partner, please provide the organization you are logging the idea on behalf of): Gemeente Rotterdam

    Description (Required):

    Currently if you add a policy

    Edit Policy Statements

    Row header

    ALLOW GROUP {group} to read all-resources IN TENANCY

    This group is also allowed to view Integrated Applications. They cannot see the secret, but they can regenerate the secret! Apparently this is intended, although I cannot find this in the documentation.

    I suggest that read does not allow to update/create a new secret.

    Use Case and Business Need (Required):

    Security by design

    Enhancement Request / Service Request:

    1
    Up Down
    1 votes

    Submitted · Last Updated

    Howdy, Stranger!

    Log In

    To view full details, sign in.

    Register

    Don't have an account? Click here to get started!