You're almost there! Please answer a few more questions for access to the Applications content. Complete registration
Interested in joining? Complete your registration by providing Areas of Interest here. Register

Make sure read policy does not allow to regenerate oauth token

in Idea Lab – Core Infrastructure

Organization Name (Required - If you are an Oracle Partner, please provide the organization you are logging the idea on behalf of): Gemeente Rotterdam

Description (Required):

Currently if you add a policy

Edit Policy Statements

Row header

ALLOW GROUP {group} to read all-resources IN TENANCY

This group is also allowed to view Integrated Applications. They cannot see the secret, but they can regenerate the secret! Apparently this is intended, although I cannot find this in the documentation.

I suggest that read does not allow to update/create a new secret.

Use Case and Business Need (Required):

Security by design

Enhancement Request / Service Request:

1
Up Down
1 votes

Submitted · Last Updated

Howdy, Stranger!

Log In

To view full details, sign in.

Register

Don't have an account? Click here to get started!