App attributes

The edit attributes dialog displays all the chracteristics of a given attribute including its source, source field name, target such as header, and target field name.

Attributes are the core of Access Gateway application data.
Application attributes:

  • Are sourced from an Okta tenant or a data store.
  • Are associated with a specific protected application resource
  • May be added, edited, deleted, and tested from within Access Gateway Admin UI console.
  • Include a variety of content elements, such as data source (IDP, data store, static and more), origin name, target, target name, and more.

Application attributes are composed of the following elements:

Field Description
Send Attribute

Controls whether an attribute is present or not present within a header or cookie.

Attributes used for policy decisions are typically set to Don't Send.
Data Source The source of origin for the contents of the attribute. It can be any of several sources including IDP, various contexts, Data Stores, and others.

Field and Record Number or Value

Either Field and Record Number, or Value.

For static and secret attributes, the Value field represents a fixed value for the attribute.

For non-static fields, Field field is used as the source for the attribute.

Record Number is only present with non-static fields and represents which of a multi-value variable will be selected. Record Value can be one of the following:

  • n: Where n represents the specific record number in the input. Default value is 0.
  • #: return the total number of records in the input.
  • @: Concatenate all values, using colons (:) as separator.

    For example ":value1:value2:value3:"

Maximum length: 128 characters.

Type

Method for passing attributes. The type can be one of the following:

  • Header: Attribute is passed in a header.

  • Cookie: Attribute is passed in a cookie.

Name

Associated field in either the header or cookie.

Maximum length: 128 characters.

The Data Source field defines the source for the value of the attribute. The following data sources are available:

Data Source Description
IDP The value of the attribute is populated from the IDP field selected in the Value field. This is your Okta tenant.
Static The value of the attribute is fixed and defined in the Value field.
Secret The value of the attribute is a static protected value. It is used as a secret key by the application to trust the headers, which originate from Access Gateway.

OID

The value of the attribute comes from the OID data source. The OID data source is available in the Oracle E-Business Suite and other application types that provide LDAP support. You can use it to retrieve the Oracle GUID.
Auth Context The value of the attribute comes from the authentication context, which includes the remote address and session ID.
App Context The value of the attribute comes from the application context and includes fields, such as domain, cookie domain, and so on.