Identity Cloud managed object schema

Managed objects and their properties are defined in the default Identity Cloud managed object schema.

The default schema includes these types of managed objects:

Each managed object type contains properties for storing information about objects of that type. For example, the user object type has properties for storing usernames, passwords, email addresses, and so forth.

You can extend the default Identity Cloud managed object schema to meet your needs:

Add new managed object types. See Create and modify object types.
Specify default values for object properties. See Default Values.
Derive object property values from other object property values. See Virtual properties.
Validate property values. See Use policies to validate data.

To store custom data for users, you do not extend the default Identity Cloud managed object schema. Instead, use one of the generic extension attributes provided in the default user object schema. For a list of generic extension attributes, see the tables here.

The IDM admin UI depends on the presence of the default managed object types and the default properties nested within them. If you remove any of these schema elements, and you use the IDM admin UI to configure Identity Cloud, you must modify the IDM admin UI code accordingly. For example, if you remove the assignment object type from the managed object configuration, the UI will throw exceptions wherever it queries this schema element.