Application management for a multi-tenant identity cloud service

What is claimed is: 1. A method of managing an application of a plurality of applications in a multi-tenant identity cloud service comprising a plurality of cloud service users, the method comprising: defining a plurality of facets for the application, each facet describing a behavior of the application; defining an application template for each type of application of the plurality of applications, each application template comprising metadata to generate default values for the respective application; and generating a user interface (UI) comprising functionality to configure all of the defined facets for the application, including a plurality of base common facets common to all of the plurality of applications, after selecting the type of application via the UI; the common facets comprising an identifier that identifies a System for Cross-domain Identity Management (SCIM) resource within the cloud service that represents the application, and a name that is used when the application acts as an OAuthClient in OAuth-protocol flows. 2. The method of claim 1 , wherein each facet comprise information that the application needs in order to perform a specific role when interacting with a runtime service of the multi-tenant identity cloud service. 3. The method of claim 1 , wherein the facets further comprising an unmanaged application facet that accepts one of the cloud service users as a login identity, or a managed application facet indicating that the application relies on its own identity repository, and a login target facet that allows the cloud service to log the cloud service users into the application automatically. 4. The method of claim 1 , wherein the facets comprise an OAuth Resource facet that allows an application to act as an OAuthResource in OAuth-protocol flows. 5. The method of claim 1 , wherein the facets comprise a LoginTarget facet that allows users to log into the application automatically. 6. The method of claim 1 , wherein the facets comprise a SamlServiceProvider facet that allows the application to act as a Service Provider in runtime flows of a Security Assertion Markup Language (SAML) protocol. 7. The method of claim 1 , wherein the UI provides functionality to allow a user to add at least one of a Security Assertion Markup Language (SAML) application, a mobile application or a trusted application. 8. A non-transitory computer readable medium having instructions stored thereon that, when executed by a processor, cause the processor to manage an application of a plurality of applications in a multi-tenant identity cloud service comprising a plurality of cloud service users, the manage comprising: defining a plurality of facets for the application, each facet describing a behavior of the application; defining an application template for each type of application of the plurality of applications, each application template comprising metadata to generate default values for the respective application; and generating a user interface (UI) comprising functionality to configure all of the defined facets for the application, including a plurality of base common facets common to all of the plurality of applications, after selecting the type of application via the UI; the common facets comprising an identifier that identifies a System for Cross-domain Identity Management (SCIM) resource within the cloud service that represents the application, and a name that is used when the application acts as an OAuthClient in OAuth-protocol flows. 9. The computer readable medium of claim 8 , wherein each facet comprise information that the application needs in order to perform a specific role when interacting with a runtime service of the multi-tenant identity cloud service. 10. The computer readable medium of claim 8 , wherein the facets further comprising an unmanaged application facet that accepts one of the cloud service users as a login identity, or a managed application facet indicating that the application relies on its own identity repository, and a login target facet that allows the cloud service to log the cloud service users into the application automatically. 11. The computer readable medium of claim 8 , wherein the facets comprise an OAuth Resource facet that allows an application to act as an OAuth Resource in OAuth-protocol flows. 12. The computer readable medium of claim 8 , wherein the facets comprise a LoginTarget facet that allows users to log into the application automatically. 13. The computer readable medium of claim 8 , wherein the facets comprise a SamlServiceProvider facet that allows the application to act as a ServiceProvider in runtime flows of a Security Assertion Markup Language (SAML) protocol. 14. The computer readable medium of claim 8 , wherein the UI provides functionality to allow a user to add at least one of a Security Assertion Markup Language (SAML) application, a mobile application or a trusted application. 15. A system for providing cloud based identity and access management, comprising: a plurality of tenants; a plurality of microservices; and one or more processors that manage an application of a plurality of applications in a multi-tenant identity cloud service comprising a plurality of cloud service users, the manage comprising: defining a plurality of facets for the application, each facet describing a behavior of the application; defining an application template for each type of application of the plurality of applications, each application template comprising metadata to generate default values for the respective application; and generating a user interface (UI) comprising functionality to configure all of the defined facets for the application, including a plurality of base common facets common to all of the plurality of applications, after selecting the type of application via the UI; the common facets comprising an identifier that identifies a System for Cross-domain Identity Management (SCIM) resource within the cloud service that represents the application, and a name that is used when the application acts as an OAuthClient in OAuth-protocol flows. 16. The system of claim 15 , wherein each facet comprise information that the application needs in order to perform a specific role when interacting with a runtime service of the multi-tenant identity cloud service. 17. The system of claim 15 , wherein the facets further comprising an unmanaged application facet that accepts one of the cloud service users as a login identity, or a managed application facet indicating that the application relies on its own identity repository, and a login target facet that allows the cloud service to log the cloud service users into the application automatically. 18. The system of claim 15 , wherein the facets comprise an OAuth Resource facet that allows an application to act as an OAuthResource in OAuth-protocol flows. 19. The system of claim 15 , wherein the facets comprise a LoginTarget facet that allows users to log into the application automatically. 20. The system of claim 15 , wherein the facets comprise a SamlServiceProvider facet that allows the application to act as a Service Provider in runtime flows of a Security Assertion Markup Language (SAML) protocol.