Authenticating to OIM SCIM server using an OAM-generated SAML identity assertion

In a previous post previous post I provided a brief introduction to SCIM. In this post I’m going to dive right in and give an example of using the OIM SCIM services and securing them with OAM. Why would you want to use OIM SCIM services? There are many reasons, however I will focus on […]

Upgrading to OIM an overview

In this post I’m going to give an overview of the steps involved in upgrading to Oracle Identity Manager This is just a high-level overview, with pointers to the documentation you need to read to get the detailed steps. Classification of OIM environments For the purpose of OIM upgrade, environments can be classified as […]

What is SCIM?

SCIM is a standard protocol for accessing identity information (users, roles, etc), including querying, retrieval, create, update and delete. The latest version of SCIM, SCIM 2.0, has been defined in a series of RFCs: RFC 7642, RFC 7643 and RFC 7644. What does SCIM stand for? Originally it was an acronym for “Simplified Cloud Identity […]

OAM Federation Performing a loopback test with WS-Federation

In a previous post I gave steps for performing a loopback test with SAML. This is where we configure OAM Federation to talk to itself, to act as both IdP and SP. This is useful in development and test environments to confirm OAM Federation is working without requiring an external server to talk to at […]

OAM Federation Example Message Processing Plugin

SAML is an extensible protocol. Since it is based on XML, through the use of XML namespaces, custom elements and attributes can be inserted into the SAML messages at the appropriate places. Sometimes third party or custom SAML implementations will require particular custom elements or attributes to function. In this example, we will suppose an […]

OAM Federation Performing a Loopback Test

In this blog post I will share steps for performing a loopback test of OAM Federation In a loopback test, we configure OAM’s SP to point to OAM’s IdP. This enables you to confirm the basic functionality of OAM Federation without requiring any external partner server. I also find it useful in plugin development […]

OAM Federation: Identity Provider & Service Provider Management

In this blog post I want to clarify a point of initial confusion some people experience with OAM Federation If we go to the “Federation” tab of the OAM Console, we see: Now the two main objects you manage in your OAM Fed configuration are your IdP Partner definitions and your SP Partner definitions. […]

Avoiding LibOVD Connection Leaks When Using OPSS User and Role API

The OPSS User and Role API ( provides an application with access to identity data (users and roles), without the application having to know anything about the underlying identity store (such as LDAP connection details). For new development, we no longer recommend the use of the OPSS User and Role API – use the Identity […]

Oracle Unified Directory 11gR2 ( Installation Cheat-sheet

This is a cheat-sheet for installing Oracle Unified Directory (OUD) including the graphical administration tool (Oracle Directory Services Manager – ODSM). While the core of OUD does not require an application server such as WebLogic, ODSM does, so you need to install that too (unless you want to do all administration from the command line). All […]