Multi-Factor Authentication with Oracle Identity Cloud Services – Part II

Introduction The Multi-Factor Authentication part I post described the initial MFA configuration, the enrollment process and second factor authentication with the Mobile Authenticator One-Time Password. In this second post, we will go over the other factors: security questions, notifications, text messages and bypass code – and the additional security constraints for MFA in general. All […]

Multi-Factor Authentication with Oracle Identity Cloud Services

Introduction Oracle Identity Cloud Service (IDCS) has just released version 17.2.2 in May/2017 and with it a cool new feature: Multi-Factor Authentication, or in short, MFA. MFA is a method of authentication that requires the user to present more than one piece of evidence – or factors: one-time pass codes, SMS, security questions, etc – […]

Invoking Oracle Identity Cloud Service REST API from PL/SQL

This post shows a way to make REST API calls to Oracle Identity Cloud Service from an Oracle Database using PL/SQL.  The idea is that a PL/SQL application can manage and search for user and group entities directly in Identity Cloud Service. In the sample code we’ll see how to obtain an access token from Identity Cloud […]

Identity Cloud Services and Weblogic Federation with Virtual Users and Groups

Introduction Federation is a well-known pattern and has been discussed at length on this blog. Almost every vendor or cloud provider out there supports Federation and it’s been around for quite some time now. In this blog post, I will talk about Federation again, but this time in combination with Weblogic’s Virtual Users and Groups. […]

Loading Data from Oracle Identity Cloud Service into Oracle BI Cloud Service using REST

Introduction This post details a method of extracting and loading data from Oracle Identity Cloud Service (IDCS) into the Oracle Business Intelligence Cloud Service (BICS). It builds upon the A-team post IDCS Audit Event REST API which details the REST API calls used. One use case for this method is for analyzing trends regarding audit events. […]

Loading Identity Data Into Oracle Identity Cloud Services: A Broad High-level Survey

Introduction Oracle Identity Cloud Services (IDCS) – Oracle’s comprehensive Identity and Access Management platform for the cloud – was released recently. Populating identity data – such as user identities, groups and group memberships – is one of most important tasks that is typically needed initially and on an on-going basis in any identity management system. […]

Identity Cloud Services Audit Event REST API

Introduction This article is to help expand on topics of integration with Oracle’s Cloud Identity Management service called Identity Cloud Services. Identity Cloud Services delivers core essentials around identity and access management through a multi-tenant Cloud platform. As part of the Identity Cloud Services framework, it collects audit events that capture all significant events, changes, […]

Identity Cloud Services OAuth 2.0 and REST API

Introduction This article is to help expand on topics of integration with Oracle’s Cloud Identity Management service called Identity Cloud Services. Identity Cloud Services delivers core essentials around identity and access management through a multi-tenant Cloud platform.  One of the more exciting features of IDCS is that you can interact with it using a REST […]

Identity Cloud Service: Configuring SAML

Introduction As we begin to deliver our Identity Cloud Service (IDCS) to the world(https://www.oracle.com/middleware/identity-management/index.html), we on the A-Team have been working to provide patterns and how-to posts to implement some of the common use cases we see in the field.  One of the more common use cases is integrating with third party Service Providers (SP) […]

Using OpenID Connect to delegate authentication to Oracle Identity Cloud Service

In this post, I will describe the process of using the Oracle Identity Cloud Service to provide authentication for a custom web application, using the OpenID Connect protocol. I will focus on the sequence of calls between the application and IDCS in order to focus on building an understanding of how OpenID Connect actually works. […]

Identity Cloud Services Audit Reports using Visual Analyzer

Introduction This article is to help expand on topics of integration with Oracle’s Cloud Identity Management service called Identity Cloud Services. Identity Cloud Services delivers core essentials around identity and access management through a multi-tenant Cloud platform.  As part of the Identity Cloud Services framework, audit events are captured for all significant events, changes, and […]

Identity and Cloud Security A-Team at Oracle Open World

I just wanted to let everyone know that Kiran and I will be presenting with our good friend John Griffith from Regions Bank at Oracle Open World next week. Our session is Oracle Identity Management Production Readiness: Handling the Last Mile in Your Deployment [CON6972] It will take place on Wednesday, Sep 21, 1:30 p.m. […]

Configuring HTTPS between Integration Cloud Service and Java Cloud Service

In a previous post, I discussed some general topics relating to the usage of HTTPS and certificates within Oracle Public Cloud. In this follow up piece, I will work through a concrete example and explain how to set up a Java Cloud Service instance in such a way that Integration Cloud Service can consume a […]

HTTPS and trust in Oracle Public Cloud

The shift to cloud computing offers a huge number of benefits, but also does introduce some potential risks; the most obvious of these is the need to enable integrations – and by implication, the need to transmit sensitive data – across public networks. Fortunately, we already have a pretty good set of standards and techniques […]

Integration Cloud Service (ICS) Security & Compliance

The attached white paper is the product of a joint A-Team effort that included Deepak Arora, Mike Muller, and Greg Mally.  Oracle Integration Cloud Service (ICS) runs within the Oracle Cloud where the architecture is designed to provide customers with a unified suite of Cloud Services with best-in-class performance, scalability, availability, and security. The Cloud […]

Transport Level Security (TLS) and Java

Know Which Versions of TLS are Supported in Recent Java Versions In the twenty-plus years of the Internet’s interaction with the Secure Sockets Layer (SSL) and Transport Level Security (TLS) protocols, there have been some rough patches.  Over the years, various vulnerabilities, some of them exposed in a laboratory setting and others discovered and exploited […]

Using VNC securely in the Oracle Cloud

Introduction Having access to a VM in the Cloud via VNC can be very useful in many situations – e.g. most customers want to install software using GUI based installer, e.g. Oracle Database etc. Using VNC the installation can continue, even without being connected. The easiest way to achieve this with a reliable and secure […]

Cloud Security: Federated SSO for Fusion-based SaaS

Introduction To get you easily started with Oracle Cloud offerings, they come with their own user management. You can create users, assign roles, change passwords, etc. However, real world enterprises already have existing Identity Management solutions and want to avoid to maintain the same information in many places. To avoid duplicate identities and the related […]

Integrating Oracle Document Cloud and Oracle Sales Cloud, maintaining data level business object security

Introduction When customers see the rich functionality available in Oracle Documents Cloud they often ask if they can use this functionality within their Oracle Fusion SaaS Applications to store, and share, documents. At first the integration appears to be quite straightforward, e.g. use the Documents Cloud Web API, embed an iFrame that points to the relevant opportunity id folder in […]

Configuring Oracle Public Cloud to Federate with Microsoft Azure Active Directory

Introduction Companies usually have some Identity and Access Management solution deployed on premises to manage users and roles to secure access to their corporate applications. As business move to the cloud, companies will, most likely, want to leverage the investment already made into such IAM solutions and integrate them with the new SaaS or PaaS applications that […]