Comparing the SCIM REST and OIG REST APIs

The objective of this post is to show the differences and similarities of the two REST APIs offered by OIM – the SCIM REST API and the OIG REST API. OIM Java APIs have been available in OIM for many versions now (since OIM 9.x or earlier), although each successive version has added new Java […]

Secure Access to Oracle Identity Manager 11g R2 PS3 REST APIs

REST APIs for Oracle Identity Manager (OIM) 11g R2 PS3 were released recently. The availability of REST APIs enables a variety of newer integrations with the product in addition to already available mechanisms using Java APIs. In this article, we discuss various ways of accessing these REST APIs in a secure manner. Please note that […]

Authenticating to the OIG REST API from an OAM-protected web app

The objective of this post is to describe how a web app protected by an OAM WebGate can authenticate to the OIG REST APIs. In a previous blog post, I provided detailed steps to do the same thing for the SCIM REST APIs; now in this blog post I will explain how the same approach […]

Loading Identity Data Into Oracle IDCS: A Broad High-level Survey

Introduction Oracle Identity Cloud Service (IDCS) – Oracle’s comprehensive Identity and Access Management platform for the cloud – was released recently. Populating identity data – such as user identities, groups and group memberships – is one of most important tasks that is typically needed initially and on an on-going basis in any identity management system. […]

REST API for OIM 11gR2 PS3 is Available

Starting with Bundle Patch 11.1.2.3.161018 (Patch 24326201), Oracle Identity Gorvernance or OIM, adds a new REST API for self service requests.   The REST Service includes endpoints to invoke self service calls for tasks like Catalog, Requests, Certification, Users, Role, Organization and others.  Documentation and examples are available here. The REST Service has to be installed […]

Identity and Cloud Security A-Team at Oracle Open World

I just wanted to let everyone know that Kiran and I will be presenting with our good friend John Griffith from Regions Bank at Oracle Open World next week. Our session is Oracle Identity Management Production Readiness: Handling the Last Mile in Your Deployment [CON6972] It will take place on Wednesday, Sep 21, 1:30 p.m. […]

Authenticating to OIM SCIM server using an OAM-generated SAML identity assertion

In a previous post previous post I provided a brief introduction to SCIM. In this post I’m going to dive right in and give an example of using the OIM SCIM services and securing them with OAM. Why would you want to use OIM SCIM services? There are many reasons, however I will focus on […]

Upgrading to OIM 11.1.2.3: an overview

In this post I’m going to give an overview of the steps involved in upgrading to Oracle Identity Manager 11.1.2.3. This is just a high-level overview, with pointers to the documentation you need to read to get the detailed steps. Classification of OIM environments For the purpose of OIM upgrade, environments can be classified as […]

Configuring Oracle Public Cloud to Federate with Microsoft Azure Active Directory

Introduction Companies usually have some Identity and Access Management solution deployed on premises to manage users and roles to secure access to their corporate applications. As business move to the cloud, companies will, most likely, want to leverage the investment already made into such IAM solutions and integrate them with the new SaaS or PaaS applications that […]

OIM Access Policy Harvesting

OIM R2 PS2 delivers a long time expected functionality: access policy harvesting. This new feature adds more flexibility to OIM access policies usage. This is another post in the Oracle Identity Manager Academy from the Fusion Security Blog. for the entire post list click here. In order to understand what this new feature brings, let […]

Implementing a Custom Landing Page in OIM

Some of our OIM customers have a use-case of implementing a custom landing page. Such a landing page could be used for multiple purposes, for example – to display some static information like guidelines for using the system or dynamic information like system news, new features, releases etc. OIM 11gR2 PS2 provides a convenient way […]

Exposing User System Attributes in OIM 11gR2PS2 GUI Customization

Introduction Recently while working with a customer to help with an upgrade from OIM 11gR1 to 11gR2PS2, one interesting request came up regarding OIM GUI customization. The requirement was to expose some User System Attributes that in R1 were directly available in the GUI customization data but in R2 are not exposed in the GUI […]

Monitoring OIM R2 PS2 Orchestration

The OIM R2 PS2 (11.1.2.2.0) release provides a great new feature: monitoring of OIM orchestration processes through Enterprise Manager console. Such feature provides the capability of querying orchestration data to check orchestration processes details. For example, you can check what happened during a user modification operation, or you can get details of failed orchestration processes, such details can […]

Catalog Metadata Based Tagging

Introduction Many customers have expressed the requirement of filtering catalog searches based on Catalog Item’s Metadata (CIM) including User Defined Fields (UDFs) added to the Catalog’s schema. Whereas this functionality is not offered out of the box by OIM 11g, it can be achieved in a relatively easy manner via custom code and UI customizations. […]

Logging in OIM custom code

Proper logging is one of the main considerations during custom development. This is no different in OIM projects in which custom code is being developed and deployed to OIM. Proper logging is fundamental part of development, helping in finding issues, fixing them and also in reporting relevant runtime conditions. This post shows how to leverage […]

Presenting the new IDM Deployment Wizard

Introduction With the recent IDM 11gR2PS2 release Oracle has developed a new deployment tool that aims to automate and reduce the time required to install and configure Oracle Identity and Access Management Components. In this post we are going to present the benefits, supported topologies and components and key points to keep in mind to […]

How Oracle Identity Manager Uses MDS

Oracle Metadata Services (MDS) is an XML configuration store used by Oracle Identity Manager (OIM), as well as several other Oracle Middleware products. OIM first adopted MDS with the release of 11gR1. Prior to MDS, many Oracle Middleware products used  files on the filesystem as configuration stores, in various formats (XML, Java properties files, etc.). […]

OIM Clustering: Keeping separate environments separate

Oracle Identity Manager 11g incorporates several clustering technologies in order to ensure high-availability across its different components. Several of these technologies use multicast to discover other cluster nodes on the same subnet. For testing and development purposes, it is common to have multiple distinct OIM environments co-existing on the same subnet. In that scenario, it […]

OIM monitoring check-list

Introduction Systematic monitoring of OIM deployments helps to reduce risk of both technical and security related issues. It also can help to avoid performance degradation that can happen because of data growth over time. This post presents a set of topics about OIM and WebLogic monitoring, and it presents tools that can be used for […]

OIM ICF based connector filter error

Introduction Recently, I was helping a customer in an OIM project go live when we ran an “Active Directory User Target Recon Job” with an AD Connector (11.1.1.6) and a regular expression filter to select just a subset of users. Main Article To our surprise, every time we executed the job, we got a strange […]