Integrating Okta as Identity Provider to IDCS

IDCS (IDentity Cloud Service) is Oracle’s next-gen Identity solution built in the cloud for the cloud. It is fully standards compliant and implements various standards like SAML (Security Assertion Markup Language), OAuth, OIDC (OpenID Connect), etc. Those standards help customers integrate with other products implementing those same standard. One use case that I came across, […]

Cloud Security: User Provisioning to Fusion Applications Cloud

Introduction The notion of a user is the most common reason for misunderstanding and confusion. When we mention a user, we often think of the person who is allowed to use an application. However, nearly every application has a different user structure implemented. The challenge is to find a common ground for these differing user […]

Mobile App Development with OAuth 2.0 and IDCS: A High Level Approach

Introduction IDCS is used by enterprises and organizations to allow secure access to their applications.  IDCS uses various open standards such as OAuth 2.0, SAML etc. to protect these applications.  One of the many features of IDCS is to facilitate client applications accessing backend (REST) APIs using OAuth 2.0 (https://tools.ietf.org/html/rfc6749).  Client applications come in different […]

IDCS Integrations Series Part II:Integrating Fusion Application with IDCS

Overview Last year at OOW, I conducted Hands On Lab on Fusion integration with IDCS. We had a full room of audience with loads of questions. That inspired me to write this blog. One of the most common requirements as Fusion is deployed in OPC is, how to centrally manage users and implement Single Sign-On […]

IDCS Integrations Series Part I: Integrating WebLogic Hosted Application with IDCS

Overview As you implement IDCS (Oracle IDentity Cloud Service) use cases, you would have started thinking, “how do you integration application X with IDCS?”, Specially the applications running on-premise or running somewhere other than Oracle public cloud. This blog talks about integration of weblogic hosted applications with IDCS running on-premise or running somewhere other than Oracle […]

Authenticating to the OIG REST API from an OAM-protected web app

The objective of this post is to describe how a web app protected by an OAM WebGate can authenticate to the OIG REST APIs. In a previous blog post, I provided detailed steps to do the same thing for the SCIM REST APIs; now in this blog post I will explain how the same approach […]

Cloud Security: Seamless Federated SSO for PaaS and Fusion-based SaaS

Introduction Oracle Fusion-based SaaS Cloud environments can be extended in many ways. While customization is the standard activity to setup a SaaS environment for your business needs, chances are that you want to extend your SaaS for more sophisticated use cases. In general this is not a problem and Oracle Cloud offers a great number […]

Integrating with Sales Cloud using SOAP web services and REST APIs (Part 3)

This is part 3 of the blog series that covers SOAP and REST integration with Sales Cloud. In part 1 and part 2, I covered SOAP services. In this part I’ll be covering Sales Cloud REST APIs Update Jan 2018: Please note that this blog was written in 2016 when R11 SaaS was available. Current version is […]

Authenticating to OIM SCIM server using an OAM-generated SAML identity assertion

In a previous post previous post I provided a brief introduction to SCIM. In this post I’m going to dive right in and give an example of using the OIM SCIM services and securing them with OAM. Why would you want to use OIM SCIM services? There are many reasons, however I will focus on […]

Cloud Security: Federated SSO for Fusion-based SaaS

Introduction To get you easily started with Oracle Cloud offerings, they come with their own user management. You can create users, assign roles, change passwords, etc. However, real world enterprises already have existing Identity Management solutions and want to avoid to maintain the same information in many places. To avoid duplicate identities and the related […]

OAM Federation 11.1.2.3: Example Message Processing Plugin

SAML is an extensible protocol. Since it is based on XML, through the use of XML namespaces, custom elements and attributes can be inserted into the SAML messages at the appropriate places. Sometimes third party or custom SAML implementations will require particular custom elements or attributes to function. In this example, we will suppose an […]

OAM Federation 11.1.2.3: Performing a Loopback Test

In this blog post I will share steps for performing a loopback test of OAM Federation 11.1.2.3. In a loopback test, we configure OAM’s SP to point to OAM’s IdP. This enables you to confirm the basic functionality of OAM Federation without requiring any external partner server. I also find it useful in plugin development […]

OAM Federation: Identity Provider & Service Provider Management

In this blog post I want to clarify a point of initial confusion some people experience with OAM Federation 11.1.2.3. If we go to the “Federation” tab of the OAM Console, we see: Now the two main objects you manage in your OAM Fed configuration are your IdP Partner definitions and your SP Partner definitions. […]

Extending Oracle Sales Cloud using Oracle Java Cloud Service

Oracle Sales Cloud comes with tools such as Application Composer and Page Composer that allow you to customize and extend the application to suit your business needs. These tools can be used to add new UI elements, add validations, enrich the Sales Cloud data model, and to create interfaces with external applications. Additionally, Application composer […]

Integrating with Sales Cloud using SOAP web services and REST APIs (Part 2)

This is part 2 of the blog series that covers SOAP and REST integration with Sales Cloud In part 1, I covered the topic of invoking Sales Cloud SOAP web services from external applications. In this part, I will cover the topic of invoking external SOAP services from Sales Cloud.   2. Invoking external SOAP Web Services from Sales Cloud Sales Cloud Application […]

Five Minutes or less: OpenID

Most of the technical people I work with know what SAML is and how it works and how the federation protocols for SAML work (SP initiated, IdP initiated, Browser Artifact, Browser POST). OpenID is much less well known. So here’s what you need to know a…

SAML is good, but it’s no replacement for WAM

My recent posts about SAML got me thinking about a couple of common misconceptions I see from customers surrounding the technology.The first and most important misconception is articulated by this quote:”there is no SAML Fairy”- Brian EidelmanIn other …