Oracle Identity Cloud Service (IDCS) – Oracle’s comprehensive Identity and Access Management platform for the cloud – was released recently. Populating identity data – such as user identities, groups and group memberships – is one of most important tasks that is typically needed initially and on an on-going basis in any identity management system.
IDCS provides multiple ways for uploading identity data. The purpose of this post is to provide a high-level survey of these options. Customers who are starting to use IDCS can use this information to select the mechanism(s) that is (are) best suited for their specific requirements and use-cases.
Please note that any particular method isn’t described in great detail in this article. The goal is to present all the available methods at once and in front of the readers for quick and handy reference. However, links (documentation, tutorials etc) where more information can be found are provided. Also, this post doesn’t describe the authentication and authorization needed for delegated administrators to be able to perform these operations against the IDCS platform. It is assumed that administrators performing these operations have taken necessary steps to gain appropriate privileges.
IDCS supports the following methods for loading identity data:
Bulk Identity Data Upload Using CSV Files
Delegated administrators can perform bulk import of identity data in the CSV format from IDCS Administration Console. CSV for importing user profiles should contain users’ attributes. Groups and user-group memberships can be imported by using a CSV file that contains groups’ attributes and a list of their members. Please refer to the following documentation links for more detailed information:
- Importing User Accounts – Also contains a tutorial on the subject as well as sample files to get started.
- Importing Groups – Please refer to the tutorial above and the sample files.
- Also See – Bulk Loading Data into IDCS and Bulk Loading Best Practices
Bulk Identity Data Upload Using REST APIs
Bulk REST end points can also be used to manage IDCS resources. Bulk end points can be used to mix different kinds of requests together. Please refer to REST API documentation for more information.
AD ID Bridge
Microsoft Active Directory (AD) is a popular identity data store used by enterprises. Customers interested in synchronizing their on-premise AD with IDCS can use IDCS Identity (ID) Bridge to perform initial and on-going (schedule based) automatic identity data synchronization. Please note that as of this writing this is a one-way synchronization – from AD to IDCS and it doesn’t synchronize user passwords. More information about IDCS ID Bridge is available at:
OIM Connector for IDCS
OIM Customers can use the OIM IDCS connector for bi-directional integration with IDCS. Identity information can be reconciled from IDCS into OIM. Identity information can also be managed in IDCS from OIM using OIM’s provisioning capabilities. Other use-cases like hybrid certification and reporting are also possible as a result of integration between OIM and IDCS. More information about IDCS and OIM integration could be found in the following tutorials and videos:
- IDCS – OIM Integration Tutorial
- Implementing Hybrid Identity Governance
- Implementing Hybrid Certification
- Implementing Hybrid Segregation of Duties (SoD)
- Implementing Hybrid Reporting
IDCS REST APIs
More IDCS documentation links:
IDCS Getting Started – http://docs.oracle.com/cloud/latest/identity-cloud/index.html
IDCS Video Tutorials – http://docs.oracle.com/cloud/latest/identity-cloud/identity-cloud-videos.htm
IDCS REST APIs – http://docs.oracle.com/cloud/latest/identity-cloud/IDCSA/index.html
All site content is the property of Oracle Corp. Redistribution not allowed without written permission