IP Address Whitelisting in Oracle Identity Cloud Service

Introduction Oracle IDCS (Identity Cloud Service) supports restricting access to applications based on the user IP address. Such applications can be the IDCS Console or any application registered by customers in IDCS. At first sight, restricting access based on the user IP address may lead to the belief that IDCS can only blacklist a set […]

Restricting Access to Oracle Analytics Cloud by IP Range

For other A-Team articles by Richard, click here Introduction Customers may want to restrict access to their Oracle Cloud Services to a set of IP ranges, for instance to only allow connections coming from their corporate office.  That type of restriction is not possible within Oracle Analytics Cloud itself, but it possible to set up using […]

Using 3rd-party security virtual appliances in OCI

OCI offers a very robust and high-performance network firewall that’s integrated into the very core of the Virtual Cloud Network (VCN).  For some customers, this is sufficient, while other customers need more from their cloud security than is provided natively with the OCI VCN.  Some environments need application-level inspection (such as URL filtering, malware inspection, […]

Restrict Root Compartment Access with Oracle Cloud Infrastructure Policies

The OCI Administrators group grants manage acess to all resources in all compartments including the root compartment.  So, any member of this group is considered a super user.  Is a normal practice to keep Administrators members to a small number of users and create additional groups/policies to restrict access to specific compartments. If there’s a […]

Identity cloud service : Mobile clients and PKCE support

Introduction OAuth 2.0 has become very popular within the mobile development community mainly because it is simple to implement and the tokens are fairly compact. There are various implementation patterns to choose from and it is very important to choose the right one to make sure that the solution is secure. In this blog post I want to describe how […]