Creating a 3-legged OAuth Application in IDCS

Where is the simple “shake ‘n’ bake” / step by step guide to creating a 3-legged, Authorization Code flow OAuth client in IDCS? Right here. All content listed on this page is the property of Oracle Corp. Redistribution not allowed without written permission

IP Address Whitelisting in Oracle Identity Cloud Service

Introduction Oracle IDCS (Identity Cloud Service) supports restricting access to applications based on the user IP address. Such applications can be the IDCS Console or any application registered by customers in IDCS. At first sight, restricting access based on the user IP address may lead to the belief that IDCS can only blacklist a set […]

Implementing Data Level Security in Oracle Analytics Cloud using Identity Cloud Service

Introduction This post describes implementing Data Level Security in Oracle Analytics Cloud (OAC) using Identity Cloud (IDCS) groups. It focuses on what steps are needed. Links to relevant documentation are provided for details on how to perform the steps. One case for using IDCS satisfies a corporate requirement specifying that the assigning of users to […]

Restricting Access to Oracle Analytics Cloud by IP Range

For other A-Team articles by Richard, click here Introduction Customers may want to restrict access to their Oracle Cloud Services to a set of IP ranges, for instance to only allow connections coming from their corporate office.  That type of restriction is not possible within Oracle Analytics Cloud itself, but it possible to set up using […]

Using the IDCS’ OAuth Device Flow for Fun and Profit

Introduction If you’ve been on the internet recently you’ve probably used OAuth and more specifically the “Authorization Code” grant type (or “AZ Code” if, like The Dude, you are into the whole brevity thing). For example if you’ve ever clicked a “Sign on with Facebook” button or used a Facebook app you’ve used OAuth’s AZ […]

Mobile App Development with OAuth 2.0 and IDCS: A High Level Approach

Introduction IDCS is used by enterprises and organizations to allow secure access to their applications.  IDCS uses various open standards such as OAuth 2.0, SAML etc. to protect these applications.  One of the many features of IDCS is to facilitate client applications accessing backend (REST) APIs using OAuth 2.0 (https://tools.ietf.org/html/rfc6749).  Client applications come in different […]

Silently federate from your SAML IdP or OpenID Connect Provider to IDCS

Introduction As you may know IDCS can operate as both a SAML IdP and a SAML SP at the same time – a use case known as an IdP Proxy or IdP Chaining. This is useful in a bunch of situations, but the most common is when you want users to login to your on […]

Part 3: Automate Requests against Identity Cloud Service using Newman

Introduction In Part 1: Automate getting an Identity Cloud Service Access Token in Postman I covered using a Pre-request script to automate getting an Access Token from Identity Cloud Service in order to successfully be authorized to send REST API requests. Then in Part 2: Using Postman Runner with Identity Cloud Service I built on […]

Part 2: Using Postman Runner with Identity Cloud Service

Introduction In the last article, Part 1: Automate getting an Identity Cloud Service Access Token in Postman, I explained how using a Pre-request Script can automate getting an access token so when a request is sent to Identity Cloud Service it just works, a big time saver. In this article I am going build on […]

Part 1: Automate getting an Identity Cloud Service Access Token in Postman

Introduction If you have spent enough time working with web services you have probably heard of Postman. If not, then let me say it is a great tool to test REST APIs against Identity Cloud Service (IDCS) among other things. When using Postman with web services you quickly learn an OAuth2 Access Token is required […]

Oracle Identity Cloud Service: Long Lived OAuth Tokens

One of the responsibilities of Oracle Identity Cloud Service (IDCS) is to serve as an OAuth 2.0 Authorization Server. As an Authorization Server, IDCS issues access and refresh tokens to OAuth Clients. OAuth Clients use these tokens to access various resources on Resource Servers on-behalf of Resource Owners. OAuth Clients are things like web or […]

Under the hood: Oracle Identity Cloud Service Audits

Introduction Audit events enable organization administrators to review the actions performed by members of your organization using details provided by the Audit logs – who performed the action, performed it, and what the action was.  Before getting into the article I want to mention this blog was written by Abhishek Juneja, a Principal Product Manager of Identity & […]

Identity cloud service : Mobile clients and PKCE support

Introduction OAuth 2.0 has become very popular within the mobile development community mainly because it is simple to implement and the tokens are fairly compact. There are various implementation patterns to choose from and it is very important to choose the right one to make sure that the solution is secure. In this blog post I want to describe how […]

IDCS Integrations Series Part I: Integrating WebLogic Hosted Application with IDCS

Overview As you implement IDCS (Oracle IDentity Cloud Service) use cases, you would have started thinking, “how do you integration application X with IDCS?”, Specially the applications running on-premise or running somewhere other than Oracle public cloud. This blog talks about integration of weblogic hosted applications with IDCS running on-premise or running somewhere other than Oracle […]

Configuring SAML Federation between Oracle Identity Cloud Services and MS Azure AD

Introduction The intent of this post is describing the mechanics for configuring very basic SAML Federation between Oracle Identity Cloud Services (IDCS) and Microsoft Azure AD. The scenario in mind is having Azure AD as an Identity Provider to IDCS. The required configuration in Azure AD is essentially the same as presented in Paulo’s excellent post, where he describes […]

OIM Connector for Identity Cloud Service

The IDCS Connector is an OIM REST based connector for Oracle’s Identity Cloud Service (IDCS). In this blog post we will look at use case scenarios for hybrid cloud solutions, that span both the Oracle Public Cloud and an on-premise Oracle identity management deployment.This blog post aims to cover the most common scenarios from an […]

Multi-Factor Authentication with Oracle Identity Cloud Services – Part II

Introduction The Multi-Factor Authentication part I post described the initial MFA configuration, the enrollment process and second factor authentication with the Mobile Authenticator One-Time Password. In this second post, we will go over the other factors: security questions, notifications, text messages and bypass code – and the additional security constraints for MFA in general. All […]

Multi-Factor Authentication with Oracle Identity Cloud Services

Introduction Oracle Identity Cloud Service (IDCS) has just released version 17.2.2 in May/2017 and with it a cool new feature: Multi-Factor Authentication, or in short, MFA. MFA is a method of authentication that requires the user to present more than one piece of evidence – or factors: one-time pass codes, SMS, security questions, etc – […]

Loading Identity Data Into Oracle Identity Cloud Services: A Broad High-level Survey

Introduction Oracle Identity Cloud Services (IDCS) – Oracle’s comprehensive Identity and Access Management platform for the cloud – was released recently. Populating identity data – such as user identities, groups and group memberships – is one of most important tasks that is typically needed initially and on an on-going basis in any identity management system. […]