.cb11w1 ul li, .cb11w1 ol li { line-height: 1.4em; color: #404040 } Overview IDCS (Identity Cloud Service) is Oracle's next-gen Identity solution built in the...
.cb11w1 ul li, .cb11w1 ol li { line-height: 1.4em; color: #404040 } Overview IDCS (Identity Cloud Service) is Oracle's next-gen Identity solution built in the cloud for the cloud. It is fully standards-compliant and implements various standards like SAML (Security Assertion Markup Language), OAuth, OIDC (OpenID Connect), etc. Those standards help customers integrate with other products implementing that same standard. One use case that I came across, a few times recently, is...
.cb11w1 ul li, .cb11w1 ol li { line-height: 1.4em; color: #404040 } Overview IDCS (Identity Cloud Service) is Oracle's next-gen Identity solution built in the cloud for the cloud. It is...
The OCI team just announced the ability for federated users to use the CLI. The TL;DR description of the feature is that users don't have to create a key pair...
The OCI team just announced the ability for federated users to use the CLI. The TL;DR description of the feature is that users don't have to create a key pair and upload it into OCI. Instead you can just run "oci session authenticate" and the CLI will open your browser and push you through a (much) simpler process that basically amounts to just logging in and clicking yes. If you use the CLI directly on your laptop this works swimmingly. But what if you want to run the CLI...
The OCI team just announced the ability for federated users to use the CLI. The TL;DR description of the feature is that users don't have to create a key pair and upload it into OCI. Instead you...
Introduction Oracle CASB Cloud Service is used for security monitoring the cloud footprint of SaaS, PaaS and IaaS components. CASB, when configured to monitor...
Introduction Oracle CASB Cloud Service is used for security monitoring the cloud footprint of SaaS, PaaS and IaaS components. CASB, when configured to monitor Oracle Cloud Infrastructure (OCI), can detect risk, anomalies and potential security violations. In OCI, the target of CASB monitoring is a compartment. Once an OCI compartment is configured in CASB, out-of-box baseline monitoring kicks in to find security anomalies. However, policies still need to be configured to...
Introduction Oracle CASB Cloud Service is used for security monitoring the cloud footprint of SaaS, PaaS and IaaS components. CASB, when configured to monitor Oracle Cloud Infrastructure (OCI), can...
Where is the simple "shake 'n' bake" / step by step guide to creating a 3-legged, Authorization Code flow OAuth client in IDCS? Right here. 1: From the...
Where is the simple "shake 'n' bake" / step by step guide to creating a 3-legged, Authorization Code flow OAuth client in IDCS? Right here. 1: From the Dashboard in IDCS click the + under Applications to create a new Application 2: Select Confidential Application because we're creating a 3-legged app 3: Fill in the first screen Only name is required, and if you aren't sure what the other fields mean that's all you should enter. 4: Configure the App IDCS supports basically all...
Where is the simple "shake 'n' bake" / step by step guide to creating a 3-legged, Authorization Code flow OAuth client in IDCS? Right here. 1: From the Dashboard in IDCS click the + under Applications...
Introduction Oracle IDCS (Identity Cloud Service) supports restricting access to applications based on the user IP address. Such applications can be the IDCS...
Introduction Oracle IDCS (Identity Cloud Service) supports restricting access to applications based on the user IP address. Such applications can be the IDCS Console or any application registered by customers in IDCS. At first sight, restricting access based on the user IP address may lead to the belief that IDCS can only blacklist a set of IP addresses. In other words, IDCS would only be able to block access from a set of well known IP addresses. That's far from the truth....
Introduction Oracle IDCS (Identity Cloud Service) supports restricting access to applications based on the user IP address. Such applications can be the IDCS Console or any application registered by...
For other A-Team articles by Richard, click here Introduction Customers may want to restrict access to their Oracle Cloud Services to a set of IP ranges, for...
For other A-Team articles by Richard, click here Introduction Customers may want to restrict access to their Oracle Cloud Services to a set of IP ranges, for instance to only allow connections coming from their corporate office. That type of restriction is not possible within Oracle Analytics Cloud itself, but it possible to set up using the Identity Cloud Service. This functionality requires the 'Foundation' level for Identity Cloud Service. For more information on the...
For other A-Team articles by Richard, click here Introduction Customers may want to restrict access to their Oracle Cloud Services to a set of IP ranges, for instance to only allow connections coming...
As businesses move to the cloud there is a high demand for securing/protecting their HTTP resources from unauthorized access. There are several approaches to...
As businesses move to the cloud there is a high demand for securing/protecting their HTTP resources from unauthorized access. There are several approaches to protecting these resources which include SAML for SOAP service, OAuth for REST services, HTTP basic for both, and sometimes home grown proprietary mechanisms. It may not be widely known yet, but all Oracle Integration Cloud (OIC) REST endpoints are OAuth protected and can be triggered from a client using OAuth 2.0...
As businesses move to the cloud there is a high demand for securing/protecting their HTTP resources from unauthorized access. There are several approaches to protecting these resources which include...
Introduction If you've been on the internet recently you've probably used OAuth and more specifically the "Authorization Code" grant type (or "AZ Code" if, like...
Introduction If you've been on the internet recently you've probably used OAuth and more specifically the "Authorization Code" grant type (or "AZ Code" if, like The Dude, you are into the whole brevity thing). For example if you've ever clicked a "Sign on with Facebook" button or used a Facebook app you've used OAuth's AZ Code grant type, which is sometimes called a "flow", to allow the site or app to get your identity from Facebook and possibly call Facebook back to get more...
Introduction If you've been on the internet recently you've probably used OAuth and more specifically the "Authorization Code" grant type (or "AZ Code" if, like The Dude, you are into the...
Introduction Nowadays OAuth is the method of choice to authorize access to Cloud resources for third-party systems. There are several ways how to define trust...
Introduction Nowadays OAuth is the method of choice to authorize access to Cloud resources for third-party systems. There are several ways how to define trust between systems and getting a valid access token. This blog talks about the most common ways for Oracle Fusion Cloud Applications (hereinafter referred to in this article as "Fusion Apps") to do that. Main Article There are many different OAuth flows, but all of them get you in the end an OAuth access token. The OAuth...
Introduction Nowadays OAuth is the method of choice to authorize access to Cloud resources for third-party systems. There are several ways how to define trust between systems and getting a valid...
