.cb11w1 ul li, .cb11w1 ol li { line-height: 1.4em; color: #404040 } Overview IDCS (Identity Cloud Service) is Oracle's next-gen Identity solution built in the...
.cb11w1 ul li, .cb11w1 ol li { line-height: 1.4em; color: #404040 } Overview IDCS (Identity Cloud Service) is Oracle's next-gen Identity solution built in the cloud for the cloud. It is fully standards-compliant and implements various standards like SAML (Security Assertion Markup Language), OAuth, OIDC (OpenID Connect), etc. Those standards help customers integrate with other products implementing that same standard. One use case that I came across, a few times recently, is...
.cb11w1 ul li, .cb11w1 ol li { line-height: 1.4em; color: #404040 } Overview IDCS (Identity Cloud Service) is Oracle's next-gen Identity solution built in the cloud for the cloud. It is...
The OCI team just announced the ability for federated users to use the CLI. The TL;DR description of the feature is that users don't have to create a key pair...
The OCI team just announced the ability for federated users to use the CLI. The TL;DR description of the feature is that users don't have to create a key pair and upload it into OCI. Instead you can just run "oci session authenticate" and the CLI will open your browser and push you through a (much) simpler process that basically amounts to just logging in and clicking yes. If you use the CLI directly on your laptop this works swimmingly. But what if you want to run the CLI...
The OCI team just announced the ability for federated users to use the CLI. The TL;DR description of the feature is that users don't have to create a key pair and upload it into OCI. Instead you...
Introduction Oracle CASB Cloud Service is used for security monitoring the cloud footprint of SaaS, PaaS and IaaS components. CASB, when configured to monitor...
Introduction Oracle CASB Cloud Service is used for security monitoring the cloud footprint of SaaS, PaaS and IaaS components. CASB, when configured to monitor Oracle Cloud Infrastructure (OCI), can detect risk, anomalies and potential security violations. In OCI, the target of CASB monitoring is a compartment. Once an OCI compartment is configured in CASB, out-of-box baseline monitoring kicks in to find security anomalies. However, policies still need to be configured to...
Introduction Oracle CASB Cloud Service is used for security monitoring the cloud footprint of SaaS, PaaS and IaaS components. CASB, when configured to monitor Oracle Cloud Infrastructure (OCI), can...
Where is the simple "shake 'n' bake" / step by step guide to creating a 3-legged, Authorization Code flow OAuth client in IDCS? Right here. 1: From the...
Where is the simple "shake 'n' bake" / step by step guide to creating a 3-legged, Authorization Code flow OAuth client in IDCS? Right here. 1: From the Dashboard in IDCS click the + under Applications to create a new Application 2: Select Confidential Application because we're creating a 3-legged app 3: Fill in the first screen Only name is required, and if you aren't sure what the other fields mean that's all you should enter. 4: Configure the App IDCS supports basically all...
Where is the simple "shake 'n' bake" / step by step guide to creating a 3-legged, Authorization Code flow OAuth client in IDCS? Right here. 1: From the Dashboard in IDCS click the + under Applications...
Introduction Oracle IDCS (Identity Cloud Service) supports restricting access to applications based on the user IP address. Such applications can be the IDCS...
Introduction Oracle IDCS (Identity Cloud Service) supports restricting access to applications based on the user IP address. Such applications can be the IDCS Console or any application registered by customers in IDCS. At first sight, restricting access based on the user IP address may lead to the belief that IDCS can only blacklist a set of IP addresses. In other words, IDCS would only be able to block access from a set of well known IP addresses. That's far from the truth....
Introduction Oracle IDCS (Identity Cloud Service) supports restricting access to applications based on the user IP address. Such applications can be the IDCS Console or any application registered by...
For other A-Team articles by Richard, click here Introduction Customers may want to restrict access to their Oracle Cloud Services to a set of IP ranges, for...
For other A-Team articles by Richard, click here Introduction Customers may want to restrict access to their Oracle Cloud Services to a set of IP ranges, for instance to only allow connections coming from their corporate office. That type of restriction is not possible within Oracle Analytics Cloud itself, but it possible to set up using the Identity Cloud Service. This functionality requires the 'Foundation' level for Identity Cloud Service. For more information on the...
For other A-Team articles by Richard, click here Introduction Customers may want to restrict access to their Oracle Cloud Services to a set of IP ranges, for instance to only allow connections coming...
As businesses move to the cloud there is a high demand for securing/protecting their HTTP resources from unauthorized access. There are several approaches to...
As businesses move to the cloud there is a high demand for securing/protecting their HTTP resources from unauthorized access. There are several approaches to protecting these resources which include SAML for SOAP service, OAuth for REST services, HTTP basic for both, and sometimes home grown proprietary mechanisms. It may not be widely known yet, but all Oracle Integration Cloud (OIC) REST endpoints are OAuth protected and can be triggered from a client using OAuth 2.0...
As businesses move to the cloud there is a high demand for securing/protecting their HTTP resources from unauthorized access. There are several approaches to protecting these resources which include...
Introduction If you've been on the internet recently you've probably used OAuth and more specifically the "Authorization Code" grant type (or "AZ Code" if, like...
Introduction If you've been on the internet recently you've probably used OAuth and more specifically the "Authorization Code" grant type (or "AZ Code" if, like The Dude, you are into the whole brevity thing). For example if you've ever clicked a "Sign on with Facebook" button or used a Facebook app you've used OAuth's AZ Code grant type, which is sometimes called a "flow", to allow the site or app to get your identity from Facebook and possibly call Facebook back to get more...
Introduction If you've been on the internet recently you've probably used OAuth and more specifically the "Authorization Code" grant type (or "AZ Code" if, like The Dude, you are into the...
Introduction The notion of a user is the most common reason for misunderstanding and confusion. When we mention a user, we often think of the person who is...
Introduction The notion of a user is the most common reason for misunderstanding and confusion. When we mention a user, we often think of the person who is allowed to use an application. However, nearly every application has a different user structure implemented. The challenge is to find a common ground for these differing user structures and a way to provision them, i.e. push the user information, into the applications. In today's connected and integrated world, enterprises...
Introduction The notion of a user is the most common reason for misunderstanding and confusion. When we mention a user, we often think of the person who is allowed to use an application....
