48.5 Understanding Social Identity

Social Identity lets Mobile and Social serve as the relying party (RP) when interacting with cloud-based Identity Authentication and Authorization Services, such as Google, Yahoo, Facebook, Twitter, Windows Live, Foursquare and/or LinkedIn.

Allowing users to log in to a protected resource using their credentials from a trusted Identity Provider is a convenience for the user. By deploying Mobile and Social, you can provide users with a convenient multiple log-in option without the need to implement each Provider individually. Users can use their credentials from cloud-based identity services to log in to any of the following application types.

  • Web applications that run on Java-compliant application servers. To add Social Identity functionality to a Web application, a developer connects the Web application to the Mobile and Social server using the Social Identity Client SDK. For details, see the "Developing Applications Using the Social Identity Client SDK" chapter in the Oracle Fusion Middleware Developer's Guide for Oracle Access Management.

  • Applications protected by either Access Manager, or the 10g or versions of Oracle Access Manager. Applications protected by either the Access Manager service in the Oracle Access Management product, or the 10g or 11gR1 PS1 versions of Oracle Access Manager can be configured to work with Social Identity without using an SDK. For details about the authentication flow, see Authentication Flow for a User With Access Manager and Social Identity.

  • Mobile applications running Android or iOS. Mobile applications running Android or iOS can be configured to authenticate with an Social Identity Provider. To connect to the Mobile and Social server, Android and iOS applications use the Mobile and Social Services SDKs for those platforms. A separate SDK is not required.

Social Identity provides services for Identity Providers that support the following standards:

  • OpenID version 2.0

  • OpenID Simple Registration Extension 1.0

  • Open ID Attribute Exchange Extension 1.0

  • OpenID Provider Authentication Policy Extension 1.0

  • OAuth 1.0 and 2.0

Native support for the Identity Providers listed in Table 48-5 is provided by Mobile and Social after installation.

Table 48-5 Identity Providers That Mobile and Social Natively Supports

Identity Provider Supported Protocol


OAuth 2.0


OAuth 2.0


OAuth 2.0


OAuth 2.0


OpenID 2.0


OAuth 2.0

Windows Live

OAuth 2.0

Java programmers can add relying party support for additional OpenID and OAuth Identity Providers by implementing a Java interface and using the Mobile and Social console to add the Java class to the Mobile and Social deployment. For more information, see the “Extending the Capabilities of the Mobile and Social Server" chapter in the Oracle Fusion Middleware Developer's Guide for Oracle Access Management.