Go to main content
1/47
Contents
List of Examples
List of Figures
List of Tables
Title and Copyright Information
Preface
Audience
Documentation Accessibility
Related Documents
Conventions
What's New In This Guide
Updates in January 2019 Documentation Refresh for 11
g
Release 2 (11.1.2.3)
Updates in July 2018 Documentation Refresh for 11
g
Release 2 (11.1.2.3)
Updates in April 2018 Documentation Refresh for 11
g
Release 2 (11.1.2.3)
Updates in January 2018 Documentation Refresh for 11
g
Release 2 (11.1.2.3)
Updates in December 2017 Documentation Refresh for 11
g
Release 2 (11.1.2.3)
Updates in October 2017 Documentation Refresh for 11
g
Release 2 (11.1.2.3)
Updates in January 2017 Documentation Refresh for 11
g
Release 2 (11.1.2.3)
Updates in October 2016 Documentation Refresh for 11
g
Release 2 (11.1.2.3)
Updates in July 2016 Documentation Refresh for 11
g
Release 2 (11.1.2.3)
Updates in January 2016 Documentation Refresh for 11
g
Release 2 (11.1.2.3)
Updates in August 2015 Documentation Refresh for 11
g
Release 2 (11.1.2.3.0)
Updates in June 2015 Documentation Refresh for 11
g
Release 2 (11.1.2.3.0)
New and Changed Features for 11
g
Release 2 (11.1.2.3.0)
Other Significant Changes in this Document for 11
g
Release 2 (11.1.2.3.0)
Part I Application Provisioning
1
Developing Application Instances
1.1
Managing Resources By Using the Design Console
1.1.1
Overview of Resource Management
1.1.2
IT Resources Type Definition Form
1.1.2.1
Defining a Template (a Resource Type) for IT Resources
1.2
Converting a Disconnected Application Instance to Connected Application Instance
1.2.1
Creating a Disconnected Application Instance in the Production Environment
1.2.2
Exporting Disconnected Application Instance From Test Environment
1.2.3
Importing the Disconnected Application Instance in Production Environment
1.2.4
Modifying the Application Instance from Disconnected to Connected
1.2.5
Testing the Connected Application Instance
2
Developing Provisioning Processes
2.1
Process Definition Form
2.1.1
Creating a Process Definition
2.1.2
Tabs on the Process Definition Form
2.1.2.1
Tasks Tab
2.1.2.2
Reconciliation Field Mappings Tab
2.1.3
Modifying Process Tasks
2.1.3.1
General Tab
2.1.3.2
Integration Tab
2.1.3.3
Task Dependency Tab
2.1.3.4
Responses Tab
2.1.3.5
Task to Object Status Mapping Tab
Part II Connectors
3
Using the Adapter Factory
3.1
Introduction to Adapters
3.2
Types of Adapters
3.3
Adapter Environment and Tools
3.3.1
Configuring the Adapter Environment
3.3.2
The Adapter Factory
3.3.3
Compiling Adapters
3.3.3.1
Automatic Compilation of Adapters
3.3.3.2
Compiling Adapters Manually
3.4
Defining Adapters
3.5
Tabs of the Adapter Factory Form
3.5.1
Adapter Tasks
3.5.2
Resources
3.5.3
Variable List
3.5.4
Usage Lookup
3.5.5
Responses
3.6
Disabling and Re-enabling Adapters
3.7
About Adapter Variables
3.7.1
Creating an Adapter Variable
3.7.2
Modifying an Adapter Variable
3.7.3
Deleting an Adapter Variable
3.8
Creating Adapter Tasks
3.8.1
Types of Adapter Tasks
3.8.2
Creating a Java Task
3.8.3
Reassigning the Value of an Adapter Variable
3.9
Modifying Adapter Tasks
3.10
Changing the Order and Nesting of Tasks
3.11
Deleting Adapter Tasks
3.12
Working with Responses
3.12.1
To Create a Response
3.12.2
To Modify a Response
3.12.3
To Delete a Response
3.13
Working with Prepopulate Adapters
3.13.1
Attaching Prepopulate Adapters to Form Fields
3.13.2
Removing Prepopulate Adapters from Form Fields
3.14
Working with Process Task Adapters
3.14.1
Guidelines for Working with a Process Task Adapter
3.14.2
Attaching Process Task Adapters to Process Tasks
3.14.3
Removing Process Task Adapters from Process Tasks
3.14.3.1
To Remove a Process Task Adapter from a Process Task
3.15
Adapter Mapping Information
3.15.1
Adapter Task Mapping Information
3.15.1.1
Adapter Variables
3.15.1.2
Adapter Task
3.15.1.3
Literal
3.15.1.4
Adapter References
3.15.1.5
Process Definition
3.15.1.6
User Definition
3.15.2
Adapter Variable Mapping Information
3.15.2.1
From the Variable List Tab
3.15.2.2
Process Task Adapter Variable Mappings
3.15.2.3
Task Assignment Adapter Variable Mappings
3.15.2.4
Rule Generator and Entity Adapter Variable Mappings
3.15.2.5
Prepopulate Adapter Variable Mappings
3.16
Defining Error Messages
4
Understanding the Identity Connector Framework
4.1
Advantages of ICF
4.2
Introducing the ICF Architecture
4.3
Using the ICF API
4.3.1
The ConnectorInfoManagerFactory Class
4.3.2
The ConnectorInfoManager Interface
4.3.3
The ConnectorKey Class
4.3.4
The ConnectorInfo Interface
4.3.5
The APIConfiguration Interface
4.3.6
The ConfigurationProperties Interface
4.3.7
The ConnectorFacadeFactory Class
4.3.8
The ConnectorFacade Interface
4.4
Introducing the ICF SPI
4.4.1
Implementing the Required Interfaces
4.4.1.1
org.identityconnectors.framework.spi.Connector
4.4.1.2
org.identityconnectors.framework.spi.Configuration
4.4.2
Implementing the Feature-based Interfaces
4.4.2.1
org.identityconnectors.framework.spi.PoolableConnector
4.4.2.2
org.identityconnectors.framework.spi.AttributeNormalizer
4.4.3
Implementing the Operation Interfaces
4.4.3.1
Implementing the SchemaOp Interface
4.4.3.2
Implementing the CreateOp Interface
4.4.3.3
Implementing the DeleteOp Interface
4.4.3.4
Implementing the SearchOp Interface
4.4.3.5
Implementing the UpdateOp Interface
4.4.4
Common Classes
4.5
Extending an Identity Connector Bundle
4.6
Using an Identity Connector Server
4.6.1
Using the Java Connector Server
4.6.1.1
Installing and Configuring a Java Connector Server
4.6.1.2
Running the Java Connector Server on Microsoft Windows
4.6.1.3
Running the Java Connector Server on Solaris and Linux
4.6.1.4
Installing an Identity Connector in a Java Connector Server
4.6.1.5
Using SSL to Communicate with a Connector Server
4.6.2
Using the .NET Connector Server
4.6.2.1
Installing the .NET Connector Server
4.6.2.2
Configuring the .NET Connector Server
4.6.2.3
Upgrading the .NET Connector Server
4.6.2.4
Configuring Trace Settings
4.6.2.5
Running the .NET Connector Server
4.6.2.6
Installing Multiple Connectors on a .NET Connector Server
5
Developing Identity Connectors Using Java
5.1
Developing a Flat File Connector
5.1.1
Supporting Classes for File Input and Output Handling
5.2
Uploading the Identity Connector Bundle to Oracle Identity Manager Database
5.2.1
Registering the Connector Bundle with Oracle Identity Manager
5.2.2
Creating Basic Identity Connector Metadata
5.2.2.1
Creating the IT Resource Type Definition
5.2.2.2
Creating the Resource Object
5.2.2.3
Creating Lookups
5.2.3
Creating Provisioning Metadata
5.2.3.1
Creating a Process Form
5.2.3.2
Creating Adapters
5.2.3.3
Creating A Process Definition
5.2.3.4
Creating a Provisioning Attribute Mapping Lookup
5.2.4
Creating Reconciliation Metadata
5.2.4.1
Creating a Reconciliation Schedule Task
5.2.4.2
Creating a Reconciliation Profile
5.2.4.3
Setting a Reconciliation Action Rule
5.2.4.4
Creating Reconciliation Mapping
5.2.4.5
Defining a Reconciliation Matching Rule
5.3
Provisioning a Flat File Account
5.4
Installing the Java Connector Server
5.5
Configuring the Java Connector Server without SSL for Oracle Identity Manager
5.6
Configuring the Java Connector Server with SSL for Oracle Identity Manager
5.7
Upgrading the Java Connector Server
6
Developing Identity Connectors Using .NET
6.1
Developing a Flat File .NET Connector
6.2
Deploying the Identity Connector Bundle on .NET Connector Server
6.2.1
Registering the Connector Bundle with .NET Connector Server
6.2.2
Creating Basic Identity Connector Metadata
6.2.2.1
Creating the IT Resource Type Definition
6.2.2.2
Creating the Resource Object
6.2.2.3
Creating Lookups
6.2.3
Creating Provisioning Metadata
6.2.3.1
Creating a Process Form
6.2.3.2
Creating Adapters
6.2.3.3
Creating A Process Definition
6.2.3.4
Creating a Provisioning Attribute Mapping Lookup
6.2.4
Creating Reconciliation Metadata
6.2.4.1
Creating a Reconciliation Schedule Task
6.2.4.2
Creating a Reconciliation Profile
6.2.4.3
Setting a Reconciliation Action Rule
6.2.4.4
Creating Reconciliation Mapping
6.2.4.5
Defining a Reconciliation Matching Rule
6.3
Provisioning a Flat File Account
7
Integrating ICF with Oracle Identity Manager
7.1
ICF Common
7.2
Integration Architecture
7.3
Global Oracle Identity Manager Lookups
7.3.1
Main Lookup Configuration
7.3.2
User Management Configuration
7.3.3
Recon Transformation Lookup (Lookup.CONNECTOR_NAME.UM.ReconTransformation)
7.3.4
Recon Validation Lookup (Lookup.CONNECTOR_NAME.UM.ReconValidation)
7.3.5
Optional Defaults Lookup
7.4
IT Resource
7.5
Provisioning
7.5.1
ICF Provisioning Manager
7.5.1.1
APIs for Provisioning
7.5.1.2
Account Related Operations
7.5.1.3
Multivalued Operations
7.5.1.4
Other operations
7.5.2
Provisioning Lookup
7.5.3
Non-User Object Types
7.5.4
Optional Lookups for Provisioning
7.5.4.1
Provisioning Validation Lookup
7.5.5
Optional Flags in Lookups for Provisioning Attribute Map
7.5.6
Compound attributes in Provisioning Attribute Map
7.6
Concepts of Reconciliation in ICF Common
7.6.1
Types of Reconciliation
7.6.1.1
Target and Trusted Reconciliation
7.6.1.2
Full, Incremental Reconciliation
7.6.1.3
Advanced Incremental Reconciliation
7.6.1.4
Delete Reconciliation
7.6.1.5
Group Lookup Reconciliation
7.6.2
List of Reconciliation Artifacts in Oracle Identity Manager
7.6.2.1
Lookups for Reconciliation
7.7
Predefined Scheduled Tasks
7.7.1
LookupReconTask
7.7.2
SearchReconTask
7.7.3
SearchReconDeleteTask
7.7.4
SyncReconTask
7.8
ICF Filter Syntax
8
Using Java APIs for ICF Integration
9
Configuring ICF Connectors
9.1
Configuring Connector Load Balancer
9.2
Configuring Validation of Data During Reconciliation and Provisioning
9.3
Configuring Transformation of Data During User Reconciliation
9.4
Configuring Resource Exclusion Lists
9.5
Setting SSL for Connector Server and OIM
9.5.1
Troubleshooting SSL
9.6
Adding Target System Attributes
9.6.1
Adding Target System Attributes for Provisioning
9.6.2
Adding Target System Attributes for Target Reconciliation
9.6.3
Adding Target System Attributes for Trusted Reconciliation
10
Understanding ICF Best Practices and FAQs
10.1
Best Practices for ICF
10.2
FAQs on ICF
11
Using Generic Technology Connectors
11.1
Overview
11.2
Using the Generic Connection Pool Framework in Custom Connectors
11.2.1
Providing concrete implementation for ResourceConnection interface
11.2.2
Defining Additional ITResource Parameters
11.2.3
Getting and Releasing Connections from the Pool
11.2.4
Using a Third-party Pool
11.2.5
Example: Implementation of ResourceConnection
11.3
Best Practices
11.3.1
Working with the Provide Basic Information Page
11.3.2
Working with the Specify Parameter Values Page
11.3.3
Working with the Modify Connector Configuration Page
11.3.3.1
Names of Fields
11.3.3.2
Password Fields
11.3.3.3
Password-Like Fields
11.3.3.4
Mappings
11.3.3.5
Oracle Identity Manager Data Sets
11.3.4
Working with Shared Drive Reconciliation Transport Provider
11.3.5
Working with Custom Providers
11.3.6
Working with Connector Objects
11.3.7
Modifying Generic Technology Connectors
12
Predefined Providers for Generic Technology Connectors
12.1
Shared Drive Reconciliation Transport Provider
12.2
CSV Reconciliation Format Provider
12.3
SPML Provisioning Format Provider
12.3.1
Run-Time Parameters
12.3.2
Design Parameters
12.3.3
Nonmandatory Parameters
12.3.4
Parameters with Predetermined Values
12.4
Web Services Provisioning Transport Provider
12.4.1
Configuring SSL Communication Between Oracle Identity Manager and the Target System Web Service
12.5
Transformation Providers
12.5.1
Concatenation Transformation Provider
12.5.2
Translation Transformation Provider
12.5.2.1
Configuring Account Status Reconciliation
12.6
Validation Providers
Part III Workflows
13
Developing Workflows
13.1
Introducing Workflows
13.1.1
Overview of Workflows
13.1.2
Workflow Concepts
13.1.3
Workflow Architecture
13.2
Predefined SOA Composites
13.3
Creating New SOA Composites
13.3.1
Creating a New SOA Composite
13.3.2
Deploying a SOA Composite in Oracle SOA Server
13.3.3
Prerequisites for Communication to Oracle Identity Manager Through SSL Mode
13.4
Developing Workflows: Vision Request Tutorial
13.4.1
Introducing the Tutorial
13.4.2
Prerequisites
13.4.3
Creating the Application Instance
13.4.3.1
Creating the FinApp Application Instance
13.4.3.2
Defining Application Instance Attributes and Creating a Form
13.4.3.3
Publishing the Application Instance to One or More Organizations
13.4.3.4
Linking Entitlements to the Application Instance
13.4.3.5
Publishing the Application Instance With Entitlements to the Catalog
13.4.4
Configuring FinApp in the Catalog
13.4.5
Creating and Configuring the SOA Composite for Approval
13.4.5.1
Creating the Approval Workflow
13.4.5.2
Making Request and Catalog Data Available to the BPEL Process
13.4.5.3
Configuring Workflow Selection
13.4.5.4
Configuring Human Tasks
13.4.5.5
Configuring the Human Task and BPEL Mappings
13.4.5.6
Deploying the SOA Composite
13.4.5.7
Creating the Workflow Rules
13.5
Configuring Default Approval Composites for Single and Bulk Operations
13.6
Creating and Deploying Custom Task Details Taskflow
13.6.1
Prerequisites for Developing Custom Task Details Taskflow
13.6.2
Developing Custom Task Details Taskflow
13.6.3
Developing Custom Task Details for Email Notification (Optional)
13.6.4
Deploying the Task Details Taskflow
13.6.5
Configuring Human Task and Taskflow Permissions
13.6.6
Testing the Custom Taskflow
13.7
Extending Request Management Operations
13.7.1
Running Custom Code Based on Request Status Change
13.7.2
Validating Request Data
13.7.2.1
Scenario I: Provisioning Users to a Target System
13.7.2.2
Scenario II: Provisioning or Modifying Entitlement Request
13.7.3
Prepopulation of an Attribute Value During Request Creation
13.8
Enabling Auto-Approval for Self Registration Requests
13.9
Hiding the Skip Current Assignment Option
13.10
Customizing Certification Oversight
13.11
Customizing the Identity Audit Composite
Part IV Data Synchronization
14
Customizing Reconciliation
14.1
Reconciliation Features
14.1.1
Performance Enhancement Features
14.1.1.1
New Metadata Model - Profiles
14.1.1.2
Parameters to Control Flow and Processing of Events
14.1.1.3
Grouping of Events by Reconciliation Runs
14.1.1.4
Grouping of Events by Batches
14.1.1.5
Implementing Reconciliation Engine Logic in the Database
14.1.1.6
Improved Java Engine
14.1.1.7
Improved Database Schema
14.1.2
Web-Based Event Management Interface
14.1.3
Other Features
14.1.3.1
Staging Tables
14.1.3.2
Handling of Race Conditions
14.1.3.3
Ad Hoc Linking
14.2
Reconciliation Architecture
14.2.1
Reconciliation Profile
14.2.2
Reconciliation Metadata
14.2.3
Reconciliation Target
14.2.4
Reconciliation Run
14.2.5
Reconciliation APIs
14.2.6
Reconciliation Schema
14.2.7
Reconciliation Engine
14.2.7.1
Matching Module
14.2.7.2
Action Module
14.2.8
Connector for Reconciliation
14.2.9
Archival
14.2.10
Backward Compatibility
14.2.11
Reconciliation Event Management
14.3
Defining Reconciliation Rules
14.3.1
Defining a Reconciliation Rule
14.3.2
Adding a Rule Element
14.3.3
Nesting a Rule Within a Rule
14.3.4
Deleting a Rule Element or Rule
14.4
Developing Reconciliation Scheduled Tasks
14.5
Updating Reconciliation Profiles Manually
14.5.1
Creating and Updating Reconciliation Profiles
14.5.2
Changing the Profile Mode
14.6
Understanding Reconciliation APIs
14.6.1
The ReconOperationsService API
14.6.2
Invoking Non-scheduled Task-Based Reconciliation in a Multithreaded Environment
14.7
Postprocessing for Trusted Reconciliation
14.8
Reconciliation FAQs
14.9
Troubleshooting Reconciliation
14.9.1
Troubleshooting General Reconciliation Issues
14.9.2
Troubleshooting Database-Related Reconciliation Issues
14.9.3
Troubleshooting Reconciliation Profile Configuration Failures
14.9.4
Troubleshooting LDAP Reconciliation Issues
14.10
Populating Data in the RECON_EXCEPTIONS Table
14.11
Reconciliation Best Practices
14.11.1
Additional Indexes Requirement for Matching Module
14.11.2
Collecting Database Schema Statistics for Reconciliation Performance
14.12
Monitoring Reconciliation Performance Using DMS
15
Using the Bulk Load Utility
15.1
Modes of Running the Utility
15.2
Features of the Bulk Load Utility
15.3
Prerequisites for Running the Bulk Load Utility
15.3.1
Installing the Bulk Load Utility
15.3.1.1
Scripts That Constitute the Utility
15.3.1.2
Temporary Tables Used During a Bulk Load Operation
15.3.1.3
Options Offered by the Utility
15.3.2
Preparing Your Database for a Bulk Load Operation
15.3.2.1
Creating a Tablespace for Temporary Tables
15.3.2.2
Creating a Datafile in the Oracle Identity Manager Tablespace
15.4
Running the Utility
15.5
Performance Best Practices for Bulk Load
15.6
Loading OIM User Data
15.6.1
Setting a Default Password for OIM Users Added by the Utility
15.6.2
Creating the Input Source for the Bulk Load Operation
15.6.2.1
Using CSV Files As the Input Source
15.6.2.2
Creating Database Tables As the Input Source
15.6.3
Determining Values for the Input Parameters of the Utility
15.6.4
Monitoring the Progress of the Operation
15.6.5
Handling Exceptions Recorded During the Operation
15.6.6
Fixing Exceptions and Reloading Data Records
15.6.7
Verifying the Outcome of the Bulk Load Operation
15.6.8
Generating an Audit Snapshot
15.7
Loading Account Data
15.7.1
Creating the Input Source for the Bulk Load Operation
15.7.1.1
Using CSV Files As the Input Source
15.7.1.2
Creating Database Tables As the Input Source
15.7.2
Determining Values for the Input Parameters of the Utility
15.7.3
Monitoring the Progress of the Operation
15.7.4
Handling Exceptions Recorded During the Operation
15.7.5
Fixing Exceptions and Reloading Data Records
15.7.6
Verifying the Outcome of the Bulk Load Operation
15.8
Loading Role, Role Hierarchy, Role Membership, and Role Category Data
15.8.1
Creating the Input Source for the Bulk Load Operation
15.8.1.1
Using CSV Files As the Input Source
15.8.1.2
Creating Database Tables As the Input Source
15.8.1.3
Determining the UGP_NAME Generated After Role Load
15.8.2
Determining Values for the Input Parameters of the Utility
15.8.3
Monitoring the Progress of the Operation
15.8.4
Handling Exceptions Recorded During the Operation
15.8.5
Fixing Exceptions and Reloading Data Records
15.8.6
Verifying the Outcome of the Bulk Load Operation
15.9
Loading Organization Data
15.9.1
Creating the Input Source for the Bulk Load Operation
15.9.1.1
Using CSV Files as the Input Source
15.9.1.2
Creating Database Tables as the Input Source
15.9.2
Determining Values for the Input Parameters of the Utility
15.9.3
Monitoring the Progress of the Operation
15.9.4
Handling Exceptions Recorded During the Operation
15.9.5
Fixing Exceptions and Reloading Data Records
15.9.6
Verifying the Outcome of the Bulk Load Operation
15.10
Data Recorded During the Operation
15.11
Gathering Diagnostic Data from the Bulk Load Operation
15.12
Cleaning Up After a Bulk Load Operation
15.13
Bulk Load High Volume Strategy and Case Studies
16
Developing Scheduled Tasks
16.1
Overview of Task Creation
16.1.1
Steps in Task Creation
16.1.2
Example of Scheduled Task
16.2
Defining the Metadata for the Scheduled Task
16.3
Configuring the Scheduled Task XML File
16.4
Developing the Scheduled Task Class
16.5
Configuring the Plug-in XML File
16.6
Creating the Directory Structure for the Scheduled Task
16.7
Scheduled Task Configuration File
16.7.1
Structure of the Scheduler XML File
16.7.2
The scheduledTasks Element
16.7.3
The task Element
16.7.4
The name Element
16.7.5
The class Element
16.7.6
The description Element
16.7.7
The retry Element
16.7.8
The parameters Element
16.7.9
The string-param Element
16.7.10
The number-param Element
16.7.11
The boolean-param Element
16.8
Best Practices for Creating Custom Scheduled Tasks
16.9
Using the isStop() Method
16.10
Monitoring Scheduled Jobs Performance using DMS
Part V Custom Operations
17
Developing Plug-ins
17.1
Plug-ins and Plug-in Points
17.1.1
Plug-ins and Event Handlers
17.1.2
Plug-in Stores
17.1.2.1
File Store
17.1.2.2
Database Store
17.2
Using Plug-ins in Deployments
17.3
Plug-in Points
17.4
Configuring Plug-ins
17.5
Developing Custom Plug-ins
17.5.1
Developing Plug-ins
17.5.2
Declaring Plug-ins
17.6
Registering Plug-ins
17.6.1
Registering and Unregistering Plug-ins By Using APIs
17.6.2
Registering and Unregistering Plug-ins By Using the Plugin Registration Utility
17.7
Migrating Plug-ins
18
Developing Event Handlers
18.1
Orchestration Concepts
18.2
Using Custom Event Handlers
18.3
Orchestration Operations for Entities
18.4
Developing Custom Event Handlers
18.4.1
Implementing the SPI and Creating a JAR
18.4.1.1
Development Considerations
18.4.1.2
Methods and Arguments
18.4.1.3
Code Samples
18.4.1.4
Creating a JAR File With Custom Event Handler Code
18.4.1.5
Handling Exceptions
18.4.1.6
Managing Transactions
18.4.2
Defining Custom Events Definition XML
18.4.2.1
Elements in the Event Handler XML Files
18.4.2.2
Sample Event Definitions
18.4.3
Creating and Registering a Plug-in ZIP
18.5
Sequencing the Execution of Event Handlers
18.6
Writing Custom Validation Event Handlers
18.7
Best Practices
18.8
Migrating Event Handlers
18.9
Troubleshooting Event Handlers
Part VI Customization
19
Customizing the Interface
19.1
Managing Sandboxes
19.1.1
Handling Concurrency Conflicts
19.1.1.1
Troubleshooting Concurrency Issues
19.1.2
Creating a Sandbox
19.1.3
Activating and Deactivating a Sandbox
19.1.4
Viewing and Modifying Sandbox Details
19.1.5
Exporting and Importing a Sandbox
19.1.6
Publishing a Sandbox
19.1.7
Publishing Sandboxes in Bulk and Sequence
19.1.8
Deleting a Sandbox
19.1.9
Reverting Changes to Default Settings
19.2
Skin Customization in Oracle Identity Manager
19.2.1
Configuring a New Skin
19.2.2
Changing Branding and Logo
19.3
Customizing Pages at Runtime
19.3.1
Using Expression Language in UI Customization
19.3.1.1
Available EL Expressions in the User Context
19.3.1.2
Available EL Expressions in the RequestFormContext
19.3.1.3
Internationalization for Resource Strings
19.3.2
Showing or Hiding UI Components Conditionally
19.3.3
Showing Request Profiles Conditionally
19.3.4
Validating Input Data Using ADF Validators
19.3.5
Marking Input Attribute as Required
19.3.6
Adding a Link or Button
19.3.7
Hiding and Deleting an ADF Component
19.3.8
Showing and Hiding Attributes
19.3.9
Customizing Unauthenticated Pages
19.3.10
Customizing Certification Pages
19.3.10.1
Customizing the Certification Detail Pane
19.3.10.2
Adding Custom Attributes to the Certification Table
19.3.10.3
Customizing the Certification Table
19.4
Securing a Task Flow Region Using EL Expressions
19.5
Customizing Oracle Identity Manager Help
19.5.1
Adding Custom Help Topics
19.5.2
Adding Inline Help
19.6
Customizing the Home Page
19.6.1
Adding a Tile to the Home Page
19.6.2
Launching a New Page From the Tile Icon
19.6.3
Launching a New Page From the Tile Menu
19.6.4
Showing Tiles Conditionally
19.7
Developing Managed Beans and Task Flows
19.7.1
Setting Up the ViewController Project
19.7.2
Setting Up a Model Project
19.7.3
Adding Custom Managed Bean
19.7.4
Deploying Custom Code to Oracle Identity Manager
19.7.5
Using Managed Beans
19.7.5.1
Showing Components Conditionally
19.7.5.2
Prepopulating Fields Conditionally
19.7.5.3
Setting a Conditional Mandatory Field
19.7.5.4
Implementing Custom Field Validation
19.7.5.5
Implementing Custom Cascading LOVs
19.7.5.6
Customizing Forms By Using RequestFormContext
19.7.5.7
Overriding the Submit Button in Request Catalog
19.7.5.8
Launching Taskflows
19.7.5.9
Creating an External Link
19.7.6
Using Managed Beans to Populate Request Attributes
19.7.6.1
Populating Request Attributes Using Managed Beans
19.7.6.2
Populating Request Attributes by Using the Prepopulate Plug-in
19.7.7
Using Public Taskflows
19.7.8
Customizing Catalog Search
19.7.9
Customizing Task Details Page for Approval Tasks
19.8
Configuring Additional Request Form
19.8.1
Additional Request Information Concepts
19.8.1.1
Additional Information for the Request Cart Item
19.8.1.2
Additional Information for the Request
19.8.2
Understanding the Guidelines for Developing Custom Taskflow for Additional Request Information
19.8.2.1
Implementing Custom Taskflow for Additional Request Information
19.8.2.2
Saving and Retrieving Additional Information in Managed Bean Developed for the Project
19.8.2.3
Understanding the AdditionalRequestInfo Interface
19.8.2.4
Using RequestFormContext to Achieve the Required Customizations
19.8.3
Configuring Custom Taskflow for Additional Request Information
19.8.3.1
Configuring Custom Taskflow for the Cart Item Level
19.8.3.2
Configuring Additional Request Information at Request Level
19.8.4
Validating Additional Request Information
19.9
Migrating UI Customizations
19.10
UI Customization Best Practices
Part VII Interfaces to Integrate With Other Applications
20
Using APIs
20.1
Accessing Oracle Identity Manager Services
20.1.1
Using OIMClient
20.1.2
Using OIMClient and tcUtilityFactory in Integrated Deployments
20.2
Oracle Identity Manager Services
20.2.1
Services in Oracle Identity Manager 11
g
20.2.2
Legacy Services or Utilities
20.3
Commonly Used Services
20.3.1
Mapping Between Legacy and New Services
20.4
Developing Clients for Oracle Identity Manager
20.4.1
Prerequisites for Developing Clients
20.4.2
Setup and Configuration
20.5
Working With Legacy Oracle Identity Manager APIs
20.5.1
Using a Result Set Object
20.5.2
Handling Oracle Identity Manager Exceptions
20.5.3
Cleaning Up
20.6
Code Samples
20.6.1
Retrieving Oracle Identity Manager Information
20.6.2
Using Certification APIs
20.6.3
Using OIMService API
20.6.3.1
RequestData Object Construction
20.6.3.2
Samples of OIMService API Usage
21
Using SCIM/REST Services
21.1
Supported Resources and Operations
21.2
Resource Schema
21.2.1
Schema Attributes for the User Resource
21.2.2
Schema Attributes for the PasswordResetterWithChallenges Resource
21.2.3
Schema Attributes for the PasswordValidator Resource
21.2.4
Schema Attributes for the UserNameValidator Resource
21.2.5
Schema Attributes for the UserNameGenerator Resource
21.2.6
Schema Attributes for the UserNameRecoverer Resource
21.2.7
Schema Attributes for the Group Resource
21.2.8
Schema Attributes for the Organization Resource
21.2.9
Schema Attributes for the Password Policy Resource
21.2.10
Schema Attributes for the Notification Template Resource
21.2.11
Schema Attributes for the System Property Resource
21.2.12
Schema Attributes for the Service Provider Configuration Schema Resource
21.2.13
Schema Attributes for the Resource Type Resource
21.2.14
Schema Attributes for the Schema Resource
21.3
Operation Types
21.4
HTTP Response Codes
21.5
SCIM-Based API Examples
21.5.1
User Management
21.5.1.1
Create User
21.5.1.2
Modify User (PUT)
21.5.1.3
Modify User (PATCH)
21.5.1.4
View Users with Pagination
21.5.1.5
Delete User
21.5.1.6
Lock User
21.5.1.7
Unlock User
21.5.1.8
Reset Password by Providing New Password
21.5.1.9
Reset Password by Auto-Generated Password
21.5.1.10
View User
21.5.1.11
Self Registration
21.5.1.12
Modify Self Profile (PATCH)
21.5.1.13
Modify Profile (PUT)
21.5.1.14
PasswordResetterWithChallenges
21.5.1.15
PasswordValidator
21.5.1.16
UserNameValidator
21.5.1.17
UserNameGenerator
21.5.1.18
UserNameRecoverer
21.5.2
Role Management
21.5.2.1
View Role
21.5.2.2
Create Role
21.5.2.3
Modify Role (PUT)
21.5.2.4
Modify Role (PATCH)
21.5.2.5
Delete Role
21.5.2.6
Remove Role (PATCH)
21.5.3
Organization Management
21.5.3.1
View Organization
21.5.3.2
Create Organization
21.5.3.3
Modify Organization (PUT)
21.5.3.4
Modify Organizations (PATCH)
21.5.3.5
Delete Organization
21.5.4
Password Policy Management
21.5.4.1
View Password Policy
21.5.4.2
Create Password Policy
21.5.4.3
Modify Password Policy (PUT)
21.5.4.4
Modify Password Policy (PATCH)
21.5.4.5
Delete Password Policy
21.5.5
Notification Template Management
21.5.5.1
View Notification Template
21.5.5.2
Create Notification Template
21.5.5.3
Modify Notification Template (PUT)
21.5.5.4
Modify Notification Template (PATCH)
21.5.5.5
Notification Template Management: Delete
21.5.6
System Property Management
21.5.6.1
View System Properties
21.5.6.2
Modify System Properties (PATCH)
21.5.7
Service Provider Configuration Management
21.5.8
Resource Types Management
21.5.9
Using POST Search
21.5.10
Retrieving Schemas
21.6
Securing SCIM Resources
22
Using the JSON Web Token Service
22.1
About the JWT Service
22.2
Authentication Scenarios
22.3
Acquiring and Applying a JWT
22.4
JWT-Based OIM Identity Provider for SCIM-REST Authentication
22.4.1
SCIM and REST Security Overview
22.4.2
JSON Web Token (JWT)
22.4.3
OIM Identity Provider End Point
22.4.4
Session Timeout and Refresh
22.5
End Point and Application Details
22.5.1
End Point
22.5.1.1
Token End Point ( /iam/governance/token/api/v1/tokens )
22.5.1.2
Refresh Token Endpoint(/iam/governance/token/api/v1/tokens )
Part VIII Notification Service
23
Developing Notification Events
23.1
Notification Concepts
23.2
Developing Custom Notification
23.2.1
Building the Notification Logic
23.2.1.1
Defining Event Metadata
23.2.1.2
Creating the Resolver Class
23.2.1.3
Creating the plugin.xml File
23.2.2
Creating Plug-in Pack Containing the Resolver Class
23.2.3
Building the Invocation Logic
23.2.4
Configuring the Notification Service
Part IX Customization Lifecycle
24
Deploying and Undeploying Customizations
24.1
Migrating User Modifiable Metadata Files
24.1.1
Exporting Metadata Files to MDS
24.1.2
Importing Metadata Files from MDS
24.1.3
Deleting Metadata Files from MDS
24.1.4
Creating MDS Backup
24.1.5
Exporting All MDS Data for Oracle Identity Manager
24.2
Migrating JARs and Resource Bundle
24.2.1
Upload JAR Utility
24.2.2
Download JAR Utility
24.2.3
Delete JAR Utility
24.2.4
Upload Resource Bundle Utility
24.2.5
Download Resource Bundle Utility
24.2.6
Delete Resource Bundle Utility
Part X Reports and Audit
25
Understanding BI Publisher in Oracle Identity Manager
25.1
Overview
25.2
Benefits of Embedded BI Publisher
25.3
Verifying the Integration of BI Publisher with Oracle Identity Manager
25.4
Granting BI Publisher Access to Other Oracle Identity Manager Users
25.5
Creating and Deploying BI Publisher Reports
25.6
Configuring SSL-Enabled Email Server
25.7
Configuring SSO in Access Manager Enabled Environment (Optional)
25.8
Patching Embedded BI Publisher Binaries
26
Understanding Auditing
26.1
Audit Levels
26.2
Tables Used for Storing Information About Auditors
26.3
Issuing Audit Messages
Part XI Appendixes
A
The FacesUtils Class
B
Username Reservation and Common Name Generation
B.1
Username Reservation
B.1.1
Enabling and Disabling Username Reservation
B.1.2
Configuring the Username Policy
B.1.3
Writing Custom User Name Policy
B.1.4
Releasing the Username
B.1.5
Configuring Username Generation to Support Microsoft Active Directory
B.2
Common Name Generation
B.2.1
Common Name Generation for Create User Operation
B.2.2
Common Name Generation for Modify User Operation
C
Configuring Reports
C.1
What are Oracle Identity Manager Reports?
C.2
What is Oracle BI Publisher?
C.3
Licensing
C.4
Deploying Oracle Identity Manager Reports
C.4.1
Creating the Metadata Repository
C.4.2
Installing BI Publisher 11
g
(11.1.1.7.1)
C.5
Configuring Oracle Identity Manager Reports
C.5.1
Configuring Security on BI Publisher 11
g
(11.1.1.7.1)
C.5.2
Configuring Data Sources for Running Oracle Identity Manager Reports
C.5.2.1
Configuring Oracle Identity Manager JDBC Connection
C.5.2.2
Configuring BPEL-Based JDBC Connection
C.6
Generating Oracle Identity Manager Reports
C.6.1
Generating Sample Reports Against the Sample Data Source
C.6.2
Generating Reports Against the Oracle Identity Manager JDBC Data Source
C.6.3
Generating Reports Against the BPEL-Based JDBC Data Source
C.7
Configuring Certification Reports
Scripting on this page enhances content navigation, but does not change the content in any way.