The login page provides the ability to log in, and provides a starting point for all unauthenticated operations. This page is displayed when you access Oracle Identity Self Service without authenticating either natively to Oracle Identity Manager or by using SSO.
Typical tasks you can perform before logging in to Identity Self Service include:
Challenge Question should be set by the User immediately after logging in to Identity Self Service for the first time.
To log in to Oracle Identity Self Service:
Note:
If Oracle Identity Manager is configured to support native authentication, then the login link redirects you to a form in which you can authenticate by using your Oracle Identity Manager username and password.
If Oracle Identity Manager is configured to support Single Sign-On (SSO), then the login link redirects you to the SSO application login page.
Go to the Identity Self Service login page.
For example: http://OIM_HOST.com:PORT/identity/
In the User ID field, enter your user login.
In the Password field, enter your password.
Click Sign In. If you are successfully authenticated, then you are logged in and directed to the home page in the authenticated context.
The login attempt might generate an error, such as "Invalid sign in", because of the following reasons:
Incorrect credentials: If the user name and password entered are not correct, then an error message is displayed. This may be because of the following reasons:
User login does not exist
Password is incorrect
User login exists but the user is deleted
User account will get locked if invalid login attempts exceeds maximum allowed login attempts counter. If user account gets locked, user will be allowed to login only when the lock out duration expires.
Locked account: If your user account is locked, then you are not allowed to log in even if the credentials are correct.
Disabled user: If your user account is disabled, then you are not allowed to log in.
If your password has expired, then the Change Password form is displayed. You are not allowed to proceed to the main page of the console without changing the password. Enter a new password, and click Submit.
If the system requires you to specify challenge responses, then specify it and click Submit.
Alternatively, you can click Cancel if you want to avoid setting challenge questions and logging on to Identity Self Service. You set challenge questions to reset your password without calling the helpdesk. Note that these challenge questions are a unique set of questions and answers. For more information about setting challenge questions and response, see Setting Challenge Questions and Response After First Login.
If you attempting to access a page, for example the Pending Approvals page, and you are checking for the pending approvals from a link and you are not logged in already, then you are redirected to the login page. Follow the login instruction provided in this section to log in to Oracle Identity Manager. However, you will be directed to the page you are attempting to access, the Pending Approvals page, instead of the main page of Identity Self Service.
If you have forgotten your user login, then you can retrieve it by performing the following steps:
In the Identity Self Service login page, click Forgot User Login. The Forgot User Login page is displayed.
In the Email Address field, enter the email address associated with your user login.
Click Submit. An email is sent to the specified email address with further instructions.
If you enter an incorrect email address, then an error message is displayed stating that the specified user details do not exist.
When a user password gets locked as the result of too many invalid login attempts, it can be reset from the Identity Self Service login page. However, this option is not available in the following cases:
User is disabled or deleted
User is locked (for reasons other than, too many invalid login attempts)
User has not set or has set insufficient number of challenge answers
Applicable Challenge Policy for the user is disabled
To reset your forgotten password:
In the Identity Self Service login page, click Forgot Password?. The Forgot Password page is displayed.
In the User Login field, enter your user login name to allow Oracle Identity Manager to locate your user record. If this validation fails then, you cannot proceed to reset password and will have to contact System Administrator for assistance.
If validation of User Login is successful then, click Next. The Please answer your challenge questions page is displayed.
In this step, the wizard provides the challenge questions that you set during user registration to verify your user identity. Enter your responses to the challenge questions, and then click Next. The Please enter new password page is displayed.
In this step, enter the new password that you want to set, re-enter new password to confirm it, and then click Save. The following are the possible outcomes of these steps:
If Oracle Identity Manager does not find the username you provided, then an error message is displayed stating that the user account is invalid.
If the challenge responses specified do not match the ones set during user registration, then the following error message is displayed:
"The number of questions answered correctly does not match the number of correct answers required. Please ensure if all questions are answered correctly."
If you satisfy the identity verification criteria (in other words, identifying yourself and answering the challenge questions), but the new password failed to satisfy configured password policies, then an error message is displayed.
If you satisfy the identity verification criteria and the password is successfully set, then the next page is displayed with a message that the password has been changed. This also unlocks your user account if it was locked by self (not locked by the system administrator manually). Click Back to Login to view the login screen from where you can log in to Oracle Identity Manager.
The challenge-response service allows you to set up a series of challenge questions that are used to validate the user's identity to reset a forgotten password. Only the user should know the correct answers to the challenge questions.
Questions and answers are stored as part of the user's profile as a name-value pair list, where the name is the question, and the value is the answer to that question. For example, for user John Doe, the challenge-response set could be as follows:
| Challenge | Response |
|---|---|
| What is your favorite color? | Blue |
| What is the name of your pet? | Rex |
| What is the city of your birth? | New York |
Note:
Oracle recommends defining answers to challenge questions that cannot be guessed easily by collecting information about the user from the Internet or other public sources.When a user's identity needs to be validated without relying on the authentication scheme, the challenge questions are asked, and the user must provide the necessary number of correct answers. Challenge questions are set in the following way:
System Administrator configures a pre-defined set of questions. For more information, see "Setting Challenge Options".
User configures Challenge Questions and Answers from Self Service Interface, My Information. For more information, see "Setting Challenge Questions and Response".
System Administrator and User configures Challenge Question. System Administrator can configure a pre-defined set of questions and user can configure the answers for these question from My Information tab or immediately after logging in to Identity Self Service for the first time.
When a User logs in for the first time, Identity Self Service will prompt the user to set challenge questions. To set the challenge questions and responses immediately after first login :
Select questions from the Question 1, Question 2, and Question 3 fields.
In the corresponding Answer 1, Answer 2, and Answer 3 fields, enter the answers.
Click Apply.
Note:
Challenge questions and responses once set are not visible in this section. If you see the following message in the Challenge Questions section, then you have already set your challenge questions and responses:Your secret questions and answers are already set.
You can modify the challenge questions and responses that you have already set by performing the procedure described earlier in this section.