About Oracle API Gateway Role in Single Sign-On Authentication Process

The role of the gateway in the SSO authentication process is to act as the Assertion Consumer Service. The gateway validates the SAML token generated by the ID provider. All requests that are targeted to Siebel REST/SOAP must point to the gateway. The SOAP/REST end point is mapped to the gateway end point and vice versa. It is recommended to implement two-way TLS (Transport Layer Security) between Oracle API Gateway and Siebel REST as shown in the following image.

Note: You can use any gateway to process the assertion responses. For information about installing Oracle API Gateway, see https://docs.oracle.com/cd/E39820_01/doc.11121/gateway_install_docs/content/install_gateway.html.

Oracle API Gateway Role in Single Sign-On Authentication Process: There is a Gateway component (Policies, which map OAG end point to Siebel end point) and a Siebel component (Siebel REST/SOAP end point) in this image. There is a bidirectional arrow, labeled 2 way TLS, going from the Gateway component to the Siebel component.

Note: For information about using OAuth with Siebel REST, see Using OAuth with Siebel REST and Siebel REST API Guide.