Managing Federated Authentication

These topics discuss how to manage federated authentication:

When to Configure Federated Authentication

Federated authentication support is required when you are using Oracle Social Network in an Oracle Cloud environment (such as Oracle Sales Cloud or HCM) and you require user authentication using your own identity management provider. For example, you might be using an on-premise authentication solution in your environment, or a Cloud-based provider. In this situation, you must define URLs to be used at specific points during the automatic client authentication process.

In addition, you use the federated authentication settings to help mobile client users define their account settings after installation, based on their existing browser client account settings. With the standard authentication process, no special configuration is required. However, if you use a custom login page (you might need to do this if your users provide a PIN number, captcha, or other information to log in), you must define properties for your Login URL, Login Success URL, and so on, so that Oracle Social Network can send the client user to the correct destinations during the login process.

Editing Federated Authentication Properties

To edit the federated authentication properties:

  1. Log in to Oracle Social Network as an administrator.
  2. From the Administration UI, click Federated Authentication. The Federated Authentication properties page opens.
  3. Edit the properties. For more information about fields in the user interface, see Federated Authentication Properties Page.

    Note: The URL properties display after you select the Enabled option.

  4. Click Save.

Federated Authentication Properties Page

These properties are applicable only if you require user authentication using your own identity management provider.

Element Description

Enable Federated Authentication URLs

When enabled, the URL property fields are displayed.

Select this option only if you require user authentication using your own identity management provider.

Note: The Federated Authentication page does not control whether or not another authentication is enabled; you work with Oracle Support to configure that process outside the Administration UI.

Login URL

Required. Specify the URL to which the user will be taken to log in, in the format http[s]://<host>:<port>/<path>. For example:

https://companyname.com:12345/osn/federatedLogin.html/

Logout URL

Required. Specify the URL to which the user will be taken to log out, in the format http[s]://<host>:<port>/<path>. For example:

https://companyname.com:12345/oam/server/federatedLogout/

Login Success URL

Required. Specify the URL to which the user will be taken at the completion of a successful login, in the format http[s])://<host>:<port>/<path>. For example:

https://companyname.com:12345/fedauthcompleted/?authentication=success

Login Failure URL

Required. Specify the URL to which the user will be taken after an unsuccessful authentication, in the format http[s]://<host>:<port>/<path>.

The user is authenticated by your server, which you configure with a maximum number of login attempts; after the user fails to authenticate in that number of tries, the failure URL is used. For example:

https://companyname.com:12345/fedauthcompleted/?authentication=failed