1. Security Configuration Guide
  2. Enabling SSO with Security Agents
  3. Configuring EPM System for Header-based SSO with Oracle Identity Cloud Services

Configuring EPM System for Header-based SSO with Oracle Identity Cloud Services

In this scenario, Oracle Identity Cloud Services authenticates Oracle Enterprise Performance Management System users and propagates the required HTTP headers to enable SSO.

This section discusses the steps involved in setting up and configuring EPM System to support SSO with Oracle Identity Cloud Services. You can extrapolate these steps to support header-based authentication of EPM System with any identity management system (for example, Azure AD) or Infrastructure as a Service (IaaS) provider that supports header-based authentication.

Conceptual work flow is as follows:

  • A gateway application acting as a reverse proxy protects EPM System components by restricting unauthenticated network access.
  • The gateway application intercepts HTTP(S) requests to EPM System components and ensures that the identity management product authenticates users before forwarding requests to EPM System components.
  • While forwarding requests to EPM System components, the gateway application propagates the authenticated user's identity to the EPM System component through HTTP header requests.