Configure Settings for an Orchestrated System

With Oracle Access Governance, you can configure an orchestrated system by editing the connection settings, configuring notification settings, transforming inbound and outbound data for identity and account attributes, and applying matching or correlation rules to ensure integrated components work seamlessly together.

Modify Connection Settings for an Orchestrated System

You can configure the connection settings for your orchestrated system, using the Oracle Access Governance Console.

To update the connection details used by Oracle Access Governance to connect to an orchestrated system, perform the following tasks.

1. From the Oracle Access Governance navigation menu icon , select Service Administration → Orchestrated Systems.
2. Select one of the following to view the configuration of a specific orchestrated system:
   • The orchestrated system link in the Name column.
   • Manage connection from the navigation menu.
   This displays the configuration page for the selected orchestrated system.
3. From the Configurations section of the page, select Manage on the Connection settings tile. This will display the Connection settings page for your orchestrated system. The connection settings displayed is dependent on the type of orchestrated system you are updating.
4. Update the connection settings as required, and click Save.

Configure Identities or Email for Sending Orchestrated System Related Notifications

If an issue occurs in an orchestrated system during dataload, you want to be notified in good time so that you can investigate and resolve the issue. You can configure identities or an external email, to route notifications regarding your orchestrated system to assist with this.

To send orchestrated system-related notifications to your preferred identities or an external email address, you can configure Oracle Access Governance as required:

1. From the Oracle Access Governance service home page click on the icon, and select Service Administration → Orchestrated Systems.
2. Select the orchestrated system you want to configure notifications for.
3. From the tiles in the Configuration section of the page, select Manage on the Notification settings tile.
4. In the Which identities? field, use the drop-down list to select identities in your Oracle Access Governance instance to send orchestrated system-related notifications to. You can have multiple identities as required.
5. In the Email field, add an email for any person external to your Oracle Access Governance instance (who does not have an identity in your system) who you would like to receive notifications. You can only add one external email address for orchestrated system-related notifications.

Match Identity and Account Attributes using Correlation Rules

Oracle Access Governance leverages correlation or matching rules to match the identity and account data and build a composite identity profile. To configure matching rules in Oracle Access Governance perform the following steps:

1. From the Oracle Access Governance navigation menu icon , select Service Administration → Orchestrated Systems.
2. Select one of the following to view the configuration of a specific orchestrated system:
   • The connected system link in the Name column.
   • Manage connection from the navigation menu.
   This displays the configuration page for the selected orchestrated system.
3. From the Configurations section of the page, select Manage on the Matching rules tile. This will display the Matching rules page for your orchestrated system.
4. The tabs displayed depend on the configuration mode you selected when creating the orchestrated system, and by whether any unmatched accounts have been manually matched for this integration.
   • If you selected This is the authoritative source for my identities. then the Identity matching tab is displayed to set the matching rule for incoming identities.
   • If you selected I want to manage permissions for this system. then the Account matching tab is displayed to set the matching rule for incoming accounts.
   • If you selected both This is the authoritative source for my identities. and I want to manage permissions for this system. then both tabs are displayed.
   • If the orchestrated system selected has accounts which were unmatched, but have been manually matched, then the Manually matched accounts tab is displayed. You can unlink an account with the associated identity by selecting the
     
     
     
     Disconnect icon, or you can update the manual match by selecting the Edit icon.
5. Select the tab you require to update identity matching rules or account matching rules.
6. Select one of the following conditions:
   • All: All rules must be matched in this case so order of the rules is not significant.
   • Any: Any rule can, when met, produce a match. In this case order is significant as the matching rule will exit when a match is found. If you need to move a rule up the list you can select the menu for the rule, and select Move up.
7. Add a rule by selecting an Equals or Not equals operator.
8. Update the matching rules as required, and click Save.

Apply Inbound Transformations for Identity and Account Attributes

To modify the incoming data ingested into Oracle Access Governance, you need to apply inbound data transformations. To do so, perform the following tasks:

1. In the Oracle Access Governance Console, access the navigation menu by selecting the icon. Select Service Administration → Orchestrated Systems .
2. Select the orchestrated system from the list which you want to configure inbound data transformation rules for.
3. Expand the Configurations drop-down menu and select the Manage button on the Inbound data transformations tile. The Inbound data transformations page displays a list of any rules that you have configured, and an option to add new attribute rules.
4. To create an attribute rule for your orchestrated system, select the Add attribute rule button.
5. In the Add attribute rule panel enter the following information to configure your rule.
   • Which configuration mode?: Select one configuration mode, from the drop down list, that you want this attribute rule to apply to.
     • Authoritative source: Authoritative Sources that contain identity data and its attributes.
     • Managing permissions: Managed Systems containing account information and permissions.
   • Which attribute?: Select the Oracle Access Governance attribute you want to apply the transformation to from the drop down list. The list of attributes available will depend on the orchestrated system type, and configuration mode you choose.
   • Rule: Enter the rule you want to apply to this operation/attribute.
   • Click the Validate button to check your rule. If the rule is valid then you will see a confirmation message and the rule will be marked as validated. If there is an issue with the rule, then you will see an error message and the rule will be marked as invalid. You cannot save your rule if it is marked as invalid.
   • When your rule is valid click Add to save your configuration.

Apply Outbound Transformations for Identity Attributes

To modify the outgoing data provisioned in Oracle Access Governance, you need to apply outbound data transformations. To do so, perform the following tasks:

1. In the Oracle Access Governance Console, access the navigation menu by selecting the icon. Select Service Administration → Orchestrated Systems.
2. Select the orchestrated system from the list for which you want to configure the outbound data transformation rules.
3. Expand the Configurations drop-down menu and select the Manage button on the Outbound data transformations tile. The Outbound data transformations page displays a list of any rules that you have configured, and an option to create attribute rules.
4. To create an attribute rule for your orchestrated system, select the Add attribute rule button.
5. In the Add attribute rule panel enter the following information to configure your rule.
   • Which operations: Select one or more of the operations from the drop down list that you want this attribute rule to apply to.
     • Create Account
     • Change Password
   • Which attribute?: Select the attribute in the orchestrated system you want to apply the transformation to from the drop down list. The list of attributes available will depend on the orchestrated system type.
   • Rule: Enter the rule you want to apply to this operation/attribute.
   • Click the Validate button to check your rule. If the rule is valid then you will see a confirmation pop-up message and the rule will be marked as validated. If there is an issue with the rule, then you will see an error pop-up message and the rule will be marked as invalid. You cannot save your rule if it is marked as invalid.
   • When your rule is valid click Add to save your configuration.

---

Title and Copyright Information

Configure Settings for an Orchestrated System

Copyright ©2024,

Oracle and/or its affiliates.

Documentation Accessibility

For information about Oracle's commitment to accessibility, visit the Oracle Accessibility Program website at http://www.oracle.com/pls/topic/lookup?ctx=acc&id=docacc.

Access to Oracle Support

Oracle customers that have purchased support have access to electronic support through My Oracle Support. For information, visit http://www.oracle.com/pls/topic/lookup?ctx=acc&id=info or visit http://www.oracle.com/pls/topic/lookup?ctx=acc&id=trs if you are hearing impaired.