1. Using Oracle CASB Cloud Service
  2. Setting Up Cloud Applications for Monitoring
  3. Setting Up Oracle Identity Cloud Service (IDCS)
  4. Preparing IDCS

Preparing IDCS

Before registering your Oracle Cloud Infrastructure (IDCS) application instance with Oracle CASB Cloud Service, ensure that you have a private and public key pair configured in IDCS.

Prerequisites:

  • Enable IDCS in your Oracle CASB Cloud Service tenant.

    To enable this feature, contact Oracle Support (http://support.oracle.com). If you have not registered yet, you will need your Customer Support Identifier (CSI) in order to register to submit service request tickets. As an alternative, you can also contact your Oracle CASB Cloud Service Customer Success Manager.

  • Administrative access to an IDCS account.

  • An existing application in that account that provides single sign-on access to users logging in to other applications.

    For information on setting up applications in IDCS, see Oracle Identity Cloud Service - Application Catalog. Go to the chapter for the application for which you want to create an SSO IDCS application.

  • Full administrator privileges assigned to that account (Identity Domain Administrator, Security Administrator, Application Administrator, User Administrator, Audit Administrator). If any of these administrator roles are omitted, the information provided to Oracle CASB Cloud Service will be incomplete.

Prepare IDCS for Monitoring

  1. Log in to your Oracle Cloud account as an administrator.
  2. Navigate to the IDCS console:
    1. From the menu, select Users.
    2. From the User Management page, click Identity Console in the upper right corner.
  3. Drop down the menu from your initials in the upper right corner and select Admin Console.

    Note:

    If you do not see Admin Console in the drop-down menu, you are not logged in as an administrator. Log out and log back in as a different user with administrator privileges.

  4. In the Admin Console, open Applications.
  5. On the Applications page, click the application that you want to use with Oracle CASB Cloud Service.

    The details page for the application opens.

    This must be an application that provides single sign-on (SSO) access to users logging in to one or more other applications that Oracle CASB Cloud Service is monitoring. Later you will connect this IDCS SSO application to those other applications in Oracle CASB Cloud Service, so that logins through IDCS are correctly counted as logins to the other applications.

  6. On the Details tab, record the Name of the application.

    You will need to provide this later, to connect the IDCS SSO application to other applications that Oracle CASB Cloud Service is monitoring.

  7. Click the Configuration tab.
  8. Record information that you will need to register this IDCS instance in Oracle CASB Cloud Service.

    You will need to provide this information later, to connect the IDCS SSO application to other applications that Oracle CASB Cloud Service is monitoring.

    1. Record the first part of the IDCS console URL.

      From the browser’s address bar, select everything from the start of the URL through the .com:

      https://idcs-...identy.oraclecloud.com

      This is the value for the Customer Login URL when you register this IDCS instance.

    2. Expand the General Information section and record the Client ID.
    3. Click the Show Secret button and record the Client Secret.
    4. Close the Client Secret message box.
  9. Log out of your IDCS account.