Setting Up an Identity Provider Instance
To accommodate single sign-on (SSO) for a cloud service you are registering in Oracle CASB Cloud Service, configure an identity provider instance as the SSO provider.
Managing Identity Providers (IDPs)
Oracle CASB Cloud Service provides two strategic options for setting up identity providers (IDPs). These two options are mutually exclusive. You get one by default, and you can switch to the other by request.
-
Standalone IDP
-
Oracle Identity Cloud Service (IDCS) is supported as an IDP.
-
IDP is set up through the Configuration submenu, Identity Management Providers page.
-
Oracle CASB Cloud Service tracks login events for registered applications thru the IDP's API.
-
This is the recommended IDP option, but it is not the default.
To enable this feature, contact Oracle Support (http://support.oracle.com). If you have not registered yet, you will need your Customer Support Identifier (CSI) in order to register to submit service request tickets. As an alternative, you can also contact your Oracle CASB Cloud Service Customer Success Manager.
-
-
IDP as a Managed Application
-
Only IDCS is supported as IDP.
-
IDCS is set up as an IDP is by registering an IDCS instance as a managed application, through the Add/Update Apps option on the Applications page.
-
Oracle CASB Cloud Service tracks login events for registered applications thru the IDP's API, as with the Standalone IDP option, and the service also tracks security controls, policy alerts, and other features deployed with the monitoring IDP.
-
This is the default option that is enabled when your Oracle CASB Cloud Service tenant is first deployed.
-
Configuring the Recommended Standalone IDP Option
-
To enable the Standalone IDP option, contact Oracle Support (http://support.oracle.com). If you have not registered yet, you will need your Customer Support Identifier (CSI) in order to register to submit service request tickets. As an alternative, you can also contact your Oracle CASB Customer Success Manager.
-
Specify the IDCS IDP when you add a new application instance, or update an existing application instance.
Configuring the IDP as a Managed Application Opeion
-
Perform the setup steps required in the SSO provider.
-
Configure an IDP through the Configuration submenu, Identity Management Providers page.
See Setting Up an Oracle Identity Cloud Service (IDCS) IDP Instance.
-
Specify the IDP instance you configured when you add a new application instance, or update an existing application instance.
Setting Up an Oracle Identity Cloud Service (IDCS) IDP Instance
Create a trusted application in Oracle Identity Cloud Service, then configure an identity provider (IDP) instance in Oracle CASB Cloud Service.
An Oracle Identity Cloud Service IDP instance enables communication between Oracle CASB Cloud Service and Oracle Identity Cloud Service.