- Using Oracle CASB Cloud Service
- Setting Up Cloud Applications for Monitoring
- Setting Up Oracle Identity Cloud Service (IDCS)
- Updating an IDCS Instance
Updating an IDCS Instance
Modify settings for an existing IDCS instance.
Updating the Credentials for an IDCS Instance
Change the login credentials for an Oracle Identity Cloud Service (IDCS) instance.
When the login credentials that you used to register an IDCS instance expire or are updated, you must update these credentials both in Oracle Cloud Infrastructure and in the Oracle CASB Cloud Service console.
- Select Applications from the Navigation menu. If the Navigation Menu is not displayed, click the Navigation Menu icon
to display it.
-
In card view, click the icon for the instance you want to modify, and then in the Health Summary, select Modify, Update credentials.
-
In grid view, drop down the Action list for the instance you want to modify and select Update credentials.
Tip:
Alternatively, from the Dashboard or the Applications page, you can select Add/Modify App, Modify an app instance, Update credentials, and then select the application instance you want to modify and click Next.
-
- In the Update Credentials page, enter the current values for all the fields:
-
Customer Login URL
-
Client ID
-
Client Secret
For information on where to get current values for these credentials, see Adding an IDCS Instance.
-
- Click Test Credentials.
- After the credentials are verified, click Submit to view a verification page.
Updating the Security Control Baseline for an IDCS Instance
Change security control baseline settings for an Oracle Identity Cloud Service (IDCS) instance.
- Select Applications from the Navigation menu. If the Navigation Menu is not displayed, click the Navigation Menu icon
to display it.
-
In card view, click the icon for the instance that you want to modify, and then in the Health Summary, select Modify, Update security control baseline.
-
In grid view, drop down the Action list for the instance you want to modify and select Update security control baseline.
Tip:
Alternatively, from the Dashboard or the Applications page, you can select Add/Modify App, Modify an app instance, Update security control baseline, and then select the application instance you want to modify and click Next.
-
- Make changes as needed in the security control settings.
You can change the risk level for any security control by clicking the icon in the Risk Level column
and making a different selection.
Refer to the tables below to understand how each security control behaves, and to how to customize the settings.
Password Policy
Security Control Name Description Minimum Password Length
Alert when required password length is less than this value.
Maximum Password Length
Alert when required password length is greater than this value.
Minimum Numerals Required
Alert when the minimum number of numeric characters required in a password is less than this value.
Number of previous passwords disallowed to be used when setting new Password
Alert when number of previous passwords that are disallowed when user is setting a new password is less than this value.
Number of days after which Password gets expired
Alert when the number of days after which a password automatically expires is less than this value.
Maximum incorrect Attempts Allowed before User Account Locked
Alert when the maximum number of incorrect attempts that are allowed before the user account is locked is greater than this value.
Minimum Uppercase Characters Required
Alert when the minimum number of uppercase characters required in a password is less than this value.
Minimum Lowercase Characters Required
Alert when the minimum number of lowercase characters required in a password is less than this value.
Minimum Alphabetic Characters Required
Alert when the minimum number of alphabetic characters required in a password is less than this value.
Disallow these characters to use in Password
Alert when any of the characters listed are allowed in a password..
Disallow users to use Last Name in Password
Alert when user’s last name is allowed in a password.
Disallow users to use First Name in Password
Alert when user’s first name is allowed in a password.
Disallow users to use Username in Password
Alert when user’s user name is allowed in a password.
Access Control
Security Control Name Description Require all users to have Multi Factor Authentication (MFA) Enabled
Alert when multi-factor authentication is not enabled for a user. Multi-factor authentication sends a code to the user in email or text, after the user has entered valid ID and password pair, and then requires the user to enter that code before granting access.
IAM Password older than 90 days
Alert when a password is found that was created more than 90 days ago.
- When you are ready to save your changes, select Use the new threshold values and then click Submit.
Updating the IDP Instance for an IDCS Instance
Add or change the identity provider (IDP) for an IDCS instance.
- Select Applications from the Navigation menu. If the Navigation Menu is not displayed, click the Navigation Menu icon
to display it.
-
In card view, click the icon for the instance that you want to modify, and then in the Health Summary, select Modify, Update IDP Instance.
-
In grid view, drop down the Action list for the instance you want to modify and select Update IDP Instance.
Tip:
Alternatively, from the Dashboard or the Applications page, you can select Add/Modify App, Modify an app instance, Update IDP Instance, and then select the application instance you want to modify and click Next.
-
- In the Update IDP instance page, drop down the list of identity providers and select the IDCS SSO application that you want to use with this IDCS instance.
Look for the Name you recorded from the IDCS SSO application information in Preparing IDCS.
- Click Next.
- In the Success page, click Done.