Updating an IDCS Instance

Modify settings for an existing IDCS instance.

Updating the Credentials for an IDCS Instance

Change the login credentials for an Oracle Identity Cloud Service (IDCS) instance.

When the login credentials that you used to register an IDCS instance expire or are updated, you must update these credentials both in Oracle Cloud Infrastructure and in the Oracle CASB Cloud Service console.

1. Select Applications from the Navigation menu. If the Navigation Menu is not displayed, click the Navigation Menu icon to display it.

   • In card view, click the icon for the instance you want to modify, and then in the Health Summary, select Modify, Update credentials.

   • In grid view, drop down the Action list for the instance you want to modify and select Update credentials.

   Tip:

   Alternatively, from the Dashboard or the Applications page, you can select Add/Modify App, Modify an app instance, Update credentials, and then select the application instance you want to modify and click Next.

2. In the Update Credentials page, enter the current values for all the fields:

   • Customer Login URL

   • Client ID

   • Client Secret

   For information on where to get current values for these credentials, see Adding an IDCS Instance.

3. Click Test Credentials.
4. After the credentials are verified, click Submit to view a verification page.

Updating the Security Control Baseline for an IDCS Instance

Change security control baseline settings for an Oracle Identity Cloud Service (IDCS) instance.

1. Select Applications from the Navigation menu. If the Navigation Menu is not displayed, click the Navigation Menu icon to display it.

   • In card view, click the icon for the instance that you want to modify, and then in the Health Summary, select Modify, Update security control baseline.

   • In grid view, drop down the Action list for the instance you want to modify and select Update security control baseline.

   Tip:

   Alternatively, from the Dashboard or the Applications page, you can select Add/Modify App, Modify an app instance, Update security control baseline, and then select the application instance you want to modify and click Next.

2. Make changes as needed in the security control settings.

   You can change the risk level for any security control by clicking the icon in the Risk Level column and making a different selection.

   Refer to the tables below to understand how each security control behaves, and to how to customize the settings.

   Password Policy

   Security Control Name	Description
   Minimum Password Length	Alert when required password length is less than this value.
   Maximum Password Length	Alert when required password length is greater than this value.
   Minimum Numerals Required	Alert when the minimum number of numeric characters required in a password is less than this value.
   Number of previous passwords disallowed to be used when setting new Password	Alert when number of previous passwords that are disallowed when user is setting a new password is less than this value.
   Number of days after which Password gets expired	Alert when the number of days after which a password automatically expires is less than this value.
   Maximum incorrect Attempts Allowed before User Account Locked	Alert when the maximum number of incorrect attempts that are allowed before the user account is locked is greater than this value.
   Minimum Uppercase Characters Required	Alert when the minimum number of uppercase characters required in a password is less than this value.
   Minimum Lowercase Characters Required	Alert when the minimum number of lowercase characters required in a password is less than this value.
   Minimum Alphabetic Characters Required	Alert when the minimum number of alphabetic characters required in a password is less than this value.
   Disallow these characters to use in Password	Alert when any of the characters listed are allowed in a password..
   Disallow users to use Last Name in Password	Alert when user’s last name is allowed in a password.
   Disallow users to use First Name in Password	Alert when user’s first name is allowed in a password.
   Disallow users to use Username in Password	Alert when user’s user name is allowed in a password.

   Access Control

   Security Control Name	Description
   Require all users to have Multi Factor Authentication (MFA) Enabled	Alert when multi-factor authentication is not enabled for a user. Multi-factor authentication sends a code to the user in email or text, after the user has entered valid ID and password pair, and then requires the user to enter that code before granting access.
   IAM Password older than 90 days	Alert when a password is found that was created more than 90 days ago.

3. When you are ready to save your changes, select Use the new threshold values and then click Submit.

Updating the IDP Instance for an IDCS Instance

Add or change the identity provider (IDP) for an IDCS instance.

1. Select Applications from the Navigation menu. If the Navigation Menu is not displayed, click the Navigation Menu icon to display it.

   • In card view, click the icon for the instance that you want to modify, and then in the Health Summary, select Modify, Update IDP Instance.

   • In grid view, drop down the Action list for the instance you want to modify and select Update IDP Instance.

   Tip:

   Alternatively, from the Dashboard or the Applications page, you can select Add/Modify App, Modify an app instance, Update IDP Instance, and then select the application instance you want to modify and click Next.

2. In the Update IDP instance page, drop down the list of identity providers and select the IDCS SSO application that you want to use with this IDCS instance.

   Look for the Name you recorded from the IDCS SSO application information in Preparing IDCS.

3. Click Next.
4. In the Success page, click Done.