Enable Single Sign-On (SSO)

If you use Federated Single Sign-On (SSO) for your Oracle Content Management environment, you can enable it to customize sign-in procedures. When Single Sign-On (SSO) is enabled, users can sign in to one instance using corporate security credentials and access another instance in the same domain without signing in again. For example, perhaps you are an administrator for your company which has two Oracle Cloud services and you must provision these services to your company’s organization, roles, and users. Your company may also have on-premise applications and cloud services from other vendors. It’s important that communication between these services and applications is done in a secure fashion. With SSO, users can sign in to all of them using the same set of credentials that are managed by using your identity domain system.

OAuth provides secure access to all services in Oracle Cloud. It provides an access token for communication between services. The token is valid for a limited time and contains the security credentials for a sign-in session. It identifies the user and the user's groups.

Overview of SSO Configuration

Oracle Cloud uses the SAML 2.0 standard to enable secure cross-domain communication between Oracle Cloud and other SAML-enabled sites located on-premise or in a different cloud. The administrator must configure SAML 2.0 SSO between Oracle Cloud and the identity provider. When SSO is enabled, the identity provider performs authentication for Oracle Cloud.

Perform the following steps to configure SSO:

1. Sign in to Oracle Cloud as the cloud account administrator. You can find your account name and login information in your welcome email.
2. Configure SSO. See Managing Oracle Single Sign-On in Administering Oracle Cloud Identity Management.