Oracle creates and maintains the App Catalog, which is a collection of application templates, for you and provides step-by-step instructions on how to configure most of the popular Software as a Service (SaaS) applications, such as Amazon Web Services and Google Suite.
- In the Identity Cloud Service console, expand the Navigation Drawer, and then click Applications.
- Click Add.
- In the Add Application window, click App Catalog.
- Locate an application by choosing a Category (predefined by Oracle), searching for the application by entering a string that begins with the application name, or to see all applications, click All.
- Click Add.
- Complete the App Details by entering a Name, Description, and Application URL.
For applications with lengthy names, the application name appears truncated in the My Apps page. Consider keeping your application names as short as possible.
- In the Custom Error URL field, enter the error page URL to which a user has to be redirected, in case of a failure. This is an optional field. However, if not specified, the tenant specific Error page URL will be used. If both the error URLs are not configured, then the error will be redirected to the Oracle Identity Cloud
Service Error Page (/ui/v1/error).
When a user tries to use social authentication (ex: Google, Facebook, and so on) for logging into Oracle Identity Cloud Service, the callback URL must be configured in the Custom Error URL field. Social providers need this callback URL to call Oracle Identity Cloud Service and send the response back after social authentication. The provided callback URL is used to verify whether the user exists or not (in the case of first time social login), and display an error if the social authentication has failed.
- In the Linking callback URL field, enter the URL that Oracle Identity Cloud
Service can redirect to after linking of a user between social providers and Oracle Identity Cloud
Service is complete. This is an optional field.
When you create a custom app using Oracle Identity Cloud Service custom SDK and integrate with Oracle Identity Cloud Service Social Login, the custom app needs to have the Linking callback URL which can be redirected after linking of the user between social provider and Oracle Identity Cloud Service is complete.
- In the Tags section, click Add Tag to add tags to your App Catalog application to organize and identify it. See Adding Tags to an Application.
- In the Display Settings section, select Display in My Apps.
Important:If you do not select Display in My Apps, the application does not display in the My Apps page.
When you select the Display in My Apps check box in applications, the app is then visible in the My Apps page, but selecting this check box doesn’t enable or disable SSO to the app.
The flag to enable or disable SSO comes from the app template. Use the Oracle Identity Cloud Service REST APIs to update this flag. You cannot set the SSO flag from the UI. See REST API for Oracle Identity Cloud Service.
- Select the User can request access check box, if you want the app to be listed in the Catalog. This option allows end users to request access to applications from their My Apps page by clicking Add and then selecting the app from the Catalog. Don’t forget to activate the application so that users can request access.
- Click Next and complete the SSO Configuration.
To get the issuing Oracle Identity Cloud Service root certificate, see Obtaining the Root CA Certificate from Oracle Identity Cloud Service.
- Click Download Signing Certificate to import the Oracle Identity Cloud Service signing certificate into your application. This certificate is used by the SAML application to verify that the SAML assertion is valid.
- Click Download Identity Provider Metadata to import the Oracle Identity Cloud Service Identity Provider metadata into your application. The SAML application needs this information so that it can trust and process the SAML assertion that is generated by Oracle Identity Cloud Service as part of the federation process. This information includes, for example, profile and binding support, connection endpoints, and certificate information.
- Click Finish. The application has been added in deactivate state. To activate your application see Activating Applications.
- Click Applications, locate the application that you just added, and activate it.
- Select the application.
- To assign users to the application, click Users.