In this procedure, you’ll:
Use the Identity Cloud Service console to add a Provisioning Bridge
Install the client for this bridge on a Windows or generic machine. A generic machine has Java 8 installed on it and supports Bash shell.
- In the Identity Cloud Service console, expand the Navigation Drawer, click Settings, and then click Provisioning Bridges.
- If this is the first bridge you’re creating, then click Add a Provisioning Bridge. Otherwise, click Add.
- In the Name and Description fields of the Add Provisioning Bridge page, enter a name and descriptive information for the Provisioning Bridge. Then, click Save.
A new page appears for the Provisioning Bridge. The name of this page is the name you provided for the bridge in this step. By default, this Provisioning Bridge is deactivated. See Activate Provisioning Bridges to learn how to activate it.
This page contains three tabs:
Details: This tab contains high-level information about the Provisioning Bridge.
Apps: This tab displays the apps to which the Provisioning Bridge will
- Poll for changes to users and groups in the apps, and synchronize these changes into Oracle Identity Cloud Service.
- Use Oracle Identity Cloud Service to manage the lifecycle of users in the apps. This includes creating, modifying, deactivating, activating, and removing users and their profiles across the apps.
Connectors: After you install the client for the Provisioning Bridge and start the bridge, this tab displays the connectors that the bridge uses to communicate with the apps. You can learn more about this tab in Start a Provisioning Bridge.
- Make a note of the Identity Cloud Service URL, Client ID, and Client Secret.
The Identity Cloud Service URL contains the name and port number for your Oracle Identity Cloud Service identity domain. The Client ID and Client Secret are used by the Provisioning Bridge to access Oracle Identity Cloud Service as an administrator.
Note:The Client Secret is encrypted (for security purposes). To see the Secret in clear text, click Show Secret. To regenerate the Secret for the bridge, click Regenerate.
- Click the Downloads link (because you want to download the client for the Provisioning Bridge).
- In the Downloads page, click Download to the right of the Identity Cloud Service Provisioning Bridge client.Oracle Identity Cloud Service downloads the client for the Provisioning Bridge.
- Verify that a Success status appears to the right of the Identity Cloud Service Provisioning Bridge client.
- Launch the Windows or generic machine where you want to install the client for the Provisioning Bridge.
Important:Make sure that you have administrative rights for this machine. Also, this machine will communicate with the client network that the Provisioning Bridge uses to access the apps that you want to monitor.
- On this machine, create a folder, and then unzip the file that you downloaded in step 6 of this procedure into this folder. This zipped file contains the client that you are to install for the Provisioning Bridge.
After you unzip the file, the following folders are created:
bin:This folder contains the
crossplatform.jarfile. This file is used by the installer to install, start, and stop the Provisioning Bridge.
bundle_home:This folder contains the connector JAR files that Oracle ships with the bridge. These files are used by the bridge to communicate with the apps.
conf:This folder contains two properties files:
BridgeRuntimeConfigurations.properties:This file contains properties associated with the Provisioning Bridge communicating with Oracle Identity Cloud Service and the target apps. Oracle strongly recommends that you don't modify the contents of this file.
log4j.properties:This file contains properties associated with logging operations that are performed by the Provisioning Bridge. See Manage Log Files for a Provisioning Bridge.
dependencies:This folder contains the script files that the Provisioning Bridge uses to communicate with Oracle E-Business Suite for synchronization and provisioning purposes.
logs:This is the default folder is where all log files for the Provisioning Bridge are stored. You can change this folder and path by modifying the
log4j.propertiesfile. See Manage Log Files for a Provisioning Bridge.
You’ll also see three files:
startup.bat:Use this file to launch the client for the Provisioning Bridge on a Windows (
startup.sh:Use this file to launch the client on a generic (
FileInfo.json:This file contains version information about the zipped file that you downloaded. Oracle strongly recommends that you don't modify the contents of this file.
Tip:While you’re installing the client, Oracle Identity Cloud Service generates log files for the Provisioning Bridge automatically, and stores them in the
- If you’re installing the Provisioning Bridge on a generic machine, then open a Terminal window, navigate to the folder that you created in step 9, and run the
If you’re installing the Provisioning Bridge on a Windows machine, then open Windows Explorer, navigate to the folder that you created in step 9, and double-click the
- At the Enter a password for Oracle Wallet prompt, enter your Oracle Wallet password. The wallet is a file that’s used to store sensitive information such as the Identity Cloud Service URL, Client ID, and Client Secret for Oracle Identity Cloud Service securely.
- At the Re-enter your password prompt, enter this password again.
Note:After you install the Provisioning Bridge, a
walletfolder is created, and the Oracle Wallet you created is stored in this folder. This way, when you start the Provisioning Bridge, instead of providing the Identity Cloud Service URL, Client ID, and Client Secret for Oracle Identity Cloud Service, you only have to supply the password you provided for your Oracle Wallet.
Important:There’s no mechanism to recover your Oracle Wallet password if you forget it. If this happens, then delete the
walletfolder and install the Provisioning Bridge again.
- At the Enter the Identity Cloud Service URL, Enter the Client ID, and Enter the Client Secret prompts, enter the Identity Cloud Service URL, Client ID, and Client Secret for Oracle Identity Cloud
Tip:These credentials appear on the [Provisioning_Bridge_Name] page of the Identity Cloud Service console.
- For the following prompts:
Enter the address for the proxy server
Enter the port number of the proxy server
Enter the name of the administrator who can connect to the proxy server
Enter the password of the administrator who can connect to the proxy server
- If your organization has a firewall in place and requires communication to be handled using an HTTP Proxy Server, then enter the full path (or address) of the proxy server, the port number reserved for this server, and the administrator credentials for connecting to the server.
- If your organization doesn’t require communication to be handled using an HTTP Proxy Server, then press Enter after each prompt to skip the prompt.
The bridge attempts to connect to the Oracle Identity Cloud Service server.
If a connection can be established, then information about the Provisioning Bridge you created appears. This information includes the name, description, version number, Identity Cloud Service URL of the identity domain, and the locations of the
Otherwise, you’ll receive an error message, indicating that you entered an incorrect Identity Cloud Service URL, Client ID, or Client Secret. Modify the incorrect values, and try again. If the problem persists, then delete the Oracle Wallet you created, and repeat steps 10-14 of this procedure.