43 Integrate Oracle Identity Cloud Service SSO with Oracle PeopleSoft HCM

Oracle Identity Cloud Service integration with Oracle PeopleSoft Human Capital Management (HCM) provides Single Sign on (SSO) using a User ID and a Password.

Configure Oracle Identity Cloud Service for PeopleSoft

  1. Access the Identity Cloud Service console.
  2. Expand the Navigation Drawer, click Applications, and then click Add.
  3. In the Add Application page, click Enterprise Application.
  4. Create an Enterprise application. See Add an Enterprise Application.
    1. On SSO Configuration, create a Resource.
    2. On SSO Configuration, create an Authentication Policy and add the headers: OAM_REMOTE_USER and PS_SSO_UID. The header values should be UserName.
    3. Click Finish.
  5. On the Identity Cloud Service console, click Security, App Gateways, and configure a host.
    1. On Add App Gateway, click Add.
    2. Enter a name and description and click Next.
    3. Complete the host information and click Save.
    4. On the Apps tab, add the PeopleSoft application to the App Gateway.

Configure Oracle PeopleSoft HCM

  1. Log in to the PeopleSoft console using administrator credentials and then click the NavBar.PeopleSoft HCM Console
  2. Navigate to PeopleTools, Security, User Profiles, User Profiles.PeopleSoft HCM Console - User Profiles
  3. Add a new profile named OAMPSFT. Provide the password on the first tab. Make sure all user profiles created are in upper case. Click the ID tab and select ID as none.PeopleSoft HCM Console - ID Tab
  4. Click the Roles tab and add the PeopleSoft User. Click Save.PeopleSoft HCM Console - Roles Tab
  5. Navigate to PeopleTools, Web Profile, Web Profile Configuration. Search for the PROD profile and then click the Security tab. Check Allow Public Access and add the OAMPSFT User ID and Password.PeopleSoft HCM Console - Security Tab
  6. Navigate to PeopleTools, Security, Security Objects, Signon PeopleCode. Enable OAMSSO_AUTHENTICATION. Make sure that no other functions are enabled. Signon People Code Screen
  7. Log in to Application Designer. Click Open and select Record from the drop down. For the Selection Criteria Name, enter FUNCLIB_LDAP and then click Open.Application Designer Definition Window
  8. Right click LDAPAUTH and then View PeopleCode. Search for function getWWWAuthConfig() and provide OAMPSFT as the default userid.View PeopleCode Window
  9. Search for the OAMSSO_AUTHENTICATION() function and provide PS_SSO_UID as the Header value.PSS_SSO_UID Header value
  10. You have completed PeopleSoft configuration. Restart PeopleSoft.
  11. Change the index.html, signon.html and signin.html with the Application URL.
    • Update signon.html: /home/psadm2/psft/pt/8.56/webserv/peoplesoft/applications/peoplesoft/PORTAL.war/ps/signon.htmlUpdate signon.html
    • Update signin.html: /home/psadm2/psft/pt/8.56/webserv/peoplesoft/applications/peoplesoft/PORTAL.war/WEB-INF/psftdocs/ps/signin.htmlUpdate signin.html
    • Update signin.html: /home/psadm2/psft/pt/8.56/webserv/peoplesoft/applications/peoplesoft/PORTAL.war/WEB-INF/psftdocs/ps/signin.html

Configure App Gateway for PeopleSoft High Availability

  1. Go to cd /usr/local/nginx/conf/origin_conf.
  2. Create psft_servers.conf.
  3. Add the below values in psft_servers.conf.
    upstream psft-upstream {
            server <PeopleSoft IP1>:8000;
            server <PeopleSoft IP2>:8000;
  4. Restart Ngnix server.

Update the PeopleSoft URL in the App Gateway

  1. Access the Identity Cloud Service console.
  2. Expand the Navigation Drawer, click Security, App Gateway, Apps, and select the application.
  3. In the Edit Assigned App dialog, assign the origin server value as the name of the upstream value.App Gate High Availability