1. Administering Oracle Identity Cloud Service
  2. Get Started
  3. Understand Application Integration
  4. What Are the Types of Application Integrations?
  5. Use Bridges to Integrate Oracle Identity Cloud Service with On-Premises Applications

Use Bridges to Integrate Oracle Identity Cloud Service with On-Premises Applications

This section provides answers to the following questions to help you understand how to use bridges to integrate Oracle Identity Cloud Service with on-premises applications, including Microsoft Active Directory (AD), an enterprise LDAP (such as Oracle Internet Directory), and a business application (such as Oracle E-Business Suite) that’s used to manage and automate your business-related processes:

Topics:

Why Use Bridges to Integrate Oracle Identity Cloud Service with On-Premises Applications?

Most customers have Microsoft Active Directory (AD) as their central directory service. These customers also use AD as their network directory. This directory is where all of their workstations are connected to and where they manage their users.

In addition to AD, customers use

  • An enterprise LDAP to centralize all of their user identities. So, a customer uses AD to manage their employees, but in the centralized LDAP, the customer manages their partners, consumers, and any other users with which the customer has relationships.
  • Business applications to manage and automate processes across their enterprise. These processes include customer relationship management (CRM), enterprise resource planning (ERP), and supply chain management (SCM) processes.

For these reasons, it's imperative that Oracle Identity Cloud Service can integrate with AD, an enterprise LDAP (for example, Oracle Internet Directory), and an on-premises business application (such as Oracle E-Business Suite) to manage and automate the customer’s CRM, ERP, SCM, and other business-related processes.

What Are the Types of On-Premises Application Integrations?

By using Oracle Identity Cloud Service, customers can control when they will migrate their directory-based applications to the cloud. In the interim, they can use one of the following:

  • AD Bridge: This bridge provides a link between your AD enterprise directory structure and Oracle Identity Cloud Service. Oracle Identity Cloud Service can synchronize with this directory structure so that any new, updated, or deleted user or group records are transferred into Oracle Identity Cloud Service. Each minute, the bridge polls AD for any changes to these records and brings these changes into Oracle Identity Cloud Service. So, if a user is deleted in AD, then this change will be propagated into Oracle Identity Cloud Service. Because of this synchronization, the state of each record is synchronized between AD and Oracle Identity Cloud Service. After the user is synchronized from Microsoft Active Directory to Oracle Identity Cloud Service, if you activate or deactivate a user, modify the user's attribute values, or change the group memberships for the user in Oracle Identity Cloud Service, then these changes are propagated to Microsoft Active Directory through the AD Bridge. See Manage Microsoft Active Directory (AD) Bridges for Oracle Identity Cloud Service.

  • Provisioning Bridge: This bridge provides a link between your enterprise LDAP or on-premises business application (such as Oracle Internet Directory or Oracle E-Business Suite) and Oracle Identity Cloud Service. Through synchronization, account data that’s created and updated directly on the LDAP or business application is pulled into Oracle Identity Cloud Service and stored for the corresponding Oracle Identity Cloud Service users and groups. Any changes to these records will be transferred into Oracle Identity Cloud Service. Because of this, the state of each record is synchronized between the LDAP or business applicationand Oracle Identity Cloud Service.

    After users are synchronized from the on-premises business application to Oracle Identity Cloud Service, you can also use the Provisioning Bridge to provision users to the application. Provisioning allows you to use Oracle Identity Cloud Service to manage the lifecycle of users in the application. This includes creating, modifying, deactivating, activating, and removing users and their profiles across the application. Any changes that you make to users or their profiles in Oracle Identity Cloud Service are propagated to the business application through the Provisioning Bridge. See Manage Provisioning Bridges for Oracle Identity Cloud Service.