1. Configuring Applications
  2. How do I configure Pass-Through authentication?

How do I configure Pass-Through authentication?

The pass-through authentication (PTA) option helps track the actual usage of users accessing Knowledge Advanced for B2C Service from Oracle Field Service. When you select PTA as the security policy in Oracle Field Service, Oracle B2C Service acts as an IDP. This security policy uses PTA in Oracle B2C Service to create the contact and provide access to Knowledge Advanced for B2C Service.

Follow these steps:

  1. Click Configuration > Oracle Knowledge.
    Oracle Knowledge is displayed on the Configuration page, only if you've a license for it:

    This screenshot shows the Configure PTA dialog box.


    This screenshot shows the Configure PTA dialog box.
  2. Complete these fields:

    Field

    Description

    Security policy

    The security policy that you want to use to connect to Knowledge Advanced for B2C Service. Select Pass-Through Authentication.

    URL

    The URL to access the knowledge base.

    User Name

    User name is a concatenation of your Oracle Field Service user name and the string &p_li_passwd followed by the value of PTA_SECRET_KEY. For example, 'john.smith&p_li_passwd=ThisIsASecret'.

    Password

    Your Oracle Field Service password.

    Knowledge fields mapping

    Provides the possibility to configure the parameters of the context search and filtering, based on activity properties. Select the desired search, category, and product properties from the drop-down lists.
  3. Click Save.
    See the PTA guide for more information about the configuration settings.

What to do next

PTA Fields and Values

Note: Connectivity must be available to integrate Oracle Field Service with Knowledge Advanced for B2C Service. Oracle Field Service must be able to reach the Knowledge Advanced for B2C Service URL.

Name

Value

Description

PTA_ENABLED

Yes

Enables the use of PTA login integration.

PTA_ENCRYPTION_KEYGEN

3

Specifies the type of keygen method to use for PTA encryption. 3 ? RSSL_KEYGEN_NONE

PTA_ENCRYPTION_METHOD

aes256

Specifies the encryption scheme PTA logins should use. aes256 ? 256 bit AES in CBC mode

PTA_ENCRYPTION_PADDING

1

Specifies the type of padding method to use for PTA encryption. 1 ? RSSL_PAD_PKCS7

PTA_IGNORE_CONTACT_PASSWORD

Yes

Specifies whether contact passwords are honored during PTA logins. If enabled, contact passwords are ignored and users can log in through PTA with just a user name.

PTA_SECRET_KEY

< User defined value >

Specifies the secret key used to validate login integration parameters, when encryption is disabled, or to decode the PTA string when encryption is enabled. If encryption is disabled, you must pass this value as a p_li_passwd parameter encoded within the PTA login string. If encryption is enabled, you must not include this value within the PTA string and use only to encrypt the value sent. Requests that send an invalid value are rejected.

This key used as the "Secret Key" in the new configuration page of Oracle Knowledge.

NOTE: As part of the new user authentication process, Oracle B2C Service expects an email address as a required field. Oracle Field Service uses the user email address configured in a custom property selected as "Email for password reset" on the "Display" screen for this purpose. If you haven't enabled this email address, or you've provided an invalid email address, Oracle Field Service generates a dummy email address in the format " <Oracle Field Service_login>@<Oracle Field Service_instance_id >. invalid". If a domain isn't available in the email address field, the application doesn't create a contact. So, make sure that you've configured a valid email id in Oracle Field Service.

Security Policy as a Basic Authentication

This policy supports the existing single user-based access to Knowledge Advanced for B2C Service.

Name

Value

Description

PTA_ENABLED

Yes

Enables the use of PTA login integration.

PTA_ENCRYPTION_KEYGEN

Empty value

Specifies the keygen method used for PTA encryption.

PTA_ENCRYPTION_METHOD

Empty value

Specifies the encryption method you want to use.

PTA_ENCRYPTION_PADDING

Empty value

Specifies the padding method used for PTA encryption.

PTA_IGNORE_CONTACT_PASSWORD

No

Specifies whether contact passwords are honored during PTA logins. If enabled, contact passwords are ignored and users can log in through PTA with just a username.

PTA_SECRET_KEY

Empty value

Specifies the secret key used to validate login integration parameters when encryption is disabled, or to decode the PTA string when encryption is enabled.

Oracle Field Service - Knowledge Advanced for B2C Service Authentication Workflow

  1. When a user opens Knowledge Advanced for B2C Service pages from Oracle Field Service, Oracle Field Service initiates a request to Oracle B2C Service for authentication.

  2. It validates whether a user that's present in Oracle B2C Service is using the user id.

  3. If a valid user id is present in Oracle B2C Service, the user is authorized to access the Knowledge Advanced for B2C Service pages.

  4. If there's no user present in Oracle B2C Service, Oracle Field Service creates a new contact in Oracle B2C Service with User login, user last name, and email. The user login and user last name are taken from the Oracle Field Service login details. The email is taken from restore password (if email id is defined there) and updated in Oracle B2C Service.

  5. If there's no valid email available in Oracle Field Service, a dummy email is created in Oracle B2C Service with the format, <Oracle Field Service_login>@<Oracle Field Service_instance_id>.invalid. Make sure that you've a valid email id in Oracle Field Service, before you create a new request in Knowledge Advanced for B2C Service, so that the contact in Oracle B2C Service is created with a valid email id.