Overview of Self-Service Users

In the past, Fusion Service used its own identity provider for authentication and authorization.

As a result, Digital Customer Service self-service users who had to access data in Fusion Service were required to have an account in both Oracle Identity Cloud Service and in the Fusion Service identity store. The self-service registration process had to create user accounts in the Fusion Service identity store, and then synchronize them to Identity Cloud Service. You also couldn't configure the Fusion Service login page to match your corporate brand requirements.

Along with these limitations, the Fusion Service identity provider is limited in its ability to scale as it was designed more for Fusion applications rather than B2C applications. Many of the implementations oriented more to B2C require more scalability.

Using this implementation, users can access data in Fusion Service using accounts that reside solely in Identity Cloud Service. When a user submits a self registration request, it goes to Fusion for approval. Once approved, the user account is created in Identity Cloud Service and a simple contact record is created in Fusion Service. In addition, the Identity Cloud Service sends out a welcome email to the user at which point the user can create their own password.

The contact record has the IDCS user GUID which provides a link to the IDCS user. When a REST API request is made the user is mapped to a set of proxy users that are predefined in Fusion Service. Each of the proxy users can execute a set of predefined APIs.

When the user logs in to the application the only login option is by way of Identity Cloud Service. The log in information can be configured by the user. All management of users is done using the Identity Cloud Service administrations console. There's no need for user synchronization for self service users as they're already present in Identity Cloud Service.