1. How do I set up OCI Identity and Access Management for Student Financial Aid?
  2. Prepare User Accounts for Single Sign-On

Prepare User Accounts for Single Sign-On

Verify user identity details and update Oracle Analytics Server (OAS) accounts so user names match Oracle Cloud Infrastructure Identity and Access Management (IAM) email addresses.

Before you start

To use single sign-on (SSO), each person must have an account in both IAM and OAS, and the user name (email address) must be exactly the same in both systems.

If all your users in OAS already log in with their email addresses, you don’t need to make changes to user accounts.

If you created shared accounts or used something other than an email address as a user name, update each account so users log in with their own email address.

Here's what to do

  1. From the OAS console, go to Security Realms, choose myrealm, then click Users and Groups.
  2. Add or edit a user and verify these settings:
    • Name: Enter the user’s email address
    • Description: Optional
    • Provider: Set to DefaultAuthenticator.
    • Password: Any value is acceptable. This password won’t be used to log in because authentication is handled by your organization’s identity provider.

Results:

You don’t need to create special groups in IAM just for OAS. Make sure the user has an account in IAM and that their email matches what’s entered in OAS.

All permissions and access are controlled inside OAS and can be managed by your OAS administrators.