Configuring Oracle Identity Cloud Service User Synchronization

Transportation and Global Trade Management Cloud supports the ability to synchronize users and some of the user attributes with a properly configured external system for an Oracle Identity Cloud Service (IDCS). The user synchronization works by matching up the Transportation and Global Trade Management Cloud Nickname field to the Oracle Identity Cloud Service User Name field. The additional attributes supported include first name, last name, and email address. All of these user attributes fields are required by Oracle Identity Cloud Service for a user.

IDCS Configuration

You will need to know your Oracle Identity Cloud Service instance and the URL. Log into your Oracle Identity Cloud Service instance to create a Confidential Application in your Oracle Identity Cloud Service instance.

  1. Log into IDCS administration console using the credentials provided.
  2. Under Identity domain click Integrated applications.
  3. Click Add application.
  4. Select Confidential Application and click Launch workflow.
  5. Enter a Name and click Next.
  6. On Resource Server Configuration:
    1. Select Skip for Later.
  7. On Client configuration:
    1. Select Configure this application as a client now and Client Credentials as the Allowed Grant Types.
    2. Within the Token Issuance Policy section, select the All button for the Authorized Resources.
    3. Select the Add app roles.
    4. Within the App roles section click the Add roles button.
    5. From the pop-up window select the User Administrator and click Add.
  8. Click Next.
  9. Under Web tier policy select Skip and do later.
  10. Click Finish.
  11. Click Activate and Activate application.
  12. From the General Information section take a note of the Client ID and Client Secret; as these are needed for the external system in Transportation and Global Trade Management.  

External System Configuration

Log into your Transportation and Global Trade Management Cloud instance to create an External System.

Note: On the User, the User Name, First Name, Last Name, Email Address of IDCS all have constraints in IDCS to be less than 100 characters even though Transportation and Global Trade Management Cloud allows larger values. IDCS also validates that the email address is a valid format.

  1. Go to Business Process Automation > Communication Management > External Systems.
  2. Click the New button.
  3. Enter an External System ID.
  4. In the User Name field, provide the Client ID from the Confidential Application you created in your Oracle Identity Cloud Service instance.
  5. In the Password and Password (Confirm) fields, provide the Client Secret from the Confidential Application you created in your Oracle Identity Cloud Service instance.
  6. In the Target Namespace field, select the None option.
  7. In the Content Type field, enter "application/json" (without the quotes).
  8. Clear the Transport Through Data Stream check box.
  9. In the Authentication Type field select the "OAuth 2.0 - Client Credentials" option.
  10. In the Authorization Service Authentication Type field, select "HTTP Authentication (Basic)".
  11. In the Authorization Service URL field, enter your Oracle Identity Cloud Service instance URL with "/oauth2/v1/token" appended to the end such that it looks like https://<YOUR_IDCS_URL_HERE>/oauth2/v1/token.
  12. In the Application Scope field enter "urn:opc:idm:__myscopes__" (without the quotes).
  13. In the URL field, enter your Oracle Identity Cloud Service instance URL such that it looks like "https://<YOUR_IDCS_URL_HERE>".
  14. Click Finish button.

Configure Properties

As a DBA.ADMIN user role user, navigate to Configuration and Administration > Property Management > Property Sets.

  1. Find your CUSTOM property set and edit it.
  2. Within the Properties grid section, add a new property entry so Transportation and Global Trade Management Cloud knows your External System ID you configured for your Oracle Identity Cloud Service instance.
    1. Provide a Sequence number as the next number available.
    2. In the Instruction field, select Set.
    3. Enter a key of "glog.security.user.idcs.externalSystem".
    4. For the Value, enter the External System ID you configured for your Oracle Identity Cloud Service instance.
  3. If you want auto synchronization enabled (See Advanced Settings), then add another new property entry.
    1. Provide a Sequence number as the next number available.
    2. In the Instruction field, select Set.
    3. Enter a key of "glog.security.user.idcs.autosynchronization".
    4. For the Value, enter "true" (without the quotes).
  4. If you want to synchronize user BI Roles to IDCS Groups from OTM to IDCS, add another property. The group synchronization will work from both the User Manager and the Synchronize User action.
    1. Provide a Sequence number as the next number available.
    2. In the Instruction field, select Set.
    3. Enter a key of "glog.security.groups.idcs.synchronization".
    4. For the Value, enter "true" (without the quotes).
    Provide a Reason for Change.
  6. Click Finished.

Advanced Settings

There are advanced property settings for the Transportation and Global Trade Management Cloud to Oracle Identity Cloud Service User Synchronization which allow for some flexibility. See the glog.security.user.idcs properties for details.

Synchronizing

From the User Manager, run the Synchronize User action.

Related Topics

Synchronize User

glog.security Properties

External System

Copyright © 2001, 2023, Oracle and/or its affiliates.

For the latest installation and reference guides, go to the online library. For the additional materials, see Knowledge Document 796594.1 on My Oracle Support.

For questions about Oracle Transportation Management or Global Trade Management, contact Support or find the Support phone number for your region.

If you have any questions or comments about this documentation page, please Contact Oracle DocumentationWas this page helpful? Click to send feedback.How can we improve this page?What did you like about this page?Comments