1. Oracle Warehouse Management Cloud SSO and Alternate Authentication Setup
  2. Technical Configuration for OAuth2

Technical Configuration for OAuth2

Note: Federation and MFA (Multi Factor Authentication) are not supported. The OAuth2 flow only supports the ROPC (Resource Owner Password Credentials) grant type, as defined here:

https://tools.ietf.org/html/rfc6749#section-4.3

When submitting an SR to My Oracle Support to setup OAuth2 authentication, you need to provide the data per the table below. The technical details are explained in the reference links below.

Oracle IDCS Reference

https://docs.oracle.com/en/cloud/get-started/subscriptions-cloud/csimg/obtaining-access-token-using-user-credentials-client-assertion.html

Azure AD Reference

https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-oauth-ropc

Item Description
Identity Provider Name Name of IDP such as Azure AD or Oracle IDCS.
Endpoint URL Used by the WMS to authenticate
Client ID Needed for Oracle IDCS and Azure AD
Client Secret Needed for Oracle IDCS and Azure AD
Resource/Scope Needed for Oracle IDCS and Azure AD
X-USER-IDENTITY-DOMAIN-NAME Needed for Oracle IDCS
Domain name

Used to link WMS username with the OAuth2 username, using "Alternate username"

For example if the username is "jdoe"@somedomain.com, then the domain name is somedomain.com.

NOTE: Customers need to provide ALL domains that they need for WMS. We don’t support generic consumer domains (for example: @yahoo.com @gmail.com)