1. SSO and Alternate Authentication Setup
  2. Technical Configuration for SSO

Technical Configuration for SSO

For SAML2 SSO setup, the customer and Oracle exchange certain technical information needed to configure both systems.

Customer Provides Oracle provides
  • SAML2.0 Metadata including signing certificate.
  • For some IDPs customer may also need to provide additional information (details below).
  • Application Service Provide ID
  • The public key for request signing
  • SAML assertion URL
  • Other IDP configuration

Customer provided information:

The customer configures their IDP for Cloud WMS authentication, generates the SAML2 Metadata file, and sends it to Oracle. IDPs that support SAML2 SSO will have a mechanism to generate this file, including Oracle IDCS and Azure AD.

SAML2.0 MetaData - Customer must provide IDP metadata for SAML2.0, it can be provided in a metadata.xml file or a URL allowing Oracle to download the IDP metadata from customer site.

The specific fields that are used by Oracle are explained below. In addition, for IDCS, the MyApp URL is also needed (details below) and has to be sent separately as its not part of the metadata file.