Authentication

Authentication refers to the ways that a customer can access the Business Customer Engagement Digital Self Service - Energy Management web portal securely. The two methods available are single sign-on (SSO) and standalone account management. Each utility chooses which one of these to implement when launching the Oracle Utilities Opower program. In addition, some Customer Service Representatives may be able to access a business customer's web portal account to help them troubleshoot issues. The authentication method in place depends on each utility's setup and configuration.

On this page:

• Authentication
• • Single Sign-On (SSO)
  • Standalone Authentication
  • • Account Creation
    • Account Sign In and Sign Out
    • Password Reset

Single Sign-On (SSO)

SSO allows business customers to use the same username and password to access the web portal and any other web applications provided by a utility. All usernames and passwords are created, maintained, and updated on the utility's web site. The method of SSO depends on the type of implementation (standalone or embedded) that is agreed upon between Oracle Utilities and the utility.

SSO for Standalone Implementations

For standalone implementations of the cloud service, Oracle Utilities uses Security Assertion Markup Language (SAML) 2.0 to implement SSO with utilities. Moreover, Oracle Utilities supports Identity Provider-Initiated and Service Provider-Initiated SSO using HTTP POST binding. As part of the SSO implementation process, the utility must provide a SAML metadata file and a SAML insertion with the required information. This allows Oracle Utilities to identify the customer and authenticate the request. See the Oracle Utilities Opower SSO Configuration Guide for details.

SSO for Embedded Widget Implementations

For embedded widget implementations of the cloud service, Oracle Utilities supports OpenID Connect-based SSO. In this case, the utility website acts as the Relying Party and must have an integrated authentication server that conforms to the OpenID Connect specification. See OpenID Connect Single Sign-On (SSO) Configuration for details.

SSO requires all authentication to be handled by the utility's website. After business customers have been authenticated using the utility website sign-in options, they have access to all features and pages of the Business Customer Engagement Digital Self Service - Energy Management cloud service. This can include individually hosted pages as well as content that has been embedded directly within the utility's website.

Note: In cases where SSO credentials are maintained by the utility's web site, business customers cannot use the Account Center to change their login email or password.

Back to Top

Standalone Authentication

Standalone account management requires business customers to create a new Business Customer Engagement Digital Self Service - Energy Management account (including a user name and password) that is separate from any other utility-provided web applications or accounts. When standalone account management is implemented, business customers can access the web portal by navigating directly to it and creating a new account once they get there.

Account Creation

The Welcome page of the web portal allows business customers to create a new account. New customers are often directed to this landing page through messages or promotions from their utility.

Confirming the Customer's Account: Business customers creating a new account must provide their name and account number exactly as it appears on their utility bill. If a customer provides incorrect information, error messages are displayed which help guide the user in how to provide the information accurately.

Entering an Email and Password: After a business customer provides accurate account information, they must provide an email and password for their new account. Passwords must be at least eight characters in length, and must not be or contain the customer’s name or email address. Depending on the utility's setup and configuration, the following additional password requirements may apply:

• Minimum number of digits
• Minimum number of special characters
• Minimum lower case characters
• Minimum upper case characters
• Must be different than previous password

Completing this step sends a confirmation email to the email address the business customer supplied, which the customer then uses to verify the email address. Business customers can update their email and password in the Account Center.

Back to Top

Account Sign In and Sign Out

Business customers who have created their account can use their account email address and password to sign in from the landing page. A standard link is available throughout the web portal for signing out. By default, the session lasts for 30 minutes before timeout, at which point the customer is automatically signed out.

Back to Top

Password Reset

Business customers can request a password reset if they have forgotten their current password. To complete this process, a customer first selects the Forgot password? option included with the account sign-in options. The customer is prompted to enter their utility account email address, to which a reset password email is sent. The email includes a link that directs the customer to a reset your password page, which prompts the customer to create and confirm their new password.

Note: If a customer knows their password and wants to change it, they can use the Account Center rather than the password reset feature.

Back to Top