Set Up Customer Cloud Service Identity Domain as Service Provider in Fusion Applications Identity Domain

Your system administrator completes this task.

1. Log in to your Fusion applications identity domain in your Oracle Cloud Infrastructure account. You can get this link from your welcome email. If you have questions about which tenancy and domain to log in to, contact My Oracle Support.

2. Go to Applications and then click Add to create a new application.

3. Select SAML Application.

4. Complete these fields, and then click Next:

   • Name

   • Description

   • Enforce Grants as Authorization: Deselect this option.

5. In the SSO Configuration section, complete the following fields. Example values for each field are provided below, using idcs-xxx.identity.oraclecloud.com as the basis for the value. You will replace this value with your own information.

   • Entity ID: https:// idcs-xxx.identity.oraclecloud.com:443/fed

   • Assertion Consumer URL: https://idcs-xxx.identity.oraclecloud.com/fed/v1/sp/sso

   • NameID Format: Select Unspecified from the drop-down list.

   • NameID Value: Select Username from the drop-down list.

6. In the Additional Configurations section, complete these fields:

   • Signed SSO: Assertion

   • Signature Hashing Algorithm: SHA-256

   • Enable Single Logout: Deselect this field.

7. At the top of the screen, click the Download the identity metadata provider button. If applicable, click the Keep button to continue.

8. Click the Download signing certificates button. If applicable, click the Keep button to continue.

9. Make note of the file names you download, as you will need them in the next task.

10. Click Finish at the bottom of the screen.

11. On the next screen, click the Activate button, then click Activate Application.