Setup External Identity Provider

Configure a Security Assertion Markup Language (SAML) 2.0 external identity provider such as Active Directory Federation Services (AD FS) for federated SSO to Oracle Identity Cloud Service.

Configuration steps include:

• Configure Microsoft Active Directory Bridge or implement user data synchronization via REST SCIM API or flat file import.

• Setup the Security Assertion Markup Language 2.0 Identity Provider.

• Verify Federated Single Sign-On.

To access detailed configuration instructions provided by Identity Cloud Service:

• Navigate to the Identity Cloud Service console dashboard and select Managing Security Settings to access online Identity Cloud Service tutorials.

Oracle Identity Cloud Service console dashboard with Managing Security Settings indicated

• Follow the instructions under Configure External Provider.

Oracle Identity Cloud Service console dashboard, Managing Security Settings page, with Configure External Provider highlighted

Note: Federated authentication is enabled by default. This configuration means the user credentials will be validated against a configured Identity Provider. When configuring Identity Bridge define the federated authentication as follows:

• To continue validate credentials and maintain passwords and password rules in the external identity management system leave the Federated Authentication checkbox checked

• To validate credentials and manage passwords in Identity Cloud Service uncheck the Federated Authentication checkbox. Identity Cloud Service will generate the password for the users and send the notification by email (the email attribute must be filled in Microsoft Active Directory and mapped to the Oracle Identity Cloud Service).