Authentication

4 Authentication

From a security point of view, authentication is all about identification of the user. It is the first line of defense in any security solution. In simple terms, it can be as simple as the challenge-response mechanism we know as userid and password.

The authentication aspect of security for the Oracle Utilities Cloud Services is delegated to Oracle Cloud Infrastructure Identity and Access Management (IAM).

Online Authentication

The Oracle Utilities Cloud Services delegates the responsibility of authentication of the online users to Oracle Cloud Infrastructure Identity and Access Management (IAM). This allows security administrators to centrally manage cloud users centrally.

The Oracle Utilities Cloud Services uses Security Assertion Markup Language (SAML), OAuth2, and other protocols to integrate to Oracle Cloud Infrastructure Identity and Access Management (IAM). This integration is automatically deployed when the Oracle Utilities Cloud Services is deployed. Synchronization between the Oracle Cloud Infrastructure Identity and Access Management (IAM) and the Oracle Utilities Cloud Services uses the Identity Cloud Adapter.

For more information, refer to the Oracle Cloud Infrastructure Identity and Access Management documentation .

Batch Authentication

The Batch component of the architecture uses Oracle Cloud Infrastructure Identity and Access Management (IAM) and cloud security to authenticate users to execute batch processes. From an authentication point of view, the deployment of the Oracle Utilities Cloud Services automatically configured authentication for the batch processes.

Web Service Authentication

The Web Service component of the Oracle Utilities Cloud Services is housed in the Oracle Utilities Cloud Services infrastructure and utilizes Oracle Cloud Infrastructure Identity and Access Management (IAM) and Inbound Web Services security configuration to authenticate users using the relevant configured WS-Policy.

From an authentication point of view, the deployment of the Oracle Utilities Cloud Services automatically configured authentication for web services.

Privileged Users

By default, the Oracle Utilities Cloud Services delivers a single initial privileged user SYSUSER in the installation. This user was intended to be used solely to add other initial users into your service. As this role is now provided by the Oracle Cloud Infrastructure Identity and Access Management solution provided with the service, the SYSUSER user is now delivered disabled by default.

For backward compatibility purposes, you may request to temporarily re-enable this user to migrate any configuration over to other users in this release. In future releases, the ability to re-enable the user will be revoked.