Identity Cloud Service Integration Overview

Oracle Identity Cloud Service (IDCS) provides identity and access management functionality for the Oracle Utilities cloud services and supports single sign on (SSO) and identity federation capabilities.

IDCS protects both online and webservices API access to the Oracle Utilities cloud service. Refer to the Detailed Oracle Cloud Services Administration guide for the instructions on how to configure and manage online and API access in IDCS and maintain users, groups, application roles and integration OAuth clients.

IDCS instance is provided with each service subscription. This instance is also sometimes called IDCS tenancy or IDCS stripe. Once provisioned, it is administered exclusively by the client.

Security administrator uses IDCS to manage application users, who are given access to a one or multiple application environment(s). The security administrator may also assign another user to an administrative role in IDCS and delegate user management privileges.

Newly created users receive an account activation email from IDCS, and must reset their password.

The integration with IDCS supports Just-In-Time User Provisioning.

When a user attempts to access the utility application URL, the user is redirected to IDCS for authentication. Once the user is successfully authenticated by IDCS, they are redirected to the application and the authentication token is evaluated and validated. The system then checks if the user already exists in the application, and if not, it triggers the Just-In-Time User Provisioning logic that creates and activates the new user.

The F1-IDMUser business object is used for creation of new user records sourced from the external identity management integrations.

For the integration with IDCS, the algorithm is defined on the F1-IDMUser business object to determine the Template User whose information should be copied to the newly created user.

Related Topics:

Parent Topic: Identity Cloud Service Integration