User Re-authentication

The following is the process overview that occurs when you attempt to re-authenticate from Oracle Argus Safety while performing privilege activity within the Case or Report workflow like Case Lock or Unlock, etc. Initial login does not utilize the re-authentication URI.

  • Assumptions

    • Service Provider IDM (like OAM) supports Re-authenticate URI and sets the last re-authentication header every time a user is re-authenticated.
    • Re-authentication headers and URI are configured in Argus Console > System Management > Single Sign-On.
  • Logical flow

    1. When you try to re-authenticate, say in case lock, a case locking authentication pop-up appears, where you re-authenticate yourself.
    2. When re-authentication is enabled, an Authorize link is provided instead of the Password field.
    3. On click of the Authorize link, you are redirected the IdP Login page, where the you enter your login credentials.
    4. IdP authenticates your credentials and responds to the Service Provider through the SAML assertions.
    5. Service Provider sets the Re-authentication HTTP Header value and redirects the request to Oracle Argus Safety post authentication process page.
    6. In the Case Locking screen, the signature icon changes to green and you can continue with the case lock operation.