Components
OPERA Cloud Identity Management consist of following components:
- Customer OCI IAM Identity Domains: The
Oracle Cloud Infrastructure (OCI) Identity Domain is a container for
managing users and roles, federating and provisioning users, securing
application integration through Oracle Single Sign-On (SSO) configuration,
and registering clients and resources through OAuth administration.
It represents a user population in Oracle Cloud Infrastructure and
its associated configurations and security settings (such as MFA).
Every OPERA Cloud customer will be provisioned with two dedicated OCI IAM Oracle Apps identity domains: one for non-production environments and the other for production environments, which enables customers to use the OCI IAM Identity Domains service to manage their user access to their OPERA Cloud services. OCI IAM Oracle Apps identity domain should include almost every Identity and Access Management capability that an OPERA Cloud customer would need; however, if the customer requires additional features or higher limits, the customer can change to a different identity domain type. For more information, see IAM Identity Domain Types in the Oracle Cloud Infrastructure Documentation. Oracle Cloud Console (https://cloud.oracle.com) is the administration console for OCI IAM Identity Domain. Customers can refer to the Oracle Cloud Infrastructure Documentation to learn more about the OCI IAM Identity Domains.
- Oracle Hospitality IAM: The OCI IAM Identity domain is where Oracle users are stored and managed through the Oracle corporate identity management system. Customer users are never part of this identity domain and authorized Oracle users can access approved customer environments using Oracle Corporate Single Sign-On (SSO).
- OPERA Cloud Identity Management Portal:
The OPERA Cloud Identity Management Portal is a user and group administration
portal for OPERA Cloud Identity Management where OPERA Cloud customers
can manage their user and group memberships (role memberships). The
OPERA Cloud Identity Management Portal is a user interface which connects
with the respective customer dedicated OCI IAM Identity Domain.
Note:
The OPERA Cloud Identity Management Portal will be used by a federated customer only for managing custom groups and managing Oracle user access to sensitive data and data access roles in OPERA Cloud. - OPERA Cloud Identity Management SCIM API: The System for Cross-domain Identity Management (SCIM) is an open specification that standardizes user and group management across applications and allows for the automation of user and group provisioning. Through the SCIM API available in the Oracle Hospitality Integration Platform (OHIP), OPERA Cloud customers can provision and synchronize data for their users and groups. The OPERA Cloud Identity Management SCIM API is an abstraction of the OCI IAM Identity Domain API with OPERA Cloud specific specifications.
Parent topic: Introduction