1 Introduction

OPERA Cloud Identity Management provides the capability of identity federation by determining which customers can integrate their identity provider with OPERA Cloud to implement single sign on with OPERA Cloud. Leveraging OPERA Cloud Identity Management’s identity federation feature, customers can use their corporate credentials to log on to OPERA Cloud, which eliminates the necessity to separately manage users and their access to OPERA Cloud.

OPERA Cloud Identity Management Identity Federation is based on the SAML 2.0 standard and can be integrated with any SAML 2.0 compliant identity provider.

• Terminologies
  

Terminologies

The below terminologies are commonly used in OPERA Cloud Identity Management and are associated with Identity federation.

• Identity Provider (IDP): Identity provider is a service that provides identifying credentials and authentication for users. It is the system where actual user credentials are stored and is also the source of truth for users and their access.
• Service Provider: A service (such as an application, website, and so on) that calls upon an IdP to authenticate users. In this case, Oracle Hospitality OPERA Cloud is the SP.
• Metadata File: An IdP-provided XML-based document that provides the required information to an SP to federate with that IdP. Oracle Hospitality OPERA Cloud supports the SAML 2.0 protocol, which is an XML-based standard for sharing required information between the IdP and SP.
• Federated Customer: The OPERA Cloud customer who is using the identity federation feature in OPERA Cloud Identity Management to enable SSO for OPERA Cloud using their identity provider.
• Federated User: A user who logs in to Oracle Hospitality OPERA Cloud using a federated IdP login.
• JIT: Just-In-Time provisioning (JIT) is a feature in OPERA Cloud Identity Management Identity Federation which will create or update a federated user as soon as that user logs in to OPERA Cloud using IDP login.