Step 5: Configuring Just In Time Provisioning in OPERA Cloud Identity Management Portal

The Configure Identity Providers tool in OPERA Cloud Identity Management portal configures attribute mappings for Just-in-time (JIT) provisioning in the selected SAML Identity Provider of the respective Oracle Cloud Infrastructure Identity and Access Management (OCI IAM) Identity Domain.

Enterprise administrators have access to this feature in the OPERA Cloud Identity Management portal Tools page. In addition, the customer administrator should also have the Identity Domain Administrator or the Security Administrator Application Roles in Oracle Cloud Infrastructure Identity and Access Management to configure the Identity Provider.

Configure Identity Providers

1. Log in to OPERA Cloud Identity Management Portal as an enterprise administrator.
2. Click the Tools tile on the Homepage.

   Note:

   Only enterprise and chain-level administrators have access to the Tools tile.

   The Tools page consists of a list of available tools including Configure Identity Providers.

3. Select Configure Identity Providers.
   All active Identity Providers in the respective OCI IAM Identity Domain are shown.

   Note:

   User must have the Identity Domain Administrator or Security Administrator role in Oracle Cloud Infrastructure Identity and Access Management to perform this operation. For more information, refer to Understanding Administrator Roles in the Oracle Cloud Infrastructure Documentation.
4. Click the Configure JIT button next to the respective Identity Provider. This enables JIT for the respective Identity Provider and adds all the attribute mappings including the custom attributes needed for provisioning.

Confirm the JIT Mappings are Created

1. Go to the OCI console and navigate to the Identity domain in which you want to work and select the Identity Provider.
2. Click Configure JIT and confirm the JIT is enabled and the attribute mappings have been created.
3. Click Save changes.

   Note:

   Oracle does not recommend that customers make any customization to the JIT configuration from the Oracle Cloud Infrastructure console. Any updates made in the OCI console will not be saved or captured by the Configure Identity Providers tool.