Federation guidelines

Keep the following guidelines in mind when using a federated account with Oracle Health Sciences Identity and Access Management Service (Oracle Life Sciences IAMS).

Federation account linking

Some Oracle Health Sciences products, such as Oracle InForm, support federation with third party identity providers (for example, Exostar). To use federation, you must link your identity provider account with your Oracle Life Sciences IAMS account. For specific information on how to use federation with your product, see your product documentation.

Oracle Life Sciences IAMS supports Security Assertion Markup Language (SAML) federation between a customer Identity Provider (IDP) and Identity Cloud Service (IDCS) for use in Oracle Clinical One Platform.

Access control

• If you cannot access Oracle Health Sciences Cloud using your identity provider, you can log into Oracle systems directly using your Oracle Health Sciences SSO credentials.
• User accounts created through Oracle IDCS will continue to receive Oracle Life Sciences IAMS new account and password expiration notification emails. Please contact your Oracle Services lead if you would like to disable these notification emails.

Session security

• When logging out of Oracle Health Sciences Cloud, close your browser to ensure all logins are terminated. You may be logged into Oracle in multiple browser windows or tabs. Logging out in one browser window does not log you out of all browser windows. Closing all open browsers ensures all logins are terminated.
• Your Oracle Life Sciences IAMS login can time out while your identity provider login is still active. Note that your system-wide login timeout is defined by your identity provider.
• The re-authentication period for your Oracle Health Sciences SSO login may be extended when you have an active identity provider login. Because the identity provider re-authentication time exceeds the Oracle Life Sciences IAMS time limit, someone may be able to re-login on your computer without re-entering your login credentials even after the Oracle Life Sciences IAMS timeout period. Note that your authentication period is extended to the authentication period defined by your identity provider when an identity provider login is in use. You can avoid this extension by closing your browser after logging out.

Electronic signatures

If you have logged into the Oracle Health Sciences Cloud using your identity provider credentials, the system requires you to re-authenticate using those same credentials for electronic signature.

When users are authenticated through federation with Oracle Identity Cloud Service (IDCS), they can eSign a document in an application using IDCS credentials.