A Secure Deployment Checklist

The following security checklist covers the main guidelines for securing a Retail Home installation:

Oracle Responsibilities

1. Restrict network access.

2. Follow the principle of least privilege.

   • Do not use a privileged user to run a Retail Home container.

3. Apply all security updates for Retail Home and the environment.

4. Configure authentication providers.

5. Set the domain allowlist.

6. Use secure endpoints for service configurations.

Customer Responsibilities

1. Follow the principle of least privilege:

   • Restrict who has the RETAIL_HOME_ADMIN, PLATFORM_SERVICES_ADMINISTRATOR_ABSTRACT, PLATFORM_SERVICES_ADMINISTRATOR, DATAPRIV_ADMINISTRATOR_REST_API_ROLE, RH_ROLE_REQUEST_ABSTRACT, and RH_ROLE_REMOVE_ABSTRACT roles.