Authentication

Authentication refers to the ways that a customer can access the Business Customer Engagement Digital Self Service - Energy Management web portal securely. The two methods available are single sign-on (SSO) and standalone account management. Each utility chooses which one of these to implement when launching the Oracle Utilities Opower program. In addition, some Customer Service Representatives may be able to access a business customer's web portal account to help them troubleshoot issues. The authentication method in place depends on each utility's setup and configuration.

Single Sign-On (SSO)

SSO allows business customers to use the same username and password to access the web portal and any other web applications provided by a utility. All usernames and passwords are created, maintained, and updated on the utility's web site. The method of SSO depends on the type of implementation (standalone or embedded) that is agreed upon between Oracle Utilities and the utility.

SSO for Standalone Implementations

For standalone implementations of the cloud service, Oracle Utilities uses Security Assertion Markup Language (SAML) 2.0 to implement SSO with utilities. Moreover, Oracle Utilities supports Identity Provider-Initiated and Service Provider-Initiated SSO using HTTP POST binding. As part of the SSO implementation process, the utility must provide a SAML metadata file and a SAML insertion with the required information. This allows Oracle Utilities to identify the customer and authenticate the request. See the Oracle Utilities Opower SSO Configuration Guide for details.

SSO for Embedded Widget Implementations

For embedded widget implementations of the cloud service, Oracle Utilities supports OpenID Connect-based SSO. In this case, the utility website acts as the Relying Party and must have an integrated authentication server that conforms to the OpenID Connect specification. See OpenID Connect Single Sign-On (SSO) Configuration for details.

SSO requires all authentication to be handled by the utility's website. After business customers have been authenticated using the utility website sign-in options, they have access to all features and pages of the Business Customer Engagement Digital Self Service - Energy Management cloud service. This can include individually hosted pages as well as content that has been embedded directly within the utility's website.

Note:

In cases where SSO credentials are maintained by the utility's web site, business customers cannot use the Account Center to change their login email or password.

Standalone Authentication

Standalone account management requires business customers to create a new Business Customer Engagement Digital Self Service - Energy Management account (including a user name and password) that is separate from any other utility-provided web applications or accounts. When standalone account management is implemented, business customers can access the web portal by navigating directly to it and creating a new account once they get there.

Energy Use View Example

The following image shows a standard example of the Energy Use view.


Screenshot of the Energy Use view in the Data Browser for business customers.

Account Sign In and Sign Out

Business customers who have created their account can use their account email address and password to sign in from the landing page. A standard link is available throughout the web portal for signing out. By default, the session lasts for 30 minutes before timeout, at which point the customer is automatically signed out.

Password Reset

Business customers can request a password reset if they have forgotten their current password. To complete this process, a customer first selects the Forgot password? option included with the account sign-in options. The customer is prompted to enter their utility account email address, to which a reset password email is sent. The email includes a link that directs the customer to a reset your password page, which prompts the customer to create and confirm their new password.

Note:

If a customer knows their password and wants to change it, they can use the Account Center rather than the password reset feature.