1. REST API for Federation Management in Oracle Access Manager
  2. Endpoints

All REST Endpoints

Fed Global
The REST endpoint service request is used to configure, update and retrieve the Fed Global parameters.
Configure Fed Global
Method: post
Path: /oam/services/rest/11.1.2.0.0/fed/admin/fedglobal
Update Fed Global
Method: put
Path: /oam/services/rest/11.1.2.0.0/fed/admin/fedglobal
View Fed Global
Method: get
Path: /oam/services/rest/11.1.2.0.0/fed/admin/fedglobal
OIFR1/Orchestrator
The OIF Federation Wiring REST service will establish Federation trust between the IdP and an SP Partner and enable or disable Federation SSO between those two partners. This service will be invoked by the DevOps automation scripts, or by a Self Service Admin page.
    The input provided to this service will consist of
  • The name of the tenant in PaaS
  • The type of service that will act as an SP (PaaS, Taleo, RightNow)
  • The connection information to access the various components needed to be configured (PaaS OID, PaaS OIF, PaaS OAM, SaaS OIF...)
  • Whether or not to enable Federation SSO
    The service will allow a client to:
  • Establish trust between an IdP and an SP and enable Federation SSO between those partners so that the user at the SP will be redirected to the IdP for authentication
  • Disable Federation SSO between those partners so that the user at the SP will be challenged for local authentication
Orchestrator Service
Method: post
Path: /oam/services/rest/11.1.2.0.0/fed/admin/orchestratorservice
OIFR1/SSO Service
The REST endpoint POST request is used to configure the SSO service. This API is used for wiring with Fusion Applications and it configures the FAAuthScheme.

For Fusion Applications, IdP is configured at global level to:

  • Enable SAML 2.0 only.
  • Enable SSO POST, SSO Artifact, SLO Redirect profiles only.
  • NameID:
    • Email Address with mail as the attribute of the user.
    • Unspecified with uid as the attribute of the user (default).
  • One set of keys/certificates for SAML operations.

OAM/Fed will be able to have specific SP Partner configuration:

  • SSO binding to be used.
  • NameID format and value to be used.
  • Extra attributes to be sent
    • NameID value sent as an attribute: SP Partner will indicate the SAML Attribute name, and whether to send user's ID or email address.
    • Static attribute value used by the SP during Assertion mapping operations: SP Partner will indicate the SAML Attribute name and its value.
Configure SSO Service
Method: post
Path: /oam/services/rest/11.1.2.0.0/fed/admin/ssoservice
OIFR1/Trusted Partner/IDP Partner
The services hosting the SAML 2.0 SP server, such as OIF, PaaS, Taleo, RightNow... will provide an implementation of the REST APIs interface defined in this section that will be invoked by the Federation Wiring Tool to provision an IdP and configure Federation SSO at the various service SPs
Create Partner
Method: post
Path: /oam/services/rest/11.1.2.0.0/fed/admin/trustedidppartners
OIFR1/Trusted Partner/SP Partner
The REST endpoint service request to support create trusted SP partners.
Create Partner
Method: post
Path: /oam/services/rest/11.1.2.0.0/fed/admin/trustedsppartners
R2PS3 | 12C/Orchestrator
The OIF Federation Wiring REST service will establish Federation trust between the IdP and an SP Partner and enable or disable Federation SSO between those two partners. This service will be invoked by the DevOps automation scripts, or by a Self Service Admin page.
    The input provided to this service will consist of
  • The name of the tenant in PaaS
  • The type of service that will act as an SP (PaaS, Taleo, RightNow)
  • The connection information to access the various components needed to be configured (PaaS OID, PaaS OIF, PaaS OAM, SaaS OIF...)
  • Whether or not to enable Federation SSO
    The service will allow a client to:
  • Establish trust between an IdP and an SP and enable Federation SSO between those partners so that the user at the SP will be redirected to the IdP for authentication
  • Disable Federation SSO between those partners so that the user at the SP will be challenged for local authentication
Orchestrator Service
Method: post
Path: /oam/services/rest/11.1.2.0.0/fed/admin/orchestrator
R2PS3 | 12C/SSO Service
The operations from the R2PS3 | 12C/SSO Service category.
Update SSO Service
Method: put
Path: /oam/services/rest/11.1.2.0.0/fed/admin/sso
View SSO Service
Method: get
Path: /oam/services/rest/11.1.2.0.0/fed/admin/sso
SSO Service
The REST endpoint is used to configure, update and retrieve SSO Service parameters.
Configure SSO Service
Method: post
Path: /oam/services/rest/11.1.2.0.0/fed/admin/sso
Test SP SSO
The operations from the Test SP SSO category.
Configure Test SP SSO
Method: post
Path: /oam/services/rest/11.1.2.0.0/fed/admin/testsp
Disable Test SP SSO
Method: put
Path: /oam/services/rest/11.1.2.0.0/fed/admin/testsp
View Test SP SSO
Method: get
Path: /oam/services/rest/11.1.2.0.0/fed/admin/testsp
Trusted Partner V1/API Key/IDP Partner
Create, Get API key for IDP partner.
Update Partner API Key
Method: post
Path: /oam/services/rest/v1/fed/admin/partners/idp/{partnerName}/apikey
View Partner API Key
Method: get
Path: /oam/services/rest/v1/fed/admin/partners/idp/{partnerName}/apikey
Trusted Partner V1/API Key/SP Partner
Create, Get API key for SP partner.
Update Partner API Key
Method: post
Path: /oam/services/rest/v1/fed/admin/partners/sp/{partnerName}/apikey
View Partner API Key
Method: get
Path: /oam/services/rest/v1/fed/admin/partners/sp/{partnerName}/apikey
Trusted Partner V1/Partner Config/IDP Partner
Federation IDP Partner Rest API
Update Partner config
Method: post
Path: /oam/services/rest/v1/fed/partners/idp/{partnerName}
Trusted Partner V1/Partner Config/SP Partner
Federation SP Partner Rest API
Update Partner config
Method: post
Path: /oam/services/rest/v1/fed/partners/sp/{partnerName}
Trusted Partner/IDP Partner
Create, Update and Delete Trusted IDP partner.
Create Partner
Method: post
Path: /oam/services/rest/11.1.2.0.0/fed/admin/trustedpartners/idp/{partnerName}
Delete Partner
Method: delete
Path: /oam/services/rest/11.1.2.0.0/fed/admin/trustedpartners/idp/{partnerName}
List Partners
Method: get
Path: /oam/services/rest/11.1.2.0.0/fed/admin/trustedpartners/idp
Update Partner
Method: put
Path: /oam/services/rest/11.1.2.0.0/fed/admin/trustedpartners/idp/{partnerName}
View Partner
Method: get
Path: /oam/services/rest/11.1.2.0.0/fed/admin/trustedpartners/idp/{partnerName}
Trusted Partner/SP Partner
Create, Update and Delete Trusted SP partner.
Create Partner
Method: post
Path: /oam/services/rest/11.1.2.0.0/fed/admin/trustedpartners/sp/{partnerName}
Delete Partner
Method: delete
Path: /oam/services/rest/11.1.2.0.0/fed/admin/trustedpartners/sp/{partnerName}
List Partners
Method: get
Path: /oam/services/rest/11.1.2.0.0/fed/admin/trustedpartners/sp
Update Partner
Method: put
Path: /oam/services/rest/11.1.2.0.0/fed/admin/trustedpartners/sp/{partnerName}
View Partner
Method: get
Path: /oam/services/rest/11.1.2.0.0/fed/admin/trustedpartners/sp/{partnerName}