This is a readme document for Oracle Advanced Authentication (OAA) and Oracle Adaptive Risk Management (OARM) 12.2.1.4.1.
- OAA and OARM Installation Images
- Updates in OAA and OARM, January 2024 Refresh
- Updates in OAA and OARM, September 2023 Refresh
- Updates in OAA and OARM, June 2023 Refresh
- Updates in OAA and OARM, May 2023 Refresh
- Updates in OAA and OARM, March 2023 Refresh
- Updates in OAA and OARM, October 2022 Refresh
- Updates in OAA and OARM, April 2022 Refresh
1.1 OAA and OARM Installation Images
- OAA-OARM
- OAA only
- OARM only
To download the installation images see document ID 2723908.1 on My Oracle Support.
To install OAA or OARM, see Installing Oracle Advanced Authentication and Oracle Adaptive Risk Management.
1.2 Updates in OAA and OARM, January 2024 Refresh
OAA and OARM includes the following updates in this refresh:
- Support for TOTP Registration URL:
OAA provides a Rest API to generate a Registration URL for mobile applications enrolling for Time-based One Time Password (TOTP) creation.
See Configuration Properties for OAA for more information on the configuration properties provided for controlling REST API services.
- Support to Configure Bypass Challenge Property
Customers can now configure the bypass challenge property, which allows them to bypass challenges during subsequent logins for a configurable time period. See Configuration Properties for OAA .
- Enhanced Error Handling for OAA and OAM Integration
Error handling is now improved significantly, when OAA and OAM are integrated for runtime user flows. This enhancement requires the corresponding OAM bundle patch, which is released in January 2024.
1.3 Updates in OAA and OARM, September 2023 Refresh
OAA and OARM includes the following updates in this refresh:
- Support for XML-formatted payload for REST APIs:
XML payloads are now supported by the OAA/OARM Runtime and Risk Service APIs. See REST API for Risk Service in Oracle Advanced Risk Manager and OAA Runtime API.
- Enhancements to the OAA/OARM User Runtime and Administration Screens:
The OAA/OARM Runtime UI now allows you to customize the colors of the buttons and header/footer. The Administrative UI now allows you to customize the colors of the header and footer. See Customizing the OAA User Interface.
- Enhancements to the Geo-location Data Loader:
The geo-location data loader now uses the install properties file for database connection details. See Loading Geo-Location Data.
- Configurable Number of Devices for Challenge Factor:
End-users can now register more number of devices for each challenge factor.
1.4 Updates in OAA and OARM, June 2023 Refresh
OAA and OARM includes the following updates in this refresh:
- Configurable Number of Questions for Challenge Flow:
OAA/OARM KBA REST API can now handle multiple questions that a user must answer in the challenge flow. See OAA Runtime API and Configuration Properties for OAA.
- Process Rules and User Preferences REST API:
OAA/OARM REST API changes in Process Rules, and Get User Preferences, to only allow sensitive information to be passed in the request body. See Process rules and Get User Preferences.
- Geolocation Performance Enhancement
Geolocation data load time for incremental loads is now reduced.
- Administration Console improvements for handling expired
Administration user session:
Expired administration user sessions now redirect the user to the login page and/or the OAuth consent page.
1.5 Updates in OAA and OARM, May 2023 Refresh
OAA and OARM includes the following updates in this refresh:
- New API to Generate TOTP Secret Key with Expiry Time:
OAA/OARM APIs are enhanced to support generation of TOTP secret keys that automatically expire unless validated in the specified time window. See OAA Runtime API.
- TOTP Registration Support with QR Code:
OAA/OARM now supports the ability for users to register a Mobile Authenticator using a QR code, as well as manual key entry. See Managing Factors in the User Preferences UI.
- Screen Rendering Enhancements:
Screen rendering has been enhanced in runtime challenge factor screens to optimally render on small screens.
- Email and SMS Message Content Enhancements:
Time of access and the accessed resource URL in the messages, are now based on information provided in the OAM integration flow.
1.6 Updates in OAA and OARM, March 2023 Refresh
OAA and OARM includes the following updates in this refresh:
- Enhancements to the Geo Data Load:
OAA/OARM now provides support for Neustar Version 7 Geo Data format. Data files supplied in this format can now be imported using the Location Loader utility included with the Management Container.
- Support for Knowledge-Based Authentication API:
OAA/OARM now supports Knowledge-Based Authentication question API for user challenge capabilities. See OAA Runtime API.
- Support for Personal Image and Phrase for User Preferences API
OAA/OARM now supports managing personal image and phrase using the User Preferences API. See OAA Runtime API.
1.7 Updates in OAA and OARM, October 2022 Refresh
OAA and OARM includes the following updates in this refresh:
- Enhancements to the OAA/OARM Administration Console
- OAA/OARM supports Knowledge-Based Authentication through Security Questions. Knowledge-based authentication is an authentication method which is used to challenge the user to prove identity based on the user’s answers substantiated by a real-time interactive question and answer process. OAA/OARM Administration Console provides capabilities to manage Questions, Registration Logic, and Answer Logic. See Configuring Security Questions for Knowledge-Based Authentication.
- OARM provides export and import capabilities for questions, validations, groups, and profiles.
- Factor Verification
Factor verification allows users to verify a factor in the User Preferences UI after the factor has been added. This allows a user to check the factor is working, before it is used in a user challenge. See Configuring Factor Verification.
In previous releases, when a factor was added, it was not possible to verify the factor until an end user accessed a resource that required second factor authentication.
- Partitioned Schema
The introduction of partitioned schema allows for maintenance of transaction data. Scheduled jobs make sure that partitions are created for new data with correct details. Administrators can also purge and archive data to release data that is no longer required. See Understanding Partition Schemas.
1.8 Updates in OAA and OARM, April 2022 Refresh
OAA and OARM includes the following updates in this refresh:
- OAA-OIM Integration
You can implement the password management feature for OAA-protected applications by integrating OAA with Oracle Identity Manager (OIM). For details, see Integrating OAA with OIM.
- Runtime Support for CRI-O Environment
CRI-O is a lightweight container runtime for Kubernetes. When you deploy Kubernetes worker nodes, CRI-O can also be deployed. CRI-O allows Kubernetes to use any OCI-compliant (Open Container Initiative) runtime as the container runtime for running pods. It is an alternative to using Docker as the runtime for Kubernetes.
1.9 Updates in OAA and OARM, January 2022 Refresh
OAA and OARM includes the following updates in this refresh:
- Oracle Adaptive Risk Management
Oracle Adaptive Risk Management (OARM) is a comprehensive system that provides a way to monitor and control any user activity in your IT infrastructure (Single sign-on, Business Transactions). For details, see Introducing Oracle Adaptive Risk Management
-
Customization of OAA User Interface
You can customize certain features of the OAA user interface (UI), such as the Administration Console UI, User Preferences Console UI, and the Runtime UI using the configuration properties. For details, see Customizing the OAA User Interface
-
Push Notification for Oracle Mobile Authenticator
OAA allows you to configure push notification for the OMA app. For details, see Configuring Push Notification for Oracle Mobile Authenticator
-
Knowledge Based Authentication (Challenge Question)
OAA supports Knowledge Based Authentication factor through challenge questions and answers.
1.10 Updates in OAA, July 2021 Refresh
Oracle Advanced Authentication includes the following updates in this refresh:
-
Support for Self Signed Certificates in OAA for OIDC Flow
Self signed certificates can be added into the JRE truststore. This enables the OAA installation in test environments to use self signed certificates.
-
Support for Distributed Cache for High Availability (HA) Scenarios
For HA scenarios, multiple replicas of pods can work together using a distributed cache.
Oracle Fusion Middleware Oracle Advanced Authentication and Oracle Adaptive Risk Management Readme, OAA and OARM 12.2.1.4.1
F43824-09
February 2024
Copyright © 2021, 2024, Oracle and/or its affiliates.