1. Administering Oracle Advanced Authentication and Oracle Adaptive Risk Management
  2. Installing Oracle Advanced Authentication, Oracle Adaptive Risk Management, and Oracle Universal Authenticator
  3. Procedure for Installing OAA, OARM, and OUA
  4. Prerequisite Configurations for Installing OAA, OARM, and OUA
  5. Considerations For FIDO2

4.2.10 Considerations For FIDO2

The information in this section is intended for OAA deployments where the FIDO2 factor will be used.

Most modern browsers now enforce higher security measures for FIDO2. If you intend to use FIDO2 as a factor then it is important to understand most modern browsers will not allow FIDO2 access unless the certificate presented is traceable to a trusted Certificate Authority.

If you intend to use FIDO2 then you must ensure that whatever entry point you use to access OAA, uses a certificate traceable to a trusted Certificate Authority. For example, if you intend to access OAA via a load balancer, then the load balancer certificate must use a certificate traceable to a trusted Certificate Authority.

If you are not using a load balancer and intend to access OAA directly via an ingress controller, then the ingress controller must be configured to use a certificate traceable to a trusted Certificate Authority.

Note:

If using FIDO2 and accessing OAA directly via an ingress controller, then you must create your own ingress controller as per Installing your own Ingress Controller. It is not supported to use the ingress controller that gets installed with OAA as per Installing Ingress Controller during OAA, OARM, and OUA Installation.

Next Steps :Preparing the Properties file for Installation.