1. Administering Oracle Advanced Authentication and Oracle Adaptive Risk Management
  2. Administering Oracle Advanced Authentication
  3. Configuring Oracle Advanced Authentication
  4. Configuring Rules for an Assurance Level in OAA

11.4 Configuring Rules for an Assurance Level in OAA

You can manage rules for an assurance level using the OAA Administration UI console or REST APIs. If you create rules for an assurance level in the OAA Administration UI console, a policy for those rules is automatically created for you. If using REST API's to create rules then you must create the policy first using the REST API. For more details about using REST APIs to create a policy and associated rules, see Create Policy.

The following steps provide instructions to create rules for an assurance level on the OAA Administration UI console:

  1. Login to the OAA Administration console https://<AdminUrl>. You are redirected to the OAM login page as the console is protected by OAM OAuth. Specify your credentials and login.
  2. If the integration agent has been recently created, it is shown under Recent Activity. However, if the integration agent does not appear under Recent Activity, do one of the following:
    • Click Show more agents
    • Click the Application Navigation icon on the top-left of the page and select Manage Integration Agents
  3. In the Integration Agents window, select the required integration agent.
  4. Under the Assurance Levels tab, select the required assurance level for which you are required to define rules
  5. Under Uses select the required factors to assign to the assurance level. For example, select Oracle Mobile Authenticator, Email Challenge and SMS Challenge.
  6. Under If the following condition(s) are met, select the Attribute Name, Operator, and Values to create rules. Based on the Attribute Name selected, corresponding options appear in the Operator drop-down and Values fields. For example, for User In Group with operator Contains Any specify the value in the Values field. For User In Group with operator In Group, the values field changes to Group, and you can select a group name from the drop-down.
    The following options are supported in Attribute Name:
    • User in Group
    • User's Group
    • User Login
    • User Attributes
    • Current Authentication Level
    • IP Address
    • Application ID
    • Parameter
    • Resource URL
    • New Authentication Level
    • Agent
    • IP Address X-Forwarded-For
  7. Click Validate Rule.
  8. Click Save.
  9. Create additional rules, if necessary, by clicking the + icon.