1. Administering Oracle Advanced Authentication and Oracle Adaptive Risk Management
  2. Installing Oracle Advanced Authentication, Oracle Adaptive Risk Management, and Oracle Universal Authenticator
  3. Procedure for Installing OAA, OARM, and OUA
  4. Post Installation Steps
  5. Post Installation Steps for Installs Containing OARM

4.8.2 Post Installation Steps for Installs Containing OARM

Follow these post installation steps for installations that contain OARM. This includes OAA-OARM, OARM only, and OAA-OARM-OUA installation types.

Set oaa.browser.cookie.domain and oaa.risk.integration.postauth.cp

The property oaa.browser.cookie.domain must be set to the OAA host domain in order to collect the device cookie. For example, if the OAA is accessible on https://oaa.example.com, then set the value to oaa.example.com.

Note:

oaa.browser.cookie.domain is not required in OARM only installations.

The property oaa.risk.integration.postauth.cp must be set to postauth to invoke risk rules for usecases such as Risky IP, Geo-velocity, and Geo-location.

  1. Set the properties as follows:

    Use the <PolicyUrl>/policy/config/property/v1 REST API to set the properties. For example: 

    curl --location -g --request PUT '<PolicyUrl>/policy/config/property/v1' \
--header 'Content-Type: application/json' \
--header 'Authorization: Basic <Base64Encoded(<username>:<password>)>' \
--data '[
    {
        "name": "oaa.browser.cookie.domain",
        "value": "<host.domain>"                
    },
    {
        "name": "oaa.risk.integration.postauth.cp",
        "value": "postauth"    
    }
]'

    Note:

    In this case remove /oaa-policy from the <PolicyUrl>, for example use https://<host>:<port>/policy/config/property/v1 not https://<host>:<port>/oaa-policy/policy/config/property/v1

    For details about finding the PolicyUrl and authenticating, see OAA Admin API.

    For details about the Configuration Properties REST Endpoint, see Configuration Properties REST Endpoints.