4.8.3 Post Installation Steps for Oracle Universal Authenticator
Follow these post installation steps for installations that contain Oracle Universal Authenticator (OUA).
Make sure you have followed these sections before following the steps below:
Run configureDRSS.sh To Create OUA Integration Agent Components
- Enter a bash shell for the OAA management pod if not already inside
one:
For example:kubectl exec -n <namespace> -ti <oaamgmt-pod> -- /bin/bash
kubectl exec -n oaans -ti oaamgmt-oaa-mgmt-7dfccb7cb7-lj6sv9 -- /bin/bash
- Run the following command inside the bash shell to configure the required
components for the OUA integration agent. This command creates the OUA integration agent
and associated assurance level with Email, SMS, OMA TOTP, OMA Push, and Yubico OTP
challenge factors enabled. See, Configuring Allowed Authentication
Factors:
cd ~/scripts/drssconfig ./configureDRSS.sh -f ../settings/installOAA.properties
Note:
This will use theinstallOAA.properties
in the<NFS_CONFIG_PATH>
.Exit the bash shell.
Update the oua.drss.oaa.group Property
Note:
This section should only be followed if you changed theoauth.applicationid
parameter from the default value
myoaaprotectedapp1
in the installOAA.properties
. See
OAM OAuth Configuration.
- Set the property
oua.drss.oaa.group
by updating<OAA_Group_Name>
to the value set foroauth.applicationid
ininstallOAA.properties
:Use the
<DRSS>/oaa-drss/oua/property/v1
REST API to set the properties. For example:curl --location -g --request PUT '<DRSS>/oaa-drss/oua/property/v1' \ --header 'Content-Type: application/json' \ --header 'Authorization: Basic <Base64Encoded(<username>:<password>)>' \ --data '[ { "name": "oua.drss.oaa.group", "value": "<OAA_Group_Name>" } ]'
Note:
For details on the<DRSS>
endpoint and the username and password, see Printing Deployment Details.