1. Administering Oracle Universal Authenticator
  2. Installing Oracle Universal Authenticator
  3. Installing the Oracle Universal Authenticator Client Application
  4. Performing Prerequisite Tasks

Performing Prerequisite Tasks

Before following this section, you must have deployed Oracle Advanced Authentication with Oracle Universal Authenticator enabled. See, Installing Oracle Advanced Authentication.

The sections below show the prerequisite configurations that must be performed by the Administrator before installing the Oracle Universal Authenticator client application on Microsoft Windows devices.

Prerequisite Configurations for Microsoft Entra Domain

A Microsoft Entra Domain is required for use with Oracle Universal Authenticator. The following prerequisites are required:
  • Users using Oracle Universal Authenticator must exist in the Microsoft Entra Domain.
  • In order to seamlessly access local resources protected by Active Directory on your local network, a hybrid join with Microsoft Entra Domain may be necessary.

Note:

This documentation does not contain instructions on how to setup a Microsoft Entra Domain, LDAP directories, or user accounts. Administrators must have a working knowledge of Microsoft Entra before using Oracle Universal Authenticator.

Prerequisite Configurations for Microsoft Windows Clients

The following prerequisites are required for Microsoft Windows clients to login with Oracle Universal Authenticator. These are required for any Microsoft Windows computer where the Oracle Universal Authenticator client application will be installed:
  • A computer running Microsoft Windows 10 or 11.
  • The Microsoft Windows computer must have joined the Windows domain in Microsoft Entra.
  • The Microsoft Windows user who wants to login via Oracle Universal Authenticator must be able to login to the Windows domain with a valid username and password.
  • You must be logged in as a local Administrator user to install the Oracle Universal Authenticator client application software on the computer.
  • The following must be installed on the Windows computer:
  • If Windows automatic logon has been enabled, then it must be disabled before installing Oracle Universal Authenticator.

Prerequisite Configurations for the SSO Browser Extension

The following browsers are certified with the Oracle Universal Authenticator SSO Browser Extension:
  • Chrome v88+
  • Firefox v113+
  • Microsoft Edge v92+

Note:

If you intend to use Firefox you should install Firefox prior to installing the Oracle Universal Authenticator client application. If you choose to install Firefox afterward, you will need to reinstall the Oracle Universal Authenticator client application for the Firefox SSO browser extension to be installed. This is not applicable to Chrome and Edge browsers.
If your organization has group policy controls which specify the extensions that can be installed in the browser, the Microsoft Windows Enterprise Administrator must add the extension ID of the OUA SSO Browser Extension to the policy. The extension ID for Chrome and Microsoft Edge is as follows:
  • dpmpkofhbmlhlhagnklehljiagfhegni

Note:

For Firefox no extension ID is required because the signed Firefox extension file is provided with the Oracle Universal Authenticator software.

Prerequisite Configurations for Oracle Access Management

The Microsoft Windows user must have a user account in the User Identity Store used by Oracle Access Management (OAM). The user must be able to login with Single Sign-On (SSO) to an application protected with OAM.