Seamless Single Sign-On with Oracle Universal Authenticator
Introduction
This tutorial demonstrates how seamless Single Sign-On (SSO) works for Microsoft Windows devices authenticated with Oracle Universal Authenticator.
Once a user is logged into their device using Oracle Universal Authenticator, a user can access Oracle Access Management (OAM) protected applications, and other Windows applications, without the need to enter their credentials again.
For the purposes of this tutorial, two web applications are protected with OAM (Marketing Anaylst and Gourmet Foods).
This tutorial will also show SSO working with Microsoft Office 365.
Prerequisites
Before starting this tutorial you must have:
- A running Oracle Advanced Authentication installation deployed with Oracle Universal Authenticator.
- Device authentication configured using one of the following tutorials:
- Two web applications protected with Oracle Access Management.
- Microsoft Office 365 installed on your Windows computer.
Task 1: Sign In to Windows Using Oracle Universal Authenticator
In this example, the user has previously logged into Windows with Oracle Universal Authenticator and is using Oracle Mobile Authenticator challenge for the second factor.
-
Start your Windows device and select Oracle Universal Authenticator to login:
-
In the username screen, enter your Oracle Access Management username and click the arrow. In this example the user
emilyjohnson8
is entered: -
You are prompted to enter your OAM password. Enter the required credentials and click the arrow:
-
A notification appears asking you to choose the second factor to use. Select the factor to use from the drop down list. In this example Enter OTP from Device1 is selected for Oracle Mobile Authenticator challenge. Click the arrow:
-
As Oracle Mobile Authenticator was selected you are asked to Enter the OTP from device Device1:
-
Open the Oracle Mobile Authenticator application on your mobile device to view the OTP:
-
Enter the code displayed into the Enter the OTP from device Device1 field and click the arrow:
-
If authentication is successful you will be logged into your Windows device and the Windows desktop will appear:
Task 2: Access an OAM Protected Application
Once the end user has performed device authentication with Oracle Universal Authenticator, it is no longer necessary to enter any further credentials for any OAM protected application.
-
Launch a browser and access a protected application. In this example the Marketing Analyst site is accessed:
-
The browser automatically redirects to the OAM login URL, but as you are logged into Windows with Oracle Universal Authenticator the user is automatically given access to the application:
Task 3: Access Another OAM Protected Application
-
In the same browser access another OAM protected application. In this example the Gourmet Recipes application is accessed. Again, as the user logged into Windows with Oracle Universal Authenticator, the user is automatically given access to the application:
Task 4: Access Office 365
-
Start the Office 365 application. A user is normally asked to enter their credentials, but as the user logged into Windows with Oracle Universal Authenticator, the user is logged into Office 365 automatically:
-
Click on the user icon and notice the Microsoft Entra ID credentials are shown:
-
Click on Outlook:
-
Outlook is opened without the need to enter any credentials:
Learn More
Feedback
To provide feedback on this tutorial, please contact idm_user_assistance_ww_grp@oracle.com
Acknowledgements
- Author - Russ Hodgson
More Learning Resources
Explore other labs on docs.oracle.com/learn or access more free learning content on the Oracle Learning YouTube channel. Additionally, visit education.oracle.com/learning-explorer to become an Oracle Learning Explorer.
For product documentation, visit Oracle Help Center.
Seamless Single Sign-On with Oracle Universal Authenticator
F96301-01
May 2024