This illustration shows the second stage of the roadmap to migrate your environment from an on-premises access management system to Oracle Identity Cloud Service. It shows an on-premises environment, cloud environment, and cloud apps.

On-premises enterprise LDAP sends requests to the access management system and bridge. The bridge sends requests directly to Oracle Identity Cloud Service. While access management uses a reverse proxy to communicate with a custom application proxy and Oracle E-Business Suite. The access management system uses form fill, federation, OpenID Connect, and OAuth to communicate with custom applications. The access management system authenticates with an identity provider using federation to authenticate with a service provider and Oracle Identity Cloud Service.

Within Oracle Cloud, Oracle Identity Cloud Service and SaaS applications are used with SSO to authenticate with the following third-paty cloud apps: