The image shows a user authentication and service integration for Oracle SaaS, PaaS,
            and OCI services in an OCI Region, including support for federating identity with a
            third-party cloud.
         
         A region labeled "Internet" contains an icon representing Users. Two arrows
            flow from Users:
         
         
            - The upper arrow is labeled "Oracle
                  Fusion Cloud Applications URL IDP initiated SSO" and points to Fusion
                  Applications in the SaaS Services in the SaaS Tenancy within the OCI Region.
            
- The lower arrow is labeled "Oracle Visual Builder/Oracle Integration URL initiated SSO" and points to Oracle Integration in the PaaS Services.
            
Within the OCI Region a SaaS Tenancy includes:
         
            - SaaS Services with Oracle Fusion Cloud
                  Applications. Oracle Fusion Cloud
                  Applications points to Fusion
                  Applications Identity Domain with an arrow labeled "IDP" and another arrow labeled "SP" going
               from Fusion
                  Applications Identity Domain to Third-Party Cloud, labeled "Federation configured by
               customer".
            
- PaaS Services with Oracle Integration. A dashed arrow labeled "Provision" goes up from Oracle Integration to Oracle Fusion Cloud
                  Applications.
            
The lower segment shows OCI Services with:
         
            - OCI Services points to OCI IAM Domain with an arrow labeled "IDP."
- Another arrow labeled "SP" points from OCI IAM Domain to a Third-Party
               Cloud.
            
In the Third-Party Cloud, hosts an External Identity Provider. An arrow
            labeled "IDP" points left to OCI IAM Domain, and another labeled "Federation configured
            by customer" points up to Fusion
               Applications Identity Domain.