1. Administering Oracle Content Management
  2. Manage Users, Groups, and Access
  3. Manage Users, Groups, and Access in a Region without Identity Domains

Manage Users, Groups, and Access in a Region without Identity Domains

If your Oracle Cloud Infrastructure (OCI) region hasn't been updated and you don't see Domains under Identity in the Identity & Security section, use the topics in this section. If you do see Domains, follow the steps in Manage Users, Groups, and Access in a Region with Identity Domains.

Enable Single Sign-On (SSO)

If you use Federated Single Sign-On (SSO) for your Oracle Content Management environment, you can enable it to customize sign-in procedures. When Single Sign-On (SSO) is enabled, users can sign in to one instance using corporate security credentials and access another instance in the same domain without signing in again. For example, perhaps you are an administrator for your company which has two Oracle Cloud services and you must provision these services to your company’s organization, roles, and users. Your company may also have on-premise applications and cloud services from other vendors. It’s important that communication between these services and applications is done in a secure fashion. With SSO, users can sign in to all of them using the same set of credentials that are managed by using your identity domain system.

OAuth provides secure access to all services in Oracle Cloud. It provides an access token for communication between services. The token is valid for a limited time and contains the security credentials for a sign-in session. It identifies the user and the user's groups.

Overview of SSO Configuration

Oracle Cloud uses the SAML 2.0 standard to enable secure cross-domain communication between Oracle Cloud and other SAML-enabled sites located on-premise or in a different cloud. The administrator must configure SAML 2.0 SSO between Oracle Cloud and the identity provider. When SSO is enabled, the identity provider performs authentication for Oracle Cloud.

Perform the following steps to configure SSO:

  1. Sign in to Oracle Cloud as the cloud account administrator. You can find your account name and login information in your welcome email.
  2. In the Oracle Cloud Console, click Navigation menu icon on the top left to open the navigation menu, click Identity & Security, then, under Identity, click Federation.
  3. On the Federation page, click OracleIdentityCloudService, then, on the identity provider details page, click the link to the Oracle Identity Cloud Service Console. The IDCS Console opens in a new window.
  4. In the IDCS Console, add a SAML application, and configure SSO details. See Add a SAML Application in Administering Oracle Identity Cloud Service.

Manage Users with IDCS

Before using your system, you need to add users and probably enable single sign-on (SSO). As you continue to use your system, you’ll need to add and remove users or change some of their settings. For example, if someone changes departments, you might need to change their role, or if someone leaves your organization, you need to remove them from the system.

If you need to manage Oracle Content Management specific user settings, you can do so on the Users page in System administration.

Note:

If you're using Oracle Content Management Starter Edition, you're limited to only five users. To increase the number of users and take advantage of the full feature set, upgrade to the Premium Edition.

To manage users:

  1. Sign in to Oracle Cloud as the cloud account administrator. You can find your account name and login information in your welcome email.
  2. In the Oracle Cloud Console, click Navigation menu icon on the top left to open the navigation menu, click Identity & Security, then, under Identity, click Federation.
  3. On the Federation page, click OracleIdentityCloudService, then, on the identity provider details page, click the link to the Oracle Identity Cloud Service Console. The IDCS Console opens in a new window.
  4. In the IDCS Console, click Navigation menu icon, and then click Users.
  5. Perform any of the following tasks:
    • To create a user, click Add.

      When you add users, they'll receive two emails—one asking them to activate their Oracle Cloud account, and one welcoming them to Oracle Content Management. The Oracle Cloud user account must be activated before the link expires so it can be used. You can send another invitation if necessary. See "Resending Invitations to Users to Activate their Accounts" in Using the Console.

      Note:

      Make sure to only use printable ASCII characters (with character codes 32-126) in users' first and last names.
    • To import users, click Import.
    • To export users, click Export.
    • To activate a user, select the user, and then click Activate.
    • To deactivate a user, select the user, and then click Deactivate.
    • To resend an invitation to a user, select the user, and then click Resend Invitation.
    • To reset a user’s password, select the user, and then click Reset Password.
    • To deprovision a user, select the user, and then click Remove.

    See Managing Oracle Identity Cloud Service Users in Administering Oracle Identity Cloud Service.