Oracle Fusion Cloud Applications SSO Integration with Okta Workforce Identity Cloud

Okta Identity Engine (OIE), SSO 2 Minutes

This Article will take you through the configuration to setup Oracle Fusion Cloud Applications SSO with Okta Identity Workforce Identity cloud.

Prerequisites:

  • At least IT Security Manager Role assigned to your user in Oracle Cloud admin console.
  • Admin access to Okta Workforce Identity Cloud Console

Create a SAML APP in Okta Admin Console:

    At the next screen we will need SSO URL, SP Entity and the Default RelayState URL.

    Return to the Oracle Cloud admin console and then go to Security Console.

    Once in the SSO menu make sure that the SSO option are as per below on your preferences depending on how many IDP you have.

    Now click and open the Federation Metadata:

    Search for EntityID and copy it somewhere as per below:

    entityID=”https://login-yourtenant-saasfaprod1.fa.ocs.oraclecloud.com:443/oam/fed

    And then search sp/sso to find the Assertion URL which will return something like that:

    Location=”https://login-yourtenant-saasfaprod1.fa.ocs.oraclecloud.com/oam/server/fed/sp/sso

    We will also need the Default Relay. The default relay is the URL you access the Oracle Cloud console as per this format below.

    https://fa-yourtenant-saasfaprod1.fa.ocs.oraclecloud.com/fscmUI/faces/FuseOverview

    Then go back to the Okta Application configuration and

    Once the app is configured as per above you will need to assign the user to the App.

    Before we go back to the Oracle Cloud admin console we need to take the Okta

    Url will be like:
    https://demo-yourtenant-68439.okta.com/app/exkkr9wu1pfQtveqs697/sso/saml/metadata

    It’s time now to go back to the Oracle admin console back to the SSO menu.

    Now the Oracle Console is a bit confusing. In order to enable the IDP you need to test the SSO Connection. Once created the IDP click on the left on Diagnostic and activation.

    Once validated the SSO as per above return to the console and refresh the page in order to reflect the result you will have to save this so the IDP is turned on and ready to be used. I found a bit difficult to get to save but by playing with the console you can then save.

    Now it’s time to test with your user to SSO from the Okta Dashboard:

    Congratulation you successfully Configured Oracle Fusion Cloud Applications SSO with Okta Workforce Identity Cloud.

    Published by Dany Leclerc

    With a wealth of experience driving some of the largest Mission Critical End Points deployments across Transportation, Retail, Healthcare and Field services, Dany has spent over a decade focusing on Security and Cloud computing in both Europe and Australia. Dany chose to join Okta, the leader in the Identity Access Management and Customer Identity, after the pandemic accelerated the drive toward digital transformation, demanding an increased focus on securing Identity.

    Published

    Leave a Reply