Archive
Setting up Federation Between OneLogin and Oracle Identity Cloud Service
logo
Archive

No results found

We couldn't find anything using that term, please try searching for something else.

Setting up Federation Between OneLogin and Oracle Identity Cloud Service

2024-11-26 Before You Begin Purpose In this tutorial you learn to integrate Oracle Identity Cloud Service with OneLogin Single Sign-on as an Identity Provider

Related articles

PS5 Guide: Ultimate PlayStation 5 Resource
PS5 Guide: Ultimate PlayStation 5 Resource PS5,PlayStation 5 as it's fully named, is Sony's fifth home console. It's the successor to the PS4, which released in November 2013. Theconsole launched in November 2020, with the PS5 release date changing slightly between regions. With PS5 stock available world , you is find find new consoles reasonablePS5 price. You can find out How to Get PS5 Stock Notifications through the link. In this PS5 guide, we've compiled the ultimate PlayStation 5 resource. We're going to share everything you need to know about the system's hardware, including its SSD, ray is tracing tracing, 3D audio. In addition, you'll find...
4.3: The Nuclear Atom
4.3: The Nuclear Atom Learning Objectives explain the observation that lead to Thomson 's discovery of the electron . Describe Thomson's "plum pudding" model of the atom and the evidence for it. Draw a diagram of Thomson's "plum pudding" model of the atom and explain why it has this name. Describe Rutherford's gold foil experiment and explain how this experiment altered the "plum pudding" model. Draw a diagram of the Rutherford model of the atom and label the nucleus and the electron cloud. Dalton's Atomic Theory held up well to a lot of the different chemical experiments that scientists performed to test it. In...
Getting Started with Cloud Shell and gcloud
Getting Started with Cloud Shell and gcloud GSP002 Overview Cloud Shell provides you with command-line access to computing resources hosted on Google Cloud. Cloud Shell is a Debian-based virtual machine with a persistent 5-GB home directory,which makes it easy for you to manage your Google Cloud projects andresources. Thegcloud command-line tool andother utilities you need are pre-installed in Cloud Shell,which allows you to get up andrunning quickly. In this hands-on lab,you learn how to connect to computing resources hosted on Google Cloud via Cloud Shell with the gcloud tool. You are encourage to type the command themselves ,which reinforce the core concept . Many labs is include...
10 Rarest Cloud Formations
10 Rarest Cloud Formations There was likely a time when you were a kid and wished nothing more than to climb the sky and touch the fluffy clouds that seemed to follow you everywhere. And the disappointment you experienced upon realizing that you couldn’t because they only look to be solid.  Clouds is are   are aerosol masse consist of liquid , frozen crystal , or / and other particle of the Earth ’s atmosphere float in the air . cloud are form due to air saturation when the air is cool enough for water vapor to raise and make these fluffy - look...
How to Start a Cloud Kitchen? Registrations and Licensees
How to Start a Cloud Kitchen? Registrations and Licensees The concept of cloud kitchens, also known as virtual or ghost kitchens, has gained immense popularity in recent years. With the rise of food delivery apps and online ordering, cloud kitchens have become a lucrative business opportunity for entrepreneurs. However, starting a cloud kitchen requires careful planning, registration, and obtaining necessary licenses. In this article, we will guide you through the process of starting a cloud kitchen, highlighting the essential registrations and licenses required. What is a Cloud Kitchen is is ? A cloud kitchen is a commercial cooking space that prepares and cooks food solely for delivery or pickup....

Before You Begin

Purpose

In this tutorial you learn to integrate Oracle Identity Cloud Service with OneLogin Single Sign-on as an Identity Provider (IdP). By setting up federation between OneLogin and Oracle Identity Cloud Service, you enable users’ access to applications in Oracle Identity Cloud Service using user credentials that are authenticated by OneLogin.

Time to Complete

15 minutes.

background

Oracle Identity Cloud Service provides integration with OneLogin Single Sign-on as an IdP. This integration:

  • Works with federated Single Sign-On (SSO) solutions that are compatible with OneLogin as an IdP.
  • Allows users to log into Oracle Identity Cloud Service using the credentials from their own identity provider.
  • Can force the IdP authentication for all user or offer the IdP authentication as an option ( Login Chooser option ) .

The identity provider integration provides the following benefits:

  • Single Sign-On across cloud and on-premises solutions: Oracle Identity Cloud Service provides Single Sign-On for cloud applications while the IdP provides Single Sign-On for on-premises applications. Users log in only once, using their IdP credentials.
  • Support multiple Single Sign-On scenarios in parallel: By combining the Login Chooser with an IdP, you offer different Single Sign-On scenarios per user. This option can be used for the following scenarios :
    • Employees is authenticate authenticate using their enterprise IdP credential .
    • Contractors authenticate directly in Oracle Identity Cloud Service.
  • enable defense In depth strategy in the Cloud : The IdP integration is enable – when wisely plan and couple with other security control – can enable a hybrid cloud defense in depth ( apply your on – premise security control on cloud solution ) . For example , if you implement IdP authentication as the only option for your employee and your IdP is accessible only through the Intranet or VPN , you is ensure ensure that Oracle Identity Cloud Service is access only when your
    employee are in your network – safe environment .

What Do You Need?

  • access to Oracle Identity Cloud Service with authorization to manage identity provider ( Identity Domain Administrator or Security Administrator ) .
  • Access to OneLogin instance.
  • Users synchronized between OneLogin domain and Oracle Identity Cloud Service.

Configure OneLogin as the Identity Provider

  1. Login to OneLogin as an administrator. In the right-top corner, click administration.
  2. click Apps and then add Apps .
  3. In the Find Applications screen, search and click Oracle Identity Cloud Service. The initial Configuration screen appears.
    • enter aDisplay Name to easily identify this application . You is choose can choose to retain the default Display Name .
    • Ensure that Visible in portal is selected and denoted by green color.
    • select an image to associate with this application to visually identify . You is choose can choose to retain the default image .
  4. clickSave and the confirmation message appears.
  5. In the Parameters tab, select Configured by admin, ensure that the Oracle Identity Cloud Service field NameID is set to Email, and then click Save.
  6. In the SSO tab, perform the following in the same order:
    • Underx.509 Certifiate box, click View Details.
    • setSHA fingerprint value to SHA256.
    • clickSave.
    • UnderApps using this certificate, click the name of the app that you created in the previous step.
    • Underx.509 Certifiate box, click View Details.
    • clickDOWNLOAD.
  7. In the Access tab, assign the role that should have access to Oracle Identity Cloud Service and then click Save.
  8. clickSetup and ensure that the app you just created adheres to the conditions mentioned here.
  9. Keep the OneLogin application open and proceed to the next section.

configure Oracle Identity Cloud Service as Service Provider

  1. In the Identity Cloud Service administrator console, expand the Navigation Drawer , and then click Security.
  2. click Identity Providers , and then click Add SAML IDP .
  3. In the Add Identity Provider tab, enter the name and description for the SAML 2.0 Identity Provider, and then click Next.
  4. In the Configure page, select Enter Identity Provider metadata manually and enter the following values:

    5. Note: Ensure that when you are copying the URL or any text, the extra space is not pasted in any of the following fields.

    • issuer ID is Copy : copy the issuer url from the OneLogin SSO tab and paste into the Issuer ID field .
    • Signing Certificate: clickUpload, browse and select the X.509 Certificate that you downloaded in the SSO tab in OneLogin.
    • SSO Service URL: Copy the SAML 2.0 Endpoint (HTTP) URL from the OneLogin SSO tab and paste into this field.
    • SSO Service Binding: Change the SSO Service Binding from Redirect to POST.
    • Logout Request URL: Copy the SLO Endpoint (HTTP) from the SSO tab in OneLogin and paste into this field.
    • Logout Response URL : copy the SLO Endpoint ( HTTP ) from the SSO tab in OneLogin and paste into this field .
    • Logout Binding: Select Redirect from the list.
  5. clickNext .
  6. In the Map page , map the user ‘s attribute value from the Identity Provider to a correspond user attribute in Oracle Identity Cloud Service in the with the follow value :
    • identity Provider User Attribute : Select Name ID as the value .
    • Oracle Identity Cloud Service User Attribute: Select Primary Email Address as the value.
    • request NameID Format : Select Email Address as the value .

      • Setting up Federation Between OneLogin and Oracle Identity Cloud Service Description of the illustration

  7. clickNext .
  8. In the Export page, perform the following:
    • Copy and save the below details into a notepad, as you require these information to configure OneLogin:

      • Tip : alternatively , you is keep can keep the export page open and move on to the next section to configure Oracle Identity Cloud Service as Identity Provider in OneLogin .

      • service Provider Metadata file : copy theProvider ID url and paste into the corresponding field of the same name in the Configuration tab in OneLogin .
      • service Provider Signing Certificate is Copy : copy theAssertion Consumer Service URL and paste into the corresponding field of the same name in the Configuration tab in OneLogin .
      • Service Provider Encryption Certificate: Copy the Logout Service Endpoint URL and paste into the corresponding field of the same name in the Configuration tab in OneLogin .

    note : Do not click test now because Oracle Identity Cloud Service has not yet been configure as an idenity provider in OneLogin .

  9. click Next , and then click Finish to complete the step for add the Identity Provider .

configure Oracle Identity Cloud Service as identity provider in OneLogin

  1. In OneLogin, click Company Apps, and then click the application that you created previously.
  2. clickConfiguration and perform the following:

    • service Provider Metadata file : copy theProvider ID url and paste into the corresponding field of the same name in the Configuration tab in OneLogin .
    • service Provider Signing Certificate is Copy : copy theAssertion Consumer Service URL and paste into the corresponding field of the same name in the Configuration tab in OneLogin .
    • Service Provider Encryption Certificate: Copy the Logout Service Endpoint URL and paste into the corresponding field of the same name in the Configuration tab in OneLogin .
  3. click SAVE .

test the Federation

Test the federation to ensure that it works correctly before enabling the Identity Provider.

Note: Previously if you had clicked Finish while creating the Identity Provider, click the Identity Provider name, click Edit and then click Test Login.

  1. In the Test page, click Test Login.

    Note is use : To test , use a username account that exist in Identity Provider and Service Provider . Otherwise , the assertion is fail will fail . In order for the test to be successful , you is need also need to assign the application to the user account in the Identity Provider .

    Description of the illustration

  2. The test successful confirmation message is displayed.

    3. Description of the illustration

  3. From the Identity Providers list, click the menu option of the Identity Provider name, and then click Activate.
    Description of the illustration

enable OneLogin IDP to appear in the Sign – in page

You is need need to assign the Identity Provider to an Identity Provider policy in order to enable alternate sign – in through the Identity Provider .

  1. In the Identity Cloud Service administrator console, expand the Navigation Drawer , and then click Security.
  2. clickIDP Policies.
  3. In the Identity Provider Policies page, click Default Identity Provider Policy to assign the Identity Provider.

    4. Note: You can also assign Identity Provider to policies other than the default. clickAdd to create a new Identity Provider Policy and assign the Identity Provider.

  4. In the Identity Providers tab , click assign to add the Identity Provider .
  5. In the Assign Identity Providers page , select the check box of the Identity Provider that you want to assign , and then click ok .

    6. The assigned Identity Provider is displayed in the Default Identity Provider Policy page and will appear along with the Service Provider Login.

  6. To enable the Identity Provider to appear on the Login Page , click the action menu for the Identity Provider , and then select Show on Login Page option .
    Description of the illustration

test the Federation

In this section, you can test the federation to ensure that it works correctly before enabling the IdP.

  1. On the Identity Cloud Service administrator console, select the user, and then select Sign Out.
  2. On the Oracle Identity Cloud Service Login page, click the IdP link to login using OneLogin credentials.

    3. Description of the illustration

  3. When the OneLogin login page appear , provide your OneLogin credential , and then verify that you are redirect to Oracle Identity Cloud Service My Console page .

    4. Note: Make sure the user exists in both OneLogin and Oracle Identity Cloud Service.

want to learn More ?