1. Single Sign-on Configuration-SAML
  2. Configuration
  3. Identity Provider Configuration at IDCS

2.1 Identity Provider Configuration at IDCS

Steps to configure Identity Provide at IDCS

  1. Login to Oracle Identity Cloud Service (IDCS) console with admin login. In dashboard click on Add Application in Application and Services widget or navigate through the breadcrumb menu as highlighted in screenshot.

    Figure 2-1 Dashboard


    Dashboard

  2. In popup window select SAML Application.

    Figure 2-2 Add Application


    Add Application

  3. In Add SAML Application page provide below mentioned fields and click on Next.
    1. Name
    2. Description

    Figure 2-3 Add SAML Application


    Add SAML Application

  4. Fill below mentioned fields as per section.
    1. General
      1. Entity Id - A unique identifier / name for the service provider.
      2. Assertion Consumer URL - End point to which assertion will be sent by IDCS.

        Recommended URL format <OHS_URL>/saml2/sp/acs/pos

        e.g. <PROTOCOL>://<OHS_HOST>:<OHS_PORT>/saml2/sp/acs/post

        http://whf000xxx.bank.com:9999/saml2/sp/acs/post

      3. NameID Format- Select value as “Unspecified”.
      4. NameID Value- Select value as “User Name”.

      Figure 2-4 Add SAML Application


      Add SAML Application

    2. Advance Settings
      1. Signed SSO :- Select value as “Assertion”
      2. Enable Single Logout: - This field should be checked.
      3. Logout Binding: - Select value as “Redirect”.
      4. Single Logout URL: - End point which IDCS will make call to do single logout functionality.

        Recommended URL format <OHS_URL>/digx-infra/sso-logout

        e.g. <PROTOCOL>://<OHS_HOST>:<OHS_PORT>/digx-infra/sso-logout

        http://whf000xxx.bank.com:9999/digx-infra/sso-logout

      5. Logout Response URL: -

        Recommended URL format <OHS_URL>/digx-infra/sso-logout

        e.g. <PROTOCOL>://<OHS_HOST>:<OHS_PORT>/digx-infra/sso-logout

        http://whf000xxx.bank.com:9999/digx-infra/sso-logout

      Figure 2-5 Add SAML Application


      Add SAML Application

  5. Click on Finish / Save.
  6. Click on Activate button to activate your application.

    Figure 2-6 Edit Application


    Edit Application

  7. Navigate to Dashboard and search the application you have created.
  8. Navigate to SSO Configuration tab and click on “Download Identity Provider Metadata”.
    Keep the downloaded xml file, it will be required to upload in WebLogic console. Same is explain in WebLogic console configuration steps.

    Figure 2-7 Edit Application


    Edit Application

  9. Copy / FTP the downloaded IDC metadata xml file to WebLogic server using winscp / putty.
  10. Navigate to Users tab in application to add the users related to application.
  11. Click on Assign Users or Assign (+) button to search and add the users into application.
    If user is not available follow steps mentioned in Section 1.3 to create new user.

    Figure 2-8 Edit Application


    Edit Application

    Figure 2-9 Assign Users


    Assign Users

  12. Logout from IDSC console.

Parent topic: Configuration