This topic provides the instruction to setup OCI IAM to OBCS connectivity for user provisioning using OBCS SCIM APIs.

1. Log in to your OCI IAM tenancy, and select Identity and Security from the Home menu.

   Figure 1-1 Identity and Security

   
   

   
   Description of "Figure 1-1 Identity and Security"

   
   
2. From Identity and Security, click Domains.

   Figure 1-2 Domains

   
   

   
   Description of "Figure 1-2 Domains"

   
   
3. Click on your Domain name.
   The screen below is an illustration using the name Default Domain as an example..

   Figure 1-3 Default Domain

   
   

   
   Description of "Figure 1-3 Default Domain"

   
   
4. To add an application, click on Add Application, then select Application Catalog, and click on Launch app catalog.

   Figure 1-4 Add Application

   
   

   
   Description of "Figure 1-4 Add Application"

   
   
5. In the Application Catalog screen, search the application named GenericScim – Bearer Token using the search box.
   The GenericScim – Bearer Token is displayed in the Application Catalog screen.

   Figure 1-5 Application Catalog

   
   

   
   Description of "Figure 1-5 Application Catalog"

   
   
6. In the Add GenericScim - Bearer Token screen, enter the Name and Description in the appropriate fields in the Add Application Details section, and then click Next to proceed.

   Figure 1-6 Add Application Details

   
   

   
   Description of the illustration add-application-details.png

   
   
7. In the Configure Provisioning section of the Add GenericScim - Bearer Token screen, toggle on Enable Provisioning and then click Finish.

   Figure 1-7 Enable Provisioning

   
   

   
   Description of "Figure 1-7 Enable Provisioning"

   
   
8. To generate the access token, follow the steps outlined in the Getting Started with Oracle Banking Cloud Services guide for invoking Service APIs. Once generated, capture the access token.

   Figure 1-8 Token Generation

   
   

   
   Description of "Figure 1-8 Token Generation"

   
   
9. Enter the access token you have captured in the Access Token field, and provide the other details as indicated in the below screen. The Base URI should begin with either /prod, /non-prod, /pre-prod, and so on, depending on the environment you have selected for replication.

   Note:

   Click on Test Connectivity to see a message that reads Connection successful displayed on the top right of your screen.

   Figure 1-9 Configure Connectivity

   
   

   
   Description of "Figure 1-9 Configure Connectivity"

   
   

   Figure 1-10 Test Connectivity

   
   

   
   Description of "Figure 1-10 Test Connectivity"

   
   
10. Click on Attribute Mapping to ensure that the mapping matches the one shown in the below screen. Make any necessary changes to the mapping if needed and then click Save Changes to proceed.

    Figure 1-11 Attribute Mapping

    
    

    
    Description of "Figure 1-11 Attribute Mapping"

    
    
11. In the Select Provisioning Operations screen, set the provisioning operations as shown in the below screen.

    Figure 1-12 Select Provisioning Operations

    
    

    
    Description of "Figure 1-12 Select Provisioning Operations"

    
    
12. Switch to toggle on the Enable Synchronization option.

    Figure 1-13 Enable Synchronization

    
    

    
    Description of "Figure 1-13 Enable Synchronization"

    
    
13. Click on Finish.
    The application is created.
14. Click on Activate in the GenericScim - Bearer Token screen.
    The application is activated.

    Figure 1-14 Inactive Application

    
    

    
    Description of "Figure 1-14 Inactive Application"

    
    

    Figure 1-15 Activated Application

    
    

    
    Description of "Figure 1-15 Activated Application"

    
    
15. Click on Groups under Resources section in the GenericScim - Bearer Token screen.

    Figure 1-16 Assign Groups

    
    

    
    Description of "Figure 1-16 Assign Groups"

    
    
16. Once you assign the User Groups that have been created, the users in those groups will get pushed to the OBCS SMS module.
17. User Creation on the OBCS end can be verified from the View User screen.

    Figure 1-17 View User

    
    

    
    Description of "Figure 1-17 View User"

    
    
18. Edit or Unlock the users that have been pushed from IAM, and specify the data into the highlighted fields.

    Figure 1-18 Users Maintenance

    
    

    
    Description of "Figure 1-18 Users Maintenance"

    
    
19. Add User Role Branches and User Applications.

    Figure 1-19 User Role Branches and Applications

    
    

    
    Description of "Figure 1-19 User Role Branches and Applications"