Create the IAM Application, as well as create the needed resource settings and authentication policies.

1. Log in to your Oracle Cloud tenancy where you plan to set up your IAM environment.
2. From the menu on the left pane, select Identity and Security.
3. Under Identity, click Domains.
4. Select the desired domain.

   Any Domain Type can be used, however carefully consider the limitations associated with each when selecting.

   If you have not already created a domain for IAM, create one now by clicking Create Domain.

5. Click Integrated Applications on the left, then click Add Application.
6. From the Add Application dialog, select Enterprise Application, then click Launch Workflow.
7. Enter the following:
   • Name: Provide a name for this IAM Application
   • Description: (Optional) Provide a description for this IAM application
   • Application Icon: (Optional) Provide an icon that will appear in the Applications table
8. In the URLs section, type the fully-qualified URL for the IAM App Gateway environment in the Application URL field.

   This URL should include the Forms context root and app name, such as /forms/frmservlet. Do not include application arguments.

   For example:

   https://<APP GATEWAY HOST.DOMAIN>:<IAM SSL PORT>/forms/frmservlet

   Note:

   An IP address can be used in place of the host.domain.
9. Select Display in My Apps, then click Next.
10. Click Next to skip the OAuth configuration and proceed to the next screen.
11. Click Add Resource to add resources for each numbered row. Adding a description is optional, but recommended.

    Priority	Resource Name	Resource URL	URL Query String	Use Regex Expressions	Description
    1	Protected resource	/forms/frmservlet.*	oamMode=true	Yes	Forms application protected resource
    2	Anonymous access resource	/forms/frmservlet.*		Yes	Forms application anonymous access
    3	Anonymous access resource 2	/forms/frmservlet	ifcmd=startsession		Forms application anonymous resource 2
    4	Protected RAD resource	/forms/radservlet.*		Yes	Forms application protected RAD resource
    5	Public resource	/.*		Yes	Forms application public resource

12. Ensure these check boxes are selected:
    • Audience Validation
    • Require Secure Cookies
    • Add Managed Resources
13. Click Add Managed Resource to add managed resources for each numbered row. Be sure the Priority order matches the table shown.

    Priority	Resource	Authentication Method	Enable Audience Validation
    1	Protected resource	Form or Access Token	Yes
    2	Anonymous access resource	Anonymous
    3	Anonymous access resource 2	Anonymous
    4	Protected RAD resource	Form or Access Token	Yes
    5	Public resource	Public

14. Click Finish to return to this Integrated Application’s Details screen.
15. Click Activate above the Application Information tab.

Create an App Gateway associated with your domain.

1. Navigate to your domain’s Overview screen using the breadcrumb at the top left of the page.
2. From the menu on the left, click Security, then App Gateways.
3. Click Create App Gateway.
4. Type an easily identifiable name and description in the Name and Description fields.
5. Click the Add Host link on the left side, then click the Add Host button.
6. Enter these two entries, replacing the Host Identifier, Host, and Port with those that match your system:

   Note:

   Note that the first row is for requests received as non-SSL and the second is for handling SSL requests. Non-SSL requests will be redirected to SSL to ensure the highest degree of security.

   Host Identifier	Host	App Gateway Port	SSL Enabled	Additional Properties
   appgateway-nonssl	<App Gateway client hostname>	7777 (non-SSL port)	NO	return 301 https://$host:4443$request_uri;
   appgateway-ssl	<App Gateway client hostname>	4443 (SSL port)	YES	ssl_certificate /home/oracle/keys/ssl.cert; ssl_certificate_key /home/oracle/keys/ssl.key; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers HIGH:!aNULL:!MD5;

   Before you continue, review the Additional Properties values and ensure they are appropriate for your environment. References to host, IP address, or port should reflect those which are user-accessible.

   The certificate and key paths presented in the Additional Properties column must be as shown regardless of whether you are using a certificate provided from a trusted CA or a self-generated certificate.

   Refer toSetting up App Gateway in the Oracle Cloud Infrastructure Documentation.

7. Click Add Host to accept the changes, then click Next.
8. Click Add App and do the following:
   1. Select the app you just created from the Application list.
   2. Select the SSL entry created earlier from the Select a Host list.
   3. Type a forward slash (/) in the Resource Prefix field.
   4. Type the fully-qualified non-SSL URL that points to the middle tier (Forms) host.domain:port in the Origin Server field.
      Use the SSL URL if not using non-SSL.
9. Type the following string in the Additional Properties field, replacing <port_number> with the port used by your Forms managed server:
   proxy_set_header Host $host:<port_number>;

   Note:

   If the App Gateway client is running on a different machine than the Forms middle tier, replace $host with the user-accessible host.domain (or IP address) of the Forms middle tier.
10. Click Add App at the bottom, then click Close.
    Make note of the Client ID and Client Secret now seen in the App Gateway Information panel. Do not share this information with others. This information will be needed in the following section.
11. Click Activate App Gateway.