Learn about delegating user authentication and authorization to an external ID providers such as IAM, IDCS, and OAM.

Oracle GoldenGate supports IDCS and IAM as cloud-based identity providers and OAM as an on-premise identity provider. In the following section, IAM and OAM have been discussed.

An authorization profile created in Oracle GoldenGate allows integration with external identity providers (IdPs) such as IAM, IDCS, and OAM, which can be configured in Oracle GoldenGate using Authorization Profiles. External IdPs provide user management (using users, groups, and alignment between users, groups, and applications) capabilities. To set up a connection between an external IdP and Oracle GoldenGate, a confidential application needs to be created using OAuth2. From this confidential application, Oracle GoldenGate derives the Client ID and Client Secret for authenticating the IdP system.

The external IdP system gets the information including the redirect URIs and post-logout URLs from Oracle GoldenGate.

This allows managing Oracle GoldenGate user access through external servers instead of creating users for accessing Oracle GoldenGate.

A prerequisite for setting up authorization profiles is to have a secure deployment. The deployment can be secured using Server certificates or a Reverse Proxy configuration.