49 Use Oracle Access Manager to sign on to Oracle Private Cloud Appliance

Oracle Private Cloud Appliance (PCA) is a rack-scale engineered system that delivers Oracle Cloud Infrastructure (OCI)-compatible compute, storage, and networking on-premises. It lets customers rapidly deploy applications, middleware, and workloads using built-in automation in an OCI-like environment. Private Cloud Appliance is designed for customers who want a cloud-like development and deployment experience while adhering to data residency requirements.

You can federate PCA with Oracle Access Manager, which allows Users to use the same login credentials to access PCA which they use to access other Applications. This requires a federation trust relationship to be established between OAM (Identity Provider) and PCA (Service Provider).

To establish federation, the following steps are required:
  1. Add certificates to the PCA Service Enclave (For more information, see Verifying Identity Provider Self-Signed Certificates).
  2. Export OAM metadata (<oam-host>:<oam-port>/oamfed/idp/metadata).
  3. Setup OAM IDP in PCA Console.
    1. Login to PCA Console.

      Figure 49-1 PCA Login page


      PCA Login page

    2. Select Federation from Hamburger menu (Identity > Federation).

      Figure 49-2 Select Federation Screen


      Select Federation Screen

    3. Select Create Identity Provider.

      Figure 49-3 Create IDP


      Create IDP

    4. Provide OAM IDP Details and upload OAM IDP metadata obtained from Step 2.

      Figure 49-4 Provide IDP Details


      Provide IDP Details

    5. IDP gets added.

      Figure 49-5 IDP Added


      IDP Added

Creating Oracle PCA as Service Provider
  1. Export PCA SP metadata by clicking on the link in Federation page.

    Figure 49-6 Export PCA SP Metadata


    Export PCA SP Metadata

  2. Add SP details on OAM.

    Figure 49-7 Add SP Details


    Add SP Details

Establishing Federation Agreement
  1. Access the PCA Service Enclave tenancy. OAMIDP will be available under SSO.

    Figure 49-8 OAM IDP Screen


    OAM IDP Screen

  2. Click On OAMIDP and will be redirected to OAM Login.

    Figure 49-9 Enter SSO Details


    Enter SSO Details

  3. Provide the credentials and login to PCA.

    Figure 49-10 PCA Login Screen


    PCA Login Screen