Installing the Client Application

The Oracle Universal Authenticator client application must be installed on any Windows device that will use Oracle Universal Authenticator to log in. How the installer or application is deployed on the client will depend on how your organization normally rolls out applications.

The installer can run in GUI mode, or in silent mode. Regardless of how the Oracle Universal Authenticator client application or installer is deployed, you must login as a local Administrator user to run the installer.

Before running the Oracle Universal Authenticator client application installer, you must know the following information about the DRSS endpoint, for example https://oaa.example.com:443/oaa-drss:
  • Host: <DRSS_HOSTNAME>, for example oaa.example.com.
  • Port: <DRSS_PORT>, for example 443.
  • User name: <DRSS_APIUSER>, for example OAAINSTALL_OAA_DRSS.
  • Password: <DRSS_APIKEY>.

Note:

For details on how to find the required DRSS information, see Print Deployment Details.

Downloading the Oracle Universal Authenticator Client Application Software

Follow the instructions below to download the Oracle Universal Authenticator client application software:
  1. Download the Oracle_Universal_Authenticator_<version>.zip from Oracle Software Delivery Cloud. Alternatively, it can be downloaded from the location referenced in document ID 2723908.1 on My Oracle Support.
  2. Extract the zip file to a working directory %WORKDIR% on the installation host. The Oracle Universal Authenticator.msi will be extracted.

Customizing the Oracle Universal Authenticator Client Application

Administrators have the option to customize the Oracle Universal Authenticator client application. For example, you may want to change the application to use your company's logo, change the labels and titles of fields, or add your own error message text.

Customization can be performed during the client application installation by providing a customization zip file to the installer. Alternatively, you can perform customization any time after the client application installation, using REST API's.

If you want to customize the application during the client application installation, create the customization zip file before running the installer. See Customizing the Oracle Universal Authenticator Client Application.

Obtaining the Encrypted DRSS Key

Follow the instructions below to find the encrypted value of the <DRSS_APIKEY>:
  1. Start a Command Prompt selecting Run As Administrator.
  2. Inside the command prompt, run the installer as follows:
    Msiexec.exe /i "%WORKDIR%\Oracle Universal Authenticator.msi" ENCRYPT=true
  3. In the Welcome screen, select Next.
  4. In the Encrypt DRSS API Key screen, enter the <DRSS_APIKEY> in the API key field, and select Encrypt.
  5. In the Output field, click Copy to copy the encrypted value of the <DRSS_APIKEY>.
  6. Paste the value to an editor of your choice and keep safe. This encrypted value will be passed as <ENCRYPTED_DRSS_APIKEY> during installation.
  7. Select Quit, then Finish.

Running the Installer in GUI Mode

Follow the instructions below to install the Oracle Universal Authenticator client application in GUI mode:
  1. Double click on the Oracle Universal Authenticator.msi.
  2. In the Welcome screen, select Next.
  3. In the DRSS Server Endpoint Setup screen, enter the following information and click Test EndPoint:
    • Server: <DRSS_HOSTNAME>
    • Endpoint: /oaa-drss
    • Port: <DRSS_PORT>
    • API User: <DRSS_APIUSER>
    • API Key: <ENCRYPTED_DRSS_APIKEY>
    If the test is successful you should see a DRSS Server Endpoint validation succeeded message.
  4. Click Next.
  5. In the Setup Type screen, select Complete and click Next.
  6. In the Ready to Install the Program screen:
    • If you are using a customization zip file, click the Select button under 'Optional Select customization file', to select your zip file. Click Install.
    • If you are not using a customization zip file, click Install.
  7. In the InstallShield Wizard Complete screen, click Finish.
  8. In the Oracle Universal Authenticator Installer Information screen, select Yes to restart the system.

Running the Installer in Silent Mode

Follow the instructions below to install the Oracle Universal Authenticator client application in silent mode:
  1. Start a Command Prompt selecting Run As Administrator.
  2. Inside the command prompt run the following to set the permissions:
    powershell.exe Set-ExecutionPolicy -ExecutionPolicy RemoteSigned
  3. Inside the command prompt, run the installer as follows:
    Msiexec.exe /i "%WORKDIR%\Oracle Universal Authenticator.msi" HOST=<DRSS_HOSTNAME> ENDPOINT="/oaa-drss" PORT=<DRSS_PORT> APIUSER=<DRSS_APIUSER> APIKEY=<ENCRYPTED_DRSS_APIKEY> /qn

    Note:

    If using a customization zip file, add IS_BROWSE_FILEBROWSED=%WORKDIR%\<CUSTOMIZATION_FILE_NAME>.zip to the command, for example:
    Msiexec.exe /i "%WORKDIR%\Oracle Universal Authenticator.msi" HOST=<DRSS_HOSTNAME> ENDPOINT="/oaa-drss" PORT=<DRSS_PORT> APIUSER=<DRSS_APIUSER> APIKEY=<ENCRYPTED_DRSS_APIKEY> IS_BROWSE_FILEBROWSED=%WORKDIR%\<CUSTOMIZATION_FILE_NAME>.zip /qn

    Note:

    The /qn flag runs the installer in silent mode. If /qn is not used the GUI will launch and the Administrator will need to navigate through the screens as per Running the Installer in GUI Mode.
  4. Restart Windows.