Authenticating Oracle E-Business Suite with Oracle Identity Cloud Service Using the E-Business Suite Asserter
If you have an Oracle E-Business Suite instance, you can seamlessly authenticate with other applications that use Oracle Identity Cloud Service as their authentication mechanism using the Identity Cloud Service E-Business Suite Asserter component. This integration allows your Oracle E-Business Suite to participate in the single sign-on (SSO) provided by Oracle Identity Cloud Service.
To enhance security for the sign-in process, you can set up sign-in and identity provider policies, and configure multi-factor authentication. You can also enable adaptive security to provide strong authentication capabilities and risk analysis for your users across applications and Oracle E-Business Suite in Oracle Identity Cloud Service.
You have two options to integrate Oracle E-Business Suite with Oracle Identity Cloud Service. You can use the Identity Cloud Service E-Business Suite Asserter or you can rely on the App Gateway component. The Identity Cloud Service E-Business Suite Asserter option is used whenever your Oracle E-Business Suite environment has not been previously configured, through integration with Oracle Access Manager and Oracle E-Business Suite AccessGate, to deliver single sign-on.
The Identity Cloud Service E-Business Suite Asserter is deployed to a separate Oracle WebLogic Server instance. The E-Business Suite Asserter interacts with Oracle Identity Cloud Service through Oracle Identity Cloud Service REST API and redirects the user's web browser to Oracle Identity Cloud Service and to Oracle E-Business Suite.
The user requests access to an Oracle E-Business Suite protected resource.
Oracle E-Business Suite redirects the user browser to the E-Business Suite Asserter application.
The E-Business Suite Asserter uses an Oracle Identity Cloud Service SDK to generate the authorization URL and then redirects the browser to Oracle Identity Cloud Service.
Oracle Identity Cloud Service presents its sign in page to the user.
User submits credentials to Oracle Identity Cloud Service.
Oracle Identity Cloud Service issues an authorization code and redirects the user browser to the E-Business Suite Asserter.
The E-Business Suite Asserter uses an Oracle Identity Cloud Service SDK to communicate with Oracle Identity Cloud Service to exchange the authorization code for an access token.
Oracle Identity Cloud Service issues an access token and an ID token to the E-Business Suite Asserter.
The E-Business Suite Asserter creates an Oracle E-Business Suite cookie and redirects the user browser to Oracle E-Business Suite.
Oracle E-Business Suite presents the user requested protected resource.
The Identity Cloud Service E-Business Suite Asserter is a lightweight Java application. It helps businesses simplify the deployment topology for Oracle E-Business Suite single sign-on (SSO) by replacing Oracle Access Manager and Oracle Internet Directory.
You can use the E-Business Suite Asserter when you want to:
Have your Oracle E-Business Suite working in SSO with other applications
Enhance security to access your Oracle E-Business Suite by enabling Oracle Identity Cloud Service security features such as multi-factor authentication, sign-on policies, account recovery, and adaptive security
You can deploy the E-Business Suite Asserter in Oracle WebLogic Server 12c by using secure communications such as Secure Sockets Layer (SSL) and Transport Layer Security (TLS).
The E-Business Suite Asserter provides the following benefits:
Multiple access modes for SSO with Oracle E-Business Suite: You can access Oracle E-Business Suite by using one of the following modes:
The E-Business Suite Asserter direct URL (bookmark)
The Oracle Identity Cloud Service My Apps page
The E-Business Suite Asserter direct URL with a redirect parameter
Previously bookmarked Oracle E-Business Suite URLs
Supports log out from multiple points including Oracle E-Business Suite, E-Business Suite Asserter, and Oracle Identity Cloud Service
