Contributed by: Atul Goyal, Senior Principal Product Manager, Oracle, Reed Henry, CEO, Aquera, and Jerry Waldorf, CTO, Aquera

Aquera and Oracle are excited to announce support of the Aquera SCIM Gateway for the Oracle Identity Cloud Service. The Aquera SCIM Gateway and catalog of over 400 connectors are now fully interoperable and supported with IDCS. Now IDCS can leverage the power of the IDCS identity lifecycle management engine to manage identities in any cloud or on-premises application, directory, database, or device by leveraging Aquera for both out-of-the-box and built on-demand integrations. Additionally, one or more HR applications or directories can be synchronized with IDCS in real-time to enable HR-driven identity lifecycle management. Write-backs to HR apps is supported for any attribute including email addresses and phone numbers.

The Aquera SCIM Gateway for Oracle IDCS is a cloud-based service providing instant out-of-the-box connectivity between Oracle IDCS and any user import sources and provisioning targets that an organization operates, which are not covered by the Oracle IDCS connector portfolio. The Aquera SCIM Gateway powers Oracle IDCS identity lifecycle management (LCM) to continuously synchronize user account information from HR sources and to automate the account provisioning lifecycle. The SCIM Gateway enables IDCS to create, read (import), update, deactivate, and delete user accounts in any application, database, directory, or device via the IDCS SCIM (System for Cross-domain Identity Management) protocol interface. The SCIM protocol is an IETF standard for automating the exchange of user identity information between identity domains and IT systems.

Aquera complements the Oracle Identity Cloud Service Connector Portfolio

Aquera complements the Oracle Identity Cloud Service Connector Portfolio

The breadth of integration even includes provisioning users to cloud applications without user management API’s via a robotic administrative console automation and to custom homegrown applications via SQL calls or a robotic administrative console automation. The HR import use case with the Aquera SCIM Gateway is supported by the Aquera HR Onboarding Bridge Solution, which also supports write-backs to the HR application. The provisioning use case is supported by the Aquera Account Provisioning Gateway Solution. The Aquera connector catalog supports over 400 applications for use with IDCS.

Aquera Translates Oracle SCIM Messages into Native Applications Calls

Aquera Translates Oracle SCIM Messages into Native Applications Calls

Use cases supported include:

HR Onboarding Bridge with Write-Backs for any Attribute

HR Onboarding Bridge with Write-Backs for any Attribute

HR Onboarding Bridge for IDCS

  • Importing users from HR apps, databases, CRM apps, or directories
  • Importing attributes from any source including learning management systems
  • Importing users from multiple sources simultaneously
  • Writing back any attribute to the HR source application

See the Aquera HR Onboarding Video Demo

Account Provisioning Gateway for Oracle Identity Cloud Service

Account Provisioning Gateway for Oracle Identity Cloud Service

Account Provisioning Gateway for IDCS

  • Create accounts for joiners
  • Deactivating accounts for leavers
  • Update accounts for movers
  • Create, update, or delete groups
  • Sync or reset passwords for secure web authorization applications
  • Move content or do other account cleanup when deactivating users

See the Aquera Provisioning Video Demo

Easy Setup

Setup with IDCS is easy with Aquera specific templates in IDCS for applications supporting both bearer token and basic auth for user authentication for the connected applications. The Aquera side setup takes a few minutes with three quick and easy steps to select and name the application, and to then copy the Aquera-generated URL to be copied into one of these IDCS templates to complete the integration. Application field mapping is done with IDCS via a graphical mapper for both inbound flows to IDCS for HR onboarding and outbound flows from IDCS for Account provisioning. Any attribute in the connected applications is available for mapping.

Oracle Identity Cloud Service Templates and Setup for Aquera Connected Applications

Oracle Identity Cloud Service Templates and Setup for Aquera Connected Applications

Easily integrate IDCS to on-premises HR applications or provisioning target applications via outbound polling Aquera agent or VPN options. 

On-Premises Provisioning or HR Sync Communication Options

On-Premises Provisioning or HR Sync Communication Options

Security

The Aquera architecture, leverages the many features available within Amazon Web Services, the underlying platform for the Aquera service, to support security and reliability. All communications are encrypted in and out of the service. Application credentials for the connected applications are kept in IDCS. At execution time IDCS opens a synchronous communication with Aquera passing required credentials for the endpoint applications. There is no store and forward of credentials or any of the transferred data. Aquera is a stateless, pass-through service with any success or error returned to IDCS for handling including retries. Aquera undergoes annual SOC 2 type 2 audits and adheres to the EU-US Privacy Shield Framework.

Secure, Reliable and Audited Architecture

Secure, Reliable and Audited Architecture

The Aquera service is easy to monitor with a graphical representation of the metadata logs of the transactions passing through Aquera. The interface support drill-down to review specific transactions.

Easy to Monitor

Easy to Monitor

Feature Summary

A summary of the various features the Aquera SCIM Gateway for IDCS supports are:

  • Over 400 out-of-the-box connectors available for use with IDCS with build-on demand connectors added in days
  • Identity Lifecycle Management to any application, directory, database, B2B application or device
  • Ability to manage users, groups, and entitlements
  • Write-backs to HR source apps from IDCS or downstream apps such as email addresses or phone numbers
  • Multi-step orchestration within each application to complete a provisioning or deprovisioning action
  • Support for any required integration method, including REST-based APIs, SOAP/web service-based APIs, SQL, LDAP, SDKs, FTP, robotic automations of administrative consoles, file extracts, and message queues
  • All attributes available for provisioning or HR sync
  • Password sync from IDCS to target secure web authentication applications
  • Robotic automation connectors for cloud and on-premises applications with no APIs or database access
  • Connectors that are resilient and not impacted when additional attributes are added to target application’s APIs
  • Quick configuration of connectors in Aquera, and then follow the native IDCS setup as with IDCS connectors
  • SCIM Server protocol support for IDCS
  • Account credentials stored in IDCS and transmissions encrypted with TLS 1.2
  • Synchronous, stateless connections from IDCS to and from target or source applications with no store and forward and are isolated within Amazon Web Services for each transaction
  • Customer specific meta data log storage
  • IDCS Aquera interoperability tested and confirmed by Oracle
  • Easy deployment of on-premises connectivity via outbound polling Aquera agent or VPN options

Find Aquera IDCS Offers listed on the Oracle Cloud Marketplace:
SCIM Gateway for Oracle IDCS by Aquera
Okta to Oracle Identity Cloud Service Bridge
Azure AD to Oracle Identity Cloud Service Bridge

To learn more, access our additional collateral:

Contact Aquera to learn more: sales@aquera.com