Oracle Access Governance optimizes identity orchestration and enables unlimited integrations with generic connectors

March 19, 2024 | 4 minute read
Pavana Jain
Vice President, Product Management
Text Size 100%:

Oracle Access Governance is a cloud native Identity Governance and Administration (IGA) solution that provides organizations with a user-friendly overview of workforce and end users’ access to digital resources. It empowers organizations to evaluate the necessity of access permissions and monitor how entitlements are utilized. In addition to facilitating the governance of enterprise digital assets, Oracle Access Governance offers integrations across an array of applications, systems, platforms, and identity stores. These integrations are streamlined through low-code, wizard-based solutions that simplify the onboarding process for applications and services.

In the latest service update, Oracle Access Governance introduces new capabilities that focus on identity orchestration and integrations enhancing the speed and ease of application onboarding for organizations.

Speed and scope of identity orchestration

Oracle Access Governance streamlines identity orchestration by offering an extensive array of specialized and generic integrations right out of the box. It offers downloadable container-based agents tailored for systems operating behind enterprise firewalls and API-based direct integrations for cloud services and systems in public domains. These integrations enable seamless application and system integration in one of the following ways:

  • Authoritative source for identity data onboarding and updates: Systems and applications can serve as the authoritative source for onboarding and updating identity data through identity reconciliation. This function helps ensure accurate and up-to-date information across the organization.
  • Managed systems for governing access: Systems and applications can also function as managed systems for identity governance. This alternative involves account provisioning, account reconciliation, and reviewing access to enhance compliance and security.
  • Dual role as authoritative source and managed systems: Systems and applications can fulfill both roles, serving as the authoritative source for identity data while also being managed systems for governing access. This comprehensive approach helps ensure data accuracy and security while streamlining access governance.

By offering flexible integration options and supporting various use cases, Oracle Access Governance empowers organizations to effectively manage and govern access to their digital resources as depicted in Figure 1.

The workflow diagram for authoritative sources and manage systems with Oracle Access Governance.
Figure 1: Identity orchestration flow with Oracle Access Governance

 

Correlation rules

Oracle Access Governance creates composite identity profiles by using correlation rules to match the identity data ingested from different authoritative sources. During data ingestion from managed systems, multiple accounts can correlate to a single identity. Account matching establishes associations between user accounts from managed systems and their respective identities. You can easily build these correlation rules in Oracle Access Governance by using identity and account attributes with a simple mapping tool.

For cases where an account doesn’t match to an identity automatically, Oracle Access Governance initiates a microcertification process for the unmatched account. This process enables manual matching with the correct identity or remediation within the managed system.

Inbound and outbound transformations

Whether acting as authoritative sources or managed systems, applications often present data in diverse formats. As depicted in Figure 2, Oracle Access Governance addresses this challenge by employing inbound transformation rules during the data ingestion process from authoritative sources. Then, these rules facilitate the creation or enhancement of identity profile information by transforming incoming identity data into a standardized format. When ingesting data from the managed systems, Oracle Access Governance utilizes inbound transformation rules to construct account data helping ensure consistency and accuracy across the platform. Finally, Oracle Access Governance provides outbound transformation rules that use identity attributes to define account attributes for provisioning in the managed systems maintaining coherence throughout the provisioning process.

 

The process of data transformation using correlation rules in Oracle Access Governance.
Figure 2: Data flow with transformation and correlation rules in Oracle Access Governance

  

REST integration

As enterprises adapt to an ever-evolving digital landscape, easy onboarding of new or updated applications is essential. To effectively manage identity provisioning, access management, continual monitoring and help address compliance requirements, enterprises are increasingly turning to API-based integrations. These integrations enable seamless communication between various systems and a centralized IGA platform.

Oracle Access Governance offers generic REST integration, a solution designed to ingest identity and access data, while managing access controls for new managed systems introduced in the enterprise ecosystem. Oracle Access Governance REST API integration is equipped with logic to process requests and generate responses. This functionality enables seamless communication with the REST APIs of integrated application-facilitating tasks, such as data reconciliation and provisioning operations.

Flat-file integration

In situations where connecting applications are a challenge because of factors such as sensitive demilitarized zone (DMZ) settings, controlled environments, lack of support for structured data, or absence of APIs, Oracle Access Governance provides generic flat-file integration. This integration method involves using delimited text files as inputs and a defined schema. It generates tasks and work orders as output in delimited text files facilitating offline fulfillment of integration requirements. Oracle Access Governance flat-file integration offers several useful features, including the following examples:

  • Sample files for data preparation
  • Secure transfer of data using OCI Bitbucket file synchronization
  • Instant data-mapping results
  • Schema extensions and inbound and outbound transformations

Conclusion

We’re excited to deliver the latest Oracle Access Governance enhancements to our customers, and we can’t wait to hear your feedback. Visit our product page and documentation to learn more about Oracle Access Governance. Have questions about Oracle Access Governance? Join our Identity and Access Management forum on the Cloud Customer Connect Community.

For more information, see the following resources:

Pavana Jain

Vice President, Product Management

Abhishek Juneja


Previous Post

Deploying to OKE from GitLab CI/CD

Adina Nicolescu | 3 min read

Next Post


Hosting public reverse DNS zones in OCI

Carlos Santos | 3 min read