Co-Authored by: Atul Goyal, Senior Principal Product Manager and Ritesh Kumari, Principal Product Manager
Oracle Identity Cloud Service (IDCS) provides single signon, user lifecycle management and API access management for a wide variety of SaaS and on-premises applications. When we set out to build user provisioning and lifecycle management in Identity Cloud Service (IDCS), we wanted to make sure that:
Burgeoning demand for automation and governance drives innovation
Until recently, the Identity Cloud Service Application Catalog provided Application Templates with support for user provisioning for a variety of popular SaaS applications. Customers could configure end to end user account automation for applications like Office 365, GSuite, Box and several others within minutes. Customers could work with SCIM (System for Cross-Domain Identity Management) Gateways from partners like Kapstone LLC and Aquera to automate provisioning with several hundred applications. Our customers wanted us to extend user lifecycle management support to on-premises applications as well as bespoke apps. Customers of Oracle Identity Governance (OIG) wanted IDCS to support a seamless transition to Cloud without rewrites or re-platforming. With the introduction of the Oracle Identity Cloud Provisioning Bridge, IDCS customers can now integrate with practically any application, regardless of where the application is running. The Provisioning Bridge enables customers to use the extensive set of Oracle and Partner-developed connectors. The use of the Identity Connector Framework(ICF) as the backbone for application connectors enables customers and partners to rapidly integrate their applications with IDCS.
Key Design Principles
Downloading the Bridge binaries
The Provisioning bridge can be downloaded from the Downloads page in the IDCS Admin Console.
Installing and configuring the Bridge
The Bridge, can be installed on Windows, Linux or a Mac, which must have connectivity to the Internet as well as network connectivity to the applications that will be managed by IDCS.
After installing the Bridge, add a Provisioning Bridge instance using the IDCS UI. You will be provided the OAuth credentials for the Bridge, which you will use as part of configuring the Bridge to securely communicate with IDCS.
You need to add provisioning bridge from the IDCS UI i.e. IDCS console->Setting-> Provisioning Bridge-> Add.
Now, install the provisioning bridge by using install script and provide client ID and secret which has been generated for the bridge. Once installation is completed after that need to run start script.
Once Provisioning bridge is up you would be able to see its status in IDCS console.
After that you can associated provisioning bridge with the on-premise applications which are available in IDCS application catalog.
In IDCS Application Catalog you will see various pre-integrated Application Templates for the Provisioning Bridge i.e.
All the LDAP templates have the authoritative sync (all the LDAP users would be considered as IDCS users) and provisioning (creating account in target application and synching account from target application) capabilities. If you are interested in learning more, please watch our video, Synchronize Users from Oracle Internet Directory to Oracle Identity Cloud Service.