X

@OracleIMC Partner Resources & Training: Discover your Modernization options + Reach new potential through Innovation

Review user and application access with Oracle IDCS Audit Reports

Mihai Dragomir
EMEA A&C Cloud Adoption & Implementation Consultant

Oracle Identity Cloud Service provides identity management, single-sign-on (SSO) and identity governance for applications on-premise, in the cloud and mobile applications.

Audit events enable organization administrators to review the actions performed by members of their organization using details provided by the Audit logs – who performed the action, performed it, and what the action was.

Oracle Identity Cloud Service, an Identity and Access Management platform, is the central point of control for all activities happening in the system. It generates audit data in response to all administrator and end user operations, such as User Login, Application Access, Password Reset, User Profile Update, CRUD operations on Users, Group, Applications, and so on.

Centralized Identity as a Service (IDaaS) simplifies access to enterprise information resources and enables administrators to easily audit which users can access which resources at which times. They can maintain constant control and conduct complete entitlement reviews to catch situations where people no longer need access, with outbound credentials for hosted applications in the cloud and inbound credentials from third parties.

Before You begin

You can run user and application reports by using:

  • The Identity Cloud Service console
  • SCIM-based APIs

Reporting is a basic feature that comes as part of the Identity Cloud Services user interface, but only provides some simple reporting. A more powerful way to retrieve Audit records from Identity Cloud Services is to use the REST API. The REST API endpoint can use optional query parameters and filters to fine tune what information you want

Use the REST API to enable diagnostics and download the diagnostics report. You can use a shell script or you can perform the task manually.

Starting from version 18.3.4, Oracle Identity Cloud service does not support enabling diagnostics using the user interface.

  • How to Access Oracle Identity Cloud Service
    Access Oracle Identity Cloud Service through a service web console or the REST API.

  • In order to securely manage your resources, including identities and configuration data using Oracle IDCS REST APIs, please refer to the following documentation:

  • Using the Postman Collection
    A Postman solution is available for use with the Oracle Identity Cloud Service REST APIs that includes a Postman collection, a Postman environment, and a tutorial.
    The Postman collection has an accompanying tutorial (Using the Oracle Identity Cloud Service REST APIs with Postman) that shows you how to set everything up using the collection and then make REST API calls to Oracle Identity Cloud Service using Postman.
  • Using cURL
    cURL is an open source, command-line tool for transferring data with URL syntax, supporting various protocols including HTTP and HTTPs. The examples within this document use cURL to demonstrate how to access the Oracle Identity Cloud Service Admin REST APIs.

How you begin

Getting started

Two user reports are available with Oracle Identity Cloud Service: Successful Login Attempts: View users who have logged in to Oracle Identity Cloud Service successfully.

Unsuccessful Login Attempts: View users who have not logged in to Oracle Identity Cloud Service successfully.

Two application reports are available with Oracle Identity Cloud Service: Application Access: View how many times users logged in to both Oracle Identity Cloud Service, and Oracle and custom applications in your identity domain.

Application Role Privileges: View application role grants and revokes for users and groups for applications that are configured in Oracle Identity Cloud Service.

See how to run user and application reports in Oracle Identity Cloud Service 

Implementation of Some of the Use Cases

  • Using the Audit Event APIs

    • Using the Audit Event APIs
      Oracle Identity Cloud Service's Audit Events REST endpoints enable you to get Audit logs covering significant events, changes, or actions. Using these APIs, you can integrate all Security Information and Event Management (SIEM), User and Entity Behavior Analytics (UEBA), and Cloud Access Security Broker (CASB) to poll Audit data.

    • Oracle Identity Cloud Service: First REST API Call In this tutorial, you learn to perform your first REST API call to Oracle Identity Cloud Service.

    • Generating Audit Logs Using Oracle Identity Cloud Service Audit Event REST APIs
      In this tutorial, you learn how to make REST API calls to Oracle Identity Cloud Service using the cURL utility, typically to generate Audit Event logs.

    • Using the Oracle Identity Cloud Service REST APIs with Postman This tutorial shows you how to make REST application programming interface (API) calls to Oracle Identity Cloud Service using Postman, software typically used for REST API tests

    • Identity Cloud Services Audit Event REST API
      This article is to help expand on topics of integration with Oracle’s Cloud Identity Management service called Identity Cloud Services.
      The audit events can be accessed using the Identity Cloud Services SCIM 2.0 compliant REST API. SCIM (System for Cross-domain Identity Management) which is an open standard to simplify user identity management in the cloud.

    • Under the hood: Oracle Identity Cloud Service Audits Audit events enable organization administrators to review the actions performed by members of your organization using details provided by the Audit logs – who performed the action, performed it, and what the action was.

  • Identity Cloud Services Audit Reports using Visual Analyzer

Usage

 

Be the first to comment

Comments ( 0 )
Please enter your name.Please provide a valid email address.Please enter a comment.CAPTCHA challenge response provided was incorrect. Please try again.