Oracle Identity Cloud Service provides identity management, single-sign-on (SSO) and identity governance for applications on-premise, in the cloud and mobile applications.
Audit events enable organization administrators to review the actions performed by members of their organization using details provided by the Audit logs – who performed the action, performed it, and what the action was.
Oracle Identity Cloud Service, an Identity and Access Management platform, is the central point of control for all activities happening in the system. It generates audit data in response to all administrator and end user operations, such as User Login, Application Access, Password Reset, User Profile Update, CRUD operations on Users, Group, Applications, and so on.
Centralized Identity as a Service (IDaaS) simplifies access to enterprise information resources and enables administrators to easily audit which users can access which resources at which times. They can maintain constant control and conduct complete entitlement reviews to catch situations where people no longer need access, with outbound credentials for hosted applications in the cloud and inbound credentials from third parties.
You can run user and application reports by using:
Reporting is a basic feature that comes as part of the Identity Cloud Services user interface, but only provides some simple reporting. A more powerful way to retrieve Audit records from Identity Cloud Services is to use the REST API. The REST API endpoint can use optional query parameters and filters to fine tune what information you want
Use the REST API to enable diagnostics and download the diagnostics report. You can use a shell script or you can perform the task manually.
Starting from version 18.3.4, Oracle Identity Cloud service does not support enabling diagnostics using the user interface.
How to Access Oracle Identity Cloud Service
Access Oracle Identity Cloud Service through a service web console or the REST API.
In order to securely manage your resources, including identities and configuration data using Oracle IDCS REST APIs, please refer to the following documentation:
Two user reports are available with Oracle Identity Cloud Service: Successful Login Attempts: View users who have logged in to Oracle Identity Cloud Service successfully.
Unsuccessful Login Attempts: View users who have not logged in to Oracle Identity Cloud Service successfully.
Two application reports are available with Oracle Identity Cloud Service: Application Access: View how many times users logged in to both Oracle Identity Cloud Service, and Oracle and custom applications in your identity domain.
Application Role Privileges: View application role grants and revokes for users and groups for applications that are configured in Oracle Identity Cloud Service.
Using the Audit Event APIs
Using the Audit Event APIs
Oracle Identity Cloud Service's Audit Events REST endpoints enable you to get Audit logs covering significant events, changes, or actions. Using these APIs, you can integrate all Security Information and Event Management (SIEM), User and Entity Behavior Analytics (UEBA), and Cloud Access Security Broker (CASB) to poll Audit data.
Oracle Identity Cloud Service: First REST API Call In this tutorial, you learn to perform your first REST API call to Oracle Identity Cloud Service.
Generating Audit Logs Using Oracle Identity Cloud Service Audit Event REST APIs
In this tutorial, you learn how to make REST API calls to Oracle Identity Cloud Service using the cURL utility, typically to generate Audit Event logs.
Using the Oracle Identity Cloud Service REST APIs with Postman This tutorial shows you how to make REST application programming interface (API) calls to Oracle Identity Cloud Service using Postman, software typically used for REST API tests
Identity Cloud Services Audit Event REST API
This article is to help expand on topics of integration with Oracle’s Cloud Identity Management service called Identity Cloud Services.
The audit events can be accessed using the Identity Cloud Services SCIM 2.0 compliant REST API. SCIM (System for Cross-domain Identity Management) which is an open standard to simplify user identity management in the cloud.
Under the hood: Oracle Identity Cloud Service Audits Audit events enable organization administrators to review the actions performed by members of your organization using details provided by the Audit logs – who performed the action, performed it, and what the action was.
Identity Cloud Services Audit Reports using Visual Analyzer