OIF 11g: Questions About Creation and Maintenance of Federation Records (Doc ID 1982761.1)

Last updated on MARCH 08, 2017

Applies to:

Oracle Identity Federation - Version 11.1.1.2.0 and later
Information in this document applies to any platform.

Goal

1. When SSO login is performed with Oracle Identity Federation (OIF), OIF will create a federation record for the user if the Federation Store is configured. This record will store key details specific to that user's identity, including the NameID value.

These records can be viewed in EM Console under OIF -> Identities.

When the user values e.g. NameID value is changed in OIF User Data Store, it is seen that the corresponding value stored in the OIF->Identities does not refresh. As a result, the old value is passed to Service Providers (SPs).

How to ensure that OIF as Identity Provider (IdP) passes the new/changed user account information to SPs?
 

2. Is it possible to stop OIF from creating federation records? i.e. forcing OIF to fetch the new/latest user attribute values for every login.


3. Is there anyway to refresh all the federation record values or delete all the OIF federation records using a script?
 

4. When OIF is configured for RDBMS Federation Store, what table are the federation records stored in?
 

Solution

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms