OAMR2PS2 Used As SP To Couple With IDP: Using Partners Key for Decryption of Messages (Doc ID 2024239.1)

Last updated on SEPTEMBER 21, 2016

Applies to:

Oracle Access Manager - Version 11.1.2.2.4 and later
Oracle Identity Federation - Version 11.1.2.2.0 and later
Information in this document applies to any platform.

Goal

We are using OAMR2PS2 in our environment for both our internal access management as our federation environment.
We are now coupling an application to one of our partners ( big 4! ).
So we are the service provider and our partner is the identity provider.
But we are facing following problem:
This partner is enforcing us to use his certificate (private key!) for the decryption of their messages.
They also enforce us to use a particular provider id.
The question we have now for support is:
1) Is it possible to use different certificates for decryption of messages of different partners?
Because we are also coupling with a lot of other partners...
We are now configuring this decryption certificate by adding it to the .oamkeystore, and selecting it on the 'Federation Settings' page --> 'Encryption Key'.

2) If you use OAM to be service provider for multiple applications, to multiple partners, is it then possible to use different Provider Id's for ourself?
 

Solution

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms