My Oracle Support Banner

How To Set The OAM SP Session Level Depending On IdP Authentication Method (Doc ID 2054099.1)

Last updated on AUGUST 07, 2018

Applies to:

Oracle Identity Federation - Version 11.1.2.2.0 and later
Oracle Access Manager - Version 11.1.2.2.0 and later
Information in this document applies to any platform.

Goal

How to configure Oracle Access Manager (OAM) as Service Provider (SP) to create the OAM session based on the authentication method used for login to the Identity Provider (IdP) domain?

Example use case:

Users may authenticate in the IdP domain using one or two factor authentication.
Specific applications / resources in the OAM SP domain are only accessible for users who have authenticated using two factor authentication (2FA) or another higher level form of authentication.
The requirement is to set the OAM session authentication level to a lower or higher level depending on the level of authentication performed in the IdP domain.
The IdP will send the authentication level in the AuthnContext element of SAML 2.0 assertions.

Solution

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Goal
Solution


This document is being delivered to you via Oracle Support's Rapid Visibility (RaV) process and therefore has not been subject to an independent technical review.
My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.