My Oracle Support Banner

How to Configure OAM for Second Factor Authentication Using a Apple Push Notifications to an iOS Device (Doc ID 2319759.1)

Last updated on FEBRUARY 20, 2024

Applies to:

Oracle Access Manager - Version 11.1.2.3.0 and later
Oracle Mobile and Social - Version 11.1.2.3.0 and later
Information in this document applies to any platform.
Oracle is not responsible for instructions/information from 3rd party sites that may be contained in this KM note.

Goal

How to configure OAM second factor authentication (SFA) such that a push notification is delivered to an iOS device where the end-user has to either allow or deny the login attempt. The push notification is delivered to the Oracle Mobile Authenticator application (OMA) which then communicates with the OAM server to grant or deny the end-user access to the protected resource. The steps below are ONLY for configuring push notifications to iOS devices. See Document ID 2308621.1 for details on setting up push notifications to android devices via Google Cloud Messaging (GCM).

Note that this note covers the use of SFA to send a push notification only. While the configuration of a one­-time password with the OMA application covers some of the same pieces (such as OMA and the AdaptiveAuthentication scheme) that setup is covered in note 2307570.1.

Solution

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

In this Document
Goal
Solution
 Configure the OAM server settings from within the OAM console
 Configure change in the oam­-config.xml file manually
 Create an authentication policy to protect a resource that contains a post­authentication rule to switch to the AdaptiveAuthentication scheme
 Create an Apple iOS development certificate
 Create an Apple App ID and bundle identifier
 Set the APNS keystore password within the OAM credential store
 Create a webpage to deliver the OMA application profile to the iOS device
 Install the OMA application onto the iOS device
 Register the user account within the OMA application
 Test SFA via push notification
 Troubleshooting / Debugging
 Push notification is never received on the iOS device
 User not found in the LDAP directory
 Fail to send APNS2 notification after 3 trials. Trial limit has been reached
 Expected/Good log output for normal push notification
References

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.