How to Change the CanonicalIDDelimiter Used by OAM Federation

(Doc ID 2352028.1)

Last updated on MARCH 21, 2018

Applies to:

Oracle Access Manager - Version and later
Information in this document applies to any platform.


When using OAM as the identity provider in a federated login OAM will authenticate the user and then forward the request to federation sending the user's LDAP DN and USERID attributes as a single string separated by a colon. If the DN or USERID attribute already contains a colon such as "dn:cn=comp:person:0bb9d73dcbf34" then the federation server fails to handle this properly and considers "comp" as DN and "person" as USERID. 




Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms