My Oracle Support Banner

12c: How to Authenticate to an OIM SCIM Server Using an OAM-generated SAML identity assertion (Doc ID 2614575.1)

Last updated on APRIL 21, 2021

Applies to:

Identity Manager - Version 12.2.1.3.180413 and later
Information in this document applies to any platform.

Goal

This document adapts the instructions from A-Team document for Authenticating SCIM REST calls in 11g using an OAM-generated SAML assertion to work with the updated security settings and changes in OIM/OAM 12c.

The original document for 11g can be found at this link:

https://www.ateam-oracle.com/authenticating-to-oim-scim-server-using-an-oam-generated-saml-identity-assertion

This document will provide the full and updated list of instructions specifically for 12c.  For 11g instructions and details about why you would want to use SAML assertions in this way, please review the original document.

 

Solution

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Goal
Solution
 Prerequisites
 Step 1: Creating the example application
 Step 2: Modify the OHS Config
 Step 3: Protect the ShowMyProfile custom app in OAM
 Step 4: Ensure that the Authorization Module in OAM is enabled
 Step 5: Import the OAM SAML certificate into the OIM domain
 Step 6:  Configure OWSM to trust the SAML issuer "OAM User Assertion Token"
 Step 7: Configure SAML2 Login Module to use correct attribute for username mapping
 Step 8: Testing
 Known Issue(s)
References


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.