To ensure that questions get required attention from community members and are NOT left unanswered, it’s important for the author to indicate (by selecting “Yes” or “No” when prompted) whether the question was answered. (newly added) Please note that it is also important to respond to EACH comment your question receives. Your Yes or No response ensures an accurate status for your question.
For more information, please refer to this announcement explaining best practices for getting answers to questions.
For more information, please refer to this announcement explaining best practices for getting answers to questions.
Identity and Access Management
Discussion List
-
Does OCI administrator role cover the privilege for IDCS administrator role ?Previously, when we have a separate instance of IDCS and OCI. IDCS administrator role and OCI administrator role are separate. After that, IDCS has been merged to Identi… -
I need to terminate employees immediatelySummary: I need to terminate employees immediately, but after this action (Termination), the employee should be notified and have access to the system for example, 3 day… -
How do I retrieve customer secret key created using identitydomains Python SDKI have Python code that generates a customer secret key for the current user. This uses the following steps: 1. Creates an identity domain client using oci.identity_doma…
-
Supplier Role Deprovisioningwe are deprovisioning a role to our existing supplier users and preventing this role to be defaulted to new supplier usersand preventing this role to be defaulted to new…
-
OCI IAM domain upgrade error when upgrading Free to Oracle Apps PremiumSummary: Hello Folks, I am on OCI GEN3 and been trying to upgrade our Free OCI domain to Oracle Apps Premium but getting the error – ‘Authorization failed or requested r… -
Authorizations in OCI App Gateway not workingSummary: We have been doing some testing of/with the OCI App Gateway, but we are not able to get authorizations/SSO configuration working. Content (please ensure you mas…
-
How do I disable Oracle MFA if users are authenticated by a third party identity provider?I added Microsoft Entra (fka AzureAD) as a third party entity provider and users are now able to sign in using this. But users are still prompted for Oracle MFA and we w…
-
Support for dual certificates in HCM API authenticationSummary: HCM supports dual certificates in the single sign-on SAML for identity providers, but it appears that there is not a way to support dual certificates for the in…
-
Malware/Virus Scan for documents uploaded in UCM from External SourceSummary: Is there any Oracle Solution that deals with the documents scanning for uploaded documents from external system to Oracle UCM Cloud for virus/malware scanning. …
-
Unable to create Master Encryption Key for client provided RSA 4096 bit KeySummary: Hi Team, I am trying to create a master encryption key with Software mode and I have to import an external key. I have a 4096 RSA private key and Client certifi… -
Export out list of reports/book from FR and ReportSummary: how would we export out the list of reports/book from reports and from finance reporting? Content (please ensure you mask any confidential information): Version…
-
Can REST API "/oauth2/v1/userlogout" logout from SSO session SAML authenticated?Background: I am working on SSO integration between IAM (as SP) and Okta (as IDP) that is a customer authentication platform, using the SAML protocol. Requirement: Custo…
-
Error while attempting to use OAuth for REST APII've used the REST APIs in other instances such as EPM via basic authentication, but I'm now attempting to use IDCS endpoints, and it's causing me issues. Stop me if I'm…
-
Is there a way to default IDCS domain in OCI login screen?Summary: At present, our tenant has several IDCS domains set up. As a result, users must select the correct domain when logging into our Oracle Cloud account. To minimiz…
-
How to ignore federated users from the OCI Configuration Detector Recipe (Oracle managed)Summary: Hello. We have many thousands of users that use Oracle Analytics. Authentication for our OAC users is done via AzureAD. These users don't login to the OCI conso…
-
Delete privilege from custom roleHi, When launching the Usage metrics drill through report, I saw that a too much users were using the subscription for "Oracle Fusion Procurement Cloud Service - Hosted … -
Privilege to view "User-Defined Tables" DataDear Team, We would need to know the relevant privilege to view the data of "User-Defined Table" in Setup and Maintanace. Since we are currently working with access rest…
-
Role that provides least privilege to access compliance documentsLooking for the role that will provide access to access compliance documents (SOC, etc.) but as little else as possible. I cannot seem to find this noted in the document… -
Which setup is needed in the IDCS for the users to acces/edit all the tenancies and related apps?Hello, The customer’s team has requested an extension of their access level from view-only to full access for some users (all the tenancy and related apps). Based on the…
-
"Sign-on policy denies access" problemSummary: I am the only admin of my tenancy, and I am encountering "Sign-on policy denies access" problem after I modified sign-on policy mistakenly. Content: I mistakenl…
-
Enterprise application - Application URLSummary: I've created an "Enterprise Application" so users can be redirected to my app built with vbcs. Users sign in using sign-page provided by Oracle. When app is sho…
-
login.oraclecloud.com certificate expirationCurrently the certificates for login.oraclecloud.com to be used for SAML SSO authentication have a valid period of 10 years. Is it possible to have new certificates issu…
-
Is there a notification that alerts IDCS users to expiring passwords? I cannot find the setting.Summary: In IDCS, is there functionality that sends out notifications when a period of time before a user's password is set to expire? How can we control this and the nu…
-
"Social" / OIDC IdP secret not hidden in GUISummary: "Social" / OIDC IdP secret not hidden in GUI Content (please ensure you mask any confidential information): When I want to view config for an existing "Social" … -
I want to manage users in other compartments to which the executing user belongs.Summary: The following policy is set up, but if the A-Compartment is in a different compartment than the executing user, the A-Compartment will not be displayed. What po…
-
Accidentally removed myself from the administrator groupI accidentally removed myself from the administrators group. When trying to set up resources or view settings I get "Authorization failed or requested resource not found…
-
code sign certificateSummary: code sign certificate question Content (please ensure you mask any confidential information): When creating a certificate on OCI, one of the certificate types i…
-
How to export users assigned to an application in IDCS?Summary: Hi, We need to get a list of all users assigned to a specific application in IDCS. How could we achieve that? The option to export users from the users page, do… -
SSO and Split screen setup in EPMWe have multiple EPM applications all running in one domain (Inside the default domain > Oracle Cloud services, we have all the EPM applications) and have configured SSO… -
Audit Logs x Users & Roles - ERP FusionHi everyone, Can you please let me know if it is possible to turn on audit logs for actions such as create/update users and roles? Thanks in advance!