Enabling SSO is a self-service process starting R19A

0

1. Please note that enabling SSO is a self-service process starting R19A.
Ref.:
https://docs.oracle.com/en/cloud/saas/applications-common/21b/facsa/single-sign-on.html#FACSA3428008

https://www.oracle.com/webfolder/technetwork/tutorials/tutorial/cloud/r13/wn/common/releases/19A/19A-common-wn.htm#F6770

You have to follow the below steps in Fusion side -> Security Console:
1. Go to Security Console.
2. Click on “Single Sign-On” TAB.
3. Click on “Create Identity Provider” button.
4. Click on the “Identity Provider Details” tab.
5. Click the “Edit” button.
6. Fill the Name of the Identity Provider without spaces, just underscores are allowed.
7. Select Name ID Format (Email or Unspecified). Unspecified means the username of the users.
8. RelayState URL
Ex.: https://xxxxx.fa.us2.oraclecloud.com/fscmUI/faces/FuseWelcome
9. Check the “Default Identity Provider” checkbox.
10. On the “Import Identity Provider Metadata” area:
a. click on the Browse button, choose the Identity provider metadata file and click the Open button.
or
b. provide the External URL of your Metadata
11. Click the “Save and Close” button.
12. Click on Diagnostics and Activation tab.
13. Test the Identity Provider by clicking on the Test button.
BEFORE enabling the Identity Provider this must undergo a successful test.
14. After successful test click Edit button.
15. Enable Identity Provider.
16. Click the Save and Close and Done buttons.
17. From the “Single Sign-On” TAB please Edit and check the checkbox “Enable Chooser Login Page”.

The Service Provider (SP) metadata file can be downloaded from this link:
https://xxxxx.us2.oraclecloud.com/fed/sp/metadata?signid=osts_signing_sha256&encid=osts_encryption_sha256&sigalgm=SHA-256

Please review below document for complete information on Federation Integration:

Fusion Applications Technology: Master Note on Fusion Federation ( Doc ID 1484345.1 )

2. Regarding Shibboleth server side, please note that Oracle does not offer support on 3rd party applications.

Please contact Shibboleth local team which will help you with setting-up the SSO between Shibboleth and Fusion.

For your reference please review below KM note:

Integrating Shibboleth Identity Provider 2.4.0 with Oracle Fusion SAML Service Provider ( Doc ID 1619346.1 )

I could find below up-to-date Shibboleth reference documentation.

https://shibboleth.atlassian.net/wiki/spaces/IDP4/overview

Share.

About Author

Leave A Reply