Click HERE to see how Saviynt Intelligence is transforming the industry. |
on 06/23/2023 05:54 AM - edited on 04/04/2024 09:29 AM by Rishi
The integration was either created by Saviynt or by Saviynt community users. The integration is available “as is” and falls under standard connectors support for REST, SOAP, JDBC, LDAP, PowerShell, Jar, and Saviynt Connector Framework.
This guide describes the integration between Saviynt Enterprise Identity Cloud (EIC) and Oracle Identity Manager.
This guide is intended for administrators and target application integration teams responsible for implementing a secure integration service with Oracle Identity Manager.
Introduction
Oracle Identity Manager (OIM) is a comprehensive identity management solution provided by Oracle Corporation. It is designed to simplify and automate the management of user identities, access rights, and security policies within an organization. OIM helps organizations enhance their security, streamline administrative processes, and comply with regulatory requirements.
The primary goal of Oracle Identity Manager is to ensure that the right people have the right level of access to the right resources at the right time. It provides a centralized platform for managing user identities, roles, and entitlements across various enterprise systems, applications, and services.
For more information about different connectors in EIC, see Saviynt Enterprise Identity Cloud Connectors.
The Oracle Identity Manager integration supports the following features:
Software | Version |
EIC | Release v4.5 and later |
EIC uses a REST connection for integrating with Oracle Identity Manager for performing provisioning items in Oracle Identity Manager Queue. The REST connection uses the REST protocol to communicate with the REST interface of Oracle Identity Manager.
The following diagram illustrates the integration architecture and communication with the target application.
Prerequisites
To establish a connection with Oracle Identity Manager (OIM), there are several prerequisites that need to be in place. These prerequisites include:
Oracle Identity Manager Installation: Ensure that Oracle Identity Manager is properly installed and configured in your environment. Follow the installation and configuration documentation provided by Oracle to set up OIM correctly.
Database Configuration: Oracle Identity Manager requires a supported database for storing its configuration data. Ensure that the appropriate database is installed and configured as per the requirements specified by Oracle. OIM typically supports databases like Oracle Database, Microsoft SQL Server, or IBM DB2.
System Requirements: Review the system requirements provided by Oracle to ensure that your environment meets the necessary hardware, software, and network prerequisites for running Oracle Identity Manager. This includes aspects such as operating system version, CPU, memory, disk space, and network connectivity.
Oracle WebLogic Server: Oracle Identity Manager is typically deployed on Oracle WebLogic Server, which serves as the application server. Ensure that you have a supported version of WebLogic Server installed and configured properly.
User and Roles: Ensure that you have the necessary administrative access to Oracle Identity Manager. You will need appropriate user credentials with administrative privileges to connect to and manage OIM.
Network Connectivity: Ensure that the network connectivity between the client machine and the Oracle Identity Manager server is established. This includes verifying that firewalls, proxies, or any other network infrastructure components are properly configured to allow communication between the client and the OIM server.
Credentials and URLs: Collect the required connection information such as the URL for accessing the Oracle Identity Manager console, database connection details, and any other relevant credentials or URLs needed to establish a connection to OIM.
For more details please check the Oracle Identity Manager documentation
Note: One connection of Oracle Identity Manager can be used to onboard multiple applications.
Connection refers to the configuration setup for connecting EIC to target applications. For more information about the procedure to create a connection, see Creating Connections.
Connection Name * | Provides a unique name for the connection. |
Connection Description * | Provides the description for the new connection being created. |
Connection Type * | Select the connection type as REST. |
Save Template | Allows you to save the connection template with the specified parameter values. Click Save Template and specify the template name. |
Email Template | Provides the email template applicable for notifications. Email notifications provides immediate trigger of emails to respective user based on actions performed. Emails acts as one of the notifications to user informing which action has been performed and if critical, needs immediate action from the user. |
Default SAV Role | Provides the SAV role for which you want to assign access to the newly created connection. The SAV role is an EIC Role used to give specific access to a User. For example, if ROLE_User is selected then the user(s) assigned the ROLE_User are given access to this connection. |
Connection JSON
| Specify this parameter to establish a REST connection with Oracle Identity Manager application.
|
To create Queue in Oracle Identity Manager, poll and fetch the status of Queue when the WSRETRY job is run, specify the below-mentioned parameters.
CREATETICKETJSON | Specify this parameter to create Queue in Oracle Identity Manager. When you run the WSRETRY job using the CREATETICKETJSON parameter, it creates Queue in Oracle Identity Manager. The possible status of Queue in Oracle Identity Manager are Open, Request Completed, or Pending. The ticket remains in Open status in Oracle Identity Manager it is automatically or manually completed in Oracle Identity Manager.
|
Ticket Status JSON |
|
The following steps provide the entire workflow of how a request is created and closed in EIC after the ticket is closed in Oracle Identity Manager.
Log in to EIC.
Go to ARS and submit the type of request (create an account, remove an account, or add access, remove access).
Approve the request in EIC.
Define the service desk connection with the connection you created for this integration purpose.
Run the WSRETRY job. The item is added to a queue in Oracle Identity Manager using the CreateTicket JSON.
The admin logs in to the Oracle Identity Manager RPA system and checks the open Queue.
Based on the managed application to which the task is created, the admin completes the request in that application and closes the Item from the Queue in Oracle Identity Manager.
The tasks in EIC are completed.
connection package helps you build the connection with pre-defined JSONs, this can be used if your tenant does not already have out-of-the-box connection templates available. Here are the steps to import the Oracle Identity Manager connection package.
Download the connection package.
Navigate to Admin → Transport → select Import Package.
Browse the downloaded package and Import.
Navigate to Admin → Connections → Select “Oracle Identity Manager” Connection.
Edit the connection with your Oracle Identity Manager tenant details.
The security system represents the connection between EIC and the target application. For more information on creating a security system, see Creating a Security System.
Endpoint refers to the target application used to provision accounts and entitlements (access). For more information on creating an endpoint, see Creating Endpoints.
To troubleshoot common problems with connectors, answer frequently asked questions, and provide solutions to a few common issues you might encounter while configuring or working with connectors, see Common Troubleshooting Guide for Connectors.
To troubleshoot common problems or obtain answers to frequently asked questions for REST connectors, see the REST Connector Guide.