Synchronization of Roles in Catalog OIM 11g R2
Introduction The Catalog is one of the most fundamental features of OIM 11g R2 request based provisioning. All requests for Resources/Accounts, Entitlements and Roles are accomplished through the...
View ArticleOIM 11g R2 Self Registration with CAPTCHA
This post walks you through the fun of customizing OIM and adding a CAPTCHA solution to the self-registration page. Captcha solutions are largely used in web sites to try to prevent automated robots...
View ArticleOIM 11g R2 Performance Patch
Oracle has released a set of patches to address some performance issues in OIM 11g R2 self-service interface. Information about these patches is available in the following Oracle support note: Document...
View ArticleLoading unique passwords with OIM bulk load
Introduction Using Oracle Identity Manager’s bulk load tool is a great way to load large numbers of user records into OIM in an efficient and performant way. The standard and documented usage of the...
View ArticleA checklist for OIM go live
This post presents a list of configuration points in OIM. Such list definitely must be taken into account whenever a customer is planning an OIM go-live. This list is not intended to replace the OIM...
View ArticleOIM 11g R2 Delegated Administration Model – Sample implementation (Part I)
Introduction It is a very common requirement from customers to have a delegated administration model that is not tied to the organizations where the administrators are placed. Historically, OIM only...
View ArticleOIM Reset Password Customization Example
Out-of-the-box, the OIM reset password functionality is available to system administrators, and to delegated administrators who have administrative privileges on users’ accounts and have the ‘reset...
View ArticleOIM monitoring check-list
Introduction Systematic monitoring of OIM deployments helps to reduce risk of both technical and security related issues. It also can help to avoid performance degradation that can happen because of...
View ArticleLogging in OIM custom code
Proper logging is one of the main considerations during custom development. This is no different in OIM projects in which custom code is being developed and deployed to OIM. Proper logging is...
View ArticleMonitoring OIM R2 PS2 Orchestration
The OIM R2 PS2 (11.1.2.2.0) release provides a great new feature: monitoring of OIM orchestration processes through Enterprise Manager console. Such feature provides the capability of querying...
View ArticleExposing User System Attributes in OIM 11gR2PS2 GUI Customization
Introduction Recently while working with a customer to help with an upgrade from OIM 11gR1 to 11gR2PS2, one interesting request came up regarding OIM GUI customization. The requirement was to expose...
View ArticleOIM Access Policy Harvesting
OIM R2 PS2 delivers a long time expected functionality: access policy harvesting. This new feature adds more flexibility to OIM access policies usage. This is another post in the Oracle Identity...
View ArticleIDM FA Integration flows
Introduction One of the key aspects of Fusion Applications operations is the Users and Roles management. Fusion Applications uses the Oracle Identity management for its Identity store and policy store...
View ArticleMass Reset Password-part1 OID
Introduction One of the great features that customers need to be aware of and it could be used, as post-process, on many different situations such as: P2T, T2P and clone is the ability to reset...
View ArticleMass Reset Password -part2 – using OIM Apis
Introduction Back in November, I wrote a blog about Mass Rest Password using OID. As mentioned there, and expected for this month, Oracle is now providing the same password change feature, but now...
View ArticleUpgrading to OIM 11.1.2.3: an overview
In this post I’m going to give an overview of the steps involved in upgrading to Oracle Identity Manager 11.1.2.3. This is just a high-level overview, with pointers to the documentation you need to...
View ArticleAuthenticating to OIM SCIM server using an OAM-generated SAML identity assertion
In a previous post previous post I provided a brief introduction to SCIM. In this post I’m going to dive right in and give an example of using the OIM SCIM services and securing them with OAM. Why...
View ArticleIdentity and Cloud Security A-Team at Oracle Open World
I just wanted to let everyone know that Kiran and I will be presenting with our good friend John Griffith from Regions Bank at Oracle Open World next week. Our session is Oracle Identity Management...
View ArticleAuthenticating to the OIG REST API from an OAM-protected web app
The objective of this post is to describe how a web app protected by an OAM WebGate can authenticate to the OIG REST APIs. In a previous blog post, I provided detailed steps to do the same thing for...
View ArticleSecure Access to Oracle Identity Manager 11g R2 PS3 REST APIs
REST APIs for Oracle Identity Manager (OIM) 11g R2 PS3 were released recently. The availability of REST APIs enables a variety of newer integrations with the product in addition to already available...
View ArticleWhere to Find Oracle Access Manager, Oracle Identity Manager Bundle Patches...
I wanted to make a quick post to primarily let people know where to find bundle patches for Oracle Access Manager (OAM) and Oracle Identity Manager (OIM) patches. While I’m at it I will also cover...
View ArticleDeveloping Workflows to OIM 11g – the basics
OIM & BPEL Working together? OIM 11g release brought us the powerful world of Oracle BPEL based workflows: from this release on, Oracle BPEL is the workflow engine to be used by OIM in all sorts of...
View ArticlePerformance Tuning Tips for OIM
Introduction Escalations in OIM are typically related to performance issues; however, performance problems can be prevented by following some common recommended practices on how to configure OIM’s...
View ArticleUsing OIM 11g APIs in Fusion Web Applications
IntroductionThe purpose of this article is to describe the setup needed to build ADF/Fusion Web Applications using JDeveloper that make use of OIM 11g new API's and Services.OverviewI have encountered...
View ArticleOIM 11g Event Handlers
Event Handlers are among the most common customizations in OIM 11g implementations. They have been available in OIM for a long time, but with 11g and its new frameworks, they certainly are becoming...
View ArticleOracle Identity Manager Academy
Index to the Oracle Identity Manager Series from the Fusion Security Blog TeamOIM 11g is the current release of the Oracle provisioning tool, this post is to be used as basis for all the other OIM...
View ArticleOIM 11g Notifications
Notifications are one of the multiple features that were improved in OIM 11g release. The previous limitation of sending text based emails (out-of-the-box emails) only is gone.Out-of-the-box templates...
View ArticleOIM 11g Event Handler example
This post shows an example of a post process event handler in OIM. The example is simple and it shows how the user profile can be updated from the event handler based on the information that is...
View ArticleOIM 11g Localization Tips
As any other enterprise application, OIM 11g provides localization features: it detects user's browser language configuration and presents the UI to the end user accordingly to the configured...
View ArticleProvisioning Users to Google Apps in Five Minutes
One exciting development (at least to me) in OIM 11.1.1.5 is the introduction of the Google Apps connector.Combine this with our existing SSO via Federation, it gives Oracle a nice lifecycle with...
View ArticleOIM 11g OID (LDAP) Groups Request-Based Provisioning with custom approval –...
Introduction In recent days, I was assigned the task to implement a use case that I am sure many customers of Oracle have in mind but are not sure how to implement in OIM 11g. I even saw some thread...
View ArticleOIM 11g OID (LDAP) Groups Request-Based Provisioning with custom approval –...
Introduction This is Part Two of the article describing a potential implementation of Request Based LDAP Group Membership provisioning. Part One can be accessed here. Continuing with the implementation...
View ArticleOIM 11g & LDAP Synchronization
Since the first OIM 11g release, one of the frequently asked questions about OIM 11g is:Should I configure OIM with LDAP synchronization or should I deploy a LDAP connector?Since earlier versions, OIM...
View ArticleEncapsulating OIM API’s in a Web Service for OIM Custom SOA Composites
Introduction This document describes how to encapsulate OIM API calls in a Web Service for use in a custom SOA composite to be included as an approval process in a request template. We always recommend...
View ArticleValidating an Oracle IDM Environment (including a Fusion Apps build out)
In this post I walk you through how to validate an Oracle Identity Management build out containing OID, OVD, OIM, and OAM. This post was motivated by work I have done with Fusion Apps.It is important...
View ArticleCustom transformation provider for OIM GTC connector
GTC based connector is one of the most used approaches for reconciling data into OIM, specially through the use of flat files. A common issue is that some customers do not allow direct communication...
View ArticleDomain Architecture and Middleware Homes Revisited
Over a year ago I wrote a couple important posts about the domain architectures used in Oracle Identity Management deployments. You can find these posts here and here.These posts have been very...
View ArticleSimplifying OIM 11g Series (Chapter One)
Introduction This is the first one in a series of posts dedicated to the design of tools that have the common goal of simplifying or enhancing the functionality provided by OIM 11g. As more and more...
View ArticleSimplifying OIM 11g (Chapter Two)
Introduction This is the second article in a series of posts with the common goal of providing customers with ideas and techniques that can be used to simplify the use of advanced features of OIM...
View ArticleOIM 11g R2 & X.509 authentication
OIM 11g R2 is out! This release brings a lot of new features and also improvements to existing features.OIM authentication providers are among the ones that were improved. The improvements make easier...
View ArticlePatch Management of an Oracle Identity Management Deployment
Today I’d like to discuss a very important topic which is patch management in an Oracle IDM/IAM deployment. Patching seems like a pretty basic topic. It is often taken for granted. However,...
View ArticleOAM and OIM 11g Academies
As many of you know, last year we created indexes of posts on OAM and OIM 11g R2 that we call OAM 11g Academy and OIM 11g Academy.These indexes contain the articles we’ve written that we believe...
View ArticleOIM 11g R2 UI Customization Tips and Tricks
Introduction OIM 11g R2 provides OIM Developers with the means to implement very sophisticated and functional rich customization to the Out-of-the-Box User Interface. These customizations are capable...
View ArticleAuthenticating OIM APIs without end user’s password
A common requirement in an OIM implementation is to not expose OIM user interface to all types of end users. To address this requirement, usually a custom application using OIM APIs is developed and...
View ArticleOIM 11g R2 Requests Lifecycle Management API’s
Introduction OIM 11g R2 being such a comprehensive provisioning solution, it provides API’s for almost every aspect of functionality available in the product. This makes it a little difficult to decide...
View ArticleOIM Connector for Identity Cloud Service
The IDCS Connector is an OIM REST based connector for Oracle’s Identity Cloud Service (IDCS). In this blog post we will look at use case scenarios for hybrid cloud solutions, that span both the Oracle...
View Article