Identity and Access management

Below are the Parameters to create a user in OIM through REST: URL: http://OIM_HOST:14000/idaas/im/scim/v1/Users Authentication:  Username(xelsysadm): Password Request Type: Post Request Content: Application/scim+json Request Body: { "schemas": [ "urn:ietf:params:scim:schemas:extension:oracle:2.0:OIG:User", "urn:ietf:params:scim:schemas:core:2.0:User", "urn:ietf:params:scim:schemas:extension:oracle:2.0:IDM:User", "urn:ietf:params:scim:schemas:extension:enterprise:2.0:User" ], "userName": "USER_LOGIN", "password":"PASSWORD", "name": { "givenName": "FIRST_NAME", "familyName": "LAST_NAME" }, "emails": [ { "value": "EMAIL", "type": "work" } ], "userType": "Full-Time", "urn:ietf:params:scim:schemas:extension:enterprise:2...

For Setting up OIM API Environment on local desktop download any IDE like Eclipse and create a Java Project. Connect to the OIM Environment and download all the libs from OIM Server as below: <Oracle_IDM_Home>/designconsole/ext <Oracle_IDM_Home>/designconsole/lib <MW_home>/oracle_common/modules/oracle.jrf_11.1.1/jrf-api.jar <MW_home>/wlserver_10.3/server/lib/wlfullclient.jar Attach all these jars in the Java Build Path of the project. Then write a connection code to OIM. Sample code is as below: package com.oracle.oim; import java.util.Hashtable; import javax.security.auth.login.LoginException; import oracle.iam.platform.OIMClient; public class Connection  { public OIMClient OimConnection()    { oracle.iam.platform.OIMClient oimClient = null; try  {        Hashtable<Object, Object> env = new Hashtable<Object, Object>();       ...

For Auto Approving the self register user we need to do below steps: 1. Create an Event handler to Prepopulate the organisation key for the users. 2. Create an auto approval policy for Request level self register users. 3.  Create an auto approval policy for Operational level self register users. Create an Event handler to Prepopulate the organisation  key for the users: Create a class to prepopulate the Organisation value. Below is the sample code to do that. package com.oracle.oim.utility.eventhandler; import java.io.PrintStream; import java.io.Serializable; import java.util.HashMap; import java.util.Set; import oracle.iam.identity.exception.OrganizationManagerException; import oracle.iam.identity.orgmgmt.api.OrganizationManager; import oracle.iam.identity.orgmgmt.vo.Organization; import oracle.iam.identity.usermgmt.api.UserManagerConstants; import oracle.iam.identity.usermgmt.api.UserManagerConstants.AttributeName; import or...

Oracle Identity Governance PS3: Main themes: 1)       Identity Services for Mobile and Extranet 2)       Comprehensive Role Management and Continuous Compliance 3)       Simplified and Scalable Provisioning 4)       Enhanced Privileged Access 5)       Enhanced Cloud integration Overall Goals, Themes & Features: 1)       Identity Services for Mobile and Extranet a)       Users can manage their devices, request for apps via the Enterprise App Store through the Governance self-service console b)       Birthright access to mobile apps and devices driven by Enterprise roles c)        Simplified deployment with LDAP as ID Store, no SOA and approvals d)       SCIM/ REST for Extranet-focused Identity Services ...

public class AccountManagement { OIMClient client=ClientOIM.initialise(); oracle.iam.provisioning.api.ApplicationInstanceService appInstanceService=client.getService(oracle.iam.provisioning.api.ApplicationInstanceService.class); ProvisioningService provisioningService=client.getService(ProvisioningService.class); ClientOIM oim=new ClientOIM(); public void provisionAccount(String accName,String userID) { try { if (accName!=null && !accName.equals("") && userID!=null && !userID.equals("") ) { ApplicationInstance appInstance=appInstanceService.findApplicationInstanceByName(accName); long appKey=appInstance.getApplicationInstanceKey(); System.out.println("AppKey is "+appKey); FormInfo formInfo=appInstance.getAccountForm(); String formKey=String.valueOf(formInfo.getFormKey()); System.out.println("formKey is "+formKey); HashMap parentData=new HashMap(); /*Madator...

public class OrgManagement { static OrganizationManager orgManager=null; static OIMClient client=null; static Organization organization=null; public static void createOrg(String orgName, String orgType) { try { client=ClientOIM.initialise(); if (orgName!=null && orgType!=null) { orgManager=client.getService(OrganizationManager.class); System.out.println("OrgManagement :: createOrg :: org is "+orgManager); HashMap<String, Object> mapAttrs = new HashMap<String, Object>(); mapAttrs.put(OrganizationManagerConstants.AttributeName.ORG_NAME.getId(),orgName); mapAttrs.put(OrganizationManagerConstants.AttributeName.ORG_TYPE.getId(),orgType); Organization org=new Organization(null,mapAttrs); orgManager.create(org); System.out.println("OrgManagement :: createOrg ::  Organization created"); } }  catch (OrganizationManagerException e) { // TODO Auto-generated catch block e.printStackTrace(); ...

Login to the identity console with existing Admin credentials (xelsysadm). Create a user to whom System admin roles have to be assigned. Click on the Organization and search for Top organization. Select the System Admin role from the Admin Roles tab and select assign from action. Search the newly created user and add selected. Click apply and user will be provided the system role. Other Admin roles can also be provided by same method.

By default the certification configuration is not seen when a Admin user logs into the sysadmin console. To see this configuration login to the sysadmin console -->System Configuration. In the system configuration tab search for System Property "Display Certification or Attestation" If both is given as the value then certification and attestation both will be shown. To show only certification or attestation provide the value of either certification or attestation. 

package com.oim.utilities; import java.util.HashMap; import oracle.iam.identity.rolemgmt.api.RoleManager; import oracle.iam.identity.rolemgmt.api.RoleManagerConstants; import oracle.iam.identity.rolemgmt.vo.Role; import oracle.iam.platform.OIMClient; public class RoleManagement  { static RoleManager roleManager=null; static OIMClient client=null; @SuppressWarnings("null") public static void createRole(String roleName){ System.out.println("RoleManagement :: createRole :: role name is "+roleName); try  { if (roleName!=null) { HashMap<String, Object> mapAttrs = new HashMap<String, Object>();; mapAttrs.put(RoleManagerConstants.ROLE_NAME, roleName); mapAttrs.put(RoleManagerConstants.ROLE_DISPLAY_NAME,roleName); mapAttrs.put(RoleManagerConstants.ROLE_DESCRIPTION, roleName); Role role = new Role(mapAttrs); // Initialising the OIM Connection client=ClientOIM.initialise(); System.out.println("RoleManagemen...

package com.oim.utilities; import java.util.HashSet; import java.util.Hashtable; import java.util.Set; import Thor.API.tcUtilityFactory; import oracle.iam.identity.exception.NoSuchUserException; import oracle.iam.identity.exception.SearchKeyNotUniqueException; import oracle.iam.identity.exception.UserLookupException; import oracle.iam.identity.usermgmt.api.UserManager; import oracle.iam.identity.usermgmt.vo.User; import oracle.iam.platform.OIMClient; public class ClientOIM { private static OIMClient oimClient = null;     private static tcUtilityFactory util = null;     static UserManager userManager = null;     private static String hostName = "oim.server.com";     private static String port = "14000";     private static String userName = "xelsysadm";     private static String password = "Welcome123";     private static String serverURL = "t3://" + hostName + ":" + port;     private ...

Login to the sysadmin console and create a new sandbox and activate it. Click on System Entities --> User and add new UDF field as Manager. Create Manager field as check box. After adding the field publish the sandbox. Add Custom Attributes to the User Interface (Create User Form): 1.       Log into the Self Service interface. Create and activate a sandbox 2.       Go to Administration --> Users and click Create 3.       Fill out the required fields; Last name, Organization, User Type 4.       Click Customize 5.       Click on View --> Source 6.       Note:  If you are asked “Are you sure you want to edit this task flow” , click Edit 7.       Click on showDetailHeader:  Other Attributes and click Add Content 8.       Click on Web Components --...