Oracle Cloud Infrastructure Documentation

Understand Oracle Integration Federation

If your cloud account does not use identity domains, Oracle Cloud Infrastructure Identity and Access Management (IAM) must be federated with Oracle Identity Cloud Service (IDCS) for your tenancy.

Does not use identity domains This topic applies only to tenancies that do not use identity domains. See Differences Between Tenancies With and Without Identity Domains.

User federation refers to linking a user's identity and attributes across multiple identity management systems. Oracle Integration federation means that identities are linked in IDCS and Oracle Cloud Infrastructure Identity and Access Management (IAM).

Oracle Integration uses both Oracle Identity Cloud Service (IDCS) and Oracle Cloud Infrastructure Identity and Access Management (IAM) to manage users and groups:

  • Create and manage users in Oracle Identity Cloud Service. By default, most tenancies are federated with Oracle Identity Cloud Service. For more information about Oracle Identity Cloud Service, see Understanding Administrator Roles in Administering Oracle Identity Cloud Service.

  • Manage permissions using policies in Oracle Cloud Infrastructure's IAM service.

For background information on federation with Oracle Identity Cloud Service, see Federating with Identity Providers and Federating with Oracle Identity Cloud Service.

Whether your tenancy needs federation depends on several factors, such as when your cloud account was created and the Oracle Integration version you're provisioning. Your tenancy may be:

  • Already fully federated: Nearly all accounts in regions that have not yet been updated to use identity domains fall into this category. You'll follow standard steps to set up users and groups, as described in the topics in this section.

  • Mostly federated: If you have an older account that was created before 21 December 2018, you may need to complete a final federation step. You'll follow steps to set up users and groups, as described in the topics in this section. At the mapping step (Map the IDCS and IAM Groups), you'll be asked to enter information.

  • Needing federation: If you’re configuring Oracle Integration with a government SKU in a commercial data center, you'll likely need to perform manual federation steps as part of setting up users and groups. See Manually Federate Your Tenancy.

Not sure about your federation? See Is My Tenancy Federated Between Oracle Cloud Infrastructure IAM and Oracle Identity Cloud Service?