Oracle Cloud Infrastructure Documentation

Understanding the Sign-In Options

This topic describes sign in options available to you when you sign up for an Oracle Cloud account.

About the Sign In Options

When you sign up for Oracle Cloud, Oracle creates a user for you in two different identity systems, giving you two options to sign in to Oracle Cloud Infrastructure.

Username and password are created in IDCS and OCI IAM service

When you want to use Oracle Cloud Infrastructure, you can choose which identity provider to sign in through:

Oracle Cloud Infrastructure IAM

Oracle Cloud Infrastructure includes its own identity service, called the Identity and Access Management service, or IAM, for short. When you sign up for an Oracle Cloud account, this service is included. A user is created for you in the IAM service with the username and password you selected at sign up. You are granted administrator privileges in Oracle Cloud Infrastructure so you can get started right away with all Oracle Cloud Infrastructure services.

Oracle Identity Cloud Service

Many other Oracle Cloud services, including Oracle Cloud Infrastructure, are integrated with Oracle Identity Cloud Service. When you sign up for an Oracle Cloud account, a second, separate user is created for you in Oracle Identity Cloud Service with the username and password you selected at sign up. You can use this single sign-on option to sign in to Oracle Cloud Infrastructure and then navigate to other Oracle Cloud services without reauthenticating. This user has administrator privileges for all the Oracle Cloud services included with your account.

Important

Manage the passwords separately

Although the credentials are identical in both systems when your account is created, the users are in separate identity management systems, and you manage them separately. If you change your password in the Oracle Cloud Infrastructure IAM, your password in Oracle Identity Cloud Service is not changed, and conversely.

When to Use Each Sign-In Option

If you plan to use Oracle Cloud Infrastructure services exclusively, it makes sense for you to use your direct sign-in credentials to the IAM service.

OCI sign-on gives you access to OCI services only

If you want to use other Oracle Cloud services that are managed through Oracle Identity Cloud Service, then sign in with your single sign-on credentials.

IDCS sign-on gives you access to OCI services and services managed through IDCS

More Information About Managing Users in Oracle Cloud Identity Providers

Managing Users in the IAM Service

Managing Oracle Identity Cloud Service Users and Groups in the Oracle Cloud Infrastructure Console

Adding Users