How to prevent local authentication of non supplier accounts within Supplier Portal?
I’m looking for guidance on how to better secure supplier access to the Oracle Fusion Supplier Portal.
Current Situation:
- There are two methods for supplier login:
- Create Suppliers in AD and provide them with an SSO Account: Secure, but costly and requires ongoing supplier account management.
- Create Suppliers as local accounts and have them login via the Non-SSO Login Page: A non-SSO sign on page for Suppliers can be opened by Oracle Support with an SR. It's easier to manage, but presents security risks—any user with a local password (not just suppliers) can potentially access Fusion through this page.
0