SSO Best Practice (SaaS , PaaS , OKTA)
We have three systems. Oracle SaaS , PaaS (OIC) and OKTA.
We were looking for best design to setup federation between all these three,
As i understand OKTA will be Identity Provider.
But a bit confused on the flow. SaaS and PaaS also needs to be federated for Oracle VBCS flow to work smoothly.
- SaaS should use OKTA as IDP or IDCS (of PaaS) as IDP ?
- Service Provider is SaaS or IDCS (of PaaS) ?
- How will the Sync work ?
- Will there be any additional cost because of this 3 way setup?
I could find documents on SaaS to PaaS / PaaS to OKTA but not for this three way config.