Categories
- All Categories
- Oracle Analytics Learning Hub
- 31 Oracle Analytics Sharing Center
- 22 Oracle Analytics Lounge
- 252 Oracle Analytics News
- 45 Oracle Analytics Videos
- 16.1K Oracle Analytics Forums
- 6.3K Oracle Analytics Idea Labs
- Oracle Analytics User Groups
- 93 Oracle Analytics Trainings
- 16 Oracle Analytics and AI Challenge
- Find Partners
- For Partners
ER: Support Seamless SSO to OAC with Keycloak Direct Grant (No IDCS Login Prompt)
We have federated Keycloak with OCI IAM (IDCS) using OIDC. (Followed:https://blogs.oracle.com/coretec/ssofederation-with-keycloak-and-idcs-andor-oci-iam-domains)
Users authenticate into WebApplication using Keycloak Direct Grant (API-based token login).
Current Behavior:
When users click the OAC link from WebApplication, they are redirected to the IDCS login page and must log in again before accessing OAC.
Expected Behavior:
Users should land directly on the OAC homepage without seeing the IDCS login screen, using SSO from Keycloak.
Observation:
- Direct Grant authentication does not create a browser session / Keycloak cookie
- OCI IAM → OAC requires a browser-based session
- Hence, re-login is prompted (expected by current design)
Enhancement Request:
Requesting support/enhancement to:
- Enable seamless SSO to OAC when authentication is done via Keycloak Direct Grant
- Or provide an alternative supported approach to bridge token-based authentication with browser SSO
Answers
-
Hi,
Ideas for features, enhancement request, should be posted in the Idea Lab:
That's where product management will be able to see your feature request and based on a number of factors (including up-voting by other users showing the interest in the feature) evaluate if, how, when to consider it for the product.
0
