You have successfully configured identity federation between Oracle Cloud Infrastructure (OCI) and Oracle Identity Cloud Services (IDCS). A new project manager wants access to OCI for her team and provides the name of an existing group within IDCS to use when granting access.
How do you configure federation to allow the project team access to OCI resources?
When working with your IdP, your administrator defines groups and assigns each user to one or more groups according to the type of access the user needs. Oracle Cloud Infrastructure also uses the concept of groups (in conjunction with IAM policies) to define the type of access a user has. As part of setting up the relationship with the IdP, your administrator can map each IdP group to a similarly defined IAM group, so that your company can re-use the IdP group definitions when authorizing user access to Oracle Cloud Infrastructure resources. Here's a screenshot from the mapping process:
Currently there are no comments in this discussion, be the first to comment!