Server Administration 4-23 ■ Target URL query parameter for Oracle Identity Federation it is TARGET. The parameter contains the URL on which the user lands after a successful sign-on. ■ ProviderID URL query parameter for Oracle Identity Federation it is providerid. The parameter contains the SP providerID when SP initiates a SAML1.x SSO ■ SourceID required for the artifact profile. The value is obtained from the IdP metadata, from tag saml1md:SourceID As SP, needs to send to peer provider IdP: ■ ProviderID https:server_name:server_portfedsp ■ Signing Certificate if signing SOAP requests ■ Assertion Consumer URL The URL to which assertions should be sent https:server_name:server_portfedspsamlv11sso

4.4 Configuring Identities

Use this page to locate and manage user and federated identities, and to maintain search options. ■ About Federated Identities ■ Identities - Federations ■ Identities - Users ■ Identities - Search Options

4.4.1 About Federated Identities

When a user performs SSO for the first time, and Oracle Identity Federation is configured with a federation data store, it creates a federation record for the user containing information about the federated identity. This includes: ■ the Username – the User ID with which Oracle Identity Federation identifies the user. ■ the User description – the user description ■ the IdP Provided Name ID – the Name ID provided by the identity provider when SSO was performed ■ the IdP Provided Name ID Format – the format of the Name ID provided by the identity provider. This field will be empty if the format is persisent. ■ the IdP Provided Name ID Qualifier - the Name ID qualifier, optionally provided by the identity provider. ■ the Protocol Version – the protocol version used when performing SSO. ■ the SP Provided Name ID – the Name ID provided by the service provider. This will be blank when the federation is created. ■ the SP Provided Name ID Format – the format of the Name ID provided by the service provider. This field will be empty if the format is persisent. ■ the SP Provided Name ID Qualifier – the Name ID qualifier, optionally provided by the service provider. Note: Liberty 1.x support is deprecated. 4-24 Oracle Fusion Middleware Administrators Guide for Oracle Identity Federation ■ the SP Provided Name ID Version - the version of the SP Name ID. ■ the Provider ID – the provider ID of the peer provider with which SSO was performed. ■ the Federation Type – the type of federation that was created. It can have one of these values: – 1 - federation between this server as an IdP and an SP – 2 - federation between this server as an IdP and an Affiliation – 3 - federation between this server as an SP and an IdP – 4 - federation between Oracle Internet Directory server as an Affiliation and an IdP. When the identity provider updates a federation by performing a Manage Name ID MNI operation, the value of the following fields is updated: ■ the IdP Provided Name ID ■ the IdP Provided Name ID Format ■ the IdP Provided Name ID Qualifier ■ the Protocol Version When the service provider updates a federation by performing a Manage Name ID MNI operation, the value of the following fields is updated. ■ the SP Provided Name ID ■ the SP Provided Name ID Format ■ the SP Provided Name ID Qualifier ■ the SP Provided Name ID Version The following fields will be empty when the federation record is created: ■ the SP Provided Name ID Format. ■ the SP Provided Name ID Qualifier. ■ the SP Provided Name ID Version.

4.4.2 Identities - Federations

Use this page to locate and maintain federated identity records. Simple Search The following search fields are provided: ■ Provider ID: Enter a Provider ID and click Lookup to choose the correct ID from a list of trusted providers. Entering a Provider ID in this field will limit the search to