MFA for Oracle Access Manager

The guide below outlines the setup process to install the Okta Multifactor Authentication (MFA) provider for Oracle Access Manager. With this feature, customers can use OAM as their Identity Provider (IdP) to applications and also use Okta for MFA to provide a strong method of authentication for applications. For version history see Okta Oracle Access Manager Plugin Version History

Note: If you are currently using the RSA SecurID agent (v. 1.1.0 or below) you should upgrade to the latest version of the On-Prem MFA agent at your earliest convenience. For the latest version and version history, see Okta On-Prem MFA Agent Version History.


Requirements and versions

The Okta MFA Provider for Oracle Access Manager has been tested against the following:

Name Version
WebLogic Server 11g (
Oracle Access Manager 11g (
Operating System Windows Server
Java Runtime 1.7.0_80 or later

Note: Only applications which support Embedded Credential Collector (ECC) WebGates are supported.


Typical workflow



Configure MFA factors Within your Okta org, configure MFA factors for use with Oracle Access Manager.
Download the agent
  • Org admins will need to request Okta Support provide the download link for the Oracle Access Manager Plugin.
    For the agent version history, see Okta Oracle Access Manager Plugin Version History.

    Note: The downloaded plugin file must be in a location accessible from the Oracle Access Manager Console.
Install and configure the Oracle Access Manager plugin
Deploy OktaWidget.war
  • Using the Oracle WebLogic Server console, deploy the Okta OktaWidget war file.
Configure Module, Scheme and Policy
  • Using the Oracle Access Manager console, configure module, scheme and policy to protect the OAM resources.
Enable SSL on OAM servers
  • Optionally, using the WebLogic Server console, enable SSL (HTTPS) on OAM servers.