Add an Oracle JD Edwards application

The purpose of this tutorial is to go through the process of setting up an Oracle JD Edwards application with Okta through the Access Gateway Admin UI.



This application is part of a class of applications which exchange user information using header variables. See Add a generic header application for more information about the Access Gateway generic header application.

Access Gateway also provides a sample header application. See Add a sample header application.

Before you begin

Ensure that:

  • Access Gateway is installed and configured for use.
    See Manage Access Gateway deployment.
  • Access Gateway has been configured to use your Okta tenant as IDP.
    See Configure your Okta tenant as an Identity Provider for more information about configuring your Okta tenant as an IDP.
  • You have administrator rights on your Okta tenant and can assign applications to users and create groups.
  • You have access to the JD Edwards EnterpriseOne Server Manager Management console and can configure Single Sign-On.
  • The external app version is supported. Supported JD Edwards app versions include:
    • v9 or later


What’s covered in this guide

  1. Enable Single Sign-On in JD Edwards EnterpriseOne console
  2. Create the application in Access Gateway
  3. Configure the application
  4. Test the application


Enable Single Sign-On in JD Edwards EnterpriseOne console

To enable single sign-on in the JD Edwards environment:

  1. Sign in to the JD Edwards EnterpriseOne Server Manager Management console as an administrator.
  2. In Select Instance, select EnterpriseOne HTML Server.
  3. In the Configuration tile, select View as Advanced, and then click Security.
  4. Select the Enable Oracle Access Manager check box, and then enter in theOracle Access Manager Sign-Off URL field.
    In the Security Server Configuration section, click Apply.
  5. In Select Instance, select EnterpriseOne HTML Server,
  6. Click Stop and confirm that you want to stop the managed instance.
    If a message indicates that the web server configuration (jas.ini) is out-of-date, click Synchronize Configuration.
  7. Click Start and confirm that you want to start the managed instance.

Create the application in Access Gateway

To create the application in Access Gateway:

  1. Sign in to the Access Gateway Admin UI console.
  2. Click the Applications tab.

  3. Click +Add to add a new application.

  4. From the Application menu, select Oracle JD Edwards Enterprise One, and click Create.

    Select JDEdwards and click Create

Configure the application

To configure the Access Gateway JD Edwards application.

  1. In the Essentials pane enter:
    LabelThe name of the application,
    For example: JD Edwards
    Public DomainThe external facing URL of the application.
    For example: https://jde-external.<>
    Protected Web ResourceThe URL and port combination of the Oracle JD Edwards Implementation that is being protected.
    For example: http://jde-app.domain.tld:7005
    Post Login URL

    Enter an appropriate target URL.
    For example https://jde-external.<>.com/jde/owhtml.


    Note: Post Login URL may contain other elements specific to the implementation.


    GroupThe group containing users who can access the JD Edwards instance.
  2. Important Note


    While optional, Okta recommends that all applications include certificates.
    See About Access Gateway certificates for general information about certificate.
    See Certificate management tasks for a general task flow for obtaining and assigning certificates.  

  3. Expand the Certificates tab.


    By default a wild card self signed certificate is created and assigned to the application when the application is initially created.

  4. Optional. Click Generate self-signed certificate

    A self-signed certificate is created and automatically assigned to the application.
  5. Optional. Select an existing certificate from the list of provided certificates.
    Use the Search field to narrow the set of certificates by common name.
    Use the page forward (>)and backward(<) arrows to navigate through the list of available certificates.

  6. Click Next. The Attributes pane appears.

    For detailed information on the attribute options, see Application attributes .

  7. Confirm the IDP login attribute.


    By default the JD Edwards application template login field as the JDE_SSO_UID header. Change the value of the header field if required. Add additional header fields required by the application.

  8. Click Next. The Policies pane displays.

    SeeAdvanced Access Gateway policy

  9. On the root policy row, click the Edit icon.
  10. Expand the Advanced sub-tab.
  11. In the Custom configuration tab, enter a proxy redirect for the target JD Edwards application.
    For example:
    proxy_redirect http://jde-app.domain.tld:7005 https://$host:$server_port;
  12. Click Not validated when complete.

    If all values are entered correctly, the Not Validated button will change to Validated.

  13. Click Okay.
  14. Click Done.


Test the application

  1. Click Go to application and select SP Initiated or IDP Initiated from the drop-down box associated with the application.
    Test the application

    Test the application



    Your Okta tenant administrator may need to assign the application to you.

    Also, if you don't already have an active session for Okta open in your browser, you may be prompted to sign in to your Okta account and provide credentials.

  2. Verify that you are logged into Oracle JD Edwards application correctly.

Related topics