Oracle E-Business Suite with Access Gateway Classic SSO reference architecture

This reference architecture describes the components, flow and version requirements for integrating Oracle E-Business Suite and Access Gateway when configured for EBS Classic SSO.

Topics:

Architecture



EBS classic flow

Flow

  1. User signs in.
  2. Send EBS user identity to Access Gateway.
  3. Using data store lookup UID using EBS user identity.
  4. Send USER_ORCLGUID (within header) to Oracle AccessGate.
    AccessGate generates and EBS session cookie.
  5. Redirect to EBS with EBS session cookie.
  6. EBS validates the cookie and establishes the EBS application session.

Components and requirements

Component Description and requirements
Okta Access Gateway All versions of Okta Access Gateway support Oracle E-Business Suite when configured as Access Gateway Classic EBS.
Oracle E-Business Suite

Supported versions:

  • v12.1
  • v12.2
Okta Access Gateway Data Store Data store configured within Access Gateway and used to connect Oracle Internet Directory (OID) or Oracle Unified Directory (OUD). Provided with EBS user and returning value used as USER_ORCLGUID.

Okta attributes

USER_NAME, in email address form.

Header attributes

Header attributes passed by Access Gateway to the Oracle AccessGate to return EBS cookie session.

  • USER_NAME
  • USER_ORCLGUID
External URL External URL specified by the Public Domain field within Access Gateway.
For example: ebs-external.example.com
Internal URL Internal URL and port specified by the Protected Web Resource field within Access Gateway.
For example: ebs-internal.example.com:8000

Oracle AccessGate URL

URL and port used to access instance of Oracle AccessGate.
For example:ebs-accessgate.example.com:6801

Oracle OID/OUD URL URL and port used to access instance of either Oracle Unified Directory or Oracle Internet directory.
For example: ebs-oid.example.com:3060