MFA for Oracle Access Manager
The guide below outlines the set-up process to install the Okta Multifactor Authentication (MFA) provider for Oracle Access Manager. With this feature, customers can use OAM as their Identity Provider (IdP) to applications and also use Okta for MFA to provide a strong method of authentication for applications. See Okta Oracle Access Manager Plugin Version History
The Sign-In Widget (third generation) doesn't support multifactor authentication for third-party agents.
If you're currently using the RSA SecurID agent (version 1.1.0 or earlier), upgrade to the latest version of the On-Prem MFA agent. See Okta On-Prem MFA Agent Version History.
Requirements and versions
The Okta MFA Provider for Oracle Access Manager has been tested against the following:
| Name | Version |
|---|---|
| WebLogic Server | 11g (10.3.6.0) |
| Oracle Access Manager | 11g (11.1.2.0.0) |
| Operating System | Windows Server |
| Java Runtime | 1.7.0_80 or later |
Note: Okta only supports applications that support Embedded Credential Collector (ECC) WebGates.
Typical workflow
|
Task |
Description |
|---|---|
| Configure MFA factors | Configure MFA factors for use with Oracle Access Manager. |
| Download the agent | Org admins need to request that Okta Support provide the download link for the Oracle Access Manager Plugin. The downloaded plugin file must be in a location that the Oracle Access Manager Console can access. |
| Install and configure the Oracle Access Manager plugin | Install and configure the plugin for Oracle Access Manager. If required, manually activate the OAM plugin. |
| Deploy OktaWidget.war | Using the Oracle WebLogic Server console, deploy the Okta oktawidget.war file. |
| Configure Module, Scheme and Policy | Using the Oracle Access Manager console, configure module, scheme, and policy to protect the OAM resources. |
| Enable SSL on OAM servers | (Optional) Use the WebLogic Server console to enable SSL (HTTPS) on OAM servers. |