The Provisioning Bridge provides a link between
your on-premises apps and Oracle Identity
Cloud Service.
Through synchronization, account data created
and updated directly on the apps is pulled
into Oracle Identity Cloud Service and stored
for the corresponding users.
After users are synchronized from your on-premises
apps into Oracle Identity Cloud Service,
you can also use the Provisioning Bridge to
manage the lifecycle of users in the apps.
This includes creating, modifying, deactivating,
activating, and removing users and their profiles
across the apps.
Ann Rob is a user who's been synchronized
from Oracle E-Business Suite to Oracle Identity
Cloud Service through the Provisioning Bridge.
When Ann goes on vacation, the Oracle Identity
Cloud Service administrator can deactivates
her account.
Also, because she just got a promotion, she’s
assigned to different roles and responsibilities.
She’ll have the Security Administrator role,
and the the Training Administrator and timecard approver
responsibilities.
The Provisioning Bridge propagates these changes
into Oracle E-Business Suite.
Let’s show you how to how to do this.
First, sign in to the Identity Cloud Service
console with your administrative credentials.
Expand the Navigation Drawer, and then click
Applications.
Click the Oracle E-Business Suite app
and then the Provisioning tab.
The Associate with Provisioning Bridge area
has the Vision Provisioning Bridge that’s
assigned to this app.
The Configure Connectivity area has the
information that this Provisioning Bridge
requires to connect to the app as an administrator
for provisioning and synchronization.
This information includes the administrator’s
user name, password, and JDBC connection string.
Click Test Connectivity.
If a connection to Oracle E-Business Suite
can be established, then the Connection successful
message appears.
Let’s see predefined attribute mappings
between the users in Oracle Identity Cloud
Service and the users in Oracle E-Business
Suite.
Click Attribute Mapping.
The Attribute Mapping window has attribute
mappings.
These mappings include the user’s user name,
email address, activation status, and start
date.
When a user is provisioned to Oracle E-Business
Suite, the current date is the user's start
date.
You can add attribute mappings by clicking
Add Row. However, for this video, all required
attributes are mapped.
Let’s close this window.
The Select Provisioning Operations area has
the provisioning operations that are enabled
or disabled for Oracle E-Business Suite.
These operations include creating, updating,
activating or deactivating, and deleting a
user in Oracle E-Business Suite.
The Configure Synchronization area has the
information that the Provisioning Bridge uses
to synchronize with Oracle E-Business Suite.
The User Identifier list shows the Oracle
Identity Cloud Service user attribute that
will be used to match the corresponding record
fetched from Oracle E-Business Suite.
The Application Identifier list shows the
Oracle E-Business Suite user attribute that
will match with the existing Oracle Identity
Cloud Service user.
The When exact match is found list shows what
will happen when a matching Oracle Identity
Cloud Service user is found for an Oracle
E-Business Suite user.
For this example, Link and confirm appears
in the list, so the user will be linked automatically.
The Synchronization Schedule list shows how
often the Provisioning Bridge will synchronize
with Oracle E-Business Suite.
Because we’re going to run the synchronization
job manually, Never appears in this list.
Let’s synchronize Ann Rob along with her
roles and responsibilities from Oracle E-Business
Suite to Oracle Identity Cloud Service.
Click the Import tab, and then Import.
A status of Running means that the job that
Oracle Identity Cloud Service uses to synchronize
Ann from Oracle E-Business Suite is running.
After this synchronization is completed, the
job status changes to Succeeded.
Click the Users tab.
Ann Rob was synchronized from Oracle E-Business
Suite to Oracle Identity Cloud Service.
An account now exists for Ann in both Oracle
E-Business Suite and Oracle Identity Cloud
Service.
Let’s provision an Oracle E-Business Suite  role and responsibility for Ann. Click Users.
Ann Rob's account, the access tab, the action menu
for the Oracle E-Business Suite app, and edit.
Click Add.
Select the Security Administrator role, and
then OK.
Do the same to provision the time card approval
responsibility to Ann.
Let’s see that this role and responsibility
are provisioned to Ann in Oracle E-Business Suite.
First, sign in to the Oracle E-Business Suite
console with your administrative credentials.
Navigate to the Users page for Vision Enterprises,
Ann Rob’s company.
Enter Ann’s user name in the User Name
field,
click Go and then Update.
Verify that you see the Security Administrator
role and the Time card Approval responsibility.
Let’s assign a responsibility to Ann in
Oracle E-Business Suite and synchronize it
into Oracle Identity Cloud Service. Click
Assign Roles.
Search for the Training Administrator responsibility,
and then select it.
Enter the reason why Ann needs this responsibility.
Click Save, and then Apply.
Let’s synchronize this responsibility for
Ann into Oracle Identity Cloud Service.
In the Identity Cloud Service console, access he Oracle E-Business Suite app
Click the Import tab, and then Import.
A status of Running appears for the job that’s
used to synchronize the Training Administrator
responsibility from Oracle E-Business Suite
to Oracle Identity Cloud Service.
After this responsibility is synchronized,
the job status changes to Success.
Let’s see that the Training Administrator
responsibility is now assigned to Ann in
Oracle Identity Cloud Service.
The state of Ann's roles and responsibilities
is synchronized between Oracle E-Business
Suite and Oracle Identity Cloud Service.
Let’s use Oracle Identity Cloud Service
to revoke access rights that Ann has to
both the Security Administrator role and the
Training Administrator responsibility.
Click X to the right of both the
role and the responsibility, and then click Save.
In the Users page of the Oracle E-Business
Suite console, enter Ann’s user name.
In the User Name field, click Go and then
Update.
Verify that in the Roles tab of the Users
page, the status of both the role and responsibility
that you revoked for Ann changed from Assigned
to Inactive.
Let’s use Oracle E-Business Suite to revoke
access rights that Alice has to the time card
Approval responsibility and then synchronize
this change into Oracle Identity Cloud Service.
Expand the responsibility.
Enter a reason why Ann no longer needs this
responsibility, enter today's date in the active to field, click Save, and
then Apply.
By entering today's date in the field, you're revoking the access that Ann
has to the responsibility. In the Identity Cloud Service console, access the Oracle E-Business Suite app
Click the Import tab, and then Import.
Verify that you see a status of Running for
the synchronization job.
After the revocation of the Timecard Approval
responsibility for Ann is synchronized into
Oracle Identity Cloud Service, the status
of this job changes to Succeeded.
Let’s see that this responsibility
isn’t assigned to Ann in Oracle Identity
Cloud Service.
The state of the revocation of Ann's roles
and responsibilities is synchronized between
Oracle E-Business Suite and Oracle Identity
Cloud Service.
Let's use Oracle Identity Cloud Service to
revoke Ann's access to Oracle E-Business
Suite, and then verify in Oracle E-Business
Suite that her access is revoked.
Select the check box for Ann Rob, click
Revoke, and then OK.
In the Users page of the Oracle E-Business
Suite console, enter Ann’s user name in
the User Name field, and then click Go.
Ann's status in Oracle E-Business Suite
is now Inactive.
And now you know how use the provisioning
bridge to synchronize users between your on-premises
apps and Oracle Identity Cloud Service.
Learn more at docs.oracle.com
