The Adaptive Authentication Service offers stronger multifactor (also referred to as second factor) authentication for sensitive applications that require additional security in addition to the standard user name and password type authentication.
The second factor can be a One Time Pin (OTP) or an Access Request (or push) Notification. After an initial successful user/password authentication, a Second Factor Authentication page is displayed from which the user selects the preferred method of second factor authentication.
The following options are available:
For using Oracle Mobile Authenticator in this post you must complete steps 1,2,7,8,9 from below post
In this post we will configure OAM for multi factor authentication with OTP through Email or SMS or Oracle Mobile Authenticator.
1. Enable “Adaptive Authentication Service”, login to OAM console –> Configuration –> Available Services
2. Configure AdaptiveAuthenticationPlugin
Click on AUthentication plugins from OAM Console
Search for plugin and click on it to edit properties
3. Edit below properties in AdaptiveAuthenticationPlugin
Click on Save
Make the same changes in
4. Add credentials for UMS in weblogic domain
Login to weblogic Enterprise Manager, go to domain –> security –> credentials
Expand OAM_CONFIG click on create key
Create umsKey as shown above and click ok.
5. Protect the resource
Go to application domain
Go to Authentication Policies –> Protected Resource Policy
Go to Advanced Rules –> Post Authentication and click on Add
Click Add and click on Apply
As we mentioned in configuration, make sure all below attributes are populated in user profile for testing all options.
This attribute description will be populated automatically when you setup Oracle Mobile Authentication as specified in https://oraidam.wordpress.com/2018/01/29/integrate-oam-11g-r2-ps3-and-oracle-mobile-authenticator/ at Step 8,9
Now hit the requested resource, you will be prompted for login using username and password for first factor authentication.
Supply username and password and click on Login. After successful login you will be prompted for option to choose for second factor login.
Select the option and click on OK.
Then supply pin for second factor authentication and click login to access protected resource