Oracle EBS SSO Integration with Azure AD

Oracle EBS SSO solution enables Single Sign-On between Oracle EBS and Azure AD with the highest security. In simpler terms, you’ll log in to your Oracle EBS Instance using your Azure AD credentials. You don’t have to maintain a username — password for Azure AD and Oracle EBS differently.

Oracle EBS SSO is highly recommended for improved Security and better User experience. SSO is also a mandatory requirement for IT Security Audits in Oracle E-Business Suite. Oracle EBS SSO is traditionally enabled with Oracle Access Manager — OAM and Oracle Internet Directory — OID. With miniOrange Oracle EBS SSO Connector, OAM and OID licenses aren’t required to enable Oracle EBS SSO which indirectly reduces operational cost.

Why is Azure AD required to integrate SSO for Oracle Business Suite?

Azure AD has the best integration support with the cloud applications which results in a perfect solution to configure SAML 2.0 with Azure to supply the required federated SSO integration for Oracle EBS.

In a normal use case, once you move your E-Business Suite application to the cloud and provide access to the application through Microsoft Azure AD, then you have to sign indifferently for both Azure portals as well as E-Business Suite applications.

Connect with any IDP (miniOrange, OKTA, Azure, ADFS, etc) of your choice

miniOrange’s Federated SSO makes the integration seamless and allows the users to authenticate only once to access multiple applications, without signing in separately to access each application.

Oracle EBS SSO Integration with Azure AD

Oracle E-Business Suite (EBS) SSO by miniOrange can be successfully integrated with multiple Azure Platforms like Azure Active Directory (Azure AD), Azure ADFS in Microsoft Azure with multiple Gateway options.

Oracle EBS and other Oracle Applications — PeopleSoft, Siebel, JD Edwards do not natively support any Single Sign-On integration with standard SSO protocols like SAML or OAuth 2.0.

Azure AD offers SSO integration using the SAML 2.0 standard; this allows Azure AD to act as a SAML Identity Provider (IdP), and miniOrange as a SAML Service Provider (SP). The miniOrange Oracle EBS Connector acts as a gateway between Azure AD, your desired SSO platform, and Oracle EBS, to provide SSO. miniOrange Azure SSO experience is equivalent to any other SAML Single Sign-On Integrations. On top of SSO, you can add extra security with Multi-Factor Authentication — MFA after a successful Azure AD SSO Login. We support 15 + multi-factor authentication methods: OTP over SMS and Email, QR Code, miniOrange Authenticator, Google Authenticator, Hardware Token, and more.

How does Oracle EBS SSO Authentication work with Azure AD?

This architecture diagram covers a pattern for setting up the miniOrange EBS Connector and E-Business Suite with miniOrange Identity Platform and Azure AD to provide secure SSO login integration. Here miniOrange Identity Platform acts as a bridge between Oracle EBS and Azure AD.

Oracle EBS SSO Authentication workflow

The following steps explain the authentication flow between the various components: (Azure AD, miniOrange Identity Platform, miniOrange Oracle EBS Connector)

  1. Firstly, the user sends the request to access their Oracle E-Business Suite.
  2. Oracle EBS redirects the request to the miniOrange SSO Connector for authentication.
  3. The connector now redirects the user to the miniOrange Identity Platform.
  4. The miniOrange Identity Platform prompts the user to enter their Azure AD credentials.
  5. miniOrange Identity platform forwards the user’s credentials to the Azure AD for authentication.
  6. Azure AD authenticates the user and sends responses with the confirmation.
  7. The Identity Platform sends the username/email to the EBS connector.
  8. The connector checks the value of the username/email received from Identity Platform against the FND_USER table in the EBS Database.
  9. After successful authentication, the user is redirected to the Oracle E-Business Suite portal as a logged-in user.

miniOrange’s Oracle SSO Identity federation helps enterprises reduce cost because user accounts don’t have to be created and managed separately in each identity management system (IDP) differently. The user-synchronization process ensures that identities are propagated to all or any federated systems.


Supports multiple Oracle Apps Versions

EBS Azure SSO can be easily configured for multiple Oracle Apps versions — 11i, R12, and R12.2.

OAM and OID not mandatory

Oracle Access Manager — OAM and Oracle Internet Directory — OID licenses are not mandatory to integrate SSO between Oracle and Azure AD.

EBS SSO Integration with variant IDP support

Along with Azure AD, miniOrange extends support for other IDPs (Identity Providers) like Google, Okta, OneLogin, Ping Identity, Centrify, LDAP, Radius, and many more for SSO Integration.

Seamless SSO support for Oracle Platform

With Azure AD SSO Integration miniOrange opens up support for diversified Oracle-based Platforms — PeopleSoft, Siebel, JD Edwards, Hyperion, EPM Suite, etc.

Further Reading

miniOrange Single Sign-On (SSO) & Multi-Factor Authentication (MFA) solution for more than 5000+ pre-integrated applications