Add an Oracle E-Business Suite application

Oracle eBusiness Suite can be integrated with Access Gateway in one of two ways, typically referred to as Classic and Rapid.

  • With Classic, Oracle EBS Oracle Access Gate and either Oracle Internet Directory (OID) or Oracle User Directory (OUD) are required.
  • With Rapid, Oracle EBS requires a set of EBS credentials and an EBS DCS file.

This application uses header variables to exchange user information. Access Gateway provides a sample header application. See Add a generic header application and Add a sample header application.

Architecture

EBS Rapid flow EBS Classic Flow

EBS Rapid process flow

  1. User sign in
  2. Send EBS user identity
  3. Verify EBS user (which generates Access Gateway EBS session)
  4. Redirect to EBS with the EBS session cookie

EBS Classic process flow

  1. User sign in
  2. Send EBS user identity
  3. Look up GUID using EBS user identity
  4. Send GUID (header) to Oracle Access Gate (which generates an EBS cookie)
  5. Redirect to EBS with EBS session cookie
For details, see Oracle E-Business Suite with Access Gateway Rapid SSO reference architecture For details, see Oracle E-Business Suite with Access Gateway Classic SSO reference architecture
Oracle E-Business Suite applications differ from traditional applications in that Access Gateway creates and provides a EBS session cookie used by subsequent EBS calls. Access Gateway does not reverse proxy all EBS requests as is done with other application types.

Before you begin

Ensure that:

  • Access Gateway is installed and configured. See Manage Access Gateway deployment.
  • Access Gateway uses your Okta tenant as an Identity Provider (IdP). See Configure your Okta org as an Identity Provider.
  • You have administrator rights on your Okta tenant and can create groups and assign applications.
  • The external app version is supported. Oracle E-Business suite supported versions include:
    • v12.1
    • v12.2

For Classic process flow, ensure that:

  • Oracle E-Business Suite(EBS) is configured with Oracle Access Gate and Oracle Internet Directory (OID) or Oracle User Directory (OUD).

For Rapid process flow, ensure that:

  • Oracle E-Business Suite(EBS) is configured and available.
  • DBC File has been created by the Oracle EBS owner and is available to the Access Gateway administrator. See Add an Oracle E-Business Suite application for instructions on how to configure Oracle E-Business Suite for Rapid SSO.

    Rapid EBS SSO uses domain cookies to communicate between Access Gateway and the EBS server. The domain used by the protected service and the externally facing instance of the gateway must share the same domain.

  • EBS_USER is mapped to an Okta tenant user.

Typical workflow

Task Description
Create a containing group
  • Best practice, create an optional group to be assigned to the application.

[Rapid Only] Configure EBS for use with Access Gateway.
  • Configure Oracle EBS for use with Access Gateway and generate the required DSC file.
Create the EBS application
  • Create an application for either Rapid or Classic EBS SSO.
Test the application
  • Test the application.
Troubleshoot
  • When required troubleshoot the integration.