Skip Navigation
Expand
Collapse
Submit a Service Request
Contact Information for Technical Support
My Service Notifications
  • Advanced SearchOpens new dialog
    Enter plus (+) or minus (-) signs in search terms to make a word required or excluded
    Search Tips
    Filter by product
    Filter by category
Setting up Intelligent Advisor Identity management with IDCS
Answer ID 12938   |   Last Review Date 12/19/2024

How do I setup IDCS as the Identity Provider on your Intelligent Advisor site?

Environment:

Intelligent Advisor, IDCS

Resolution:

Below you can find a basic guide on how to setup IDCS as the Identity Provider on your Intelligent Advisor site. It is the recommended that the first user assigned via IDCS is using the same email address as the IDCS user - an administrator for both Intelligent Advisor Hub and IDCS.

A. Prerequisites in Intelligent Advisor Hub:
  1. Login with an administrator user, such as the out of the box 'admin' user. This is preferably not your own user, as this will best be assigned via IDCS in the steps below.
  2. Ensure the user you want to set up with IDCS doesn't already exist in the Intelligent Advisor Hub under Permissions > Users. If it already exists, it should be deleted. 
  3. Make sure an API user to be used with this integration..
    - exists under Permissions > API clients
    - is enabled
    - has the Permissions administrator box checked
    Click on the API username and take note of the values below, you will need them when setting it up in the IDCS portal:
    1. Client identifier
    2. Client secret
 
B. Setting up configuration and users in IDCS portal:
 
a. Configuring the Intelligent Advisor connection in IDCS:
  1. Go to Integrated Applications > click Add application > Launch App Catalog > search for Intelligent Advisor > Add
  2. In first step Add application details, under Intelligent Advisor Server Name, add your Intelligent Advisor vhost. Make sure that this does not include the 'https://' - it should be in this format: site-name.custhelp.com. Click Next
  3. In second step Configure OAuth, for these fields change the value "${app.serviceParams[name='OPAServerName']}" to your Intelligent Advisor vhost name (e.g. site-name.custhelp.com/), for example:
  4. In third step Configure provisioning > click Enable provisioning and make sure the button is activated. Fill in the fields, for example:
    1. Host name: site-name.custhelp.com (the site-name should be changed to your own site name and make sure that this does not include the 'https://')
    2. Client ID: this is the Client identifier you noted from the Hub in previous point 2.a.
    3. Client Secret: this is the Client secret you noted from the Hub in previous point 2.b.
  5. Click Test connectivity. The expected result is Connection successful. If you are getting an error, double check the values you added and make the relevant adjustments.
  6. Click Finish
     
    Common issue: The most common reason why connectivity test is failing is because 'https://' has been added under points #2 or #4.a
b. Adding users in IDCS portal:
  1. Go to IDCS > Integrated applications > Intelligent Advisor > Users
  2. Click the Activate button
  3. Click Assign users and add the user you want to give access to the Hub via IDCS login (your user)
     
    Common issue: The Account creation failed error message at this step generally indicates that there already exists a user name with this email address in the Intelligent Advisor Hub. See point 2, section A. 
     
  4. Since you just added your new Hub user via IDCS, but the IDCS connection is not completed, you will have to login to the Hub with a regular password for this user. You should already be logged into the Hub with an admin account, so go to Permission > select the user and:
    1. Set the appropriate permissions (preferable at least Permissions administrator role)
    2. Change password if needed

C. Setting up IDCS configuration in Intelligent Advisor Hub portal:

  1. Login to the Intelligent Advisor Hub using the new user you just assigned via IDCS.
  2. Go to Permissions > Actions > Identity management settings > Select Users are managed by an OCI IAM identity domain
  3. Set the fields accordingly:
    1. Domain URL: found in IDCS portal under Identity domain > Overview
    2. Client ID: found in IDCS portal under Identity domain > Integrated applications > Intelligent Advisor > General Information
    3. Client Secret: found in IDCS portal under Identity domain > Integrated applications > Intelligent Advisor > General Information > Show secret
    4. Client primary audience: should already be filled in with the value https://site-name.custhelp.com
  4. Click Apply
Note: If you leave the page and return, if the settings are not saved, it means not all values have been set up correctly and you need to verify the values above before setting it up again. 

Once you logout of the Intelligent Advisor Hub following these changes, next time you login you will be required to input the IDCS credentials. 
 
Relevant documentation can be found at the links below:

Was this answer helpful?

Still have questions?

Notify Me
Forgot your username or password?
The page will refresh upon submission. Any pending input will be lost.