Introduction:
We have seen how to configure Azure AD B2C as a Social IDP for Oracle OCI in my last article, however for the SSO we created a user account in an OCI directory manually. In this article, let’s explore the Just-In-Time (JIT) Provisioning, a process that automates the user creation process whenever the user account is not present in Oracle OCI. This not only saves time and effort but also ensures that user accounts are always up to date.
Enable JIT:
Step 1: Login to Oracle OCI
Step 2: Go to the Domain – >Select Security-> Identity Provider -> Select your IDP – > Edit IDP enable JIT as shown in the below figures.
With JIT enabled, it automated the user creation process for the first time whenever the user record is not available in IDCS. It reads the user information from the Azure AD B2C or any other integrated Social IDP’s user info endpoint. It syncs with the user attributes based on the user info mapping from the custom social Identity provider login metadata we created in the last article.
Step 3: To sync the email field, make sure the user settings “Primary email address required” are enabled.
Summary:
The article explores and gives you a step-by-step process to configure Just-In-Time (JIT) provisioning for Oracle Cloud Infrastructure (OCI) using Azure AD B2C as a social identity provider (IDP).
