Anypoint Platform Single Sign-on (SSO) SAML Configuration with Oracle IDCS – PART 1
It is very common to have the need to login into the Anypoint Platform console (https://anypoint.mulesoft.com) using what the customer already has in terms of an Identity Provider and an Identity Repository (LDAP). This could be for different reasons, such as:
Promote the current Single Sign-on (SSO) functionalities, provided by the customer’s Identity Provider.
Avoid the creation of new credentials and therefore, have the user memorize a new set of user/password to connect to Anypoint Platform.
It is also common for customers to use OKTA, OpenAM, AWS Cognito, Microsoft Azure, etc. as their Identity Provider. And with it, it is normal to configure Anypoint Platform to connect with them using OpenID or SAML. I have another post (in Spanish) on how to make the connection with OKTA and Anypoint Platform. You can find it here.
On the internet, you will find information about how to configure SSO for Anypoint Platform, but with Identity Providers like OKTA or the ones I’ve mentioned at the beginning of this article.
In this post, we will talk about how to do it using Oracle Identity Cloud Services (IDCS), which is another Identity Provider alternative, and it may be an interesting one, if you are using MuleSoft to connect to Oracle SaaS Applications, for example.
The prerequisites for making this configuration are:
An active Anypoint Platform Instance. It can be a 30-day trial.
An active Oracle Identity Cloud Services tenant (can be a 300 credits free trial).
Some knowledge on SAML 2.0.
Understanding the role of an Identity Provider and a Service Provider. You can read this article to understand their differences.
In our case, Anypoint Platform is acting as the Service Provider and Oracle IDCS is working as the Identity Provider (IdP).
The first thing we need to do is to create an application in Oracle Identity Cloud Service that will generate the metadata that later we will import into Anypoint Platform.
Let’s do it!
Log in into your Oracle IDCS tenant and create a new application:
Click on SAML Application, the following screen will appear:
Fill in the parameters:
Name: This can be anything and is the name that will represent your Application. In my case: MuleSoft Anypoint Platform
Application URL/Relay State: This needs to be https://anypoint.mulesoft.com
Then click on the Next button:
At the top of the next screen you will see this:
Click on Download Identity Provider Metadata. That will generate an XML file with all the information from the Identity Provider (IDCS), which we will use to import at Anypoint Platform.