Oracle Identity Manager 11g: Develop Identity Provisioning

iWare Logic > Training  > Course Catalog > Oracle Identity Manager 11g: Develop Identity Provisioning

Duration: 5 Days

What you will learn
This course begins with a refresher of concepts associated with identity management, identity administration and Oracle Identity Manager 11g R2. Through hands-on training, you’ll deep dive into the following concepts.

Learn To
  • Perform direct provisioning and automated provisioning.
  • Manage key provisioning functionalities.
  • Perform reconciliation.
  • Create and manage plug-ins and event handlers.
  • Handle approval workflows.
  • Create and manage requests
This course will also help you explore the concept of reconciliation. Learn how authoritative reconciliation is used to identify new user accounts on trusted sources and transfer them into Oracle Identity Manager. Find out how account reconciliation is used to recognize changes to user accounts on non-authoritative sources and transfer these modifications into Oracle Identity Manager.
Event Handlers and Plug-Ins
The course also teaches you how to add plug-ins and event handlers to a connector configuration to extend the customization of the connector. As a result, you’ll learn how to customize Oracle Identity Manager by developing and deploying event handlers and plug-ins.
Provisioning Request and Approval Workflows
Examine components that compose a request and approval workflow, including the request dataset, approval processes and approval tasks. You’ll learn how to create and manage an approval workflow; create and assign email notifications for the approval workflow, incorporate the approval workflow into a provisioning workflow and use it to approve the provisioning of a user. This is done before providing the user with access rights to an external resource.
Oracle Identity Manager APIs
Lastly, you will learn about services and APIs. Oracle provides a network-aware, Java-based API that exposes services available in Oracle Identity Manager. Services are used for building clients for Oracle Identity Manager and for integrating third-party products with the Oracle Identity Manager platform.


  • Business Analysts
  • Functional Implementer
  • SOA Architect
  • Security Administrators
  • Support Engineer
  • Technical Administrator
  • Technical Consultant

Required Prerequisites

  • Identity Management Concepts
  • Java Programming
  • Web Services
  • Oracle Identity Manager 11g R2: Essentials NEW

Course Topics

After completing this lesson, you should be able to understand the objectives, units, and lessons that compose this courseOracle Identity Manager 11g Concepts, Architecture, and Development

  • Review identity management and identity administration concepts
  • Identify Oracle Identity Manager as a solution for identity management tasks
  • Review Oracle Identity Manager architectures
  • Identify use-cases for Oracle Identity Manager
  • Describe and compare provisioning approaches (direct, automated, request-based)
  • Review Oracle Identity Manager user-interfaces
  • Explore Oracle Identity Manager development tools
  • Explore the course practice environment and start up the services

Integrating Systems with Identity Connectors

  • Discuss the Identity Connector Framework (ICF)
  • Identify ICF providers
  • Install the LDAP and Active Directory ICF connectors with Oracle Identity Manager
  • Create application instances and associated metadata (IT resource type, IT resource, and resource object) to configure access t
  • Manage the life cycle of connectors: including updating, defining, and removal (on non-production systems)

Developing an Identity Connector

  • Start and configure JDeveloper Connections
  • Create JDeveloper workspaces and Java projects configured with Connector SPI libaries
  • Build and develop a custom file-based ICF connector
  • Install the custom file-based ICF connector
  • Work with the Design Console
  • Create Resource Objects and IT Resources needed for the custom ICF connector
  • Create application instances and associated metadata (IT resource type, IT resource, and resource object)

Creating Configurations for Manual Provisioning

  • Review the types of provisioning organizations and users
  • Integrate an ICF Connector with Oracle Identity Manager
  • Create the common metadata: IT Resource Type definition, Resource Object, and lookups
  • Create the provisioning metadata: Process Form, Adapters for connector operations, Process Definition, and Provisioning Attribu
  • Create an application instance for target resources
  • Provision resources to Oracle Identity Manager users

Creating Configurations for Automated Provisioning

  • Explain techniques for automating provisioning (adapters, access policies)
  • Describe adapter types for extending Oracle Identity Manager functionality
  • Create a pre-populate adapter
  • Attach a pre-populate adapter to process form attributes
  • Describe Access Policies
  • Create an Access Policy with rules create with the expression builder
  • Test automatic provisioning with pre-populate adapter and access policies

Developing Entitlements for Provisioning

  • Run a scheduled task retrieve entitlements from a target resource (if supported)
  • Create a child table with fields to be used for entitlements
  • Mark form attributes to be used as an entitlement
  • Copy entitlement attributes to lookup tables and the catalog
  • Deploy a composite application for approval of entitlement requests
  • Request an entitlement for a user account
  • Handle approvals of the entitlement request

Creating Scheduled Tasks

  • Create a scheduled task
  • Define metadata for a scheduled task
  • Configure the XML file for a scheduled task
  • Develop a Java class for a scheduled task
  • Create the directory structure for a registering a scheduled task as a plug-in
  • Register the scheduled task as a plug-in
  • Create Scheduled Task Jobs

Implementing Reconciliation Tasks

  • Review reconciliation concepts
  • Explain authoritative reconciliation and account reconciliation conceptually
  • Identify and compare two types of reconciliation (authoritative and account reconciliation)
  • Discuss three reconciliation events that Oracle Identity Manager can perform with a resource
  • Identify scheduled tasks associated with reconciliation
  • Implement an authoritative reconciliation workflow
  • Implement an account reconciliation workflow

Creating Provisioning Request and Approval Workflows

  • Describe the components of the request and approval workflow
  • Describe how Oracle Identity Manager interfaces with Oracle SOA Suite
  • Identify the components of a SOA composite used for the request and approval workflow
  • Create a provisioning request workflow that require approval
  • Work with request profiles and the request API
  • Implement catalog customization (where is information on how to do this from a developer perspective?)

Customizing Approval Processes in SOA Suite

  • Extend a SOA composite with additional functionality for approval processing
  • Configure Oracle SOA Suite Universal Message Service (UMS) for email notification
  • Define a SOA composite with multiple approvers defined
  • Modify notification headers within a SOA composite
  • Implement Oracle Business Rules in the SOA composite

Implementing Event Handlers and Plug-Ins

  • Compare plug-ins, plug-in points, and the plug-in framework
  • Describe how plug-ins are used to implement event handlers
  • Develop and run plug-ins
  • Discuss operations, user management operations, event handlers
  • Explain how event handlers can extend user management operations
  • Develop and run event handlers

Customizing the Oracle Identity Manager User Interfaces

  • Customize the branding Oracle Identity Management Console pages
  • Create custom skins and style sheets

Working with Oracle Identity Manager APIs

  • Identify and explain commonly used Oracle Identity Manager Web services
  • Consume and invoke Oracle Identity Manager web services
  • Distinguish between the OIMClient and the tcUtilityFactory approach
  • Develop Oracle Identity Manager clients

Understanding Segregation of Duties

  • Describe SoD Validation Processes
  • Install SoD-enabled connectors
  • Deploying SIL Providers
  • Configure SoD Engine
  • Enable and disable SoD
  • Implement SoD with Oracle Identity Analytics

Course Objectives

  • Concepts associated with identity management, identity administration, and Oracle Identity Manager, learned in the Oracle Identity Manager 11g R2: Essentials course
  • Create configurations to provision users with external resources, both manually and through auto-provisioning
  • Key provisioning functionalities of Oracle Identity Manager
  • Two types of reconciliation workflows associated with Oracle Identity Manager: authoritative and account reconciliation
  • How to customize Oracle Identity Manager by developing and deploying event handlers and plug-ins
  • How to create approval processes for request and approval workflows
  • How to use the Identity Connector Framework (ICF) and its providers to provision and reconcile users with an Oracle Database table
  • Basic and advanced techniques used to customize the Oracle Identity Manager User Interfaces
  • How to use APIs to build clients for Oracle Identity Manager and to integrate third-party products with the Oracle Identity Manager platform