🔐 Enabling MFA in Oracle Fusion Cloud Applications via OCI IAM

-


 Here's a clear and structured summary of how to enable and manage Multifactor Authentication (MFA) in Oracle Fusion Cloud Applications after migrating to OCI IAM Identity Domains, along with the available factors and key business benefits:

🔐 Enabling MFA in Oracle Fusion Cloud Applications via OCI IAM

✅ Available MFA Authentication Factors

Security admins can enable any combination of the following six authentication methods:

  1. One-Time PIN over Email

  2. One-Time PIN over SMS

  3. Passcode on Oracle Mobile Authenticator App

  4. Push Notification from Oracle Mobile Authenticator App

  5. FIDO Passkey Authenticator (e.g., biometric devices)

  6. Bypass Code (temporary use, typically admin-generated)

⚙️ Steps for Admins: Configure MFA Settings

🔧 1. Restrict or Allow MFA Factors (Optional)

To control which factors users can use:

  • Go to Security Console

  • Navigate to User Categories

  • Select a user category

  • Click Two-Factor Authentication > Edit

  • Select only the desired authentication methods

  • Click Save and Close

Default Enabled Factors:

  • One-Time PIN over Email

  • One-Time PIN over SMS

  • Passcode on Oracle Mobile Authenticator

👤 Steps for Users: Enable MFA

🔑 2. Enroll in MFA (User Self-Service)

  1. Sign in with your user ID and password.

  2. Click your user name/image in the global header.

  3. Select Set Preferences > Password > Manage Secure Verification.

  4. You’ll be redirected to Oracle Cloud Console.

  5. Click Enable Secure Verification.

  6. Choose a method (e.g., mobile app, email, FIDO, SMS).

  7. Complete the verification setup:

    • Mobile App: Use Oracle Mobile Authenticator (Push or Offline Passcode)

    • Email/SMS: Receive and enter the OTP

    • FIDO Authenticator: Register a passkey using biometric or hardware token

  8. Once one method is verified, you can add more from the Security tab.

🚀 Business Benefits of Enabling MFA

BenefitDescription
🔐 Enhanced SecurityReduces risk of compromised accounts with an additional authentication layer
📉 Reduced BreachesHelps prevent unauthorized access to sensitive HCM data
🌐 Secure Remote AccessIdeal for supporting remote and hybrid workforce
🧭 Compliance SupportAssists in meeting regulatory and audit requirements
✅ User Self-ServiceSimplified setup and management for users


Reference: https://docs.oracle.com/en/cloud/saas/readiness/common/25b/common25b/25B-common-wn-f37839.htm#Steps-to-Enable




Comments

Post a Comment