The OAM SP Adapter uses an authentication scheme deployed within Oracle Access Manager to create a session for the user.
The following figure illustrates the request flow and how the OAM SP Adapter is used to facilitate using a SAML WS-Federation assertion to create an OAM session:
- An SSO assertion is sent to PingFederate acting as an SP.
- The OAM Sp Adapter redirects the user to an OAM Protected Resource secured with a PingFederate custom authentication scheme.
- OAM Webgate sends a request to authenticate the user.
- OAM Server redirects the authentication request to PingFederate.
- OAM SP Adapter sends the required credentials back to the OAM Server.
- The OAM Server validates the credentials and an 11g session is established.