By unifying administration and user experiences across these key IAM functions,
the new service will help simplify administration, reduce cost of ownership, and
improve time to value. The service will span cloud and on-premises, providing
the flexibility to handle a wide variety of IAM use cases across employee, partner,
and consumer scenarios. As a native service of OCI, customers can use the
diverse feature set of OCI IAM across use cases in any geography. The new
service will be delivered on OCI infrastructure for trusted performance and
stability.
The conversion from IDCS to OCI IAM identity domains is expected to be largely
transparent with no anticipated down time or service interruption. There are no
required changes to applications, users, or groups in existing IDCS stripes or to
local users in OCI tenancies.
When this process completes, existing IDCS stripes will be available in the OCI
Console as identity domains. Because IDCS stripes will be migrated into OCI
tenancies, most OCI customers will see the auto-federated IDCS instance is now
an identity domain in the root compartment named IdentityCloudService.
• Identity domains are the next generation of IDCS instances (stripes).
Each existing IDCS instance will become an identity domain.
• Each OCI IAM identity domain represents a stand-alone identity and
access management solution.
• Each identity domain represents a different user population, but certain
use cases may require users to exist in multiple identity domains.
• Identity domains each have their own settings, configurations, and
security policies to ensure optimal security.
• OCI IAM is an Identity-as-a-Service (IDaaS) solution with the flexibility to
cover virtually any IAM use cases across employees, partners, and
consumers.
What changes with an existing Identity Cloud Service (IDCS)
deployment?
Oracle Identity Cloud Service (IDCS) customers should be familiar with the level
of enterprise IAM functionality IDCS provides. None of the existing IDCS features
or functionality will change as part of this migration. As part of this change, the
backend IDCS service becomes an integral component of Oracle Cloud
Infrastructure Identity and Access Management (OCI IAM).
As a native service of OCI, OCI IAM will take advantage of infrastructure that
offers consistently high performance, enterprise scalability, availability in all the
Oracle global cloud regions, and an extensive set of regulatory compliance and
security certifications.
The OCI IAM service will continue to serve all current IDCS use cases including
providing a stand-alone Identity-as-a-Service (IDaaS) solution for managing
access across numerous third-party applications. IDCS customers migrating to
OCI IAM do not need to consume any other OCI services to continue using the
services previously provided by IDCS.