Hello there!

Need Help? We are right here!

Support Icon
miniOrange Email Support

Thanks for your Enquiry. Our team will soon reach out to you.

If you don't hear from us within 24 hours, please feel free to send a follow-up email to info@xecurify.com

Search Results:


JD Edwards SSO (Single Sign-On) setup between Oracle and any Identity source

JD Edwards SSO (Single Sign-On)

JD Edwards SSO is a feature that enables easy and seamless Single Sign-On into your Oracle JD Edwards application instance authenticating against any of your existing identity source (Azure AD, LDAP, or any IDP).

As we have officially been recognized as a Global Modernized Oracle Partner Network (OPN) Partner, you can rest assured that all of our integrations on the Oracle Stack fulfill the highest competencies set by Oracle for their trusted advisors like miniOrange.

"miniOrange Oracle JD Edwards SSO connector enables Single Sign-On (SSO) between Oracle JD Edwards and any IDPs without the need to purchase and install Oracle Access Manager (OAM) and Oracle Internet Directory (OID) license."

JD Edwards SSO connector enables the Single Sign-On (SSO) integration between any Oracle application and IDPs (Identity Providers) like miniOrange, ADFS, Active Directory, Azure AD, Google, Okta, Onelogin, Ping Idenity, Centrify and many more. It also provide SSO support for web applications which do not provide support for federated Single Sign-On (SSO) protocol such as SAML or OAuth 2.0. SSO connector gives you the flexibility of extending your existing SSO integration to Oracle JD Edwards as well. This is possible due to its capability to act as a broker between multiple IdP's & your configured applications. This states that you can perform seamless SSO integration for Oracle JD Edwards with your existing authentication platform.

Oracle JD Edwards SSO (Single Sign-On) Solution : Authentication Flow

JD Edwards SSO (Single Sign-On)

Connect with External Source of Users

miniOrange provides user authentication from various external sources, which can be Directories (like ADFS, Microsoft Active Directory, Azure AD, OpenLDAP, Google, AWS Cognito etc), Identity Providers (like Shibboleth, Ping, Okta, OneLogin, KeyCloak), Databases (like MySQL, Maria DB, PostgreSQL) and many more.

Get Free Installation Help - Book a Slot

miniOrange offers 1 hour free help through a consultation call with our System Engineers to Install or Setup JD Edwards SSO SAML solution in your environment with 30 days free trial. For this, you need to just send us an email at idpsupport@xecurify.com to book a slot and we'll help you setting it up in no time.


1. Applications involved in the deployment

  • JD Edwards 9.2+
    • This is the application into which users will login via SSO.
    • Admin access of JD Edwards EnterpriseOne Server Manager Management console will be required.
  • miniOrange Identity Server(Only for On-Premise)
    • On-Premise Identity Server which will redirect users to Azure Active Directory for authentication & set an authentication cookie.

2. Port Configuration

  • miniOrange Proxy Server
    • Ports 443/8443- HTTPS - should be accessible from end-users' machines (for reverse proxy URL).
  • JD Edwards EnterpriseOne Server
    • HTTP/HTTPS ports used for accessing the JD Edwards Applications should be accessible from the miniOrange Proxy Server.

Follow the Step-by-Step Guide given below for Oracle JD Edwards SSO (Single Sign-On)

1. Configure JD Edwards in miniOrange

  • Login into miniOrange Admin Console.
  • Go to Apps and click on Add Applicaton button.
  • JD Edwards Single Sign-On (SSO) add app

  • In Choose Application Type click on Create App button in OAUTH/OIDC application type.
  •  Single Sign-On (sso)for JD Edwards select OAuth/OIDC application type

  • Search for JD Edwards in the list, if you don't find JD Edwards in the list then, search for OAuth2/OpenID Connect and you can set up your application via OAuth2/OpenID Connect App.
  • JD Edwards Single Sign-On (SSO) manage apps

  • Enter the Client Name of your app.
  • Copy the Redirect-URL from miniOrange SSO connector.
  • Adjust time validity for the tokens.
  • Then, click on Save.
  •  Single Sign-On (sso) for JD Edwards save configuration

  • To get the Client id,Client secret, OAuth endpoints and scope, you need to edit the application which you have created in the previous steps.
  • You can edit Application by using the following steps:

  • Go to Apps.
  • Search for your app and Click on the edit in Action menu against your app.
  •  Single Sign-On (sso) for JD Edwards edit application

  • Click on Click here to get the miniOrange endpoints.
  •  Single Sign-On (sso)for JD Edwards edit application

  • Note down all the parameters (Client id,Client secret,OAuth endpoints and scopes). You will need this info while configuring JD Edwards with miniOrange.
  • OAuth endpoints:

    Authorization Endpoint: https://login.xecurify.com/moas/idp/openidsso
    (Note: Use this endpoint only if you want to use miniorange as oauth identity server.)
    (Note: Use this enpoint only if you are configuring any Identity Provider in Identity Providers Menu and not using miniorange as IDP.)
    Token Endpoint: https://login.xecurify.com/moas/rest/oauth/token
    User Info Endpoint: https://login.xecurify.com/moas/rest/oauth/getuserinfo
    Introspection Endpoint: https://login.xecurify.com/moas/rest/oauth/introspect
    Revoke Endpoint: https://login.xecurify.com/moas/rest/oauth/revoke
    OpenID Single Logout Endpoint: https://login.xecurify.com/moas/idp/oidc/logout?post_logout_redirect_uri=<YOUR-APP-LOGOUT-URL>

    OAuth Scopes:

    email: View email address of the user
    profile: View profile attributes of the user account
    openid: Retrieve JWT token for OpenID Connect

  • Once the prerequisites are in place, the miniOrange Identity Server will be installed on the miniOrange Application Server.
  • The miniOrange Identity Server consists of 2 components - a reverse proxy, and the Identity Server.
  • You can find the steps for deploying the miniOrange Identity Server here.

2. Configure SSO in JD Edwards EnterpriseOne

  • Open EnterpriseOne Server Manager from a browser.
  • Select your EnterpriseOne HTML Server instance.
  • Select Network Settings from the Configuration section.
  • JD Edwards Single Sign-On (SSO) add app

  • Select the Enable Oracle Access Manager option.
  • Click Apply.
  • At the prompt, click the Synchronize button to synchronize the changes in all .ini files.
  • Stop and restart the HTML server.

3. Configure nginx as the reverse proxy

  • Install nginx from here.
  • Go to <nginx-installation-base-directory>/conf, and open nginx.conf for editing.
  • Create the following HTTP server:
  • # HTTPS server # server { listen 8100 ssl; server_name localhost; ssl_certificate "<path-to-ssl-certificate-pem>"; ssl_certificate_key "<path-to-ssl-rsa-key>"; error_page 401 = @error401; location @error401 { return 302 https://sso.example.com:8443/auth/sso; } # location specifies the context path of jdEdwards relative to the server FQDN location /<context-path-of-jdEdwards> { auth_request /auth; proxy_set_header Host $host; proxy_pass https://jde.example.com:443/<context-path-of-JdEdwards-app>; proxy_set_header MO_REMOTE_USER $cookie_MO_REMOTE_USER; add_header MO_REMOTE_USER $cookie_MO_REMOTE_USER; } location / { proxy_set_header Host $host; proxy_set_header MO-REMOTE-USER $host; proxy_pass https://jde.example.com:443/; } location /auth { proxy_pass https://sso.example.com:8443/auth/check; } }

4. Test Configuration

  • Access your JD Edwards application at the nginx reverse proxy URL (e.g. https://jde.example.com:8100/<context-path>).
  • You will now be redirected to your configured Identity Source.
  • After successful authentication, you will be logged in to your JD Edwards application.

Want To Schedule A Demo?

Request a Demo

Our Other Identity & Access Management Products