Hi all,
I am having an issue setting up the the SSO using SAML.
I set up the SAML using this instructions: https://tm-apex.hashnode.dev/implementing-single-sign-on-for-apex-with-entra-id-and-saml-on-oracle-autonomous-database
I have created it on our local instance (APEX + ORDS on Tomcat) and even in Oracle Autonomous DB in Oracle Cloud.
The SSO fail in both cases with error:
Obvously I need to allow CORS from Microsoft servers. the article above suggests to set up the Identity provider as a trusted origin:
sudo su oracle
ords --config $ORDS_CONFIG config set security.externalSessionTrustedOrigins “https://my-app-domain.com,https://login.microsoftonline.com”
so I have done that on our local ebnvironment:
ords --config $ORDS_CONFIG config list
ORDS: Release 24.4 Production on Wed Aug 13 15:50:00 2025
Copyright (c) 2010, 2025, Oracle.
Configuration:
/u01/config/ords
Database pool: default
Setting Value Source
-------------------------------------- -------------------------------------------------- -----------
database.api.enabled true Global
db.connectionType basic Pool
db.hostname my-app-domain.com Pool
db.password ****** Pool Wallet
db.port 1521 Pool
db.servicename my-app-domain.com Pool
db.username ORDS_PUBLIC_USER Pool
feature.sdw true Pool
jdbc.InitialLimit 10 Pool
jdbc.MaxLimit 50 Pool
plsql.gateway.mode proxied Pool
restEnabledSql.active true Pool
security.externalSessionTrustedOrigins https://my-app-domain.com, https://login.microsof Global
tonline.com,https://apextesttenant.ciamlogin.com
security.requestValidationFunction wwv_flow_epg_include_modules.authorize Pool
standalone.static.path /u01/app/ords/images Global
What else I need to set up to make this work?
(I have replace my app urls by my-app-domain.com)
Thank you, youre help is much appreciated
Pavol