3 Smart Reasons To Use The OKTA Access Gateway For Enabling SSO For Oracle E-Business Suite (EBS)

Let’s start with a few IT-related requirements:

  • You need to reduce the number of password related Helpdesk calls.
  • You require Multi-Factor Authentication for at least one of your Oracle E-Business Suite application modules.
  • You require remote access for EBS.

If you agree with any of these statements, then it’s fair to say you may have a problem on your hands. Fortunately, we’ll be addressing each of these to help shed some light on how to best handle the associated challenges. Roll up your sleeves and let’s dive in to the world of EBS Single Sign-On!


One of the most time-consuming and process-interrupting tasks for employees is having to call the Helpdesk because they forgot their password. According to Gartner, nearly 50% of all Helpdesk calls are due to user-forgotten passwords, and Forrester Research estimates it costs companies $70 for a single password reset. It may not sound like a lot, but it certainly adds up and, more importantly, is avoidable.

In the past, some organizations have been able to reduce password resets using Windows Desktop Authentication (aka Integrated Windows Authentication). Though the only way to enable SSO with Oracle E-Business Suite was by deploying an enterprise-wide authentication management service known as Oracle Access Manager (OAM), which required a multi-million-dollar investment between new hardware, software, and implementation services. Given the astronomical costs, very few customers implemented it.

Fortunately, with the cloud technology revolution, there is an alternative which eliminates the need for OAM entirely. Let me introduce you to the world’s first Dynamic Application Tunneling Appliance: the OKTA Access Gateway.

OKTA Access Gateway makes easy work of enabling SSO with Oracle EBS and interfaces with any authentication source, including Windows Desktop SSO, Oracle Identity Cloud Service and Okta, among others.


The three best options for Multi-Factor Authentication (MFA) are:

  • Integrated application provided by Oracle or Okta
  • A biometric system such as BioSig Identity
  • Google Authenticator

It’s very likely you have encountered MFA with your personal bank. At a high level, MFA requires you to enter two or more forms of identity in addition to a username before gaining access to an application or other system. The two additional factors usually consist of a password and a one-time PIN typically generated by an application on your mobile phone or sent via SMS.

If you’ve been following daily news headlines, then you’re aware that data breaches often happen because of compromised passwords. An example of how this was pulled off in the past was when an attacker sent a PDF of a lunch menu to a popular local restaurant; it contained malware that had software to track keystrokes. If these users were required to utilize MFA, the attacker would have been prevented from accessing their accounts as they would be missing a key credential.

The use of MFA is becoming more common and it cannot be overlooked. That’s why ICSynergy has made MFA deployment with EBS simple through using the OKTA Access Gateway. It works with any MFA solution including Oracle and Okta products, Google’s Authenticator, and all MFA methods that integrate with Windows Active Directory or acts like a SAML Identity Provider.


Most users within an organization interact with EBS to file Expense Reports, log Time Sheets, etc.; many of these users are not behind a company firewall, but are working from home offices or in the field at customer sites.

In the past, the only way to enable secure access for these remote users was to deploy a Virtual Private Network (VPN). VPNs made it possible to have secure remote access to your network and were ground breaking when they first arrived in the market. VPNs were the catalyst for our modern remote/mobile workforces today. Now, while VPNs provide an incredible security advantage for modern businesses, they do have some problems. Namely, requiring expensive dedicated hardware and software, requiring client software and, of course, VPN specific passwords.

More passwords = more Helpdesk calls and more expense, which we’re trying to avoid. In addition, if an attacker compromises a VPN there could be a security disaster. Just imagine a malicious user having complete access to your network, what a nightmare! It should be clear that VPNs pose a serious threat to any organization.

There is a simpler, lower-cost, and more secure way to connect remote workers: Deploy the OKTA Access Gateway. Its Dynamic Application Tunnel technology allows you to enable secure remote access to your Web applications without requiring additional hardware or complicated client software.

With the OKTA Access Gateway you can achieve a better security posture by having the only interface exposed to your end-users being that of the Web Applications they’re logging into. It’s simple.

Could you benefit from IAM Ingegration?

Our support team of consultants continuously monitors your IAM system, identifying and reporting on potential problems, and provides services that resolve unexpected events.

Contact us today to find out how integrating IAM into your business could help you drive your business forward in the right direction.


Some additional features of the OKTA Access Gateway include maintaining application/module segmentation and providing security checks like Session Validation and IP Monitoring to reduce the chances of session hijacking.

It is also important to note that the OKTA Access Gateway is THE ONLY third-party security solution validated by Oracle. The Oracle validation program is how Oracle certifies third-party partner products to work with Oracle applications. To be validated, the partner must demonstrate a market demand, share technical architecture and designs to be vetted by Oracle Product Management, and then the integrated solution must be successfully tested and demonstrated to Oracle. If you’re wondering why this is important, let me explain. If you connect a solution to EBS that has not been validated and make customizations, you will be out of compliance with Oracle Support for EBS.

In addition to its Oracle validation, the OKTA Access Gateway has been vetted by the broader market having been commercially available for over three years and deployed in dozens of companies, including a number of Fortune 500 companies.


If you’ve read this far we hope you’ve learned something about the benefits of deploying the OKTA Access Gateway with Oracle E-Business Suite! However, simply knowing the reasons why to implement isn’t going to give you:

  • Single Sign-On with EBS
  • Multi-factor authentication with EBS
  • Simple and secure remote access to EBS without A VPN


Don’t delay while employees waste time and eat up the bottom line calling the Helpdesk. Don’t delay and run major security risks by not having Multi-Factor Authentication. Simple password policies are not enough — they may exist, but do your users follow them? Your users want to do the right thing, but they get busy, slip up and re-use passwords or accidentally share it with a phishing form while ordering take-out from the new place down the road.

Take action now and start the conversation by reaching out to us at info@icsynergy.com. We’ll guide you through the OKTA Access Gateway use cases and answer all of your questions.

To help you get the ball rolling, here are four action items you can take to prepare to get the most out of your conversation with ICSynergy regarding implementing the OKTA Access Gateway:

  • Determine what your authentication system is today or what is should be in the future.
  • Determine what version of EBS you’re running.
  • Determine how many EBS environments you have.
  • Find out what operating system EBS is running on.

Posted in OktaOracleOKTA Access Gateway | Comments Off on 3 Smart Reasons To Use The OKTA Access Gateway For Enabling SSO For Oracle E-Business Suite (EBS)

Written by
Martin Gee
Founder & Chief Technology Officer, ICSynergy International LLC


Operationalize Your Digital Business Model using Relationships, Roles and IdP Functionality with ICSynergy's Identity Relationship Management Platform


Enhanced MSP

Increase overall productivity by transitioning critical, supporting process workload from key business and technical resources to our Experts.


Privileged Access Management

Partnering with ICSynergy & applying our proven PAM methodologies can assist in delivering sustainable results while providing early Return on Investment .


We stand behind our work and our customers. We align our IAM solutions with your business and technology priorities. It’s no surprise that our Fortune 1000 customers consider us a trusted advisor. ICSynergy is laser-focused on delivering mission-critical IAM solutions and products that help our customers solve their most challenging and complex IAM problems.


Sign up for value based blog posts

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
What Is Hybrid Cloud? (And Why Does It Matter?)
By Martin Gee
Principles Of Hybrid Cloud?                        
By Martin Gee
3 Smart Reasons To Use The OKTA Access Gateway
By Martin Gee
© 2020 ICSynergy International, LLC. All Rights Reserved. Various registered trademarks held by their respective owners.