Changing or Restoring Oracle Security Defaults Now Requires Consent

Changing or restoring the Oracle security defaults for the "Security Policy for OCI Console" sign-on policy now requires explicit consent.

You can modify the Oracle security defaults for the "Security Policy for OCI Console" sign-on policy for an identity domain after providing explicit modification consent. You can also restore the Oracle security defaults after providing restoration consent.

Oracle has implemented the "Security Policy for OCI Console" sign-on policy for all domains to safeguard the Console. This policy enforces multifactor authentication with phishing-resistant factors to be prompted for each sign-in attempt to the Console, protecting its resources.

To guarantee that the identity domain's Oracle security defaults is always maintained, explicit consent must be recorded whenever you modify the Oracle security defaults provided by OCI. The system sends an email notification to all identity domain administrators alerting them of any modifications.

For more information about this change, see Changing and Restoring a Domain's Default Security Posture Using the Required Consents.