Each time a customer demands for an optimum solution to their Identity and Access management requirements we need to decide upon the right line of products to be used. One of the major scenarios is to make decision between OIA (Oracle Identity Analytics) and OIM (Oracle Identity Manager).
While deciding upon which to use OIM or OIA we can keep the following points in consideration:
OIM can provide most of the functionality as OIA but there can be few points of differences. OIA specific features such as Role Management and Attestation can be achieved through OIM as well but it requires connectors for OIM to be connected to target resource. Although OIM installation package comes with almost all of the industry standardized connectors and few OOTB connectors but this increases the effort and time required for the installation.
OIM is mainly a provisioning platform for connected resources. It maintains an online connection with the target systems and the information gets constantly updated. It manages accounts across connected resources where as OIA acts as an independent identity data house. It works as an offline database repository which can import data from any type of database table, CSV files, and user data through XML files and other resources without requiring any connector to the target resource. So it provides better features for role management. It can also push changes to database table or flat file to provision a user.
But to our rescue came the concept of integration of OIM and OIA. If we have the user and account information in our OIM through any of the provisioning activity, OIA can read this part of user account information, perform the role management tasks (also taking into consideration the user accounts not present in OIM),and then push back the changes to a OIM managed resource. Also we need to know that roles within OIA are authorative over OIM and OIM will work as Trusted source for Users Data and OIA will work as Trusted source for Role information.