Satish Kumar's Blog
OAuth Setup for Oracle Integration Cloud Endpoints

Photo by Onur Binay on Unsplash

OAuth Setup for Oracle Integration Cloud Endpoints

Satish Kumar's photo
Satish Kumar
·

3 min read

This blog details the steps required to setup OAuth Client Credentials for Invoking Oracle Integration Endpoints. The official documentation could be found here.

Access the Identity Domain

  1. Log in to the Oracle Cloud Infrastructure Console with your identity domain administrator credentials.

    • In the navigation pane, click Identity & Security.

    • Click Domains.

    • Select your compartment.

    • Click the identity domain.

  2. In the navigation pane, click Integrated applications.

    This is the location at which you create the client application for your grant type.

Configure the client application

  1. Click Add application.

  2. Select Confidential Application, then click Launch workflow.

  3. Enter a name and Description. Eg : OIC-OAuth-<ENV>

    The remaining fields on this page are optional and can be ignored.

    Click Next.

  4. In the Client configuration box, select Configure this application as a client now.

  5. Select the Client credentials in the Allowed grant types section.

    Leave the Redirect URL, Post-logout redirect URL, and Logout URL fields blank.

    The Client configuration dialog shows radio buttons for Configure this application as a client now and Skip for later. The Authorization section shows the Allowed grant types. Options are available for Resource owner, Client credentials, JWT assertion, Refresh token, Device code, Authorization code, Implicit, SAML2 assertion, and TLS client authentication.

  6. For Client type, ensure that Confidential is selected.

  7. Bypass several fields and scroll down to the Token issuance policy section.

    Select Specific in the Authorized resources section.

    The Token issuance policy section shows a subsection for Authorized resources, which includes selections for All and Specific.

  8. Click the Add Resources check box.

    Click Add scope.

  9. Find the Oracle Integration application for your instance, and click the down arrow. Select the two scopes appended with the following details:

    • urn:opc:resource:consumer::all

    • ic/api/

  1. Click Add. The scopes are displayed in the Resources section. Copy the Scope which ends with urn:opc:resource:consumer::all . This will be used to obtain the token.

  2. Ignore the Add app roles check box. Click Next, then click Finish.

  3. Click Activate, and then Activate application to activate the client application for use.

  4. In the General Information section, note the client ID and client secret values. These values are required for the third-party application that is communicating with OIC.

Add roles to the client application

  1. In the navigation pane, click Oracle Cloud Services.

  2. Select the specific application corresponding to the Oracle Integration instance.

    In the navigation pane, click Application roles.

  3. Expand ServiceInvoker, then click Manage next to Assigned applications

  4. Note : If there is a requirement to invoke OIC Factory API’s then add the application to ServiceDeveloper as well

  5. Click Show available applications.

  6. Select the application you just created and click Assign, then click Close.

OAuth Client Credentials

Share the following details to the team who would like to invoke the OIC Intergation Endpoints

  • Access Token URL: https://<IDCS URL>/oauth2/v1/token

  • Client ID : <generated earlier>

  • Client Secret : <generated earlier>

  • Scope : that ends with urn:opc:resource:consumer::all

Oracle#oic