Authenticate
You access the Oracle Java Cloud Service REST resources over HTTPS and you must provide the following information for authentication:
-
An SSL certificate authority (CA) certificate file or bundle to authenticate against the Verisign CA certificate. Oracle Cloud uses a CA certificate issued by Verisign to enable clients to connect securely to the server. See Use cURL.
-
The
X-ID-TENANT-NAME
custom request header to specify the identity domain ID for the Oracle Cloud account user. The identity domain ID is also part of the endpoint path in the URL structure of a REST resource endpoint. See Obtain Account Information. -
The
Authorization
standard header to specify the Oracle Cloud account user with authorization to perform the operation in the specified identity domain. The value in theAuthorization
header depends on the type of authentication you use to validate the user.
HTTP Basic Authentication
To use HTTP Basic authentication to validate users, you specify the user name and password for your Oracle Cloud account in the Authorization
header. The value of the Authorization
header should be the base64-encoding of <username>:<password>
, specified in the format:
Basic <base64-encoded value>
Many client applications such as cURL provide a method that creates this Authorization
header for you.
For example, to authenticate using cURL, supply the -u
option to pass your Oracle Cloud account user name and password. cURL adds the Authorization
header to the request when you send it.
The following provides an example cURL command that uses HTTP Basic authentication to retrieve details of the ExampleInstance
service instance.
curl -i -X GET -u username:password -H "X-ID-TENANT-NAME:ExampleIdentityDomain" https://rest_server_url/paas/api/v1.1/instancemgmt/ExampleIdentityDomain/services/jaas/instances/ExampleInstance
OAuth Authentication
Oracle Identity Cloud Service supports the OAuth 2.0 protocol and provides a token service for authentication and authorization of Oracle Cloud REST requests. If your Oracle Cloud account includes Oracle Identity Cloud Service, you can use OAuth authentication to validate users.
To use OAuth authentication, first you obtain an access token from Identity Cloud Service, and then you pass the token in a Bearer Authorization
header when you make a Java Cloud Service REST request.
The following provides an example cURL command that uses OAuth authentication with a bearer token to retrieve all Java Cloud Service instances in ExampleIdentityDomain
.
curl -i -X GET -H "Authorization: Bearer token-string" https://rest_server_url/paas/api/v1.1/instancemgmt/ExampleIdentityDomain/services/jaas/instances
See Obtain and Use an OAuth Token to learn how to get and use an OAuth access token.