This section introduces the Oracle Fusion Middleware representational state transfer (REST) API for managing credentials and keystores.
The credential and keystore management REST API provides endpoints for creating and configuring credential stores, keystores, and trust stores for your domain or web services.
You can access the REST endpoints through client applications such as:
You can also use the Oracle WSM REST endpoints in REST client applications that are developed in languages such as:
JavaScript
Ruby
Perl
Java
JavaFX
Before using the REST API, you need to understand a few important concepts, as described in the following sections.
Use the following URL to manage security stores:
http(s)://host:port/idaas/contextpath/admin/v1/resource
Where:
host:port—Host and port where Oracle Fusion Middleware is running.
contextpath—Context path for the REST resource. This value can be set to platform for resources that apply across the domain (for example, keystore and credential management resources), or webservice for resources that apply to a specific web services (for example, trust management resources).
resource—Relative path that defines the REST resource. For more information, see "REST API Reference." To access the Web Application Definition Language (WADL) document, specify application.wadl.
The Oracle WSM REST endpoints support standard methods for creating and managing Oracle WSM instances.
| REST Method | Task |
|---|---|
GET |
Retrieve information about the REST resource. |
POST |
Add a REST resource. |
PUT |
Update a REST resource. |
DELETE |
Delete a REST resource. |
You access the Oracle Fusion Middleware REST resources over HTTP and must provide your Oracle WebLogic Server administrator user name and password.
For example, to authenticate using cURL, pass the user name and password (for example, weblogic and welcome1) using the -u cURL option.
curl -i -X GET -u weblogic:welcome1 http://myhost:7001/idaas/platform/admin/v1/keystore
For POST and DELETE methods, which do not send data in the request body, if a keystore or key is password-protected, you must pass the Base64-encrypted keystore and key passwords, respectively, in custom headers. For example:
curl -i -X DELETE -u weblogic:welcome1 -H keystorePassword:cHdkMQ== -H keyPassword:bXlQd2Qy http://myhost:7001/idaas/platform/admin/v1/keystoreservice/certificates?"stripeName=myStripe&keystoreName=myKeystore&keyAlias=myAlias"
The HTTP methods used to manipulate the resources described in this section all return one of the following HTTP status codes:
| HTTP Status Code | Description |
|---|---|
| 200 OK | The request was successfully completed. A 200 status is returned for successful GET or POST method. |
| 201 Created | The request has been fulfilled and resulted in a new resource being created. The response includes a Location header containing the canonical URI for the newly created resource.
A 201 status is returned from a synchronous resource creation or an asynchronous resource creation that completed before the response was returned. |
| 202 Accepted | The request has been accepted for processing, but the processing has not been completed. The request may or may not eventually be acted upon, as it may be disallowed at the time processing actually takes place.
When specifying an asynchronous ( The response contains a Location header of a job resource that the client should poll to determine when the job has finished. Also, returns an entity that contains the current state of the job |
| 400 Bad Request | The request could not be processed because it contains missing or invalid information (such as, a validation error on an input field, a missing required value, and so on). |
| 401 Unauthorized | The request is not authorized. The authentication credentials included with this request are missing or invalid. |
| 403 Forbidden | The user cannot be authenticated. The user does not have authorization to perform this request. |
| 404 Not Found | The request includes a resource URI that does not exist. |
| 405 Method Not Allowed | The HTTP verb specified in the request (DELETE, GET, POST, PUT) is not supported for this request URI. |
| 406 Not Acceptable | The resource identified by this request is not capable of generating a representation corresponding to one of the media types in the Accept header of the request. For example, the client's Accept header request XML be returned, but the resource can only return JSON. |
| 415 Not Acceptable | The client's ContentType header is not correct (for example, the client attempts to send the request in XML, but the resource can only accept JSON). |
| 500 Internal Server Error | The server encountered an unexpected condition that prevented it from fulfilling the request. |
| 503 Service Unavailable | The server is unable to handle the request due to temporary overloading or maintenance of the server. The Oracle WSM REST web application is not currently running. |
The examples within this document use cURL to demonstrate how to access the Oracle Java Cloud Service REST resources.
In the examples, one or more of the following options is used to direct the execution of cURL
| cURL Option | Description |
|---|---|
--data @file.json |
Identifies the request document, in JSON format, on the local machine |
--form "name=value" |
Identifies form data. |
-H |
Header that defines one or both of the following:
|
-i |
Displays response header information. |
-u username:password |
Specifies the user name and password for the WebLogic administrator for authentication. |
-X |
Indicates the type of request (for example, GET, POST, and so on). For more information about the supported REST methods, see "Supported REST Methods". |
For example:
curl -i -X GET -u weblogic:welcome1 http://myhost:7001/idaas/platform/admin/v1/keystore
For information about downloading and using cURL, see http://curl.haxx.se.