Description of the illustration idcs_sales_insight_pattern_description

The image illustrates the design pattern used in the Sales Insight sample application. It includes a detailed flow to explain how the security of two custom applications can be integrated using Oracle Identity Cloud Service.

The main diagram has four major visual components:

1. A pictograph of an end user

2. A box labeled Custom Java App that contains a module called Customer Quotes, written in Java

3. A box labeled Custom REST Web Service that contains a module called Sales Insight, written in Java

4. A box labeled Oracle PaaS that contains the Oracle Identity Cloud Service

Note that both Customer Quotes and Sales Insight are marked with an asterisk with a footnote that says: Can be hosted anywhere.

The detailed flow is presented as a six-step process that moves through the four major visual components, as follows:

1. On startup, Sales Insight connects to Oracle Identity Cloud Service using the Client Credentials flow to get the Oracle Identity Cloud Service public key.


2. At runtime, the end user accesses Customer Quotes. After login, the user clicks Urgent Quotes (this option requires information provided by the resource server, Sales Insight).

3. Customer Quotes requests an authorization code to access Sales Insight quotes via Oracle Identity Cloud Service, which requires the user’s consent. After the user grants authorization, Oracle Identity Cloud Service returns an authorization code.

4. Customer Quotes requests an access token from Oracle Identity Cloud Service, which then issues a JWT access token for accessing quotes in Sales Insight.

5. Customer Quotes makes a REST call to retrieve quotes from Sales Insight. The request includes the JWT access token.

6. Sales Insight validates the JWT token signature using the Oracle Identity Cloud Service public key (obtained in step 0), processes the request, and retrieves the REST response to Customer Quotes, which displays the urgent quotes in the UI.