| Oracle® Retail Process Orchestration and Monitoring Oracle® Retail Process Orchestration and Monitoring Implementation Guide Release 22.0 F51337-01 |
|
 Previous |
| Oracle® Retail Process Orchestration and Monitoring Oracle® Retail Process Orchestration and Monitoring Implementation Guide Release 22.0 F51337-01 |
|
Previous |
This section details the steps to invoke POM ReST services using the OAuth protocol. Using the OAuth protocol is a two-step process:
Request an access token from an authentication provider: IDCS or OCI IAM.
Provide the access token as an authorization header when invoking a service.
As a one-time setup, Customers are required to create an OAuth client using the Retail Home Create IDCS OAuth 2.0 Client function. The OAuth client must be created against the "POM" app with the scope rgbu:pom:services-customer-administrator-<ENV_ID>
where <ENV_ID> represents the unique environment identifier such as PRD1, STG1, DEV1 and so on.
For example, the DEV1 scope would be: rgbu:pom:services-customer-administrator-DEV1
For more information about creating the OAuth client, refer to the "Creating IDCS OAuth 2.0 Client Apps" chapter in the Retail Home Administration Guide.
To generate a token from IDCS, the following information is needed:
IDCS URL
Client Id and Client Secret
OAuth Scope
The curl command below invokes an IDCS service to generate an access token:
curl -I -H 'Authorization: Basic <base64Encoded OAuth_Clientid:Secret>' -H 'Content-Type: application/x-www-form-urlencoded;charset=UTF-8' --request POST <IDCS_URL>/oauth2/v1/token -d 'grant_type=client_credentials&scope=rgbu:pom:services-customer-administrator-<ENV_ID>'
This is a standard ReST call, with the following specifics:
<IDCS URL> is the IDCS URL of this instance.
<base64Encoded OAuth_Clientid:Secret> is the Base64-encoded OAuth Client Id and Client Secret provided as a Basic Authentication header.
Specify the body as:
grant_type=client_credentials&scope=
rgbu:pom:services-customer-administrator-<ENV_ID>
The response to this call will be in this format:
{
"access_token": "<TOKEN>",
"token_type": "Bearer",
"expires_in": 3600
}
To invoke the POM ReST service, you must add an authorization header as Bearer <token>, that is:
The word Bearer
A space
A valid token obtained as described in "Requesting the Access Token"
For example, the POM nightly cycle start request would look something like the following:
curl -i -H 'Authorization: Bearer <OAuth Token>' -H 'Content-Type: application/json' --request POST 'http://<pom-server-host>/ProcessServices/services/private/executionEngine/schedules/<Schedule_Name>/execution?skipVersion' -d '{ "cycleName" : "Nightly", "flowName" : "Nightly"}'
