Manage External Application Access Options

Purpose: The options at the Manage External Application Access page are described below.

Related administrative properties: You need to set up the following properties through Work with Admin Properties (CPRP) for communication with IDCS:

•         IDCS_ACCESS_CLIENT_ID: The client ID that identifies Order Management System to IDCS.

•         IDCS_ACCESS_CLIENT_SECRET: The client secret to authenticate Order Management System to IDCS using OAuth.

•         IDCS_SERVICE_ENDPOINT_URL: The URL to use for communicating with IDCS.

Order Management System also uses the IDCS_ACCESS_CLIENT_ID and the IDCS_ACCESS_CLIENT_SECRET for authentication of web service messages to Order Broker or Customer Engagement flagged for OAuth authentication if the Client ID and Client Secret are not defined in Work with Web Service Authentication (WWSA).

Troubleshooting: Options at this page that require communication with IDCS, including generating a new client, regenerating the secret for a client, and refreshing the displayed applications, will fail if the administrative properties listed above are not set correctly. See Work with Admin Properties in the Classic View online help for more information on setting up these properties, or contact your Oracle representative for more help.

For more information:

•         Manage External Application Access for an overview of the Manage External Application Access page.

•         Fields on Manage External Application Access for a description of the fields on the Manage External Application Access page.

Options at this page:

•         Filter the Displayed External Application Access Options

•         Generate a New Client

•         Refresh the Displayed Applications

•         Edit Web Service Access for an Application

•         Regenerate the Secret for a Client

Filter the Displayed External Application Access Options

To filter the displayed records: Enter any string of characters in the Filter field and press Enter to restrict the displayed records to those that:

•         Contain your entry in the description of the external application, or

•         Have web service authentication records for a web services matching your entry; for instance, enter cwc or CWC to display applications with web service authentication records for the CWCustomer web service.

The filter is not case-sensitive.

Filter on more than one string of characters: You can also enter an additional string of characters in the Filter field and press Enter to restrict the displayed records to those that contain all entered search criteria.

Example:                    Enter new and press Enter to display external application records whose descriptions contain the word or string new. Enter demo and press Enter to display external application records that contain both the word or string new and the word or string demo.

You can remove any search criteria by clicking the X to the right of the search term. The page updates the filtered results immediately.

Generate a New Client

About generating new clients: Typically, you would use the Manage External Application Access page to:

•         Generate a new client for the XOffice On Premises application and assign web service access.

•         Generate a new client for another application and assign web service access.

Before you start: Before beginning the generation steps, you would typically select the Refresh option to confirm that the required client applications were not already created. See Refresh the Displayed Applications.

If the required client applications are not displayed after you select Refresh, follow the steps below to create them.

Generation steps: Select the Generate Client option advance to the Generate Application Client window.

At this window, specify the Application Details:

•         Application Type: Can be either:

•         XOffice On Prem: Select this option only if the application does not integrate directly with IDCS.

•         External: Select this option if the application integrates with IDCS.

Selecting an Application Type is required.

•         Application Description: Enter a brief description of the application. This is the Description in IDCS, and is informational. If you require multiple environments, such as one for production and one for UAT, you can include this information in the application description. Alphanumeric, 50 positions; required.

•         Environment: If the Application Type is XOffice On Prem, specify the type of environment, such as PROD or TEST. Your entry is converted to upper case, and no spaces or special characters are allowed. Required if the Application Type is XOffice On Prem; otherwise, if you set the Application Type to External, this field is not enterable and is not used. Informational.

Click Generate to save the generate the new client and submit it to IDCS; otherwise, click the X in the top right to close the window without generating the client.

If you click Generate, the window displays:

•         The new generated Client ID, and a link to copy the Client ID to the clipboard.

•         A link to copy the generated Client Secret to the clipboard.

You can copy and paste the new client ID and the new client secret if you need to share the information for an application that is not integrated with IDCS, so that application can use the secret for OAuth authentication.

The window displays an error if it cannot create the client, such as if the client ID already exists, or if communication with IDCS fails. See Manage External Application Access for information on the properties used for communication with IDCS.

Click Done to close the window, and click OK at the confirmation window to confirm.

Generated client ID: 

•         When the Application Type is XOffice On Prem, the generated client ID is RGBU_XTROFFOP_<ENV>_XOFFICE_APPID, where <ENV> is the specified Environment.

•         When the Application Type is External, the generated client ID is RGBU_OMCS_<RANDOM>_APPID, where <RANDOM> is a random string of 8 characters.

Define web service access: After creating the client, you need to define web service access. See Edit Web Service Access for an Application.

For more information: See Manage External Application Access for background.

Edit Web Service Access for an Application

To edit access: To create, change, or review web service authentication user records for the external application, highlight a record and select Edit Access from the right-hand Actions column (). The Web Services for window opens.

Select or unselect any of the listed web services. The standard Order Management System web service options are:

•         CWCustomer:

•         CWEmailRequest

•         CWManifest

•         CWMessageIn

•         CWOrderIn

•         CWPickIn

•         CWReceiptIn

•         CWServiceIn

•         JMSQueue

•         JobStatistics

•         PrivateDataRequest

•         ProcessIn

•         Storage

For more information: See the Classic View online help for information on each of these web services.

Click OK to update the web service access; otherwise, click Cancel.

Create web service access: Once created, the inbound web service records are listed in the Web Service Access column at the Manage External Application Access page, and are also displayed at the Work with Inbound Web Service Authentication Users through the Work with Web Service Authentication (WWSA) menu option, with the User set to the Client ID. The client ID can now be used for OAuth authentication for that web service.

Delete web service access: If you delete the web service option, the inbound web service authentication record is deleted, and is no longer displayed at the at the Work with Inbound Web Service Authentication Users through the Work with Web Service Authentication (WWSA) menu option, and can no longer be used for authentication for that web service.

Typical required access: The following web service access is typically required:

•         XOffice On Prem: Requires CWOrderIn, CWServiceIn, and CWMessageIn.

•         Ecommerce application: Requires CWOrderIn.

Refresh the Displayed Applications

To refresh: Click Refresh to update the list of currently existing application clients from IDCS:

•         If any additional application clients are found in IDCS that did not previously have records in Order Management System, these application client records are created in the Order Management System database.

•         If any application clients that previously existed in Order Management System have been deleted from IDCS, they are deleted from Order Management System, and the web service authentication user records are also removed from Web Service Authentication (WWSA).

Example:                    When you click Refresh, the updated list of clients might include clients created through another application, such as Customer Engagement.

Note:             When additional store locations have been created for XOffice On Prem, using the Refresh option creates the records in the Order Management System database; however, these records are not displayed at the Manage External Application Access page because they are assigned to XOffice On Prem as their parent ID. The Manage External Application Access does not display any records whose parent ID is populated.

Regenerate the Secret for a Client

To regenerate: Highlight a record and select Regenerate Secret from the right-hand Actions column ().:This option is available only if:

•         The application record was created in Order Management System, and

•         The selected Application Type is External.

The Regenerate Application Client Secret window displays the following information:

•         The selected Client ID.

•         The Application Description.

•         The Application Type (External).

•         The Environment, such as QA or PROD, if specified when the application was created.

All fields are display-only.

About the client secret: The client secret is a secure code that IDCS creates for a client application, and that the client application passes to IDCS for authentication. The client secret should be known only to the requesting application and to IDCS.

You can close the window by clicking the X in the upper right.

If you click Regenerate Secret, the Confirm Client Secret Regeneration window opens.

Click OK to regenerate the secret. The window displays:

•         The new Client ID, and a link to copy the new client ID to the clipboard.

•         A link to copy the new client secret to the clipboard.

You can copy and paste the new Client ID and the new client secret if you need to share the information for an application that is not integrated with IDCS, and needs to use the client ID and client secret for OAuth authentication.

Use caution when regenerating the secret, since this option actually deletes the application client in IDCS and regenerates it.

The window displays an error if it cannot regenerate the secret, such as if communication with IDCS fails. See Manage External Application Access for information on the properties used for communication with IDCS.

For more information: See Manage External Application Access for background.

________________________________

Copyright © 2020, Oracle and/or its affiliates. All rights reserved.
Legal Notices