All client users accessing the OIPA APIs must be authenticated in addition to being
authorized for data access and functional behavior. The users must be:
- Authenticated: To identify the user validity
- Authorized for data access: Have access to tasks resources
- Authorized for functional behavior: To perform Create, Read, and Update
functions
To access the OIPA REST resources over HTTPS, provide the following information for
authentication:
- An SSL certificate authority (CA) certificate file or bundle to authenticate
against the Verisign CA certificate. Oracle Cloud uses a CA certificate issued
by Verisign to enable clients to connect securely to the server. For more
information, use cURL
- The Authorization standard header to specify the OIPA account user with
authorization to perform the operation in the specified identity domain. The
value in the Authorization header depends on the type of authentication that you
use to validate the user.