Using Client ID and Secret to Generate the OAuth Access Token

By default, you will use your Client id and Client secret, available in the confidential application you added as part of the prerequisite setup, to generate the access token. The syntax and IDCS endpoint are defined in the Validate the client application section of the Oracle Cloud Platform REST Adapter documentation at Authentication Support, Use OAuth 2.0 Grants in Identity Domain Environments, Prerequisites for JWT User Assertion.

Here is an example of the endpoint with required headers and body:

POST https://<IDCSTenantURL>/oauth2/v1/token

Headers:
  Content-Type: application/x-www-form-urlencoded
  Authorization: Basic <BASE64ENCODED_CLIENTID:CLIENTSECRET>

Body (newlines for clarity):
  grant_type=urn:ietf:params:oauth:grant-type:jwt-bearer
  &scope=<SCOPE>
  &assertion=<BASE64ENCODED_JWT_USER_ASSERTION>

Related Topics