Using Client ID and Secret

Use the client ID and client secret from the confidential application you created during the Prerequisite Setup, to generate the access token.

For information about the syntax and endpoint to use, refer to your identity provider's documentation.

The variables in this example must be replaced with the following information:

• <identity_domain_url>: The URL of your OCI identity domain.
• <base64_encoded_clientID:client_secret>: The Base64 encoded client ID and client secret provided by your identity provider.
• <scope>: The scope of your identity provider.
• <base64_encoded_JWT_user_assertion>: The user assertion generated by your identity provider.

Here is an example of an endpoint with required headers and body:

POST https://<identity_domain_url>/oauth2/v1/token 
       
      Headers: 
        Content-Type: application/x-www-form-urlencoded 
        Authorization: Basic <base64_encoded_clientID:client_secret> 
       
      Body (newlines for clarity): 
        grant_type=urn:ietf:params:oauth:grant-type:jwt-bearer 
        &scope=<scope> 
        &assertion=<base64_encoded_JWT_user_assertion>