Using Client ID and Secret

Use the client ID and client secret from the confidential application you created during the Prerequisite Setup,to generate the access token. The syntax and IDCS endpoint are defined in the Oracle Cloud Platform REST Adapter documentation at 2 REST Adapter Concepts, Authentication Support, in the Use OAuth 2.0 Grants in Identity Domain Environments. You can shortcut to the correct section by clicking the Prerequisites for JWT User Assertion link, then the Validate the client application link.

Here is an example of the endpoint with required headers and body:

POST https://<IDCSTenantURL>/oauth2/v1/token

Headers:
  Content-Type: application/x-www-form-urlencoded
  Authorization: Basic <BASE64ENCODED_CLIENTID:CLIENTSECRET>

Body (newlines for clarity):
  grant_type=urn:ietf:params:oauth:grant-type:jwt-bearer
  &scope=<SCOPE>
  &assertion=<BASE64ENCODED_JWT_USER_ASSERTION>

Related Topics