Authentication and Authorization
Authentication
The API supports HTTP basic authentication and SSL authentication.
Authentication Using curl
To authenticate using curl, pass the username and password for your Oracle Prime Projects account using the -u
curl option:
Note: Text surrounded in < > indicates a variable. You must replace variables with your own data to run the examples in this documentation. For example, replace the <username> variable with your username.
curl -u <username>:<password> -H "Accept:application/json" -H "Version:<api-version>" -X GET https://<host>:<port>/primeapi/restapi/<endpoint>
The variables in the previous example should be replaced with the following information when accessing the API:
- <username>: The username of an application user. This user will be used to access the API and must have permission to access requested application data. For example, jsmith.
- <password>: The password associated with the user account used to access the API.
- <api-version>: A valid version of the API. For example, 3.0.
- <host>: The name of the host on which the application is deployed. For example, localhost.
- <port>: The port number assigned to the application on the application host. For example, 7001.
Authentication Using Java
To use HTTP basic authentication with Java, you must convert your username and password to a base64 encoded string.
The following Java snippet demonstrates how to authenticate using HTTP basic authentication with Java:
import java.io.BufferedReader;
import java.io.InputStreamReader;
import java.net.HttpURLConnection;
import java.net.URL;
public class SampleProgram {
private static String userName = "<username>";
private static String password = "<password>";
//...code omitted for clarity
private static String callRestURL(String restUrl, String method, String version) throws Exception {
HttpURLConnection conn = null;
try {
//...code omitted for clarity
String userCredentials = userName + ":" + password;
String base64Credentials = javax.xml.bind.DatatypeConverter.printBase64Binary(userCredentials.getBytes());
String basicAuth = "Basic " + base64Credentials;
conn.setRequestProperty("Authorization", basicAuth);
//...code omitted for clarity
Authorization
Oracle Prime Projects provides security at the application level. The user account you specify when sending requests to the API must be authorized to access the application and the objects requested through the API endpoints. For example, to request project information from the /project/{id}
endpoint, you must connect to the API using an account that is authorized to access the project with the specified ID value. If the account does not have authorization to access the contents of an API endoint, the API will return a 401 or 404 response.
Refer to the Application Administration Guide for information on configuring user access to the application.