Create an Access Token in a Tenancy That Do Not Use Identity Domain

The following sections walk you through the steps required to create an application and generate an access token in atenancy that do not use identity domain.

Create an Application

  1. Sign in to the Oracle Identity Cloud Service (IDCS) administrator console.
  2. Click hamburger menu on the upper left, and from the menu options that display, select Applications.
  3. On the Applications page, click +Add.
  4. In the Add Application dialog, select Confidential Application.
    The Add Confidential Application Wizard appears.
  5. Enter a name and an optional description, and click Next.
  6. Select Configure this application as a client now. Then provide the following information for configuring the app as a client, and click Next.
    1. Under the Authorization section, provide details for client authorization.
      Field Information to Enter
      Allowed Grant Types Select one or more grant types. Oracle Cloud Infrastructure Process Automation supports the following grant types:
      • Resource Owner
      • JWT Assertion
      • Authorization Code
      • Implicit
      Redirect URL If you selected Authorization Code or Implicit grant types, enter the application URL where the user is redirected after authorization. Otherwise, leave this field blank.
      Allowed Operations Select Introspect.
    2. Under Grant the client access to Identity Cloud Service Admin APIs, click + Add.
      1. In the Add App Role dialog, select Identity Domain Administrator and click Add.
    Note

    You don't have to configure the application as a resource server.
  7. Select Skip for later, and click Next.
  8. In the last page in the wizard, leave Enforce Grants as Authorization unselected, and click Finish.
    A confirmation dialog lets you know that the application has been created.
  9. Click Activate, then click OK to confirm that you want to activate the application.
    The application is created and you can use it to generate the access token for users.

Generate an Access Token

After creating the application, you can use the app to generate the access token required to create an Oracle Cloud Infrastructure Process Automation instance.

  1. Sign in to the Oracle Identity Cloud Service (IDCS) administrator console.
  2. Click hamburger menu on the upper left, and from the menu options that display, select Applications.
  3. On the Applications page, click the application you created.
  4. Click Generate Access Token.
  5. In the Generate Token dialog, select Customized Scopes.

    Note that the Invokes Identity Cloud Service APIs and Identity Domain Administrator are selected by default.

  6. Click Download Token and save the file.
    The tokens.tok file contains the access token with the attribute name access_token.
    tokens.tok
    {"access_token":"eyJ4NXQjUzI. . . . ."}
  7. Provide the part of the access token between the quotes to the user to use for provisioning an instance. Do not provide the part labeled access_token.