Oracle Cloud Infrastructure Documentation

Create an Access Token in a Tenancy That Uses Identity Domain

The following sections walk you through the steps required to create an application and generate an access token in a tenancy that uses identity domain.

Create an Application

  1. Sign in as the tenant administrator to the Oracle Cloud Infrastructure Console.
  2. Open the Oracle Cloud Infrastructure navigation menu, and click Identity & Security. Under Identity click Domains.
  3. Select the identity domain you want to work in.
    The domain Overview page is displayed.
  4. From the left navigation menu, click Applications.
  5. In the Applications page, click Add application.
  6. In the Add application dialog, click Confidential Application, and click Launch workflow.
    The Add Confidential Application wizard opens.
  7. Enter a name for the app and a suitable description, and then click Next.
  8. Click Configure this application as a client now.
  9. Provide the following information to configure this application as a client.
    1. Under Authorization, select one or more grant types.

      Process Automation supports the following grant types:

      • Resource owner
      • JWT assertion
      • Authorization code
      • Implicit
    2. If you selected Authorization code or Implicit grant types, then enter the application URL where the user is redirected after authentication in the Redirect URL field. Otherwise, skip this step.
    Note

    You don't have to configure the application as a resource server.
  10. In the Token issuance policy section, configure the following.
    1. Select Add app roles.
    2. Click Add roles. In the Add app roles window, select the application role that you want to assign to this application, and click Add.

      For example, select Identity Domain Administrator and click Add. All REST API tasks available to the identity domain administrator will be accessible to your application.

  11. Click Next.
  12. Select Skip and do later, then click Finish.
    The application has been added in a deactivated state.
  13. Note the Client ID and Client secret that appear in the Application added dialog box. To integrate with your confidential application, you can use this ID and secret as part of your connection settings.
  14. Click Close.
    The new application's detail page is displayed.
  15. Click Activate, and confirm the activation.

Generate an Access Token

After creating the application, you can use the app to generate the access token required to create an Oracle Cloud Infrastructure Process Automation instance.

  1. Sign in as the tenant administrator to the Oracle Cloud Infrastructure Console.
  2. Open the Oracle Cloud Infrastructure navigation menu, and click Identity & Security. Under Identity click Domains.
  3. Select the identity domain you want to work in.
    The domain Overview page is displayed.
  4. From the left navigation menu, click Applications.
  5. On the Applications page, select the application that you created.
  6. Scroll down on the app details page, and in the left under Resources click Access token.
  7. Leave the default selections. In the following example, Customized Scopes, Invokes Identity Cloud Service APIs and Identity Domain Administrator are selected by default.
  8. Click Download Token and save the file.
    The tokens.tok file contains the access token with the attribute name access_token.
    tokens.tok
{"access_token":"eyJ4NXQjUzI. . . . ."}
  9. Provide the part of the access token between the quotes to the user to use for provisioning an instance. Do not provide the part labeled access_token.