Supported OAuth Workflows

Oracle Cloud supports two-legged OAuth workflow.

The type of process flow used to describe an OAuth request, typically refers to the number of parties involved. Two-legged OAuth workflow includes an OAuth client and a resource server. In OAuth two-legged authorization, consent from the resource owner is either assumed or not required.

Two-Legged OAuth Workflow

In two-legged OAuth workflow, the OAuth client is either the resource owner or the OAuth client is preapproved by the resource owner to access services. The OAuth client requests an access token using either the client credentials workflow or the resource owner password credentials workflow. The OAuth service validates the client's (and if supplied, the resource owner's) credentials, and returns an access token to the OAuth client.

This is how a two-legged OAuth workflow works:
  1. A user in your organization wants to use a mobile application to access Oracle Java Cloud Service in Oracle Cloud. The user places a request in a mobile application.
  2. The mobile application is the OAuth client, and it places a request for an access token to the OAuth service.
  3. After authenticating the client application, the OAuth service sends back the access token.
  4. The OAuth client makes a request, and submits the access token to the resource server hosting Oracle Java Cloud Service.
  5. The resource server sends back the request with the access token as the authorization to access the requested resource.
  6. The OAuth client sends the response to the request back to the user.