1. Developing Applications with Oracle Visual Builder
  2. Connect Applications to Data
  3. Work with Services
  4. Connect to Oracle Cloud Services
  5. Connect to ORDS APIs Using Fixed Credentials

Connect to ORDS APIs Using Fixed Credentials

To connect to Oracle REST Data Services (ORDS) using fixed credentials, you can use OAuth 2.0 Client Credentials for authentication.

Before creating a connection to ORDS, a role and privilege to protect your REST service need to be created and the OAuth client needs to be registered in the ORDS service. The following steps briefly describe this process. See Protecting and Accessing Resources.

When creating the service connection, you can use the following authentication method for the service connection:

Authentication method Details
OAuth 2.0 Client Credentials

This is the recommended authentication option.

To use this option you need to provide the following details:

  • Client ID and Secret. From ORDS
  • Token URL. From ORDS, for example, https://example.com/ords/ordstest/oauth/token
  • Scope. This is blank.
  1. Create a role and privilege to protect your REST service in ORDS:
    begin  ords.create_role('HR Administrator');
        ords.create_privilege(
      p_name => 'example.employees',
      p_role_name => 'HR Administrator',
      p_label => 'Employee Data',
      p_description => 'Provide access to employee HR data');
  commit;end;
  2. Associate the privilege with resources (i.e. your ORDS REST APIs):
    begin ords.create_privilege_mapping(
      p_privilege_name => 'example.employees',
      p_pattern => '/examples/employees/*');
      commit;end;

    Accessing the /example/employees REST resource should now result in a 401 unauthorized as shown here:

    curl -i https://example.com/ords/ordstest/examples/employees/
HTTP/1.1 401 Unauthorized
Content-Type: text/html
Transfer-Encoding: chunked
  
<!DOCTYPE html>
<html>
...
</html>
  3. Register the OAuth client with grant type Client Credentials:
    begin oauth.create_client(
      p_name => 'Client Credentials Example',
      p_grant_type => 'client_credentials',
      p_privilege_names => 'example.employees',
      p_support_email => 'support@example.com');
 commit;end;
  4. Grant this newly created client the required role:
    begin oauth.grant_client_role(
      p_client_name => 'Client Credentials Example',
      p_role_name => 'HR Administrator' );
 commit;
end;
  5. Check the registered client ID and secret:
    select client_id,client_secret from user_ords_clients where name = 'Client Credentials Example';

To create a connection to ORDS using fixed credentials:

  1. Open Services in the Navigator, click the + sign, and select Service Connection.
  2. Click Define by Endpoint in the Select Source step of the Create Service Connection wizard.
  3. Select the HTTP method and type the URL of the endpoint in ORDS.
  4. In the Authentication section of the Server tab, select OAuth 2.0 Client Credentials as the authentication method.
  5. Provide the details for the Client Id, Secret, and Token URL fields based on your ORDS configuration.
  6. Test the service connection.