Step 3: Check Token Refresh and Scope Settings in Integrated Applications

Check that Refresh token is enabled in your confidential application and that the scopes assigned to your confidential application match your Oracle Integration instance.

  1. Log in to the Oracle Cloud Infrastructure Console with your identity domain administrator credentials and select Identity & Security, then Domains.
  2. Select your compartment, then your identity domain.
  3. Select Integrated Applications.
  4. Find and select the confidential application you created.
  5. Select OAuth Configuration.

    Integrated Applications tab selection

  6. In the Authorization section of your confidential application details, make sure Refresh token is set to Enabled.

    On the left hand side there are the menus Identity selected with the submenus Overview, Domains(selected), Network Sources, Policies, Compartments, Federation, My profile. to the right, on the main page, there are navigation tabs: Details, OAuth Configuration (selected), Web Tier Policy, Consent Information, Users, Groups, Tags. On the main page, there is an Authorization section with the field Refresh token with the value Enabled highlighted.

    If Refresh token isn't enabled, under OAuth Configuration, select Edit OAuth configuration and make sure Refresh token is checked.


    Edit OAuth Configuration dialog. In this dialog, there are three sections: Resource server configuration, Client Configuration, and Authorization. Under Resource server configuration, the option No resource server configuration is selected. Under client configuration, the option configure this application as a client now is selected. In the Authorization section, Refresh token is selected and highlighted.

  7. Select Save Changes.