Register an OAuth Client (OAuth)

Register an OAuth client to generate credentials for accessing the Oracle Autonomous AI Database A2A server and to enable secure authentication for A2A client integration.

Note: Only the database ADMIN user is permitted to create client credentials.

Endpoint

POST /adb/auth/v1/connect/databases/{database-ocid}/register
  1. Send a POST request to the registration endpoint for {database-ocid}.

  2. Provide the request payload with the redirect URI and client name.

    Request Body

    {
    "redirect_uris": [
    "{customer-provided-redirect-url}"
    ],
    "client_name": "{customer-provided-client name}"
    }

    Replace the placeholders with your specific values.

    • redirect_uris: URL where the OAuth 2.0 or OpenID Connect provider redirects users after successful authentication

    • client_name: User-defined name to identify the client (for example, DbA2AClient)

  3. Review the registration response and record the generated client credentials.

    Response Format

    {
    "client_name": "{customer-provided-client name}",
    "client_id": "{generated-client-id}",
    "client_secret": "{generated-client-secret}",
    "client_id_issued_at": {issue-timestamp},
    "client_secret_expires_at": {expiration-timestamp},
    "redirect_uris": [
    "{customer-provided-redirect-url}"
    ],
    "response_types": [
    "code"
    ],
    "grant_types": [
    "authorization_code",
    "refresh_token"
    ],
    "token_endpoint_auth_method": "client_secret_post",
    "scope": "openid"
    }

    The response includes the generated client_id and client_secret, which are required for OAuth authentication.

  4. Store the returned OAuth client credentials and redirect URIs securely.

  5. Use the returned client_id, client_secret, and redirect_uris to configure OAuth authentication in A2A client agents.

Example: Registering an OAuth Client (OAuth)

curl -X POST 'https://dataaccess.adb.{region-identifier}/adb/auth/v1/connect/databases/{database-ocid}/register' \
-u 'db-admin-username:password' \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-d '{
"redirect_uris": [
"{customer-provided-redirect-url}"
],
"client_name": "{customer-provided-client name}"
}'

Response for the OAuth Client request:

{
"client_name": "DbA2AClient",
"client_id": "ocid1.a2a.client.oc1..exampleuniqueID",
"client_secret": "AbCdEf1234567890SecretValue",
"client_id_issued_at": 1712345678,
"client_secret_expires_at": 0,
"redirect_uris": [
"https://myapp.example.com/oauth/callback"
],
"response_types": [
"code"
],
"grant_types": [
"authorization_code",
"refresh_token"
],
"token_endpoint_auth_method": "client_secret_post",
"scope": "openid"
}

Configure OAuth Client Using the Registration Response: The API response returns the OAuth client credentials (such as client_id and client_secret) and redirect URIs for the registered client.

Use the returned client_id, client_secret, and redirect_uris to configure OAuth authentication in A2A client agents (for example, Google Gemini Enterprise Application or another A2A-compatible client). See Configure the Agent through Google Marketplace (Administrator) and Configure the Custom Agent (Administrator) for details.