1. REST API for Users and GroupsREST API for Users and Groups
  2. Authenticate

Authenticate

Oracle Content Management provides two ways to authenticate using either OAuth or certificate authority (CA) certificate, issued by Verisign, to enable clients to connect securely to the server.

Note:

Ensure that you have the appropriate sign-on credentials for creating, managing, and deleting Oracle Content Management instances, as described in Quick Start.

Using OAuth

Setting up your request to use OAuth is a two-step process. First, you obtain an OAuth token, and then you use this token to access the REST API.

  1. From a browser, enter this URL:

    https://Content Management URL:port/documents/web?IdcService=GET_OAUTH_TOKEN

    The documents/web context is protected by Identity Cloud Service (IDCS). The user will be prompted to sign in to IDCS unless there is already a valid IDCS session in the browser.

    The OAuth token is returned in the tokenValue field in the JSON response. The token is valid for 7 days, and the expiration is in seconds.

  2. To use the token and access Content Management REST endpoints, use the Bearer Authorization header; for example:

    curl -i -H 'Authorization: Bearer token' --request GET {Content Management URL}/api/1.2/folders/items

Using CA

You access the Users and Groups REST resources over HTTPS, and you must provide the following information for authentication:

  • An SSL certificate authority (CA) certificate file or bundle to authenticate against the Verisign CA certificate.

  • User name and password for your Oracle Content Management account.

  • Custom header.

For example, to authenticate using cURL:

  • Set the cURL environment variable, CURL_CA_BUNDLE, to the location of your local CA certificate bundle. For information about CA certificate verification using cURL, see http://curl.haxx.se/docs/sslcerts.html.

  • Pass the user name and password for your Oracle Content Management account, using the -u cURL option or in the header.

  • Pass the custom request header, using the -H cURL option.

An example cURL command for authentication of an Oracle Content Management client follows: 
curl -L -i -c mycookies.jar -b mycookies.jar -H 'Authorization:encoded username:password' -H "Content-Type: application/json" -H "Accept: application/json" -X GET https://Content Management URL/osn/social/api

In the command, 'encoded username:password' is the base64 encode for username:password. If the preceding request has succeeded, you will have the valid user session stored in the cookies.

Now you do a POST with an empty payload to the Connections REST endpoint to obtain the ApiRandomID.

curl -L -i -c mycookies.jar -b mycookies.jar -H "Content-Type: application/json" -H "Accept: application/json" -X POST https://Content Management URL/osn/social/api/connections -D ""

Then use the value in the request header for subsequent requests.