1. Integrating and Extending Oracle Content Management
  2. Developing Oracle Content Management Integrations
  3. Oracle Content Management REST APIs
  4. Create and Use Applinks for File and Folder Access

Create and Use Applinks for File and Folder Access

You can control access to files and folders in Oracle Content Management with applink endpoints of the REST API for Documents.

The following endpoints let you control user access to files and folders:

  • Create File Applink

  • Create Folder Applink

  • Refresh Applink Token

To create an applink for a user to access a file or folder, you must be the owner or have the manager role. Either of these roles gives you admin privileges for the file or folder.

When you create a file or folder applink for a user, you can grant the user any of these roles:

  • Viewer: Viewers can look at files and folders, but can't change things.

  • Downloader: Downloaders can also download files and save them to their own computers.

  • Contributor: Contributors can also modify files, update files, upload new files, and delete files.

The response from the Create File Applink or Create Folder Applink REST API includes an applink ID, access token, and refresh token. For example:

{
    "appLinkID":"LDhsn4VPTsnDnKpKLFZTCkjaPkYbMC6-3taYSdJAazckhezJ2HlSjs2THOou6cCAvxcRnw5gpXcU7pIRkCmWN8kEToJHFwwZ-ptWvPGhJaiirl9baL9mka14WnwpL6auOO40-gFMPvkPv23OtMnj2W3A==",
    "accessToken":"GYrSN5zuj0kOTE4k_60bKvdkxx2-ARA546A2T77GtEOgoPZPGgKk126OeCn1w-Ij",
    "appLinkUrl":"http://www.example.com/documents/embed/link/app/LDhsn4VPTsnDnKpKLFZTCkjaPkYbMC6-3taYSdJAazckhezJ2HlSjs2THOou6cCAvxcRnw5gpXcU7pIRkCmWN8kEToJHFwwZ-ptWvPGhJaiirl9baL9mka14WnwpL6auOO40-gFMPvkPv23OtMnj2W3A==/fileview/DFD11F62E911327CB1F160F6T0000000000100000001",
    "refreshToken":"Yc_b_dE8V03eDTCmcmC1gi_y3LVJTPiZOSQDhuS_VWim9E_FRpLQGtEhgxCNbKTG",
    "role":"manager",
    "id":"DFD11F62E911327CB1F160F6T0000000000100000001",
    "type":"applink",
    "errorCode":"0"
}

The user needs to pass the applink ID and access token parameters in the request header for each REST API operating on the folder or file or on any child folder or file. The response does not provide a link to the file or folder because headers cannot be represented in a link.

The access token expires after 15 minutes. You can refresh the access token any number of times within the time period defined by a refreshed token (24 hours). Use the refresh token to request a new access token when the current access token expires. The refreshed token expires after 24 hours.

For more information about the applink REST APIs, see "Applinks" in REST API for Documents.