Security, Authentication and Authorization
When you make HTTPS requests to Database Classic Cloud Service REST API endpoints, you ensure secure, authenticated and authorized access by providing the following information:
-
An SSL certificate authority (CA) certificate file or bundle to authenticate against the Verisign certificate authority (CA) certificate. (Oracle Cloud uses a CA certificate issued by Verisign to enable clients to connect securely to the server.)
-
The
X-ID-TENANT-NAME
custom header to specify the identity domain. -
The
Authorization
standard header to specify the user name and password of an Oracle Cloud user with authorization to perform the operation in the specified identity domain.
The X-ID-TENANT-NAME Header
X-ID-TENANT-NAME
header whose value is the identity domain ID for the Database Classic Cloud Service account to which the request applies:
-
For a Cloud account with Identity Cloud Service: the identity service ID, which has the form
idcs-letters-and-numbers
. You can find this ID in the Identity Service Id field on the Overview tab of the Service Details page for Database Classic Cloud Service in My Services. -
For a traditional cloud account: the name of the identity domain.
The Authorization Header
When making a request to a Database Classic Cloud Service REST API endpoint, you must specify an Authorization
header whose value contains the user name and password of an Oracle Cloud user with authorization to perform the requested operation in the specified identity domain. When specifying the user name and password, note that the user name is not case-sensitive, while the password is case-sensitive.
The value has the form:
Basic base64-encoded-username-colon-password
where base64-encoded-username-colon-password
is the Base64 encoding of the user name and password, separated by a colon. For example, given the user name dbaasadmin
and the password Pa55_word
, the string to encode would be dbaasadmin:Pa55_word
and the resulting header would be:
Authorization: Basic ZGJhYXNhZG1pbjpQYTU1X3dvcmQ=
Note:
Many client applications provide a method that creates this header for you. In cURL, for example, the -u
(--user
) option adds the Authorization
header to a request:
--user dbaasadmin:Pa55_word
generates the same Authorization
header shown in the previous example.