Creating a Connection

The first step in creating an integration is to create the connections to the applications with which you want to share data.

  1. In the Oracle Integration Cloud Service home page, click Connections.
  2. Click Create.
    The Create Connection — Select Adapter dialog is displayed.
  3. Select an adapter from the dialog. You can also search for the type of adapter to use by entering a partial or full name in the Search field, and clicking Search.
    The Create New Connection dialog is displayed.
  4. Enter the information to describe the connection.
    • Enter a meaningful name to help others find your connection when they begin to create their own integrations. The name you enter is automatically added in capital letters to the Identifier field. If you modify the identifier name, do not include a blank space (for example, Sales Opportunity).

    • Select the role (direction) in which to use this connection (trigger, invoke, or both). Only the roles supported by this adapter are displayed for selection. When you select a role, only the connection properties and security policies appropriate to that role are displayed on the Connections page. If you select an adapter that supports both invoke and trigger, but select only one of those roles, then try to drag the adapter into the section you did not select, you receive an error (for example, configure an Oracle RightNow Cloud Adapter as only an invoke, but drag the adapter to the trigger section).

    • Enter an optional description of the connection.


    Description of create_new_connection.png follows
    Description of the illustration create_new_connection.png
  5. Click Create.
    Your connection is created and you are now ready to configure connection details, such as email contact, connection properties, security policies, connection login credentials, and (for certain connections) agent group.

Adding a Contact Email

From the Connection Administrator section of the connection, you can add a contact email address for notifications.

  1. In the Email Address field, enter an email address to receive email notifications when problems occur.
  2. In the upper right corner, click Save.

Configuring Connection Properties

Enter connection information so your application can process requests.

  1. Click Configure Connectivity.
    The Connection Properties dialog is displayed.
  2. From the TLS Version list, optionally specify the Transport Layer Security (TLS) version of the target server. The TLS protocol provides privacy and data integrity between two communicating computer applications. If no version is selected, the REST Adapter uses TLSV1 by default. The selected version is used for SSL/TLS negotiation and SSL handshake in all outbound invocations of the REST API. Existing integrations and connections are not impacted.
    • TLSv1

    • TLSv1.1

    • TLSv1.2

  3. From the Connection Type list, select the type to use:
    • REST API Base URL

    • Metadata Catalog URL

    • Swagger Definition URL

    • RAML Definition URL

  4. In the Connection URL field, specify the endpoint URL to use based on your selection in Step 2. The connection URL can be both HTTP and HTTPS.
    Type Endpoint Example

    REST API Base URL

    https://hostname:port/integration/flowapi/rest/RESTTORESTINTEGRATIONPUT_TEST/v01/

    Metadata Catalog URL

    https://hostname:port/Test/mdcatalogmain.json

    Swagger Definition URL

    https://hostname:port/Test/application.json

    RAML Definition URL

    https://hostname:port//Test/fullapi2.raml
  5. Click OK.
  6. Configure connection security.

Configuring Connection Security

Configure security for your REST Adapter connection by selecting the security policy and security token.

  1. Click Configure Credentials.
  2. Select the security policy to use. Based on your selection, the page is referenced to display various login credential fields. You must already have created your client application to complete the necessary fields.

    Note:

    The following security policy restrictions apply when configuring a REST Adapter connection with the trigger and invoke role on the Connections page:

    • If you select Basic Authentication, it can be used as a trigger and an invoke.

    • If you select any other security policy, it can only be used as an invoke. Dragging the connection to the trigger area causes an exception error to be displayed.

    • For existing integrations, the above restrictions do not apply when editing the REST Adapter in the Adapter Endpoint Configuration Wizard.

    Selected Security Policy Fields

    Basic Authentication

    • Username — The name of a user who has access to the destination web service.

    • Password — Enter the password.

    • Confirm Password — Reenter the password.

    OAuth Client Credentials

    • Access Token URI — The URL from which to obtain the access token.

    • Client Id — The client identifier issued to the client during the registration process.

    • Client Secret — The client secret.

    • Confirm Client Secret — Reenter the client secret.

    • Scope — The scope of the access request. Scopes enable you to specify which type of access you need. Scopes limit access for the OAuth token. They do not grant any additional permission beyond that which the user already possesses.

    • Auth Request Media Type — The format of the data you want to receive. This is an optional parameter that can be kept blank. For example, if you are invoking Twitter APIs, you do not need to select any type.

    OAuth Resource Owner Password Credentials

    • Access Token URI — The URL from which to obtain the access token.

    • Client Id — The client identifier issued to the client during the registration process.

    • Client Secret — The client secret.

    • Confirm Client Secret — Reenter the client secret.

    • Scope — The scope of the access request. Scopes enable you to specify which type of access you need. Scopes limit access for the OAuth token. They do not grant any additional permission beyond that which the user already possesses.

    • Auth Request Media Type — The format of the data you want to receive.

    • Username — The resource owner’s user name.

    • Password — The resource owner’s password.

    • Confirm Password — Reenter the password.

    OAuth Authorization Code Credentials
    • Client Id — The client identifier issued to the client during the registration process.

    • Client Secret — The client secret.

    • Confirm Client Secret — Reenter the client secret.

    • Authorization Code URI — The URI from which to request the authorization code.

    • Access Token URI — URI to use for the access token.

    • Scope — The scope of the access request. Scopes enable you to specify which type of access you need. Scopes limit access for the OAuth token. They do not grant any additional permission beyond that which the user already possesses.

    OAuth Custom Three Legged Flow

    See How Do I Configure the REST Adapter to Consume a REST API Protected with 3-Legged OAuth Token-Based Authentication? to learn more about this security policy.

    • Authorization Request — The client application URL to which you are redirected when you provide consent. The authorization server sends a callback to Oracle Integration Cloud Service to obtain an access token for storage. When you create your client application, you must register a redirect URI where the client application is listening.

    • Access Token Request — The access token request to use to fetch the access token. Specify the request using CURL syntax. For example:

      -X POST method -H headers -d string_data access_token_uri?query_parameters
    • Refresh Token Request — The refresh token request to use to fetch the access token. This request refreshes the access token if it expires. Specify the request using CURL syntax. For example

      -X POST method -H headers -d string_data access_token_uri?query_parameters
    • Sauth_code — Use regex to identify the authorization code.

    • Saccess_token — Use a regular expression (regex) to retrieve the access token.

    • Srefresh_token — Use regex to retrieve the refresh token.

    • Sexpiry — Use regex to identify when the access token expires.

    • Stoken_type — Use regex to identify the access token type.

    • access_token_usage — Specify how to pass the access token to access a protected resource. You can pass the token as a bearer token or as a query parameter. For example:

      -H Authorization: Bearer ${access_token}

    OAuth Custom Two Legged Flow

    See How Do I Configure the REST Adapter to Consume a REST API Protected with 2-Legged OAuth Token-Based Authentication? to learn more about this security policy.

    • Access Token Request — The access token request to use to fetch the access token. Specify the request using CURL syntax. For example:

      -X POST method -H headers -d string_data access_token_uri?query_parameters
    • Refresh Token Request — The refresh token request to use to fetch the access token. This request refreshes the access token if it expires. Specify the request using CURL syntax. For example

      -X POST method -H headers -d string_data access_token_uri?query_parameters
    • Saccess_token — Use regex to identify the access token.

    • Srefresh_token — Use regex to identify the refresh token.

    • Sexpiry — Use regex to identify when the access token expires.

    • Stoken_type — Use regex to identify the access token type.

    • access_token_usage — Specify how to pass the access token to access a protected resource. You can pass the token as a bearer token or as a query parameter. For example:

      -H Authorization: Bearer ${access_token}

    OAuth 1.0 One Legged Authentication

    • Consumer Key — Specify the key that identifies the client making the request.

    • Consumer Secret — Specify the consumer secret that authorizes the client making the request.

    • Confirm Consumer Secret — Specify the secret a second time.

    • Token — Specify the token that accesses protected resource.

    • Token Secret — Specify the token secret that generates the signature for the request.

    • Confirm Token Secret — Specify the secret a second time.

    • Realm — Specify the realm that identifies the account.

    No Security Policy

    If you select this security policy, no additional fields are displayed.

  3. Click OK.

Note:

OAuth Authorization Code Credentials, OAuth Custom Three Legged Flow, and OAuth Custom Two Legged Flow security types, the connection is only successful after you click the Provide Consent button. Configuring all the details alone is not sufficient.

Configuring an Agent Group

Configure an agent group for accessing the service hosted on your premises behind the fire wall.

  1. Click Configure Agents.
    The Select an Agent Group page appears.
  2. Click the name of the agent group.
  3. Click Use.
  4. Test the connection. See Testing the Connection.

Testing the Connection

Test your connection to ensure that it is successfully configured.

  1. In the upper right corner of the page, click Test.
  2. Select the type of connection testing to perform:
    • Validate and Test: Performs a full validation of the WSDL, including processing of the imported schemas and WSDLs. Complete validation can take several minutes depending on the number of imported schemas and WSDLs. No requests are sent to the operations exposed in the WSDL.

    • Test: Connects to the WSDL URL and performs a syntax check on the WSDL. No requests are sent to the operations exposed in the WSDL.

    If successful, the following message is displayed and the progress indicator shows 100%.

    Connection connection_name was tested successfully.

  3. If your connection was unsuccessful, an error message is displayed with details. Verify that the configuration details you entered are correct.
  4. When complete, click Save, then click Close.

Testing a REST Adapter Connection with the HTTP Basic Authentication Security Policy Does Not Validate the Credentials

Testing a REST Adapter connection configured with the HTTP basic authentication security policy and a role connection of Trigger and Invoke or Invoke does not validate the credentials and simply opens a connection to the provided URL. To validate the endpoint and credentials, the REST Adapter must invoke an API that is idempotent.