Use the Service Integration Account with No Password Expiration

Oracle Integration provides a service integration account in which the password does not expire. The service integration account consists of a generic application role created with specific predefined rules. You must use this account to install the connectivity agent.

About the Service Integration User Account

You can use the service integration user account only with the Basic Authentication security policy. Continuous use of this security policy by clients increases the performance load on the authentication service (Oracle Identity Cloud Service) because it must keep validating the same credentials repeatedly. The increased performance load is dependent on two factors.

• Repeated requests to the Oracle Identity Cloud Service server for password authenticator/asserter for the same basic authentication credentials.
• The Oracle Identity Cloud Service password policy requires accessing the ID store for each of the requests.

To reduce the performance load caused by repeated requests, you can use the service integration account without password expiration.

With Basic Authentication, you can use generic credentials: the client ID (that ends with _BASICAUTH) and the associated client secret. This section describes how to create these credentials.

Task 1. Get the application ID of the Oracle Integration instance

If your tenancy uses identity domains, an identity domain administrator must perform this task. If your tenancy doesn't use identity domains, an Oracle Identity Cloud Service administrator must perform this task.

1. Navigate to the Oracle Cloud Services page.

   Your steps depend on whether your tenancy uses identity domains.

   • Complete the following tasks if your tenancy uses identity domains:
     1. Open the Oracle Cloud Infrastructure Console.
     2. Open the navigation menu and click Identity & Security.
     3. Under Identity, click Domains.

     4. In the table, select the name of the domain.

        or

        Below the table, select the default domain.

     5. In the menu on the left, below Identity domain, select Oracle Cloud Services.
   • Complete the following tasks if your tenancy doesn't use identity domains:
     1. Open Oracle Identity Cloud Service.
     2. Open the navigation menu and click Oracle Cloud Services.

2. Find the Oracle Integration instance in the list.

   Instances are identified by their service instance IDs. If you're not sure of the service instance ID, sign in to Oracle Integration, open the About dialog box, and check the Service instance field. You can paste some or all of this value into the search box that appears above the table.

3. Click the Name of the service.

4. Next to the Application ID field, click Copy, and paste the value somewhere you can reference it later, such as a text file.

   Use this value in place of the ${OIC_APP_ID} value in the commands on this page.

Note:

For ease of use, Oracle recommends adding the parameters described in this section as environment variables on your system. For example:

export OIC_APP_ID=parameter_value
. . .
. . .

Task 2. Create and Activate the Service Administrator Application

1. Navigate to the Applications page.

   Your steps depend on whether your tenancy uses identity domains.

   • If your tenancy uses identity domains: In the Oracle Cloud Infrastructure Console, in the left menu below Identity domain, select Applications.
   • If your tenancy doesn't use identity domains: In Oracle Identity Cloud Service, open the navigation menu and click Applications.

2. Create and configure a confidential application.

   Your steps depend on whether your tenancy uses identity domains.

   • Perform the following steps if your tenancy uses identity domains:
     1. On the Applications page, click Add.

     2. In the Add application pop-up, select Confidential Application, then click Launch workflow.

        The Add Confidential Application wizard is displayed.

     3. On the first page of the wizard, enter a value in the Name field, and click Next.
     4. On the second page of the wizard, complete the following fields, and click Next:

        • Client configuration: Select Configure this application as a client now.

          Additional options appear on the page.

        • Below Authorization, select Client credentials and Refresh token.
        • Below Token issuance policy, select Add app roles.
        • Below App roles, click Add roles. In the Add app roles panel, select Identity Domain Administrator, and click Add.
     5. On the third page of the wizard, click Finish.
   • Perform the following steps if your tenancy doesn't use identity domains:
     1. On the Applications page, click Add.

     2. In the Add application pop-up, select Confidential Application.

        The Add Confidential Application wizard is displayed.

     3. On the first page of the wizard, enter a value in the Name field, and click Next.
     4. On the second page of the wizard, complete the following fields, and click Next:
        • Select Configure this application as a client now.
        • In the Authorization section, next to Allowed Grant Types, select Client credentials and Refresh token.
        • In the Token Issuance Policy section, below Grant the client access to Identity Cloud Service Admin APIs, click Add.

        • In the Add App Role pop-up, select Identity Domain Administrator, and click Add.

          Tip:

          Type identity in the search box above the table to find the role easily.
     5. Click Next until you reach the last page of the wizard, and then click Finish.

   The application is created, and the application information page appears.

3. Click Activate, then Activate application.

   If you don't activate the service administrator application, the following error appears when you configure the service integration application.

   The OAuth Client app is inactive or the OAuth Client facet is not enabled for app clientId

4. On the application information page, copy the following values and paste them somewhere you can reference it later, such as a text file:
   • Application ID: Use this value in place of the ${SA_APP_ID} value in the commands on this page.
   • Client ID (scroll to the General Information section to find this field): Use this value in place of the ${SA_CLIENT_ID} value in the commands on this page.
   • Client secret (scroll to the General Information section to fiend this field, and click Show secret): Use this value in place of the ${SA_CLIENT_SECRET} value in the commands on this page.

Task 3. Configure the Service Integration Application

1. In the left navigation pane, click Oracle Cloud Services.
2. Select your Oracle Integration instance.
3. On the Details tab, copy the Application ID value. You can also copy this value from the end of the browser URL.
4. Create the service integration application.
   1. Get an access token to create an application (for this example, referred to as ${SA_ACCESS_TOKEN}).

      • Use the following command to get the access token request.

        In this command and other commands that contains the IDCS_HOST entry, replace IDCS_HOST with the value in the Domain URL field, which you find on Overview page and then the Domain information tab for the domain.

        curl -X POST https://${IDCS_HOST}/oauth2/v1/token -u ${SA_CLIENT_ID}:${SA_CLIENT_SECRET} 
        -d 'grant_type=client_credentials&scope=urn%3Aopc%3Aidm%3A__myscopes__'

        The access token is valid for one hour.

      • Copy the access token response:

        {
            "access_token": "eyJ4NXQjUzI1NiI6IlVFQ1RyX25Ram9XYk9........................XV-2ei4pAUYV9aw66k_qL3b842qHw",
            "token_type": "Bearer",
            "expires_in": 3600
        }

   2. Create an application with the _BASICAUTH suffix using the above access token. For this example, OICTEST_BASICAUTH is used.

      Note:

      Ensure that the entire command appears as a single line without breaks. You can use a tool such as Postman to ensure that the command is on a single line.
      • Create an application request. Ensure that you replace IDCS_HOST with your Oracle Identity Cloud Service host value.

        curl -X POST https://${IDCS_HOST}/admin/v1/Apps -H 'Authorization: Bearer ${SA_ACCESS_TOKEN}' 
        -H 'Content-Type: application/json' -d '{   "active": true,   "allUrlSchemesAllowed": false,   
        "allowAccessControl": false,   "allowedGrants": ["client_credentials",   "urn:ietf:params:oauth:grant-type:
        jwt-bearer"],   "attrRenderingMetadata": [{     "name": "aliasApps",     "visible": false   }],   
        "basedOnTemplate": {     "value": "CustomWebAppTemplateId"   },   "clientType": "confidential",   
        "displayName": "OICTEST_BASICAUTH",   "editableAttributes": [     { "name": "allowedGrants" },     
        { "name": "protectableSecondaryAudiences" },     { "name": "asOPCService" },     { "name": 
        "accessTokenExpiry" },     { "name": "linkingCallbackUrl" },     { "name": "isOAuthResource" },     
        { "name": "appIcon" },     { "name": "clientType" },     { "name": "refreshTokenExpiry" },     
        { "name": "trustScope" },     { "name": "landingPageUrl" },     { "name": "audience" },     
        { "name": "samlServiceProvider" },     { "name": "isLoginTarget" },     { "name": "redirectUris" },     
        { "name": "allowedScopes" },     { "name": "tags" },     { "name": "logoutUri" },     { "name": 
        "allowedOperations" },     { "name": "termsOfUse" },     { "name": "serviceParams" },     { "name": 
        "certificates" },     { "name": "aliasApps" },     { "name": "schemas" },     { "name": "isWebTierPolicy" },
             { "name": "trustPolicies" },     { "name": "logoutPageUrl" },     { "name": "secondaryAudiences" },
             { "name": "displayName" },     { "name": "serviceTypeURN" },     { "name": "icon" },     { "name": 
        "description" },     { "name": "isOAuthClient" },     { "name": "allowedTags" },     { "name": 
        "showInMyApps" },     { "name": "isObligationCapable" },     { "name": "isMobileTarget" },     { "name": 
        "allowOffline" },     { "name": "idpPolicy" },     { "name": "appSignonPolicy" },     { "name": 
        "postLogoutRedirectUris" },     { "name": "isFormFill" },     { "name": "loginMechanism" },     { "name": 
        "serviceTypeVersion" },     { "name": "errorPageUrl" },     { "name": "signonPolicy" },     { "name": 
        "identityProviders" },     { "name": "isSamlServiceProvider" },     { "name": "appThumbnail" },     { 
        "name": "loginPageUrl" },     { "name": "scopes" },     { "name": "allowAccessControl" },     { "name": 
        "isKerberosRealm" },     { "name": "allUrlSchemesAllowed" },     { "name": "urn:ietf:params:scim:schemas:
        oracle:idcs:extension:samlServiceProvider:App:encryptionAlgorithm" },     { "name": "urn:ietf:params:scim:
        schemas:oracle:idcs:extension:samlServiceProvider:App:groupAssertionAttributes" },     { "name": "urn:ietf:
        params:scim:schemas:oracle:idcs:extension:samlServiceProvider:App:includeSigningCertInSignature" },     
        { "name": "urn:ietf:params:scim:schemas:oracle:idcs:extension:samlServiceProvider:App:signResponseOrAssertion"
         },     { "name": "urn:ietf:params:scim:schemas:oracle:idcs:extension:samlServiceProvider:App:
        assertionConsumerUrl" },     { "name": "urn:ietf:params:scim:schemas:oracle:idcs:extension:samlServiceProvider:
        App:nameIdUserstoreAttribute" },     { "name": "urn:ietf:params:scim:schemas:oracle:idcs:
        extension:samlServiceProvider:App:logoutResponseUrl" },     { "name": "urn:ietf:params:scim:schemas:oracle:
        idcs:extension:samlServiceProvider:App:succinctId" },     { "name": "urn:ietf:params:scim:schemas:oracle:
        idcs:extension:samlServiceProvider:App:logoutRequestUrl" },     { "name": "urn:ietf:params:scim:schemas:
        oracle:idcs:extension:samlServiceProvider:App:partnerProviderId" },     { "name": "urn:ietf:params:scim:
        schemas:oracle:idcs:extension:samlServiceProvider:App:nameIdFormat" },     { "name": "urn:ietf:params:
        scim:schemas:oracle:idcs:extension:samlServiceProvider:App:logoutBinding" },     { "name": "urn:ietf:params
        :scim:schemas:oracle:idcs:extension:samlServiceProvider:App:userAssertionAttributes" },     { "name": 
        "urn:ietf:params:scim:schemas:oracle:idcs:extension:samlServiceProvider:App:signatureHashAlgorithm" },     
        { "name": "urn:ietf:params:scim:schemas:oracle:idcs:extension:samlServiceProvider:App:metadata" },     
        { "name": "urn:ietf:params:scim:schemas:oracle:idcs:extension:samlServiceProvider:App:encryptAssertion" },
             { "name": "urn:ietf:params:scim:schemas:oracle:idcs:extension:samlServiceProvider:App:logoutEnabled" },
             { "name": "urn:ietf:params:scim:schemas:oracle:idcs:extension:samlServiceProvider:
        App:encryptionCertificate" },     { "name": "urn:ietf:params:scim:schemas:oracle:idcs:
        extension:samlServiceProvider:App:signingCertificate" },     { "name": "urn:ietf:params:scim:schemas:
        oracle:idcs:extension:samlServiceProvider:App:federationProtocol" },     { "name": "urn:ietf:params:scim:
        schemas:oracle:idcs:extension:webTierPolicy:App:webTierPolicyJson" },     {"name": "urn:ietf:params:scim:
        schemas:oracle:idcs:extension:managedapp:App:bundleConfigurationProperties" },     {"name": "urn:ietf:
        params:scim:schemas:oracle:idcs:extension:managedapp:App:isAuthoritative" },     { "name": "urn:ietf:
        params:scim:schemas:oracle:idcs:extension:managedapp:App:enableSync" },     { "name": "urn:ietf:params:
        scim:schemas:oracle:idcs:extension:managedapp:App:adminConsentGranted" },     { "name": "urn:ietf:params:
        scim:schemas:oracle:idcs:extension:managedapp:App:connected" },     { "name": "urn:ietf:params:scim:
        schemas:oracle:idcs:extension:managedapp:App:flatFileBundleConfigurationProperties" },     { "name": 
        "urn:ietf:params:scim:schemas:oracle:idcs:extension:managedapp:App:threeLeggedOAuthCredential" },     { 
        "name": "urn:ietf:params:scim:schemas:oracle:idcs:extension:managedapp:App:bundlePoolConfiguration" },     
        { "name": "urn:ietf:params:scim:schemas:oracle:idcs:extension:managedapp:App:flatFileConnectorBundle" },     
        { "name": "urn:ietf:params:scim:schemas:oracle:idcs:extension:formFillAppTemplate:AppTemplate:revealPasswordOnForm" },
             { "name": "urn:ietf:params:scim:schemas:oracle:idcs:extension:formFillAppTemplate:AppTemplate:userNameFormTemplate"
         },     { "name": "urn:ietf:params:scim:schemas:oracle:idcs:extension:formFillAppTemplate:AppTemplate:userNameFormExpression" },     
        { "name": "urn:ietf:params:scim:schemas:oracle:idcs:extension:formFillAppTemplate:AppTemplate:formCredentialSharingGroupID" },     
        { "name": "urn:ietf:params:scim:schemas:oracle:idcs:extension:formFillAppTemplate:AppTemplate:formCredMethod" },     
        { "name": "urn:ietf:params:scim:schemas:oracle:idcs:extension:formFillAppTemplate:AppTemplate:syncFromTemplate" },     
        { "name": "urn:ietf:params:scim:schemas:oracle:idcs:extension:formFillAppTemplate:AppTemplate:configuration" },     
        { "name": "urn:ietf:params:scim:schemas:oracle:idcs:extension:formFillAppTemplate:AppTemplate:formFillUrlMatch" },     
        { "name": "urn:ietf:params:scim:schemas:oracle:idcs:extension:formFillAppTemplate:AppTemplate:formType" },     
        { "name": "urn:ietf:params:scim:schemas:oracle:idcs:extension:kerberosRealm:App:masterKey" },     { "name": 
        "urn:ietf:params:scim:schemas:oracle:idcs:extension:kerberosRealm:App:maxRenewableAge" },     { "name": 
        "urn:ietf:params:scim:schemas:oracle:idcs:extension:kerberosRealm:App:maxTicketLife" },     { "name": 
        "urn:ietf:params:scim:schemas:oracle:idcs:extension:kerberosRealm:App:supportedEncryptionSaltTypes" },     
        { "name": "urn:ietf:params:scim:schemas:oracle:idcs:extension:kerberosRealm:App:realmName" },     
        { "name": "urn:ietf:params:scim:schemas:oracle:idcs:extension:kerberosRealm:App:ticketFlags" },     
        { "name": "urn:ietf:params:scim:schemas:oracle:idcs:extension:kerberosRealm:App:defaultEncryptionSaltType" },     
        { "name": "urn:ietf:params:scim:schemas:oracle:idcs:extension:requestable:App:requestable" },     
        { "name": "urn:ietf:params:scim:schemas:oracle:idcs:extension:formFillApp:App:revealPasswordOnForm" },     
        { "name": "urn:ietf:params:scim:schemas:oracle:idcs:extension:formFillApp:App:userNameFormExpression" },     
        { "name": "urn:ietf:params:scim:schemas:oracle:idcs:extension:formFillApp:App:formType" },     
        { "name": "urn:ietf:params:scim:schemas:oracle:idcs:extension:formFillApp:App:formCredMethod" },     
        { "name": "urn:ietf:params:scim:schemas:oracle:idcs:extension:formFillApp:App:configuration" },     { "name": 
        "urn:ietf:params:scim:schemas:oracle:idcs:extension:formFillApp:App:formFillUrlMatch" },     { "name": 
        "urn:ietf:params:scim:schemas:oracle:idcs:extension:formFillApp:App:formCredentialSharingGroupID" },     
        { "name": "urn:ietf:params:scim:schemas:oracle:idcs:extension:formFillApp:App:userNameFormTemplate" },     
        { "name": "urn:ietf:params:scim:schemas:oracle:idcs:extension:dbcs:App:domainApp" },     { "name": "active" },     
        { "name": "grantedAppRoles" },     { "name": "userRoles" },     { "name": "adminRoles" },     { "name": "clientSecret" }         
        ],   "infrastructure": false,   "isAliasApp": false,   "isManagedApp": false,   "isMobileTarget": false,   "isOAuthClient": 
        true,   "isOAuthResource": false,   "isOPCService": false,   "isSamlServiceProvider": false,   "isUnmanagedApp": false,   
        "isWebTierPolicy": false,   "loginMechanism": "OIDC",   "migrated": false,   "name": "OICTEST_BASICAUTH",   
        "showInMyApps": false,   "trustScope": "Explicit",   "urn:ietf:params:scim:schemas:oracle:idcs:extension:requestable:App": 
        {     "requestable": false   },   "schemas": ["urn:ietf:params:scim:schemas:oracle:idcs:App",   "urn:ietf:params:scim:schemas:
        oracle:idcs:extension:requestable:App"] }'

      • You receive an application response:

        {     "clientType": "confidential",     "isAliasApp": false,     "meta": {         
        "created": "2019-04-01T07:51:47.025Z",         "lastModified": "2019-04-01T07:51:47.025Z",
                 "resourceType": "App",         "location": "https://${IDCS_HOST}/admin/v1/Apps/
        0c228094b0f5456289b928f979800308"     },     "active": true,     "isLoginTarget": true,     
        "idcsCreatedBy": {         "display": "OIC_SI_TEST",         "type": "App",         "value": 
        "5debb165fc6946708e2c1f27264fafb1",         "$ref": "https://${IDCS_HOST}/admin/v1/Apps/
        5debb165fc6946708e2c1f27264fafb1"     },     "displayName": "OICTEST_BASICAUTH",     
        "showInMyApps": false,     "isMobileTarget": false,     "allowOffline": false,     
        "isUnmanagedApp": false,     "idcsLastModifiedBy": {         "display": "OIC_SI_TEST",         
        "type": "App",         "value": "5debb165fc6946708e2c1f27264fafb1",         "$ref": 
        "https://${IDCS_HOST}/admin/v1/Apps/5debb165fc6946708e2c1f27264fafb1"     },     
        "isOPCService": false,     "name": "OICTEST_BASICAUTH",     "isOAuthClient": true,     
        "isManagedApp": false,     "isSamlServiceProvider": false,     "infrastructure": false,     
        "allUrlSchemesAllowed": false,     "trustScope": "Explicit",     "id": 
        "0c228094b0f5456289b928f979800308",     "isWebTierPolicy": false,     "loginMechanism": 
        "OIDC",     "allowAccessControl": false,     "isOAuthResource": false,     "migrated": 
        false,     "isKerberosRealm": false,     "allowedGrants": [         "client_credentials",         
        "urn:ietf:params:oauth:grant-type:jwt-bearer"     ],     "attrRenderingMetadata": [         {             
        "name": "aliasApps",             "visible": false         }     ],     "basedOnTemplate": {         
        "value": "CustomWebAppTemplateId",         "lastModified": "2018-05-31T22:35:08Z",         
        "$ref": "https://${IDCS_HOST}/admin/v1/AppTemplates/CustomWebAppTemplateId"     },     "schemas": [         
        "urn:ietf:params:scim:schemas:oracle:idcs:App"     ],     "clientSecret": "91ac1189-b2ca-4ccb-a049-bbc635927646" }

   3. Note the application ID (part of the location parameter above), client ID (the name parameter above), and client secret from the response (for this example, referred to as ${SI_APP_ID}, ${SI_CLIENT_ID}, and ${SI_CLIENT_SECRET}).
   4. Activate the application using the above access token.
      • Activate the application request:

        curl -X PUT https://${IDCS_HOST}/admin/v1/AppStatusChanger/${SI_APP_ID} -H 
        'Authorization: Bearer ${SA_ACCESS_TOKEN}' -H 'Content-Type: application/json' -d 
        '{"schemas":["urn:ietf:params:scim:schemas:oracle:idcs:AppStatusChanger"],"id":"${SI_APP_ID}",
        "active":true}'

5. Associate the service integration application.
   1. Identify the AppRoleID to be granted for the Oracle Integration application. To install the connectivity agent, you must assign the ServiceAdministrator role to the created application. Therefore, a search is performed for that role (for this example, referred to as ${OIC_APP_ROLE_ID}).
      • Get the application role ID request:

        curl -X GET 'https://${IDCS_HOST}/admin/v1/AppRoles?attributes=groups,urn:ietf:params:
        scim:schemas:oracle:idcs:extension:user:User:appRoles&filter=displayName+co+%22ServiceUser%22+
        and+app.value+eq+%22${OIC_APP_ID}%22' -H 'Authorization: Bearer ${SA_ACCESS_TOKEN}'

      • You receive the application role ID response:

        {
            "schemas": [
                "urn:ietf:params:scim:api:messages:2.0:ListResponse"
            ],
            "totalResults": 1,
            "Resources": [
                {
                    "displayName": "ServiceAdministrator",
                    "id": "20e22fd1eb2e43ac8645e105abcab201",
                    "app": {
                        "value": "e0eea2c9fadb42c09d33035ff41e8f57",
                        "display": "OICSSA_oiccafdev7"
                    }
                }
            ],
            "startIndex": 1,
            "itemsPerPage": 50
        }

   2. Grant the service integration application with the above role. This attaches the application role to the service integration application you created.
      • Grant the role request:

        curl -X POST https://${IDCS_HOST}/admin/v1/Grants -H 'Authorization: Bearer ${SA_ACCESS_TOKEN}' -H 'Content-Type: application/json' -d '{
         "app": {
          "value": "${OIC_APP_ID}"
         },
         "entitlement": {
          "attributeName": "appRoles",
          "attributeValue": "${OIC_APP_ROLE_ID}"
         },
         "grantMechanism": "ADMINISTRATOR_TO_APP",
         "grantee": {
          "value": "${SI_APP_ID}",
          "type": "App"
         },
         "schemas": ["urn:ietf:params:scim:schemas:oracle:idcs:Grant"]
        }'

      • The role response is granted:

        {
            "app": {
                "value": "${OIC_APP_ID}",
                "$ref": "https://${IDCS_HOST}/admin/v1/Apps/${OIC_APP_ID}"
            },
            "entitlement": {
                "attributeName": "appRoles",
                "attributeValue": "${OIC_APP_ROLE_ID}"
            },
            "grantMechanism": "ADMINISTRATOR_TO_APP",
            "grantee": {
                "value": "${SI_APP_ID}",
                "type": "App",
                "$ref": "https://${IDCS_HOST}/admin/v1/Apps/${SI_APP_ID}"
            },
            "schemas": [
                "urn:ietf:params:scim:schemas:oracle:idcs:Grant"
            ],
            "id": "6832316983c545baa01e9a9488022fa7",
            "isFulfilled": true,
            "grantor": {
                "type": "App",
                "value": "${SA_APP_ID}",
                "$ref": "https://${IDCS_HOST}/admin/v1/Apps/${SA_APP_ID}"
            },
            "meta": {
                "created": "2019-04-01T08:00:33.277Z",
                "lastModified": "2019-04-01T08:00:33.277Z",
                "resourceType": "Grant",
                "location": "https://${IDCS_HOST}/admin/v1/Grants/6832316983c545baa01e9a9488022fa7"
            },
            "idcsCreatedBy": {
                "value": "${SA_APP_ID}",
                "type": "App",
                "display": "OIC_SI_TEST",
                "$ref": "https://${IDCS_HOST}/admin/v1/Apps/${SA_APP_ID}"
            },
            "idcsLastModifiedBy": {
                "value": "${SA_APP_ID}",
                "type": "App",
                "display": "OIC_SI_TEST",
                "$ref": "https://${IDCS_HOST}/admin/v1/Apps/${SA_APP_ID}"
            }
        }

How to Use the Service Integration Credentials

Once setup is complete, use the credentials ${SI_CLIENT_ID} (for the user name) and ${SI_CLIENT_SECRET} (for the password) to install the connectivity agent or for any other authentications to an Oracle Integration endpoint as shown below.

Oracle Integration SOAP endpoint request sample:

curl -X POST https://${OIC_HOST}/ic/ws/integration/v1/flows/soap/FLOW/1.0/ -u 
${SI_CLIENT_ID}:${SI_CLIENT_SECRET} -H 'Content-Type: text/xml;charset=UTF-8' -H 'SOAPAction: 
process' -d '<soapenv:Envelope xmlns:rp="http://xmlns.oracle.com/rp_WS_Basic_Authentication_APP/
rp_WS_Basic_Authentication/rp_Basic_Authentication_WS" xmlns:soapenv="http://schemas.xmlsoap.org/
soap/envelope/">
   <soapenv:Header>
      <wsse:Security soapenv:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/
oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/
oasis-200401-wss-wssecurity-utility-1.0.xsd">
         <wsu:Timestamp wsu:Id="TS-0BC1DE3F9C8F739DB815541392855881">
            <wsu:Created>2019-04-01T00:00:00.000Z</wsu:Created>
            <wsu:Expires>2019-04-02T00:00:00.000Z</wsu:Expires>
         </wsu:Timestamp>
      </wsse:Security>
   </soapenv:Header>
   <soapenv:Body>
      <rp:process>
         <rp:input>OICTEST</rp:input>
      </rp:process>
   </soapenv:Body>
</soapenv:Envelope>'