You access the Oracle Java Cloud Service REST resources over HTTPS and you must provide the following information for authentication:

  • An SSL certificate authority (CA) certificate file or bundle to authenticate against the Verisign CA certificate. Oracle Cloud uses a CA certificate issued by Verisign to enable clients to connect securely to the server. See Use cURL.

  • The X-ID-TENANT-NAME custom request header to specify the identity domain ID for the Oracle Cloud account user. The identity domain ID is also part of the endpoint path in the URL structure of a REST resource endpoint. See Obtain Account Information.

  • The Authorization standard header to specify the Oracle Cloud account user with authorization to perform the operation in the specified identity domain. The value in the Authorization header depends on the type of authentication you use to validate the user.

HTTP Basic Authentication

To use HTTP Basic authentication to validate users, you specify the user name and password for your Oracle Cloud account in the Authorization header. The value of the Authorization header should be the base64-encoding of <username>:<password>, specified in the format:

Basic <base64-encoded value>

Many client applications such as cURL provide a method that creates this Authorization header for you.

For example, to authenticate using cURL, supply the -u option to pass your Oracle Cloud account user name and password. cURL adds the Authorization header to the request when you send it.

The following provides an example cURL command that uses HTTP Basic authentication to retrieve details of the ExampleInstance service instance.

curl -i -X GET -u username:password -H "X-ID-TENANT-NAME:ExampleIdentityDomain" https://rest_server_url/paas/api/v1.1/instancemgmt/ExampleIdentityDomain/services/jaas/instances/ExampleInstance

OAuth Authentication

Oracle Identity Cloud Service supports the OAuth 2.0 protocol and provides a token service for authentication and authorization of Oracle Cloud REST requests. If your Oracle Cloud account includes Oracle Identity Cloud Service, you can use OAuth authentication to validate users.

To use OAuth authentication, first you obtain an access token from Identity Cloud Service, and then you pass the token in a Bearer Authorization header when you make a Java Cloud Service REST request.

The following provides an example cURL command that uses OAuth authentication with a bearer token to retrieve all Java Cloud Service instances in ExampleIdentityDomain.

curl -i -X GET -H "Authorization: Bearer token-string" https://rest_server_url/paas/api/v1.1/instancemgmt/ExampleIdentityDomain/services/jaas/instances

See Obtain and Use an OAuth Token to learn how to get and use an OAuth access token.