Authorization
Only OAuth is supported, and only team members who have the Developer role can access these APIs.
To use OAuth:
-
Obtain the team member app's client ID and secret. To get these values, click Instance Details on the Mobile Apps page in the UI.
-
Obtain the OAuth token endpoint. This endpoint is shown on all backend Settings pages. Note that this is the same value as oracle-identity-cloud-service-url
/oauth2/v1/token. -
Base64 encode the clientID:clientSecret string.
-
Set the
Authorizationheader toBasicbase64-encoded-client-id:client-secret. Replace base64-encoded-client-id:client-secret with the appropriate value. -
Set the
Content-Typetoapplication/x-www-form-urlencoded; charset=utf-8. -
Set the request body to
grant_type=password&username=username&password=password&scope=mobile-cloud-service-urlurn:opc:resource:consumer::all. Replace username, password, and mobile-cloud-service-url with appropriate values. The user name and password must be URL encoded. Note that the Mobile Cloud Service URL is the same value as the base URL that is shown on all backend Settings pages. -
POSTthe request to the OAuth token endpoint, as shown in this cURL example. Replace all variable placeholders with appropriate values.curl -i -H "Authorization: Basic <base64-encoded-client-id:client-secret-string>" -H "Content-Type: application/x-www-form-urlencoded; charset=utf-8" -d "grant_type=password&username=<username>&password=<password>&scope=<mobile-cloud-service-url>urn:opc:resource:consumer::all" --request POST <oauth-token-endpoint>The response includes an
access_tokenproperty, as shown in this example (the value foraccess_tokenis a very long string, which is truncated in this example). Copy this token for the next step.{ ... "access_token": "eyJ4NXQjUzI1NiI6Ijg1a...SsqtmgzK1dFs", ... "token_type": "Bearer", ... } -
When you make a request to the API, set the
Authorizationheader toBeareraccess_token.