1. REST API for Oracle Cloud Infrastructure Process AutomationREST API for Oracle Cloud Infrastructure Process Automation
  2. Security, Authentication and Authorization
  3. Configure a Confidential Application to Authenticate with OAuth

Configure a Confidential Application to Authenticate with OAuth

Before you can use the REST API with OAuth in Oracle Cloud Infrastructure Process Automation, you need to register your Oracle Cloud Infrastructure Process Automation instance as a confidential application in Oracle Identity Cloud Service.

Register a confidential application for every Oracle Cloud Infrastructure Process Automation instance that you want to access through the REST API.

You need Identity Domain Administrator or Application Administrator credentials to perform this task.

  1. Access your Oracle Identity Cloud Service instance.

    To find the Oracle Identity Cloud Service administrative console URL for your Oracle Cloud Infrastructure Process Automation:

    1. Go to the URL for your Oracle Cloud Infrastructure Process Automation instance.

      For example, if your Oracle Cloud Infrastructure Process Automation instance is https://myhost.example.com/ic/home, when you go to that URL, you are redirected to an URL such as https://idcs-c2881.identity.myhost.example.com/ui/v1/signin.

    2. Replace /signin with /adminconsole to go to the Oracle Identity Cloud Service.

      For example: https://idcs-c2881.identity.myhost.example.com/ui/v1/adminconsole. You'll be prompted to sign in again and will be signing in to the administrative console.

    3. Log in to your Oracle Identity Cloud Service administrative console with your Identity Domain Administrator credentials.
  2. Add a confidential application for your Oracle Cloud Infrastructure Process Automation instance. For detailed information and steps, see Managing Applications.
    1. In Oracle Identity Cloud Service, from the menu, click Applications, then Add.
    2. Select Confidential Application as the type of application.
    3. Enter an application name, then click Next.
    4. Select Configure this application as a client now .

    5. On the Authorization page, select the following fields:

      • In Allowed Grant Types, select the required grant types that are supported by Oracle Cloud Infrastructure Process Automation APIs. Make sure you select Refresh Token because otherwise, clients will not be able to refresh expired tokens.
      • In Redirect URL, specify the URL of the application where responses to authentication requests are sent. Fill this field only if you have are using Authorization Code or Implicit Grant types.
      • In Client Type, select Confidential.

      • In Accessing APIs from Other Applications, select Allowed scopes. This specifies which resources the confidential application can access.

        • In Allowed Scopes, click Add to select your Oracle Cloud Infrastructure Process Automation instance from the list. Your instance name will be the instance ID. After the instance is selected, the application shows the configured scopes for the instance where you can select the required scopes.

          The scope is now changed to /process or /decision.

    6. Click Next and skip sections until you get to Finish.

      A confidential OAuth Client Application is now created. You can obtain the Client ID and Client Secret for the OAuth client from the IDCS admin console.

    7. Copy the Client ID and the Client Secret that are displayed in the confirmation window, and then click Close.
    8. Click Activate in the upper-right section of the page to activate the application.

Next step: Use OAuth Access Token Using Authorization Code Grant Type