Set the Backend's Authentication Method and Connection Type

A backend represents an external system that has REST APIs you want to use in your App UI and, to access them, you'll need to specify the required authentication method and connection type for the access.

The authentication method determines how to obtain permission to access the REST APIs. The connection type (relevant to local servers only) determines how the REST APIs are reached: either directly through JavaScript, or through a server-side component called a proxy.

There are three types of authentication methods that can be used for a backend: fixed credentials, identity propagation, and OAuth authorization code grant type. These are the currently supported authentication methods by authentication type:

Authentication Types	Authentication Methods
Fixed Credentials	Basic Authentication OAuth 2.0 Client Credentials OAuth 2.0 Resource Owner Password Credentials OCI Signature Authentication See How Does the Fixed Credentials Authentication Method Work?
Identity Propagation	Oracle Cloud Account OAuth 2.0 User Assertion See How Does the Identity Propagation Authentication Method Work?
OAuth Authorization Code Grant Type	OAuth 2.0 Authorization Code Grant. See How Does the OAuth 2.0 Authorization Code Grant Authentication Method Work?

Authentication Types

Authentication Methods

Fixed Credentials

Basic Authentication
OAuth 2.0 Client Credentials
OAuth 2.0 Resource Owner Password Credentials
OCI Signature Authentication

See How Does the Fixed Credentials Authentication Method Work?

Identity Propagation

Oracle Cloud Account
OAuth 2.0 User Assertion

See How Does the Identity Propagation Authentication Method Work?

OAuth Authorization Code Grant Type

OAuth 2.0 Authorization Code Grant. See How Does the OAuth 2.0 Authorization Code Grant Authentication Method Work?

Note:

Fixed credentials are never available for in-source servers.

To connect to a service that requires authentication, you need to select the appropriate authentication method from the Authentication list. The dialogs for creating and editing a backend's server details allow you to:

Manage the credentials for accessing the service (if credentials are required)
Manage identity propagation of the end user logged into the App UI (if the service supports the standard IDCS OAuth flows)
Manage how the extension connects to a service to obtain code grant type token
Manage how your application connects to the service (via proxy or via Direct call)

To connect to a service that is available through HTTPS, authentication is not required, and there's no CORS requirement. The default setting of None for the Authentication field is sufficient. In this case, any end user (anonymous or authenticated) of the App UI can access the service.

To provide flexibility in how service connections are established, you can use different authentication methods for your extension's development cycle, as well as for each Oracle Cloud Application instance to which your extension is deployed. If needed, you can use methods of different types between development phases.

Note:

For certain authentication types, your REST APIs might need CORS support for both VB Studio and Oracle Cloud Applications domains (as reflected in the tables shown in the next few topics.) If you don't have this setting in place, you'll see a CORS Preflight error when the REST API is called. The backends that are inherited from the Unified Application must be pre-configured for CORS to allow access to VB Studio.