Configure B2C Service for OAuth Authorization

You must perform these tasks to use OAuth authorization with the Connect REST API. These tasks aren't required if you plan to use OAuth authorization only with the Knowledge Advanced REST API.

Before you start

This procedure assumes that you have access to the Identity Provider editor defined by the hidden configuration setting SSO_ENABLE_EXTERNAL_IDP. This setting is not enabled by default. To enable this hidden setting, contact your Oracle account manager or Submit a Service Request.

Here's what to do

1. Create a profile for the OAuth user that has the SSO Login (SAML 2.0) permission enabled under Administration permissions.
   See Add or Edit a Profile for more information.
2. Create a staff account for the OAuth user and assign the OAuth user profile to it.
   See Add or Edit a Staff Account for more information.

   Note: The OAuth user staff account must not be disabled or locked.
3. Define the external IdP in B2C Service.
   See Define the External Identity Provider for OAuth Authorization.
4. Retrieve a token from the external IdP.
   Note: The OAuth user must be defined in the external IdP.

What to do next

You can now use the token in REST API for Oracle B2C Service and REST API for Knowledge Advanced in B2C Service calls. To Revoke OAuth Access Tokens, use the Manage Access Tokens editor.