Using OAuth2 for Application and Global Connections

Application connections and global connections to Cloud EPM and Cloud ERP applications support using Open Authorization (OAuth) 2 for authentication.

Using OAuth2 in Cloud EPM Applications

Perform the following steps to set up OAuth2 authentication for Cloud EPM applications. See Authentication with OAuth 2 in REST APIs for details.

1. Register the OAuth2 client.

   Note:

   For Oracle Fusion Cloud Enterprise Data Management, you must register separate OAuth2 clients (each with a client ID, access, and refresh tokens) for each application or global connection. For example, if you have two application connections and two global connections that you want to use OAuth2 authentication for, you must register four OAuth2 clients.
2. Obtain and securely store the first refresh token.

   Tip:

   Set the refresh token expiry longer than the frequency of running your imports and exports in order to keep the tokens valid.
3. Obtain an access token from the refresh token.

Using OAuth2 in Cloud ERP Applications

Perform the following steps to set up OAuth2 authentication for Cloud ERP applications.

1. Configure OAuth in Oracle Fusion Cloud. See Configure OAuth Using the Fusion Applications Identity Domain in REST API for Common Features in Oracle Fusion Cloud Applications.

   Note:

   Specify 2-Legged OAuth using the JSON Web Token (JWT) Assertion authorization grant type.

   This step gives you the IDCS Token URL, Client ID, and Scope parameters for the application or global connection.

2. Import the certificate into Cloud ERP. See Configure Inbound Authentication in Securing ERP.

   This step gives you the Certificate Alias and Private Key File parameters for the application or global connection.

See Creating Global Connections and Registering Oracle Financials Cloud General Ledger Applications.