4 OAuth 2 and Basic Authentication for Cloud EPM REST APIs

All HTTP requests to the REST APIs require authentication. Review these topics to understand OAuth 2 and basic authentication for Cloud EPM REST APIs.

The REST APIs for Cloud EPM support authentication with OAuth 2 and basic authentication:

• Authentication with OAuth 2

• Basic Authentication

Oracle Fusion Cloud EPM REST APIs can connect to Cloud EPM through API Gateways, such as Google APIGEE, IBM Data Power, and other reverse proxy servers.

For this to work, configure the gateway or reverse proxy by setting the target as the URL of your Cloud EPM environment without any context such as /epmcloud. Example: https://epm-idDomain.epm.dataCenterRegion.oraclecloud.com. Then, use the reverse proxy URL instead of the Cloud EPM URL in the REST API. For configuration information, see the documentation of your gateway or proxy server.

While configuring the proxy settings, be sure to pass the response code from Cloud EPM to Cloud EPM REST API without modifying it in any manner to allow REST API processing code to correctly process response codes such as 200, 206, 400, 404, 500, 501, and so on. For example, for IBM Datapower, set proxy HTTP Response to ON. Additionally, the API gateway should allow HTTP methods (GET, POST, PUT, PATCH, and DELETE).

Note that REST APIs cannot be run by users who are set up for basic authentication with multi-factor authentication (MFA).