Security
All resources are accessed in a secure environment. A dual-layer security involving authentication and authorization is employed to ensure a reliable and secure exchange of information.
Authentication
The policy supports a list of mechanisms that the client uses to send authentication credentials.
-
Basic authentication over SSL (name and password) for this release. Single Sign-On (SSO) credentials are not supported. If your environment is on Gen 1 Oracle Cloud Infrastructure, use a username in the format
identitydomain.username
. If your environment is on Gen 2 Oracle Cloud Infrastructure, useusername
only (without identity domain). - Authentication with OAuth 2 (available in OCI (Gen 2) environments only). See Authentication with OAuth 2 - Only for OCI (Gen 2) Environments
-
All HTTP requests to the Narrative Reporting (NR) REST API require authentication.
-
Every HTTP request to the Narrative Reporting should supply either HTTP Basic Authentication credentials or an OAuth2 Bearer token through the
Authorization
header.
Authorization
Any user that has a role or permission to perform an operation in the user interface also has access to its corresponding REST resource. See Narrative Reporting User and Role Management in Getting Started with Oracle Enterprise Performance Management Cloud for Administrators.