5Outbound Interface Entities and Structures

User Authentication Structure

All API methods use the 'user' structure as authentication to determine the permissions of the Oracle Field Service client company user.

All customers can use the Client_ID and Client_Secret instead of login and password to populate the User Authentication Structure with credentials:
  1. Register an application.

    1. In the Field Service Manage interface, click Configuration and select Applications.

    2. In the left pane, click the plus icon to open the New application window, specify the Application Name and Application ID, and click Submit.

    3. Under Authentication settings, select the Authenticate using Client ID/Client Secret check box.

    4. Click Save.

  2. Select the application and under Authentication settings section, click Show Client ID / Client secret to view the Client ID and Client Secret.

  3. Make a note of the Client ID and Client Secret.

The following table describes the Oracle Field Service SOAP authentication structure mandatory fields.

Table Authentication Structure Fields

Name Type Description

now

string

current time in ISO 8601 format

company

string

case-insensitive identifier of the Client for which data is to be retrieved. provided by Oracle during integration.

login

string

The client ID of the application.

auth_string

string

authentication hash; The value of this field must be computed as follows:

auth_string = SHA256(now + SHA256(CLIENT_SECRET+SHA256(CLIENT_ID)));

For example:

<user>

<now>CURRENT_TIME</now>

<login>CLIENT_ID</login>

<company>INSTANCE_NAME</company>

<auth_string>SHA256(CURRENT_TIME + SHA256(CLIENT_SECRET + SHA256(CLIENT_ID)))</auth_string>

</user>

Mandatory and Optional Properties

Each request sent by the Outbound API includes properties which are necessary for the request to be processed correctly and those which are only sent when certain value(s) are needed. In this respect, properties fall under either of the following two types:

Optional: the property is not necessary for the request to be processed correctly; if such property is not sent, the request will not return an error; the 'Required' column contains 'No' for such property.

Mandatory: the property must be sent in the request; if a mandatory property is invalid or missing, the request is rejected with a corresponding error; the 'Required' column contains 'Yes' for such property.

Authentication

The 'user' structure is used for the request authentication. The relevant error is returned if the authentication fails.

Table Authentication fails if

Number Login Description

1

now

is different from the current time on the server and this difference exceeds the predefined time-window (30 minutes by default)

2

company

cannot be found in the Oracle Field Service

3

login

cannot be found for this company

4

application is not authorized to use this API

5

auth_string

when auth_string is not equal to: SHA256(now + SHA256(Client_Secret +SHA256(Client_ID)));;

Otherwise authentication is successful and the request is processed further.

Note: The specifics of the 'user' structure processing differ for different methods used in the Outbound API. Please refer to the description of each method for details.