1. Administering Oracle Field Service
  2. Integrate with REST APIs

Integrate with REST APIs

Oracle Field Service supports OAuth 2.0 authentication for API access. Use OAuth 2.0 authentication to let third-party applications such as a mobile app access REST APIs on behalf of a user. To use OAuth 2.0 authentication, you must register the client application with Oracle Field Service. Then, your client application requests an access token from Oracle Field Service or other external token service providers such as, Oracle Identity Cloud Service. The client application then sends the token to the API that you want to access.

Oracle Field Service supports these types of token service:

  • Oracle Field Service Token Service: The client application uses Oracle Field Service Token service to obtain an OAuth2 access token and authenticate with the APIs. Oracle Field Service token service supports two types of authentication:

    • Client Credentials: Authentication using client credentials is primarily used for back-end to back-end integration. For example, an application that requires pushing data to Oracle Field Service.

    • JWT Assertion: JWT assertion authentication can be used for back-end to back-end integration or for mobile applications. The Access Token generated using assertion flow may include the user identity, and Oracle Field Service performs actions as that user. The advantage of using assertion flow is that user's password is not shared with Oracle Field Service. When you use this type of authentication, the public key of the third-party application is imported into the Application entity and the third-party application can make API calls using its private key.

  • External Token Service: The client application uses an external token service such as Oracle Identity Cloud Service to obtain an OAuth 2.0 access token and authenticate with the APIs.

  • Oracle Identity Cloud Service: The client application uses Oracle Identity Cloud Service to obtain an OAuth 2.0 access token and authenticate with the REST APIs. You can upload the signing certificate for Oracle Identity Cloud Service and then configure Oracle Identity Cloud Service to issue OAuth2 Access Tokens. See the Oracle Identity Cloud Service documentation for information about where to get the signing certificate: https://docs.oracle.com/en/cloud/paas/identity-cloud/index.html.

Use these details to configure Oracle Identity Cloud Service:

  • Primary audience: <your Oracle Field Service instance name>. For example, ‘ofs-x1111'

  • Scope: The scope name must begin with a slash ( / ), followed by the application ID that you created in Oracle Field Service. For example, if the application ID is 'new_app' then the Scope is '/new_app'.

After filling in these details, note down the client_id and client_secret of the application.
Integrating applications using REST APIs includes these steps:

  1. Register the OAuth client application.

  2. Configure the authentication.

  3. Enable access to specific APIs for your application.

For more information about calling REST APIs from third-party applications, see the REST API for Field Service guide.