OAuth Authorization Code Flow – getAuthorizationCode Procedure

In this flow, authorization occurs by redirecting the user from the plugin to the Identity Provider's login page, returning to the plugin after authorization. If SSO is enabled and the user's session is active, the user is redirected without being prompted for login credentials.

This diagram provides a visual representation of the OAuth Authorization Code Grant Flow, illustrating the sequence of steps involved in obtaining authorization for accessing the API.

Advantages:

• JWT is issued on behalf of the user, not the application.
• No sensitive information is stored on the Oracle Fusion Field Service side.

Process Workflow Summary:

1. Configure an application on the Identity Provider to support the OAuth Authorization Code Flow.
2. Use credentials (Client ID, Scope, Identity Provider endpoint) to generate the URL to the Identity Provider's Authorization Code Endpoint.
3. Call the getAuthorizationCode procedure from the plugin with this URL in the procedure parameters.
4. Obtain an authorization code in the procedure response.
5. Obtain a JWT access token with this authorization code from the plugin.
6. Use the JWT access token for REST API request authorization.

This section outlines the process to:

1. Create an integrated application with OAuth support in Oracle Identity Cloud Service (IDCS), which will return an authorization code or access token (JWT).
2. Use a plugin to obtain an access token (JWT). This step assists in setting up the Fusion REST API backend in a Visual Builder Cloud Service (VBCS) application. You can skip this step if your VBCS instance already includes Fusion REST API in the Catalog.
3. Develop a simple VBCS application to demonstrate how to retrieve a JWT from a plugin and use it to send a standard Fusion REST API request.