1. Mobile Plugin Framework
  2. Accessing REST APIs from the Plugin Framework

2Accessing REST APIs from the Plugin Framework

This section outlines how you can access Rest APIs from custom plugins, and the ways in which you can authorize the APIs using different OAuth flows from plugins. Let's look at some of these options to determine the most appropriate approach for specific needs.

To determine the most appropriate method for accessing the REST API, you must consider these factors:

Which REST API is required?

  • Field Service API: You can use this API to interact directly with Oracle Fusion Field Service data and functionality.
  • Fusion API: Refers to the REST APIs provided by Oracle Fusion Cloud Applications, which you can access from within or alongside Oracle Fusion Field Service workflows.
  • Other API: This encompasses any other external REST APIs you might need to connect to.

What Identity Provider is used to log in to Oracle Fusion Field Service?

An Identity Provider (IdP) manages your user identities and authentication for Oracle Fusion Field Service. Knowing which one you use is crucial for understanding the available authorization methods.

  • Internal Field Service: Oracle Fusion Field Service uses its own internal user management system.
  • IDCS (Oracle Identity Cloud Service): Your organization uses Oracle's cloud-based identity and access management service for Oracle Fusion Field Service login.
  • Other Identity Provider: Your organization uses a different third-party identity management system for Oracle Fusion Field Service login.

What OAuth Authorization Grant Flow is supported by the Identity Provider?

OAuth 2.0 is a standard protocol for authorization. Different grant flows define how your application obtains permission to access protected resources. The supported flows depend on the Identity Provider in use.

  • OAuth Client Credentials Grant Flow: This flow is typically used for server-to-server communication where an application (the "client") authenticates itself using its own credentials (a Client ID and Client Secret) to access resources. OAuth Client Credentials Grant flow doesn't involve a specific user's direct interaction.
  • OAuth User Assertion Grant Flow: In this flow, the application uses an existing user's credentials or a signed assertion (like a JWT - JSON Web Token) to request an access token. This is often used when the application already can authenticate the user.
  • OAuth Authorization Code Grant Flow: This flow involves a multi-step process. The user is redirected to the Identity Provider to grant permission. After the user authorizes, the application receives an authorization code, which it then exchanges for an access token. This flow is commonly used for web and mobile applications involving user interaction.

You can consider these three factors to determine the most suitable method for accessing the required REST API and the appropriate OAuth authorization flow. The specific steps for implementation depends on the selected API, your organization's identity provider configuration, and the capabilities of the application or tool you are using to access the API.