Oracle Fusion Field Service Application Configuration for OAuth User Assertion

This topic outlines the steps to create and configure a Field Service application using the OAuth User Assertion flow to obtain an access token.

  1. Navigate to Configuration → Applications.
  2. Click Add Application. The Add Application page appears.

    This screenshot shows the rest api application creation.
  3. Select Applications using REST/SOAP API. You will be prompted to enter a name for this application; provide a descriptive name.
  4. From the available application security types, select OAuth User Assertion. This indicates that this application will use a JWT assertion to obtain an access token from the Identity Provider.
  5. In the Resource URL field, specify the URL that represents the OAuth 2.0 Resource Server (the server that provides REST data). It will be included in the "applications" section during the "init" method to avoid hardcoding the URL in the plugin.
  6. In the Token URL field, enter the URL of the OAuth 2.0 Authorization Server (Identity Provider) that issues access tokens. For example, https://{idcsUrl}/oauth2/v1/token.
    Note: In some cases, the OAuth 2.0 Resource Server and Authorization Server share the same domain.
  7. Select which username will be included in the JWT assertion.
    • Predefined User: Select this option to use a fixed, predefined username. This is often used for testing purpose.
    • Identify User Based on Login : Select this option to use the username derived from a property of the currently logged-in Field Service user (commonly the "Login" property).
  8. Enter the Identity Provider Details.
    1. Client ID: Obtained from the Identity Provider configuration while creating the application in the Authorization Server.
    2. Client Secret: Also retrieved from the Identity Provider configuration.
    3. Scope: A space-separated string used to restrict access. For example: urn:opc:resource:fusion:xxxxxxxx:field-service
  9. Click Download Certificate to download the certificate. This certificate is used by the Identity Provider to verify the signature of the JWT assertion sent by Oracle Fusion Field Service. You must import this certificate into the Identity Provider's configuration for the integrated application.