Send B2B Messages to Your Partners Using OAuth 2.0 Authorization

You can now use the OAuth 2.0 authorization framework to securely send B2B messages to your trading partners. The OAuth server manages credentials so that trading partners don't have to exchange usernames or passwords to authorize messages sent using the REST Web Service delivery method type.

Additional data elements have been added to the delivery method screen. They're displayed when you create or edit a delivery method of type REST Web Service and add OAuth 2.0 as the security policy.

They are:

Access Token URL: The endpoint used to exchange client authentication credentials and, if required, authorization details for an access token from the OAuth 2.0 provider. This is typically the URL of the token issuing endpoint. For example, https://auth.example.com/oauth2/token.

Client ID: The public identifier assigned to your application by your trading partner’s OAuth 2.0 provider. You receive this when you register your application or integration in the identity domain server.

Client Secret: The confidential secret issued to your application by the OAuth 2.0 provider. This is used together with the Client ID to authenticate the client.

Scope:  A space-separated list of access privileges being requested for the OAuth 2.0 access token. For example, read write email profile. Scope defines the exact level of access your application is requesting from the resource server during the OAuth 2.0 flow. When you request an access token, you include a scope parameter to describe which operations or data your application needs permission for. Scope is an optional value.

Refresh Token URL: The endpoint used to obtain a new access token by presenting a previously obtained refresh token.

REST Web Service Delivery Method with OAuth Security

REST Web Service Delivery Method with OAuth Security

OAuth provides an additional option to secure transmission of B2B messages to your trading partners using a widely recognized standard, ensuring compatibility and interoperability between different applications and services.

Steps to Enable

You need to enable the feature Simplify Configuration and Processing for B2B Messaging to access this functionality.

Perform the following steps:

  1. Create a new delivery method of type REST Web Service, and add values for the below data elements:
  • Access Token URL
  • Client ID
  • Client Secret
  • Scope
  • Refresh Token URL
  1. Update your B2B connections with this new delivery method.

Tips And Considerations

  • This flow supports only client_credentials grants.
  • Pay attention to the token expiry timing. Access tokens are usually short lived.
  • The Refresh Token URL is only required if your trading partner’s OAuth 2.0 server uses a different endpoint for refreshing tokens. Otherwise, leave it blank.

Key Resources

  • Refer to the Configuring and Managing B2B Messaging for Oracle Fusion Cloud SCM guide on the Oracle Help Center.

Access Requirements

Users who are assigned a configured job role that contains this privilege can access this feature:

  • Manage Collaboration Message Definitions by Web Service (CMK_MANAGE_COLLAB_MESG_DEFINITION_WEB_SERVICE_PRIV).

This privilege was available prior to this update.