Simplified access to REST API in Mobile Plugin Framework

With the 24B release customers will get an opportunity to access the Field Service REST API, Fusion REST API or External API from their custom plugin via JWT Access Token. The plugin configuration screen has been extended with the new ‘Applications’ section that allows to choose the available application. Once it’s configured, the Mobile Plugin Framework sends all configured applications to the plugin on ‘init’ stage. The new “getAccessToken” procedure returns the JWT access token that is used for authorization of direct API calls.

Companies have an opportunity to access the Field Service REST API, Fusion REST API or External API from their custom plugin via JWT Access Token. The “getAccessToken” procedure returns the JWT access token that is used for authorization of direct API calls. The procedure is listed in the "allowedProcedure" collection that is sent in the "open"/"wakeup” method and says that the procedure is available.

{

"apiVersion": 1,

"method": "open"/"wakeup",

"entity": "...",

...

"buttonId": "...",

"openParams": {},

"allowedProcedures": {

...

"getAccessToken": true

}

}

On init stage, OFS returns the data of the configured Application for the particular Plugin in the "init" method.

The "resourceUrl" field is populated with the URL of the resource server. In case of Field Service API application, it is populated with the URL of the Plugin in order to use it in direct REST API requests. In the case of OAuth User Assertion or OAuth Client Credentials application, it is retuned the same as it is configured on the Modify Application screen.

init method

{

"apiVersion": 1,

"method": "init",

"attributeDescription": {},

"buttons": [],

"applications": {

"ofs_rest_api": {

"type": "ofs",

"resourceUrl": "https:// plugins-0-ofsc-xxxx.test.fs.ocs.oc-test.example.com",

},

"fusion_rest_api": {

"type": “oath_user_assertion",

"resourceUrl": "https://fa-xxxx-pintlabfadev.fa.ocs.oc-test.example.com"

},

"external_rest_api": {

"type": "oauth_client_credentials"

"resourceUrl": "https://external-rest-api-url.example.com"

}

}

init method with application that is not configured on Plugin Edit screen

procedure examples

callProcedureResult method - fail case

procedures

For call procedure error handling reference - https://docs.oracle.com/en/cloud/saas/field-service/fapcf/c-errorhandlingcallprocedure.html#ErrorHandling-225CDFAF

Provide Key and Comments of required API to plugin Configurator

Developer can prepare an XML file of a plugin where they can specify the Key and Comment of the application which is required for Plugin to request API. So, once a configurator imports the plugin XML, they can see the ‘Applications’ section on the Plugin Edit screen with applications that should be assigned to a plugin to provide access to the required API.Key could be hardcoded in the Plugin's code.  Configurator will choose some application from the list that will be used for it.Comment is used to give to Configurator more details which application should be chosen.

Import example

Plugin Configuration Screen

The new "Applications" section has been added to the screen for hosted and external plugins.

Each Application in this section has the following attributes:

  • Key - identifier of an application that's used in plugin code that should be associated with the existing application in Field Service.
  • Comment - description of the required application that can provide more details about this API (e.g. "for obtaining inventory list from Fusion SCM”).

Once the plugin is imported with XML file and the required applications were specified there, then configurator will see keys and descriptions in the list of ‘Application’ section, then they can select an appropriate application from the drop down list.

In case the application is not associated, then the API access is not provided to the plugin. In case the selected application is not of a supported type, then the mobile plugin framework will return an Error.

screen 1

screen 1

If the plugin was added from the Forms & Plugins screen, the Application section is empty by default and the Configurator can add it from scratch, by clicking the ‘Add’ button, specifying the application identifier in the Key field and adding necessary Comment.

screen 2

screen 2

Control Field Service REST API calls according to current user visibility

In case you want to restrict access to the REST API calls by JWT access token to the visibility of the current user, the checkbox “Application details" should be enabled.

If a REST API call tries to obtain data from a resource outside of the Visible Resources list of the current user, it will be denied.

screen 3

screen 3

  • Simplified configuration of access to the REST API of Field Service, Fusion applications and other External applications.
  • Connections standardization in line with other Oracle products.

Steps to Enable

You don't need to do anything to enable this feature.