1. Getting Started Guide
  2. Create a Confidential App

Create a Confidential App

The ready-to-use OTM Order Shipment Status skill uses 3-legged OAuth supported by Oracle Identity Domain. Users of the Digital Assistant must be valid Oracle Transportation and Global Trade Management Cloud users with suitable REST API and Digital Assistant accesses configured using Access Control List in Oracle Transportation and Global Trade Management Cloud. Your Identity Domain administrator needs to create a confidential app in your Oracle Transportation and Global Trade Management Cloud's Identity Domain instance to perform user authentication.

In addition to these steps, see the Add a Confidential Application instructions in the Administering Oracle Identity Cloud Service guide.

  1. Sign in to Identity Domain administration console using the credentials provided.
  2. Under Identity domain click Applications.
  3. Click Add application.
  4. Select Confidential Application and click Launch workflow.
  5. Provide a Name and click Next.
  6. Resource Server Configuration.
    1. Select Configure this application as a resource server now.
    2. Provide a value for Access token expiration.
    3. Select the Allow token refresh check box.
    4. Provide a value for the Primary Audience e.g. https://{host-id}/ where {host-id} is the Transportation and Global Trade Management Cloud server. The actual value may depend on whether the target application is REST API - https://{host-id}/logisticsRestApi/ - or XML integration - https://{host-id}/logisticsXmlApi/.
    5. Select Add scopes and click Add.
    6. Enter a unique name for the Scope. This can be any text, this scope name will be selected or used at later steps. Click Add.
  7. Client configuration
    1. Select Configure this application as a client now.
    2. Select Client Credentials, Authorization Code and Refresh Token as Allowed Grant Types.
    3. Provide a value for the Redirect URL. This is the URL where users will be redirected to ODA after authentication/authorization in Oracle Identity Cloud Service. Refer to ODA documentation for coming up with your own Redirect URL.
    4. Turn on Bypass Consent.
    5. Under the Token Issuance Policy section, select the All radio button for the Authorized Resources.
  8. Click Next.
  9. Under Web tier policy select Skip and do later.
  10. Click Finish.
  11. Click Edit OAuth configuration.
  12. Under Client configuration > Token Issuance policy select Add resources.
  13. Click Add scope, select the drop-down against the Confidential application we are created and select the available scope under this application and click Add.
  14. Click Save Changes.
  15. Click Activate and Activate application.
  16. Make a secure note of the Client ID and Client Secret.