About TES End User Authorization
The authorization of customers using the TES API comprises three principal steps. As a first step, the customer must have an Oracle Single Sign-on (SSO) user account. Next, the Oracle service implementation team provides the customer with a client identifier and client secret. The customer application is then used to call Oracle Access Manager (OAM) to authorize these credentials together with the SSO account. In return, the customer receives an access token from OAM. Using this token, the customer is now authorized to consume the TES service.
This section provides a further outline of the process:
-
Creation of an Oracle SSO (Oracle Single Sign-on) account by users that do not have an existing SSO account. (For users that have an existing SSO account, skip to the next step.)
The following diagram provides an outline of the OASP SSO creation process:
-
Configuration of the client's authorization credentials by the Oracle Implementation team using Oracle Access Manager (OAM)
The following diagram outlines the process of configuring the client's authorization credentials (other than SSO, which is generated in the opening step):
Note - The following steps are performed by the Oracle implementation team. After creating the credentals, Oracle shares the credentials with customers. For further information about the process of securely exchanging credentials, refer to the Oracle Securely Exchanging Confidential Information Policy.
-
Authentication of the client application to TES.
The following diagram provides an outline of process flow for the authentication of the client application to TES:
