1. REST API for Unified Topology for Inventory and AutomationREST API for Unified Topology for Inventory and Automation
  2. Authentication and Authorization

Authentication and Authorization

The Oracle Communications Unified Topology for Inventory and Automation (UTIA) REST API uses Common Authentication service for Authentication and Authorization.

For setting up Common Authentication Service, see Deploying the Common Authentication Service in Unified Inventory and Topology Deployment Guide.

To access your requests using OAuth 2.0 authentication using Postman tool:

  1. Select Authorization Type as OAuth 2.0.

  2. Generate a token by providing the following details:

    • Token Name: Name for the generated token. For example : RestApiToken
    • Grant Type: Client Credentials
    • Access Token URL: The endpoint for Authentication Server. This is used to exchange the authorization code for an access token. For example: https://host:port/oauth2/rest/token
    • Client ID: The client identifier issued to the client during the Application registration process. For example: <topologyClient>
    • Client Secret: The client secret is issued to the client during the Application registration process.
    • Client Authentication : Send as Basic Auth header.

    See Creating a Client in Unified Inventory and Topology Deployment Guide for Application registration process.

  3. Add the proxy settings: *.uim.org,*.topology.org.

  4. Generate Access Token using your REST Client or using Curl command as follows:

    curl --location --request POST 'https://OAuthHost:port/oauth2/rest/token' \
'https://OAuthHost:port/oauth2/rest/token' \
--cacert $OAM_CNTK/certs/oamappcert.pem \
--header 'Content-Type: application/x-www-form-urlencoded' \
--header 'Authorization: Basic encodedClientIdSecrets' \
--header 'Cookie: _fb847=dc866db426b6ffb6' \
--data-urlencode 'grant_type=client_credentials'

    where:

    • OAuthHost is the URL for Authentication server.
    • port is the port for Authentication server.
    • encodedClientIdSecrets is the base64 encoded clientID and clientSecret that was provided to the client during application registration. This can be generated as follows:
      
echo -n "<ClientId>:<ClientSecret>" | base64 -w 0

  5. Pass the generated access token value in the header of every REST request sent to UTIA REST API services.

    For example, to run a GET request for a vertex with id 150004:

    curl --location --request GET 'https://hostname:port/topology/v2/vertex/id/150004' --cacert $OAM_CNTK/certs/oamappcert.pem --header 'Cookie: _fb847=dc866db426b6ffb6' --header 'Authorization: Bearer <bearer value>'

    where:

    • hostname is the URL for the Oracle Communications UTIA server.
    • port is the port for the Oracle Communications UTIA server.
    • version is the version of the API you're using, such as v2. See "Versioning".
    • String after Bearer is the generated access token from step 1.

    Note:

    Authorization headers are not required if security is disabled during UTIA deployment.