Generate the Access Token

The bearer token for authorization can be generated using clients such as Postman. This example describes how to generate the token using Postman.

  1. Select OAuth 2.0 as the Authorization Type.

  2. Select Authorization Code as the Grant Type.

  3. Enter the following information. If you are unsure how to access this information, see Finding Access Token Information below.

    • Access Token URL: This URL is the endpoint for the authentication server, and is used to exchange the authorization code for an access token. For example, https://xxxxxxxxxx.identity.com/oauth2/v1/token

    • Client ID: Enter the client identifier issued to the client during the application registration process. For example, CXIF_FA_xxxxxxx_APPID

    • Client Secret: Enter the client secret issued to the client during the application registration process.

    • Scope: This value is used to grant specific permissions in the access request. For example, https://xxxxxxxx.oci.customer-oci.comurn:opc:resource:consumer::all

    • Callback URL: This is the callback URL to which redirection will happen after authorization. This URL should match the one used during the application registration process. For example, https://xxxxxxxxxxx.oci.customer-oci.com/oidc/redirect

    • Auth URL: This URL is the endpoint for the authorization server. This is used to get the authorization code. For example, https://xxxxxxxxx.identity.com/oauth2/v1/authorize

  4. Click Get New Access Token and user credentials to be provided in the flow in the next step.

  5. Enter the user credentials associated with the user you just set up above.

  6. On submit, a new token is generated that can be used to invoke the API.

Finding Access Token Information

If you are unsure of how to locate the information requested in the above task, a system administrator can find the values using these steps.

  1. Log into your Oracle Cloud account as an administrator.
  2. From the main menu, select Identity & Security and then select Domain.
  3. In the List scope section, select a value from the Compartment field.
  4. The system displays a list of domains you have access to.
  5. Click on your CXIF domain. The name of this domain typically includes both CXIF and Fusion.
  6. The system displays your domain, where you can find the following data:
    • Access Token URL: This data appears in the Domain URL field at the top right of the screen.
  7. In the navigation list on the left of the screen, select Oracle Cloud Services.
  8. The system displays a list of cloud services.
  9. Select the service that begins with CXIF and does not end with CCSApp.
  10. On this screen you can find the following data:
    • Client ID: Scroll down to the General Information section and note the Client ID.
    • Client Secret: Scroll down to the General Information section and you can display the client secret.
    • Scope: This value should be the concatenation of the value in the Primary Audience field and the value in the Scope table. For example, https://xxxxxxxx.oci.customer-oci.comurn:opc:resource:consumer::all
    • Callback URL: Scroll to the Authorization section and use the URL listed in the Redirect URL field.
    • Request URL: This value should be the portion of the URL that is in the Primary Audience field, up through oraclecloud.com.

Parent topic: Configure Utility Details