1. Getting Started with Oracle Banking Cloud Service
  2. API to API Authentication

5 API to API Authentication

Generate OAuth Token

curl --location --request POST 'https://<IAM URL>/oauth2/v1/token' 
--header 'Content-Type: application/x-www-form-urlencoded'
--header 'Authorization: Basic <Base64 encoded ClientID:ClientSecret>' 
--data-urlencode 'grant_type=password' --data-urlencode 'username=<username>' 
--data-urlencode 'password=<password>' 
--data-urlencode 'scope=OAuth_Access/consumer::devtestbank1_non-prod_Access'
IAM will respond back with a JWT. A sample response would be as follows:
{"access_token":"eyJ4NXQjUzI1NiI6InB2eEMxUEZEWVpIWEd1WENrODRSanlOWmdrTm9Pbnl3UmlReElr
UDI4OGMiLCJ4NXQiOiJJeWs0aVY5cFlzTjE0aHlmRmh4cVZkQnljRmsiLCJraWQiOiJTSUdOSU5HX0tFWSIsImFsZyI6IlJTMjU2In0.
eyJjbGllbnRfb2NpZCI6Im9jaWQxLmRvbWFpbmFwcC5vYzEuaWFkLmFtYWFhYWFhYXF0cDViYWEzb3NoejNzeXRkbHE3eTVycjQ3andlNDJ
kcWxyNzVseDNlc2h4cHlwMmdhYSIsInVzZXJfdHoiOiJBbWVyaWNhXC9DaGljYWdvIiwic3ViIjoiREVWT1BTVVNFUjEiLCJ1c2VyX2xvY2FsZSI6ImV
uIiwic2lkbGUiOjQ4MCwidXNlci50ZW5hbnQubmFtZSI6ImlkY3MtNWZhNGM2OGJlMGM2NDJmZDgzZGRkYzA3NzRiOWRmNmEiLCJpc3MiOiJodHRwczpcL1
wvaWRlbnRpdHkub3JhY2xlY2xvdWQuY29tXC8iLCJkb21haW5faG9tZSI6InVzLWFzaGJ1cm4tMSIsImNhX29jaWQiOiJvY2lkMS50ZW5hbmN5Lm9jMS4uYWFh
YWFhYWE2dWFqcnJpeXUzM3djb2F6YXRpd2d3dWo2emhvc3JuZTUydWNkcnNndDRleWplYm81eXFxIiwidXNlcl90ZW5hbnRuYW1lIjoiaWRjcy01ZmE0YzY4YmU
wYzY0MmZkODNkZGRjMDc3NGI5ZGY2YSIsImNsaWVudF9pZCI6ImU0M2Q1MjYzODBjMzRhNjRhY2Q2NjViZjJlZDVkODNjIiwiZG9tYWluX2lkIjoib2NpZDEuZG9
tYWluLm9jMS4uYWFhYWFhYWF2dHc1eDNicnF3bGp5Ym1jeGpjN3Rmc2Vsc29hcnRiZHhpYzNqYjZjYTZ2dnVhYWthb2xxIiwic3ViX3R5cGUiOiJ1c2VyIi
wic2NvcGUiOiJjb25zdW1lcjo6ZGV2dGVzdGJhbmsxX25vbi1wcm9kX0FjY2VzcyIsInVzZXJfb2NpZCI6Im9jaWQxLnVzZXIub2MxLi5hYWFhYWFhYWE2
NzR5a3RuNWRuZW5lcXJ0M3g0MmZsa2NtY2p4djR6cXpvaXU1ZG8ydnVza3RsdWxsaWEiLCJjbGllbnRfdGVuYW50bmFtZSI6ImlkY3MtNWZhNGM2OGJlMG
M2NDJmZDgzZGRkYzA3NzRiOWRmNmEiLCJyZWdpb25fbmFtZSI6InVzLWFzaGJ1cm4tMSIsInVzZXJfbGFuZyI6ImVuIiwiZXhwIjoxNjkyMTA0NjU0LCJp
YXQiOjE2OTIxMDEwNTQsImNsaWVudF9ndWlkIjoiNzc3NWQ3NGYxMDU1NDc5MmJhYTExODAyZTUyOGM1MGIiLCJjbGllbnRfbmFtZSI6ImRldnRlc3RiYW5
rMV9ub24tcHJvZCIsInRlbmFudCI6ImlkY3MtNWZhNGM2OGJlMGM2NDJmZDgzZGRkYzA3NzRiOWRmNmEiLCJqdGkiOiI2M2E1YjU0MWUyYWM0OWIyYTFhZTF
kOTdjMmI4OTRkMCIsImd0cCI6InJvIiwidXNlcl9kaXNwbGF5bmFtZSI6IkRFVk9QU1VTRVIxIiwib3BjIjpmYWxzZSwic3ViX21hcHBpbmdhdHRyIjoidXN
lck5hbWUiLCJwcmltVGVuYW50Ijp0cnVlLCJ0b2tfdHlwZSI6IkFUIiwiYXVkIjoiT0F1dGhfQWNjZXNzXC8iLCJjYV9uYW1lIjoib2Jjc3Rlc3RiYW5rcGlud
DAxIiwidXNlcl9pZCI6IjUxMzUyODI0YmQ5MDQxOTdiYzk3MjQ0ZDAwZGYxMDQ5IiwiZG9tYWluIjoiRGVmYXVsdCIsInRlbmFudF9pc3MiOiJodHRwczpcL1w
vaWRjcy01ZmE0YzY4YmUwYzY0MmZkODNkZGRjMDc3NGI5ZGY2YS5pZGVudGl0eS5waW50Lm9jOXFhZGV2LmNvbTo0NDMiLCJyZXNvdXJjZV9hcHBfaWQiOiI3N
zc1ZDc0ZjEwNTU0NzkyYmFhMTE4MDJlNTI4YzUwYiJ9.dANUKUN5TnnGiwMHJ3NHVvp-hqXWe-MlxAZjV6fAwPdWHaFQDLDDOaJ3TNGs6IOdwF836NAKVnNOpWU
TEWxpaiUzUHFy4HzC689XoftznA0lk9_RQfyDB7LtamSRESl_fIBmvQi6I3J4C7VIUCR2c2UTrC8DaN1YiAg2_6f4BJCS08tYFyWGPZCVozidtTBKe45tQV_WMq
QUs9UnmSEtdflC_C_IitBGMVlzu6WEeYAthQ76OiJQLeoqogadtfIJty6Vxznv9OGdVayIoVLIW-JlE2uHTTJP7AxFYfnqX-H8d0E1yPIUcefmPCIW_b6n428Bf
w_-P6e9r5GxNFDjTQ","token_type":"Bearer","expires_in":3600}

Use the JWT to access an OBCS protected resource. A sample request would look like the following:


curl --location --request GET 'https://<OBCS
URL>/non-prod/api-gateway/sms-core-services/sms-core-service/user/global?userLoginId=<SampleUser1>' --header 'Authorization: Bearer
eyJ4NXQjUzI1NiI6InB2eEMxUEZEWVpIWEd1WENrODRSanlOWmdrTm9Pbnl3UmlReElrUDI4OGMiLCJ4NXQiOiJJeWs0aVY5cFlzTjE0aHlmRmh4cVZkQ
nljRmsiLCJraWQiOiJTSUdOSU5HX0tFWSIsImFsZyI6IlJTMjU2In0.eyJjbGllbnRfb2NpZCI6Im9jaWQxLmRvbWFpbmFwcC5vYzEuaWFkLmFtYWFhYWFhYXF0cDV
iYWEzb3NoejNzeXRkbHE3eTVycjQ3andlNDJkcWxyNzVseDNlc2h4cHlwMmdhYSIsInVzZXJfdHoiOiJBbWVyaWNhXC9DaGljYWdvIiwic3ViIjoiREVWT1BTVVNFUj
EiLCJ1c2VyX2xvY2FsZSI6ImVuIiwic2lkbGUiOjQ4MCwidXNlci50ZW5hbnQubmFtZSI6ImlkY3MtNWZhNGM2OGJlMGM2NDJmZDgzZGRkYzA3NzRiOWRmNmEiLCJpc
3MiOiJodHRwczpcL1wvaWRlbnRpdHkub3JhY2xlY2xvdWQuY29tXC8iLCJkb21haW5faG9tZSI6InVzLWFzaGJ1cm4tMSIsImNhX29jaWQiOiJvY2lkMS50ZW5hbmN5L
m9jMS4uYWFhYWFhYWE2dWFqcnJpeXUzM3djb2F6YXRpd2d3dWo2emhvc3JuZTUydWNkcnNndDRleWplYm81eXFxIiwidXNlcl90ZW5hbnRuYW1lIjoiaWRjcy01ZmE0Y
zY4YmUwYzY0MmZkODNkZGRjMDc3NGI5ZGY2YSIsImNsaWVudF9pZCI6ImU0M2Q1MjYzODBjMzRhNjRhY2Q2NjViZjJlZDVkODNjIiwiZG9tYWluX2lkIjoib2NpZDEuZ
G9tYWluLm9jMS4uYWFhYWFhYWF2dHc1eDNicnF3bGp5Ym1jeGpjN3Rmc2Vsc29hcnRiZHhpYzNqYjZjYTZ2dnVhYWthb2xxIiwic3ViX3R5cGUiOiJ1c2VyIiwic2Nvc
GUiOiJjb25zdW1lcjo6ZGV2dGVzdGJhbmsxX25vbi1wcm9kX0FjY2VzcyIsInVzZXJfb2NpZCI6Im9jaWQxLnVzZXIub2MxLi5hYWFhYWFhYWE2NzR5a3RuNWRuZW5lc
XJ0M3g0MmZsa2NtY2p4djR6cXpvaXU1ZG8ydnVza3RsdWxsaWEiLCJjbGllbnRfdGVuYW50bmFtZSI6ImlkY3MtNWZhNGM2OGJlMGM2NDJmZDgzZGRkYzA3NzRiOWRmN
mEiLCJyZWdpb25fbmFtZSI6InVzLWFzaGJ1cm4tMSIsInVzZXJfbGFuZyI6ImVuIiwiZXhwIjoxNjkyMTA0NjU0LCJpYXQiOjE2OTIxMDEwNTQsImNsaWVudF9ndWlkIj
oiNzc3NWQ3NGYxMDU1NDc5MmJhYTExODAyZTUyOGM1MGIiLCJjbGllbnRfbmFtZSI6ImRldnRlc3RiYW5rMV9ub24tcHJvZCIsInRlbmFudCI6ImlkY3MtNWZhNGM2OGJ
lMGM2NDJmZDgzZGRkYzA3NzRiOWRmNmEiLCJqdGkiOiI2M2E1YjU0MWUyYWM0OWIyYTFhZTFkOTdjMmI4OTRkMCIsImd0cCI6InJvIiwidXNlcl9kaXNwbGF5bmFtZSI6
IkRFVk9QU1VTRVIxIiwib3BjIjpmYWxzZSwic3ViX21hcHBpbmdhdHRyIjoidXNlck5hbWUiLCJwcmltVGVuYW50Ijp0cnVlLCJ0b2tfdHlwZSI6IkFUIiwiYXVkIjoiT
0F1dGhfQWNjZXNzXC8iLCJjYV9uYW1lIjoib2Jjc3Rlc3RiYW5rcGludDAxIiwidXNlcl9pZCI6IjUxMzUyODI0YmQ5MDQxOTdiYzk3MjQ0ZDAwZGYxMDQ5IiwiZG9tYW
luIjoiRGVmYXVsdCIsInRlbmFudF9pc3MiOiJodHRwczpcL1wvaWRjcy01ZmE0YzY4YmUwYzY0MmZkODNkZGRjMDc3NGI5ZGY2YS5pZGVudGl0eS5waW50Lm9jOXFhZGV
2LmNvbTo0NDMiLCJyZXNvdXJjZV9hcHBfaWQiOiI3Nzc1ZDc0ZjEwNTU0NzkyYmFhMTE4MDJlNTI4YzUwYiJ9.dANUKUN5TnnGiwMHJ3NHVvp-hqXWe-MlxAZjV6fAwPdW
HaFQDLDDOaJ3TNGs6IOdwF836NAKVnNOpWUTEWxpaiUzUHFy4HzC689XoftznA0lk9_RQfyDB7LtamSRESl_fIBmvQi6I3J4C7VIUCR2c2UTrC8DaN1YiAg2_6f4BJCS08
tYFyWGPZCVozidtTBKe45tQV_WMqQUs9UnmSEtdflC_C_IitBGMVlzu6WEeYAthQ76OiJQLeoqogadtfIJty6Vxznv9OGdVayIoVLIW-JlE2uHTTJP7AxFYfnqX-H8d0E1
yPIUcefmPCIW_b6n428Bfw_-P6e9r5GxNFDjTQ' --header 'appId: sms' --header 'entityId: DEFAULTENTITY' --header 'env: cloud' --header 'multiEntityAdmin: N' 
--header 'userId: <SampleUser1>' --insecure
A sample response would look like the following:
{"data":{"userId":"<SampleUser1>","userName":"<SampleUser1>","recordStatus":"O","isSupervisor":false,"managerId":null,"currentBranch":"R01",
"homeBranch":"R01","locale":"en-US","bankCode":"0000","bankName":"HO Bank","hostCode":"HOST_US","countryCode":"US","hoBranch":"000","branchCurrency":
"USD","applicationDate":"2022-09-20","languageCode":"ENG"}}