2.1.7.3 Generate Access Token Using Different Grant Types

An access token is required to invoke APIs and you can generate the access token using different grant types.

Select a link for more information on each of these grant types:

1. Client Credentials Grant Type
2. Authorization Code Grant Type
3. Resource Owner Password Credentials Grant Type
4. TLS Client Authentication Grant Type
5. Refresh Token Grant Type

Prerequisite: Organization-wide ca.crt, client.crt, and client.key (you can generate client.crt and client.key using openssl.)

Obtaining the IDCS Secure Domain URL

An IDCS secure domain URL is the web address used to access Oracle Identity Cloud Service (IDCS) over a secure HTTPS connection.

To obtain the IDCS secure domain URL:

1. Sign in to the Oracle Cloud Console and go to Identity -> Identity Domains.
2. From the Details tab, copy the Domain URL.
3. Append /.well-known/idcs-configuration after the URL.

   Example: <idcs_domain_URL>/.well-known/idcs-configuration

4. Search for secure_token_endpoint to get the IDCS secure domain URL.

Procedure to obtain a ca.crt file

The following procedure uses FireFox as the web browser.

1. Obtain your secure IDCS URL.
2. Open Firefox and enter the URL in the address bar, then press Enter.
3. Click the padlock icon to the left of the URL in the address bar.
4. Select Connection secure (or similar option) and then click More Information.
5. In the window that opens, select the Security tab and click View Certificate.
6. Under the Miscellaneous section, download either the PEM (cert) or PEM (chain) file as needed.