1. REST API for Oracle MICROS Simphony Configuration and ContentConfiguration and Content API Guide
  2. Authentication and Authorization
  3. Step 2: Authorize with OpenID

Step 2: Authorize with OpenID

The API account needs to be authorized with the OpenID provider.

The client application must invoke the following API for OpenID authorization:

URL :{{HOST}}/oidc-provider/v1/oauth2/authorize

Operation Type: GET

HeaderParameters:

scope* - "openid"

response_type* - "code"

client_id* - OAuth 2.0 Client Identifier that is generated at the time of API account creation.

redirect_uri* - Redirection URI to which the response will be sent. This URI MUST exactly match one of the Redirection URI values for the Client pre-registered at the OpenID Provider (for machine clients, always use "apiaccount://callback")

code_challenge* - This is a 43-128 character long client generated string that needs to be first hashed using SHA-256 and then Base 64 encoded

code_challenge_method* - Must be set to "S256"

Sample Request:

{
scope:???openid???, 
response_type:???code???,
client_id:???<unique client ID of API account>???
redirect_uri:???apiaccount://callback???,
state:999,
code_challenge:???<43-128 char length Client generated string which is SHA256 hashed & base 64encoded>???,
code_challenge_method:???S256???
}