1. REST API for Oracle MICROS Simphony Configuration and ContentConfiguration and Content API Guide
  2. Authentication and Authorization

Authentication and Authorization

FBGBU APIs use the OAuth2 authentication framework. API users must send a request to the OpenID Provider (OP). The OP authenticates the account and responds with an ID token and a refresh token. The client can then send a request with the ID token to the API endpoints.

Successful OAuth transactions require the Oracle OpenID Provider to issue an id_token for use in authenticating an API call. An id_token represents an authorization issued to the client application containing credentials used to access protected OAuth resources.

The following figures describes the process.


This is a visualization of four one-time steps listed in this section, including create API account, authorize with OpenID provider, sign in to API account, and get first token. The inputs and outputs are listed for each step.


This is a visualization of two ongoing steps listed in this section, including getting a refresh token and calling an API. The inputs and outputs are listed for each step.