1. REST API for Oracle MICROS Simphony Configuration and ContentConfiguration and Content API Guide
  2. Authentication and Authorization
  3. Step 2: Authorize with OpenID

Step 2: Authorize with OpenID

The API account needs to be authorized with the OpenID provider. The client application must invoke the following API for OpenID authorization:

  • URL :{{HOST}}/oidc-provider/v1/oauth2/authorize

  • Operation Type: GET

HeaderParameters:

  • scope* - "openid"

  • response_type* - "code"

  • client_id* - OAuth 2.0 Client Identifier that is generated at the time of API account creation.

  • redirect_uri* - Redirection URI to which the response will be sent. This URI MUST exactly match one of the Redirection URI values for the Client pre-registered at the OpenID Provider (for machine clients, always use "apiaccount://callback").

  • code_challenge* - This is a 43-128 character long client generated string that needs to be first hashed using SHA-256 and then Base 64 encoded.

  • code_challenge_method* - Must be set to "S256".

Sample Request: 
{
scope:"openid", 
response_type:"code",
client_id:"<unique client ID of API account>"
redirect_uri:"apiaccount://callback",
state:999,
code_challenge:"<43-128 char length Client generated string which is SHA256 hashed & base 64encoded>",
code_challenge_method:"S256"
}