1. Payer User Guide
  2. Prerequisites
  3. Set Up Prerequisites
  4. Create a Confidential Application

Create a Confidential Application

This topic provides information on creating a confidential application for Oracle Health Clinical Data Exchange.

In the context of Oracle Identity Cloud Service (IDCS), a client application is an external application that interacts with OCI resources that use APIs. These applications are registered with IDCS, where they are assigned a client ID and client secret that they use to authenticate and make authorized API calls. This functionality is essential for integrating third-party applications with OCI services in a secure manner. Typically, the application uses OAuth 2.0 protocol to obtain tokens for making requests.

See Adding a Confidential Application for more information.

Use a confidential web server or server-side application that uses OAuth 2.0. OAuth 2.0 is a security protocol that allows you to use existing log-in credentials to log in to secure applications. For example, you can use third-party log-in information to access an application that does not provide its own log-in information. Multiple users can access confidential applications, which are hosted on a secure and protected server that can protect the OAuth client ID and client secret.

See OAuth Working Group Specifications on the OAuth website for more information.

Complete the following steps to create a client application using the Identity service in your OCI tenancy:

  1. Enter the client application name.
  2. Enter a description of the application.
  3. Select Enforce grants as authorization if you want to restrict access to the application to users who have been granted access.
  4. Complete the following steps to add scopes for servers that contain the confidential application for which you need to enable OAuth:
    1. Add the urn:opc:idm:role.system/Patient.read scope for querying patient application programming interfaces (APIs).
    2. Add the urn:opc:idm:role.system/DocumentReference.read scope for querying document APIs.
    3. Add the urn:opc:idm:role.system/Binary.read scope for querying binary APIs.
  5. Select Next.
  6. Review the information and select Create resources. The system creates the resources.

Parent topic: Set Up Prerequisites