REST API for Clinical One Platform

Get a token for authentication

You must generate a token in order to call any Oracle Clinical One Platform APIs. The authentication token is valid for 10 minutes after it is generated. Once the token has expired you need to generate a new one to continue making Oracle Clinical One Platform API calls.

For this task, we use cURL to get a token for authentication.

Before you begin

Ensure that you have the appropriate login credentials for using Oracle Clinical One REST API, as described in Obtain account information.
Reach out to your system administrator to receive the required Client ID and Secret used to generate an authentication token in cURL.
To access the Clinical One REST resources over HTTPS you need to provide the following information for authentication:
- An SSL certificate authority (CA) certificate file or bundle to authenticate against the Verisign CA certificate. Oracle Clinical One Platform uses a CA certificate, issued by Verisign, to enable clients to connect securely to the server.
- User name and password for your Oracle Clinical One Platform account.

Steps

Reach out to your Oracle project manager to obtain the correct URL.

Note:
This URL is different from the URL that you use to make Oracle Clinical One Platform API calls. You need this specific URL to get the authentication token that gives you access to the product's APIs.

Construct the cURL command to obtain a token for authentication:

Pass the client ID and secret using the -u cURL option.
Pass the custom request header using the -H cURL option.
Pass your credentials if applicable and specify the scope of your authentication token using the -d cURL option.
- To specify the scope of your authentication token you must add at least one permission. For example <tenant_id>.ec-designer-svc.all.
- You can add more than one permission in the scope. If you do, include a space between the different permissions.
Note:
<permissions> represent the corresponding microservices (API categories) you intend to access. You can only include permissions previously assigned by the system administrator in the Oracle Life Sciences IAMS OAuth Admin Console. For more information on these permissions, see About API tasks and corresponding permissions.

Depending on your client type, the cURL command can be different:

Client Type Example of cURL command

Client Type	Example of cURL command
Password grant	`curl -X POST https://<domain>.<subdomain>.com/ms_oauth/oauth2/endpoints/<tenant_id>/tokens \ -u "<clientId>:<secret>" \ -H "Content-Type: application/x-www-form-urlencoded" \ -d "grant_type=password&username=<tenant_id>.<username>&password=<password>&scope=<tenant_id>.<permissions>"`
Client credentials	`curl -X POST https://<domain>.<subdomain>.com/ms_oauth/oauth2/endpoints/<tenant_id>/tokens \ -u "<clientId>:<secret>" \ -H "Content-Type: application/x-www-form-urlencoded" \ -d "grant_type=client_credentials&scope=<tenant_id>.<permissions>"`

Password grant

curl -X POST https://<domain>.<subdomain>.com/ms_oauth/oauth2/endpoints/<tenant_id>/tokens \ 
-u "<clientId>:<secret>" \ 
-H "Content-Type: application/x-www-form-urlencoded" \ 
-d "grant_type=password&username=<tenant_id>.<username>&password=<password>&scope=<tenant_id>.<permissions>"

Client credentials

curl -X POST https://<domain>.<subdomain>.com/ms_oauth/oauth2/endpoints/<tenant_id>/tokens \
 -u "<clientId>:<secret>" \
 -H "Content-Type: application/x-www-form-urlencoded" \
 -d "grant_type=client_credentials&scope=<tenant_id>.<permissions>"

Press Enter on your keyboard.
Copy the token that starts after this line:
```
{"expires in":600,"token type":"Bearer","access_token":"
```
until you reach your user name in the command line.

Next step: Use the token to make an API request