REST API for Safety One Intake

Why do I have to perform this task?

You need to perform this task every time you make any Oracle Safety One Intake API calls.

How does an authentication token work?

Once you generate a token, you can use it to start calling APIs. However, please note that a token remains valid for only five minutes after its generation. Once a token has expired, you need to generate a new one.

Before you begin:

Ensure that you have the appropriate login credentials for using the Oracle Safety One Intake REST API, as described in Obtain the account information.
Reach out to your customer delegated administrator (CDA) to receive the required client ID and secret used to generate an authentication token in cURL.
Access the Safety One Intake REST resources over HTTPS and provide the following information for authentication:
- An SSL certificate authority (CA) certificate file or bundle to authenticate against the Verisign CA certificate. Oracle Safety One Intake uses a certificate authority (CA) certificate, issued by Verisign, to enable clients to connect securely to the server.
- Set the custom header <request-header> to <insert-requirement-here>.

After following these steps, you are ready to use the Intake Integration APIs. To use the API for Recipe Configuration, Recipes and Prediction Models, an additional step is required:

User name and password for your Oracle Safety One Intake account.

Steps to construct your cURL command

Reach out to your Oracle project manager to obtain the correct URL.

Note:
This URL is different from the URL that you use to make Oracle Safety One Intake API calls. You need this specific URL to get the authentication token that gives you access to the product's APIs.

Depending on your client type, the cURL command may be different.

The client type for using the Intake Integration API is Client Credentials:

Client Type Example of cURL command

Client Type	Example of cURL command
Client credentials	`curl --location 'https://<IDCS-Stripe-ID>.<domain>.com/oauth2/v1/token' \ --header 'Content-Type: application/x-www-form-urlencoded' \ -u "<clientId>:<secret>" \ --data-urlencode 'grant_type=client_credentials' \ --data-urlencode 'scope=https://<tenant-id>.safetyone.ocs.oraclecloud.com/s1-integration' \ --data-urlencode 'charset=UTF-8'`

Client credentials

curl --location 'https://<IDCS-Stripe-ID>.<domain>.com/oauth2/v1/token' \
--header 'Content-Type: application/x-www-form-urlencoded' \
-u "<clientId>:<secret>" \
--data-urlencode 'grant_type=client_credentials' \
--data-urlencode 'scope=https://<tenant-id>.safetyone.ocs.oraclecloud.com/s1-integration' \
--data-urlencode 'charset=UTF-8'

The client type required when using the API for Recipe Configuration, Recipes and Prediction Models is Password Grant. For this type you need to pass the username and password in the cURL command:

Client Type Example of cURL command

Client Type	Example of cURL command
Password grant	`curl --location 'https://<IDCS-Stripe-ID>.<domain>.com/oauth2/v1/token' \ --header 'Content-Type: application/x-www-form-urlencoded' \ -u "<clientId>:<secret>" \ --data-urlencode 'grant_type=password' \ --data-urlencode 'scope=https://<tenant-id>.safetyone.ocs.oraclecloud.com/s1-portal' \ --data-urlencode 'charset=UTF-8' \--data-urlencode 'username=<SSO Username>' \ --data-urlencode 'password=<SSO Password>`

Password grant

curl --location 'https://<IDCS-Stripe-ID>.<domain>.com/oauth2/v1/token' \
--header 'Content-Type: application/x-www-form-urlencoded' \
-u "<clientId>:<secret>" \
--data-urlencode 'grant_type=password' \
--data-urlencode 'scope=https://<tenant-id>.safetyone.ocs.oraclecloud.com/s1-portal' \
--data-urlencode 'charset=UTF-8' \--data-urlencode 'username=<SSO Username>' \
--data-urlencode 'password=<SSO Password>

Press Enter on your keyboard.

Copy the token from the response <token>:

{"access_token": "<token>", "token_type": "Bearer", "expires_in": 300}

Next step: Use the token to make an API request.