Steps to Enable

To obtain a token and call the services, use the following steps:

1. This step should be performed one time for a given environment. Generate the OAuth Client App with the environment-specific scope.

   Each environment has a different scope that is available after the provisioning of the environment. Use this scope to generate the OAuth Client App using the Retail Home UI. For details, refer to the "Creating OAuth Client Apps" section of the Retail Home Administration Guide, which can be found under Common Cloud Services Solutions in the Oracle Retail Help Center. Once the OAuth Client App is generated, note the client ID and secret. This information will be required for an access token to call REST services.

2. Get an access token using the OAuth client ID and secret from IDCS with the following command:

   export ACCESS_TOKEN="$(curl -u <Client ID>:<Secret> -H 'Content-Type: application/x-www-form-urlencoded;charset=UTF-8' --request POST https://<IDCS_BASE_URL>/oauth2/v1/token -d 'grant_type=client_credentials&scope=<Customer Environment Specific Scope>' | jq -r '.access_token')"

   The token is generally valid for 1 hour.

3. ReST clients that need to call the Allocation ReST service end points should use the client ID and secret of the OAuth client generated in the previous step to get an access token. OAuth tokens can also be obtained by ReST client tools like Postman for testing purposes by filling in the necessary details like client ID/secret and scope. Use the below information in such cases:

   Authorization: OAuth 2.0
   Access Token URL: https://<IDCS_BASE_URL>/oauth2/v1/token
   Client ID: <Client id of OAuth client app>
   Client Secret: <Client secret of OAuth client app>
   Scope: <Custom environment specific scope> 

   The scope pattern that is used in the MFCS IDCS app creation template is rgbu:merch:<SERVICETYPE>-<ENVIRONMENT> where SERVICETYPE is MFCS and ENVIRONMENT is the environment type (STG, PRD, UAT, DEV1, DEV2, and so on).

   For example:

   "scope": "rgbu:merch:MFCS-PRD"
   "scope": "rgbu:merch:MFCS-STG"

   Example using the access token as a bearer token:

   curl --location --request GET 'http://<hostname or IP address>:<port number>/RmsReSTServices/services/private/Common/vDate' \ --header 'Authorization: Bearer $ACCESS_TOKEN'