SOAP

Oracle Retail AI Foundation Cloud Services has an Outbound Interface to push Customer Segment and its members to Oracle Retail Customer Engagement (ORCE). This interface supports the following security features:

• Message authentication is enabled in ORCE, and the Oracle Retail AI Foundation Cloud Services message includes authentication information in the HTTP header for the message. This authentication information is specific to ORCE and is stored in the Credential Stores. The Credential Stores are created or updated from the Data Management task, which is enabled for an Administrator. The Base64 encoding tool is used to encode the authorization key that is sent as part of the Message HTTP Header request. The Credential Stores use APIs that applications can use to create, read, update, and manage credentials securely and mark code as being "privileged", thus affecting subsequent access determinations.

• Oracle Retail AI Foundation Cloud Services provides configuration to set up proxy settings for both HTTP and HTTPS.

• XML sent as part of the message relies on marshalling and un-marshalling to and from Java Objects generated using the WSDL/Schema exposed through ORCE. This ensure that the XML generated is well formed and valid. It is the responsibility of ORCE to convert XML; Oracle Retail AI Foundation Cloud Services does not perform any XML Conversion. There are no concerns regarding XXE and XEE.