1. Order Orchestration Cloud Service Online Help
  2. Systems Menu
  3. Edit Web Services

Edit Web Services

Purpose: Use the Edit Web Services for window to review, add, or delete the web service user authentication records for an application that submits web service requests to Order Orchestration.

Note:

The description of the selected application client is indicated in the window title; for example, if the application client’s description is Client Sample, the window title is Edit Web Services for Client Sample.

How to display this screen: Select the edit icon (Illustrates the edit icon.) for an application at the Manage External Application Access screen.

Note:

Only users with Manage External Application Access authority can display this window. See Roles for more information.

About Creating Access

Select or unselect any of the displayed web services. Click OK to update the web service access; otherwise, click Cancel.

Once created, the inbound web service user records are listed in the Web Service Access column at the Manage External Application Access page, and are also displayed at the Web Service User screen, with the User set to the Client ID for the application. The client ID can now be used for OAuth authentication for that web service.

Delete web service access: If you delete the web service option, the inbound web service user authentication record is deleted, is no longer displayed at the at the Web Service User, and can no longer be used for authentication for that web service.

Web Services

  • Admin: Includes:
    • ProductUpdate
    • LocationUpdate
    • LocationDetail
    • Email Out API
    • setDSAcknowledge
    • getInventoryAvailability
    • getDSOrders
    • setDSShipConfirm

    • Store Associate Location Assignment

Note:

Admin authority is also required for the inventory quantity web service; see Probability Rules Update and Incremental Quantity Web Service for background.
  • Discovery: Requests include Location discovery and System discovery.

  • Foundation Read/Write: Provides authority to perform inquiries as well as to create, update, or delete foundation data. Grants foundation:rw scope in IDCS or OCI IAM. Foundation data includes:

    • Boxes

    • Brands

    • Carriers

    • Cancel or Reject Reason Codes

    See Application Data Services in the Web Services Guide on My Oracle Support (2953017.1) for more information.

  • Foundation Read Only: Provides authority to perform inquiries on foundation data as described above, but does not provide authority to make any updates. Grants foundation:r scope in IDCS or OCI IAM.

    See Application Data Services in the Web Services Guide on My Oracle Support (2953017.1) for more information.

    Note:

    Although there are additional scopes defined in IDCS or OCI IAM, they are not in use at this time and not available to assign through the Edit Web Services window

  • Locate: Includes all requests related to the Routing Engine:

    • EchoTest

    • Fulfillments

    • Intransit

    • InventoryAvailability

    • LocateItems

    • OrderSearch

    • OrderUpdate

    • ProductAvailability

    • StatusListRequest

    • StatusRequest

    • StatusUpdate

    • SubmitOrder

  • Private Data Request: Includes all requests to inquire on or delete private data:

    • GetPrivateData

    • ForgetPrivateData

  • Purchasing: Includes all requests from the retailer to Order Orchestration related to the Supplier Direct Fulfillment module:

    • CreateDSOrder

    • CreateDSVendor

    • GetDSChanges

    • GetDSInvoices

    • SetDSAddressChange

    • SetDSCancel

    • SetDSCostChange

  • Oracle Retail Integration Cloud Service: Includes all requests received from Oracle Retail Integration Cloud Service (RICS). See Order Fulfillment through RICS Integration for background on order-related messages. Not currently implemented.

    This authentication is also required to receive individual updates to the available quantities for product locations through the Retail Integration Bus (RIB). See Available-to-Sell Individual Inventory Updates through Oracle Retail Integration Cloud Service (RICS) for a discussion.

  • Run Job:

    Includes the Run Job request message to submit a job, as an alternative to submitting or scheduling a job at the Schedule Jobs screen. OAuth is required for the Run Job API.

See the Web Services Guide on My Oracle Support (2953017.1) for background.

For more information: See the Web Services Guide on My Oracle Support (2953017.1) for details on the above messages.

  • Vendor: Includes all requests submitted by an integrated vendor to Order Orchestration for the Supplier Direct Fulfillment module:

    • setDSAcknowledge

    • getDSOrders

    • setDSShipConfirm

Note:

If Vendor access is selected, the client ID is available for selection as the Vendor Client Id for an integrated vendor at the New Vendor or Edit Vendor screen, provided the client ID has not already been assigned to a different vendor.

For more information: See the Vendor Integration Guide for details on the above messages.

Generate Application Client

Purpose: Use the Generate Application Client window to:

  • Generate a new client for the XOffice On Premises application and assign web service access, if it has not already been created through another application.
  • Generate a new client for another application besides XOffice On Prem, if it does not already exist in IDCS (Oracle Identity Cloud Service) or OCI IAM (Oracle Cloud Infrastructure Identity and Access Management) and it directly integrates with a cloud service.

How to display this screen: Select New Client from the Manage External Application Access screen.

Note:

Only users with Manage External Application Access authority can display this window. See Roles for more information.

Before you start: Before beginning the generation steps, you would typically select the Refresh option at the Manage External Application Access screen to confirm that the required client application was not already created.

Creation steps: If the required client application is not displayed after you select Refresh:

  1. Complete the Application Details.

    • Application Type: Can be either:

      • XOffice On Prem: Select this option only if the application has not already been created through another application.

      • External: Select this option if the application integrates with IDCS or OCI IAM and an OAuth Client does not already exist in IDCS or OCI IAM.

      Selecting an Application Type is required.

      • Application Description: Enter a brief description of the application. This will be the Description in IDCS or OCI IAM, and is informational. If you require multiple environments, such as one for production and one for UAT, you can include this information in the application description. Alphanumeric, 50 positions; required.

      • Environment: If the Application Type is XOffice On Prem, specify the type of environment, such as PROD or TEST. Your entry is converted to upper case, and no spaces or special characters are allowed. Required if the Application Type is XOffice On Prem; otherwise, if you set the Application Type to External, this field is not enterable and is not used. Informational.

  2. Click Generate Client to generate the new client and submit it to IDCS or OCI IAM; otherwise, select Cancel to close the window without generating the client.

  3. If you click Generate Client and the generation is successful, the window displays the Generated Credentials:

    • The new generated Client ID, and a link to copy it to the clipboard.

    • The new generated Secret, and a link to copy it the clipboard.

Important:

Copy and paste the new client ID and the new client secret so that you can update an external application so that it can request the token from IDCS or OCI IAM. This information will not be available later so should be stored in a secure location.

Note:

If your browser displays a warning message when you select the Copy to Clipboard option, click Allow Access.

The window displays an error if it cannot create the client, such as if the client ID already exists, or if communication with IDCS or OCI IAM fails. See Manage External Application Access for information on the properties used for communication with IDCS or OCI IAM.

Click Done to close the window, and click OK at the confirmation window to confirm that you are done copying the client ID and secret to the clipboard.

About the generated client ID:

  • When the Application Type is XOffice On Prem, the generated Client ID is RGBU_XTROFFOP_<ENV>_XOFFICE_APPID, where <ENV> is the specified Environment.
  • When the Application Type is External, the generated Client ID is RGBU_OBCS_<RANDOM>_APPID, where <RANDOM> is a random string of 8 characters and OBCS identifies Order Orchestration.

Define web service access: After creating the client, you can define web service access. See the Edit Web Services window for more information.

Regenerate secret: Use the Regenerate Application Client Secret if you need to regenerate the secret for the client application.

Fields at this screen

Field Description
Application Details
Application Type

Indicates whether the new application is either:

  • XOffice On Prem: Select this option only if the application was not created through another application.
  • External: Select this option if the application integrates with IDCS (Oracle Identity Cloud Service) or OCI IAM (Oracle Cloud Infrastructure Identity and Access Management).

Required.

About XOffice On Prem:The Manage External Application Access screen displays records only if they are not associated in IDCS or OCI IAM with a parent ID. If you use XOffice on premises, each store location record in IDCS or OCI IAM is associated with the XOffice on premises application as its parent ID. Because there can be many store locations associated with the parent application record, the Manage External Application Access screen displays just the XOffice rather than the individual store locations.

Application Description

The description of the application created for web service authentication. This is the Description in IDCS or OCI IAM. Alphanumeric, 50 positions. Required.

Environment

If the Application Type is XOffice On Prem, use this field to specify the type of environment, such as PROD or TEST. Your entry is converted to upper case, and no spaces or special characters are allowed.

Required if the Application Type is XOffice On Prem; otherwise, if you set the Application Type to External, this field is not enterable and is not used. Informational.

Generated Credentials

If the new client is generated correctly, the following fields are displayed.
Client ID

When the Application Type is XOffice On Prem, the generated Client ID is RGBU_XTROFFOP_<ENV>_XOFFICE_APPID, where <ENV> is the specified Environment.

When the Application Type is External, the generated Client ID is RGBU_OBCS_<RANDOM>_APPID, where <RANDOM> is a random string of 8 characters.

Note:

This is the Name in IDCS or OCI IAM. Note that the Display Name in IDCS or OCI IAM is the Client ID without the _APPID suffix.

Select Copy to Clipboard to copy the client ID to the clipboard, so you can more easily share it with the external application that needs to use it for OAuth authentication. The window indicates that the ID has been successfully copied.

Secret

The client secret to use for generating the OAuth token.

Select Copy to Clipboard to copy the secret to the clipboard, so that you can share it with the external application that needs to use it for OAuth authentication. The window indicates that the secret has been successfully copied.

Regenerate Application Client Secret

Purpose: Use the Regenerate Application Client Secret window to generate a new client secret for an existing client application.

Note:

This option is available only for external application clients that were created through Order Orchestration.

For more information: See Manage External Application Access for background.

How to display this screen: Select New Secret (Illustrates the new secret icon.)for the application client at the Manage External Application Access screen.

Note:

Only users with Manage External Application Access authority can display this window. See Roles for more information.

When you regenerate: When you regenerate the secret, the client is deleted and recreated in IDCS (Oracle Identity Cloud Service) or OCI IAM (Oracle Cloud Infrastructure Identity and Access Management) and use of the new secret is required for OAuth. You need to update the external application so that it can request the token from IDCS or OCI IAM, as the previous secret is no longer valid.

How to generate a new secret: Click Regenerate and click OK at the confirmation window. There might be a slight delay. If the request is successful, the window displays:

  • The new Client ID, and a link to copy it to the clipboard.
  • The new Secret, and a link to copy it to the clipboard. This information will not be available later, so it should be stored in a secure location.

Copy and paste the Client ID and the new Secret if you need to share the information for an application that is not integrated with IDCS or OCI IAM, so that application can use the secret for OAuth authentication.

Note:

If your browser displays a warning message when you select the Copy to Clipboard option, click Allow Access.

The window displays an error if it cannot generate the new secret, such as if communication with IDCS or OCI IAM fails. See Manage External Application Access for information on the properties used for communication with IDCS or OCI IAM.

Click Done to close the window, and click OK at the confirmation window to confirm that you are done copying the client ID and secret to the clipboard.

Fields at this window

Field Description
Application Details
Client ID

When the Application Type is XOffice On Prem, the generated Client ID is RGBU_XTROFFOP_<ENV>_XOFFICE_APPID, where <ENV> is the specified Environment.

When the Application Type is External, the generated Client ID is RGBU_OBCS_<RANDOM>_APPID, where <RANDOM> is a random string of 8 characters and OBCS represents Order Orchestration.

Note:

This is the Name in IDCS or OCI IAM. Note that the Display Name in IDCS or OCI IAM is the Client ID without the _APPID suffix.

Display-only.
Application Description

The description defined when the application was created for web service authentication. This is the Description in IDCS or OCI IAM. Alphanumeric, 50 positions. Display-only.

Application Type

Indicates whether the new application is either:

  • XOffice On Prem: Select this option only if the application was not already created in another application.
  • External: Select this option if the application integrates with IDCS or OCI IAM.

Display-only.

About XOffice On Prem:The Manage External Application Access screen displays records only if they are not associated in IDCS or OCI IAM with a parent ID. If you use XOffice on premises, each store location record in IDCS or OCI IAM is associated with the XOffice on premises application as its parent ID. Because there can be many store locations associated with the parent application record, the Manage External Application Access screen displays just the XOffice rather than the individual store locations.

Environment
Generated Credentials
Client ID

When the Application Type is XOffice On Prem, the generated Client ID is RGBU_XTROFFOP_<ENV>_XOFFICE_APPID, where <ENV> is the specified Environment.

When the Application Type is External, the generated Client ID is RGBU_OBCS_<RANDOM>_APPID, where <RANDOM> is a random string of 8 characters and OBCS represents Order Orchestration.

Note:

This is the Name in IDCS or OCI IAM. Note that the Display Name in IDCS or OCI IAM is the Client ID without the _APPID suffix.

Select Copy to Clipboard to copy the client ID to the clipboard, so you can more easily share it with the external application that needs to use it for OAuth authentication. The window indicates that the ID has been successfully copied.

Secret

The client secret to use for generating the OAuth token.

Select Copy to Clipboard to copy the secret to the clipboard, so that you can share it with the external application that needs to use it for OAuth authentication. The window indicates that the secret has been successfully copied. This information will not be available later, so it should be stored in a secure location.