10 Invoking POM Services Using OAuth
This chapter details the steps to invoke POM ReST services using the OAuth protocol. Using the OAuth protocol is a two-step process:
-
Request an access token from an authentication provider: IDCS or OCI IAM.
-
Provide the access token as an authorization header when invoking a service.
Prerequisite
rgbu:pom:services-customer-administrator-<ENV_ID>
where <ENV_ID> represents the unique environment identifier such as PRD1, STG1, DEV1 and so on.
rgbu:pom:services-customer-administrator-DEV1
For more information about creating the OAuth client, refer to the "Creating IDCS OAuth 2.0 Client Apps" chapter in the Retail Home Administration Guide.
Requesting the Access Token
To generate a token from IDCS, the following information is needed:
-
IDCS URL
-
Client Id and Client Secret
-
OAuth Scope
The curl command below invokes an IDCS service to generate an access token:
curl -I -H 'Authorization: Basic <base64Encoded OAuth_Clientid:Secret>' -H 'Content-Type: application/x-www-form-urlencoded;charset=UTF-8' --request POST <IDCS_URL>/oauth2/v1/token -d 'grant_type=client_credentials&scope=rgbu:pom:services-customer-administrator-<ENV_ID>'
This is a standard ReST call, with the following specifics:
-
<IDCS URL> is the IDCS URL of this instance.
-
<base64Encoded OAuth_Clientid:Secret> is the Base64-encoded OAuth Client Id and Client Secret provided as a Basic Authentication header.
-
Specify the body as:
grant_type=client_credentials&scope=
rgbu:pom:services-customer-administrator-<ENV_ID>
The response to this call will be in this format:
{ "access_token": "<TOKEN>", "token_type": "Bearer", "expires_in": 3600 }
Invoking the POM Service
To invoke the POM ReST service, you must add an authorization header as Bearer <token>, that is:
-
The word Bearer
-
A space
-
A valid token obtained as described in Requesting the Access Token
For example, the POM nightly cycle start request would look something like the following:
curl -i -H 'Authorization: Bearer <OAuth Token>' -H 'Content-Type: application/json' --request POST 'http://<pom-server-host>/ProcessServices/services/private/executionEngine/schedules/<Schedule_Name>/execution?skipVersion' -d '{ "cycleName" : "Nightly", "flowName" : "Nightly"}'