Note:

• This tutorial requires access to Oracle Cloud. To sign up for a free account, see Get started with Oracle Cloud Infrastructure Free Tier.
• It uses example values for Oracle Cloud Infrastructure credentials, tenancy, and compartments. When completing your lab, substitute these values with ones specific to your cloud environment.

Invoke Oracle Identity Domains REST API from PL/SQL using an APEX Database

Introduction

This tutorial is based on the Oracle A Team blog mentioned Here and will help provide you a guided approach to set this up in Oracle Identity Domains.

We will use Oracle APEX database for executing the SQL Script which will make a REST call to obtain access token from Oracle Identity Domains and then makes call to create users, query group membership, and retrieve user profile attributes. The PL/SQL code uses APEX 5.1 with the packages APEX_WEBSERVICE to call Identity Domains and APEX_JSON to parse the JSON response.

Note: We are using an Oracle APEX database which will have APEX packages by default. You can run the SQL script on your database provided you have the necessary APEX packages.

Objective

Use a SQL package to invoke the Identity Domains endpoint using a APEX database.

Prerequisites

OCI IAM administrator access of any Identity Domain.

Task 1: Launch an APEX Instance from OCI

1. Log in to your Oracle Identity Domains with the Admin account, search for APEX Application Development select the compartment that you would like to create an Instance and then click on Create APEX Service as displayed below.

   

2. From the configuration wizard, provide the Basic Information.

   

3. In the next section Configure the APEX Service, keep everything by default unless you have any special requirement.

   

4. In the next section, create an password for the ADMIN Account.

   

5. Select Secure Access from Anywhere in the Network access section and provide a Contact Email in the notification section. Finally click Create APEX service to launch the APEX service.

   

6. After your Service is created and becomes Available, click on the Launch APEX tab, click Administration Service and log in with ADMIN User password created in Step 3.

   

   

7. Post login, click Create Workspace and then provide the prompted required information under New Schema and then clickCreate Workspace.

   

   

Note: Note these values as these will needed while we update the SQL script.

Task 2: Register a Confidential Application in OCI IAM

We will register a Confidential Application OCI IAM Domains as shown below (For testing we have used the default domain).

1. Log in to Identity Domains under Identity and Security and click Applications.

   

2. Select Confidential Application and then click Launch Workflow.

   

3. Add the Name to your application and then click Next.

   

4. Select Client Credentials as the Grant Type and then click Next.

   

5. Click Finish.

   

6. Click Activate Application.

   

7. Note the Client ID and Secret which we will use in the PL/SQL Script.

   

Task 3: Update the SQL Script file and compile it

1. Download the SQL script HERE.

2. Open the SQL file in any text editor and as directed in the file update the file with your Schema Name created in 1.6. Also update the Oracle Identity Cloud Service app details in the file created under Task 2 and save it.

   

3. From your APEX Instance, click on the Launch Database Actions tab and then click SQL.

   

4. Copy the updated SQL script and then paste it on the Worksheet.

   Note: ADMIN option should be selected on the left-hand panel.

5. Compile the Script and you should get a success message.

   

6. Change the Navigator to your Schema name and under ALL Objects you should see the Client Package as shown below.

   

Task 4: Run the Procedure to Get the Authorization Token from Identity Domains

1. From the IDCS Client (Body), run the procedure get_authz_token you should get the output similar to the images below.

   

   

Note: The token that we received from Identity Domains marks that we were able to connect successfully to the Identity Domains and now you can go ahead and use the other prebuild procedures and functions according to your use case.

Related Links

Invoking Oracle Identity Cloud Service REST API from PL/SQL

Acknowledgments

Author - Chetan Soni (Cloud Solutions Engineer)

More Learning Resources

Explore other labs on docs.oracle.com/learn or access more free learning content on the Oracle Learning YouTube channel. Additionally, visit education.oracle.com/learning-explorer to become an Oracle Learning Explorer.

For product documentation, visit Oracle Help Center.

---

Title and Copyright Information

Invoke Oracle Identity Domains REST API from PL/SQL using an APEX Database

F82324-01

June 2023

Copyright © 2023, Oracle and/or its affiliates.