Authentication
Oracle Access Manager (OAM) uses a certificate authority (CA) certificate, issued by Verisign, to enable clients to connect securely to the server.
OAM Multi Data Center REST API supports authentication via Authorization header for enforcing access controls to web resources.
The authentication type the API support is governed by the OWSM policy used. OAM supports oracle/multi-token-rest-service-policy
which has following authentication.
-
HTTP Basic Auth
-
SAML 2.0 Bearer token in HTTP header
-
HTTP OAM security
-
JWT token in HTTP header
-
An SSL certificate authority (CA) certificate file or bundle to authenticate against the Verisign CA certificate.
-
User name and password for your OAM account.
For example, to authenticate using cURL:
-
Set the cURL environment variable,
CURL_CA_BUNDLE
, to the location of your local CA certificate bundle. For information about CA certificate verification using cURL, see: http://curl.haxx.se/docs/sslcerts.html. -
Pass the user name and password for your OAM account using the
-u
cURL option.
curl -i -X GET -u <username>:<password> -H <request-header>:<value> https://<subdomain>.<domain>.com:<port>/<resource-path>
curl -X POST -u username:password -d @post.json https://pseudo.com/oam/services/api/v1/users