Oracle Access Manager (OAM) uses a certificate authority (CA) certificate, issued by Verisign, to enable clients to connect securely to the server.
OAM Multi Factor Authentication OTP REST API supports authentication via Authorization header for enforcing access controls to web resources.
The authentication type the API support is governed by the policy used. OAM supports
oracle/multi-token-rest-service-policy which has following authentication.
HTTP Basic Auth
SAML 2.0 Bearer token in HTTP header
HTTP OAM security
JWT token in HTTP header
An SSL certificate authority (CA) certificate file or bundle to authenticate against the Verisign CA certificate.
User name and password for your OAM account.
For example, to authenticate using cURL:
Set the cURL environment variable,
CURL_CA_BUNDLE, to the location of your local CA certificate bundle. For information about CA certificate verification using cURL, see: http://curl.haxx.se/docs/sslcerts.html.
Pass the user name and password for your OAM account using the
curl -i -X GET -u <username>:<password> -H <request-header>:<value> https://<subdomain>.<domain>.com:<port>/<resource-path>
curl -X POST -u username:password -d @post.json https://pseudo.com/oam/services/api/v1/users