Authenticate

Oracle Advanced Authentication uses a certificate authority (CA) certificate, issued by Verisign, to enable clients to connect securely to the server.

You access the Oracle Advanced Authentication REST resources over HTTPS and you must provide the following information for authentication:

• An SSL certificate authority (CA) certificate file or bundle to authenticate against the Verisign CA certificate.

• User name and password for your Oracle Advanced Authentication account.

For example, to authenticate using cURL:

• Set the cURL environment variable, CURL_CA_BUNDLE, to the location of your local CA certificate bundle. For information about CA certificate verification using cURL, see: http://curl.haxx.se/docs/sslcerts.html.

• Pass the <request-header> custom request header using the -H cURL option.

• The username and password for the Rest API can be constructed as following:

  • username: <RELEASENAME>-oaa-policy
  • password: <Base64Decoded oaapolicyapikey>

The following is the syntax of the cURL command using basic authentication:

curl -i -X GET -H Authorization:Basic <Base64Encoded(<username>:<password>)> -H <request-header>:<value> <PolicyUrl>/<resource-path>

The following is the syntax of the cURL command using JSON Web Token (JWT).

curl -i -X GET -H Authorization:Bearer <(Token)> -H <request-header>:<value> <PolicyUrl>/<resource-path>

Note:

• To obtain the <PolicyUrl>, username, and password, see Printing Deployment Details on Console.

  Use the <PolicyUrl>/policy/config/property/v1 REST API to configure properties. In this scenario, you must remove /oaa-policy from the <PolicyUrl>. For instance, use https://<host>:<port>/policy/config/property/v1 and not https://<host>:<port>/oaa-policy/policy/config/property/v1.

• To obtain the <Token>, see Runtime REST APIs for OAuth 12c.
• To use tokens in the Postman call:
  1. In the right pane, click Authorization.
  2. From the Auth Type drop-down list, select Bearer Token.
  3. In the Token field, enter the token value.