1. Extend Oracle Sales and Service business objects with document collaboration
  2. Set Up API Authentication

Set Up API Authentication

In this first section, you'll need to create an IDCS application. This application will be used to call OCM REST APIs from within the Oracle Sales and Service application using OAuth 2-Legged authentication. The Oracle Sales and Service public certificate is used to create this IDCS application. This OAuth 2-Legged authentication method will be needed later when the OCM REST APIs are added to the Oracle Sales and Service application.

Note:

The Oracle Identity Cloud Service (IDCS) is in the process of being replaced by the Oracle Identity and Access Management (IAM) service. The steps provided below assume your Oracle Cloud account is using IDCS. If your cloud accounts use IAM domains, then the steps are similar but the user interface that you see will differ from the images provided in this document.

Retrieve the Public Certificate

To get the Oracle Sales and Service application public certificate that will be used to create an IDCS confidential application:

  1. Sign in to the Oracle Sales and Service application as an administrator.
  2. Click Hamburger icon in the upper left corner of the page. Select the Tools option from the drop-down menu and then select Security Console.
  3. To retrieve the Oracle Sales and Service application public certificate:
    Description of apiauth.png follows
    Description of the illustration apiauth.png

    1. On the main page, select API Authentication from the left navigation menu.
    2. Select the Oracle Public Certificate link on the upper right corner of the page. This will download an orakey_sign file to your Downloads directory which will be used in the steps below.
  4. Close the Oracle Sales and Service application as it will not be needed for a while.

Create a Confidential Application

To create the Confidential Application that will be used in the Oracle Sales and Service application to communicate with Oracle Content Management through the OCM APIs:

  1. Sign in to IDCS admin console as an administrator.

  2. Click Hamburger icon in the upper left corner of the page and then select the Applications option from the drop-down menu.

  3. To create the confidential application that will be used for accessing the Oracle Content Management APIs:
    Description of confidentialapp.png follows
    Description of the illustration confidentialapp.png

    1. Click the Add button and then in the Add Application dialog, select Confidential Application.
    2. In the Add Confidential Application page, on the Details train stop, do the following:
      1. In the Name field, specify the name (for example, Web Services).
      2. In the Description field, enter the text "Credentials used to access the OCM APIs through the web services.".
    3. On the Client train stop, do the following:
      1. Select the Configure this application as a client now option.
      2. For the Allowed Grant Types, select the following check boxes: Resource Owner, Client Credentials, JWT Assertion.
      3. For Security, select the Trusted Client check box and then click Import to import the Oracle Sales and Service certificate.
      4. In the Import Client Certificate dialog, complete the following fields:
        Description of importcertificate.png follows
        Description of the illustration importcertificate.png

        1. In the Certificate Alias field, specify the name (for example, Fusion).
        2. Click the Choose File button and then select the orakey_sign file that was downloaded earlier.
        3. Click Import to add this certificate.
      5. In the Resources section, click Add Scope. Select the right arrow to the right of the specific OCM server that will be used in the integration.
        Description of tokenpolicy.png follows
        Description of the illustration tokenpolicy.png

      6. Select the check box next to the line with the URL ending with opc:cec:all. Click Add to add this specific scope as it is required for the integration.
      7. Copy the scope URL that was just added as we will use this later when creating the Oracle Sales and Service application web services to communicate with the OCM APIs (for example, https://BD2F184D9D2344CB8134FCD4CBFF7DF.mycloud.com:443/urn:opc:cec:all).
    4. Click Next until you reach the end of the Add Confidential Application train stop and then click Finish.
  4. In the Application Added dialog, copy the Client ID (for example, c585b2d3e97c40e491ca99112281e36) and Client Secret (for example, 768b9513-658e-4854-bac7-2fe72d19011) and close the dialog. We will be using these values in the Oracle Sales and Service application web services to communicate with the OCM REST APIs.
  5. On the Oracle Sales and Service Web Services page, click Activate to activate the IDCS application service.
  6. Close the IDCS application as it is no longer required.