Register applications
External applications can use the REST web service APIs to integrate with Oracle Commerce. You must register an application to enable it to access Commerce data and functionality.
This section applies to Open Storefront Framework (OSF) and Storefront Classic.
Registering an application automatically generates the following:
- An application ID that identifies the application internally.
- An application key that you use to authenticate the application.
The application key is a JSON Web Token (JWT) from the Oracle Commerce OAuth server. The registered application exchanges the key for an access token as part of the authentication flow. For more information, see Use the application key for authentication.
You can register an application in the administration interface or by using the Admin API. Both methods are described below.
Register an application in the administration interface
To register an application in the administration interface:
- Click the Settings icon.
- Click Web APIs and display the Registered Applications tab.
- Click the Register Application button.
- In the frame that appears, enter a name for the application, and
select when the application key should expire.
The Expiration dropdown includes options ranging from one day to a year from now. If you do not want the key to expire, select Never.
- Click Create.
The application ID and application key are automatically generated and the application is added to the list on the Registered Applications page.
To acquire the application key for an application:
- Click the Settings icon.
- Click Web APIs and display the Registered Applications tab.
- Click the name of the application.
- In the frame that appears, click the Application Key box to reveal the key.
- Copy the key and provide it to the application developer.
- Click Cancel to exit the frame without
making any changes.
See Use the application key for authentication for more information.
To modify a registered application:
- Click the Settings icon.
- Click Web APIs and display the Registered Applications tab.
- Click the name of the application.
- In the frame that appears, you can change the name of the
application, reset the application key, or change when the key expires. After
you are done making changes, click Save.
If you reset the application key, the previous key is automatically revoked and can no longer be used to authenticate the application.
To unregister an application:
- Click the Settings icon.
- Click Web APIs and display the Registered Applications tab.
- Click the name of the application you want to unregister.
- Click Delete.
The application’s ID is removed from the system and its application key is automatically revoked.
Register an application using the Admin API
You use the createApplicationID
endpoint to register an
application using the Admin API. For example:
POST /ccadmin/v1/applicationIds HTTP/1.1
Content-Type: application/json
Authorization: Bearer <access_token>
{
"name": "sampleApp",
"lifetimeDays": 90,
"type": "application"
}
In this example, the lifetimeDays
property is used to
set the application key to expire after 90 days. The maximum value this property can
be set to is 365; if you specify a larger value, the value will be set to 365. If
you do not set a value for lifetimeDays
, or set it to -1, the
application key will not expire until you revoke it explicitly.
The response includes the values for the application to use for authentication. For example:
{
. . .
"token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzdWIiOiI3ZjkzNjQ1Ni01ZmUyLTQ5NTQtODk0NS1kYTMyZTZmOTFjNzUiLCJpc3MiOiJhcHBsaWNhdGlvbkF1dGgiLCJleHAiOjE2ODYwNzkzMzEsImlhdCI6MTY1NDU0MzMzMX0=.imjcnTgBZE8+AADDB/h/RxBzDFX6EbQ/+1DJtsprM9E=",
"expirationTime": 1662319331,
"name": "sampleApp",
"id": "7f936456-5fe2-4954-8945-da32e6f91c75",
. . .
}
The value of id
is the application ID, and the value of
token
is the application key. The
expirationTime
indicates when the application key expires,
expressed as the number of seconds elapsed since the beginning of the Unix epoch
(00:00:00 UTC, Thursday, 1 January 1970).