How do I enable salespeople to stay signed in to the CX Sales Mobile app?

You can enable the use of OAuth authentication tokens so that salespeople can stay signed in to the app, and they won't need to sign in again when they launch the application. Using OAuth authentication tokens makes the app simpler to use, and it's also secure.

To set up this feature, you first need to register the Oracle CX Sales Mobile application with Oracle Identity Cloud Service (IDCS), by creating a Confidential Application in the IDCS console. Then, you need to associate the Confidential Application details with CX Sales Mobile.

Here are the tasks:

Create a Confidential Application for Oracle CX Sales Mobile in IDCS
Associate the Confidential Application With Oracle CX Sales Mobile
Use Your Organization's Mobile Device Management Software to Distribute OAuth Authentication Tokens
Test Your Updates

Create a Confidential Application for Oracle CX Sales Mobile in IDCS

Here's how you create CX Sales Mobile as a Confidential Application in IDCS:

Sign in to My Console in (IDCS) by navigating to www.oracle.com > View Accounts > Sign In to the cloud.
In the menu, in Identity & Security, click Domains.
On the next screen, the UI might display one of the compartments. If it's not the correct compartment, then select one from the drop-down list. Once you're in the correct compartment, click into the Domain for that compartment.
On the Identity Domain page, click Integrated Applications in the navigation bar, then click the Add Application button.
On the Add Application page, click Confidential Application and then launch the workflow.
In the Add application details step of the Add Confidential Application wizard, enter information in the Name and Description fields. These fields are used only to identify the Confidential Application in IDCS -- they don't appear outside of IDCS. For example, they don't appear in the Oracle Sales app.
Click Next.
In the Configure OAuth step, in Client configuration, click the Configure this application as a client now option.
In the Allowed Grant Types options list, select these options:
- Refresh Token
- Authorization Code
Select the Allow non-HTTPS URLs option.
Note: This option doesn't open a URL that isn't secure. It just sends a request to the CX Sales Mobile app.
In the Redirect URL field, enter cxm://?oAuth=true.
In Token Issuance Policy, select Specific for Authorized Resources, and then select Add resources. Click Add Scope, in Resources.
In the Add scope drawer, search for and select Oracle Application Cloud (Fusion) from the list of resources. Click Add.
Note: If Oracle Application Cloud (Fusion) isn't available, then look for Fusion Applications Cloud Service instead.
Record the Scope value of the resource you added.
Click Next.
Note: If you get an "invalid protocol" error, then you need to provide an HTTPS URL (for example, https://www.oracle.com) in the Redirect URL field (refer to step 11 in this procedure).
Click Next again.
In the Configure policy step, select Skip and do later.
Click Finish. The CX Sales Mobile application is added in a deactivated state.
Note: If you encountered the "invalid protocol" error in step 15, now you can update the specific non-HTTPS URL by clicking Edit OAuth configuration in OAuth Configuration. Select Allow non-HTMLs URLs and enter the Redirect URL cxm://?oAuth=true. Click Save changes.
Record the Client ID and Client Secret that appear in the General Information section. The Client ID and Client Secret are equivalent to credentials (like a User ID and password combination) that your application uses to communicate with IDCS.
At page level, click Activate.
In the Activate application dialog box, click Activate application.

For more information about IDCS, see the Oracle Identity Cloud Service - Get Started page on Oracle Help Center

Associate the Confidential Application With Oracle CX Sales Mobile

Here's how you associate the IDCS Confidential Application with CX Sales Mobile:

In the Sales web application, sign in as an administrator.
In the Setup and Maintenance work area, click the Tasks side panel icon and then click the Search link.
Search for and select the Manage Profile Options task.
Create a profile option to enable the OAuth feature. Create the new profile option with these details:
- Profile Option Code: CXM_ENABLE_OAUTH
- Profile Display Name: OAuth Usage
- Application: CX Sales Mobile
- Module: Mobile Sales
- Start Date: Enter the date you require the OAuth feature to be active.
- In the Profile Values section, for Site level, check the Enabled and Updatable check boxes.
Save your changes.
Next, set the values for the profile option:
1. Search for and select the Manage Administrator Profile Values task.
2. Search for the CXM_ENABLE_OAUTH profile option.
3. In the Profile Values section, add new values with the following details:
  - Profile Level: Site
  - Profile Value: Yes
Save your changes.
Enter a publishable sandbox with Application Composer as one of the tools.
Navigate to Application Composer > Mobile Application Setup > CX Sales Mobile Composer > Settings.
Expand the OAuth Settings header.
Provide the Client ID, Client Secret and Scope for the CX Sales Mobile application that you recorded while setting up the Confidential Application in IDCS.
Provide your IDCS host as the Topology URL.
Note: Make sure to add the Domain URL (not Regional URL) listed on the specific Identity Domain > Overview page.
In the header, click Save.
Test your update by following the steps in Test Your Oracle CX Cloud Mobile Configurations.
Publish the sandbox according to your company's business practices.

When OAuth authentication tokens are enabled, the CX Sales Mobile app reads the OAuth parameters as the salesperson signs in. The next time the salesperson closes and restarts the app, or when the current session expires, the app prompts them to sign in again. After this second sign-in, the OAuth authentication starts, and from then the salesperson stays signed in to the app, as long as they use the app at least once during the time validity of the refresh token configured in IDCS.

Use Your Organization's Mobile Device Management Software to Distribute OAuth Authentication Tokens

You can use your organization's Mobile Device Management (MDM) software to distribute OAuth authentication tokens. Using MDM to distribute the tokens means that your salesperson won’t need to sign in to the app for a second time to trigger the OAuth authentication.

Here’s how you enable OAuth authentication tokens for MDM software:

Follow the steps in the Create a Confidential Application for Oracle CX Sales Mobile in IDCS section of this topic.
Creating a Confidential Application lets you specify when access tokens expire, and it creates a Client ID and Client Secret.
Open your MDM software and enter these configuration settings:
1. Configuration Key: CXM_AUTH_TYPE
  Value Type: String
  Configuration Value: oauth
2. Configuration Key: CXM_TOPOLGY_URL
  Value Type: String
  Configuration Value: Enter the IDCS instance URL.
  For more information about IDCS, see the Oracle Identity Cloud Service - Get Started page on Oracle Help Center.
3. Configuration Key: CXM_CLIENT_ID
  Value Type: String
  Configuration Value: Enter the Client ID that was generated when you created the Confidential Application
4. Configuration Key: CXM_CLIENT_SECRET
  Value Type: String
  Configuration Value: Enter the Client Secret that was generated when you created the Confidential Application.
5. Configuration Key: CXM_HOST
  Value Type: String
  Configuration Value: Enter the Sales application host URL
6. Configuration Key: CXM_SCOPE
  Value Type: String
  Configuration Value: Enter the Scope value of the resource you added in step 14 in the Create a Confidential Application for Oracle CX Sales Mobile in IDCS section.

Test Your Updates

When you're finished with the configuration, test your updates and publish the sandbox. See the Test Your Configurations or Extensions topic for details about how to check your mobile configurations.