Secure Oracle Integration Cloud REST endpoint with OAuth
ฝัง
- เผยแพร่เมื่อ 8 ต.ค. 2024
- In this video, you will learn how to protect REST Endpoint with Oauth.
Integrations in Oracle Integration configured using the REST Adapter as a trigger are automatically exposed as OAuth-protected REST resources.
These resources can be consumed using the OAuth access token.
![[#SHORTS CLIP] ใช้ของของตัวเองไปเลยสิคะ l ซานิเบาได้เบา l One Playground](http://i.ytimg.com/vi/Ea_mTywx2p4/mqdefault.jpg)
Excellent Video, very simple to understand and follow. Thank you
Glad it was helpful!
This is lovely video. Understood OAuth in minutes. Thank you Ankur !
Glad you liked it
You can buy my OIC Gen-3 course that will help you to fasttrack your OIC learning journey:
www.udemy.com/course/deep-dive-into-oracle-integration/?referralCode=26194341D09D3B93921F
Thank you so much for the detailed demo, it's very helpful.
Glad it was helpful!
Excellent video.... which was very helpful for me to implement Oauth security in project
Glad it was helpful!
Hi Ankur ,
This is an excellent video ..thanks for covering this complex topic . I have implemented this oAuth as you have shown . I see that the service is getting invoked using bearer token as well as using basic auth .
1) Is there a way we can disable basic Auth for the REST service in OIC
2) And can we enable OAuth for a specific REST service , currently I see it is all or none.
Your valuable comments appreciated
Yes, its there in the recent version of OIC, while you create the REST Trigger connection, you have an option to select from the Security Policy. Please check.
Hi Ankur,
Thank you so much for your informative videos. Instead of exposing the scope for all the integrations, is there a way to expose only some integrations.?
Check out this blog mytechretreat.com/limit-access-to-your-apis-with-oci-api-gateway-using-oaauth-2-0-scopes/
Hi Ankur,
You explained it well. I have a concern on token expiration. Suppose our integration with REST trigger is to be used by a 3rd party application , can the same token be used as long as they want ?
Thanks
The token has limited time, once the token is expired, the token has to be regenerated...
@@TechSupper got it. Thanks. I appreciate
Hi Ankur,
This was really helpful. Thanks for sharing this with us.
Thanks Moshin
Thank You Ankur.
Nice Explanation sir.
Regards.
Sandeep
Thanks and welcome
Hi
It's really a good video. I am following similar steps and trying to import a certificate but getting ' Failed to parse certificate data.'
Can you guide how to solve this issue?
Thanks
Hello, Excellent explanation, I have a question, when I add this app, do I have to pay extra for it?
I don't think so.
Very informative video, Thank you
Glad it was helpful!
Please subscribe to my TH-cam channel th-cam.com/users/Techsupper if you have not subscribed yet.
Hi Ankur thanks for sharing the knowledge, have one doubt is there any way we dont have to give OIC username & password in oauth token call?
I'll check and will get back
Please create a stand-alone user in IDCS and assign the user in Oauth application. This will allow only the particular user to request token by passing stand alone user credentials instead of sending OIC credentials.
If required, you can checkmark "Enforce Grant as Authorization". This will allow only a particular assigned user to request a token with the credentials.
Hi Ankur, thanks for the great video! I have one issue - i am getting 'Bad Request' in the Postman ' "the request can not be fulfilled due to bad syntax", do you have an idea which syntax (where) it might be reffering to? Can you please help me
Sorry, Ankur, my fault! It is working fine, just some typo
NP
hi Ankur, for external consumer of oic , is it needed to take access to IDCS REST token generator,?
Yes,
Hi Ankur , is there a way to tie scopes with integration services . Like for say 3 integration there will be a client id and token . For other 3 integration there will be another set of client id and token .
I'll check Rahul.
@@TechSupper yes plz because ultimately if we cannot differentiate integrations with different scopes then the whole purpose of oAuth enablement has no meaning ...
Hi Ankur, Can I implement this kind method of authentication from the workspace or it is only available for Oracle Cloud?
Which workspace you are talking about ?
@@TechSupper The workspace provided by Oracle Apex with the ORDS,
I don't think so.
Ok, thanks sir
Hi Ankur, how do we get the scope of the application. Is that something which system generated?
I'll have to check.
Hi Ankur, Thanks for this helpful video. I am able to get the Bearer token, but while calling my rest apis with that getting 401, can you please help on this.
Not sure what mistake you did, but plz follow all the steps correctly.
You can buy my OIC Gen-3 course that will help you to fast track your OIC learning journey:
www.udemy.com/course/deep-dive-into-oracle-integration/?referralCode=26194341D09D3B93921F
@@TechSupper
To get the Bearer token I am not using the grant_type as password, instead of that I am using client_credential. Because out client will not be a user and if they have the userid and password.
@@rahulpaul6882 any luck. I am also facing the same issue in G3 integration REST connection to update lookup values with integration
Hi Ankur,
This was really Helpful. Thank You, Can you Please share how to do for 'client_credentials'.
Try client_credential while you create an application in IDCS.
What are security parameters we need to configure a oauth 2 type connection ,like for hcm adapter and soap adapter
You need to provide oauth details such as client id, client secret, etc.
Hi Ankur,
Can you please tell me how an trigger endpoint is getting triggered ( based on which event/ business object) where we are mentioning that in connection?
This is a general question not related to this video
Do you have REST based integration or event based?
@@TechSupper Thank you for your quick reply:)
I am a beginner
I can understand that scheduled driven orchestration , we are scheduling the integration when to run
But in App driven orchestration ,we are not giving any such details... It's been mentioned like it's an event based or Business object based.. but I could not get where a developer is mentioning the condition to trigger app driven one
It would be very helpful if you could have explain with example
Hi,
There is online course of Oracle Integration for beginners, if you want to learn from scratch, buy this course using below link
www.eduonix.com/learn-oracle-integration-cloud
Apply coupon code “ OICLEARN7” to avail discount.
@@TechSupper Thank you , will check
Hi ankur, im exposing rest adapter as oauth and trigger type,so how will other application connect with oic in this case?do i need to share any details with them??
Yes Krishna, all the details to generate token, you will have to share.
@@TechSupper can I convert text to json in oic??
Hi can you please show a demo for export packages as well , after getting bearer token..
You can use export package rest api tp export the pacakge:
docs.oracle.com/en/cloud/paas/integration-cloud/rest-api/op-ic-api-integration-v1-packages-archive-post.html
In case of rest api for hcm how to pass this bearer and token value in rest adapter,we have oauth 2. Working for hcm adapter, but not for hcm rest api, what would you suggest here
You can create hcm connection with Oauth 2.0 policy.
Hi Ankur,
I have followed all the steps but when I try to invoke a app driven orchestration I'm getting an error saying Error 415--Unsupported Media Type. Could you please help.
Please check the request header content-type what is set and what is expected by app driven orchestration.
Is it possible to call rest api (trigger) without security - public or private? Thanks
No, this is not possible to create un-secured REST API in OIC.
Please subscribe to my TH-cam channel th-cam.com/users/Techsupper if you have not subscribe yet.
OATUH is Open Authorization - Do you need correction?
Sure thanks
Hello Ankur,
can i use Oauth client credintial instead of password credintial?
Yes, you can use
I tried to use client credential,
when tested from postman with authorization type Oauth2, grant type Client Credential, it give me 401
I recently uploaded a course on a Udemy, you can buy the same to meet your requirement. Following is the URL to buy:
www.udemy.com/course/deep-dive-into-oracle-integration/?referralCode=26194341D09D3B93921F
@@ahmedhussein5848 you can add the serviceInvoker or ServiceUser role to the application to overcome the issue.
Hi Ankur, can you please help me a bit - how to register the custom integration as an API, in other words when I select "Add scope' - i will see that scope for my custom integration so that i can add it, if this makes sense? Thank you, Anatoliy
I couldn't understand your question. Can you please describe it.
Can i generate access token from azure ad and use it in oracle endpoint ?
No, you have to federate the OCI tenancy first.
Can I use this access token to request key vault?
No
Hi Ankur - hope you are doing great... could you please help me how I can integrate Jira tool with OIC...?
If JIRA provides REST API, you can use REST APIs to integrate JIRA.
@@TechSupper Thanks Ankur. How i can connect with you? Could you please DM your contact number?
Please drop your what's app number.
hello, how do i create a standalone user and what do i spend on the postman in the username and password cheat?
What do you mean by standalone user.
What is the password and username here I need to add?
This will be the oic username and password.
Hi ankur can i have ur number ,im ready to pay consultation fees also ,i have doubt like can we use oauth to secure hcm adapter also or is oauth specific to rest api only
Please share your number or send me an email at techsupper.ts@gmail.com