Simplified OAuth Config for Oracle Integration Cloud REST API using Postman !!!

This blog will be discussing very specific use case requirement which is more developer oriented and providing a quicker and efficient solution to invoke Oracle Integration REST API using OAuth access_token for testing purpose.

As an integration developer time to time you need to invoke Oracle Integration REST API to test API functionality. All the REST API in OIC needs a header parameter called “Authorization” which must needs to hold a valid access_token value in this format “Bearer access_token“.

In above format, “Bearer” is static world, However, access_token is the token value which we get after successfully OAuth Authentication from Oracle Identity Cloud Service.  Getting access_token from IDCS using code credentials flow is multi steps and cumbersome process.

However, developer can leverage Postman environment and variable features to simplify the process of getting access_token. That’s what, I will be covering in this blog.

Before I proceed further, I must redirect you to read my colleague blog which has greater in-depth explanation about what is IDCS, how IDCS govern security aspect of all Oracle PaaS products such as Oracle Integration Cloud, Analytics Cloud, Digital Assistant and so on and OAuth client and token generation process etc. I am recommending you to read his blog because I will be using few artefacts e.g. IDCS URL, Client ID, Client Secret etc which we need to get from IDCS OAuth Client Application as per the process given in his blog.

Continue reading “Simplified OAuth Config for Oracle Integration Cloud REST API using Postman !!!”

OCI – Oracle Container Engine for Kubernetes (OKE) – Using Client Certificates and RBAC

Kubernetes has been proven the best way that we have today to run microservices deployments, whether it is via a Serverless approach or by managing your own deployments in the cluster. This has solidified with the strong adoption of Kubernetes by all the major Cloud Vendors, as the strategic way to orchestrate containers and run serverless functions.

However, one of the situations that we need to be mindful, is that kubernetes creates by default a super powerful user that has full access to almost every resource in the cluster (accessible via kubectl or directly though APIs). This is very convenient for most dev & test scenarios, but it is imperative that for production workloads, we limit such power and use Role Base Access Control (RBAC), stable since version 1.8, for fine-grained authorisation access control to kubernetes cluster resources.

For the purpose of this demo, I am assuming some familiarity with Kubernetes and kubectl. I will mainly focus on the Authentication and Authorisation aspects that allow us to use Client certificates to get access to protected resources in a Kubernetes cluster.

In a nutshell this is what I am going to do:

  1. Create and use Client certificates to authenticate into a Kubernetes cluster
  2. Create a Role Base Access Control to fine grain authorise resources in the Kubernetes cluster
  3. Configure kubectl with the new security context, to properly limit access to resources in the Kubernetes cluster.

This is a super simplified visual representation:

Continue reading “OCI – Oracle Container Engine for Kubernetes (OKE) – Using Client Certificates and RBAC”

Advance XSL Mapping inside Oracle Integration Cloud !!!

Recently, I came across one issue while working with one Customer where they were facing bit of challenges to update existing working Integration with new JSON field input.

So, in this use case, two integration orchestration process flow are involved, Master Integration and Child Integration both working well in production. However, time to time developer gets requirement from business to enrich this working flow by adding more fields into Child Integration which was interacting with Oracle Responsys System. The Master Integration getting data from NetSuite, passing Child Integration same data which was interacting with Responsys and completing business flow.

Here is flow diagram with existing working flow Vs flow with new requirements and highlighted problem area.

1.png

Problem Statement:

Once developer add new fields into Child OIC orchestration flow, saved, activated and tries to refresh the Parent OIC orchestration flow, it breaks existing mapping. Behind the scene obviously since Child Integration orchestration flow input payload got changed it has cascading impact on calling Integration flow and calling Integration flow fails to deduct those changes and breaks existing mapping and wiped out existing mapping. see the relevant snaps –

Continue reading “Advance XSL Mapping inside Oracle Integration Cloud !!!”