April 2023 – RedThunder.Blog

Recently, I have been come across scenario where one of my Customer, building a VBCS application which needs a combobox to be populated with all IDCS Users name as approver. Customer builds the solution but was having issue with existing solution. Problem was when One user e.g. Sys Admin User ID (Administrator role) login using his credentials, he can see combobox populated with IDCS users name. However, when another business user when they login they can’t see combobox fetching IDCS User list. Obliviously, its permission issue. Sys Admin being part of IDCS Admin group has all privilege but other users in his tenancy are not, hence problem was coming.

Now, VBCS has two mechanisms for Identity propagation. Please read this section for more info. a) login user identity gets propagated to invoke REST API as part of service connection b) Developer can use fixed credentials to invoke backend REST API using service connection.

Security is the key aspect in any implementation, specially when it comes to publish your API/Integration to external consumer outside of your organization.

Oracle Integration Cloud has capability to design an Integration which could be shared across internal/external Organisation. In this scenario security is paramount to protect that endpoint which will be published through OIC. By default, if your OIC Integration has REST Endpoint with Trigger role, it’s offering Basic Authentication Or OAuth 2.0 Or both Security policy.

With Invoke role there are many other flavours of OAuth grant type which I won’t be covering in this blog. I am more focused on this blog for OAuth 2.0 for OIC Rest Adapter for trigger role only.