Invoking Oracle PaaS service APIs protected by OAuth

Oracle PaaS services are typically protected by Identity Cloud Service (IDCS), which provides unified access management for the Oracle Cloud. This protection extends to their exposed APIs, which usually require you to present a valid access token as part of your invocation. Unfortunately, the documentation for a number of the services tends to assume that the reader has an in-depth knowledge of OAuth concepts, and IDCS operations.

Typically my blog posts are around specific proof of concept things I have been working on, or go in-depth into more advanced IDCS concepts, but I have realised (mostly because people kept asking me…) that many developers using these services don’t have a strong practical understanding of OAuth, and struggle to interpret the documentation around the authentication requirements for the services. This blog post is designed to provide a step by step explanation of what is required from an IDCS perspective, as well as an explanation of the techniques to obtain a an access token to use the service APIs.

A non-exhaustive list of PaaS services for which these instructions are applicable:

  • Oracle Integration Cloud
  • Oracle Blockchain Platform
  • Oracle API Platform Cloud Service
  • Oracle Mobile Hub
  • Oracle Digital Assistant
Continue reading “Invoking Oracle PaaS service APIs protected by OAuth”