Oracle REST Data Services Demo - Authentication OAUTH2 Client Credentials / Two Party (Doc ID 2305958.1)

Last updated on FEBRUARY 09, 2023

Applies to:

Purpose

 This is the third in a series of documents that provide a tutorial on creating ORDS based REST services for ORDS standalone.

For the purpose of this series the following assumptions are made:

* All testing / set up will be done with standalone ORDS in HTTP.
* Standalone has been modified to accept http requests for REST:

* A schema named testords exists and contains the EMP table.
* The REST service described <Note 2297021.1> - Oracle REST Data Services Demo - Create a REST Service: has been created and is running successfully.
* First party authentication has been set up and works correctly according to: Note 2305632.1 - Oracle REST Data Services Demo - Authentication (First Party).
* Curl has been installed, configured and runs successfully. For details on the download and set up, see:
   http://www.oracle.com/webfolder/technetwork/tutorials/obe/cloud/objectstorage/restrict_rw_accs_cntainers_REST_API/files/installing_curl_command_line_tool_on_windows.html

Scope

OAuth 2 revolves around registering clients, which represent a person or an application wanting to access the resource, then associating those clients to roles. Once the client is authenticated, it has access to the protected resources associated with the roles. This demo is based on the client credentials flow. Client credentials flow is a two-legged process that is used to return an access token, which is then used to authenticate calls to protected resources. This is a "proof of concept" example, but in reality the authentication steps would be automated by the application.

Details

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.