Friday 21 May 2021

Oracle OIC - ERP Adapter with OAuth Authentication

Oracle has introduced an OAuth authentication mechanism to access ERP application using ERP adapter in OIC. 

This will solve the following security issues. 

  1. Can maintain user credentials in IDCS. 
  2. Wont require to reset the passwords during P2T refresh. 
  3. Better security compared to basic authentication. 
  4. Authentication will work even password will get expired in IDCS or Fusion. 

  • Create an ERP Enterprise resource application. 


 

  • Create a confidential application 
    • Select Configure as a client application
    •  Select appropriate Grant Types
    • Provide callback URL 
      • https://<OIC_HOST_NAME>/icsapis/agent/oauth/callback
    • Select Client Type as Trusted if required and import SaaS certificate 
    • Add Scope
      • Select ERP Enterprise application which we created earlier. 
      • Select the scope
    • Save changes
    • Activate the application
    • Collect Client Id and Secret. 
  • OIC Configurations:
    • Login into OIC using admin or developer access.
      • Make sure this user has got an access to Oracle Fusion as well. 
    • Create ERP Adapter with Invoke Operation. 
      • Provide SaaS URL
      • Select Authentication type as OAuth.
        • Provide Client Id and Secret which we got above. 
        • Provide Authorization  and Token URL.
          • https://idcs-<Id>.identity.oraclecloud.com/oauth2/v1/authorize
          • https://idcs-<Id>.identity.oraclecloud.com/oauth2/v1/token
        • Provide Scope Value (Get it from IDCS client application.)
        • Add offline_access to the scope. 
          • https://<SaaS_Host_Name>.fa.ocs.oraclecloud.com/ offline_access
      • Select Provide Consent.
        • Provide IDCS user credentials. 
      • Save and Test the connection.
at 1 comment:
Labels:

Wednesday 19 May 2021

ORACLE OIC - IDCS SEARCH TO RETRIEVE DATA

 We can IDCS search API to get the required attributes and limited user list using pagination logic. 

Use the following API details to fetch the data from IDCS. 

URL: https://idcs-<id>.identity.oraclecloud.com/admin/v1/Users/.search

Operation : POST

IDCS Scope : urn:opc:idm:__myscopes__

Sample Request Payload:

{

  "schemas" : [ "urn:ietf:params:scim:api:messages:2.0:SearchRequest" ],

  "attributes" : [ "displayName", "userName", "emails", "active", "urn:ietf:params:scim:schemas:extension:enterprise:2.0:User:employeeNumber" ],

  "filter" : "((urn:ietf:params:scim:schemas:extension:enterprise:2.0:User:employeeNumber pr))",

  "startIndex" : 1,

  "count" : 100

}

OIC Expression  for Filter: 

filter :   conct("meta.lastModified ge ", '"', $varStartDate, '"', " and meta.lastModified le ", '"', $varEndDate, '"')

at No comments:
Labels:

Tuesday 11 May 2021

ORACLE OCI - Object Storage Multi Part Upload

In some cases we may have to upload larger file and uploading larger file may take more time and bandwidth.  In such cases we can split the file into multi parts and upload them in parallel. 

We can use the following steps to split and upload the files to object storage. 

  • First split the file based on the required size using split command. 
    • split -b 5M -d /tmp/bigfilename.txt /tmp/bigfilename.split
  • Create a multi part upload request. 
    • POST
    • /n/{namespaceName}/b/{bucketName}/u
    • Request Payload

{
  "object": "example_object1"
}

    • Response Payload 

{

  "namespace": "ansh8lvru1zp",
  "bucket": "MyBucket",
  "object": "MyObject1",
  "uploadId": "c892336f-ccvb-1bb8-6e75-a5649fd91178"
}
            •  Use the above upload Id to upload the files. 
            • Loop over each file and upload the files 
              • PUT
              • /n/{namespaceName}/b/{bucketName}/u/{FinalFileName}?uploadid={UploadID}&uploadPartNum={partNum/SequenceNum}
            • After Upload , get all the multi part upload details. 
              • GET
              • /n/{namespaceName}/b/{bucketName}/u/{FinalFileName}?uploadid={UploadID}
              • Sample Response
            [
              {
                "partNumber": 1,
                "etag": "3d240a5a-a2b0-45b2-bcvb-2ac6a02b422c",
                "md5": "rvr3UC1SmUw7cvb2NqPN0g==",
                "size": 8
              },
              {
                "partNumber": 2,
                "etag": "15de104e-7cvb-3513-8da1-3b5e75a65ad7",
                "md5": "3poFVtJezCVBOi8RzhUB8Q==",
                "size": 8
              }
            ]

            • Finally commit the upload. 
              • POST
              • /n/{namespaceName}/b/{bucketName}/u/{FinalFileName}?uploadid={UploadID}
              • Request Payload
             
            {
              "partsToCommit": [
                {
                  "partNum": 1,
                  "etag": "3d240a5a-a2b0-45b2-bcvb-2ac6a02b422c"
                },
                {
                  "partNum": 2,
                  "etag" : "15de104e-7cvb-3513-8da1-3b5e75a65ad7"
                }
              ]
            }


                                                                at 1 comment:
                                                                Labels:

                                                                Monday 10 May 2021

                                                                ORACLE IDCS - OAUTH2 - Get Token

                                                                Use the following details to get the OAuth Token from IDCS and invoke the service. 

                                                                Authentication URL:  https://idcs-xxxx.identity.oraclecloud.com/oauth2/v1/authorize

                                                                Authentication Token URL:  https://idcs-xxxx.identity.oraclecloud.com/oauth2/v1/token

                                                                Scope:  From IDCS application. 




                                                                at No comments:
                                                                Labels:
                                                                Subscribe to: Posts (Atom)

                                                                IDCS - Identity Federation with Azure and Google (SAML IDP & Social IDP)

                                                                The setup involves Identity Cloud Service (IDCS) acting as the central identity provider, facilitating seamless authentication and authoriza...