OAuth 2.0 Access Tokens

To support invoking of Oracle Integration flows secured with OAuth 2.0 grant types, use the OAUTH2.0_TOKEN_VALIDATION managed security policy. You can customize the security policy as needed for a connection definition.

Overview

With the OAuth 2.0 Access Tokens security policy, the client sends HTTP requests with the Authorization header that contains the word Bearer, followed by a OAuth 2.0 JWT token.

This policy validates the OAuth 2.0 JWT token from the Authorization header, validates its claims and signature, and asserts the user against Oracle Cloud Infrastructure Identity and Access Management (IAM).

To add the OAuth 2.0 Access Tokens policy to your document, use the available authentication scheme template. See Implement a New Connection Definition.

Oracle uses IAM to authenticate requests for invoking integrations.

Security Properties

The displayName for this security policy is OAuth 2.0. This security policy does not require properties.

For information about obtaining Oauth 2.0 tokens to access Oracle Integration, see Authenticate requests for invoking OIC Integration Flows.

Sample Code: OAuth 2.0 Access Tokens

"securityPolicies": [
     {  
        "type": "managed",
        "policy": "OAUTH2.0_TOKEN_VALIDATION",
        "description": "Validates OAuth2.0 token",
        "displayName": "OAuth2.0",
        "scope": "TRIGGER"
      }
   ]