1. Oracle Banking Digital Experience Integration Guide
  2. Integration Guide
  3. OAuth Token Generation

1.2 OAuth Token Generation

This topic provides the information to access service APIs by passing OAuth token (prior versions - JWT token) as one of the headers from Oracle Banking Virtual Account Management.

Follow the below steps for OAuth token generation:

  1. Generate JWT token by using the below endpoint and headers. (same as prior version)
    Make HTTP POST call to the below endpoint.

    URL: http://<<hostname>>:<<port>>/api-gateway/platojwtauth/

    Header: appId: SECSRV001

    Header: content-Type: application/json

    In the POST body, mention the Base64 encoded username as username and Base64 password as password in the JSON format.

    Sample POST body:
    {
    "username": "T0JEWDAx",
    "password": "d2VsY29tZQ=="
}
  2. Registering clients for OAuth
    Make HTTP POST call to the below endpoint.

    End Point: http://<hostname>:<port>/api-gateway/createOauthUsers

    Header: appId: SECSRV001

    Header: content-Type: application/json

    Header: userId: <USERID>

    Header: Authorization: Bearer <<JWT token created in step 1>>

    In Request Body, ClientId should be Oracle Banking Virtual Account Management User Id created for Oracle Banking Digital Experience and ClientSecret should be the secret password for the OAuth client registration. In addition, the validity is mentioned in seconds till when the token is active.

    Sample Request Body:
    {
    "UserList": 
    [
        {
            "clientId": "client1",
            "clientSecret": "secret1",
            "validity": "86400"
        },
        {
            "clientId": "client2",
            "clientSecret": "secret2",
            "validity": "86400"
        }
    ]
}
  3. Generate OAuth Token
    To get the OAuth token, make an HTTP POST call to the below endpoint with the clientId and clientSecret created in Step 2.

    URL: http://<<hostname>>:<<port>>/api-gateway/platojwtauth/

    Header: appId: SECSRV001

    Header: content-Type: application/json

    Header: sourceCode: <SOURCECODE>

    Note:

    Source Code created for Oracle Banking Digital Experience in Figure 1-2 screen.

    In the POST body, mention the Base64 encoded clientId as username and Base64 clientSecret as password in the JSON format.

    Sample Oauth Token Response:
    {
   "super_user_locale": null,
   "scope": "resource-server-read resource-server-write",
   "super_user": "N",
   "token_type": "bearer",
   "entity_id": "DEFAULTENTITY",
   "expires_in": "588168",
   "token": "38uuHYumJhyKGKEuouaQ988cXLc"
}

    Use the OAuth token, userId and sourceCode as headers in Oracle Banking Digital Experience setup, to access Oracle Banking Virtual Account Management Service APIs.

Parent topic: Integration Guide