In a blog post a couple of months ago I described how the OAuth Device flow works and gave some general and hypothetical examples of when you might use it. Just...
In a blog post a couple of months ago I described how the OAuth Device flow works and gave some general and hypothetical examples of when you might use it. Just a couple of weeks ago I happened upon a real world use case for it and had a chance to put IDCS' Device Code support to actual use. In most cases when you log into a Unix server over SSH you should be using a key pair - you upload your public key to the server and then the ssh client uses your private key to prove to...
In a blog post a couple of months ago I described how the OAuth Device flow works and gave some general and hypothetical examples of when you might use it. Just a couple of weeks ago I happened upon a...
Where is the simple "shake 'n' bake" / step by step guide to creating a 3-legged, Authorization Code flow OAuth client in IDCS? Right here. 1: From the...
Where is the simple "shake 'n' bake" / step by step guide to creating a 3-legged, Authorization Code flow OAuth client in IDCS? Right here. 1: From the Dashboard in IDCS click the + under Applications to create a new Application 2: Select Confidential Application because we're creating a 3-legged app 3: Fill in the first screen Only name is required, and if you aren't sure what the other fields mean that's all you should enter. 4: Configure the App IDCS supports basically all...
Where is the simple "shake 'n' bake" / step by step guide to creating a 3-legged, Authorization Code flow OAuth client in IDCS? Right here. 1: From the Dashboard in IDCS click the + under Applications...
As businesses move to the cloud there is a high demand for securing/protecting their HTTP resources from unauthorized access. There are several approaches to...
As businesses move to the cloud there is a high demand for securing/protecting their HTTP resources from unauthorized access. There are several approaches to protecting these resources which include SAML for SOAP service, OAuth for REST services, HTTP basic for both, and sometimes home grown proprietary mechanisms. It may not be widely known yet, but all Oracle Integration Cloud (OIC) REST endpoints are OAuth protected and can be triggered from a client using OAuth 2.0...
As businesses move to the cloud there is a high demand for securing/protecting their HTTP resources from unauthorized access. There are several approaches to protecting these resources which include...
Introduction IDCS is used by enterprises and organizations to allow secure access to their applications. IDCS uses various open standards such as OAuth 2.0,...
Introduction IDCS is used by enterprises and organizations to allow secure access to their applications. IDCS uses various open standards such as OAuth 2.0, SAML etc. to protect these applications. One of the many features of IDCS is to facilitate client applications accessing backend (REST) APIs using OAuth 2.0 (https://tools.ietf.org/html/rfc6749). Client applications come in different flavors - traditional web applications hosted on a web server to JavaScript running on...
Introduction IDCS is used by enterprises and organizations to allow secure access to their applications. IDCS uses various open standards such as OAuth 2.0, SAML etc. to protect these applications. ...
Introduction In Part 1: Automate getting an Identity Cloud Service Access Token in Postman I covered using a Pre-request script to automate getting an Access...
Introduction In Part 1: Automate getting an Identity Cloud Service Access Token in Postman I covered using a Pre-request script to automate getting an Access Token from Identity Cloud Service in order to successfully be authorized to send REST API requests. Then in Part 2: Using Postman Runner with Identity Cloud Service I built on this Pre-request script to enhance the script to get data from a CSV that would play a role in using Collection Runner, and in addition brought in...
Introduction In Part 1: Automate getting an Identity Cloud Service Access Token in Postman I covered using a Pre-request script to automate getting an Access Token from Identity Cloud Service in order...
Introduction If you have spent enough time working with web services you have probably heard of Postman. If not, then let me say it is a great tool to test REST...
Introduction If you have spent enough time working with web services you have probably heard of Postman. If not, then let me say it is a great tool to test REST APIs against Identity Cloud Service (IDCS) among other things. When using Postman with web services you quickly learn an OAuth2 Access Token is required in order to successfully be authorized to complete a REST call. Each time a request is sent you can either manually request an Access Token setting the Authorization...
Introduction If you have spent enough time working with web services you have probably heard of Postman. If not, then let me say it is a great tool to test REST APIs against Identity Cloud Service...
One of the responsibilities of Oracle Identity Cloud Service (IDCS) is to serve as an OAuth 2.0 Authorization Server. As an Authorization Server, IDCS issues...
One of the responsibilities of Oracle Identity Cloud Service (IDCS) is to serve as an OAuth 2.0 Authorization Server. As an Authorization Server, IDCS issues access and refresh tokens to OAuth Clients. OAuth Clients use these tokens to access various resources on Resource Servers on-behalf of Resource Owners. OAuth Clients are things like web or mobile applications and Resource Owners are users who use those applications for various purposes. This goal of this article is to...
One of the responsibilities of Oracle Identity Cloud Service (IDCS) is to serve as an OAuth 2.0 Authorization Server. As an Authorization Server, IDCS issues access and refresh tokens to OAuth...
Introduction OAuth 2.0 has become very popular within the mobile development community mainly because it is simple to implement and the tokens are fairly...
Introduction OAuth 2.0 has become very popular within the mobile development community mainly because it is simple to implement and the tokens are fairly compact. There are various implementation patterns to choose from and it is very important to choose the right one to make sure that the solution is secure. In this blog post I want to describe how mobile clients can get access tokens from Oracle Identity Cloud Service securely so that the identity service protected APIs can...
Introduction OAuth 2.0 has become very popular within the mobile development community mainly because it is simple to implement and the tokens are fairly compact. There are various implementation...
table td { border-width: 1px; border-color: black; border-style: solid; border-spacing: 1px 1px; padding: 10px; background-color: white; } Introduction This...
table td { border-width: 1px; border-color: black; border-style: solid; border-spacing: 1px 1px; padding: 10px; background-color: white; } Introduction This article is to help expand on topics of integration with Oracle’s Cloud Identity Management service called Identity Cloud Services. Identity Cloud Services delivers core essentials around identity and access management through a multi-tenant Cloud platform. One of the more exciting features of IDCS is that you can...
table td { border-width: 1px; border-color: black; border-style: solid; border-spacing: 1px 1px; padding: 10px; background-color: white; } Introduction This article is to help expand on topics...