Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Info

Oracle Integration 3 instances only support OAuth authentication. Basic Auth cannot be used in FlexDeploy for these instances

Prerequisite

For both OAuth methods JWT User Assertion, we need a certificate to be generated from the endpoint where flexdeploy FlexDeploy server is going to execute the plugin operations for OIC/VBCS. For Resource Owner, you can skip this prerequisite step.

1. Generate certificate

If you already have a public/private key and their keystore location feel free to skip this step.

...

Code Block
keytool -exportcert -alias <your_alias ex FlexDeploySandbox> -file <filename ex flexdeployad.cer> -keystore <keystore_file ex FDSandboxkeystore.jks> -storepass <keystore_pass>

 Install the Certificate

Install the cer file generated in the previous step #2 into the JDK cacerts used by FlexDeploy endpoint.

...

First figure out JDK used by FlexDeploy and/or Endpoint as applicable.

  1. For example, cd /u01/jdk1.8.0_372

...

...

 

...

cp cacerts cacerts.bak

...

../../bin/keytool -importcert -keystore cacerts -alias <alias name> -file <certificate file name>

...

Type password (likely “changeit”)

Resource Owner

  1. Create a Confidential Application in Identity Console

  2. Add cer file to Partner Settings

  3. Create FlexDeploy Cloud Account

...

Expand
titleFor Classic IDCS
Image RemovedImage Added

  • Give it a meaningful name such as ‘FlexDeploy OAuth App’.

  • Click Next.

  • On the tab Configure OAuth,

    • Resource Server Configuration, should be defaulted to Skip for later.

    • Select Configure this application as a client now. Be sure to select the grant type of Resource Owner, Client Credentials and add scopes for your OIC Instances where you want to use this application.

    • Copy the scope that ends in /ic/api to notepad

    • For Client Type, select Confidential and import the cer (FDkeystore.cer) file generated earlier. Make sure to use the same alias name used to generate the file(ex FlexDeployDev).(Import certificate is not needed)

...

Expand
titleFor Classic IDCS
Image Modified

 

  • You can accept the default values throughout the rest of the configuration.

  • Copy the client id and secret that show up after completing the application (you can access this from the configuration tab as well)

  • Click Finish to activate your application

2.

...

We have configured the signing certificate in the Confidential Application, IDCS requires to configure the signing certificate as a Trusted Partner Certificate as well. Go to Settings → Trusted partner certificates and Import the cer file. Make sure to use the same alias name used to generate the file(ex FlexDeployDev).

...

Expand
titleClassic IDCS
  • Image Removed

...

Create the Cloud Account in FlexDeploy

...

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

JWT User Assertion

...

Expand
titleFor Classic IDCS
Image Modified

  • Give it a meaningful name such as ‘FlexDeploy OAuth App’.

  • Click Next.

  • On the client configuration select Configure this application as a client now. Be sure to select the grant type of JWT Assertion, Client Credentials and add scopes for your OIC Instances where you want to use this application.

  • Copy the scope that ends in /ic/api to notepad

  • For Client Type, select Confidential and import the cer (FDkeystore.cer) file generated earlier. Make sure to use the same alias name used to generate the file(ex FlexDeployDev).(Import certificate is not needed)

...

Expand
titleFor Classic IDCS
Image Modified

  • You can accept the default values throughout the rest of the configuration.

  • Copy the client id and secret that show up after completing the application (you can access this from the configuration tab as well)

  • Click Finish and activate your application

2. Add cer file to Partner Settings

We have configured the signing certificate in the Confidential Application, IDCS requires to configure the signing certificate as a Trusted Partner Certificate as well. Go to Settings → Partner Settings and Import the cer file. Make sure to use the same alias name used to generate the file(ex FlexDeployDev).

...

Expand
titleClassic IDCS
Image Modified

3. Create FlexDeploy Cloud Account

...