OAuth2 with client credentials grant type is used for authorising Oracle B2C Service REST APIs when the requests are made from a server without involving any user. This article describes the required configurations to make OAuth2 client credentials grant type working with Oracle B2C Service REST APIs.
Pre-Requisites
Before going into the client credential grant specific configuration, following pre-requisites are assumed to be done –
a) Oracle B2C Service instance is configured as a trusted application as described in Configure the External Identity Provider
If Oracle IDCS is used, the Client credentials grant type is selected as shown below in the Client configuration section of OAuth configuration while creating the integrated application in identity domain.
b) In Oracle B2C Service, SSO enabled, an SSO enabled profile created, and Single Sign-On Configuration done as described in Configure B2C Service for OAuth Authorization and Define the External Identity Provider for OAuth Authorization.
Also refer Configuring IDCS Based OAuth2 Authentication of B2C Service REST APIs in 10 Easy Steps
Configuration Steps Specific to Client Credentials Grant Type
1. Copy Cliend-ID from Identity Provider
Make a note of the Client-Id from Identity Provider. For Oracle IDCS, Client-Id value could be copied from the integrated application OAuth configuration section.
2. SSO User Account in B2C Service
Create an SSO user account in Oracle B2C Service with Client-Id as the User name
Verification Steps Using Oracle IDCS as IDP
1. Copy Client-Id & Client-Secret
Note down Client-Id and Client-Secret from the integrated application OAuth configuration section.
2. Generate OAuth runtime access token
Generate OAuth runtime access token using IDCS token end-point with the scope (value to be the REST service URL ending with “all”), clientIid, client_secret, grant_type (value to be “client_credentials”) values passed in request body in x-www-form-urlencoded format.
3. Test B2C Service REST API
