X

It's All About the Platform.

Using JWT Tokens with REST and Sales Cloud

Guest Author

Introduction

In this post we walk through how to execute an Oracle Sales Cloud web service using a secure JWT token.

Background

If you are creating a mobile application to access Sales Cloud, the most straightforward way to integrate is to use the many REST services in Sales Cloud. To do this the user must be authenticated and a session token such as the JWT token retrieved and used in the header of every request to Sales Cloud.

Unfortunately there isn't a way to generate a JWT token through a web service. However if you use Oracle Sales Cloud there is a work around using Custom Objects to generate a JWT user token which can then be used in any further execution of Sales Cloud REST web services.

Video Walk Through

The following video illustrates how to create a JWT Token and retrieve it within a Web Service.

 

Walk Through Detail

In the above example we generated a JWT user token using a custom object and a custom object function.

We created a Custom Object called pm jmt object. We then created a custom object function that executes the groovy to retrieve the current user's JWT User token. We then output the JWT Token as return value for the custom function method. The following code retrieves the current user's JWT token:

def jwt = new oracle.apps.fnd.applcore.common.SecuredTokenBean().getTrustToken();                                

Before we can execute the Service we have to create a single row of data within the Custom Object. We needed to do that as we can only execute a REST Service custom object function against a row of data within the custom object.

Once the row is created we need to get the ID of the new row of data so we execute the web service to retrieve all the rows of data within the custom object. In the response body we can retrieve the ID of the row we just created. We need this detail to construct the URL to execute the Custom Object Function. An example URL would look like this:

https://<SALES_CLOUD_HOST>/salesApi/resources/latest/<CUSTOM_OBJECT_NAME>/<row_ID>

Now we can execute the custom object function by making a POST request, passing the name of the custom object function in the request body. We use Basic Authentication to logon and run this service. Here is an example of the function call in the body element:

{
 "name": "<CUSTOM_OBJECT_FUNCTION_NAME>"
}

We then retrieve the JWT token from the response body and are able to build a new Authentication header in our client application. The response looks like the following:

{
  "result": "<JWT_TOKEN>"
}

Now we can execute any of the REST Services as a logged in user using the JWT Token in an Authorization token which has a value such as Bearer <JWT_TOKEN>.

A suggestion at this point would be to make the custom object read only so that the vital row of data doesn't changed whilst everyone still has access to the object and it's function.

Further Information

Join the discussion

Comments ( 2 )
  • Kiranmai Reddy Friday, June 30, 2017
    By adding a single row of data, did you mean to add a field??
  • Oliver Steinmeier Tuesday, July 11, 2017
    No, what Peter meant was that the custom object needs to have a "dummy" row (record) of data.

    Hope this helps,
    Oliver
    Fusion Apps Developer Relations
Please enter your name.Please provide a valid email address.Please enter a comment.CAPTCHA challenge response provided was incorrect. Please try again.Captcha