You're almost there! Please answer a few more questions for access to the Applications content. Complete registration
Interested in joining? Complete your registration by providing Areas of Interest here. Register

Restricting OAuth2 client credentials to a specific integration?

Received Response
17
Views
1
Comments
edited Oct 9, 2020 3:09PM in Integration 1 comment

Summary

Is there a way to limit OAuth2 client credendials to authenticate to a specific OIC integration?

Content

We have successfuly used the documentation https://www.ateam-oracle.com/trigger-oic-integration-using-oauth-client-credentials to create oauth client credentials in IDCS to be able to trigger our OIC integrations.  However, the credentials allow you to run any integration in the OIC instance.  Is there a way to limit the OAuth2 client credentials to a specific integration or set of integrations?

As an example, we might have integrations that are customer specific, and ideally, we would only want customers to be able to run integrations specific to them.  If, by chance, they were able to figure out the integration api's, the OAuth2 credentials would technically allow them to run any of them.  We would like to limit the credentials to just the ones belonging to a specific customer.

Tagged:

Howdy, Stranger!

Log In

To view full details, sign in.

Register

Don't have an account? Click here to get started!