Register today for Oracle CloudWorld. October 17th - 20th, Las Vegas

Register now

Hillel Cooperman, Senior VP of User Experience Design, has a message for you on Oracle CloudWorld

Watch now
Restricting OAuth2 client credentials to a specific integration? — Cloud Customer Connect
You're almost there! Please answer a few more questions for access to the Applications content. Complete registration
Interested in joining? Complete your registration by providing Areas of Interest here. Register

Restricting OAuth2 client credentials to a specific integration?

Received Response
27
Views
6
Comments
edited Apr 19, 2021 7:05AM in Integration 6 comments

Summary

Is there a way to limit OAuth2 client credendials to authenticate to a specific OIC integration?

Content

Hi Experts,

We have successfully used the documentation https://www.ateam-oracle.com/trigger-oic-integration-using-oauth-client-credentials to create oauth client credentials in IDCS to be able to trigger our OIC integrations.  However, the credentials allow you to run any integration in the OIC instance.  Is there a way to limit the OAuth2 client credentials to a specific integration or set of integrations?

As an example, we might have integrations that are customer specific, and ideally, we would only want customers to be able to run integrations specific to them.  If, by chance, they were able to figure out the integration API's, the OAuth2 credentials would technically allow them to run any of them.  We would like to limit the credentials to just the ones belonging to a specific customer.

Howdy, Stranger!

Log In

To view full details, sign in.

Register

Don't have an account? Click here to get started!