You're almost there! Please answer a few more questions for access to the Applications content. Complete registration
Interested in joining? Complete your registration by providing Areas of Interest here. Register

OAuth to protect HCM REST API? (While still using OKTA as HCM IDP)

Accepted answer
edited Mar 2, 2022 10:35PM in Applications Security 2 comments


Is it possible to leverage IDCS to protect HCM REST API using OAuth Client Credentials while still maintaining OKTA as IDP for HCM?

Content (required):

We have HCM configured to use OKTA as Identity Provider.

Our understanding is that Basic Auth or JWT generation are the only ways to authenticate (and then authorize) with this set-up.

But we do have IDCS for some PaaS services. If possible, we would like to leverage the IDCS OAuth support to protect the HCM APIs. But at the same time we want to maintain the HCM -> OKTA SSO federation for the large population of online users. i.e. We do not want to put all our online users into IDCS

Howdy, Stranger!

Log In

To view full details, sign in.


Don't have an account? Click here to get started!