OAuth to protect HCM REST API? (While still using OKTA as HCM IDP)
Is it possible to leverage IDCS to protect HCM REST API using OAuth Client Credentials while still maintaining OKTA as IDP for HCM?
We have HCM configured to use OKTA as Identity Provider.
Our understanding is that Basic Auth or JWT generation are the only ways to authenticate (and then authorize) with this set-up.
But we do have IDCS for some PaaS services. If possible, we would like to leverage the IDCS OAuth support to protect the HCM APIs. But at the same time we want to maintain the HCM -> OKTA SSO federation for the large population of online users. i.e. We do not want to put all our online users into IDCS