Is it possible to use the Oracle Public Certificate for inbound API authentication
Summary:
We are using a JWT token to authenticate REST API calls to HCM. Currently we generate our own key pair and register the public certificate in the API Authentication section of the Security Console as per https://docs.oracle.com/en/cloud/saas/human-resources/23a/ochus/configure-inbound-authentication.html#s20076125
This works fine, however, the documentation above states:
- "On the Oracle API Authentication Provider Details page, click the Inbound API Authentication Public Certificates tab and click Edit. You can use the default Oracle public certificate or add a new one."
This implies that we can create our JWT tokens with the private key corresponding to the default Oracle public certificate.
1