Oracle API authentication - OIDC/OAuth2
Summary:
Hello,
We want to understand possible ways to integrate the Oracle HCM with our internal identity system or one-login system to authenticate the HCM APIs through user token. The Identity service is used across organization to authorize the users and one-login is currently integrated with Oracle HCM for SSO-login.
We are already using the API authentication where JWT token is authenticated based on the client public certificate. We have more than 4/5 services/clients currently integrated through API authentication provider. This count is growing and we see some challenges when it comes to audit (since every client has got access to generate user token and we don't see any way to identify which client has made the changes). Having multiple clients to enable same authentication mechanism is causing much duplicate work also for long run maintaining them and revising the certificates will be challenging.