Forum Stats

  • 3,781,584 Users
  • 2,254,530 Discussions
  • 7,879,762 Comments

Discussions

How to authenticate/authorize Oracle HCM cloud R12 REST API using JWT token in PaaS-JCS custom app?

994546
994546 Member Posts: 8
edited May 5, 2017 6:52AM in Java Cloud Service

Problem Summary

---------------------------------------------------

How to authenticate/authorize Oracle HCM cloud R12 REST API using JWT token in PaaS-JCS custom app?

Problem Description

---------------------------------------------------

As per the requirement,we have planned to consume Oracle HCM cloud R12 REST API from custom application hosted in PaaS-JCS. To consume REST API we need JWT token which helps for successful authentication/authorization. As we know that JWT token is created and passed as URL parameter to PaaS-JCS appln.

Question:

  How to authenticate the JWT token which is being created and sent as URL parameter to PaaS-JCS appln.?

Thanks

Gowthaman

994546amrouser8998080

Answers

  • SanjeevChauhan
    SanjeevChauhan Member Posts: 1,554 Gold Trophy
    edited May 5, 2017 4:16AM

    It is HCM Cloud who generated JWT token so its only HCM Cloud who should verify if token is valid or not.

    Idea is if you invoke any SOAP/REST service of HCM Cloud without any username/password and include JWT token in header as authorization=bearer <JWTToken>, HCM Cloud should invoke webservice same way as if you provided username/password.

    If JWT token is valid, webserivce will go through otherwise you will receive errors.

    To sum up best way to validate if JWT token is valid or not

    1. get JWT from url

    2. invoke findSelfDetail service of HCM Cloud and pass JWT instead username/password. If service returns data, it means JWT is valid and its generated by the user, whose information is returned.

    Thanks

    Sanjeev

    994546
  • 994546
    994546 Member Posts: 8
    edited May 5, 2017 6:52AM

    Thanks for the reply. Have few more questions based on ur reply.

    As we know that JWT token is generated based on the user who is logged in SaaS application.

    Consider there is a scenario,

    if logged in user doesn't have access to create employee(

    (Assume we have a custom screen to add employee) then how to access REST API with JWT token which is generated based on logged in user.

    Questions:

    1. Is there any special user/role available so that we can access REST API based on that?

    2. What are the steps to invoke REST API based on Credentials? Provide any documentation for us.

    3. If there is special role then what is the recommended approach to store those credentials?

    Thanks

    Gowthaman

    user8998080
This discussion has been closed.