When I was first learning how to use OAuth2 authentication to protect my ORDS services, this was a great resource: https://oracle-base.com/articles/misc/oracle-rest-data-services-ords-authentication#oauth2
To answer your questions:
- When any protected resource is accessed and the proper authentication is not provided, you will be taken to that sign in page. The sign in page only accepts credentials for Basic authentication, so if you are not using Basic authentication, you will never be able to enter a valid username/password on that login page.
- I don't have too much experience with storing credentials in Java, so I don't want to give you an incorrect answer on this question.
- Yes, the URL to get the access token will always be ../ords/schema_name/oauth/token
Thanks for your response.
1. Yes, I have been using the same Oracle documentation. It is a great resource for beginners. What I didn't understand is that in the Authorization Code section, it mentions about an approval page after I login as an ORDS user. I am using correct ORDS user credentials (because I get some invalid user message if credentials are wrong) but I can't go past that page. Looks like the "Approval" page needs to be built in some way. I am not clear about this part.
3. Thanks for confirming this.