Blog Posts Process Management Service Oriented Architecture (SOA)

Authenticating Oracle Integration flows using OAuth token from 3rd party provider by Prakash Masand

Blog: PaaS Community

imageAs Oracle Integration customers look to embrace the multi-cloud strategy, they will have cross-cloud business applications & processes. In the context of a realistic business solution, customers will end up having a business requirement to integrate the business applications and services across multiple cloud providers. As an example, let’s say the customer has a business application running on a non-Oracle Cloud provider like Microsoft Azure. This business application now has a requirement to fetch the information from the Oracle Cloud applications. In normal circumstances, one would acquire the token from the Oracle Identity Cloud Service, to fetch the information from Oracle Cloud applications. However, in a multi-cloud vendor solution, this will cause additional complexity of handling multiple tokens lifetime, additional security risk, etc. In such a scenario how good it would be if one can fetch information or I may say integrate with cross-cloud vendor applications using OAuth token in hand. This is exactly the topic of my blog i.e. how one can invoke the Oracle Integration flow using the 3rd party OAuth providers.

I will expound on the same example I portrayed earlier as a sample use case for the blog, we will see how one can use the OAuth token obtained from Microsoft Azure AD to invoke the Oracle Integration flow.

Let’s now talk about the highlevel solution, we will be leveraging a couple of Oracle Cloud Infrastructure services viz. Oracle API Gateway and Oracle Functions. At an outset, we will use the OCI API gateway to be the front end of our Oracle Integration flow. Oracle API Gateway supports using the authorizer function as an extra logic layer for authenticating the APIs. This is exactly what we want i.e. we would like to build logic to validate the OAuth token received from callee and exchange it with the required token from the Oracle Identity Cloud Service for invoking the OIC flow. Let us now visualize the solution flow graphically:

As you can see from above, here the process starts with the user/business application acquiring the OAuth token from Microsoft Azure AD, once acquired it invokes the endpoint exposed through Oracle API Gateway. Oracle API Gateway will be invoking the custom authorizer Oracle Function (based on configuration) and then invokes the real backend endpoint i.e. Oracle Integration flow.

Let us now dive into the details of implementing the above process/flow, for the sake of simplicity I am going to divide the above process into three steps viz. 1)  Oracle Integration/IDCS configuration 2) Oracle Function custom authorizer implementation 3) Oracle API Gateway configuration. Read the complete article here.

PaaS Partner Community

For regular information on Oracle PaaS become a member in the PaaS (Integration & Process) Partner Community please register here.

clip_image003 Blog clip_image005 Twitter clip_image004 LinkedIn image[7][2][2][2] Facebook clip_image002[8][4][2][2][2] Wiki

Technorati Tags: SOA Community,Oracle SOA,Oracle BPM,OPN,J├╝rgen Kress

Leave a Comment

Get the BPI Web Feed

Using the HTML code below, you can display this Business Process Incubator page content with the current filter and sorting inside your web site for FREE.

Copy/Paste this code in your website html code:

<iframe src="" frameborder="0" scrolling="auto" width="100%" height="700">

Customizing your BPI Web Feed

You can click on the Get the BPI Web Feed link on any of our page to create the best possible feed for your site. Here are a few tips to customize your BPI Web Feed.

Customizing the Content Filter
On any page, you can add filter criteria using the MORE FILTERS interface:

Customizing the Content Filter

Customizing the Content Sorting
Clicking on the sorting options will also change the way your BPI Web Feed will be ordered on your site:

Get the BPI Web Feed

Some integration examples