How to use Oracle OIC Gen 3 APIs in Postman

Create confidential client for OIC Gen 3 api

Oracle Integration REST APIs as well as REST endpoints exposed in integrations are protected using OAuth token-based authentication.[1]

Note: OIC Gen 2 APIs can be invoked using basic authentication.

• Go to domains where your OIC instance is and click on Integrated Applications on the left hand menu. Now click on Add application button

• Select Confidential Application and click Launch workflow

• Give appropriate name and then click Next

• In Client configuration select configure this application as a client now. In Authorization, check Client credentials and Refresh token

• Check client ip address Anywhere, token issuance policy to Specific and then check Add resources. Under Resources click on Add scope and search for OIC instance and all the scopes. Click Finish, we are done creating confidential app.

• Now go back to Domains and click Oracle Cloud Services in left menu and click on OIC Gen 3 Instance that we want to access.

• Click Application roles in OIC Gen 3 instance and then click ServiceAdministration and add the confidential app that we just created.

Call API using Postman

• Now open Postman and post the following in place for URL. This API generates the token which we will use to consequently call OIC Gen 3 APIs.

curl -i -H 'Authorization: Basic <base64Encoded clientid:secret>' -H 'Content-Type: application/x-www-form-urlencoded;charset=UTF-8' --request POST https://tenant-base-url/oauth2/v1/token -d 'grant_type=client_credentials&scope=<scope value>'        

You can find details in here under section Request Example Using the Authorization Header

• Tenant base url can be found in Domain overview page.

• Copy the scope from confidential app and you need to generate base64 encoded clientid:sercet, which you can do using terminal in your local machine.
• Copy the access token from the response and then use that token to call the OIC GEN 3 API. You can find details about OIC Gen 3 REST API here
• For example, let’s get list of all the integration in the instance using URL https://design.integration.<REGION>.ocp.oraclecloud.com/ic/api/integration/v1/integrations?integrationInstance=<INSTANCE_NAME>

Replace Region and Instance Name in the URL and add in Authorization tab in postman select Bearer token and pass the token copied from previous API response. This will give you list of all the integrations

Thanks to Chinmay Thakar and Aditya Trivedi for helping.

References:

1. https://docs.oracle.com/en/cloud/paas/application-integration/rest-api/Authentication.html