By /

How to Use OAuth 2.0 Authentication in Oracle Integration Cloud (OIC)

Introduction

  • In modern integrations, security is critical. Earlier, many integrations used Basic Authentication with usernames and passwords. Today, most APIs use OAuth 2.0 because it is more secure and flexible.

    This blog explains how to configure OAuth 2.0 authentication in Oracle Integration Cloud using the Client Credentials flow.

What is OAuth 2.0 in Simple Terms?

  • OAuth 2.0 allows applications to securely access APIs using access tokens instead of sharing usernames and passwords.

    Benefits

    • Better security
    • Token-based authentication
    • No need to expose passwords
    • Widely supported by REST APIs

OAuth 2.0 Flow Used in OIC

  • or server-to-server integrations, OIC commonly uses:

    Client Credentials Grant Type

    In this flow:

    1. OIC sends Client ID and Client Secret
    2. Authorization Server generates an Access Token
    3. OIC uses the token to call APIs

Step 1: Create OAuth Connection in OIC

  • Go to:

    Connections → Create

    Choose:

    • REST Adapter
    • Configure Connection Security as OAuth 2.0

Step 2: Enter OAuth Details

  • Provide the following values:

    Field

    Example

    Grant Type

    Client Credentials

    Access Token URL

    https://api.example.com/oauth/token

    Client ID

    oic_client

    Client Secret

    ********

    Scope

    read write

Example Token Request

POST /oauth/token HTTP/1.1

Host: api.example.com

Content-Type: application/x-www-form-urlencoded

grant_type=client_credentials&

client_id=oic_client&

client_secret=password123

Example API Calling Using Access Token

GET /employees HTTP/1.1

Authorization: Bearer eyJhbGciOi….

OIC automatically handles token generation and refresh.

Architecture Flow

OIC Connection Configuration Example

Testing the Connection

After configuration:

  1. Click Test
  2. OIC requests the access token
  3. If successful, the connection status becomes Configured

Common Errors

Error

Reason

Invalid Client

Wrong Client ID or Secret

Unauthorized

Incorrect scope

Token Expired

Access token timeout

401 Error

Missing Bearer token

Conclusion

OAuth 2.0 is the recommended authentication method for secure API integrations in OIC. Using Client Credentials flow makes integrations secure, scalable, and easy to manage without exposing user passwords.

For modern REST integrations in OIC, OAuth 2.0 should always be preferred over Basic Authentication.

 

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top