Accessing Oracle IDCS (Identity Cloud Service) Rest API's Using POSTMAN

We can interact with IDCS using the available Rest API's.

Using these API's we  can manage users, groups, applications and identity functions like password management etc.

To make REST API calls to the Oracle Identity Cloud Service(IDCS) environment, we need an OAuth2 access token to use for authorization.It cannot be accessed using basic authentication.

There are different steps involved to access the IDCS API's:

• Step 1: Register a Confidential Application in IDCS

• Step 2: Get Client ID,Client Secret,Access Token URL, Scope and Grant Type

• Step 3: Obtain an Access Token in POSTMAN

• Step 4: Make a REST Request from POSTMAN to IDCS

Now we will see each step in detail:

• Step 1: Register a Confidential Application in IDCS

To create and register a confidential application follow the below steps and screenshots

Login to Oracle Identity Cloud Service instance 

(for example: https://tenant-base-url/ui/v1/adminconsole) and log in with Identity Domain Administrator credentials.

Click on the icon as shown in the below screenshot  and then click on Applications.

Now click on Add icon

Select Confidential Application as the type of application

Enter an application name and a description, and then click Next

On the Authorization page, define the following items:

• Select the Configure this application as a client now option.
• Select Client Credentials from the Allowed Grant Type section.

• At the bottom of the page select the Grant the client access to Identity Cloud Service Admin APIs plus icon.

• Select Identity Domain Administrator. Your credentials and all tasks available to the Identity Domain Administrator will be accessible to you.

• Click Next,  Skip for later in "Resources" and then Finish.

• Make note of the Client ID and the Client Secret that appear in the confirmation window, and then click Close.

Click Activate in the upper-right section of the page to activate the application

At this point Our client application is ready and activated.

We need to do the setups in POSTMAN to call the API's

-------------------------------------------------------------------------------------------- -----------------------

                                    Step 2: Get Client ID,Client Secret,Access Token URL and Scope

We have noted down the client ID and secret in previous step.

We need some more details like Access token URL,scope and Grant type to generate access token in POSTMAN.

the access token URL will be in the below form:

https://tenant-base-url/oauth2/v1/token

Example: 

Scope will be: urn:opc:idm:__myscopes__

Grant type will be: Client Credentials

-----------------------------------------------------------------------------------------------------------

Step 3 and Step 4: Obtain an Access Token in POSTMAN and Make a REST Request from POSTMAN to IDCS

• Launch POSTMAN app
• Create new request
• We will take example of listing all users of IDCS so enter the URL as:

• Select Method as GET
• Go to authorization Tab and select type as "OAuth 2.0"
• Now we need to generate access token for the IDCS using the client application we had created above. 

We have the required details:

Client ID-                 xxxxxxxxxxxxxd4ea28xxxxxx6303113605

Client Secret-           xxxx-5ffa-466d-xxxx-8fa07f682104

Access Token URL- https://tenant-base-url/oauth2/v1/token

Scope-                       urn:opc:idm:__myscopes__

Grant type-               Client Credentials

• Click on "Get New Access Token"

• Provide the required Details as mentioned above and click on "Request Token"

• An access token will get generated with name as "Token Name"

• Click on "Token Name" then you will be able to see the base64 token on the right side. Click on "Use Token"

• No we are ready to send the request.
• With the method as "GET" call the API by clicking on send Button to list all the users in IDCS.

• See the response in POSTMAN it should provide list of all users in JSON format.