Book Image

Implementing Oracle API Platform Cloud Service

By : Andrew Bell, Sander Rensen, Luis Weir, Phil Wilkins
Book Image

Implementing Oracle API Platform Cloud Service

By: Andrew Bell, Sander Rensen, Luis Weir, Phil Wilkins

Overview of this book

Implementing Oracle API Platform Cloud Service moves from theory to practice using the newest Oracle API management platform. This critical new platform for Oracle developers allows you to interface the complex array of services your clients expect in the modern world. First, you'll learn about Oracle’s new platform and get an overview of it, then you'll see a use case showing the functionality and use of this new platform for Oracle customers. Next, you’ll see the power of Apiary and begin designing your own APIs. From there, you’ll build and run microservices and set up the Oracle API gateways. Moving on, you’ll discover how to customize the developer portal and publish your own APIs. You’ll spend time looking at configuration management on the new platform, and implementing the Oauth 2.0 policy, as well as custom policies. The latest finance modules from Oracle will be examined, with some of the third party alternatives in sight as well. This broad-scoped book completes your journey with a clear examination of how to transition APIs from Oracle API Management 12c to the new Oracle API Platform, so that you can step into the future confidently.
Table of Contents (12 chapters)

Implementing OAuth 2.0

This chapter's focus is on explaining how OAuth 2.0, one of the most popular authorization protocols that is used today in many modern applications, can be implemented using the Oracle API Platform CS alongside Oracle Identity Cloud to enforce OAuth authorization policies to different API resources.

The chapter starts off by covering key authorization concepts such as OAuth Grants and its different Grant Flows and then continues to explain how to:

  1. Configure Oracle Identity Cloud (IDCS) as an OAuth 2.0 Authorization Server to issue JSON Web Tokens (JWT)
  2. Configure Oracle APIP CS API Gateway as an OAUTH 2.0 Resource Server to accept JWT's issued by IDCS
  3. Configure the OAuth 2.0 API Policy in Oracle's API Platform Management Service to enforce the presence of specific Scopes within the JWTs