⚠️ OneCloud provides the following setup and configuration to help expedite use of the OneCloud Oracle Content and Experience Cloud BizApp by configuring a default authentication deployment. Actual screens may vary depending on your Oracle deployments and security access. If you uncover any differences in this configuration guide, please contact us at email@example.com.
Find the IDCS URL
When logged into Oracle Cloud, click Hamburger menu and navigate to:
Governance and Administration ➡️ Identity ➡️ Federation
You will see a section, Oracle Identity Cloud Service Console:
This is the base URL that is required for the OneCloud BizApp Connection
Create an OAuth Client & Acquire a Client ID and Secret
Go to the IDCS administration console using the URL from the previous step.
Click to add a new application in the Applications section.
Select Confidential Application.
Give the application a name and, optionally, a description, and press Enter.
Choose to configure this application as a client.
Select the client credentials grant type on the Authorization screen.
Scroll down to the Token Issuance Policy section
Under Resources, click add scope to give the application access to the required Oracle Content and Experience instance.
Click the right arrow to select the scope.
The only scope required is the one ending in:
Click Next until the end of the train. The Resources, Web Tier Policy, and Authorization stops are related to applications that have some resource authenticated or authorized by IDCS; for example, a web application. This isn’t relevant in the case of a simple server-server client, which is discussed here.
Keep track of the Client ID and Client Secret values because they are needed to get a token later.
Check Activate and then click Save to enable the application.
Add OAuth Client Application to Content Cloud Instance
Go to IDCS Admin Console (full URL from "Find your IDCS URL" step)
Click Hamburger menu, Select Oracle Cloud Services
Click your Content Cloud instance
Click Application Roles
Click CECRepositoryAdministrator ➡️ Assign Applications.
Select the application that was created in the previous step.
Repeat the steps for the roles
Save the changes.
Find your Primary Audience URL
From IDCS Console, select the hamburger menu
Click your OAuth Application
Click Configuration, and expand Client Configuration section then scroll down to Token Issuance Policy ➡️ Resources
The displayed scopes base-url (https://<base-url>:443/urn:opc:cec:all) is the Primary Audience Domain required by the OneCloud BizApp connection
Find the Oracle Content Cloud Domain
From Oracle Cloud console select Application Integration ➡️ Content and Experience
Click your instance to Open Instance
The base-url (https://<base-url>/documents) from the URL displayed in your browser is the Content Cloud Instance required by the OneCloud BizApp connection.
Add the Oauth User to Folders
Select an existing folder or create a new folder.
Add the OAuth application name as a member with the required permissions