⚠️ OneCloud provides the following setup and configuration to help expedite your use of the OneCloud Oracle Content and Experience Cloud BizApp by configuring a default authentication deployment. Actual screens may vary depending on your Oracle deployments and security access. If you uncover any differences in this configuration guide, please contact us at support@onecloud.io.
Find your IDCS URL
1. When logged into Oracle Cloud, click Hamburger menu and navigate to:
Governance and Administration > Identity > Federation
2. Click OracleIdentityCloudService
3. You will see a section, Oracle Identity Cloud Service Console:
4. This is the base URL that is required for the OneCloud BizApp Connection
Create an OAuth Client and Acquire a Client ID and Secret
1. Go to the IDCS administration console using the URL from the previous step.
2. Click to add a new application in the Applications section.
3. Select Confidential Application.
4. Give the application a name and, optionally, a description, and press Enter.
5. Choose to configure this application as a client.
6. Select the client credentials grant type on the Authorization screen.
7. Scroll down to the Token Issuance Policy section and, under Resources, click add scope to give the application access to the required Oracle Content and Experience instance.
8. Click the right arrow to select the scope.The only scope required is the one ending in: urn:opc:cec:all
9. Click Next until the end of the train. The Resources, Web Tier Policy, and Authorization stops are related to applications that have some resource authenticated or authorized by IDCS; for example, a web application. This isn’t relevant in the case of a simple server-server client, which is discussed here.
10. Click Finish.
11. Note the Client ID and Client Secret values because you’ll need those to get a token later.
12. Check Activate and then click Save to enable the application.
Add OAuth Client Application to Content Cloud Instance
1. Go to IDCS Admin Console (full URL from "Find your IDCS URL" step)
2. Click Hamburger menu, Select Oracle Cloud Services
3. Click your Content Cloud instance
4.Click Application Roles
5. Click CECRepositoryAdministrator > Assign Applications.
6. Select the application that was created in the previous step.
7. Repeat the steps for the roles CECEnterpriseUser and CECContentAdministrator.
8. Save the changes.
Find your Primary Audience URL
1. From IDCS Console, select the hamburger menu
2. Select Applications
3. Click your OAuth Application
4. Click Configuration, and expand Client Configuration section then scroll down to Token Issuance Policy > Resources
6. The displayed scopes base-url (https://<base-url>:443/urn:opc:cec:all) is the Primary Audience Domain required by the OneCloud BizApp connection
Find your Oracle Content Cloud Domain
1. From Oracle Cloud console select Application Integration > Content and Experience
2. Click your instance to Open Instance
3. The base-url (https://<base-url>/documents) from the URL displayed in your browser is the Content Cloud Instance required by the OneCloud BizApp connection.
Add the Oauth User to folders
1. Select an existing folder or create a new folder
2. Click Members
3. Add the OAuth application name as a member with the required permissions