⚠️ OneCloud provides the following setup and configuration to help expedite use of the OneCloud Oracle Content and Experience Cloud BizApp by configuring a default authentication deployment. Actual screens may vary depending on your Oracle deployments and security access. If you uncover any differences in this configuration guide, please contact us at support@onecloud.io.
Find the IDCS URL
When logged into Oracle Cloud, click Hamburger menu and navigate to:
Governance and Administration ➡️ Identity ➡️ Federation

Click OracleIdentityCloudService

You will see a section, Oracle Identity Cloud Service Console:

This is the base URL that is required for the OneCloud BizApp Connection
Create an OAuth Client & Acquire a Client ID and Secret
Go to the IDCS administration console using the URL from the previous step.

Click to add a new application in the Applications section.

Select Confidential Application.

Give the application a name and, optionally, a description, and press Enter.
Choose to configure this application as a client.
Select the client credentials grant type on the Authorization screen.

Scroll down to the Token Issuance Policy section
Under Resources, click add scope to give the application access to the required Oracle Content and Experience instance.
Click the right arrow to select the scope.
The only scope required is the one ending in:
urn:opc:cec:all


Click Next until the end of the train. The Resources, Web Tier Policy, and Authorization stops are related to applications that have some resource authenticated or authorized by IDCS; for example, a web application. This isn’t relevant in the case of a simple server-server client, which is discussed here.
Click Finish.
Keep track of the Client ID and Client Secret values because they are needed to get a token later.

Check Activate and then click Save to enable the application.

Add OAuth Client Application to Content Cloud Instance
Go to IDCS Admin Console (full URL from "Find your IDCS URL" step)
Click Hamburger menu, Select Oracle Cloud Services

Click your Content Cloud instance

Click Application Roles

Click CECRepositoryAdministrator ➡️ Assign Applications.

Select the application that was created in the previous step.

Repeat the steps for the roles
CECEnterpriseUser
andCECContentAdministrator
.Save the changes.
Find your Primary Audience URL
From IDCS Console, select the hamburger menu
Select Applications
Click your OAuth Application

Click Configuration, and expand Client Configuration section then scroll down to Token Issuance Policy ➡️ Resources

The displayed scopes base-url (https://<base-url>:443/urn:opc:cec:all) is the Primary Audience Domain required by the OneCloud BizApp connection

Find the Oracle Content Cloud Domain
From Oracle Cloud console select Application Integration ➡️ Content and Experience

Click your instance to Open Instance

The base-url (https://<base-url>/documents) from the URL displayed in your browser is the Content Cloud Instance required by the OneCloud BizApp connection.
Add the Oauth User to Folders
Select an existing folder or create a new folder.
Click Members
Add the OAuth application name as a member with the required permissions