Share
ReportHello,
What we want to achieve :
We want to create a custom connector connected to our Oracle HCM cloud application. The actions of this custom connector will send REST requests to Oracle HCM endpoints as actions.
The users of this custom connector will be citizen developpers that needs it to create automated reports/actions on our Oracle HCM data.
What is the issue :
We managed to create and save the custom connector. ✅
We managed to create and save the custom connector. ✅
When creating a test flow, the custom connector requests a new connection.
When clicking on creating new Connection, we get prompted the Oracle IAM windows for user authentication. ❌
Issue : of course, when putting client id and secret instead of login / password it does not work.
We don't want to run things using the user's credential. We want to use the application. So, no delegated permissions.
We don't want to run things using the user's credential. We want to use the application. So, no delegated permissions.
What do we have :
Custom connector :
- General : Host : <hostname>.oraclecloud.com
- Security :
- Authent type : OAuth 2.0
- Identity Provider : Generic OAuth 2
- Client ID : <App ID>
- Client secret : <AP Secret>
- Authorization URL : https://idcs-<IDCS>.identity.oraclecloud.com/oauth2/v1/authorize
- Token URL : https://idcs-<IDCS>.identity.oraclecloud.com/oauth2/v1/token
- Refresh URL : https://idcs-<IDCS>.identity.oraclecloud.com/oauth2/v1/token
- Scope : openid (source : Example Authorization Flow) - seems to be the issue (source : Copilot)
- Redirect URL : https://global.consent.azure-apim.net/redirect/<ConnectorName>-<ConnetorID> - Has been indicated as permitted redirect url of the Oracle registered app. (so no issues this way)
I already have REST calls working, (followed this one : Verifying OAUTH configuration for Custom Connectors - Microsoft Support ) : works in Postman/Bruno but not when setting the custom connector.
Another solution given by Copilot would be to use authentication style API KEY, but this requires to have the token beforehand. And our citizen dev should not have to deal with this sort of action.
I am not good at authentication architecture, I don't fully understand all the 2-legged and 3-legged schema.
I would like to know how to make this custom connector work in an non-delegated way, without any action from the user, except adding the custom connector and actions to his flow.
Is it even possible ?
Thanks a lot!
Categories:
I have the same question (0)
All responses (
Answers (
959
