DEV Community

Cover image for Using the Oracle Identity Cloud Service REST APIs with Postman
Iyvonne Bett
Iyvonne Bett

Posted on • Updated on

Using the Oracle Identity Cloud Service REST APIs with Postman

This tutorial incorporates the latest improvements to Postman and builds upon the fundamental principles detailed in the blog Using the Oracle Identity Cloud Service REST APIs with Postman.


Background
The Oracle Identity Cloud Service REST APIs provide a way to integrate Oracle Identity Cloud Service with REST clients so that they can;

  • Manage users and groups,
  • Manage application and resource access,
  • Perform federated single sign-on (SSO) and authorization in the cloud,
  • Managing multi-factor authentication (MFA),
  • Managing identity federation and integration with other identity systems.

The APIs support OAuth 2.0, OpenID Connect, and System for Cross-Domain Identity Management.

Postman is a tool used to test and develop APIs. It provides a graphical user interface (GUI) that makes it easy to construct and send HTTP requests, as well as view the responses returned by the API.


What Do You Need?
To use Oracle Identity Cloud Service REST APIs with Postman, you will need the following:

  • An Oracle Identity Cloud Service tenancy: You will need access to IDCS in order to use the REST APIs. You can sign up for a free trial at ```

https://cloud.oracle.com/tryit

- **A Postman account:** You can create a Postman account for free at 
Enter fullscreen mode Exit fullscreen mode

https://www.postman.com/

- Access to Oracle Identity Cloud Service with the Identity Domain Administrator or Application Administrator roles.
- Familiarity with the REST architecture style.
- **API keys:** You will need to obtain API keys in order to authenticate your API requests.
- **Oracle Identity Cloud Service API documentation:** You will need to refer to this in order to learn about the available APIs and how to use them. The documentation is available at 
Enter fullscreen mode Exit fullscreen mode

https://docs.oracle.com/en/cloud/paas/identity-cloud/index.html

- **Postman client:** You will need to install the Postman client on your computer in order to make API requests. You can download the Postman client for free at 
Enter fullscreen mode Exit fullscreen mode

https://www.postman.com/


---

## Step 1: Register a Client Application

In this section, you register an application in Oracle Identity Cloud Service. This task is required to obtain the credentials (Client ID and Client Secret) used for authentication in REST API calls. The credentials are equivalent to service credentials (ID and password) that your client uses to communicate with Oracle Identity Cloud Service. This task also helps you determine which requests are authorized through the REST API.

1. In the Oracle Identity Cloud Service administration console, expand the Navigation Drawer, click Applications, and then click Add application.
![Navigation Drawer](https://dev-to-uploads.s3.amazonaws.com/uploads/articles/85dhfu2e9b71bt3poq3f.png)
![Add application](https://dev-to-uploads.s3.amazonaws.com/uploads/articles/57suqr704tpb20oqcuz1.png)
2. In the Add Application dialogue box, select Trusted Application or Confidential Application. Click launch workflow.
![Dialogue Box](https://dev-to-uploads.s3.amazonaws.com/uploads/articles/o2y3rv769ykyoyv3s2kb.png)
3. In the App Details section on the Add Trusted Application page, enter an application name and description, and then click Next.
![Enter App details](https://dev-to-uploads.s3.amazonaws.com/uploads/articles/lqtg8uxy931goaasq9b7.png)
4. Select Configure this application as a client now, and then, in the Authorization section that appears, select only Client Credentials as the Allowed Grant Type.
![Configure Application](https://dev-to-uploads.s3.amazonaws.com/uploads/articles/bt1eff2ndqy2r2lttrmp.png)
5. Scroll down, and click the Add button below Grant the client access to Identity Cloud Service Admin APIs.
![Configure Application](https://dev-to-uploads.s3.amazonaws.com/uploads/articles/st247lhamof2rdq8qkgd.png)
6. In the Add App Role dialogue window, select Identity Domain administrator in the list and click Add.
![dialogue window](https://dev-to-uploads.s3.amazonaws.com/uploads/articles/mu3x5ycwbloddykzw882.png)
7. Click Next in the Client pane and in the following panes until you reach the last pane. Then click Finish.
8. In the Application Added dialogue box, copy the Client ID and the Client Secret to a text file, and then click Close.
![Copy Client ID and Secret](https://dev-to-uploads.s3.amazonaws.com/uploads/articles/sktl56e8z7jmswi78psr.png)
9. Click Activate, and then click Activate Application.
![Activate](https://dev-to-uploads.s3.amazonaws.com/uploads/articles/sf8070yc5z8zbkdkiggk.png)

---

## Step 2: Set the Environment Parameters in Postman

1. Open Postman, and click Import.
![Open File](https://dev-to-uploads.s3.amazonaws.com/uploads/articles/kjr3egxvw1jbca9uzfp7.png)
2. In the Import dialogue box, select Import From Link, paste the following GitHub environment variables URL into the box and then click Import: `https://github.com/oracle/idm-samples/raw/master/idcs-rest-clients/example_environment.json`
![Import](https://dev-to-uploads.s3.amazonaws.com/uploads/articles/sg7b7y3n4rn9racltzzx.png)
3. Click the Environment option, and then select Manage Environments.
4. In the Manage Environments dialogue box, to the right of the example.identity.oraclecorp.com environment, click Duplicate Environment.
![Duplicate Environment](https://dev-to-uploads.s3.amazonaws.com/uploads/articles/acb5g9ccyzx17pcsdesc.png)
5. Click the example.identity.oraclecorp.com copy, which appears below the original environment.
6. To update the environment variables, enter the following values, and then click Update.

- _**NAME:**_ Environment A for REST API Testing
- _**HOST:**_ Oracle Identity Cloud Service UI address; for example, `https://example.identity.oraclecorp.com`
- _**CLIENT_ID**_ and _**CLIENT_SECRET**_: The Client ID and the Client Secret that you copied into a text file from your Oracle Identity Cloud Service trusted application
- _**USER_LOGIN**_ and _**USER_PW**_: Your user login and password
![Enter variables](https://dev-to-uploads.s3.amazonaws.com/uploads/articles/wz5y99hmawu4txkzxwxz.png)
7. Click the Environment drop-down list, and then select the updated environment from the list.
![select the updated environment](https://dev-to-uploads.s3.amazonaws.com/uploads/articles/8uxt26cd6h1ipodp3e5u.png)

---

## Step 3: Import the Postman Collection and Global Variables

1. To import the Oracle Identity Cloud Service REST API Postman collection, on the Postman main page, click Import.
2. In the Import dialogue box, select Import From Link, paste the following GitHub Postman collection URL into the box, and then click Import:`https://github.com/oracle/idm-samples/raw/master/idcs-rest-clients/REST_API_for_Oracle_Identity_Cloud_Service.postman_collection.json`
![click Import](https://dev-to-uploads.s3.amazonaws.com/uploads/articles/8td2h1rpy40aepqttkqk.png)
3. To import the global variables file, click Import.
4. In the Import dialogue box, select Import From Link, paste the following GitHub Postman Globals URL into the box, and then click Import:`https://github.com/oracle/idm-samples/raw/master/idcs-rest-clients/oracle_identity_cloud_service_postman_globals.json`
![click Import from link](https://dev-to-uploads.s3.amazonaws.com/uploads/articles/slofpk9sbapbvnayaflp.png)
5. To view the imported variables, click the Environment options, and then select Manage Environments from the drop-down list.
6. In the Manage Environments dialogue box, click Globals.

---


## Step 4: Request an Access Token
To make API calls to Oracle Identity Cloud Service, you must authenticate your client against Oracle Identity Cloud Service, and then obtain an OAuth access token.

The access token provides a session between a client (in this tutorial, Postman) and Oracle Identity Cloud Service. By default, the access token has a timeout interval of 60 minutes, and then you must request a new access token to perform additional REST API calls.

1. On the Collections tab, expand OAuth, and then OAuth Tokens - Get (Authorize).
2. Select Obtain access_token (client credentials), and then click Send. The access token is returned in the response from Oracle Identity Cloud Service.
3. Highlight the access token content between the quotation marks, and then right-click. In the shortcut menu, select Set: example.identity.oraclecloud.com. In the secondary menu, select access token. The highlighted content is assigned as the access token value.
![copy access token then paste under access token variable](https://dev-to-uploads.s3.amazonaws.com/uploads/articles/8ghdpn3isbh4yrrp9kcm.png)
Subsequent REST API calls to Oracle Identity Cloud Service contain the access token as well as additional information about the request. The additional information is sent through a request Universal Resource Identifier, a header, parameters, or JSON code, and varies according to the REST API call and method that you request.

---

## Step 5: Create a User

1. On the Collections tab, expand Users, and then Create.
2. Select Create a user. The requested information appears.
3. Click Body, and then click Send.
![click Send](https://dev-to-uploads.s3.amazonaws.com/uploads/articles/i62y3pve4wuzmemqrzs8.png)
4. In the response, confirm that the status 201 Created appears and that the response body displays details about the user that was successfully created in Oracle Identity Cloud Service.
![Confirm its created](https://dev-to-uploads.s3.amazonaws.com/uploads/articles/jk21zjzmzs8c2ac33a1w.png)

---

## Step 6: Test Other User API Calls
To test other user calls, you can set the user as a variable for reference.

1. In the response body, select and right-click the id. In the shortcut menu, select Set: Globals, and then select userid. The unique id is assigned as the userid value.
![Set: Globals](https://dev-to-uploads.s3.amazonaws.com/uploads/articles/rqfu7ypmvb0p3qa7gkhz.png)
2. On the Collections tab, expand Users, and then Search.
3. Select Search specific user, and click Send.
![verify it displays status 200 Ok ](https://dev-to-uploads.s3.amazonaws.com/uploads/articles/mdsr304u4sr1t79ybmbp.png)
4. Scroll down and verify that the response body displays the status 200 Ok and details about the user.








Enter fullscreen mode Exit fullscreen mode

Top comments (0)