Authenticate to make JWT Authenticated Calls
Before You Begin
This 10-minute tutorial shows you how to execute a SOAP call using a JWT (JSON Web Token) allowing you to authentication against Oracle HCM. This authentication approach can be used instead of using Basic Authentication (Username/Password).
Background
With 20D the functionality to manage JWT within the security console is provided to customer security managers. REST and SOAP APIs are secured with various function security privileges and data security policies. These privileges and policies are delivered through predefined duty roles, which control access to person and employment objects. Depending on the roles assigned, and their level of access, users view or manage data via integration tools.
For more information on role types and their functions, see: Oracle Fusion Applications Security Guide.
What Do You Need?
- SOAPUI or another SOAP client.
- Postman or another REST API client.
- JWT associated to an HCM Cloud user with appropriate privileges and policies.
Use JWT Authentication for SOAP API Call
SOAPUI is a useful tool for web service development and in this this example it will be used to call to a web service that initiates an HCM Extract within Oracle HCM.
Create a new SOAPUI Project
First you need to create a SOAPUI project.
Click File > New SOAP Project. This will open the New SOAP Project dialogue window.
- Enter a value for the project name. This can be any relevant value.
Enter the location of wsdl value corresponding to your HCM Cloud instance and the service you wish to access. Alternatively, download the wsdl file to a local directory and browse to its location.
https://{servername}/hcmProcFlowCoreController/FlowActionsService?WSDLClick Ok. This will load the WSDL and generate a tree structure of all the available service calls contained within the WSDL.
Further details on the available SOAP services for integration can be found on at the Oracle Human Resource Cloud documentation site.
Generated content of the request is provided as an example of the SOAP envelope that can be used. Populate the SOAP envelope with appropriate data for the HCM Extract call. Remove the sections which do not apply. Below is an example of a SOAP call to initiate an HCM Extract.
Select Request 1 and hit enter. This will open the UI with the submit request shown.
Navigate to and expand the submitFlow service under the FlowActionsServiceSoapHttp folder.
Select Request 1 and hit enter. This will open the UI with the submit request shown.
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:typ="http://xmlns.oracle.com/apps/hcm/processFlows/core/flowActionsService/types/" xmlns:flow="http://xmlns.oracle.com/apps/hcm/processFlows/core/flowControllerService/"> <soapenv:Header/> <soapenv:Body> <typ:submitFlow> <typ:flowName>ExtractExample</typ:flowName> <typ:flowInstanceName>ExtractExample_Run1</typ:flowInstanceName> <typ:legislativeDataGroupName>US Legislative Data Group</typ:legislativeDataGroupName> <typ:recurringFlag>false</typ:recurringFlag> <typ:parameterValues> <flow:ParameterName>Effective Date</flow:ParameterName> <flow:ParameterValue>2020-01-01</flow:ParameterValue> </typ:submitFlow> </soapenv:Body> </soapenv:Envelope>Within the Header section, add the authorization header, including your JWT formatted as Bearer {JWT}.
Next, select the submit request icon. This will execute the SOAP call and open the response page.
Configure A SOAP Service with JWT
Use JWT Authentication for REST API Call
Create a new request in Postman.
Enter a request. In this example we will get the workers collection using the workers REST API.
{{url}}/hcmRestApi/resources/latest/workersIn the Authorization tab of the request choose Type Bearer Token and enter the bearer token. Your request will look like this:
Click Send.
The response should be 200 OK.
Want to Learn More?