Wednesday, January 7, 2026

Oracle EPM Automate and REST APIs using OAuth 2.0

Recommendation to Use OAuth 2.0 Instead of Basic Auth with EPM Automate and REST APIs

Oracle recommends using OAuth 2.0 instead of Basic Authentication to ensure enhanced security when using EPM Automate and EPM REST APIs. OAuth 2.0, which utilizes access tokens to establish connections to web services, is the industry-standard protocol for authorization.

Compared to Basic Auth, which uses passwords to establish connections, it provides a more secure method to connect to web resources. 

Applies to: Account Reconciliation, Enterprise Data Management, Enterprise Profitability and Cost Management, Financial Consolidation and Close, FreeForm, Narrative Reporting, Planning, Profitability and Cost Management, Tax Reporting

Business Benefit: OAuth 2.0 provides a more secure method of connection compared to Basic Auth.

Authentication with OAuth 2

You can use an OAuth 2 access token to issue REST APIs on Oracle Fusion Cloud EPM to satisfy the requirement of avoiding the use of passwords in your environment.

Setting Up Authentication with OAuth 2

In order to access Cloud EPM REST APIs with OAuth 2, a Cloud EPM Service Administrator has to request the Domain Administrator to set up an OAuth 2 client and provide the Identity Domain Cloud Service (IDCS) URL and Client ID.

Overview of the steps:

  • Step 1Register an OAuth client. This is a one-time setup step that requires user interaction with IDCS Administrator privileges.

  • Step 2. Obtain and securely store the first refresh token. This step requires user interaction. It is a one-time step for each user who needs to invoke REST APIs with OAuth 2.

  • Step 3. Obtain an access token from the refresh token. This step is easily automated. Once automation has been implemented, it can run without user interaction.

About Copying Code Samples

Do not copy code samples from the PDF version of this document. To avoid line breaks and footer information that will render code unusable, Oracle recommends that you copy code samples from the HTML version of the examples in this guide.

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)