Managing Authorization Using the API
The identity domains REST API supports both token-based authorization and OCI request signatures. For security reasons, the identity domains REST API isn't accessible using only the username and password that you use to sign in to the identity domain. To access the identity domains REST API, you need an OAuth2 access token or an API key to use for authorization.
identity domains REST API use the OAuth 2.0 protocol for authentication and authorization and support these common authorization scenarios:
-
Web server
-
Mobile
-
JavaScript applications
The Authorization section discusses the OAuth 2.0 scenarios that identity domains support.
This section contains the following topics: