Create IDCS Client Application

Prerequisites:

You must have the Cloud Service Platform Identity Domain Cloud Service (IDCS)
You must have the Role of Identity Domain Administrator
The Is Refresh Token Allowed option must be enabled for the Oracle Identity Cloud Service.

Follow the creation steps below:

In the Identity Cloud Service console, expand the Navigation Drawer, select Applications, and then select Add.
On the Add Application page, select Confidential Application.
On the Add Confidential Application wizard's Details page, in the App Details section, enter a name for the confidential application.

Note
SailPoint recommends keeping a short and relevant name for the confidential application.
On the Add Confidential Application wizard's Client page, perform the following to configure authorization information for your application:
1. Select Configure this application as a client now.
2. In the Authorizationand Token Issuance Policy sections, select all four of the following checkboxes:
  - Client Credentials - to limit the authorization scope to the protected resources under the control of the client or to the protected resources registered with the authorization server.
  - JWT Assertion - to use an existing trust relationship expressed as an assertion and without a direct user approval step at the authorization server.
  - Security - select Trusted Client and upload the Signing Certificate (same as imported earlier as Trusted Partner Certificate).
  - On behalf Of - to ensure that access privileges can be generated from the user's privileges alone. This allows the client application to access endpoints to which the user has access, even if the client application by itself would not normally have access.
To access APIs from the EPM Service applications, select Add in the Token Issuance Policy section of the Add Confidential Application page. In the Add Scope window, select the applications that your application references.
Select Add to enable your confidential application to access Oracle Identity Cloud Service APIs.
Skip the rest of the wizard steps and select Finish to create the Client Application.
Open the created Client application and select Activate.

Feedback is provided as an informational resource only and does not form part of SailPoint's official product documentation. SailPoint does not warrant or make any guarantees about the feedback (including without limitation as to its accuracy, relevance, or reliability). All feedback is subject to the terms set forth at https://developer.sailpoint.com/discuss/tos.


	You are here:

Create IDCS Client Application

Documentation Feedback