Skip to Main Content
Forums

APEX

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

APEX-managed HTTP Header Web Credential not working

Jared CJan 8 2025

Hi, I am making a REST call to this Clover endpoint. This is the first time I have ever set up a call to a REST endpoint from PL/SQL and Oracle DB (my previous experience in this realm is with C# or OutSystems). Anyways, I thought that there was probably a way to secure the bearer token. I searched and found this article by Plamen Mushkov. I followed his steps but unfortunately I keep running into an error:

declare
*
ERROR at line 1:
null


More Details :

I am on APEX 21.1.5, whereas it seems Plamen is on a newer version (based on observing how he utilizes the apex_web_service API).

In any case, this call works:

declare
    l_response clob;
begin
    -- Set the Request HTTP Headers.
    apex_web_service.set_request_headers(
        p_name_01  => 'Accept'
        ,p_value_01 => '*/*'
        ,p_name_02 => 'Authorization'
        ,p_value_02 => 'Bearer <bearerToken>'
        ,p_reset => true
    );

  -- Call API using Username and Password.
    l_response := apex_web_service.make_rest_request(
        p_url => 'https://api.clover.com/v3/merchants/<mId>/tenders'
        ,p_http_method => 'GET'
    );

    dbms_output.put_line('Response Status : ' || apex_web_service.g_status_code);
    dbms_output.put_line('Response Payload: ' || substr(l_response, 1, 5000));
end;
/

However, calling using the managed HTTP Header Web Credential does not work as suggested by Plamen (note the parameter p_credential_static_id in apex_web_service.make_rest_request) :

declare
    l_response clob;
begin
    -- Set the Request HTTP Headers.
    apex_web_service.set_request_headers(
        p_name_01  => 'Accept'
        ,p_value_01 => '*/*'
        ,p_reset => true
    );

  -- Call API using Username and Password.
    l_response := apex_web_service.make_rest_request(
        p_url => 'https://api.clover.com/v3/merchants/<mId>/tenders'
        ,p_http_method => 'GET'
        ,p_credential_static_id => 'API_KEY_CLOVER'
    );

    dbms_output.put_line('Response Status : ' || apex_web_service.g_status_code);
    dbms_output.put_line('Response Payload: ' || substr(l_response, 1, 5000));

end;
/

This is how I have the web credential set up:

(I have removed all sensitive details, but I can assure you these line up appropriately on my side.)

In the “Credential Secret” field I tried both Bearer <bearerToken> as well as just <bearerToken>. I changed the valid URL from https://api.clover.com/v3/merchants/<mId> to https://api.clover.com. I reviewed this documentation on managing web credentials for APEX 21.1. I verified that the apex_web_service.make_rest_request function in 21.1 has a p_credential_static_id parameter here (it says it is configured in Shared Components, whereas I configured by web credential in App Builder > Workspace Utilities > Web Credentials).

I am not exactly sure what the problem is, though I am still searching. If the problem is apparent to anyone, I would greatly appreciate additional information and context!
This post has been answered by InoL on Jan 8 2025
Jump to Answer
Comments
Post Details
Added on Jan 8 2025
#http-header, #rest-api, #web-credential
4 comments
874 views
1 mention