Skip to Main Content

Identity & Platform

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

Interested in getting your voice heard by members of the Developer Marketing team at Oracle? Check out this post for AppDev or this post for AI focus group information.

OAM 12.2.1.4 OAuth - questions on Authorization code 3-legged flow

One of our customer come up with below question :

a. What is the business intention of having Consent in OAuth 3-legged flow of OAM?
b. Can you please specify a usecase/sceanrio when would an application use this?
c. Can you please specify a usecase/scenario where can a user see the consent?
d. As per below documentation OAuth Consent can be revoked only an End User or an administrator. Can you please specify a client usecase or real world scenario where this REST API can be leveraged?
https://docs.oracle.com/en/middleware/idm/access-manager/12.2.1.4/oroau/op-oauth2-rest-consent-delete.html
https://docs.oracle.com/en/middleware/idm/access-manager/12.2.1.4/oroau/op-oam-services-rest-consent-delete.html

e. As per Doc ID 2998499.1 , Oauth Consent Management needs to be enabled for 3 legged workflow by setting system Property : "-DconsentExpiryTimeInMinutes=10". The query is why is "consentExpiryTimeInMinutes" needed for Auto revoke of used refresh token?

f. What is the intention of Consent in OAM?

We have shared all available documentation and RFC details. Still customer not satisfied with provided details.

Can someone assist me in resolving the queries mentioned above?

Regards,
Yathish H S

Comments

chonewell Nov 12 2024

My Oracle Cloud tenant, cloud account, and secure email have no issues. Why haven't I received my password reset email for Oracle Cloud? This is very strange, and our attempts have not been able to solve the problem. May I ask who I should turn to for help?

L. Fernigrini Nov 12 2024

If your account is a paid one, open a Support ticket.

If it is a Free Tier then you will have to rely on help from the community. Most probable cause that you did not receive the password reset email is that your account has been stolen and the email has been changed.

chonewell Nov 13 2024

Thank you for your reply!
But when I chatted with the online customer service, they told me that my Oracle Cloud tenant, account, and email were all fine. So, there shouldn't be a problem of theft.
I have a free account, but who can I contact on the forum? I can only post, but no one on the forum can view my account permissions, right. I am currently trying to reset MFA, I don't know if it works.
It's quite ridiculous that I have a free account and can't enjoy any services, but how can I become a paid user if I can't log in to my account.

1 - 3

Post Details

Added on Dec 5 2024
0 comments
77 views